Abstract
Classical risk-based or game-theoretic security models rely on assumptions from reliability theory and rational expectations economics that are not applicable to security threats. Additionally, these models suffer from serious deficiencies when they are applied to software-intensive, socio-technical systems. A new approach is proposed in this paper that applies principles from control theory to enforce constraints on security threats thereby extending techniques used in system safety engineering. It is applied to identify and mitigate the threats that could emerge in critical infrastructures such as the air transportation system. Insights are provided to assist systems engineers and policy makers in securely transitioning to the Next Generation Air Transportation System (NGATS).
Highlights
The increasing complexity and interconnectedness of large scale systems have introduced new vulnerabilities to those infrastructures
This paper presents a security model that does not rely on the assumptions of quantitative risk assessment, considers issues at a level closer to system design and operation compared to game theory, and supports successful red teaming
As a result, when new threats began to emerge in the 1990s, Internet security was approached from an ad-hoc perspective—applying patches to vulnerabilities already identified by attackers
Summary
The increasing complexity and interconnectedness of large scale systems have introduced new vulnerabilities to those infrastructures. Complex systems require physical, communication, computer, information, and operational security. The United States ATS faces challenges in three areas: security, gridlock, and maintaining global leadership. In light of these realities, the customs service has been forced to substantially modify its procedures to accommodate a major increase in international passenger and cargo volume. The pressing question remains: “How can the US transition to NGATS in such a way that security improves, rather than worsens?” With the goal of assisting JPDO leaders in making an informed decision, this research provides a systematic review of the threats that could emerge. The author’s hypothesis is that the new method, outlined later in this paper, provides valuable insights into such security problems
Sign-in/Register to view highlights & summary Sign-in/Register to access full text options 
Free) 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a call
