just a question, as the discussion is kind of confusing but interesting. What are we defending or evaluating against or why would the cid need such a system? imho, any security threat is evaluated on a need be basis as there is no golden rule that would work for any given situation. Each level below has a defensive system.