Cyber Security Engineering Applications
As products become more connected and the software becomes more complex, it has become extremely important, even mandated, to engineer security aspects into product development from system design and architecture, to the development process, and to the final security associated with operations and maintenance.
Performance is providing security engineering services for aerospace and defense, so that our customer’s systems are engineered in a way that meets applicable standards and regulations in order to stop cyber-attacks. At Performance, we bring efficient and compliant solutions into the market by leveraging our expert security engineering talent, innovative solutions, strong program management and regulation rigor.
Cyber Security Life Cycle
From system design and architecture, through the development process, and to the final security associated with operations and maintenance, Performance provides Cyber Security Engineering Support for:
- Creation of Plans and Processes for Addressing Security Aspects of Certification
- Threat Scenario and Vulnerabilities Identification and Assessment
- Security Requirements Creation and Gap Analysis of Existing Requirements
- Security Architecture Design and Design Risk Analysis
- Secure Coding Practices and Counter Measure Development
- Security Testing (Vulnerability Assessments, Penetration Testing, etc.)
- Security Operations and Maintenance
- Creation of Compliance Artifacts for Certification
Aerospace Security Standards
We are a leader in understanding and implementing the latest in aerospace security standards such as DO-326A/DO-355 by participating in the creation of the first Plans for Security Aspects of Certification (PSecAC) to protect the C919 Avionics from security threats. Performance has provided formal Airborne Network Security compliance responses to authority issue papers. We are defining: product lifecycle and risk analysis processes which comply with DO-326A, the systems security perimeter and architectural protection mechanisms, security requirements, countermeasures, and validation/verification that the system is compliant.
Our engineers have both commercial and government program experience in traditional network security, information assurance, fraud protection and mediation, information technology infrastructure development, information theft detection systems, penetration testing, and COMSEC projects. In addition, our program managers are skilled in running information assurance/ cyber security projects requiring certifications and accreditation (NIST, DIACAP, FISMA).
The creative drive and technical strength that our teams gained while working commercial information assurance projects gives our engineers a unique understanding of implementing security in industries, such as avionics and embedded controls. These industries did not have a security focus in the past because systems were isolated from networks and external access. As network connectivity of systems becomes key in next generation platforms, Performance can help make sure your systems are compliant, cost effective countermeasures are in place, and your airborne avionics or defense systems are safe from hackers before they attack.
The combination of industry leading commercial information assurance experience/expertise, applying best practices/tools for security engineering, instilling sense of program urgency, successfully navigating through regulatory complexities and doing the job correctly the first time, translates into tremendous savings to our customers. Our customers have confidence in knowing that when PSW is on the job, their systems are compliant with regulations and are designed with security in mind resulting in lasting, long term partnerships.