Assessing Vulnerabilities in Model-Centric Acquisition Programs Using Cause-Effect Mapping
Rhodes, Donna H.
MetadataShow full item record
Acquisition programs increasingly use model-centric approaches, generating and using digital assets throughout the lifecycle. Model-centric practices have matured, yet in spite of sound practices there are uncertainties that may impact programs over time. The emergent uncertainties (policy change, budget cuts, disruptive technologies, threats, changing demographics, etc.) and related programmatic decisions (e.g., staff cuts, reduced training hours) may lead to cascading vulnerabilities within model-centric acquisition programs, potentially jeopardizing program success. This paper presents ongoing research that seeks to provide program managers with the means to identify model-centric program vulnerabilities and determine where interventions can most effectively be taken. Cause- Effect Mapping (CEM), a technique developed at MIT, is employed to examine cascading effects between emerging perturbations and terminal outcomes. Research begins with literature investigation and gathering results of past studies of relevance, including studies of model-centric environments and transformations from a traditional to model-centric engineering paradigm (sometimes referred to as the digital engineering paradigm), recent workshop findings, and related work on vulnerability assessment that may have implications for this work. The results are used to refine the CEM and analytic approach to develop a reference model for vulnerability assessment of model-centric programs. Usability of the resulting model is tested with selected research stakeholders.
RightsThis publication is a work of the U.S. Government as defined in Title 17, United States Code, Section 101. Copyright protection is not available for this work in the United States.
NPS Report NumberSYM-AM-18-109
Showing items related by title, author, creator and subject.
Applying Cause-Effect Mapping to Assess Cybersecurity Vulnerabilities in Model-Centric Acquisition Program Environment Reid, Jack; Rhodes, Donna (Monterey, California. Naval Postgraduate School, 2018-04-30); SYM-AM-18-175Digital engineering approaches are increasingly used in acquisition of systems, changing the current paradigm from documentation-centric to model-centric. Not only are these systems highly vulnerable to cyber threats, so ...
Applying Cause-Effect Mapping to Assess Cybersecurity Vulnerabilities in Model-Centric Acquisition Program Environments Reid, Jack; Rhodes, Donna H. (Monterey, California. Naval Postgraduate School, 2018-04-30); SYM-AM-18-090Digital engineering approaches are increasingly used in acquisition of systems, changing the current paradigm from documentation-centric to model-centric. Not only are these systems highly vulnerable to cyber threats, so ...
Rhodes, Donna H.; Reid, Jack (Monterey, California. Naval Postgraduate School, 2019-04-30); SYM-AM-19-055Digital engineering changes how systems are acquired and developed through the use of model-centric practices and toolsets. Enterprises face new challenges in this transformation, including potential for emergent vulnerabilities ...