Read the Community Blog

Site update- new template

One of the OSA team has kindly spent some time updating the CMS template, and modernising the look. It's a holding pattern but it means the site stays supported a bit longer, while we figure out some new content.


  • Created on .

Still live- considering next development steps

Quick update. It has been a long time since the core team provided any significant updates for OSA. We are still interested in developing the ideas in this project and have been discussing moving to a modern platform and workflow.

In the 10+ years since this site was created the world has changed. Open Source has become a standard part of the world, and runs the majority of the worlds critical systems. The way we build and operate systems has changed with a move to CI/CD workflows and cloud environments. Security threats have increased dramatically and we have moved as an industry to focusing on detection and response. The overall importance of information and cyber security has increased as we predicted here.

Some things have stayed the same. NIST 800-53 remains a strong framework for security control specification and design activity, and has been supplemented by the NIST cyber security framework which is becoming the pre-eminent framework to use in many industries. We still don't have a consistent industry framework for security architecture but there are very promising signs from a number of areas. We'll be back on this topic soon.

  • Created on .

Site refresh

OSA has an updated template and new CMS thanks to Chris. We have plans for a secure data centre pattern shortly, and will be refreshing the site structure and content in the coming months.

Stay tuned.

  • Created on .

Declassified 1970 US DoD cybersecurity document still relevant

Just read a great article on Art Technica covering a 1970 DoD analysis of computer system vulnerabilities...

Flashback: Declassified 1970 US DoD cybersecurity document still relevant

I like it for a couple of reasons, firstly that the analysis is precise and concise, abstracting away the irrelevant items and focussing on the immutable aspects that stay true over time. Secondly that the overview diagram is highly reminiscent of the approach we use at OSA. Judge for yourself :)


DoD vulnerabilities analysis
  • Created on .