ISO/IEC WD TS 27115.3

Cybersecurity evaluation of complex systems — Introduction and framework overview

General information

Current stage: 20.20 Working draft (WD) study initiated Dec 4, 2024

Originator: ISO/IEC

Owner: ISO/IEC JTC 1/SC 27 Information security, cybersecurity and privacy protection

Type: Technical Specification

Scope

This document provides the foundations and concepts for the cybersecurity evaluation of complex systems. Two frameworks are defined:
• The first is used to specify the cybersecurity of a complex system, including system of systems.
• The second is used to evaluate the corresponding cybersecurity solutions.
The frameworks use basic architecture concepts:
• to enable description of reference or solution cybersecurity architectures;
• to support model-based, comprehensive and scalable security solutions and their evaluation; and.
• to allow for the definition of architecture-based cybersecurity profiles (ACP) and hierarchies of profiles.

Life cycle

NOW

IN_DEVELOPMENT
ISO/IEC WD TS 27115.3
20.20 Working draft (WD) study initiated
Dec 4, 2024