Without OpenPMF, creating many fine-grained technical security (esp. for access control and auditing) rules is too costly, cumbersome and error-prone. And – even worse – without OpenPMF, updating many fine-grained technical security rules whenever the application landscape changes results in a maintenance cost explosion. OpenPMF automates much of the policy creation, and reduces the update maintenance cost close to zero.