Date of Award
Master of Science (MS)
Electrical Engineering and Computer Science
complete mediation, formal methods, mission assurance, patrol base operations, security analysis, STPA
The complexity of today’s large, multi-component systems and missions presents a growing risk of failure because of emergent system-level properties. Furthermore, the interconnectivity of systems to other systems creates additional security problems. Yes- terday’s safety and security risk analysis methodologies are no longer effective. To manage this complexity, what is needed is a holistic, thorough, systematic, system-level, and for- mally verified approach to risk analysis to ensure stakeholder-required needs are met, asset losses are mitigated, and the system or mission operates with its intended function- ality. Furthermore, these system and mission risks need to be thoroughly documented to increase the visibility of risks so that decision makers have a solid foundation upon which to base risk-mitigating decisions. Finally, the results of the analysis and decisions need to be formally verified and documented for the purpose of auditing and accountability.
This thesis presents a solution to this problem, System-theoretic and Technical Opera- tional Risk Management (STORM). STORM is a methodology for designing trustworthy systems and missions that conform to industry standards of trustworthiness, namely the NIST SP 800-160 System Security Engineering Framework. It is also comformable to the Risk Management Framework (NIST SP 800-37).
Components of STORM have been successfully demonstrated on automated systems. But testing STORM on a non-automated, human-centered system has yet to be done. This paper demonstrates STORM analysis on the U.S. Army Ranger patrol base opera- tions, an example of such a system. Following the example, this thesis discusses STORM in light of conformance to NIST SP 800-160. It also discusses improvements to STORM that could extend it to a more comprehensive system and mission assurance methodology. This could be done by explicitly adding components of the risk management framework (RMF NIST SP 37 and 800-53) and upgrading its documentation requirements based on the Assurance Case (AC) Methodology . These additions would strengthen STORM’s trustworthiness component.
Pickering, Lori Denise, "Analyzing And Assuring Missions and Systems by STORM: Introducing and analyzing Systems-Theoretic and Technical Operational Risk Management (STORM)" (2019). Theses - ALL. 317.