CYSOS - Cybersecurity policy options to mitigate risks in System-of-Systems

Purpose and goal

In many contexts, several actors each contribute their own piece of a larger value-creating enterprise. This could be anything from a credit card payment in a store to a global chain of logistics. In this way, digitalization and dataflows enable much of what we take for granted in modern society. At the same time, such collaborations - systems of systems (SoS) - can be difficult to bring about and be thwarted by poor security. CYSOS takes a systems engineering approach to SoS cybersecurity so that poor security does not prevent us from using technology to its full potential.

Expected effects and result

In the CYSOS project, a framework (guidelines, principles, policies, and practices) is developed to address and mitigate cybersecurity risks and vulnerabilities within SoS environments. Today, there is a notable absence of such a comprehensive supporting framework, exposing society to risk and hampering the use of new technologies. By moving beyond mere technical cybersecurity and including governance aspects related to organisational, legal, or economic aspects, CYSOS strengthens cybersecurity resilience within Swedish industry and increases its competitiveness.

Planned approach and implementation

CYSOS comprises a consortium of key industry and research institution stakeholders who will develop and validate the cybersecurity framework collaboratively. This involves conducting an extended literature research activity to identify existing cybersecurity frameworks and gather relevant information. Furthermore, the project will engage in collaborative discussions with project partners and the reference group to identify specific requirements and criteria for the cybersecurity framework.