零信任的系统设计生命周期

IF 2.6 3区 工程技术 Q2 COMPUTER SCIENCE, INTERDISCIPLINARY APPLICATIONS Journal of Computing and Information Science in Engineering Pub Date : 2023-05-23 DOI:10.1115/1.4062597
Douglas L. Van Bossuyt, Britta Hale, R. Arlitt, N. Papakonstantinou
{"title":"零信任的系统设计生命周期","authors":"Douglas L. Van Bossuyt, Britta Hale, R. Arlitt, N. Papakonstantinou","doi":"10.1115/1.4062597","DOIUrl":null,"url":null,"abstract":"\n In an age of worsening global threat landscape and accelerating uncertainty, the design and manufacture of systems must increase resilience and robustness across both the system itself and the entire systems design process. We generally trust our colleagues after initial clearance/background checks; and systems to function as intended and within operating parameters after safety engineering review, verification, validation, and/or system qualification testing. This approach has led to increased insider threat impacts; thus we suggest moving to the “trust, but verify” approach embodied by the Zero-Trust paradigm. Zero-Trust is increasingly adopted for network security but has not seen wide adoption in systems design and operation. Achieving the goal of Zero-Trust throughout the systems lifecycle will help to ensure that no single bad actor -- whether human or machine learning / artificial intelligence (ML/AI) -- can induce failure anywhere in a system's lifecycle. Additionally, while ML/AI and their associated risks are already entrenched within the operations phase of many systems' lifecycles, ML/AI is gaining traction during the design phase. For example, generative design algorithms are increasingly popular but there is less understanding of potential risks. Adopting the Zero-Trust philosophy helps ensure robust and resilient design, manufacture, operations, maintenance, upgrade, and disposal of systems. We outline the rewards and challenges of implementing Zero-Trust and propose the Framework for Zero-Trust for the System Design Lifecycle. The paper highlights several areas of ongoing research with focus on high priority areas where the community should focus efforts.","PeriodicalId":54856,"journal":{"name":"Journal of Computing and Information Science in Engineering","volume":"63 9","pages":""},"PeriodicalIF":2.6000,"publicationDate":"2023-05-23","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"2","resultStr":"{\"title\":\"Zero-Trust for the System Design Lifecycle\",\"authors\":\"Douglas L. Van Bossuyt, Britta Hale, R. Arlitt, N. Papakonstantinou\",\"doi\":\"10.1115/1.4062597\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"\\n In an age of worsening global threat landscape and accelerating uncertainty, the design and manufacture of systems must increase resilience and robustness across both the system itself and the entire systems design process. We generally trust our colleagues after initial clearance/background checks; and systems to function as intended and within operating parameters after safety engineering review, verification, validation, and/or system qualification testing. This approach has led to increased insider threat impacts; thus we suggest moving to the “trust, but verify” approach embodied by the Zero-Trust paradigm. Zero-Trust is increasingly adopted for network security but has not seen wide adoption in systems design and operation. Achieving the goal of Zero-Trust throughout the systems lifecycle will help to ensure that no single bad actor -- whether human or machine learning / artificial intelligence (ML/AI) -- can induce failure anywhere in a system's lifecycle. Additionally, while ML/AI and their associated risks are already entrenched within the operations phase of many systems' lifecycles, ML/AI is gaining traction during the design phase. For example, generative design algorithms are increasingly popular but there is less understanding of potential risks. Adopting the Zero-Trust philosophy helps ensure robust and resilient design, manufacture, operations, maintenance, upgrade, and disposal of systems. We outline the rewards and challenges of implementing Zero-Trust and propose the Framework for Zero-Trust for the System Design Lifecycle. The paper highlights several areas of ongoing research with focus on high priority areas where the community should focus efforts.\",\"PeriodicalId\":54856,\"journal\":{\"name\":\"Journal of Computing and Information Science in Engineering\",\"volume\":\"63 9\",\"pages\":\"\"},\"PeriodicalIF\":2.6000,\"publicationDate\":\"2023-05-23\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"2\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"Journal of Computing and Information Science in Engineering\",\"FirstCategoryId\":\"5\",\"ListUrlMain\":\"https://doi.org/10.1115/1.4062597\",\"RegionNum\":3,\"RegionCategory\":\"工程技术\",\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"Q2\",\"JCRName\":\"COMPUTER SCIENCE, INTERDISCIPLINARY APPLICATIONS\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"Journal of Computing and Information Science in Engineering","FirstCategoryId":"5","ListUrlMain":"https://doi.org/10.1115/1.4062597","RegionNum":3,"RegionCategory":"工程技术","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q2","JCRName":"COMPUTER SCIENCE, INTERDISCIPLINARY APPLICATIONS","Score":null,"Total":0}
引用次数: 2

