Date of Award
Master of Science in Systems Engineering
Department of Systems Engineering and Management
Logan O. Mailloux, PhD.
With numerous cybersecurity incidents and vulnerability concerns in an increasingly contested cyber warfighting environment, the Department of Defense (DoD) has mandated cybersecurity assessment and authorization of all major weapon systems (MWS) before their use. In response to this direction, the Air Force Life Cycle Management Center (AFLCMC) created the Platform Information Technology Assessment and Authorization (PIT A&A) Process. Modeled after the NIST Risk Management Framework (RMF), this process applies a risk-based approach to cybersecurity with the goal of identifying risks and mitigating vulnerabilities in MWS. Within this work, a stochastic model of the PIT A&A Process is presented with an emphasis on understanding how the complexity of systems, accuracy of security artifacts, and workforce proficiency impacts the ability to effectively mitigate cybersecurity risks.
DTIC Accession Number
Davis, Matthew W., "Cybersecurity Assessment and Mitigation Stochastic Model" (2018). Theses and Dissertations. 1885.