Version 1.0.0 | January 2026
CFSE is a formal methodology for security epistemology: a disciplined approach to replacing intuition with structure, and claims with evidence.
CFSE is a formal methodology for security epistemology—a disciplined approach to knowing whether a system is secure, not guessing or hoping. It builds a world model of systems through concepts, interactions, and flows, expresses security properties as formal invariants with temporal logic, and validates claims through systematic exploration backed by structured evidence.
Not a scanner. Not a checklist. A formal framework for security knowledge.
| Goal | Resource |
|---|---|
| Start here (purpose + model) | guides/foundations/introduction.md |
| Understand the artifact pipeline | spec/foundations/artifact-system.md |
| Conformance levels | spec/foundations/conformance.md |
| ID syntax | spec/grammar/01-id-syntax.md |
| Normative spec | spec/ |
| Architecture map | ARCHITECTURE.yml |
cfse-spec/
spec/ # Normative core specification (source of truth)
foundations/ # Core concepts: artifact system, conformance, extensions
grammar/ # ID syntax, references, formal logic, field types
artifacts/ # Artifact definitions with YAML schemas
primary/ # Concept, Interaction, Flow, Scenario, Exploration, Finding
supporting/ # Predicate, Invariant, Generator, Patch
semantics/ # Invariant states, verdicts, lifecycle, traceability
extensions/ # Optional extensions (opt-in; may be empty)
guides/ # Informative background and reading guides
rfcs/ # Informative RFC/proposal process (no archive required)
ARCHITECTURE.yml # Machine-readable structure manifest
Concept -> Interaction -> Flow -> Scenario -> Exploration -> Finding -> Patch
C I F S E FD PATCH
- Concept (C-): Define system building blocks
- Interaction (I-): Document atomic operations
- Flow (F-): Map legitimate user journeys
- Scenario (S-): Hypothesize security violations
- Exploration (E-): Test hypotheses with BASE vs ATT
- Finding (FD-): Document confirmed vulnerabilities
- Patch (PATCH-): Fix, verify, and learn
| Topic | Location |
|---|---|
| Framework Introduction | guides/foundations/introduction.md |
| World Model | guides/foundations/world-model.md |
| Artifact System | spec/foundations/artifact-system.md |
| ID Syntax | spec/grammar/01-id-syntax.md |
| Formal Logic | spec/grammar/03-formal-logic.md |
CFSE is designed to be both human-readable and tool-friendly.
ARCHITECTURE.ymlprovides a machine-readable map of the spec (useful for editors, validators, and automation).- Some supporting material (templates, examples, prompts) may be published separately.
- Normative (
spec/): Authoritative definitions - source of truth - Informative (
guides/,rfcs/): Explanations, templates, and design discussion scaffolding
CFSE is compatible with many existing practices (threat modeling, red teaming, property-based testing, and formal methods). It is not a replacement for any of them; it is the “evidence-linked structure layer” that makes security reasoning auditable and repeatable.
| Surface approach | CFSE equivalent |
|---|---|
| Scan for vulnerabilities | Build world model, derive hypotheses from structure |
| Follow a checklist | Express properties as formal invariants |
| Run some tests | Systematic explorations with baseline/attack deltas |
| Write up findings | Evidence-backed findings with trace provenance |
See guides/foundations/introduction.md for the full positioning.
- Start with
guides/foundations/introduction.md - Read
spec/README.mdfor the spec map - Consult
spec/glossary.mdfor terminology - Reference
ARCHITECTURE.ymlfor the complete structure map
See CONTRIBUTING.md.