Presentation is loading. Please wait.

Presentation is loading. Please wait.

CTI STIX SC Monthly Meeting

Published byJuniper Harvey Modified over 6 years ago

Similar presentations

Presentation on theme: "CTI STIX SC Monthly Meeting"— Presentation transcript:

1 CTI STIX SC Monthly Meeting
CTI STIX SC Monthly Meeting September 30, 2015

2 Agenda STIX 1.2.1 specs STIX 2.0 Open discussion if time allows Status
Agenda STIX specs Status Next Steps STIX 2.0 Use Cases Issue Trackers Open discussion if time allows

3 STIX 1.2.1 specification status
Full multipart specification drafts completed and submitted for SC review – 9/24/15 SC review goals focused on SC member awareness of specification form and content SC member familiarity with OASIS format Identify editorial issues NOT focus on substantive issues STIX SC review period ends 10/2/15 STIX Version Part 1: Overview. STIX Version Part 2: Common. STIX Version Part 3: Core. STIX Version Part 4: Indicator. STIX Version Part 5: TTP. STIX Version Part 6: Incident. STIX Version Part 7: Threat Actor. STIX Version Part 8: Campaign. STIX Version Part 9: Course of Action. STIX Version Part 10: Exploit Target. STIX Version Part 11: Report. STIX Version Part 12: Extensions. STIX Version Part 13: Data Marking. STIX Version Part 14: Vocabularies. STIX Version Part 15: UML Model. Uml Model Serialization XMI files Diagrams

4 STIX 1.2.1 specification next steps
Review any SC review comments and make appropriate modifications Call a vote for SC approval of specification drafts Repackage and upload content to TC internal site Notify TC chair that specification drafts have been approved by SC TC chair calls a TC meeting so a vote can be held to approve them as a Committee Specification Public Review Draft TC will follow process for issuing as a Committee Specification Public Review Draft including 30 day public review period After 30 day public review period TC will dispose of any comments then call for a TC Special Majority Vote to approve the documents as a Committee Specification. At this point STIX will be official TC will likely continue further progression as an OASIS Standard

5 STIX 2.0 Will officially kickoff once specs handed off to TC (hopefully next week) We will need to select editors Deliberative process will begin Use Cases Issue Trackers

6 Use Cases Need for high-level use cases to understand and scope the domain we are looking to serve Need for more detailed use cases to understand specific information needs to drive to structural decisions Reality Check: the infosec domain relying on CTI is non-trivial and WILL involve a substantial number of use cases

7 Use Cases We will need everyone to be involved in identifying, fleshing out, discussing and deciding on use cases This will be done using the STIXProject/use-cases wiki on github Separate wiki page for each use case using simple template similar to one used across SCs

8 Use Case Template Use case title (replace with your title)
Abstraction Level (High, Medium or Low): High (replace with your value) Related Use Cases: Related use case (replace with your content) Description: Use case objective and flow description (replace with your content) Stakeholders/Goals: Stakeholder: Stakeholder description (replace with your content) Goal: Goal description (replace with your content) Preconditions: Precondition description (replace with your content) Dependencies: Dependency description (replace with your content) Main Success Scenario: Scenario description (replace with your content)

9 Use Cases Wiki home page contains template as well as initial taxonomy of high-level use cases and more fleshed out taxonomy of more detailed use cases Current taxonomies are a starting point based on community identified use cases that have resulted in the current expressivity and capability that is in STIX today Caveat: the taxonomies are NOT complete. Please add as appropriate Caveat: the large majority of use cases in the taxonomy are currently only titles and need iteratively fleshed out When editing existing use cases please try to add your thoughts with attribution rather than just changing others content

10 Use Case Scoping Considerations
Scoping decisions will likely be part of use case analysis Proposed additions Proposed removals We will need to agree on criteria for these decisions Proposal: Bias towards status quo Clear justification and rough consensus needed to add new considerations (work) Clear justification and strong consensus needed to remove existing capability (break things for people depending on these capabilities)

11 Issue Trackers Immediate need for SC members to conduct their own triage of current issue trackers Add new entries for desired issues not covered Add comments to existing issues Identify issues you think should be in scope for 2.0 Assert your prioritization of issues by importance After 2.0 kickoff we can analyze/normalize issues identify initial consensus scoping map to use cases prioritize based on importance and dependence focus on 1-3 issues at a time

12 Reminder of STIX SC work processes
Under formal governance our work will need to be open, deliberative, ordered and tracked. Encourage ideas and discussion but caution that consensus and decisions will need to follow process. Please keep talking. :-) Encourage contributions beyond just thoughts As work product efforts are stood up, editors will be needed Contributions of use cases, conceptual models, schema structures, normative or informative language suggestions, test data, etc. will be invaluable to collaborative progression MITRE folks will continue to be involved but we will need a broader base of active contributors going forward

13 Next meeting Wednesday, October 2:00pm EDT

Download ppt "CTI STIX SC Monthly Meeting"

Similar presentations

OASIS OSLC CCM TC Inaugural Meeting 04 February 2014 02/04/14OASIS Presentation to OSLC CCM TC.

