Cybersecurity Assessment and Mitigation Stochastic Model

Author

Matthew W. Davis

Date of Award

3-23-2018

Document Type

Thesis

Degree Name

Master of Science in Systems Engineering

Department

Department of Systems Engineering and Management

First Advisor

Logan O. Mailloux, PhD.

Abstract

With numerous cybersecurity incidents and vulnerability concerns in an increasingly contested cyber warfighting environment, the Department of Defense (DoD) has mandated cybersecurity assessment and authorization of all major weapon systems (MWS) before their use. In response to this direction, the Air Force Life Cycle Management Center (AFLCMC) created the Platform Information Technology Assessment and Authorization (PIT A&A) Process. Modeled after the NIST Risk Management Framework (RMF), this process applies a risk-based approach to cybersecurity with the goal of identifying risks and mitigating vulnerabilities in MWS. Within this work, a stochastic model of the PIT A&A Process is presented with an emphasis on understanding how the complexity of systems, accuracy of security artifacts, and workforce proficiency impacts the ability to effectively mitigate cybersecurity risks.

AFIT Designator

AFIT-ENV-MS-18-M-194

DTIC Accession Number

AD1056471

Recommended Citation

Davis, Matthew W., "Cybersecurity Assessment and Mitigation Stochastic Model" (2018). Theses and Dissertations. 1885.
https://scholar.afit.edu/etd/1885