Full Program
Summary:
As cyber threats grow in complexity and frequency, cyber resilience is essential in modern system development. This paper presents a structured approach to integrating cyber resilience strategies throughout the System Development Lifecycle (SDLC), ensuring systems can anticipate, withstand, recover from, and adapt to disruptions. To achieve this, a comprehensive review of existing cyber resilience strategies was conducted, then the strategies were systematically mapped to the SDLC stages. The mapping ensures that resilience is embedded proactively from the earliest stages of system design through deployment, operation, and eventual decommissioning. Strategies spanning multiple stages were categorized by their primary point of implementation while considering dependencies. By providing a stage-by-stage breakdown of resilience-enhancing practices, this paper offers a practical guide for system designers, engineers, and cybersecurity professionals seeking to strengthen system robustness. The findings contribute to a structured framework for cyber resilience within the SDLC, offering optimizing resilience without unnecessary complexity or cost.Author(s):
Grant Deffenbaugh
Carnegie Mellon University
United States
Deffenbaugh’s recent work is in evaluating Artificial Intelligence/Machine Learning (AI/ML) network behavior analysis devices, work with the Cyber Maturity Model Certification (CMMC), and maritime vessels. His previous work involved design, construction, and maintenance of a malware lab with over a billion unique samples.
Deffenbaugh holds a PhD in Computer Science Engineering and a Master of Science in Electrical Engineering from Rensselaer Polytechnic Institute. He also holds both the CISSP and CCSP certifications.
The CERT Division of CMU SEI is the birthplace of cybersecurity research, conducting col-laborative and innovative evidence-based research to fortify the cyber ecosystem and pro-tect national security and prosperity.
Srinidhi Kameneni
Carnegie Mellon University
United States