August 2018
Intermediate to advanced
512 pages
17h 18m
English
• 21.1 Cybersecurity Functionality Without Assurance Is Insecure
• 21.2 Treat Cybersecurity Subsystems as Critical Systems
• 21.3 Formal Assurance Arguments
• 21.3.1 Cybersecurity Requirements
• 21.3.2 Formal Security Policy Model
• 21.3.3 Formal Top-Level Specification
• 21.3.4 Security-Critical Subsystem Implementation
• 21.4 Assurance-in-the-Large and Composition
• 21.4.2 Trustworthiness Dependencies
• 21.4.3 Avoiding Dependency Circularity
• 21.4.4 Beware of the Inputs, Outputs, and Dependencies
• 21.4.5 Violating Unstated Assumptions
• Relate assurance and functionality to overall cybersecurity properties. ...