Answer & Explanation:Consider the 10 layer model one layer at a time, and think on what threats / security vulnerabilities are present, and what associated protections you would put in place motivated by each layer. For example for layer 1 how would you protect the power, space and cooling assets? Do this for each layer of the model and document / diagram how these protections would be woven into your drone delivery system.I have attached the 10 layer model to reference. Background: Drone delivery services has become an innovative and emerging capability for organizations that either already have existing delivery services or are interested in creating a platform to utilize delivery services. The drone delivery service specifically is a business model that could save organizations money and provide customers with extremely fast delivery solutions. ADS is proposing an IS platform in which organizations could integrate or place on top of their existing POS system that would provide customers with the drone delivery service option. This option would allow customers to get their purchased items in a matter of minutes versus days. As a result, ADS is interested in becoming a pioneer in this market and aims to provide the fastest, safest, and most reliable drone delivery platform on the market. The new system will leverage mapping technologies from Google, positioning technologies from GPS, and real-time order handling technologies.
the10layermodel.pdf
Unformatted Attachment Preview
The 10 Layer Model
Introduction
The 10 Layer Model is a rubric or taxonomy for decomposing an Enterprise or Information System (IS)
into logical layers that can then be further decomposed into logical components within each layer. It
facilitates Architects and their Architecture Management Process as the “Enterprise” Breakdown
Structure for completing a comprehensive view of either the enterprise (i.e., the Enterprise
Architecture) or IS (i.e., systems architecture). It may serve other processes such as the Capital Planning
and Investment Process (CPIC) for mapping budget, spending, and programs/projects as well as the
Operational Configuration Management Process for mapping operational systems and infrastructure
(the as-is baseline configuration). The model can be used recursively, in that each logical component
within a layer can have a resulting 10-layer model used to decompose itself. This is called a fractal view.
The model has been and continues to be developed and matured by the Johns Hopkins University (JHU)
Applied Physics Laboratory (APL) and the National Security Agency (NSA) along with their partners.
Jeffrey Osborn conceived the rudimentary model while working for AT&T in support of the NSA. NSA
first employed it in the fall of 2007 after Mr. Osborn joined APL in their role as Trusted Agent to the NSA.
At that time, NSA had already decided to use layering as a logical way of decomposing the enterprise
and Mr. Osborn, working with a team from NSA operations, development, and Information Technology
(IT) Infrastructure (ITI), proposed using 7 layers to decompose the IT portion of the agency. In the Spring
of 2008, this model was used to assess the interoperability between NSA and its second party partners
with the addition of the top 3 layers, allowing for the linkage of mission and overall operations of an
enterprise to the IT (lower 7 layers). Hence, the 10-layer model came to fruition. The model was then
further enhanced starting in the fall of 2008 when it was used to assess the interoperability between
NSA and their Intelligence Community (IC) partners.
The model was developed using an operations perspective (how the enterprise is operating to satisfy its
mission) but it was recognized early on that there are several other perspectives that can use the model,
to include cross-agency procurement or development, policy setting, and Governance. There are also
aspects of the model that cut across most if not all of the layers, and these are exposed in the model as
“verticals”. Two of the fundamental verticals are Security and Management (or Sustainment). Every
layer will have aspects of these associated with it. One may choose to expose other verticals, such as an
Information vertical to highlight aspects of information at each layer, or a Standards vertical to show
what standards are applicable to each layer.
The power of the model lies in its simplicity and capacity to provide a common language for discussing
enterprises in the context of a community, domains within an enterprise in the context of the overall
enterprise, or ISs in the context of a domain. It becomes the central rubric for entities to map their
respective enterprises, organizations, or ISs in order to facilitate assessments in a larger context. It is
Page 1
most useful to leadership, providing “floor plan and elevation” views of the enterprise or IS to enable
better decision making as opposed to providing detailed “blueprints” to developers for constructing the
enterprise or IS.
