{ "name": "SecProve Cyber Systems Model (CSM)", "description": "A practitioner-built taxonomy of cybersecurity, AI security, and quantum-era cryptography as a connected system. 50 domains across 5 practitioner-mental-model layers, with typed relationships.", "version": "2.1", "license": "CC BY 4.0 — attribution required. Cite SecProve (https://secprove.com/domains).", "source": "https://secprove.com/domains", "generated_at": "2026-04-23T00:08:03.268Z", "pillars": [ { "code": "A", "name": "Cybersecurity" }, { "code": "B", "name": "Applied AI in Security" }, { "code": "C", "name": "Cybersecurity of AI Systems" }, { "code": "D", "name": "Quantum Technologies & Cybersecurity" } ], "layers": [ { "id": "govern", "number": 1, "name": "Govern & Direct", "short_name": "Govern", "purpose": "Set direction, own risk, shape policy, govern AI/quantum programs, work with people and narrative.", "insight": "Cybersecurity decisions ultimately answer business questions: what are we protecting, what risk are we willing to carry, and who owns the answer when something fails. The govern layer is where those questions get answered — it is the layer that is blamed loudest when an incident exposes a gap nobody owned." }, { "id": "control", "number": 2, "name": "Control Access & Trust", "short_name": "Control", "purpose": "Decide who or what can do what, enforce it cryptographically, constrain AI behaviour.", "insight": "The traditional network perimeter is gone. What's left is a trust fabric — identity, policy, cryptography, and the decisions that keep AI systems inside acceptable behaviour. Get the trust fabric wrong and every other layer inherits the weakness." }, { "id": "build", "number": 3, "name": "Build, Connect & Operate", "short_name": "Build & Run", "purpose": "Build and run the systems — apps, cloud, data, networks, OT, AI infra, supply chain, quantum engineering.", "insight": "This is the engineering layer — the applications, cloud footprint, data stores, networks, OT, mobile estate, supply chain, AI infrastructure, and the quantum-safe engineering that will keep all of it running into the next decade. Most modern compromises land here." }, { "id": "detect", "number": 4, "name": "Detect, Test & Respond", "short_name": "Detect & Respond", "purpose": "Watch, hunt, attack ethically, analyse, and respond — classical and AI.", "insight": "Prevention is incomplete; this is the assume-failure layer. Here SOC analysts work, threat intel meets operational reality, detection engineers craft rules, pentesters and red teams probe, malware analysts reverse engines of compromise, deception traps trip, and incident responders contain what's already inside." }, { "id": "futures", "number": 5, "name": "AI & Quantum Futures", "short_name": "Futures", "purpose": "The emerging stack reshaping cybersecurity from both directions — AI toolkit, AI attack surface, and the quantum transition.", "insight": "AI and quantum aren't replacing the rest of the stack — they're reshaping it. This layer covers the AI-augmented defender toolkit (Pillar B), new AI-target attack surfaces (Pillar C), and the quantum-crypto transition (Pillar D). Filter by pillar to see each dimension in isolation." } ], "relationship_types": [ { "id": "prerequisite", "description": "Subject is a prerequisite for target — target cannot work well without subject in place." }, { "id": "constrains", "description": "Subject sets policy, limits, or requirements for target." }, { "id": "enables", "description": "Subject materially improves or powers target." }, { "id": "coupled", "description": "Subject and target must collaborate operationally during the work." } ], "domains": [ { "id": "a1", "code": "A1", "name": "Governance, Risk & Compliance", "pillar": "A", "pillar_name": "Cybersecurity", "layer": "govern", "layer_number": 1, "layer_name": "Govern & Direct", "affinities": [], "description": "Risk frameworks (NIST RMF, ISO 31000, FAIR), policy development, audit, regulatory compliance, third-party risk.", "why_it_matters": "GRC sets the bar that every other domain has to clear. When a control gap matters to regulators or a board, this is the layer that owns the answer.", "common_mistake": "Treating GRC as paperwork. The frameworks (NIST CSF, ISO 27001, FAIR) only earn their keep when they shape investment decisions, not when they're filed for the audit.", "prerequisite_of": [], "constrains": [ "a2", "a3", "a4", "a5", "a6", "a7", "a9", "a12", "a13", "a14", "a16", "a20", "a23", "a24", "a25", "c4", "d4" ], "enables": [ "a18", "b6", "c7" ], "coupled_with": [] }, { "id": "a2", "code": "A2", "name": "Network Security", "pillar": "A", "pillar_name": "Cybersecurity", "layer": "build", "layer_number": 3, "layer_name": "Build, Connect & Operate", "affinities": [], "description": "Firewalls, IDS/IPS, network segmentation, DNS security, SD-WAN, VPN, traffic analysis, wireless security.", "why_it_matters": "The network is still where lateral movement happens. Segmentation, traffic inspection, and DNS hygiene remain load-bearing controls even in cloud-first organizations.", "common_mistake": "Flat internal networks behind a hardened perimeter. The first compromised endpoint then has line-of-sight to everything.", "prerequisite_of": [ "a14" ], "constrains": [], "enables": [ "a5", "a10", "a11" ], "coupled_with": [ "a24" ] }, { "id": "a3", "code": "A3", "name": "Zero Trust Architecture", "pillar": "A", "pillar_name": "Cybersecurity", "layer": "control", "layer_number": 2, "layer_name": "Control Access & Trust", "affinities": [], "description": "Zero trust principles, micro-segmentation, NIST SP 800-207, ZTNA, continuous verification, BeyondCorp.", "why_it_matters": "Zero Trust is the architectural answer to a perimeter that no longer exists. NIST SP 800-207 codified the model; CISA's Maturity Model gives you a phased adoption path.", "common_mistake": "Buying a product labeled 'Zero Trust' instead of executing the architectural shift. ZTA is a posture, not a SKU.", "prerequisite_of": [], "constrains": [], "enables": [ "a2", "a5", "a4", "a12", "a14", "a24" ], "coupled_with": [] }, { "id": "a4", "code": "A4", "name": "Application Security", "pillar": "A", "pillar_name": "Cybersecurity", "layer": "build", "layer_number": 3, "layer_name": "Build, Connect & Operate", "affinities": [], "description": "OWASP Top 10, secure SDLC, SAST/DAST/IAST, API security, code review, DevSecOps.", "why_it_matters": "Applications are where data lives and business logic runs. The OWASP Top 10 hasn't moved much in years because the same classes of bugs keep landing in new code.", "common_mistake": "Treating AppSec as a gate at the end of the SDLC. By then, the cheap fixes are gone.", "prerequisite_of": [], "constrains": [], "enables": [ "b3", "a9", "a24" ], "coupled_with": [ "a5", "a13" ] }, { "id": "a5", "code": "A5", "name": "Cloud Security", "pillar": "A", "pillar_name": "Cybersecurity", "layer": "build", "layer_number": 3, "layer_name": "Build, Connect & Operate", "affinities": [], "description": "AWS/Azure/GCP security controls, IAM policies, CSPM, container security, shared responsibility model.", "why_it_matters": "Cloud is now the default deployment target. Misconfigurations — not novel exploits — remain the leading cause of cloud breaches because the shared-responsibility line is easy to misread.", "common_mistake": "Defaulting to network thinking in cloud. Most compromises start with identity and policy, not packets.", "prerequisite_of": [ "c6" ], "constrains": [], "enables": [ "a13", "a11" ], "coupled_with": [ "a24" ] }, { "id": "a6", "code": "A6", "name": "Identity & Access Management", "pillar": "A", "pillar_name": "Cybersecurity", "layer": "control", "layer_number": 2, "layer_name": "Control Access & Trust", "affinities": [], "description": "AuthN/AuthZ, SSO, MFA, PAM, RBAC/ABAC, identity governance, FIDO2/passkeys, plus non-human identity: service accounts, workload identity, agent / plugin identities.", "why_it_matters": "Identity is the most-used attack vector in modern incidents. Compromise here turns into compromise everywhere because every layer above trusts what IAM asserts.", "common_mistake": "Strong joiner processes, weak mover/leaver. Stale entitlements accumulate quietly and surface as overprivilege during incidents.", "prerequisite_of": [ "a3", "a5", "a12", "a10", "a11", "a13", "a14", "a19", "a23", "a24", "c6", "c11" ], "constrains": [], "enables": [ "a4", "b3" ], "coupled_with": [ "a7" ] }, { "id": "a7", "code": "A7", "name": "Incident Response & Forensics", "pillar": "A", "pillar_name": "Cybersecurity", "layer": "detect", "layer_number": 4, "layer_name": "Detect, Test & Respond", "affinities": [], "description": "IR playbooks, memory/disk/network forensics, chain of custody, malware analysis.", "why_it_matters": "When prevention fails, response speed and discipline determine impact. The quality of your runbooks shows up in your dwell time and your post-incident report.", "common_mistake": "Tabletops that everyone passes. If nobody's surprised, the scenario was too easy.", "prerequisite_of": [], "constrains": [], "enables": [ "a23" ], "coupled_with": [ "a21" ] }, { "id": "a8", "code": "A8", "name": "Threat Intelligence", "pillar": "A", "pillar_name": "Cybersecurity", "layer": "detect", "layer_number": 4, "layer_name": "Detect, Test & Respond", "affinities": [], "description": "CTI lifecycle, MITRE ATT&CK, IOCs/TTPs, threat modeling (STRIDE, PASTA), STIX/TAXII.", "why_it_matters": "Threat intelligence transforms raw observations about adversaries into decisions: what to detect, what to patch first, who to brief. Without it, every other detection is generic.", "common_mistake": "Subscribing to feeds you don't operationalize. Intel is only useful when it changes a control or a priority.", "prerequisite_of": [], "constrains": [], "enables": [ "a11", "b3", "b5", "a9", "a10", "a19", "a21", "a24", "c5" ], "coupled_with": [] }, { "id": "a9", "code": "A9", "name": "Penetration Testing & Red Teaming", "pillar": "A", "pillar_name": "Cybersecurity", "layer": "detect", "layer_number": 4, "layer_name": "Detect, Test & Respond", "affinities": [], "description": "Methodology (OSSTMM, PTES), web/network/mobile pentesting, social engineering, purple teaming.", "why_it_matters": "Pen testing and red teaming are the most honest assessment of whether controls actually work under pressure. Everything else is theory until someone tries to break it.", "common_mistake": "Scoping engagements to confirm what the security team already believes, instead of probing the assumptions nobody wants tested.", "prerequisite_of": [], "constrains": [], "enables": [ "a4", "b4", "a24" ], "coupled_with": [ "a11", "a19" ] }, { "id": "a10", "code": "A10", "name": "Security Operations", "pillar": "A", "pillar_name": "Cybersecurity", "layer": "detect", "layer_number": 4, "layer_name": "Detect, Test & Respond", "affinities": [], "description": "SOC operations, SIEM tuning, SOAR playbooks, alert triage, log analysis, runbook development.", "why_it_matters": "The 24/7 nerve center of cyber defense. SOC throughput sets the ceiling on how fast the rest of the program can react to anything that gets past prevention.", "common_mistake": "Optimizing for alert volume instead of investigation quality. A SOC drowning in low-signal alerts is the same as no SOC.", "prerequisite_of": [], "constrains": [], "enables": [ "b2" ], "coupled_with": [ "a7", "a11", "a19", "a23", "a24" ] }, { "id": "a11", "code": "A11", "name": "Detection Engineering & Threat Hunting", "pillar": "A", "pillar_name": "Cybersecurity", "layer": "detect", "layer_number": 4, "layer_name": "Detect, Test & Respond", "affinities": [], "description": "SIGMA/YARA/Suricata rule writing, hypothesis-driven hunting, log deep-dives, detection gap analysis.", "why_it_matters": "Detections are the upstream input to every downstream response. Better detections produce better automation; bad detections produce automated noise.", "common_mistake": "Buying detection content from vendors without testing it against your environment's actual telemetry.", "prerequisite_of": [], "constrains": [], "enables": [ "b1", "a10" ], "coupled_with": [ "a7", "a19", "a24" ] }, { "id": "a12", "code": "A12", "name": "Data Security, Privacy & Protection", "pillar": "A", "pillar_name": "Cybersecurity", "layer": "build", "layer_number": 3, "layer_name": "Build, Connect & Operate", "affinities": [], "description": "Data classification, encryption-at-rest/in-transit, DLP, tokenization, privacy-by-design, plus the regulatory stack (GDPR, CCPA, HIPAA) that sets the bar.", "why_it_matters": "Privacy and data protection determine the fines, lawsuits, and customer trust outcomes when something goes wrong. GDPR, CCPA, and HIPAA aren't going to relax.", "common_mistake": "Classifying data once and never revisiting it as the product changes.", "prerequisite_of": [], "constrains": [ "c4", "a4", "a5", "a13" ], "enables": [], "coupled_with": [ "a6", "a23" ] }, { "id": "a13", "code": "A13", "name": "Supply Chain Security", "pillar": "A", "pillar_name": "Cybersecurity", "layer": "build", "layer_number": 3, "layer_name": "Build, Connect & Operate", "affinities": [ "futures" ], "description": "SBOM, vendor risk assessment, software supply chain attacks, dependency management.", "why_it_matters": "SolarWinds, Log4Shell, and the MOVEit chain proved that attackers target the software and vendors you trust. Most of your CVE volume lives in transitive dependencies you didn't write.", "common_mistake": "Maintaining an SBOM nobody uses for prioritization. Without reachability