Cyberpatterns: Unifying Design Patterns with Security, Attack and Forensic Patterns

As knowledge of solutions to recurring design problems, a large number of software design patterns (DP) has been identified, catalogued and formalized in the past decades. Tools have been developed to support the application and recognition of patterns. However, although the notions of pattern in different subject domains carry a great deal of similarity, we are in lack of a general theory that applies to all types of design patterns. This paper is based on our previous work on formalization of OO DPs and an algebra of pattern compositions. We propose a generalization of the approach so that it can be applied to other types of DPs. In particular, a pattern is defined as a set of points in a design space that satisfy certain conditions. Each condition specifies a property of the instances of the pattern in a certain view of the design space. The patterns can then be composed and instantiated through applications of operators defined on patterns. The paper demonstrates the feasibility of the proposed approach by examples of patterns of enterprise security architecture.