Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Secure .gov websites use HTTPS
A lock ( ) or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.

NIST SP 800-160 Vol. 1

Systems Security Engineering: Considerations for a Multidisciplinary Approach in the Engineering of Trustworthy Secure Systems

Date Published: November 2016 (updated 3/21/2018)

Supersedes: SP 800-160 (01/03/2018)

Planning Note (07/14/2020):

A supplement to Appendix D is now available.

Also see NIST's Systems Security Engineering (SSE) Project.


Author(s)

Ron Ross (NIST), Michael McEvilley (MITRE), Janet Oren (Legg Mason)

Abstract

Keywords

implementation; information security; information security policy; inspection; integration; penetration testing; protection needs; requirements analysis; resiliency; review; risk assessment; risk management; risk treatment; security architecture; security authorization; security design; security requirements; specifications; stakeholder; system-of-systems; system component; system element; system life cycle; systems; systems engineering; systems security engineering; trustworthiness; validation; verification; assurance; developmental engineering; disposal; field engineering; engineering trades
Control Families

Access Control; Awareness and Training; Audit and Accountability; Assessment, Authorization and Monitoring; Configuration Management; Contingency Planning; Identification and Authentication; Incident Response; Maintenance; Media Protection; Physical and Environmental Protection; Planning; Program Management; Personnel Security; Risk Assessment; System and Services Acquisition; System and Communications Protection; System and Information Integrity

Topics

Security and Privacy

planning, risk assessment, trustworthiness

Laws and Regulations

E-Government Act