Cyber resilience is an important system-level feature. It is affected by design trades made during the systems engineering process (e.g. the use of architectural dissimilarity in parallel control channels). These trades are likely to affect other system properties such as system security and safety, as well as programme schedule and cost.
Model-Based Systems Engineering (MBSE) is being increasingly used in critical systems to help manage system complexity. MBSE aims to transform Systems Engineering into a model-based practice and is a formalised application of modelling to support the development lifecycle. MBSE’s use of models formalises descriptions of a system, allowing for automated analysis, in contrast to the historical approach of document-based engineering. MBSE is also seen as key to lowering the cost of defence platforms.
MBSE artefacts should allow automated analyses to establish cyber resilience and system safety properties, alongside other system-level characteristics and programme features (e.g. schedule, cost). This integrated view should allow systems engineers to more fully understand the effects of design decisions. Elements of this theory have been demonstrated in small-scale trials and academic papers. However, to date, there is little empirical evidence that such approaches can scale to the necessary degree. Part of this scaling relates to the size (e.g. number of components) of the system model that is being considered. Another part relates to the manual effort associated with defining the automated analyses and assessing the associated results. The extent to which this analysis and assessment can be conducted by general systems engineers, rather than cyber (or safety) specialists, is another key issue.
This project aims to improve the productivity of cyber resilience and safety analysis in programmes using MBSE. The actionable evidence-based guidance for safety and security analysis resulting from this project could have a significant impact on the national and international defence sector and beyond. For example, we aim to apply the guidance and principles gleaned from the formative stages of this research in action research interventions on currently running projects.
Where efficiencies lead to a reduction in the time and taxpayer money spent building and maintaining MBSE artefacts, this reduction will provide evidence of research impact. We also aim to share the results of our work with regulators responsible for assessing the airworthiness of air platforms, e.g. the Military Aviation Authority, with the aim of improving their accreditation practices, e.g. increasing the confidence in accreditation results while simultaneously reducing the associated costs.
Contacts: Serdar Akar, Huseyin Dogan,Duncan Ki-Aries
Funders: Bournemouth University, Dstl
Collaborators: Dstl