Before describing each layer, there are some lexicon aids that will assist in understanding the model. A
layer is a logical grouping of like capabilities, functions, or services within an enterprise or IS. Each layer
exposes capabilities/functions/services to higher layers. Interactions between layers represent the
specification of required capabilities/functions/services levied on a lower layer by an upper layer and
the subsequent exposure of those capabilities to the upper layer by the lower layer. Verticals represent
views that cross many or all layers in order to expose high interest aspects of the model (e.g.,
information, security, and management). “Content” refers to the wide range of operational (mission)
digital asset values (e.g., raw data, information, knowledge, and intelligence) and any transformations of
those values.
Page 2
The 10 Layer Model
10. Operational Objectives and Imperatives
9. Operational Processes and Capabilities
8. Functional Capabilities and People
7. Software Applications and Content (Data)
Management
Security
5. Common Software and Data Services
Information
6. Software Framework Services
4. Computing and Storage Platform Services
3. Network Services
2. Connectivity Services
1. Facility Services
For each layer, the following will be provided:
Definition and Description (the logical components of a particular layer)
What is the rationale for this layer (Why is it important?)
Examples at the Enterprise level
What are the inputs (required capabilities) from a higher level
What are the outputs (services exposed) to a higher level
What are the drivers levied on the lower layer(s) by this layer
What would the fractal view of that layer be (if any)
What are the information aspects
What are the security aspects
What are the management (sustainment) aspects of each layer
Page 3
1. Layer 10 – Operational Objectives and Imperatives
1.1. Definition
This layer represents the compilation and description of operational imperatives from outside
of the enterprise that will drive all of the required capabilities of the lower layers of the model
and can be cited by the lower layers as the reason for providing certain capabilities.
1.2. Rationale
This layer is required to capture the highest level of abstraction (mission and objectives) for the
enterprise that is scoped by the model; and to capture all external drivers on this enterprise.
1.3. Examples
Mission, Vision, Goals and Objectives. Priorities, Mandates, and Policies. Strategic Plan and
CONOP.
1.4. Drivers from higher layer
External drivers (guidance, requirements, environmental). Formal requests for products and
services from the enterprise.
1.5. Services exposed
These operational outcomes of the enterprise are provided back to customers or stakeholders.
1.6. Drivers to lower layer
The concept of operations (CONOPS) is defined at this layer and captures the bulk of the
artifacts at this layer and distills them into a document that both drives the business process
threads at Layer 9 but also provides a view for leadership to understand how the organization
will meet its operational objectives.
1.7. Fractal View
There is no fractal view at this layer.
1.8. Information
Information/Data strategy and policies.
1.9. Security
Security policies and mandates.
1.10.
Management
Governance of the organization to include planning, acquisition, and operations.
2. Layer 9 – Operational Processes and Capabilities
2.1. Definition
This layer represents the compilation and description of operational processes (potentially
segmented into organizational or operational capability areas) that are required to execute the
operational imperatives at layer 10. Essentially this is the instantiation of the CONOPS in
process form, identifying operational activities and exchanges among them at the highest level
of abstraction. A particular end-to-end content flow through the processes is called a thread.
2.2. Rationale
Page 4
2.3.
2.4.
2.5.
2.6.
2.7.
2.8.
2.9.
In large enterprises, this layer is required to capture the large set of operational capabilities and
threads of activities that are need to accomplish the mission and objectives of the enterprise.
Examples
Scenarios and vignettes that expose (illuminate) different aspects of the CONOPS. End-to-end
threads of content flow through activities and between activities (exchanges) within the
enterprise or among this enterprise and an external set of enterprises that instantiate the
CONOPS. The enterprise’s business (mission) processes at a high level. Specific examples
include system requirements, use cases and architectural assumptions that guide the
development of an information system
Drivers from higher layers
The CONOPS is the primary driver for this layer.
Services exposed
A complete set of abstract operational capabilities is provided to Layer 10 that are used to meet
the mission drivers.
Drivers to lower layers
A specification of the required functional capabilities in terms of activities and exchanges.
Fractal View
There is no fractal view per se, but there is the notion of thread or business process
decomposition to shorter and more detailed threads within this layer.
Information
Defining the content (information and data) that will be required to support and enable the
business processes. This is the highest level of abstraction for information and data and is
documented in a data element dictionary.
Security
Oversight of end-to-end processes to ensure compliance with enterprise security policies. Audit
trails for the threads.
