| 2.3.12-4-1 Ensure the Cybersecurity requirements are properly allocated across the elements of the architecture |
Phase A |
Phase B |
Phase C |
|
Ensure each requirement is allocated to some part of the architecture. Ensure architecture products (e.g. OV-5, SV-1) are developed and available. Evaluate the allocation of the requirements to determine whether it is reasonable. Evaluate the effect and consequences of the allocation of responsibility for each element of the architecture. Ensure that all internal interfaces (i.e., interfaces between the component elements of the architecture) are identified and the interactions defined. Ensure that architecture satisfies requirements for resiliency (i.e., Cybersecurity and operational continuity).
|
AFMAN 63-119 A9.1.1
|
NA
|
Security Considerations in the System Development Life Cycle, NIST SP-800-64; OWASP Software Assurance Maturity Model - A Guide to Building Security into Software Development; AFMAN 63-119 or equivalent
|
| 2.3.12-4-2 Ensure all the external interfaces are identified and defined |
Phase A |
Phase B |
Phase C |
Phase D1 |
|
Ensure identification of all interfaces to external sources, systems, networks and external entities (e.g., situation awareness, position & timing, weather). Define the characteristics of each interface.
|
NA
|
NA
|
Security Considerations in the System Development Life Cycle, NIST SP-800-64; OWASP Software Assurance Maturity Model - A Guide to Building Security into Software Development
|
| 2.3.12-4-3 Ensure the Cybersecurity requirements are defined for each external interface |
Phase A |
Phase B |
Phase C |
|
Ensure definition of the allowed interactions and limits for each interface. Define all requirements for Identification and Authentication (I&A) for each interface. Define the interface requirements that implement the required characteristics and limits.
|
NA
|
NA
|
Security Considerations in the System Development Life Cycle, NIST SP-800-64; OWASP Software Assurance Maturity Model - A Guide to Building Security into Software Development
|
| 2.3.12-4-4 Ensure the data from every external interface is properly validated |
Phase A |
Phase B |
Phase C |
Phase D1 |
|
Ensure each interface is sufficiently well-defined such that, wherever possible, data can be validated as being within acceptable limits (e.g., precision, expected values, data size and volume). Ensure that where acceptable limits can be defined, requirements are defined for how the system reacts to and deals with out-of-limit conditions.
|
NA
|
NA
|
Security Considerations in the System Development Life Cycle, NIST SP-800-64; OWASP Software Assurance Maturity Model - A Guide to Building Security into Software Development
|
| 2.3.12-4-5 Ensure the Cybersecurity mission-critical functions have been identified |
Phase A |
Phase B |
Phase C |
Phase D1 |
Phase D2 |
Phase D3 |
|
Ensure functions and/or services upon which the mission-critical functions are dependent are identified. Ensure that all dependencies of the mission-critical functions on external functions and/or entities are identified.
|
NA
|
NA
|
Defense Acquisition Guidebook, Chapter 13, Program Protection Plan, Mar 2012: DoD Program Protection Plan Outline and Guidance Version 1.0, July 2011; Notional Supply Chain Risk Management Practices for Federal Information Systems, Draft, NIST IR 7622; Security Considerations in the System Development Life Cycle, NIST SP-800-64; OWASP Software Assurance Maturity Model - A Guide to Building Security into Software Development
|
| 2.3.12-4-6 Ensure the perturbations and hostile actions through which the system should continue to function are defined |
Phase A |
Phase B |
Phase C |
Phase D1 |
|
Ensure all perturbations and/or hostile actions through which the system must continue to provide mission-critical services are defined.
|
NA
|
NA
|
Defense Acquisition Guidebook, Chapter 13, Program Protection Plan, Mar 2012: DoD Program Protection Plan Outline and Guidance Version 1.0, July 2011; Notional Supply Chain Risk Management Practices for Federal Information Systems, Draft, NIST IR 7622; Security Considerations in the System Development Life Cycle, NIST SP-800-64; OWASP Software Assurance Maturity Model - A Guide to Building Security into Software Development
|
| 2.3.12-4-7 Ensure Cybersecurity performance requirements are defined |
Phase A |
Phase B |
Phase C |
|
Ensure minimal acceptable performance parameters are defined. Ensure that the proposed resiliency mechanisms and/or procedures are sufficient for maintaining the requisite level of performance during the perturbations or hostile actions that have been defined
|
NA
|
NA
|
Defense Acquisition Guidebook, Chapter 13, Program Protection Plan, Mar 2012: DoD Program Protection Plan Outline and Guidance Version 1.0, July 2011; Notional Supply Chain Risk Management Practices for Federal Information Systems, Draft, NIST IR 7622; Security Considerations in the System Development Life Cycle, NIST SP-800-64; OWASP Software Assurance Maturity Model - A Guide to Building Security into Software Development
|
| 2.3.12-4-8 Ensure resiliency / survivability mechanisms have been defined and designed |
Phase A |
Phase B |
Phase C |
Phase D1 |
Phase D2 |
Phase D3 |
|
Ensure mechanisms are defined for detecting, reacting to, and recovering from the defined perturbation and hostile attack conditions. Ensure that recovery mechanisms are in place to bring the system back to a known, secure state.
|
NA
|
NA
|
Defense Acquisition Guidebook, Chapter 13, Program Protection Plan, Mar 2012: DoD Program Protection Plan Outline and Guidance Version 1.0, July 2011; Notional Supply Chain Risk Management Practices for Federal Information Systems, Draft, NIST IR 7622; Security Considerations in the System Development Life Cycle, NIST SP-800-64; OWASP Software Assurance Maturity Model - A Guide to Building Security into Software Development
|
| 2.3.12-4-9 Ensure the resiliency / survivability mechanisms have been assessed for completeness and efficacy |
Phase A |
Phase B |
Phase C |
Phase D1 |
|
Ensure the proposed resiliency / survivability mechanisms address all of the defined perturbation and hostile attack conditions. Ensure that the design for each of the resiliency / survivability mechanisms is effective in maintaining the delivery of mission-critical services with defined performance parameters during the defined disturbance conditions. Ensure that the implementation of the resiliency / survivability mechanisms has been subjected to testing, simulation, and/or analysis (as appropriate) to determine their efficacy for maintaining the performance requirements of the mission-critical functions during the defined disturbance conditions.
|
NA
|
NA
|
Defense Acquisition Guidebook, Chapter 13, Program Protection Plan, Mar 2012: DoD Program Protection Plan Outline and Guidance Version 1.0, July 2011; Notional Supply Chain Risk Management Practices for Federal Information Systems, Draft, NIST IR 7622; Security Considerations in the System Development Life Cycle, NIST SP-800-64; OWASP Software Assurance Maturity Model - A Guide to Building Security into Software Development
|