Abstract
This paper presents how Model-Based System Engineering (MBSE) could be leveraged in order to mitigate security risks at an early stage of system development. Primarily, MBSE was used to manage complex engineering projects in terms of system requirements, design, analysis, verification, and validation activities, leaving security aspects aside. However, previous research showed that security requirements and risks could be tackled in the MBSE model, and powerful MBSE tools such as simulation, change impact analysis, automated document generation, validation, and verification could be successfully reused in the multidisciplinary field. This article analyzes various security-related techniques and then clarifies how these techniques can be represented in the Systems Modeling Language (SysML) model and then further exploited with MBSE tools. The paper introduces the MBSEsec method, which gives guidelines for the security analysis process, the SysML/UML-based security profile, and recommendations on what security technique is needed at each security process phase. The MBSEsec method was verified by creating an application case study that reflects real-world problems and running an experiment where systems and security engineers evaluated the feasibility of our approach.
Highlights
IntroductionThe International Council on Systems Engineering (INCOSE) defines Model-Based System
The International Council on Systems Engineering (INCOSE) defines Model-Based SystemEngineering (MBSE) as the formalized application of modeling to support system requirements, design, analysis, verification, and validation activities beginning in the conceptual design phase and continuing throughout development and later life cycle phases [1]
The literature analysis, previous research, and feasibility study showed that systems engineers and systems engineering and security teams and tackle security risks during the systems engineering security engineers recognize the value of integrating security and system design processes; they lifecycle
Summary
The International Council on Systems Engineering (INCOSE) defines Model-Based System. Engineering (MBSE) as the formalized application of modeling to support system requirements, design, analysis, verification, and validation activities beginning in the conceptual design phase and continuing throughout development and later life cycle phases [1]. MBSE and the SysML language have become an indispensable part of designing complex cyber-physical systems [2,3,4]. The reasons for their popularity are [1,2,3,4]: . Allows detecting defects early in the system development life cycle.
Sign-in/Register to view highlights & summary Sign-in/Register to access full text options 
Free) 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a call
