NIST SP 800-160, Systems Security Engineering

In summary, SP 800-160 is a groundbreaking new security guideline that draws from proven system engineering processes to address the longstanding problem of how to build trustworthy, secure systems. The publication is aimed at individuals with systems engineering, architecture, design, development, integration, and software maintenance responsibilities, as well as individuals with security governance, risk management, and oversight responsibilities.
  • #1
stoomart
392
132
Looks like a lot of good stuff, I know what I’m doing this weekend!

Summary document on SP 800-160: http://csrc.nist.gov/publications/nistbul/itlbul2016_12.pdf
After four years of research and development, NIST has published a groundbreaking new security guideline, Special Publication (SP) 800-160, Systems Security Engineering. The publication draws from proven system engineering processes to address the longstanding problem of how to build trustworthy, secure systems—systems that can provide continuity of capabilities, functions, services, and operations during a wide range of disruptions, threats, and other hazards.
...
As technology becomes further integrated into the systems that our governments, businesses, critical infrastructure, and citizens depend upon, it is critical that we make progress on improving the reliability of products and services. We must create more trustworthy, secure systems through a holistic approach, applying the proven concepts, principles, and best practices of science and engineering. NIST SP 800-160 is the first step toward securing the things that matter to us. It is the flagship publication in a series of planned systems security engineering publications addressing such topics as hardware security and assurance; software security and assurance; and systems resiliency. Each topic will be addressed in the context of the system life cycle processes contained in ISO/IEC/IEEE 15288 and the security-related activities and tasks that are described in NIST SP 800-160.
SP 800-160, Systems Security Engineering: http://dx.doi.org/10.6028/NIST.SP.800-160
Target Audience

• Individuals with systems engineering, architecture, design, development, and integration responsibilities;
• Individuals with software engineering, architecture, design, development, integration, and software maintenance responsibilities;
• Individuals with security governance, risk management, and oversight responsibilities;
• Individuals with independent security verification, validation, testing, evaluation, auditing, assessment, inspection, and monitoring responsibilities;
• Individuals with system security administration, operations, maintenance, sustainment, logistics, and support responsibilities;
• Individuals with acquisition, budgeting, and project management responsibilities;
• Providers of technology products, systems, or services; and
• Academic institutions offering systems security engineering and related programs.
 
Technology news on Phys.org
  • #2
stoomart said:
Looks like a lot of good stuff, I know what I’m doing this weekend!
'Tis the Season! Just think of it as a stocking stuffer.
 
  • Like
Likes stoomart

1. What is NIST SP 800-160?

NIST SP 800-160, or Systems Security Engineering, is a document published by the National Institute of Standards and Technology (NIST) that provides guidelines for engineering secure systems. It outlines a process for incorporating security into the design, development, and implementation of systems.

2. Why is NIST SP 800-160 important?

NIST SP 800-160 is important because it helps organizations develop more secure systems by providing a structured process for considering security throughout the system development lifecycle. By following the guidelines in this document, organizations can reduce the risk of security breaches and ensure the confidentiality, integrity, and availability of their systems.

3. Who should use NIST SP 800-160?

NIST SP 800-160 is intended for use by system developers, engineers, and security professionals involved in the design, development, and implementation of systems. It can also be used by organizations to establish policies and procedures for their system security engineering processes.

4. What are the key components of NIST SP 800-160?

NIST SP 800-160 outlines seven key components of system security engineering: stakeholder needs, security requirements, security architecture and design, security implementation, security testing and evaluation, security operations, and security maintenance. Each of these components is essential for developing and maintaining secure systems.

5. Is NIST SP 800-160 a mandatory standard for system security engineering?

No, NIST SP 800-160 is a recommended guideline, not a mandatory standard. However, it is widely recognized and used by organizations and government agencies as a best practice for system security engineering. Organizations may also be required to follow NIST guidelines by certain regulations or contracts.

Similar threads

Courses Help me to determine the better course
    • STEM Academic Advising
Replies
4
Views
983
Requesting suggestions for languages, libraries, and architectures for parallel (and sometimes non parallel) numerical and scientific computations
    • Programming and Computer Science
Replies
8
Views
2K
Admissions Comments on PhD Statement of Purpose
    • STEM Academic Advising
Replies
6
Views
836
Admissions Can someone critique my statement of purpose? (Master's Degree in Quantum Engineering)
    • STEM Academic Advising
Replies
8
Views
2K
Current and Future AI Threats to Humanity and the Human Response
    • Computing and Technology
Replies
10
Views
2K
Physics Forums Privacy Policy
    • Feedback and Announcements
Replies
0
Views
94K
BRS: PKI Cryptosystems for SA/Ms: A Tutorial
    • Special and General Relativity
Replies
13
Views
2K
News Should the US intervene in world problems?
    • General Discussion
Replies
29
Views
9K
Which ECE subfield should I study?
    • STEM Academic Advising
Replies
5
Views
6K
Quit undergrad physics -- Wishes and options? Advice please
    • STEM Career Guidance
Replies
1
Views
1K

Hot Threads

Recent Insights

Back
Top