Please use this identifier to cite or link to this item:
Title: Uncovering Cascading Vulnerabilities in Model-Centric Acquisition Programs and Enterprises
Authors: Donna H. Rhodes
Jack Reid
Keywords: Digital Engineering
Model-Centric Practices
Emergent Vulnerabilities
Mitigate Cyber Risks
Cause Effect Mapping CEM
Issue Date: 13-May-2019
Publisher: Acquisition Research Program
Citation: Published--Unlimited Distribution
Series/Report no.: Acquisition Management
Abstract: Digital engineering changes how systems are acquired and developed through the use of model-centric practices and toolsets. Enterprises face new challenges in this transformation, including potential for emergent vulnerabilities within digital engineering environments. While vulnerability analysis of products and systems is standard practice, examining vulnerabilities within the enterprise itself is less common. This research is responsive to the imperatives of the newly released DoD Digital Engineering Strategy that calls for enterprises to mitigate cyber risks and secure digital engineering environments against attacks from internal and external threats, mitigate known vulnerabilities that present high risk to DoD networks and data, and to mitigate risk posed by collaboration and access to vast amount of information in models. This paper presents progress on the ongoing research that focuses on uncovering cascading vulnerabilities as related to digital engineering practice and supporting environments, with special focus on cybersecurity-related vulnerabilities. The approach uses Cause-Effect Mapping (CEM) as a mechanism for better enabling program leaders to anticipate and respond to vulnerabilities within the enterprise. The current investigation is examining enterprise-level vulnerabilities and investigating potential interventions.
Description: Acquisition Management / Defense Acquisition Community Contributor
Appears in Collections:Annual Acquisition Research Symposium Proceedings & Presentations

Files in This Item:
File SizeFormat 
SYM-AM-19-055.pdf1.48 MBAdobe PDFView/Open

Items in DSpace are protected by copyright, with all rights reserved, unless otherwise indicated.