Which NIST Special Publications cover Security Architecture?

This question tests which NIST Special Publications focus on designing and engineering secure systems—the architectural and lifecycle aspects of security. The best combination includes SP-800-160, which outlines Systems Security Engineering and how to weave security into the design and lifecycle of complex systems. It’s the primary architecture-focused publication. SP-800-27 provides Engineering Principles for Information Security, offering the guiding principles engineers use when making secure design decisions. SP-800-14 covers Generally Accepted Security Principles, giving foundational concepts that underlie secure architecture. Together, these three directly address how to plan, design, and maintain secure system architectures. The other sets are more about implementing controls, managing risk, testing, or handling incidents, rather than shaping the architectural approach itself. For example, one group emphasizes security controls and risk management, another focuses on testing or incident response, and another covers specialized domains like performance metrics or specific technologies.