and asset context, an SBOM is just an inventory.", "prerequisite_of": [], "constrains": [], "enables": [ "b3", "a24", "a4" ], "coupled_with": [ "c3" ] }, { "id": "a14", "code": "A14", "name": "OT/ICS Security", "pillar": "A", "pillar_name": "Cybersecurity", "layer": "build", "layer_number": 3, "layer_name": "Build, Connect & Operate", "affinities": [], "description": "SCADA, PLC security, Purdue model, ICS-specific threats, IT/OT convergence, IEC 62443.", "why_it_matters": "OT/ICS security protects the systems that move physical things — power, water, manufacturing. A compromise here can cause physical damage and endanger lives, which changes the calculus of every defense decision.", "common_mistake": "Importing IT security playbooks into OT without accounting for safety, availability, and protocol fragility.", "prerequisite_of": [], "constrains": [], "enables": [], "coupled_with": [ "a7", "a2", "a10", "a11", "a17", "a23" ] }, { "id": "a15", "code": "A15", "name": "Cryptography", "pillar": "A", "pillar_name": "Cybersecurity", "layer": "control", "layer_number": 2, "layer_name": "Control Access & Trust", "affinities": [ "build", "futures" ], "description": "Symmetric/asymmetric, PKI, TLS/SSL, hashing, post-quantum cryptography, key management.", "why_it_matters": "Cryptography underpins every secure communication, transaction, and identity assertion. The algorithms in production today are about to change — see the quantum layer.", "common_mistake": "Crypto choices baked into application code without an inventory or upgrade path. Crypto-agility starts with knowing what you have.", "prerequisite_of": [ "a4", "d2" ], "constrains": [], "enables": [ "a2", "a6", "a3", "a12", "a13", "a14", "a23" ], "coupled_with": [ "d6" ] }, { "id": "a16", "code": "A16", "name": "Mobile & IoT Security", "pillar": "A", "pillar_name": "Cybersecurity", "layer": "build", "layer_number": 3, "layer_name": "Build, Connect & Operate", "affinities": [], "description": "MDM, mobile app vulnerabilities, IoT protocols, firmware analysis, embedded systems security.", "why_it_matters": "Mobile and IoT devices are the largest unmanaged attack surface in most organizations. Firmware that rarely updates, protocols not built for hostile networks.", "common_mistake": "Treating IoT as a procurement problem instead of a network and lifecycle problem.", "prerequisite_of": [], "constrains": [], "enables": [], "coupled_with": [ "a2", "a6", "a11", "a13", "a24" ] }, { "id": "a17", "code": "A17", "name": "Cyber-Electronic Warfare", "pillar": "A", "pillar_name": "Cybersecurity", "layer": "build", "layer_number": 3, "layer_name": "Build, Connect & Operate", "affinities": [], "description": "Converged cyber and EW, spectrum security, GPS/GNSS spoofing, RF attacks, EMP hardening.", "why_it_matters": "Cyber-electronic warfare is where digital attacks meet RF, GPS spoofing, and spectrum operations. Increasingly relevant for critical infrastructure and any organization with field operations.", "common_mistake": "", "prerequisite_of": [], "constrains": [], "enables": [], "coupled_with": [ "a2", "a14", "a22" ] }, { "id": "a18", "code": "A18", "name": "Security Leadership", "pillar": "A", "pillar_name": "Cybersecurity", "layer": "govern", "layer_number": 1, "layer_name": "Govern & Direct", "affinities": [], "description": "Cyber risk quantification, board communication, security program development, budget & ROI.", "why_it_matters": "Security leadership is the discipline of translating threats into board-level decisions and budget into measurable risk reduction. Most programs that fail, fail here.", "common_mistake": "Reporting activity (alerts handled, patches applied) instead of risk (what changed, what didn't).", "prerequisite_of": [], "constrains": [], "enables": [ "a1", "a25", "a20", "c7" ], "coupled_with": [ "a23", "a24" ] }, { "id": "a19", "code": "A19", "name": "Cyber Deception & Active Defense", "pillar": "A", "pillar_name": "Cybersecurity", "layer": "detect", "layer_number": 4, "layer_name": "Detect, Test & Respond", "affinities": [], "description": "Honeypots, honeytokens, canary tokens, deception platforms, moving target defense, MITRE D3FEND, adversary engagement.", "why_it_matters": "Cyber deception flips the asymmetry. Any interaction with a canary token or honeypot is a guaranteed alert with high fidelity — exactly what's missing from most SOC queues.", "common_mistake": "Deploying canaries without a clear ownership model for what happens when they trip.", "prerequisite_of": [], "constrains": [], "enables": [], "coupled_with": [ "a10", "a7", "a11", "a8" ] }, { "id": "a20", "code": "A20", "name": "Security Awareness & Human Factors", "pillar": "A", "pillar_name": "Cybersecurity", "layer": "govern", "layer_number": 1, "layer_name": "Govern & Direct", "affinities": [], "description": "Phishing simulation, security culture measurement, behavioral psychology, insider threat programs, social engineering defense training.", "why_it_matters": "People are the largest attack surface and the strongest sensor. The 2023 MGM and Caesars vishing incidents both turned on a single help-desk decision.", "common_mistake": "Annual click-through training that ages out within months. Quarterly with topical refreshers actually changes behavior.", "prerequisite_of": [], "constrains": [], "enables": [ "a6", "b4", "a10" ], "coupled_with": [ "a7", "c9" ] }, { "id": "a21", "code": "A21", "name": "Malware Analysis & Reverse Engineering", "pillar": "A", "pillar_name": "Cybersecurity", "layer": "detect", "layer_number": 4, "layer_name": "Detect, Test & Respond", "affinities": [], "description": "Static/dynamic analysis, sandbox analysis, assembly/disassembly, packer analysis, YARA rules, malware family classification.", "why_it_matters": "Malware analysis turns adversary capabilities into IOCs, detection content, and attribution. A specialized skill that powers threat intel and detection engineering.", "common_mistake": "", "prerequisite_of": [], "constrains": [], "enables": [], "coupled_with": [ "a8", "a11", "a7" ] }, { "id": "a22", "code": "A22", "name": "Information Operations & Cognitive Security", "pillar": "A", "pillar_name": "Cybersecurity", "layer": "govern", "layer_number": 1, "layer_name": "Govern & Direct", "affinities": [], "description": "Influence operations, cognitive warfare, counter-intelligence, OSINT/SOCMINT, PSYOP/MISO, foreign malign influence, hack-and-leak operations, narrative warfare, DISARM framework.", "why_it_matters": "Information operations are now part of the cyber threat surface — narrative attacks influence insider behavior, partner trust, and incident escalation.", "common_mistake": "", "prerequisite_of": [], "constrains": [], "enables": [ "a20" ], "coupled_with": [ "c10", "a8" ] }, { "id": "a23", "code": "A23", "name": "Recovery, Resilience & Cyber Recovery", "pillar": "A", "pillar_name": "Cybersecurity", "layer": "detect", "layer_number": 4, "layer_name": "Detect, Test & Respond", "affinities": [ "build" ], "description": "Backup integrity, immutable snapshots, cyber-recovery vaults, restore orchestration, BCM/DR, tabletop exercises, ransom-scenario restoration drills.", "why_it_matters": "CSF 2.0 keeps Recover as its own function because restoring compromised environments without re-inheriting the compromise is a distinct design problem. Immutable backups, integrity verification, and rehearsed cutovers are the operational core of ransomware resilience.", "common_mistake": "Backups that pass restore tests but have never been exercised against a compromised source. 