TY - GEN
T1 - Identifying Security Requirements Body of Knowledge for the Security Systems Engineer
AU - von Solms, Suné
AU - Marnewick, Annlizé
N1 - Publisher Copyright:
© 2019, IFIP International Federation for Information Processing.
PY - 2019
Y1 - 2019
N2 - The interconnected nature of Industry 4.0–driven operations and systems is introducing the use of new digitized and connected industrial systems. These new connected environments impact system security, requirements engineers to include elicitation of security requirements as functional requirements. Academia and industry argue that systems engineers are not adequately prepared for the security- related activities required in the specification of secure systems. This paper utilizes a cybersecurity framework to create the body of knowledge related to Security Requirements Engineering for a module in systems engineering. The determined body of knowledge show Risk Management, Laws and Regulations, and Human Factors related to security must be considered in the changing technological landscape. Although not all systems engineers must have expert knowledge in this field, all systems engineers must have fundamental knowledge in security practice and the ability to apply systems thinking.
AB - The interconnected nature of Industry 4.0–driven operations and systems is introducing the use of new digitized and connected industrial systems. These new connected environments impact system security, requirements engineers to include elicitation of security requirements as functional requirements. Academia and industry argue that systems engineers are not adequately prepared for the security- related activities required in the specification of secure systems. This paper utilizes a cybersecurity framework to create the body of knowledge related to Security Requirements Engineering for a module in systems engineering. The determined body of knowledge show Risk Management, Laws and Regulations, and Human Factors related to security must be considered in the changing technological landscape. Although not all systems engineers must have expert knowledge in this field, all systems engineers must have fundamental knowledge in security practice and the ability to apply systems thinking.
KW - Engineering education
KW - Industry 4.0
KW - Security
KW - Security requirements engineering
KW - Systems engineering
UR - http://www.scopus.com/inward/record.url?scp=85068332083&partnerID=8YFLogxK
U2 - 10.1007/978-3-030-23451-5_5
DO - 10.1007/978-3-030-23451-5_5
M3 - Conference contribution
AN - SCOPUS:85068332083
SN - 9783030234508
T3 - IFIP Advances in Information and Communication Technology
SP - 59
EP - 71
BT - Information Security Education. Education in Proactive Information Security - 12th IFIP WG 11.8 World Conference WISE 12, Proceedings
A2 - Drevin, Lynette
A2 - Theocharidou, Marianthi
PB - Springer New York LLC
T2 - 12th IFIP WG 11.8 World Conference on Information Security Education, WISE 2019
Y2 - 25 June 2019 through 27 June 2019
ER -