This Article 
   
 Share 
   
 Bibliographic References 
   
 Add to: 
 
Digg
Furl
Spurl
Blink
Simpy
Google
Del.icio.us
Y!MyWeb
 
 Search 
   
Applying the Common Criteria in Systems Engineering
March/April 2006 (vol. 4 no. 2)
pp. 50-55
Feisal Keblawi, Federal Aviation Administration
Dick Sullivan, Science Applications International Corporation
The National Institute of Standards and Technology has proposed using the Common Criteria and system-level protection profiles (SLPPs) to specify security requirements in large systems, such as those used in air traffic management. This article summarizes experience with SLPP and security targets for the US Federal Aviation Administration's National Airspace System. The authors review the FAA efforts, highlight the problems encountered, and offer suggestions for future work, calling for more research on linking systems, software, and security requirements engineering with SLPP; clearer ties between security specifications and system certification; and better guidance on the appropriate use of SLPP as a prerequisite to widespread use.
Index Terms:
systems engineering, software engineering, security engineering, requirements analysis, requirements specifications, Common Criteria, protection profiles, aviation security
Citation:
Feisal Keblawi, Dick Sullivan, "Applying the Common Criteria in Systems Engineering," IEEE Security & Privacy, vol. 4, no. 2, pp. 50-55, March-April 2006, doi:10.1109/MSP.2006.35
Usage of this product signifies your acceptance of the Terms of Use.