This research is attempting to understand the engineering aspects of large-scale systems that are qualitatives, knowledge intensive and nonalgorithmic in nature as opposed to conventional investigations into the quantitative and algorithmic methodology commonly used for design and analysis. The vehicle for these investigations is the problem of on-line security assessment, an important problem now and for future systems. The potential payoff for this hi-risk work is high and would alter the current direction of algorithmic-based design tools to one of recognition of accumulated knowledge an expertise as a legitimate basis for engineering design and synthesis.