THE PRIMARY GOAL OF THE PROJECT WAS TO MAKE PROTECTION EVALUATION MORE EFFECTIVE AND ECONOMICAL BY DECOMPOSING IT INTO MORE MANAGEABLE AND METHODICAL SUBTASKS SO AS TO DRASTICALLY REDUCE THE REQUIREMENT FOR PROTECTION EXPERTISE AND MAKE IT AS INDEPENDENT AS POSSIBLE OF THE SKILLS AND MOTIVATION OF THE ACTUAL INDIVIDUALS INVOLVED. THE PROJECT FOCUSED ON NEARTERM SOLUTIONS TO THE PROBLEM OF IMPROVING THE SECURITY OF EXISTING AND FUTURE OPERATING SYSTEMS IN AN ATTEMPT TO HAVE SOME IMPACT ON THE SYSTEMS WHICH WOULD BE IN USE IN THE NEXT 10 YEARS. A GENERAL STRATEGY WAS IDENTIFIED, REFERRED TO AS 'PATTERN-DIRECTED PROTECTION EVALUATION' AND TAILORED TO THE PROBLEM OF EVALUATING EXISTING SYSTEMS. THE APPROACH PROVIDED A BASIS FOR CATEGORIZING PROTECTION ERRORS ACCORDING TO THEIR SECURITY-RELEVANT PROPERTIES; IT WAS SUCCESSFULLY APPLIED FOR ONE SUCH CATEGORY TO THE MULTICS OPERATING SYSTEM, RESULTING IN THE DETECTION OF PREVIOUSLY UNKNOWN SECURITY VULNERABILITIES. REFERENCES, TABLES, AND ILLUSTRATIONS ARE INCLUDED. (AUTHOR ABSTRACT)