2.10.
Management
Mission planning and assessment along with mission execution management. This includes
configuration management, change management, performance management, etc. for threads.
3. Layer 8 – Functional Capabilities and People
3.1. Definition
This layer represents the compilation and description of functional capabilities, activities and
information exchanges that are required to instantiate and complete the threads defined in
Layer 9. These abstract, functional activities and exchanges may be performed by humans at
this layer with or without the assistance of IT; or may be instantiated in IT at the lower layers of
the model. Architectural renderings and models are used to describe and define the
components (capabilities, activities, exchanges, and content) at this layer.
Page 5
3.2. Rationale
This layer is required to capture the set of activities and their interfaces at an abstract or
functional level that are needed to perform the operational capabilities and threads from layer
9, before they are instantiated in IT capabilities in the lower layers of the model.
3.3. Examples
The DoDAF OV-5 Activity Model or the FEA BRM would be possible decompositions of this
layer. This layer is where people are exposed in the enterprise. Paper documents that people
use to exchange information are at this layer.
3.4. Drivers from higher layers
A specification of the required functional capabilities in terms of activities and exchanges.
3.5. Services exposed
A complete set of abstract functional capabilities that are used in Layer 9 to compose threads.
3.6. Drivers to lower layers
The primary driver of this layer to all of the lower layers is the enterprise architecture that
distills all of the required capabilities from Layers 8 through 10 and documents them in a set of
artifacts that can be used by leadership for decision making (“floor plans and elevations”) as
well as program managers and developers for building system and technical capabilities
(“detailed blueprints”). For the information vertical, this layer contains the Content dictionary,
Information Model that drives the content values and formats (Layer 7) and content schemas
(Layer 6). This layer would also provide an “Information” or “Data” Architecture if needed.
3.7. Fractal View
There is no fractal view per se, but there is the notion of activity decomposition to more
detailed activities within this layer.
3.8. Information
At this layer, operational data and information exist in hard copy that can be manipulated
physically by humans. For design and development, this layer is where the information and
data architectures are produced as well as the data models that show relationships between
the abstract data elements defined in layer 9.
3.9. Security
Security roles and responsibilities. Standard security practices as they relate to activities and
exchanges. Security Architecture. Personnel security requirements.
3.10.
Management
Functional capability management. Resource allocation and standard operating procedures.
Management Architecture. Personnel management requirements. Management of the entire
set of Architecture artifacts.
4. Layer 7 – Software Applications and Content
4.1. Definition
Page 6
4.2.
4.3.
4.4.
4.5.
4.6.
This layer represents the compilation of services that represent software applications and the
content with associated format that they use to instantiate the corresponding operational
activities at Layer 8. These services also facilitate human interaction (“user interface”) with IT
where they are enabling an IT-assisted human activity.
Rationale
This layer is required to capture the applications and data that are needed to instantiate the
activities in Layer 8.
Examples
Mission-specific software application services. Enterprise software application services (e.g.,
word processing). These may be instantiated for example as Java Plug-ins. Content, in the form
of digital asset values that populate a database. Common content formats that would allow for
content exchange.
Drivers from higher layers
The primary driver of this layer from Layer 8 is the enterprise architecture that distills all of the
required capabilities from Layers 8 through 10 and documents them in a set of artifacts for
building system and technical capabilities (“detailed blueprints”).
Services exposed
A complete set of system capabilities that instantiate the breadth of automated activities in
Layer 8. This set of “services” that are exposed to humans at layer 8 is unique to each
enterprise and is enumerated by it. APIs are exposed at this layer to other application services.
Drivers to lower layers
The layer 7 application services may require a set of framework services at Layer 6 to decouple
them from the enterprise services at Layer 5. Where framework services are not necessary for
decoupling, then Layer 6 would be collapsed, and a required set of middleware services at
Layer 5 would have to be specified. The specification of those framework and middleware
services would be in the form of technical capability requirements.
