Vehicle Electronics and Architecture (VEA) & Cyber

Demystifying Cyber Systems Engineering

by Cheri Lofy


As the United States’ (US) Department of Defense (DoD) works to maintain our battlefield superiority in the ground domain, we rapidly integrate new electronic capabilities into vehicles that communicate and cooperate over vehicle-to-infrastructure networks. These new capabilities contribute to increasing the potential attack surface, as described in the 2018 Government Accountability Office (GAO) report on Weapon System Cyber Security [1]. To understand the increasingly complex attack surface and to reduce ground platform exposures through cyberspace, we need new engineering analysis and design techniques. Today, most engineering methodologies treat cybersecurity as an add-on to traditional process flows. For example, until recently, the International Council on Systems Engineering (INCOSE) gave little attention to cybersecurity in their industry definition of the Vee-Model used widely in defense contracting. We argue that until we give cybersecurity first-class status and give it equal importance to the functional requirements, the products and services delivered may have sub-optimal defensive and resilience properties, making them vulnerable to attack through cyberspace. This paper introduces BAE Systems’ approach to making cybersecurity and resiliency first-class system properties in the engineering process. Our approach, called Cyber Systems Engineering (CSE), combines best practices from Risk Management Framework (RMF) for defensive design and supplementing methods derived from the application of ‘offensive thinking to solve defensive problems.’ We improve cyber readiness and survivability by combining offensive and defensive techniques throughout the engineering lifecycle. We have already applied CSE (in whole and part) on over 50 DoD programs; our combined approach using defensive and offensive skills strengthen as we identify best practices for DoD programs.