What should be included in system diagrams, in regards to cybersecurity risks?


System Diagrams should be sufficiently detailed to permit an understanding of how the specific device design elements are incorporated into a system-level and holistic picture. Analysis of the entire system is necessary to understand the manufacturer’s threat model and the device within the larger ecosystem.

Systems diagrams should include:

  • Network, architecture, flow, and state diagrams.
  • The interfaces, components, assets, communication pathways, protocols, and network ports.
  • Authentication mechanisms and controls for each communicating asset or component of the system including web sites, servers, interoperable systems, cloud stores, etc.
  • Users’ roles and level of responsibility if they interact with these assets or communication channels.
  • Use of cryptographic methods should include descriptions of the method used and the type and level of cryptographic key usage and their style of use throughout your system (one-time use, key length, the standard employed, symmetric or otherwise, etc.). Descriptions should also include details of cryptographic protection for firmware and software updates.

Related Terms:
No items found.
About the Author
Proxima CRO Team
Dora Huang

Dora Huang is from Houston, TX and is a jack-of-all-trades. Dora is a Regulatory Affairs and Graphics Design Intern for Proxima. She has experience working on projects that vary from engineering water systems to tissue engineering.

Related FAQs:
More Questions? We're here to help!