'Our backups work' and 'we can recover from ransomware' are different claims.", "prerequisite_of": [], "constrains": [], "enables": [], "coupled_with": [ "a7", "d6", "a18", "a10" ] }, { "id": "a24", "code": "A24", "name": "Exposure Management & Attack Surface", "pillar": "A", "pillar_name": "Cybersecurity", "layer": "detect", "layer_number": 4, "layer_name": "Detect, Test & Respond", "affinities": [], "description": "External attack-surface management (EASM), cyber asset attack-surface management (CAASM), continuous threat exposure management (CTEM), attack-path analysis, validation, and remediation orchestration.", "why_it_matters": "Exposure management has separated from classic vulnerability scanning as practitioners realized that asset visibility, attack-path context, and validation matter more than CVE counts. CAASM/EASM/CTEM are now distinct practice areas with their own tooling and workflows.", "common_mistake": "Counting findings instead of counting reachable-and-exploitable findings on critical assets. The metric that matters is what an attacker could actually do next.", "prerequisite_of": [], "constrains": [], "enables": [ "a4", "a9", "a10" ], "coupled_with": [ "b3", "a5", "a11", "a13", "a16" ] }, { "id": "a25", "code": "A25", "name": "Security Architecture & Engineering", "pillar": "A", "pillar_name": "Cybersecurity", "layer": "build", "layer_number": 3, "layer_name": "Build, Connect & Operate", "affinities": [ "control", "govern" ], "description": "Reference architectures, control frameworks (NIST SP 800-53, CIS Controls), secure-by-design patterns, threat modeling, trust-boundary design, technology standards.", "why_it_matters": "Architecture is where identity, crypto, network, cloud, and data primitives get composed into a defensible whole. CISSP, CCSP, zero-trust literature, and cloud reference architectures all treat architecture as its own specialty — not an implicit sub-skill of AppSec or Cloud.", "common_mistake": "Mistaking a vendor stack for an architecture. Tools implement patterns; architecture decides which patterns to implement.", "prerequisite_of": [], "constrains": [], "enables": [ "a3", "a5", "a2", "a4", "a6", "a10", "a14", "a23", "a24", "c6" ], "coupled_with": [ "a18", "a1" ] }, { "id": "b1", "code": "B1", "name": "AI-Powered Threat Detection", "pillar": "B", "pillar_name": "Applied AI in Security", "layer": "futures", "layer_number": 5, "layer_name": "AI & Quantum Futures", "affinities": [], "description": "ML-based anomaly detection, UEBA, network traffic analysis, deep learning for malware.", "why_it_matters": "ML-based detection finds threats that signature-based tools miss — anomalies in massive data volumes, novel malware variants, behavioral patterns at scale.", "common_mistake": "Deploying ML detection without a feedback loop. Models drift; without analyst-correction signals flowing back, accuracy degrades quietly.", "prerequisite_of": [], "constrains": [], "enables": [ "b2" ], "coupled_with": [ "a11", "c1" ] }, { "id": "b2", "code": "B2", "name": "AI-Driven Security Automation", "pillar": "B", "pillar_name": "Applied AI in Security", "layer": "futures", "layer_number": 5, "layer_name": "AI & Quantum Futures", "affinities": [], "description": "SOAR + AI, automated triage, AI copilots for analysts, automated incident response.", "why_it_matters": "AI-driven automation is how SOCs match the tempo of AI-augmented adversaries. Trust calibration and autonomy-tier policy decide whether the automation helps or just hides noise.", "common_mistake": "Letting the platform auto-block customer-facing infrastructure during low-confidence alerts. Match autonomy to business reversibility, not just technical confidence.", "prerequisite_of": [], "constrains": [], "enables": [ "a7" ], "coupled_with": [ "a10", "c8" ] }, { "id": "b3", "code": "B3", "name": "AI for Vulnerability Management", "pillar": "B", "pillar_name": "Applied AI in Security", "layer": "futures", "layer_number": 5, "layer_name": "AI & Quantum Futures", "affinities": [], "description": "AI-assisted code review, predictive vulnerability prioritization (EPSS), automated patch assessment.", "why_it_matters": "AI changed both ends of vulnerability management — discovery (Mythos, Codex Security) and prioritization (EPSS, KEV, reachability). The window between 'vulnerability exists' and 'being exploited' is now hours, not weeks.", "common_mistake": "Patching by CVE count. The metric that matters is exploitable-and-reachable-on-a-critical-asset.", "prerequisite_of": [], "constrains": [], "enables": [ "a4", "b4", "a10" ], "coupled_with": [ "a13", "a24" ] }, { "id": "b4", "code": "B4", "name": "AI in Offensive Security", "pillar": "B", "pillar_name": "Applied AI in Security", "layer": "futures", "layer_number": 5, "layer_name": "AI & Quantum Futures", "affinities": [], "description": "AI-assisted pentesting, automated recon, AI-generated phishing/social engineering, deepfake attacks.", "why_it_matters": "Defenders can't model threats they don't believe exist. MGM, Arup, Retool, and the Mythos restricted release are all calibration data for the cost curve of AI-augmented attacks.", "common_mistake": "Assuming the lure will look obviously fake. Modern AI-generated phishing reads like competent corporate writing.", "prerequisite_of": [], "constrains": [], "enables": [ "a9", "b3" ], "coupled_with": [ "a20", "c9", "a8", "a22" ] }, { "id": "b5", "code": "B5", "name": "AI for Threat Intelligence", "pillar": "B", "pillar_name": "Applied AI in Security", "layer": "futures", "layer_number": 5, "layer_name": "AI & Quantum Futures", "affinities": [], "description": "NLP for threat reports, automated IOC extraction, AI-generated threat briefs, predictive modeling.", "why_it_matters": "Threat intel volume far exceeds human processing capacity. NLP, knowledge graphs, and LLM summarization turn the flood into actionable briefs without scaling the team linearly.", "common_mistake": "", "prerequisite_of": [], "constrains": [], "enables": [ "a7", "a11", "a10" ], "coupled_with": [ "a8", "a22" ] }, { "id": "b6", "code": "B6", "name": "AI for GRC & Compliance", "pillar": "B", "pillar_name": "Applied AI in Security", "layer": "futures", "layer_number": 5, "layer_name": "AI & Quantum Futures", "affinities": [], "description": "AI-assisted audit, automated policy mapping, AI-driven risk scoring, compliance monitoring.", "why_it_matters": "Continuous compliance is finally tractable when an LLM can map controls, summarize evidence, and flag drift. GRC stops being a quarterly photo and starts being a live signal.", "common_mistake": "", "prerequisite_of": [], "constrains": [], "enables": [ "a1", "c7", "a18", "a24" ], "coupled_with": [] }, { "id": "b7", "code": "B7", "name": "AI Security Tool Landscape", "pillar": "B", "pillar_name": "Applied AI in Security", "layer": "futures", "layer_number": 5, "layer_name": "AI & Quantum Futures", "affinities": [], "description": "AI-powered security tools — evaluation criteria, integration patterns, and comparative analysis.", "why_it_matters": "The AI-security tool market is growing faster than buyers can evaluate it. This domain is the literacy layer — knowing what's real capability vs. AI-washing.", "common_mistake": "", "prerequisite_of": [], "constrains": [], "enables": [ "a18" ], "coupled_with": [ "b1", "b2", "b3", "b4", "b5" ] }, { "id": "b8", "code": "B8", "name": "Prompt Engineering for Security", "pillar": "B", "pillar_name": "Applied AI in Security", "layer": "futures", "layer_number": 5, "layer_name": "AI & Quantum Futures", "affinities": [], "description": "Using LLMs for log analysis, writing detection rules with AI assistance, AI-assisted OSINT, prompt design for security workflows.", "why_it_matters": "Prompt engineering is now a working skill for analysts. Quality of LLM-driven log analysis, detection drafting, and OSINT depends almost entirely on the prompt and the data layer below it.", "common_mistake": "", "prerequisite_of": [], "constrains": [], "enables": [ "a10", "a11", "b5", "a8", "b3" ], "coupled_with": [] }, { "id": "c1", "code": "C1", "name": "Adversarial Machine Learning", "pillar": "C", "pillar_name": "Cybersecurity of AI Systems", "layer": "futures", "layer_number": 5, "layer_name": "AI & Quantum Futures", "affinities": [], "description": "Evasion attacks, poisoning attacks, model extraction, membership inference, model inversion, gradient-based attacks.", "why_it_matters": "Adversarial ML is the foundation discipline for understanding how attackers fool, steal, or corrupt the models you ship. Evasion, poisoning, extraction, inversion — distinct failure modes, each with its own defense.", "common_mistake": "", "prerequisite_of": [ "c2" ], "constrains": [], "enables": [ "c3", "c5", "b1", "c8" ], "coupled_with": [ "c4" ] }, { "id": "c2", "code": "C2", "name": "LLM-Specific Attacks", "pillar": "C", "pillar_name": "Cybersecurity of AI Systems", "layer": "futures", "layer_number": 5, "layer_name": "AI & Quantum Futures", "affinities": [ "detect" ], "description": "Prompt injection (direct & indirect), jailbreaking, prompt leaking, training data extraction, hallucination exploitation, agent manipulation.", "why_it_matters": "Prompt injection, jailbreaking, training-data extraction — LLMs introduced an entire class of vulnerabilities that traditional AppSec wasn't designed to handle.", "common_mistake": "Trusting the system prompt to enforce policy. Indirect prompt injection through any untrusted text is the bypass.", "prerequisite_of": [], "constrains": [], "enables": [], "coupled_with": [ "c5", "c8", "c11" ] }, { "id": "c3", "code": "C3", "name": "AI Supply Chain Security", "pillar": "C", "pillar_name": "Cybersecurity of AI Systems", "layer": "build", "layer_number": 3, "layer_name": "Build, Connect & Operate", "affinities": [ "futures" ], "description": "Model provenance, dataset poisoning, Hugging Face risks, ML library vulnerabilities, trojanized models.", "why_it_matters": "Models you didn't train and datasets you didn't curate are now in your supply chain. Backdoored models on Hugging Face, poisoned datasets, vulnerable ML libraries — same supply-chain problem, new substrate.", "common_mistake": "", "prerequisite_of": [], "constrains": [], "enables": [ "c4", "c1" ], "coupled_with": [ "c6" ] }, { "id": "c4", "code": "C4", "name": "AI Data Security", "pillar": "C", "pillar_name": "Cybersecurity of AI Systems", "layer": "build", "layer_number": 3, "layer_name": "Build, Connect & Operate", "affinities": [ "futures" ], "description": "Training data poisoning, PII leakage from models, differential privacy, federated learning security.", "why_it_matters": "Models memorize. Training data extraction is now a real attack. Differential privacy and federated learning are the durable answers, not after-the-fact filtering.", "common_mistake": "", "prerequisite_of": [], "constrains": [], "enables": [ "c1", "c5" ], "coupled_with": [ "a12" ] }, { "id": "c5", "code": "C5", "name": "AI Red Teaming", "pillar": "C", "pillar_name": "Cybersecurity of AI Systems", "layer": "detect", "layer_number": 4, "layer_name": "Detect, Test & Respond", "affinities": [ "futures" ], "description": "AI system threat modeling, red teaming methodology for LLMs (OWASP Top 10 for LLMs), automated red teaming tools, evaluation frameworks.", "why_it_matters": "Red teaming AI systems is how you find failure modes before launch. The OWASP Top 10 for LLMs gives you a starting taxonomy; structured evaluation gives you defensible coverage.", "common_mistake": "", "prerequisite_of": [], "constrains": [], "enables": [ "c8", "b4" ], "coupled_with": [ "c2", "c11" ] }, { "id": "c6", "code": "C6", "name": "AI Infrastructure Security", "pillar": "C", "pillar_name": "Cybersecurity of AI Systems", "layer": "build", "layer_number": 3, "layer_name": "Build, Connect & Operate", "affinities": [ "futures" ], "description": "GPU cluster security, ML pipeline security, model serving endpoints, secrets management in ML.", "why_it_matters": "The platforms that train and serve AI have unique security needs — multi-tenant GPU isolation, pipeline integrity, secrets in ML workflows. Traditional cloud security misses most of this.", "common_mistake": "", "prerequisite_of": [ "b1", "b2", "b3", "b4", "b5" ], "constrains": [], "enables": [], "coupled_with": [ "a5" ] }, { "id": "c7", "code": "C7", "name": "AI Governance & Risk", "pillar": "C", "pillar_name": "Cybersecurity of AI Systems", "layer": "govern", "layer_number": 1, "layer_name": "Govern & Direct", "affinities": [ "futures" ], "description": "EU AI Act compliance, NIST AI RMF, AI risk assessment, model cards, algorithmic auditing, AI incident response.", "why_it_matters": "EU AI Act compliance, NIST AI RMF, model cards, algorithmic auditing. AI governance is moving from voluntary frameworks to enforced regulation faster than most legal teams expected.", "common_mistake": "", "prerequisite_of": [], "constrains": [ "c1", "c3", "c4", "c5", "c6", "c8", "c11" ], "enables": [ "b6" ], "coupled_with": [ "a12" ] }, { "id": "c8", "code": "C8", "name": "AI Safety & Alignment", "pillar": "C", "pillar_name": "Cybersecurity of AI Systems", "layer": "control", "layer_number": 2, "layer_name": "Control Access & Trust", "affinities": [ "futures" ], "description": "Guardrails, content filtering bypass, model monitoring, drift detection, output control.", "why_it_matters": "Guardrails, output monitoring, drift detection. The discipline of keeping increasingly capable systems doing what they're supposed to do — and catching when they don't.", "common_mistake": "", "prerequisite_of": [], "constrains": [], "enables": [ "b2", "b4" ], "coupled_with": [ "c2", "c11" ] }, { "id": "c9", "code": "C9", "name": "Deepfakes & Synthetic Media", "pillar": "C", "pillar_name": "Cybersecurity of AI Systems", "layer": "futures", "layer_number": 5, "layer_name": "AI & Quantum Futures", "affinities": [], "description": "Deepfake detection, synthetic voice/video attacks, identity verification bypass, C2PA standards.", "why_it_matters": "Deepfake fraud is now a reproducible attack pattern with a track record (Arup, Retool). Provenance standards like C2PA help where present; process changes carry the rest.", "common_mistake": "", "prerequisite_of": [], "constrains": [], "enables": [ "a7" ], "coupled_with": [ "a20", "a22", "c10" ] }, { "id": "c10", "code": "C10", "name": "AI-Enabled Disinformation", "pillar": "C", "pillar_name": "Cybersecurity of AI Systems", "layer": "futures", "layer_number": 5, "layer_name": "AI & Quantum Futures", "affinities": [], "description": "Bot networks, AI-generated propaganda, influence operations, detection methods.", "why_it_matters": "AI-generated propaganda at scale is a cybersecurity problem when narratives drive insider behavior, partner trust, or board response.", "common_mistake": "", "prerequisite_of": [], "constrains": [], "enables": [ "b4" ], "coupled_with": [ "a22" ] }, { "id": "c11", "code": "C11", "name": "Agentic AI Security", "pillar": "C", "pillar_name": "Cybersecurity of AI Systems", "layer": "control", "layer_number": 2, "layer_name": "Control Access & Trust", "affinities": [ "detect" ], "description": "Agent architectures & threat surface, tool/action security, delegation & permission escalation, memory & context poisoning, multi-agent system security.", "why_it_matters": "Agentic AI systems take actions in the world — tool use, delegation chains, persistent memory. The attack surface is permission escalation, memory poisoning, and inter-agent trust, and most organizations haven't threat-modeled any of it.", "common_mistake": "", "prerequisite_of": [], "constrains": [], "enables": [ "b2" ], "coupled_with": [ "c2", "a6", "a24" ] }, { "id": "d1", "code": "D1", "name": "Quantum Computing Fundamentals", "pillar": "D", "pillar_name": "Quantum Technologies & Cybersecurity", "layer": "futures", "layer_number": 5, "layer_name": "AI & Quantum Futures", "affinities": [], "description": "Qubits, superposition, entanglement, Shor's algorithm, Grover's algorithm, cryptographic impact.", "why_it_matters": "Understanding qubits, superposition, and Shor's algorithm well enough to brief leadership and defend the migration timeline against 'quantum is decades away' pushback.", "common_mistake": "", "prerequisite_of": [], "constrains": [], "enables": [ "d2", "d3", "d5" ], "coupled_with": [ "a18" ] }, { "id": "d2", "code": "D2", "name": "Post-Quantum Cryptography", "pillar": "D", "pillar_name": "Quantum Technologies & Cybersecurity", "layer": "futures", "layer_number": 5, "layer_name": "AI & Quantum Futures", "affinities": [ "build" ], "description": "NIST PQC standards (ML-KEM, ML-DSA, SLH-DSA), crypto agility, PQC migration planning.", "why_it_matters": "NIST has standardized post-quantum algorithms (ML-KEM, ML-DSA, SLH-DSA — FIPS 203/204/205). Migration is the practical work: inventory, prioritization, and crypto-agility.", "common_mistake": "", "prerequisite_of": [], "constrains": [], "enables": [], "coupled_with": [ "d4", "d6" ] }, { "id": "d3", "code": "D3", "name": "Quantum Threats to Existing Systems", "pillar": "D", "pillar_name": "Quantum Technologies & Cybersecurity", "layer": "futures", "layer_number": 5, "layer_name": "AI & Quantum Futures", "affinities": [], "description": "Harvest Now Decrypt Later, PKI impact, protocol vulnerabilities, critical infrastructure risk.", "why_it_matters": "Harvest-now-decrypt-later means adversaries are collecting encrypted data today to decrypt once quantum matures. Long-lived secrets are vulnerable now, not 'when quantum arrives.'", "common_mistake": "", "prerequisite_of": [ "d2" ], "constrains": [], "enables": [ "d4" ], "coupled_with": [ "a15", "a18" ] }, { "id": "d4", "code": "D4", "name": "Quantum-Safe Compliance", "pillar": "D", "pillar_name": "Quantum Technologies & Cybersecurity", "layer": "govern", "layer_number": 1, "layer_name": "Govern & Direct", "affinities": [ "futures" ], "description": "NSA CNSA 2.0, NIST FIPS 203/204/205, OMB M-23-02, ETSI QSC, quantum readiness.", "why_it_matters": "NSA CNSA 2.0, OMB M-23-02, ETSI QSC. The regulatory push is setting timelines that most organizations are not yet planning against.", "common_mistake": "", "prerequisite_of": [], "constrains": [ "a15", "d2", "d6" ], "enables": [ "a1" ], "coupled_with": [] }, { "id": "d5", "code": "D5", "name": "Quantum Networking & Communication", "pillar": "D", "pillar_name": "Quantum Technologies & Cybersecurity", "layer": "build", "layer_number": 3, "layer_name": "Build, Connect & Operate", "affinities": [ "futures" ], "description": "Quantum Key Distribution, QKD limitations, QRNG, deployed quantum networks.", "why_it_matters": "Quantum Key Distribution and QRNG offer physics-based security guarantees, with practical limitations on cost, distance, and integration. Useful for specific use cases, not a universal answer.", "common_mistake": "", "prerequisite_of": [], "constrains": [], "enables": [], "coupled_with": [ "a2", "a15", "d6" ] }, { "id": "d6", "code": "D6", "name": "Quantum Security Engineering", "pillar": "D", "pillar_name": "Quantum Technologies & Cybersecurity", "layer": "build", "layer_number": 3, "layer_name": "Build, Connect & Operate", "affinities": [ "futures", "control" ], "description": "Quantum computer security, side-channels, quantum ML security, quantum-safe architecture.", "why_it_matters": "Quantum security engineering is the operational work — inventorying cryptographic dependencies, designing crypto-agile architectures, and executing migration without breaking production.", "common_mistake": "", "prerequisite_of": [], "constrains": [], "enables": [ "d2" ], "coupled_with": [ "a15", "a23", "a25" ] } ], "edges": [ { "from": "a1", "to": "a2", "type": "constrains" }, { "from": "a1", "to": "a3", "type": "constrains" }, { "from": "a1", "to": "a4", "type": "constrains" }, { "from": "a1", "to": "a5", "type": "constrains" }, { "from": "a1", "to": "a6", "type": "constrains" }, { "from": "a1", "to": "a7", "type": "constrains" }, { "from": "a1", "to": "a9", "type": "constrains" }, { "from": "a1", "to": "a12", "type": "constrains" }, { "from": "a1", "to": "a13", "type": "constrains" }, { "from": "a1", "to": "a14", "type": "constrains" }, { "from": "a1", "to": "a16", "type": "constrains" }, { "from": "a1", "to": "a20", "type": "constrains" }, { "from": "a1", "to": "a23", "type": "constrains" }, { "from": "a1", "to": "a24", "type": "constrains" }, { "from": "a1", "to": "a25", "type": "constrains" }, { "from": "a1", "to": "c4", "type": "constrains" }, { "from": "a1", "to": "a18", "type": "enables" }, { "from": "a1", "to": "b6", "type": "enables" }, { "from": "a1", "to": "c7", "type": "enables" }, { "from": "a1", "to": "d4", "type": "constrains" }, { "from": "a2", "to": "a14", "type": "prerequisite" }, { "from": "a2", "to": "a5", "type": "enables" }, { "from": "a2", "to": "a10", "type": "enables" }, { "from": "a2", "to": "a11", "type": "enables" }, { "from": "a2", "to": "a24", "type": "coupled" }, { "from": "a3", "to": "a2", "type": "enables" }, { "from": "a3", "to": "a5", "type": "enables" }, { "from": "a3", "to": "a4", "type": "enables" }, { "from": "a3", "to": "a12", "type": "enables" }, { "from": "a3", "to": "a14", "type": "enables" }, { "from": "a3", "to": "a24", "type": "enables" }, { "from": "a4", "to": "a5", "type": "coupled" }, { "from": "a4", "to": "b3", "type": "enables" }, { "from": "a4", "to": "a9", "type": "enables" }, { "from": "a4", "to": "a24", "type": "enables" }, { "from": "a4", "to": "a13", "type": "coupled" }, { "from": "a5", "to": "a13", "type": "enables" }, { "from": "a5", "to": "c6", "type": "prerequisite" }, { "from": "a5", "to": "a11", "type": "enables" }, { "from": "a5", "to": "a24", "type": "coupled" }, { "from": "a6", "to": "a3", "type": "prerequisite" }, { "from": "a6", "to": "a5", "type": "prerequisite" }, { "from": "a6", "to": "a4", "type": "enables" }, { "from": "a6", "to": "a12", "type": "prerequisite" }, { "from": "a6", "to": "a7", "type": "coupled" }, { "from": "a6", "to": "a10", "type": "prerequisite" }, { "from": "a6", "to": "a11", "type": "prerequisite" }, { "from": "a6", "to": "a13", "type": "prerequisite" }, { "from": "a6", "to": "a14", "type": "prerequisite" }, { "from": "a6", "to": "a19", "type": "prerequisite" }, { "from": "a6", "to": "a23", "type": "prerequisite" }, { "from": "a6", "to": "a24", "type": "prerequisite" }, { "from": "a6", "to": "c6", "type": "prerequisite" }, { "from": "a6", "to": "c11", "type": "prerequisite" }, { "from": "a6", "to": "b3", "type": "enables" }, { "from": "a7", "to": "a23", "type": "enables" }, { "from": "a7", "to": "a21", "type": "coupled" }, { "from": "a8", "to": "a11", "type": "enables" }, { "from": "a8", "to": "b3", "type": "enables" }, { "from": "a8", "to": "b5", "type": "enables" }, { "from": "a8", "to": "a9", "type": "enables" }, { "from": "a8", "to": "a10", "type": "enables" }, { "from": "a8", "to": "a19", "type": "enables" }, { "from": "a8", "to": "a21", "type": "enables" }, { "from": "a8", "to": "a24", "type": "enables" }, { "from": "a8", "to": "c5", "type": "enables" }, { "from": "a9", "to": "a4", "type": "enables" }, { "from": "a9", "to": "a11", "type": "coupled" }, { "from": "a9", "to": "b4", "type": "enables" }, { "from": "a9", "to": "a24", "type": "enables" }, { "from": "a9", "to": "a19", "type": "coupled" }, { "from": "a10", "to": "a7", "type": "coupled" }, { "from": "a10", "to": "a11", "type": "coupled" }, { "from": "a10", "to": "b2", "type": "enables" }, { "from": "a10", "to": "a19", "type": "coupled" }, { "from": "a10", "to": "a23", "type": "coupled" }, { "from": "a10", "to": "a24", "type": "coupled" }, { "from": "a11", "to": "a7", "type": "coupled" }, { "from": "a11", "to": "b1", "type": "enables" }, { "from": "a11", "to": "a10", "type": "enables" }, { "from": "a11", "to": "a19", "type": "coupled" }, { "from": "a11", "to": "a24", "type": "coupled" }, { "from": "a12", "to": "c4", "type": "constrains" }, { "from": "a12", "to": "a4", "type": "constrains" }, { "from": "a12", "to": "a5", "type": "constrains" }, { "from": "a12", "to": "a13", "type": "constrains" }, { "from": "a12", "to": "a6", "type": "coupled" }, { "from": "a12", "to": "a23", "type": "coupled" }, { "from": "a13", "to": "b3", "type": "enables" }, { "from": "a13", "to": "c3", "type": "coupled" }, { "from": "a13", "to": "a24", "type": "enables" }, { "from": "a13", "to": "a4", "type": "enables" }, { "from": "a14", "to": "a7", "type": "coupled" }, { "from": "a14", "to": "a2", "type": "coupled" }, { "from": "a14", "to": "a10", "type": "coupled" }, { "from": "a14", "to": "a11", "type": "coupled" }, { "from": "a14", "to": "a17", "type": "coupled" }, { "from": "a14", "to": "a23", "type": "coupled" }, { "from": "a15", "to": "a2", "type": "enables" }, { "from": "a15", "to": "a4", "type": "prerequisite" }, { "from": "a15", "to": "a6", "type": "enables" }, { "from": "a15", "to": "d2", "type": "prerequisite" }, { "from": "a15", "to": "d6", "type": "coupled" }, { "from": "a15", "to": "a3", "type": "enables" }, { "from": "a15", "to": "a12", "type": "enables" }, { "from": "a15", "to": "a13", "type": "enables" }, { "from": "a15", "to": "a14", "type": "enables" }, { "from": "a15", "to": "a23", "type": "enables" }, { "from": "a16", "to": "a2", "type": "coupled" }, { "from": "a16", "to": "a6", "type": "coupled" }, { "from": "a16", "to": "a11", "type": "coupled" }, { "from": "a16", "to": "a13", "type": "coupled" }, { "from": "a16", "to": "a24", "type": "coupled" }, { "from": "a17", "to": "a2", "type": "coupled" }, { "from": "a17", "to": "a14", "type": "coupled" }, { "from": "a17", "to": "a22", "type": "coupled" }, { "from": "a18", "to": "a1", "type": "enables" }, { "from": "a18", "to": "a25", "type": "enables" }, { "from": "a18", "to": "a20", "type": "enables" }, { "from": "a18", "to": "c7", "type": "enables" }, { "from": "a18", "to": "a23", "type": "coupled" }, { "from": "a18", "to": "a24", "type": "coupled" }, { "from": "a19", "to": "a10", "type": "coupled" }, { "from": "a19", "to": "a7", "type": "coupled" }, { "from": "a19", "to": "a11", "type": "coupled" }, { "from": "a19", "to": "a8", "type": "coupled" }, { "from": "a20", "to": "a6", "type": "enables" }, { "from": "a20", "to": "a7", "type": "coupled" }, { "from": "a20", "to": "b4", "type": "enables" }, { "from": "a20", "to": "a10", "type": "enables" }, { "from": "a20", "to": "c9", "type": "coupled" }, { "from": "a21