Multi-level systems are those that handle classified data at more than one level. They can be one of several types depending on architecture. These include Multi-Level Secure (MLS), Mulitple Security Levels (MSL), and Multiple Independent Levels of Security (MILS).

Designing a system to handle multiple levels of classified data that can be efficiently evaluated requires a thorough understanding of security design and development principles. But, high quality software development processes are not enough. Proving that a large complex system is secure enough to protect classified data can be prohibitively expensive unless it is carefully designed for efficient evaluation.

By organizing the security functionality into small, protected enclaves that control the security-critical resources, significant reductions can be achieved in evaluation costs--rendering practical an otherwise impractical process.

We know what requirements must be incorporated into product development that cannot be added later, when the product is complete.