To address the challenges of complex security control configuration, difficult policy enforcement, and delayed response in networked systems, this paper proposes a Security Capability Model (SCM). The SCM establishes, for the first time, a computable abstract framework integrating information and data models, formally specifying rule semantics, policy parsing mechanisms, and data representations for filtering- and channel-protection–based controls. Leveraging UML/SysML modeling, Model-Driven Engineering (MDE), and a multi-granularity security control description language, the approach enables automated policy refinement, cross-heterogeneous-device (e.g., firewalls, encrypted gateways) configuration generation, and event-driven response. Experimental evaluation demonstrates a threefold improvement in policy deployment timeliness and a 40% increase in configuration accuracy, thereby filling a critical gap in the formal foundations for automated security policy enforcement.

Enforcing security requirements in networked information systems relies on security controls to mitigate the risks from increasingly dangerous threats. Configuring security controls is challenging; even nowadays, administrators must perform it without adequate tool support. Hence, this process is plagued by errors that translate to insecure postures, security incidents, and a lack of promptness in answering threats. This paper presents the Security Capability Model (SCM), a formal model that abstracts the features that security controls offer for enforcing security policies, which includes an Information Model that depicts the basic concepts related to rules (i.e., conditions, actions, events) and policies (i.e., conditions' evaluation, resolution strategies, default actions), and a Data Model that covers the capabilities needed to describe different types of filtering and channel protection controls. Following state-of-the-art design patterns, the model allows for generating abstract versions of the security controls' languages and a model-driven approach for translating abstract policies into device-specific configuration settings. By validating its effectiveness in real-world scenarios, we show that SCM enables the automation of different and complex security tasks, i.e., accurate and granular security control comparison, policy refinement, and incident response. Lastly, we present opportunities for extensions and integration with other frameworks and models.