Presentation is loading. Please wait.

Presentation is loading. Please wait.

CTI STIX SC Status Report www.oasis-open.org October 22, 2015.

Published byIris McLaughlin Modified over 9 years ago

Similar presentations

Presentation on theme: "CTI STIX SC Status Report www.oasis-open.org October 22, 2015."— Presentation transcript:

1 CTI STIX SC Status Report www.oasis-open.org October 22, 2015

2 The State of the Subcommittee is Good n 61 members / 6 observers n 3 active workproducts l STIX v1.2.1 language specifications l XML binding specification for STIX v1.2.1 l STIX v2.0 language specifications n Many active discussions on specific issues around the language n Many active strategic discussions l Serialization decisions (e.g., MTI) l Formal modeling approaches

3 STIX 1.2.1 specification status and next steps n Multipart specification for the STIX language n STIX SC approved drafts n Draft specification package uploaded to CTI TC site – 10/15/15 n Awaiting TC motion and vote to move to Committee Specification for Pubic Review Draft n STIX Version 1.2.1 Part 1: Overview. n STIX Version 1.2.1 Part 2: Common. n STIX Version 1.2.1 Part 3: Core. n STIX Version 1.2.1 Part 4: Indicator. n STIX Version 1.2.1 Part 5: TTP. n STIX Version 1.2.1 Part 6: Incident. n STIX Version 1.2.1 Part 7: Threat Actor. n STIX Version 1.2.1 Part 8: Campaign. n STIX Version 1.2.1 Part 9: Course of Action. n STIX Version 1.2.1 Part 10: Exploit Target. n STIX Version 1.2.1 Part 11: Report. n STIX Version 1.2.1 Part 12: Extensions. n STIX Version 1.2.1 Part 13: Data Marking. n STIX Version 1.2.1 Part 14: Vocabularies. n STIX Version 1.2.1 Part 15: UML Model. n Uml Model Serialization n XMI files n Diagrams

4 XML binding specification for STIX v1.2.1 n Consists of : l Textual specification document characterizing mapping rules to generate an XML Schema serialization from the STIX v1.2.1 language UML model l XML Schema reference implementation for STIX v1.2.1 n Status l Drafts are currently in authoring/editing process l Targeted for STIX SC review in November

5 STIX v2.0 specification status n Official kickoff was yesterday (10/21/15) n Currently selecting editors n Initiating deliberative process l Identifying and fleshing out use cases l Triage of issue trackers n Looking into options for issue “voting” l Plan to flesh out use cases iteratively while tackling issues l Plan to immediately begin discussing 2-3 high priority issues identified from list discussions

6 Active Discussion: Serialization Decisions n To date, only specified serialization has been XSD n What implementation serialization(s) is most appropriate? n Should we support multiple serializations? Which ones? n Strong consensus on the idea of specifying a Mandatory to Implement (MTI) serialization n Not yet enough information (still defining selection criteria and unknowns with how STIX will change in 2.0) to decide on MTI l Looks like current preference is leaning strongly to JSON

7 Active Discussion: Formal Modeling Approaches n Current STIX approach: formal UML structural model with textual explanation of semantics and manual serialization binding(s) n Proposed STIX approach: formal UML conceptual model (including explicit semantics) with auto-derived formal semantic serialization model (RDF/OWL) with subsequently auto-derived (tuned) implementation serialization(s) (JSON-LD, RDF/XML, etc)

8 Active Discussion: Formal Modeling Approaches n Potential advantages l Model specifies language semantics explicitly l Supports richer analysis approaches l Assurance of serialization mapping accuracy (full traceability and lossless translation) l Ease of integration with other relevant cyber ontologies n Potential questions/concerns l CTI TC community mostly unfamiliar with approach l Ease of use for implementers wanting simple serialization l Capabilities of default serializations like JSON-LD l Feasibility of available tooling

Download ppt "CTI STIX SC Status Report www.oasis-open.org October 22, 2015."

Similar presentations

Issue 134 Metamodel for OWL 2 Peter Haase, Elisa Kendall, Boris Motik, Evan Wallace.

Issue 134 Metamodel for OWL 2 Peter Haase, Elisa Kendall, Boris Motik, Evan Wallace.
A step-wise path to e61850 with UML IEC TC 57 WG10

A step-wise path to e61850 with UML IEC TC 57 WG10
Semantics Session 1 (mon 19, 16:30-18:00, Vulcania 1) Vocabularies: –Overview of vocabulary document (APM) –Discussion to resolve WD open issues (NG, AG,...)

