Composable secure system

A composable secure system is assembled from components and subsystems in ways that preserve the security properties of those constituent elements while satisfying system-wide and end-to-end security requirements. Systems can be composed by applying rigorous engineering measures to assure system properties, or alternatively, the systems can be federated in an ad hoc manner while ensuring that they interoperate securely, reliably, and sustainably. A highly scalable, secure critical infrastructure should be able to accommodate variation in system parameters (e.g., number of records, users, nodes, or clients, as well as the degree of geographic distribution, heterogeneity, or complexity) without failure of security or system reliability.

Composability and scalability are interlocking issues not only in cyber security and information assurance but more broadly in architectures for increasingly complex IT systems and networks that must nonetheless be far more robust and reliable than today’s. An underlying concept is modularity: if secure and demonstrably reliable components can be engineered to be fitted together reliably and without loss of security, the composed system that results can continue to be predictably scaled up through the addition of other secure, reliable components. While intuitively straightforward, composability and scalability are among the most difficult technical challenges in the development of IT systems because they require rethinking and re-integration of all elements of hardware and software engineering, including first principles, requirements, architecture, and development methods and practices. However, composability and scalability are deemed essential approaches for increasing the overall security and trustworthiness of the IT infrastructure.