NIST has released a major update to its guidance on engineering secure systems, emphasizing the importance of viewing security as an integral part of the overall systems engineering process. The revised publication, Special Publication (SP) 800-160 Volume 1, treats security as an emergent property of a system that must be carefully engineered to ensure only authorized behaviors and outcomes occur. This approach, which positions security as a critical subdiscipline of systems engineering, helps ensure comprehensive decision-making about cost, schedule, performance, and development uncertainties. The update reflects a shift from treating security as a separate “stovepipe” to integrating it into the broader engineering process, similar to how safety, reliability, availability, and maintainability are addressed in critical infrastructure like spacecraft, airplanes, and bridges.
Keywords: Systems, Security, Engineering, Stakeholders
