Risk Assessment – Risk-based Cyber Mission Assurance Process (RCMAP)

PDF

Authors
  1. Rheaume, F.
  2. Painchaud, F.
Corporate Authors
Defence Research and Development Canada, Valcartier Research Centre, Quebec QC (CAN)
Abstract
The Risk-based Cyber Mission Assurance Process describes a series of activities on the cyber risk management of military platforms and systems throughout their whole life cycle in order to achieve cyber mission assurance. The process integrates cyber risk management into the Canadian Armed Forces missions, procurement, projects and engineering processes. The process is made of three main activities: mission criticality analysis and asset valuation, risk assessment and security development. These activities are integrated into the Department of National Defence’s Standard Project Framework and the Materiel Acquisition and Support process. This report presents the risk assessment activity. A step-by-step risk assessment procedure is defined, including identification of attack surface and attack vectors, definition of a threat model, description of test activities and risk evaluation. To support the description of the process, application examples along with initial threat data and references are provided.

Il y a un résumé en français ici.

Keywords
cyber mission assurance;risk management;materiel acquisition and support
Report Number
DRDC-RDDC-2019-R054 — Scientific Report
Date of publication
01 Jul 2019
Number of Pages
78
DSTKIM No
CA049764
CANDIS No
810591
Format(s):
Electronic Document(PDF)

Permanent link

Document 1 of 1

Date modified: