Designing and implementing secure systems and applications requires permanent care - from decision making, through the system design, to system implementation, system testing and system maintenance. The Open Security Architecture Organization [OSAO] strives to create a framework for the security-centric development of IT systems. To achieve this goal, it touches numerous theoretical fields, from project management to software development processes and typical design decisions. The Open Security Architecture Framework [OSAF] is a work-in-progress and will be extended over time.

This website serves as a placeholder until the actual content is ready to be published. Pleae come back later to check whether new content has been published.


The Open Security Architecture Framework [OSAF] set forth by the Open Security Architecture Organization [OSAO] is intended for anyone working in IT projects that is either directly or indirectly making decisions concerning the design or the development process of security-centric IT systems - may it be project managers, system architects and engineers, component and software architects and engineers, as well as the higher management. However, the provided framework does not go into detail when it comes to the secure implementation of applications. There are other sources like the Open Web Application Security Project [OWASP] that specifically cover this topic.


The Open Security Architecture Framework [OSAF] is divided into different chapters, which will become relevant in the course of an IT project. The chapters are ordered by detail, starting with general information, while later chapters dive deeper into the technological matters. A (still incomplete) list of upcoming chapters includes:

  • Project Management
    • Project Roles
    • Project Milestones
    • Project Rituals
    • Decision-Making
    • Artifacts and Deliverables
  • System Architecture
    • Tools and Methods
  • Component Architecture
    • Tools and Methods
  • Development
    • Tools and Methods
  • Operations
    • Tools and Methods


Data Privacy Statement
For the correct functioning of this contact form, the personal data entered by you must be transmitted to the operator of this website. By using the contact form, you consent to the transmission and storage of the personal data you have entered. The data will be used to respond to your contact request.

The message could not be sent!
The message has been sent!

mandatory fields are marked with an *