Architecture/Security
Roundtable
Discussion
architecture
Architect and Security are
separate topics, architecture
is overarching concept.
security
Team Members
•
•
•
•
•
•
•
Bayuk, Jennifer
Brown, Winson
Clarke, Lori
Dauby, Jason
Ergin, Nil
Guckert, Ross
Hamilton, Drew
•
•
•
•
•
Horowitz, Barry
Huang, LiGuo
Mitola, Joe
Sangwan, Ragu
West, Stephen
Facilitators: Bayuk, Jennifer; Hamilton, Drew
Problem Definition
• Model-assisted (using SYSML), lifecycle issues,
evolution requirements (e.g. scale)
• Check-the-box approaches do not work. Evaluation
criteria are not evident. How to produce feasibility
evidence?
• Can architecture be separated from design?
• What tools and processes can inform architecture,
how to define attributes like security?
• Security attributes cannot be taken out of context.
Need high level principles? Can they be applied to
architecture directly?
• Functional requirements usually come first. Is this the
right order? Should quality come first? How to reduce
ambiguity?
Purpose/Objectives of a Research Effort
– To extract goals for architecture, operational
definitions for quality implications for mission.
– Possible to define attributes first prior to
functionality? Security, architecture of all scales?
– Motivate better architecture by allowing
justification for project costs due to architectural
design considerations not currently accounted for
by contracting processes.
– Identify out-of-norm detection techniques early in
evolution.
– Reduce tendency for humans to grab low-hanging
(potentially poisonous) fruit (and commit to poor
choices made too early, instead learn from them,
metrics?).
Benefits of a Research Effort
• Provide potentially better presentation methods for
architecture alternatives.
• Catalogue of standard system-to-system and enterprise views
and their relationships.
– Allows for human-centric mission-driven views.
– Produces rigorous definitions as a basis for measurability.
– Provides basis for evaluating systems on the basis of
scenarios.
– Allows for plug-and-play testing for components.
• Provide methodology to isolate problematic architectural issues
in system components.
• Provide framework to study agility versus evolvability?
• Provide migration path via industry standards.
• Potential for expansion of computing and communication
facility command and control alternatives.
Approach of a Research Effort
• Cloud computing may allow experimentation
with both architecture and security in an
economically viable manner.
• Architecture centric engineering using
architecture agility principles
– Attack complexity issues head-on.
– Shadow projects with alternative architectural
approaches.
– Make architecture evaluation a formal part.
• Use security benefits as justification for
“duplicate” efforts.
• Have separate project to use formal
architecture framework reviews of a variety of
other projects.
Potential Task Initiatives
• DD R&E – acquisition process
• DOD - Commercial system evaluation
– Functional capability specification
• DOE - resiliency sourcing area
– DOD overlap for portable power generation systems
• NSA - asset protection strategies
– IAD evaluation criteria
– DOD, Agency overlap with functional assurance criteria
• DHS - Critical infrastructure protection evaluation criteria
• IC - Any command and control function that would benefit
from architecture alternatives
• MDA – security architecture
Potential Collaborators
•
•
•
•
•
•
•
Bayuk, Jennifer
Brown, Winson
Clarke, Lori
Dauby, Jason
Ergin, Nil
Guckert, Ross
Hamilton, Drew
•
•
•
•
•
•
Horowitz, Barry
Huang, LiGuo
Mostashari, Ali
Mitola, Joe
Sangwan, Ragu
West, Stephen