System Assurance by Nikolai Mansourov, Djenana Campara

Defense of cybersecurity systems involves understanding the risks, managing the vulnerabilities, adding safeguards, and responding to the incidents. The foundation of this understanding is knowledge related to (1) what you are defending, (2) what you are defending against, (3) what vulnerabilities you need to worry about, and (4) what safeguards are implemented. Defense is conducted throughout the entire lifecycle of the system. This chapter describes a distilled system assurance process presented as a crosssection of various activities of the system life cycle; their logical dependencies; and how these activities are incorporated into the system life cycle. The system assurance activities gather diverse ...