diff --git a/approach.md b/approach.md
new file mode 100644
index 0000000..5502edf
--- /dev/null
+++ b/approach.md
@@ -0,0 +1,25 @@
+# OSEP proposed approach
+
+a) Identify and document system scope, losses and hazards
+
+* *Assumed* system context, boundaries of analysis, role of OS, etc
+* OS-level losses/hazards that *may* violate a system's safety goals
+* Specific to the topic: start simple and elaborate later!
+
+b) Identify and document constraints and mitigations
+* Constraints: Criteria that must be satisfied to *prevent* hazard
+* Mitigations: To reduce *impact* of hazards that are not prevented
+
+c) Identify and document kernel features or external mechanisms
+* To implement OS- or system-level constraints and mitigations
+* To be identified and/or investigated by other WGs?
+
+d) Investigate and document processes and tools to:
+* Implement constraints or mitigations via engineering processes
+* Verify constraints and mitigations (at all levels)
+* Validate constraints, mitigations & verification measures in-context
+* Identify or provide other evidence to support claims
+
+e) Identify and document claims and use cases
+* To illustrate how a+b+c+d might support an in-context safety argument
+* Use cases with kernel config(s) and hardware / system dependencies?