skip to main content

Title: Cyber-Informed Engineering: The Need for a New Risk Informed and Design Methodology

Current engineering and risk management methodologies do not contain the foundational assumptions required to address the intelligent adversary’s capabilities in malevolent cyber attacks. Current methodologies focus on equipment failures or human error as initiating events for a hazard, while cyber attacks use the functionality of a trusted system to perform operations outside of the intended design and without the operator’s knowledge. These threats can by-pass or manipulate traditionally engineered safety barriers and present false information, invalidating the fundamental basis of a safety analysis. Cyber threats must be fundamentally analyzed from a completely new perspective where neither equipment nor human operation can be fully trusted. A new risk analysis and design methodology needs to be developed to address this rapidly evolving threatscape.
 [1] ;  [1]
  1. Idaho National Laboratory
Publication Date:
OSTI Identifier:
Report Number(s):
DOE Contract Number:
Resource Type:
Resource Relation:
Conference: International Conference on Computer Security in a Nuclear World: Expert Discussion and Exchange , Vienna, Austria, 6/1/2015 - 6/5/2015
Research Org:
Idaho National Lab. (INL), Idaho Falls, ID (United States)
Sponsoring Org:
USDOE National Nuclear Security Administration (NNSA)
Country of Publication:
United States
Cyber; Engineering; Methodology; Nuclear; Risk