摘要

在全球威胁形势恶化和不确定性加剧的时代,系统的设计和制造必须在系统本身和整个系统设计过程中增加弹性和稳健性。经过初步的背景调查后,我们通常会信任我们的同事;经过安全工程审查、验证、确认和/或系统资格测试后,系统按预期和在操作参数内运行。这种方法导致内部威胁的影响增加;因此,我们建议转向零信任范式所体现的“信任,但要验证”的方法。零信任在网络安全方面的应用越来越广泛,但在系统设计和操作方面还没有得到广泛的应用。在整个系统生命周期中实现零信任的目标将有助于确保没有任何一个不良行为者——无论是人类还是机器学习/人工智能(ML/AI)——可以在系统生命周期的任何地方引发故障。此外,虽然ML/AI及其相关风险在许多系统生命周期的操作阶段已经根深蒂固,但ML/AI在设计阶段正在获得牵引力。例如,生成设计算法越来越受欢迎,但对潜在风险的了解却很少。采用零信任理念有助于确保系统的稳健和弹性设计、制造、运营、维护、升级和处置。我们概述了实现零信任的回报和挑战,并提出了系统设计生命周期的零信任框架。本文强调了几个正在进行的研究领域,重点是社区应该集中精力的高优先级领域。
本文章由计算机程序翻译,如有差异,请以英文原文为准。
查看原文
分享 分享
微信好友 朋友圈 QQ好友 复制链接
本刊更多论文
Zero-Trust for the System Design Lifecycle
In an age of worsening global threat landscape and accelerating uncertainty, the design and manufacture of systems must increase resilience and robustness across both the system itself and the entire systems design process. We generally trust our colleagues after initial clearance/background checks; and systems to function as intended and within operating parameters after safety engineering review, verification, validation, and/or system qualification testing. This approach has led to increased insider threat impacts; thus we suggest moving to the “trust, but verify” approach embodied by the Zero-Trust paradigm. Zero-Trust is increasingly adopted for network security but has not seen wide adoption in systems design and operation. Achieving the goal of Zero-Trust throughout the systems lifecycle will help to ensure that no single bad actor -- whether human or machine learning / artificial intelligence (ML/AI) -- can induce failure anywhere in a system's lifecycle. Additionally, while ML/AI and their associated risks are already entrenched within the operations phase of many systems' lifecycles, ML/AI is gaining traction during the design phase. For example, generative design algorithms are increasingly popular but there is less understanding of potential risks. Adopting the Zero-Trust philosophy helps ensure robust and resilient design, manufacture, operations, maintenance, upgrade, and disposal of systems. We outline the rewards and challenges of implementing Zero-Trust and propose the Framework for Zero-Trust for the System Design Lifecycle. The paper highlights several areas of ongoing research with focus on high priority areas where the community should focus efforts.
求助全文
通过发布文献求助,成功后即可免费获取论文全文。 去求助
来源期刊
CiteScore
6.30
自引率
12.90%
发文量
100
审稿时长
6 months
期刊介绍: The ASME Journal of Computing and Information Science in Engineering (JCISE) publishes articles related to Algorithms, Computational Methods, Computing Infrastructure, Computer-Interpretable Representations, Human-Computer Interfaces, Information Science, and/or System Architectures that aim to improve some aspect of product and system lifecycle (e.g., design, manufacturing, operation, maintenance, disposal, recycling etc.). Applications considered in JCISE manuscripts should be relevant to the mechanical engineering discipline. Papers can be focused on fundamental research leading to new methods, or adaptation of existing methods for new applications. Scope: Advanced Computing Infrastructure; Artificial Intelligence; Big Data and Analytics; Collaborative Design; Computer Aided Design; Computer Aided Engineering; Computer Aided Manufacturing; Computational Foundations for Additive Manufacturing; Computational Foundations for Engineering Optimization; Computational Geometry; Computational Metrology; Computational Synthesis; Conceptual Design; Cybermanufacturing; Cyber Physical Security for Factories; Cyber Physical System Design and Operation; Data-Driven Engineering Applications; Engineering Informatics; Geometric Reasoning; GPU Computing for Design and Manufacturing; Human Computer Interfaces/Interactions; Industrial Internet of Things; Knowledge Engineering; Information Management; Inverse Methods for Engineering Applications; Machine Learning for Engineering Applications; Manufacturing Planning; Manufacturing Automation; Model-based Systems Engineering; Multiphysics Modeling and Simulation; Multiscale Modeling and Simulation; Multidisciplinary Optimization; Physics-Based Simulations; Process Modeling for Engineering Applications; Qualification, Verification and Validation of Computational Models; Symbolic Computing for Engineering Applications; Tolerance Modeling; Topology and Shape Optimization; Virtual and Augmented Reality Environments; Virtual Prototyping
期刊最新文献
Physics-Guided, Physics-Informed, and Physics-Encoded Neural Networks and Operators in Scientific Computing: Fluid and Solid Mechanics Comparative Analysis of CNN Architectures for Automated Knee Segmentation in Medical Imaging: a Performance Evaluation A Novel Approach to Line Clipping Against a Rectangular Window Layered Security Guidance for Data Asset Management in Additive Manufacturing. Algorithm for Detecting Load-Carrying Regions within the Tip Seat of an Indexable Cutting Tool
×
引用
GB/T 7714-2015
复制
MLA
复制
APA
复制
导出至
BibTeX EndNote RefMan NoteFirst NoteExpress
×
×
提示
您的信息不完整,为了账户安全,请先补充。
现在去补充
×
提示
您因"违规操作"
具体请查看互助需知
我知道了
×
提示
现在去查看 取消
×
提示
确定
0
微信
客服QQ
Book学术公众号 扫码关注我们
反馈
×
意见反馈
请填写您的意见或建议
请填写您的手机或邮箱
已复制链接
已复制链接
快去分享给好友吧!
我知道了
×
扫码分享
扫码分享
Book学术官方微信
Book学术文献互助
Book学术文献互助群
群 号:481959085
Book学术
文献互助 智能选刊 最新文献 互助须知 联系我们:info@booksci.cn
Book学术提供免费学术资源搜索服务,方便国内外学者检索中英文文献。致力于提供最便捷和优质的服务体验。
Copyright © 2023 Book学术 All rights reserved.
ghs 京公网安备 11010802042870号 京ICP备2023020795号-1