ISAUnited offers its members and students exclusive access to a comprehensive digital content library tailored specifically for architecture design practitioners focused on security-by-design principles. With a commitment to enhancing security measures within architectural projects, ISAUnited's digital content library serves as an invaluable resource hub for professionals seeking to seamlessly integrate robust security protocols into their designs.
Overall, ISAUnited's dedication to providing a dedicated digital content library for architecture design practitioners underscores its commitment to advancing security standards and fostering innovation within the architectural community. By equipping members with the knowledge, tools, and resources they need to integrate security seamlessly into their designs, ISAUnited remains at the forefront of driving positive change and shaping the future of secure architectural practices.
Become a member today to access the new design methodology and other great documentation.
Latest Editions
Acronym Fun!
CDM
Title: Cybersecurity Design Model
Category: Model
Status: Active
Standard diagram set for showing systems, trust boundaries, interfaces, and failure domains—so teams can see data flow, where controls live, and how failures are contained; anchors design reviews, TADA overlays, and D10S mapping.
CEC
Title:Cybersecurity Engineering Concept
Category: Concept/Method
Status: Active
Decision playbook for planning and justifying builds across components, systems, and systems-of-systems; defines options and trade-offs, applies CIE for trust and failure containment, and records the rationale so choices are repeatable and auditable—feeding DRM decision logs, V&V, and CDM-aligned control placement mapped to D10S.
CIE
Title: Component Integrity Engineering
Category: Concept
Status: Active
Concept for establishing component trust and containment: define allowed interfaces, enforce identity and least-privilege authorization, validate data contracts, and guard each connection (mTLS/keys, rate limits, schema checks, logging); segment to limit blast radius and plan safe failure/rollback. Outputs a component trust profile and connection policy mapped to D10S, recorded in DRM, quantified with TMC, and visualized on CDMs.
CORE4
Title: Well‑Architected‑Secured Model
Category: Framework
Status: Active
Four-part model that anchors ISAUnited designs: (1) Enterprise Security Architecture (ESA), (2) Cloud Security Architecture (CSA), (3) ISAUnited Defensible Architecture (IDA) Design Methodology, and (4) Implementing Security Controls & Standards—linking strategy to patterns and controls so teams move from clear plans to auditable delivery and continuous improvement.
D10S
Defensible 10 Standards
Category: Standard
Status: Active
ISAUnited’s ten parent technical standards—Network, Cloud, Endpoint/Infrastructure, Application & DevSecOps, Data, IAM, Threat & Vulnerability, Monitoring/Detection/Response, Cryptography & Key Management, and Secure SDLC. Each standard specifies measurable requirements (inputs) and technical specifications (outputs) with V&V under D-SSF, ties decisions to CDMs/CECs and DRM for traceability, and guides control placement and patterns across real systems. Vendor-agnostic and auditable, expanded by sub-standards reviewed annually by the Technical Fellow Society.
D‑SSF
Defensible Standards Submission Function
Category: Framework/Process
Status: Active
Schema-and-authoring framework for ISAUnited sub-standards: classifies every item with R/P/C/T (Requirements, Principles, Controls, Technical Specifications), enforces architecture-grounded, traceable, and verifiable outputs with V&V, and applies numeric scoring—SRL (1–4), RE (1–5), IC (1–3) to compute Risk Score = (SRL + RE + IC) / 3, plus SP (1–3) for planning (with optional weighted scoring and visual risk badges). Integrates TADA for adversary evidence and TMC for quantitative thresholds; links decisions to DRM and produces audit-ready artifacts (e.g., LEP).
DRM
Design Risk Management
Category: Framework/Method
Status: Active
Lifecycle governance for design and change: identify hazards, options, and mitigations; assign a risk owner and acceptance; set measurable acceptance criteria and V&V; link decisions to CDM diagrams, TADA/DTM findings, and TMC thresholds; define release gates (Definition of Done) under D-SSF and produce an auditable record (risk register + LEP) for traceability across sprints.
DTM
Design Threat Model
Category: Method
Status: Active
Structured, design-time threat reasoning: identify crown assets and trust boundaries; define attacker goals and plausible paths; map threats with STRIDE/ATT&CK onto CDM views; select Preventive / Detective / Corrective controls; capture assumptions, residual risk, and testable acceptance criteria; record decisions in DRM and feed D-SSF V&V; pairs with TADA overlays and optional TBM visuals during design and change reviews.
