Skip to main content
U.S. flag

An official website of the United States government

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Secure .gov websites use HTTPS
A lock ( ) or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.

Systems security assurance as (micro) publishing: Declarative markup for systems description and assessment



Wendell A. Piez


Markup technologies are very general purpose, as reflects their generality of conception. They become interesting as well as useful as they are applied to accomplish goals in the real world. Since principles of generic declarative markup were first applied to accomplishing publishing-related goals in information management, design and application, 25 or 40 years ago, they have repeatedly demonstrated both their generality – they really do work – and their demand for applicability. Get one thing wrong, or leave it out, and the effort sits on a shelf. Design and deploy it carefully and sensitively, and even an inexpensive initiative can pay dividends for years. These systems become sustainable in the context of the sustainable operations of which they are a part. Decades of experience have shown us how to use declarative markup to sustain publishing operations. Now we have to deal with similar problems of information description, management, reuse across contexts, referencing, tracing, and authentication, only at even larger scales than before, both in size and complexity. This paper proposes some lessons and insights we can bring from our experience with publishing technologies, and suggests how they might be applicable in the growing domain of systems security assurance.
Proceedings Title
Proceedings of Balisage: The Markup Conference 2020
Conference Dates
July 27-31, 2020
Conference Location
Rockville, MD
Conference Title
Balisage: The Markup Conference 2020


security assessment, Risk Management Framework (RMF), XML, declarative markup


Piez, W. (2020), Systems security assurance as (micro) publishing: Declarative markup for systems description and assessment, Proceedings of Balisage: The Markup Conference 2020, Rockville, MD, [online], (Accessed July 25, 2024)


If you have any questions about this publication or are having problems accessing it, please contact

Created July 27, 2020, Updated March 1, 2021