Computer Security Resource Center

Computer Security Resource Center

Computer Security
Resource Center

SP 800-160

Systems Security Engineering: Considerations for a Multidisciplinary Approach in the Engineering of Trustworthy Secure Systems

Date Published: November 2016 (Updated 1/3/2018)

Supersedes: SP 800-160 (November 2016)

Author(s)

Ron Ross (NIST), Michael McEvilley (MITRE), Janet Oren (Legg Mason)

Abstract

Keywords

assurance; developmental engineering; disposal; engineering trades; field engineering; implementation; information security; information security policy; inspection; integration; penetration testing; protection needs; requirements analysis; resiliency; review; risk assessment; risk management; risk treatment; security architecture; security authorization; security design; security requirements; specifications; stakeholder; system-of-systems; system component; system element; system life cycle; systems; systems engineering; systems security engineering; trustworthiness; validation; verification
Control Families

Access Control; Audit and Accountability; Awareness and Training; Configuration Management; Contingency Planning; Identification and Authentication; Incident Response; Maintenance; Media Protection; Personnel Security; Physical and Environmental Protection; Planning; Program Management; Risk Assessment; Security Assessment and Authorization; System and Communications Protection; System and Information Integrity; System and Services Acquisition;