4.7. Fractal View
The fractal view of this layer happens when a particular application service is physically
instantiated in software and hardware. For the implementation of this service, layer 10 would
capture the required capabilities of the service, layer 9 would expose the business process and
sequence diagram for the service, layer 8 would expose the components and architecture for
the service, and layer 7 would be the actual code for the service. If the application code
required close-coupling with lower layers, then the fractal view would also potentially expose
layer 6 framework applications, layer 5 middleware services, layer 4 hardware and operating
system, a layer 3 network, layer 2 connectivity, and the resultant power, space, and cooling for
this “stove-piped” application.
4.8. Information
Page 7
The data and information (content) values – or digital assets – exist at this layer since the
applications that manipulate this data exist at this layer. The formats for content values are also
defined at this layer.
4.9. Security
Application service security (e.g., integrity of the service and application code) and content
security (e.g., security labels). Security of user access to IT. Privilege management.
4.10.
Management
Application service management (e.g., adding and removing services from the inventory,
software distribution, patch updates). Content management (“Digital assets management”).
5. Layer 6 – Software Framework Services
5.1. Definition
This layer represents the compilation of operational application software framework services
that provide a platform independent interface (loose coupling) between the Layer 7
applications and the Layer 5 infrastructure services. This layer consists of a common set of
standards and services that enable the evolution and execution of Layer 7 applications, isolated
from Layer 5 infrastructure services.
5.2. Rationale
Through their evolution, applications and their accompanying data have been systematically
abstracted from the services and platforms that they rely on, and they increasingly use
software frameworks that provide them agility and portability. This layer is required to capture
those frameworks.
5.3. Examples
Application frameworks such as J2EE services. The logical schema of a database (e.g.,
specification of rows and columns). A set of framework services such as those provided by
Microsoft Office that allows interoperability among various office automation applications.
Application messaging and bulk exchange frameworks. Provisioning, discovery, broker,
registration, and invocation framework services. Pub/sub topics and queues.
5.4. Drivers from higher layers
Any layer 7-application service may require a set of framework services at Layer 6 to decouple
them from the enterprise services at Layer 5. The specification of those framework services
would be in the form of technical capability requirements.
5.5. Services exposed
A set of standard service calls to the applications services at Layer 7 that implement the
technical capabilities required by Layer 7. Repositories with specific schemas that are exposed
to Layer 7 for content persistence.
5.6. Drivers to lower layers
The Layer 6 framework services may require a set of middleware services at Layer 5 to
decouple them from the platform services at Layer 4. Where middleware services are not
necessary for decoupling, then Layer 5 would be collapsed, and a required set of platform
Page 8
(operating system) services at Layer 4 would have to be specified. The specification of those
middleware and platform services would be in the form of technical capability requirements.
5.7. Fractal View
The fractal view of this layer happens when a particular framework service is physically
instantiated in software and hardware. For the implementation of this service, layer 10 would
capture the required capabilities of the service, layer 9 would expose the business process and
sequence diagram for the service, layer 8 would expose the components and architecture for
the service, and layer 7 would be the actual code for the service. If the application code
required close coupling with lower layers, then the fractal view would also potentially expose
layer 5 middleware services, and layer 4 hardware and operating system services (if any).
5.8. Information
Persistence of the data and information begins at this layer. Therefore, this layer is where the
notion of repositories begins with their associated schemas. This layer defines how the data is
organized to be quickly stored and accessed (e.g., row and column headers in a database). Data
access controls and metadata that is used in indexing the data exists at this layer.
5.9. Security
Framework service security (e.g., integrity of the service and application code of the
framework). Content security labeling service and label checking service. Software-based
content encryption/decryption services for data at rest.
5.10.
Management
Framework service management (e.g., adding and removing framework services from the
inventory, software distribution, patch updates).
6. Layer 5 – Common Software and Data Services
6.1. Definition
This layer represents the compilation of software services, sometimes referred to as
middleware, that are common across the entire enterprise and provided for use by the Layer 6
software frameworks and the Layer 7 applications (in the case of tight coupling).
6.2. Rationale
This layer is required to capture the set of “backend” services (applications) that are provided
enterprise-wide and are used by multiple, mission-specific applications and frameworks. These
enterprise services are typically provided by a different organization than the mission-s …
Purchase answer to see full
attachment
