Assuring mission success: Systems Security Engineering and Assurance MILCOM 2008

Certification and accreditation (C&A) is considered by many to be one of the greatest challenges to information technology (IT) program scheduling and timely mission support. The Systems Security Engineering and Assurance (SSEA) approach combines controlled design, development, integration, testing, and operational maintenance engineering and embedded information assurance (IA) engineering to implement manageable, predictable and on-schedule C&A. This paper explores the definition and coordination of 16 activities integrating IA engineering, C&A activities and milestones, network operational planning, accreditation planning, connection activities and approval and IA operational management and maintenance. SSEA is embedded within and supports critical linkages among the engineering quality, control, development, integration, testing, and operational maintenance tasks.