Semantic driven security assurance for system engineering in SESAR/NextGen

This paper considers the design and implementation challenges of a software tool to support semantic-driven extraction, harmonization, and application of rules for system engineering and security assurance in air navigation. Large-scale system engineering like SESAR and NextGen require a consistent and resource-efficient approach to building in security throughout the early stages of the system development life-cycle. At the time being there is no consistent corpus of regulatory / legislative rules and requirements, process-oriented and technology-specific standards or best practices for air traffic management security. Software-mediated support to security system engineering offers a resource-efficient instrument to overcome the challenges of a patchy and advance the current framework. For the software tool concept and design requirements discussed in this paper, we devised a user-mediated and iterative development process. The principal steps are presented based on an analysis of related research and initial findings of the feasibility stage of the software tool development. The approach revolves around the development of a domain-dependent set of data dictionaries and an associated ontology that can be used to verify and validate syntactically and ontologically valid combinations of terms, rules, and relationships on a harmonized rule base. This research-in-progress paper presents the initial findings from the feasibility stage of the software tool development, in particular the data dictionary. Feedback from a demonstration exercise with security experts suggests that the tool addresses the current security engineering support needs and offers an iterative capability to complement the associated guidance material in SESAR.