TY - JOUR KW - collaboration-oriented architecture KW - composite cyber risk KW - cyber picture KW - cyber resilience KW - cyber risks KW - cyber threats KW - de-perimetrization KW - Situational awareness KW - system-of-systems KW - zero trust model AU - George Sharkov AB -

To address the cybersecurity, safety, and reliability aspects of the entire digitalized ecosystems, we need first to understand and possibly model how the respective computer systems of different participating entities interoperate and collaborate. Modern computer systems and emerging applications are not just largescale and complex in the digitally connected world. We categorize them also as decentralized, distributed, networked, interoperable compositions of heterogeneous and (semi)autonomous systems and/or elements. These new types of composite systems with emergent behavior have been defined as “Systems of Systems” (SoS). This paper explores different types of SoS and analyzes the interdependencies to manage cybersecurity threats and risks and achieve cyber resilience. We review various definitions and types of SoS and the application of SoS approach to situational awareness, threat intelligence, and composite risk assessment. An SoS view on managing the supply/value chain cyber risks is also outlined.

AD - George Sharkov BT - Information & Security: An International Journal DO - https://doi.org/10.11610/isij.3706 LA - eng N2 -

To address the cybersecurity, safety, and reliability aspects of the entire digitalized ecosystems, we need first to understand and possibly model how the respective computer systems of different participating entities interoperate and collaborate. Modern computer systems and emerging applications are not just largescale and complex in the digitally connected world. We categorize them also as decentralized, distributed, networked, interoperable compositions of heterogeneous and (semi)autonomous systems and/or elements. These new types of composite systems with emergent behavior have been defined as “Systems of Systems” (SoS). This paper explores different types of SoS and analyzes the interdependencies to manage cybersecurity threats and risks and achieve cyber resilience. We review various definitions and types of SoS and the application of SoS approach to situational awareness, threat intelligence, and composite risk assessment. An SoS view on managing the supply/value chain cyber risks is also outlined.

PY - 2017 SP - 69 EP - 94 T2 - Information & Security: An International Journal TI - A System-of-Systems Approach to Cyber Security and Resilience VL - 37 ER -