On the Application of Cyber-Informed Engineering (CIE)
- Idaho National Laboratory
The 2023 National Cybersecurity Strategy has recommended a transition to secure-by-design methodologies in critical infrastructure. This paper presents the adoption of the National Cyber-Informed Engineering (CIE) Strategy as initiated by the U.S. DOE’s CESER office, advocating for the integration of cybersecurity at the earliest stages of system design. The strategy targets design engineers responsible for energy infrastructure to embed CIE principles within the engineering lifecycle, thus enhancing cyber resilience. This paper discusses the expansion of secure-by-design concepts to cyber-physical systems, moving beyond traditional IT security to include engineering considerations that can mitigate cyber risks through design choices. The paper introduces Digital Risk Management, balancing traditional cybersecurity with CIE to reduce both likelihood and impact of cyber threats. A set of CIE starter questions derived from 12 core principles is detailed, aiding engineers to consider cybersecurity in their designs and highlights the importance of CIE in anticipating and reducing the impacts of cyber attacks, suggesting that such integration is essential for national security and infrastructure resilience.
- Research Organization:
- Idaho National Laboratory (INL), Idaho Falls, ID (United States)
- Sponsoring Organization:
- 79
- DOE Contract Number:
- AC07-05ID14517
- OSTI ID:
- 2467509
- Report Number(s):
- INL/CON-24-80907-Rev000
- Country of Publication:
- United States
- Language:
- English
Similar Records
Cyber Informed Engineering (CIE) Principles Slide Presentation [Slides]
Cyber-Informed Engineering Guidance—Implementing CIE in Early Systems Engineering Lifecycle Stages