OASIS OSLC CCM TC Inaugural Meeting 04 February /04/14OASIS Presentation to OSLC CCM TC.
1 Dissertation & Comprehensive Exam Process Dissertation Process Comprehensive Exam.

1 Dissertation & Comprehensive Exam Process Dissertation Process Comprehensive Exam.
1 Dissertation Process 4 process overview 4 specifics –dates, policies, etc.

1 Dissertation Process 4 process overview 4 specifics –dates, policies, etc.
How an idea becomes an IEC standard Gary Johnson Chairman IEC SC45A

How an idea becomes an IEC standard Gary Johnson Chairman IEC SC45A
Proposed TC Issues Process Martin Chapman. Purpose An issues driven process helps to 1.Untangle un-conflate problems 2.Narrow focus to solving particular.

Proposed TC Issues Process Martin Chapman. Purpose An issues driven process helps to 1.Untangle un-conflate problems 2.Narrow focus to solving particular.
WIKI IN EDUCATION Giti Javidi. W HAT IS WIKI ? A Wiki can be thought of as a combination of a Web site and a Word document. At its simplest, it can be.

WIKI IN EDUCATION Giti Javidi. W HAT IS WIKI ? A Wiki can be thought of as a combination of a Web site and a Word document. At its simplest, it can be.
CTI STIX SC Kickoff Meeting www.oasis-open.org July 16, 2015.

CTI STIX SC Kickoff Meeting July 16, 2015.
OData Technical Committee Kick-off July 26, 2012.

OData Technical Committee Kick-off July 26, 2012.
Query Health Distributed Population Queries Implementation Group Meeting October 25, 2011.

Query Health Distributed Population Queries Implementation Group Meeting October 25, 2011.
© 2013 OSLC Steering Committee1 Proposal to Create OSLC Affiliated Technical Committees OSLC Steering Committee Meeting: 1 PM EDT, 8 July 2013 Open Services.

© 2013 OSLC Steering Committee1 Proposal to Create OSLC Affiliated Technical Committees OSLC Steering Committee Meeting: 1 PM EDT, 8 July 2013 Open Services.
CTI STIX SC Monthly Meeting www.oasis-open.org August 19, 2015.

CTI STIX SC Monthly Meeting August 19, 2015.
Why Proposed TC Procedures? Define how TC reaches “completion” of what OASIS calls “Committee Specifications” TC procedures lead up to the OASIS process:

Why Proposed TC Procedures? Define how TC reaches “completion” of what OASIS calls “Committee Specifications” TC procedures lead up to the OASIS process:
CMIS4DAM TC Inaugural Meeting 03 December 2014 12/03/14OASIS Presentation to CMIS4DAM TC.

CMIS4DAM TC Inaugural Meeting 03 December /03/14OASIS Presentation to CMIS4DAM TC.
Query Health Distributed Population Queries Implementation Group Meeting October 11, 2011.

Query Health Distributed Population Queries Implementation Group Meeting October 11, 2011.
Due Process – ISSAIs and INTOSAI GOVs Roberto José Domínguez Moro Superior Audit Office of Mexico INTOSAI Working Group on Public Debt June 14, 2010.

Due Process – ISSAIs and INTOSAI GOVs Roberto José Domínguez Moro Superior Audit Office of Mexico INTOSAI Working Group on Public Debt June 14, 2010.
CTI STIX SC Monthly Meeting www.oasis-open.org October 21, 2015.

CTI STIX SC Monthly Meeting October 21, 2015.
CTI CybOX SC Meeting www.oasis-open.org October 29, 2015.

CTI CybOX SC Meeting October 29, 2015.
CTI STIX SC Status Report www.oasis-open.org October 22, 2015.

CTI STIX SC Status Report October 22, 2015.
CTI STIX SC Monthly Meeting www.oasis-open.org December 23, 2015.

CTI STIX SC Monthly Meeting December 23, 2015.
Public Health Reporting Initiative July 25, 2012.

Public Health Reporting Initiative July 25, 2012.

Similar presentations

Ads by Google