Citation
National Institute of Standards and Technology, (DRAFT) Systems Security Engineering: An Integrated Approach to Building Trustworthy Resilient Systems (NIST Special Publication 800-160) (May 2014) (full-text).
Overview
This publication addresses the engineering-driven actions necessary for developing a more defensible and survivable ]information technology infrastructure — including the component products, systems, and services that compose the infrastructure. It starts with and builds upon a set of well-established International Standards for systems and software engineering published by the International Organization for Standardization (ISO), the International Electrotechnical Commission (IEC), and the Institute of Electrical and Electronic Engineers (IEEE) and infuses systems security engineering techniques, methods, and practices into those systems and software engineering processes. The ultimate objective is to address security issues from a stakeholder requirements and protection needs perspective and to use established organizational processes to ensure that such requirements and needs are addressed early in and throughout the life cycle of the system.