Security Issue Detection and Mitigation Patterns for Product Line Resource Variation

ABSTRACT Product Line Engineering (PLE) builds upon an Agile Architectural Pattern—with reusable resources, evolving resource variations, and a standardized interconnect and sustainment infrastructure. Commercial PLE systems attract alternative resource suppliers, such as automotive parts. Defense PLE systems typically result from acquirers encouraging Open System Architectures to enable alternative resource suppliers. Alternative resource suppliers are a major resource variation source in product line engineered systems. Product line engineered systems are systems of systems with potential for complex interactions and unintended emergent behaviors. This article focuses on PLE cyber‐physical‐social system products, the security issues resource variation can introduce, and security patterns for detecting and mitigating these security issues. Resource variations may cause security issues unintentionally, but intentional introduction is also possible by malicious alternative resource suppliers, supply chain interdiction, and insiders. This article assumes malicious intent in resource variation as its security issue base line, as patterns for effective detection and mitigation of malicious variation intent encompass unintentional occurrences.