DocumentCode
1905427
Title
Pattern qualifications and examples of next-generation agile system-security strategies
Author
Dove, Rick
Author_Institution
Paradigm Shift Int., Questa, NM, USA
fYear
2010
fDate
5-8 Oct. 2010
Firstpage
71
Lastpage
80
Abstract
Current system security strategies are failing and cannot be fixed by security engineers alone. The reason for failure is evident: the attack community operates as an intelligent, multi-agent, self organizing, system-of-systems - with swarm intelligence, tight learning loops, fast evolution, and dedicated intent. Next generation security must engage in true co-evolution, engaging in this arms race with systemic self-organization that leverages community and other forms of multiagent architectures at least equally agile to the adversary in six observed common characteristics: self organization, adaptable tactics, reactive resilience, evolvable strategies, proactive innovation, and harmonious operations. These concepts cannot be effectively employed by security engineers on sufficient scale without first being enabled by system engineers working at the architectural level. But even then, without appreciation and concurrence by decision makers, self-organizing strategies will fail to gain sufficient deployment. The principal impediment to developing and fielding these strategies is not lack of know-how, but rather lack of a common language and vision that can remove the decision-maker distrust of self organization and unite system engineers and security engineers in architecturally synergistic solutions. This article reports on a cross-discipline pattern project that is discovering and cataloging patterns of self-organizing system-of-systems security. Pattern cataloging projects generally collect best practice history within a single domain. This cross-domain project is necessarily looking into many domains to find recurrent patterns across ecological systems, biological systems, social systems, network systems, enterprise systems, multi-agent systems, ad-hoc networks, unmanned autonomous systems, and others. The intent is to find multiple examples supporting each pattern drawn from disciplines that are comfortable to systems engineers, security engineers, and decision- - makers-leading to a design and strategy language meaningful to all three. This project began and continues with graduate studies at Stevens Institute of Technology´s School of Systems and Enterprises, was adopted as a project activity by the INCOSE System Security Engineering Working Group, and is indicating potential for broader viral spread. This article presents the nature of the project, the qualification filter for candidate patterns, the descriptive form for patterns, selected exemplar patterns, and lessons learned to date.
Keywords
multi-agent systems; particle swarm optimisation; security of data; ad-hoc network; adaptable tactics; biological system; cross-discipline pattern project; cross-domain project; ecological system; enterprise system; evolvable strategy; harmonious operation; multiagent architecture; multiagent system; network system; next-generation agile system-security strategy; pattern cataloging project; pattern qualification; proactive innovation; reactive resilience; self-organizing strategy; self-organizing system-of-systems security; social system; swarm intelligence; unmanned autonomous system; Biosphere; Indexes; USA Councils; agility; bow tie architecture; horizontal meme transfer; security; security patterns; self-organization; systems of systems;
fLanguage
English
Publisher
ieee
Conference_Titel
Security Technology (ICCST), 2010 IEEE International Carnahan Conference on
Conference_Location
San Jose, CA
ISSN
1071-6572
Print_ISBN
978-1-4244-7403-5
Type
conf
DOI
10.1109/CCST.2010.5678693
Filename
5678693
Link To Document