", "to": "a8", "type": "coupled" }, { "from": "a21", "to": "a11", "type": "coupled" }, { "from": "a21", "to": "a7", "type": "coupled" }, { "from": "a22", "to": "a20", "type": "enables" }, { "from": "a22", "to": "c10", "type": "coupled" }, { "from": "a22", "to": "a8", "type": "coupled" }, { "from": "a23", "to": "a7", "type": "coupled" }, { "from": "a23", "to": "d6", "type": "coupled" }, { "from": "a23", "to": "a18", "type": "coupled" }, { "from": "a23", "to": "a10", "type": "coupled" }, { "from": "a24", "to": "a4", "type": "enables" }, { "from": "a24", "to": "a9", "type": "enables" }, { "from": "a24", "to": "b3", "type": "coupled" }, { "from": "a24", "to": "a10", "type": "enables" }, { "from": "a24", "to": "a5", "type": "coupled" }, { "from": "a24", "to": "a11", "type": "coupled" }, { "from": "a24", "to": "a13", "type": "coupled" }, { "from": "a24", "to": "a16", "type": "coupled" }, { "from": "a25", "to": "a3", "type": "enables" }, { "from": "a25", "to": "a5", "type": "enables" }, { "from": "a25", "to": "a2", "type": "enables" }, { "from": "a25", "to": "a4", "type": "enables" }, { "from": "a25", "to": "a18", "type": "coupled" }, { "from": "a25", "to": "a6", "type": "enables" }, { "from": "a25", "to": "a10", "type": "enables" }, { "from": "a25", "to": "a14", "type": "enables" }, { "from": "a25", "to": "a23", "type": "enables" }, { "from": "a25", "to": "a24", "type": "enables" }, { "from": "a25", "to": "c6", "type": "enables" }, { "from": "a25", "to": "a1", "type": "coupled" }, { "from": "b1", "to": "b2", "type": "enables" }, { "from": "b1", "to": "a11", "type": "coupled" }, { "from": "b1", "to": "c1", "type": "coupled" }, { "from": "b2", "to": "a7", "type": "enables" }, { "from": "b2", "to": "a10", "type": "coupled" }, { "from": "b2", "to": "c8", "type": "coupled" }, { "from": "b3", "to": "a4", "type": "enables" }, { "from": "b3", "to": "b4", "type": "enables" }, { "from": "b3", "to": "a13", "type": "coupled" }, { "from": "b3", "to": "a24", "type": "coupled" }, { "from": "b3", "to": "a10", "type": "enables" }, { "from": "b4", "to": "a9", "type": "enables" }, { "from": "b4", "to": "a20", "type": "coupled" }, { "from": "b4", "to": "b3", "type": "enables" }, { "from": "b4", "to": "c9", "type": "coupled" }, { "from": "b4", "to": "a8", "type": "coupled" }, { "from": "b4", "to": "a22", "type": "coupled" }, { "from": "b5", "to": "a7", "type": "enables" }, { "from": "b5", "to": "a11", "type": "enables" }, { "from": "b5", "to": "a8", "type": "coupled" }, { "from": "b5", "to": "a22", "type": "coupled" }, { "from": "b5", "to": "a10", "type": "enables" }, { "from": "b6", "to": "a1", "type": "enables" }, { "from": "b6", "to": "c7", "type": "enables" }, { "from": "b6", "to": "a18", "type": "enables" }, { "from": "b6", "to": "a24", "type": "enables" }, { "from": "b7", "to": "a18", "type": "enables" }, { "from": "b7", "to": "b1", "type": "coupled" }, { "from": "b7", "to": "b2", "type": "coupled" }, { "from": "b7", "to": "b3", "type": "coupled" }, { "from": "b7", "to": "b4", "type": "coupled" }, { "from": "b7", "to": "b5", "type": "coupled" }, { "from": "b8", "to": "a10", "type": "enables" }, { "from": "b8", "to": "a11", "type": "enables" }, { "from": "b8", "to": "b5", "type": "enables" }, { "from": "b8", "to": "a8", "type": "enables" }, { "from": "b8", "to": "b3", "type": "enables" }, { "from": "c1", "to": "c2", "type": "prerequisite" }, { "from": "c1", "to": "c3", "type": "enables" }, { "from": "c1", "to": "c5", "type": "enables" }, { "from": "c1", "to": "b1", "type": "enables" }, { "from": "c1", "to": "c8", "type": "enables" }, { "from": "c1", "to": "c4", "type": "coupled" }, { "from": "c2", "to": "c5", "type": "coupled" }, { "from": "c2", "to": "c8", "type": "coupled" }, { "from": "c2", "to": "c11", "type": "coupled" }, { "from": "c3", "to": "c4", "type": "enables" }, { "from": "c3", "to": "c1", "type": "enables" }, { "from": "c3", "to": "c6", "type": "coupled" }, { "from": "c4", "to": "c1", "type": "enables" }, { "from": "c4", "to": "c5", "type": "enables" }, { "from": "c4", "to": "a12", "type": "coupled" }, { "from": "c5", "to": "c2", "type": "coupled" }, { "from": "c5", "to": "c8", "type": "enables" }, { "from": "c5", "to": "c11", "type": "coupled" }, { "from": "c5", "to": "b4", "type": "enables" }, { "from": "c6", "to": "b1", "type": "prerequisite" }, { "from": "c6", "to": "b2", "type": "prerequisite" }, { "from": "c6", "to": "b3", "type": "prerequisite" }, { "from": "c6", "to": "b4", "type": "prerequisite" }, { "from": "c6", "to": "b5", "type": "prerequisite" }, { "from": "c6", "to": "a5", "type": "coupled" }, { "from": "c7", "to": "b6", "type": "enables" }, { "from": "c7", "to": "c1", "type": "constrains" }, { "from": "c7", "to": "c3", "type": "constrains" }, { "from": "c7", "to": "c4", "type": "constrains" }, { "from": "c7", "to": "c5", "type": "constrains" }, { "from": "c7", "to": "c6", "type": "constrains" }, { "from": "c7", "to": "c8", "type": "constrains" }, { "from": "c7", "to": "c11", "type": "constrains" }, { "from": "c7", "to": "a12", "type": "coupled" }, { "from": "c8", "to": "c2", "type": "coupled" }, { "from": "c8", "to": "c11", "type": "coupled" }, { "from": "c8", "to": "b2", "type": "enables" }, { "from": "c8", "to": "b4", "type": "enables" }, { "from": "c9", "to": "a20", "type": "coupled" }, { "from": "c9", "to": "a22", "type": "coupled" }, { "from": "c9", "to": "c10", "type": "coupled" }, { "from": "c9", "to": "a7", "type": "enables" }, { "from": "c10", "to": "b4", "type": "enables" }, { "from": "c10", "to": "a22", "type": "coupled" }, { "from": "c11", "to": "c2", "type": "coupled" }, { "from": "c11", "to": "b2", "type": "enables" }, { "from": "c11", "to": "a6", "type": "coupled" }, { "from": "c11", "to": "a24", "type": "coupled" }, { "from": "d1", "to": "d2", "type": "enables" }, { "from": "d1", "to": "d3", "type": "enables" }, { "from": "d1", "to": "d5", "type": "enables" }, { "from": "d1", "to": "a18", "type": "coupled" }, { "from": "d2", "to": "d4", "type": "coupled" }, { "from": "d2", "to": "d6", "type": "coupled" }, { "from": "d3", "to": "d2", "type": "prerequisite" }, { "from": "d3", "to": "a15", "type": "coupled" }, { "from": "d3", "to": "a18", "type": "coupled" }, { "from": "d3", "to": "d4", "type": "enables" }, { "from": "d4", "to": "a15", "type": "constrains" }, { "from": "d4", "to": "d2", "type": "constrains" }, { "from": "d4", "to": "d6", "type": "constrains" }, { "from": "d4", "to": "a1", "type": "enables" }, { "from": "d5", "to": "a2", "type": "coupled" }, { "from": "d5", "to": "a15", "type": "coupled" }, { "from": "d5", "to": "d6", "type": "coupled" }, { "from": "d6", "to": "d2", "type": "enables" }, { "from": "d6", "to": "a15", "type": "coupled" }, { "from": "d6", "to": "a23", "type": "coupled" }, { "from": "d6", "to": "a25", "type": "coupled" } ] }