Making the Case for Cybersecurity
lifecycle— engineering, risk analysis, assurance, and compliance— supporting scalable, explainable cybersecurity.
In short, this framework elevates cybersecurity to a computable, reasoning-based discipline. It empowers stakeholders to align system evolution with mission assurance, creating resilient, transparent, and adaptable digital infrastructure in the face of ever-changing threats.
10 REFERENCES [ 1 ] NIST 800-30 Guide for Conducting Risk Assessments
[ 2 ] ETSI CYBER; Methods and protocols; Part 1: Method and pro forma for Threat, Vulnerability, Risk Analysis( TVRA).
[ 3 ] ISO / IEC 27005:2022 Information security, cybersecurity and privacy protection— Guidance on managing information security risks
[ 4 ] ISO / SAE 21434 Road Vehicles Cybersecurity Engineering [ 5 ] RTCA DO-356A Airworthiness Security Method and Considerations [ 6 ] NIST 800-37 Risk Management Framework
[ 7 ] Sanford Friedenthal, Alan Moore, Rick Steiner, A Practical Guide to SysML, Morgan- Kaufmann, OMG Press
[ 8 ] Unified Architecture Framework( UAF), ISO / IEC 19540-1:2022 and ISO / IEC 19540-2:2022
[ 9 ] Nikolai Mansourov, Djenana Campara, Systems assurance: Beyond detecting vulnerabilities, 2010, Morgan Kaufmann, Elsevier, OMG Press
[ 10 ] Aknur Shukla, et. al. System Security Assurance: A Systematic Literature Review, Computer Science Review, 2022
[ 11 ] Mazen Mohamad, et. al. CASCADE: An Asset-driven Approach to Build Security Assurance Cases for Automotive Systems
[ 12 ] Sarker, et. al, Cybersecurity data science: an overview from machine learning perspective, Journal of Big Data, 2020
[ 13 ] Ardebili, et. al, Risk Assessment for Cyber Resilience of Critical Infrastructures: Methods, Governance, and Standards, Applied Sciences, Special Issue New Advances in Computer Security and Cybersecurity, 2024
[ 14 ] Kulik, et. al, A Survey of Practical Formal Method for Security, Formal Aspect of Computing, vol 34,1, 2022, ISSN 0934-5043
56 May 2025