Secure System Architecture and Design

Leonardo has extensive experience in the security of cutting-edge digital systems using innovative, mission / business-centric security designs that focus on achieving resilience in accordance with leading security architecture frameworks including:

The Open Group Architecture Framework (TOGAF)
Sherwood Applied Business Security Architecture (SABSA)
Open Security Architecture (OSA)

Our experience has seen us contextualise “Zero Trust” to a wide variety of systems and missions, looking at how it might be achieved without breaking the other functional components of a mission. Crucially, this means we can apply new technologies and controls to existing designs in a cost-effective manner to reduce technical debt that may be contributing to the security risk picture.

Within Embedded systems, Leonardo has experience designing novel system security architectures in systems with highly variable threat landscapes. This means an adversary may be able to gain unfettered physical access to the underlying system, requiring analysis of both traditional logical avenues of compromise and novel side channel vectors.

When it comes to Distributed Control Systems (DCS), Leonardo has expertise in deconstructing large system designs against IEC 62443 and ISA99 – standards addressing security for operational technology in automation and control systems. These help identify gaps across the Purdue reference architecture where avenues of compromise can flow both from the enterprise to the control loops and vice versa.

Within Enterprise networks, Leonardo has experience in system security architecture definition against large, highly complex networks that deliver time-critical and security-sensitive information in both air-gapped and non-air gapped deployments.

The accuracy and quality of our Secure System Design and Architecture products are underlined by our accreditation from the UK National Cyber Security Centre which recognises Leonardo as a certified supplier in Cyber Risk Management. Using our extensive experience of cyber risk enables us to design threat-led, risk-informed cyber security. Our experience of delivering these outcomes from a variety of sectors includes:

Defence Platform, Missions, and Services
Aviation Platforms, Embedded Systems and Ground Services
Telecommunications, Operations Support Systems (OSS) and Radio Access Network (RAN) services
Energy Generation and Distribution
Critical Digital Infrastructure

Choose Leonardo to help you design an efficient and effective zero trust solution that strengthens your underlying mission / business objectives whilst mitigating the associated risk picture.

Neurodiversity Celebration Week

Tunnel Vision

Three decades of progress…but still a long way to go

Leonardo launches SME Collaboration Partner Programme

Defeating an ever-evolving threat: remotely controlled improvised explosive devices

Patrick Duggan