Identification includes cybersecurity considerations such as the following:
- Secure design principles
- Security requirements
- Threat modeling
- Source code review
- Security testing
- Incident response
Identification should include a review of the manufacturing design process, particularly the inclusion of cybersecurity considerations at each of the following stages:
- Identify the requirements and constraints of the design problem.
- Evaluate the requirements and constraints of each solution to the design problem.
- Determine the objectives for an engineering test of the solution to the design problem.
- Test the solution to the design problem, using mathematical, conceptual, and/or physical modeling, simulating, and optimizing.
- Evaluate the test results.
Teacher Resource: Layered Blueprints: A Method for Engineering OT Security (video), by Sarah Fluchs, Security Consultant, Admeritia
Process/Skill Questions:
- What is threat modeling and how is it helpful?
- What is the earliest stage during which one can perform threat modeling?
- Why is security testing important?
- What are some common security design principles?