Mission Assurance Baseline v2.10

Mission Area Planning

System Planning

Pre-Award Program Planning

Technical Baseline Development

Program Requirements Planning

Program Software Planning

Acquisition Planning

Acquisition Strategy Development

RFP Development

Program Planning & Systems Engineering

Program Management

Program Assurance

Technical Contract Support

Program Risk Management

Program Configuration Management/Data Management

Program Quality Management

Program Software Management

Program Systems Engineering

Requirements Development

Design Assurance

Manufacture & Build Assurance

Interfaces

Integration & Verification Planning

Integration & Verification Execution

System Transition

System Validation

Operational Transition

Reviews & Audits

Mission Assurance Disciplines

System Safety

Reliability Maintainability Availability

Parts Materials & Processes (PM&P)

Electrical Design Integration

Mechanical Design Integration

Electromagnetic Interference/Electromagnetic Compatibility (EMI/EMC)

Mass Properties

Contamination Control

System Survivability

Supportability (Logistics)

Software Engineering

Cyber Security

Frequency Management

Human Factors Engineering

Environmental, Safety, and Health

Cables and Harnesses

Dead Bus Recovery

Launch Preparation & Integration

Launch Site Integration

Space Segment

Space Segment Systems Engineering

Spacecraft Bus Element

Bus Element Systems Engineering

Structures & Mechanisms Subsystem (SMS)

Structures

Mechanisms & Deployables

Structural Dynamics

Ordnance/Pyrotechnics

Electrical Power & Distribution Subsystem (EPDS)

Thermal Control Subsystem (TCS)

Attitude Control Subsystem (ACS)

Propulsion Subsystem (PS)

Telemetry Tracking & Command Subsystem (TT&C)

Command & Data Handling Subsystem (C&DH)

Fault Management Subsystem (FMS)

Software Subsystem (SS)

Payload Element

Payload Element Systems Engineering

Communications

Optical

Navigation

Hosted Payload

Space Vehicle Ground Support Equipment

Space Operations

Launch System Integration

Space Vehicle Storage

Ground Segment

Ground Segment Program Planning & Management

Ground Segment System Engineering, Integration & Test (SEIT)

Ground Segment Supportability

Ground Segment Software

Ground Segment Hardware

Ground Segment Facilities

Launch Segment (Future Work)

User Segment

User Segment Program Planning & Management

User Segment Systems Engineering

User Segment Integration & Test

Operations

2.3.12 - Cyber Security

2.3.12-1 Level 2 Tasks

Tasks	Applicable Mission Phases	Description	SFWC	Artifacts	References
2.3.12-1-1 Ensure the System Security Plan correctly categorizes the system Confidentiality, Integrity, and Availability Impact	Phase A \| Phase B \|	Ensure application of the Security Categorization Task. For NSS, the Security Categorization Task (RMF Step is a two-step process which includes 1) determining the impact values: (i) for the information type(s) processed, stored, transmitted, or protected by the information system; and (ii) for the information system. And 2) identifying overlays that apply to the information system and its operating environment to account for additional factors (beyond impact) that influence the selection of security controls. The RMF categorization step, including consideration of legislation, policies, directives, regulations, standards, and organizational mission/business/operational requirements, facilitates the identification of security requirements.	AFMAN 63-119 A4.14.1; AFMAN 63-119 A9.1.3.2; AFMAN 63-119 A12.1.4	NA	Guide for Applying the Risk Management Framework to Federal Information Systems, NIST SP 800-37; CNSSI No. 1253, Security Categorization And Control Selection For National Security Systems; AFMAN 63-119 or equivalent
2.3.12-1-2 Ensure the system security plan describes the Information System, its security perimeter, and enterprise architecture, and provides an overview of the security controls and the requirements and mechanisms for the meeting those controls	Phase A \| Phase B \|	Ensure descriptive information about the information system is documented in the system identification section of the security plan, included in attachments to the plan, or referenced in other standard sources for information generated as part of the system development life cycle. Duplication of information is avoided, whenever possible. The level of detail provided in the security plan is determined by the organization and is typically commensurate with the security categorization of the information system. Information may be added to the system description as it becomes available during the system development life cycle and execution of the RMF tasks. For a list of examples, see NIST SP 800-37 Task 1-2.	NA	NA	Guide for Applying the Risk Management Framework to Federal Information Systems, NIST SP 800-37; CNSSI No. 1253, Security Categorization And Control Selection For National Security Systems