4.1 System Security Engineering (SSE) Management Program.
The contractor shall establish a SSE program to support economical achievement of overall program objectives. To be considered efficient, the SSE program: (1) enhances the operational readiness and mission success of the defense resource; (2) identifies and reduces potential vulnerabilities to security threats; (3) provides management information essential to system security planning and: (4) minimizes its own impact on overall program cost and schedule.
4.2 SSE Program Requirements.
Weapon system acquisition is divided into four phases: concept exploration, demonstration and validation, full-scale development, and production and deployment. General SSE requirements accomplished during each of the four phases are as follows:
• 4.2.1 Concept Exploration Phase. Develop system security criteria,describe the base-line security system design, and conduct security threat and vulnerability studies.
• 4.2.2 Demonstration and Validation Phase. Through a series of analyses, the baseline security system design described during the concept exploration phase is validated and preliminary performance specifications for security hardware and software prepared. Identified threats and vulnerabilities are processed through system design modifications and risk management.
• 4.2.3 Full-Scale Development Phase. The security system should be fully designed and integrated. Security system hardware and software should be acquired or developed against-the specifications prepared in the demonstration and validation phase.
• 4.2.4 Production and Deployment Phase. Implement the security system design via production and conduct deployment planning.
Replaced/Superseded by document(s)
|File||MIME type||Size (KB)||Language||Download|
|DoD Handbook- System Security Engineering Program Management Requirements.PDF||application/pdf||879.17 KB||English||DOWNLOAD!|
This standard establishes the formats, contents and procedures for a contract SSE Management Program. The purpose of the System Security Engineering Management Program is to establish definitive guidance in the initial acquisition or modification of new or existing systems, equipment, and facilities to analyze security design and engineering vulnerabilities; and develop recommendations for engineering changes to eliminate or mitigate vulnerabilities consistent with other design and operational considerations. SSE supports the development of programs and standards to provide life cycle security for critical defense resources.