Conceptual Systems Security Requirements Analysis: Aerial Refueling Case Study

Document Type


Publication Date



In today's highly interconnected and technology-reliant environment, cybersecurity is no longer limited to traditional computer systems and IT networks, as a number of highly publicized attacks have occurred against complex cyber-physical systems such as automobiles and airplanes. While numerous vulnerability analysis and architecture analysis approaches are in use, these approaches are often focused on realized systems with limited solution space. A more effective approach for understanding security and resiliency requirements early in the system development is needed. One such approach, systemtheoretic process analysis for security (STPA-Sec), addresses the cyber-physical security problem from a systems viewpoint at the conceptual stage when the solution trade-space is largest rather than merely examining components and adding protections during production, operation, or sustainment. This paper uniquely provides a detailed and independent evaluation of STPA-Sec's utility for eliciting, defining, and understanding security and resiliency requirements for a notional next generation aerial refueling platform. (c) IEEE.


In accordance with publisher policy, the final published version of this article is at the publisher's site only. https://www.ieee.org/publications/rights/author-posting-policy.html

The download link on this record points to the freely available article at IEEE.



Source Publication

IEEE Access