Cybersecurity as Part of Mission Assurance

Cybersecurity as Part of Mission Assurance

연구 분야: Verification

학회: International Conference on Human-Computer Interaction

In this paper, we examine the development of Cybersecurity Assurance (CSA) as a new Mission Assurance role at NASA’s Jet Propulsion Laboratory (NASA/JPL). Our purpose is to better understand how space flight organizations are responding to the growing cybersecurity threat to their space and ground systems – with a focus on Mission Assurance. We begin by considering the traditional role of Mission Assurance: to independently assess and report the risks to mission success, throughout the mission lifecycle. We note that in recent years, the cybersecurity threat to space and ground systems has been increasing; and we describe how space flight organizations have been responding. Among the responses at NASA/JPL has been the creation of Cybersecurity Assurance (CSA) as a new Mission Assurance role. We describe how CSA has combined aspects of traditional software assurance, risk analysis, and the assessment of security controls into a new discipline. We show how the CSA role (and mission-based cybersecurity roles, in general) differ from the established Information Technology (IT) security roles. We review the current state of the CSA role, and the challenges faced in creating this new mission assurance discipline. Finally, we look forward at the possible future of the CSA role at NASA and other space flight organizations.