4. GENERAL REQUIREMENTS
4.1 System Security Engineering (SSE) Management Program.
The contractor shall establish a SSE program to support economical achievement of overall program objectives. To be considered efficient, the SSE program: (1) enhances the operational readiness and mission success of the defense resource; (2) identifies and reduces potential vulnerabilities to security threats; (3) provides management information essential to system security planning and:
(4) minimizes its own impact on overall program cost and schedule.
4.2 SSE Program Requirements.
Weapon system acquisition is divided into four phases: concept exploration, demonstration and validation, full-scale development, and production and deployment. General SSE requirements accomplished during each of the four phases are as follows:
4.2.1 Concept Exploration Phase.
Develop system security criteria, describe the base-line security system design, and conduct security threat and vulnerability studies.
4.2.2 Demonstration and Validation Phase.
Through a series of analyses, the baseline security system design described during the concept exploration phase is validated and preliminary performance specifications for security hardware and software prepared. Identified threats and vulnerabilities are processed through system design modifications and risk management.
Replaced/Superseded by document(s)
|MIL STD- System Security Engineering Program Management Requirements.PDF
This standard establishes the formats, contents and procedures for a contract SSE Management Program. The purpose of the System Security Engineering Management Program is to establish definitive guidance in the initial acquisition or modification of new or existing systems, equipment, and facilities to analyze security design and engineering vulnerabilities; and develop recommendations for engineering changes to eliminate or mitigate vulnerabilities consistent with other design and operational considerations. SSE supports the development of programs and standards to provide life
cycle security for critical defense resources.
Tasks described here are selectively applied in DOD contract specifications, request for proposals, statements of work and Government in-house efforts requiring a system security engineering management program. The word “contractors” include Government activities developing military systems, equipment and facilities. This standard may also apply to initial design of new facilities or modifications to existing ones.