Foundational Security Frameworks
Appendix L: Foundational Security Frameworks
DEML adopts two Lockheed Martin white papers as guiding references for its threat-driven security architecture. They are operational doctrine—not decorative citations—and are applied throughout §10 and Chapter 23.
Why these references were chosen. Compliance frameworks (SOC 2, CMMC, NIST) catalog control objectives; vulnerability scanners enumerate CVEs. Neither alone keeps pace with adversaries targeting high-throughput telemetry pipelines, ML inference endpoints, and multi-tenant boundaries. A Threat-Driven Approach to Cyber Security supplies a repeatable discovery-to-controls workflow (IDDIL/ATC, STRIDE-LM, functional control hierarchy) that lets operators prioritize by mission impact and threat intelligence—not patch-queue volume alone. Defendable Architectures translates that mindset into engineering requirements: systems must be designed for Visibility (observable adversary behavior), Manageability (centralized, automated posture changes), and Survivability (graceful degradation without silent data loss). That pairing matches DEML's Event Projections loop, symmetrical tenant pipelines, and CES countermeasure scoring.
| Reference | Authors (2019) | Role in DEML architecture |
|---|---|---|
| A Threat-Driven Approach to Cyber Security | Muckin, M., & Fitch, S. C. | IDDIL/ATC threat modeling, STRIDE-LM taxonomy, triage by adversary objectives, Cyber Kill Chain–aligned CES metrics |
| Defendable Architectures | Fitch, S. C., & Muckin, M. | Visibility / Manageability / Survivability principles mapped to OTEL + ClickHouse, worker automation, Outbox + DLQ survivability |
Formal citations.
- Muckin, M., & Fitch, S. C. (2019). A Threat-Driven Approach to Cyber Security: Methodologies, Practices and Tools to Enable a Functionally Integrated Cyber Security Organization. Lockheed Martin Corporation. https://www.lockheedmartin.com/content/dam/lockheed-martin/rms/documents/cyber/LM-White-Paper-Threat-Driven-Approach.pdf
- Fitch, S. C., & Muckin, M. (2019). Defendable Architectures: Achieving Cyber Security by Designing for Intelligence Driven Defense. Lockheed Martin Corporation. https://www.lockheedmartin.com/content/dam/lockheed-martin/rms/documents/cyber/LM-White-Paper-Defendable-Architectures.pdf
[!NOTE] Grok Build Beta annotations in source (e.g. footer comments, this appendix) mark maintenance performed during automated end-of-day pipelines. Re-run
./scripts/deml-cleanup.shbefore each session and consult Appendix D for scheduled worker cadence.