Abstract: An automated method, system, device and/or computer program for performing security analysis of an information system or computing device by modeling attacks and attack surfaces using Knowledge Graphs and Graph Computing systems. A contextual data model and a set of data instances of security knowledge can be accessed. A Knowledge Graph representing a Simulated Neural Network for security attacks can be built and trained. A security analysis tool can receive a description of an attack scenario. The Graph Computing system can analyze an attack scenario using the Security Attack Knowledge Graph. A set of observations about the attack scenario and the attack surface can be generated. The observations can include attack paths, recommendations and action plans on how to detect, prevent or address the attack scenario. The action plans can be invoked and applied to the target information system and its operating environment either manually, or by automation.

Abstract: A system and method of designing a secure solution which meets the needs of a customer but which is appropriate and repeatable and may use components which are insecure or not trusted. In its preferred embodiment, the security system includes subsystems selected from access control, information flow, identity and credentials management, integrity and assurance. In each subsystem, elements are employed to reduce the effect of perils and to provide a repeatable system design.

Abstract: A system integrity manager, system, computer program product and method for providing security may include transforming an operational behavior of an instance of a computing system from a general purpose computing system to a special purpose computing system. The operational behavior may be transformed by using at least one of a system integrity sensor and a system integrity effector and a set of system integrity policies and system integrity data.

Abstract: A system and method for generating an information technology solution. A system for generating a runtime model is provided, comprising: a system for selecting a business pattern; a system for providing a management integration table, wherein the management integration table includes a plurality of cells, each representing at least one management application pattern; and a system for generating a runtime model from the selected business pattern and management integration table, wherein the generating system supplements the business pattern with additive patterns, bridge patterns, and management application patterns in order to generate the runtime model.