01654nas a2200241 4500000000100000000000100001008004100002653004000043653002500083653001800108653002100126653001600147653001800163653002300181653002600204653002200230653002100252100001900273245006600292300001000358490000700368520103700375 2017 d10acollaboration-oriented architecture10acomposite cyber risk10acyber picture10acyber resilience10acyber risks10acyber threats10ade-perimetrization10aSituational awareness10asystem-of-systems10azero trust model1 aGeorge Sharkov00aA System-of-Systems Approach to Cyber Security and Resilience a69-940 v373 a
To address the cybersecurity, safety, and reliability aspects of the entire digitalized ecosystems, we need first to understand and possibly model how the respective computer systems of different participating entities interoperate and collaborate. Modern computer systems and emerging applications are not just largescale and complex in the digitally connected world. We categorize them also as decentralized, distributed, networked, interoperable compositions of heterogeneous and (semi)autonomous systems and/or elements. These new types of composite systems with emergent behavior have been defined as “Systems of Systems” (SoS). This paper explores different types of SoS and analyzes the interdependencies to manage cybersecurity threats and risks and achieve cyber resilience. We review various definitions and types of SoS and the application of SoS approach to situational awareness, threat intelligence, and composite risk assessment. An SoS view on managing the supply/value chain cyber risks is also outlined.