D-Loop
Engineering 6 Ds Loop
Category: Framework/Method
Status: Active
ISAUnited’s six-stage lifecycle for doing security by design and change: Discover (goals, assets, constraints → seed DRM), Diagram (build CDMs: views, boundaries, interfaces), Decompose (TADA/DTM attack overlays), Decide (CECs/CIE trade-offs; choose controls), Deliver (implement; set TMC thresholds; define D-SSF gates), Demonstrate (V&V evidence; residual risk & LEP). Aligns teams on when to do which artifact and keeps work auditable.
IDA
ISAUnited Defensible Architecture Design Methodology
Category: Method
Status: Active
Threat-based, step-by-step method for security architecture: Pre-Design (problem/solution/BRD intake), Discovery (SARS submission; diagrams/DFDs; components; data classifications; integrations/APIs), Design Development—Concept (HLA; baseline controls) and Technical (DLA; threat & vulnerability analysis using Kill Chain + STRIDE; technical controls)—and Post-Design (handoff to Eng/Ops, continuous oversight, optional security standard artifact, close-out). Produces teachable artifacts (IDA Templates 01–07) and a repeatable, auditable path from requirements to defensible controls.
SbD
Security by Design
Category: Method
Status: Active
Lifecycle method that bakes security into every phase—Initiation → Analysis & Assessment → Design & Planning → Implementation & Integration → Testing & Validation → Deployment & Operation → Monitoring & Maintenance → Review & Improvement—guided by principles like least privilege, defense-in-depth, secure/fail-safe defaults, and privacy by design. Produces CDM views, TADA/DTM overlays, CEC/CIE-driven control choices, TMC thresholds, and DRM-tracked decisions with V&V under D-SSF—resulting in auditable, defensible designs.
SDO
Security Design Operations
Category: Method
Status: Active
An overarching, vendor-agnostic framework that operationalizes Security by Design across on-prem, cloud, and hybrid. Defines roles, rhythms, and workflows; aligns ERA ↔ SRA and engages TDA/CoE; drives delivery of HLA/DLA diagrams, threat & vulnerability analyses, baseline/technical control catalogs, and reports; embeds BAU oversight and stakeholder collaboration to streamline security architecture from concept to continuous improvement.
TBM
Tactical Battle Maps
Category: Model
Status: Active
Visual modeling framework that fuses CDM architecture views (trust boundaries, service chains, data paths) with TADA attack overlays to expose ingress/egress routes, east-west pivots, and choke points. Produces prioritized control placement & sequencing mapped to D10S, plus before/after diffs for change-driven work and evidence hooks for DRM/TMC (thresholds, SLAs). Applicable across Outside-In, Inside-Out, Data Core Ring, Process-Driven, Service Chain, and Change-Driven workflows. Not a product—teams generate TBMs using their own telemetry and platforms.
TMC
Technical Mathematical Computation
Category: Framework/Method
Status: Active
The math layer for engineering decisions—turn design claims into numbers, limits, and pass/fail criteria. Use TMC to: (1) set enforcement thresholds (e.g., rate limits, lockouts, anomaly scores), (2) size and capacity‑plan (RPS/QPS, bandwidth, storage growth), (3) budget reliability (SLO/SLI, availability “nines,” error budgets, MTTF/MTTR), and (4) select cryptographic parameters (key lengths, rotation cadence, security margins). TMC outputs quantitative requirements that plug into DRM decision records and V&V under D‑SSF, and it pairs with CDMs/CECs so control choices are defensible.
TRC
Technical Research Center
Category: ISAU's Non-profit Department
Status: Active
ISAUnited’s applied research arm that turns complex cybersecurity problems into defensible, engineering‑grade solutions. TRC develops frameworks and models, validates standards, and conducts AI & cybersecurity research, threat modeling & adversary simulation, and architecture reviews. It partners with private industry and government to deliver actionable outcomes and auditable evidence.
TADA
Technical Adversarial & Defensible Analysis
Category: Method
Status: Active
Attack-overlay method that projects adversary paths onto CDM diagrams to expose ingress/egress routes, east-west pivots, and exfil paths; outputs defensible control placement & sequencing mapped to D10S, testable acceptance criteria, and DRM-ready residual-risk notes, with thresholds quantified via TMC and optional TBM visuals.
Complimentary Content
Templates:
Threat Map Diagramming-Basic Stencils Package
Date:
2023
Become a member of ISAUnited and unlock our exclusive package, which includes our newest Defensible Architecture templates, including content for 'Threat and Vulnerability Analysis.'
