A Proposal for Model‐Based Systems Engineering Method for Creating Secure Cyber‐Physical Systems.

Rising levels of risk as cyber‐attackers look to exploit system vulnerabilities threatens the Air Traffic Control industry. Attacks on Air Navigation Service Providers' communications systems may lead to airspace closure and even cause safety issues. This paper presents a novel Model‐Based Systems Engineering method that enables systems engineers, in collaboration with system security and software engineers, to perform threat‐modeling analysis of cyber‐physical systems early in the system development process and incorporate mitigation strategies into the system design. The proposed model‐based method covers few security concepts, including misuse cases, system assets, threats, risks, vulnerabilities, and security control identification. The study found that the proposed method is suitable for conducting security analysis for complex cyber‐physical systems early in the system development process. [ABSTRACT FROM AUTHOR]