Overview
This presentation will align System Engineering and Cyber Security Architecture methods using the SABSA framework. SABSA applies System Engineering concepts to cyber security problems and enables cyber security architects to build traceable and justified cyber secure solutions. SABSA is an Enterprise Security Architecture framework that was originally developed as the security framework for the SWIFT payments system and is now a recognised best practice framework for enterprise security architecture.
Context
To ensure trustworthy and reliable systems, cyber security must be considered in the system engineering process using a structured and traceable approach. However, Cyber Security is often a confused and misunderstood topic, filled with jargon and assumed knowledge. Cyber security architects are responsible for defining and managing cyber security risks, but they need to work within the broader system engineering process. This presentation’s goal is to introduce SABSA to System Engineers and identify how it can be embedded into system engineering processes.
Purpose
The purpose of this presentation is to identify methods and approaches for system engineers to work with cyber security architects to embed cyber security capabilities into the system engineering process.
Approach
The session will present an overview of the SABSA Matrix and the SABSA life cycle and how it aligns with System Engineering activities. The session will specifically focus on SABSA Attributes and how they relate to the requirements engineering sub process. This presentation will walk through a worked example for a combined system engineering and cyber security approach for a Cloud SCADA system.
Insights
How the SABSA framework integrates with the System Engineering process to ensure cyber security can be considered and embedded in the system engineering process. This presentation will explain key cyber security concepts and terminology using the SABSA framework as a reference.