Keywords: systems engineering, cloud infrastructure, software as a service, SaaS, platform as a service, PaaS, infrastructure as a service, IaaS, ISO/, IEC 15288, ISO/, IEC12207, ISO 27001/, ISO 27002, SABSA, TOGAF, system of systems, cloud computing, software engineering standards, data security standards
A 'system–of–systems' standardised architectural approach driven by cloud computing paradigm
The paper discusses the possibilities of leveraging the new cloud concepts and standardised architectural principles for providing support to systems security engineering for the next generation of cloud–based systems. These systems are part of a 'system–of–systems' infrastructure. The related study and systems investigation demonstrate the potential of combining fundamental cloud concepts and related models with systems security requirements elicitation, analysis and management using the systems engineering process (SEP). The approach highlights the benefits of applying systems and software engineering standards ISO/IEC15288 and ISO/IEC12207 alongside data security standards ISO 27001/ISO27002. This paper aims at creating the foundation for new strategies for 'systems–of–systems' that will address the security issues and embed them in a holistic cloud ready infrastructure.