Evolutionary Systems Design: Recognizing Changes in Security and Survivability Risks
journal contributionposted on 01.09.2006 by Howard Lipson
Any type of content formally published in an academic journal, usually following a peer-review process.
A fundamental truth of system design is that, in the absence of countermeasures, a system's security and survivability will degrade over time. Changes in the environment or usage of a system, or changes to the elements that compose the system, often introduce new or elevated threats that the system was not designed to handle and is ill-prepared to defend itself against. The first step in evolving to meet new threats to your system's security and survivability is to recognize the need to modify your system, that is, to recognize changes in security and survivability risks that trigger the need to enter the evolution phase of the system development life cycle. It is essential that significant risk management resources be devoted to the ongoing evolution of any mission-critical system. The successful evolutionary design of a secure and survivable system is dependent on the continual monitoring of the system and its environment to detect changes that may affect the risk management assumptions on which the system's security and survivability are founded.