Architecture-Driven Approach
for experienced operators
Ensures coverage of requirements types for each security domain
Improves modularity for service upgrades
Structure can mask efficient application of security services and products
Reduces coordination with other functional requirements
Spec may be difficult to use and maintain due to redundancies