Using System Models and AI to Improve Cyber Resilience

"Programs need a practical, repeatable way to engineer cyber resilience in from the outset of a new cyber-physical system design and sustain it through operations. Despite the availability of many cybersecurity building blocks, programs still lack three essentials for System Security Engineering (SSE): a formal, reusable catalog of resilience design patterns that works for both new and legacy systems; program-ready tools, training materials, and cognitive copilots that operationalize SCRE in day-to-day engineering and DoD Cyber Tabletop (CTT) exercises; and Large Language Model (LLM)–based assistance that accelerates adoption while preserving traceability, provenance, and assurance.

This presentation discusses how to close those gaps by creating a governed library of SCRE engineering design patterns in vendor-agnostic SysML v2, and by integrating that library with generative AI to deliver AI-augmented design assistance tightly coupled to recognized Bodies of Knowledge (BoK). Building on prior research in the Systems Engineering Research Center (SERC), we describe a risk-based backbone that links mission level loss scenarios to design-time mitigations. We then discuss design patterns that capture these mitigations as explicit resilience mechanisms, often implemented as “sentinel” patterns that sense loss of function and reconfigure systems to sustain mission capability. Finally we present a process meta-model that structures sensing, isolation, diagnostics, response, and post-event learning. Together, these methods enable cyber resilience to be represented as testable requirements, designed as reusable patterns, and verified through model-based evidence, all supported by LLM-based cognitive agents."