Pattern qualifications and examples of next-generation agile system-security strategies

Current system security strategies are failing and cannot be fixed by security engineers alone. The reason for failure is evident: the attack community operates as an intelligent, multi-agent, self organizing, system-of-systems - with swarm intelligence, tight learning loops, fast evolution, and dedicated intent. Next generation security must engage in true co-evolution, engaging in this arms race with systemic self-organization that leverages community and other forms of multiagent architectures at least equally agile to the adversary in six observed common characteristics: self organization, adaptable tactics, reactive resilience, evolvable strategies, proactive innovation, and harmonious operations. These concepts cannot be effectively employed by security engineers on sufficient scale without first being enabled by system engineers working at the architectural level. But even then, without appreciation and concurrence by decision makers, self-organizing strategies will fail to gain sufficient deployment. The principal impediment to developing and fielding these strategies is not lack of know-how, but rather lack of a common language and vision that can remove the decision-maker distrust of self organization and unite system engineers and security engineers in architecturally synergistic solutions. This article reports on a cross-discipline pattern project that is discovering and cataloging patterns of self-organizing system-of-systems security. Pattern cataloging projects generally collect best practice history within a single domain. This cross-domain project is necessarily looking into many domains to find recurrent patterns across ecological systems, biological systems, social systems, network systems, enterprise systems, multi-agent systems, ad-hoc networks, unmanned autonomous systems, and others. The intent is to find multiple examples supporting each pattern drawn from disciplines that are comfortable to systems engineers, security engineers, and decision- - makers-leading to a design and strategy language meaningful to all three. This project began and continues with graduate studies at Stevens Institute of Technology´s School of Systems and Enterprises, was adopted as a project activity by the INCOSE System Security Engineering Working Group, and is indicating potential for broader viral spread. This article presents the nature of the project, the qualification filter for candidate patterns, the descriptive form for patterns, selected exemplar patterns, and lessons learned to date.