ISO/IEC CD TS 27115

Cybersecurity evaluation of complex systems — Introduction and framework overview

Апстракт

This document provides the foundations and concepts for the cybersecurity evaluation of complex systems. Two frameworks are defined:
·       The first is used to specify the cybersecurity of a complex system, including system of systems.
·       The second is used to evaluate the corresponding cybersecurity solutions.
The frameworks use basic architecture concepts:
·       to enable description of reference or solution security architecture;
·       to support model-based, comprehensive and scalable security solutions and their evaluation;
to allow for the definition of architecture-based security profiles and hierarchies of profiles.