Most security models explicitly (or implicitly) include the tranquillity principle which prohibits changing the security level of a given piece of information. Yet in practical systems, classication of objects may evolve due to declassication and subject current level may evolve according to subject requests. In [2], we proposed a modal logic denition of security whose counterpart is a constraint on the system traces that we called causality. In this paper, we give a generalization of causality which avoids the tranquillity principle. We give an interpretation of our model in the case of a multilevel security policy when the levels can be assigned dynamically. Then we provide ecient conditions to control the dynamic assignment of both the object classication and the subject current level. We propose a comparison of our approach with the nondeducibility generalization of [15]. Finally, we give several examples of systems where security levels are dynamically assigned.