Tutorial Listing

System Security Engineering Tutorial

Time: Monday, October 1 8:00 AM - 12:00 PM


Presenter: Logan Mailloux, Air Force Institute of Technology, USA and Trae Span, United States Air Force Academy, USA


Abstract: This tutorial provides a detailed introduction to System Security Engineering (SSE) – a specialty domain of systems engineering responsible for identifying and managing security vulnerabilities through the application of SSE processes, activities, and tasks. Part I teaches foundation concepts for performing SSE which focuses on integrating security throughout the entire system life cycle based on the recently released National Institute of Standards and Technology, Special Publication (NIST SP) 800-160, Vol 1 Systems Security Engineering. Part II presents an approach to SSE requirements elicitation and definition which leverage the Systems-Theoretic Process Analysis for Security (STPA-Sec) with a detailed case study. The tutorial is focused on understanding and learning to apply the NIST SP 800-160 SSE processes, activities, and tasks on various types and classes of systems.

Systems Engineering & Sociotechnical Systems for IT Professionals

Time: Monday, October 1 8:00 AM - 12:00 PM


Presenters: Marcel Jacques Simonette, University of Sao Paulo, Brazil, Brazil            
Mario Magalhães, University of Sao Paulo, Brazil, Brazil            
Edison Spina, Universidade de São Paulo, Brazil, Brazil

Abstract:  Systems Engineering teaching for new and experienced Information Technology professionals is a challenge. New professionals under the pressure of short-term development culture, exposure to a diversity of information and opinions, and with lack of practical experience, underestimate the value of systems approach. The seasoned professionals are stuck in traditional methods; they over-evaluate both their expertise and proven, not necessarily efficient, approaches. As a way of enabling training of these professionals in System Engineering, and in Sociotechnical Systems, we developed an innovative short-term, intense, approach, which combines cases, discussion, and real experiences consolidated in knowledge frameworks. The Tutorial contributes to enabling the participants to identify that both the Systems Engineering practices and Sociotechnical Systems concerns can enable the integration and collaboration among software systems development teams, which enable the development of a single vision of the different parts of the software system to be developed. It is a fast-track of the full training that we have designed and can be delivered in half day, although, a full day is recommended.