Title: System of systems information assurance policy: a call for reform

Authors: Scott H. Bell

Addresses: Graduate School of Computer and Information Sciences, Nova Southeastern University, 3301 College Avenue, Fort Lauderdale-Davie, Florida 33314-7796, USA

Abstract: Today's Department of Defense (DoD) system of system (SoS) programme managers, engineers, and practitioners face significant information assurance (IA) challenges related to the interoperability of their SoS. An IA threat to one system has varying degrees of risk to all the interconnected systems within an enclave or similarly labelled SoS. While current IA policies do address interconnection weaknesses and stipulate that the system with the highest amount of vulnerabilities will be accounted for, current policies, procedures and methods fall short in guidance on how to address the weaknesses beyond the first 1:1 interface in a SoS. The purpose of this paper is to define SoS and to analyse both the fundamental concepts and the latest publications regarding SoS IA policies, procedures and methods. The overall goal is to establish a framework from which the DoD can begin to address the policy reform required to mitigate IA vulnerabilities in modern SoS.

Keywords: system of systems; SoS interoperability; information assurance; vulnerabilities; information security.

DOI: 10.1504/IJSSE.2012.052690

International Journal of System of Systems Engineering, 2012 Vol.3 No.3/4, pp.347 - 355

Received: 17 Dec 2012
Accepted: 17 Dec 2012
Published online: 16 Aug 2014 *

Full-text access for editors Full-text access for subscribers Purchase this article Comment on this article