Resilient cyber-secure systems and system of systems: Implications for the Department of Defense

Abstract

Over the past two decades, the United States has continued to modify and improve upon its cyber strategy as a result of a constantly evolving and asymmetric cyber threat. As the dependency on networked systems and connectivity has increased, so have the complexity and vulnerability of these systems within US critical infrastructure. For this reason, resilience, affordability, and collaboration between the government and private industry will be imperative in maintaining the cyberspace advantage as cyber threats groups continue to target systems and system-of-systems (SoS) within the Department of Defense (DoD) (Syst Eng 15:95-107; Wheaton MJ (2016) Affordable resilient systems. Engineered resilient systems and system-of-systems. University of Southern California, Olin Hall, Los Angeles, 4 Apr 2016, Lecture). Systems engineering concepts such as trade-space analysis and systems thinking, in concert with an emphasis on resilience at critical system nodes and boundaries, can help reduce system vulnerability when confronted by a constantly adapting cyber landscape. Given the perpetual and rapid evolution of cyber threats due to technological advances and network reliance, designing critical infrastructure systems for survivability is no longer sufficient. This paper identifies current limitations in the nation's cyber strategy and recommends approaches to fill those gaps.