Semantics Session 1 (mon 19, 16:30-18:00, Vulcania 1) Vocabularies: –Overview of vocabulary document (APM) –Discussion to resolve WD open issues (NG, AG,...)
ESSnet Stanprep The CEN Standardisation Process. CEN Overview: A standard (French: Norme, German: Norm) is a technical publication that is used as a rule,

ESSnet Stanprep The CEN Standardisation Process. CEN Overview: A standard (French: Norme, German: Norm) is a technical publication that is used as a rule,
Threat Modeling and Sharing. Summary Proposal to kick off Threat Modeling project – Multi-phase approach – Initially: create Cyber Domain PIM and STIX.

Threat Modeling and Sharing. Summary Proposal to kick off Threat Modeling project – Multi-phase approach – Initially: create Cyber Domain PIM and STIX.
ITHAKA Preservation Metadata 2.0: Revising the Event Model A last-minute presentation on work currently in progress Evan Owens VP, Content Management ITHAKA.

ITHAKA Preservation Metadata 2.0: Revising the Event Model A last-minute presentation on work currently in progress Evan Owens VP, Content Management ITHAKA.
Kick-off meeting Tuesday, June 02, 2015 Anders Östman Imad Abugessaisa.

Kick-off meeting Tuesday, June 02, 2015 Anders Östman Imad Abugessaisa.
1 CSL Workshop, October 13-14, 2005 ESDI Workshop on Conceptual Schema Language and Tools - Aim, Scope, and Issues to be Addressed Anders Friis-Christensen,

1 CSL Workshop, October 13-14, 2005 ESDI Workshop on Conceptual Schema Language and Tools - Aim, Scope, and Issues to be Addressed Anders Friis-Christensen,
Inside View of DDI Version 3.0: Structural Reform Group Report Presented to IASSIST 25 May 2005 Edinburgh Scotland UK.

Inside View of DDI Version 3.0: Structural Reform Group Report Presented to IASSIST 25 May 2005 Edinburgh Scotland UK.
Ontology Engineering for the Comparison of Cadastral Processes Laboratory for Semantic Information Technology Bamberg University Claudia Hess, Christoph.

Ontology Engineering for the Comparison of Cadastral Processes Laboratory for Semantic Information Technology Bamberg University Claudia Hess, Christoph.
1 ISO 19115 – Metadata Next Generation International consensus being built on structured metadata within a broader Geomatics Standard under ISO Technical.

1 ISO – Metadata Next Generation International consensus being built on structured metadata within a broader Geomatics Standard under ISO Technical.
Agenda Model migration vs MDS upgrade Model migration overview Model migration – how does it work? Model package Demo.

Agenda Model migration vs MDS upgrade Model migration overview Model migration – how does it work? Model package Demo.
Framework for Model Creation and Generation of Representations DDI Lifecycle Moving Forward.

Framework for Model Creation and Generation of Representations DDI Lifecycle Moving Forward.
MTEI Methods & Tools for Enterprise Integration

MTEI Methods & Tools for Enterprise Integration
® Eurostep.ESUKPC20.000030v0.1©Copyright Eurostep Limited An Introduction to ISO STEP Part 25 David Price.

® Eurostep.ESUKPC v0.1©Copyright Eurostep Limited An Introduction to ISO STEP Part 25 David Price.
Method of Converting Resource definitions into XSD Group Name: WG3 (PRO) Source: Shingo Fujimoto, FUJITSU, Meeting Date:

Method of Converting Resource definitions into XSD Group Name: WG3 (PRO) Source: Shingo Fujimoto, FUJITSU, Meeting Date:
From a Single Ontologically Sound Conceptual Model to Multiple Physical Schema Languages Bruce T. Bauman, U.S. DoD 1.

From a Single Ontologically Sound Conceptual Model to Multiple Physical Schema Languages Bruce T. Bauman, U.S. DoD 1.
Provo, 16 Aug 2007 LMF meeting 1 Lexical Markup Framework: ISO-24613 Provo meeting Gil Francopoulo.

Provo, 16 Aug 2007 LMF meeting 1 Lexical Markup Framework: ISO Provo meeting Gil Francopoulo.
CTI STIX SC Kickoff Meeting www.oasis-open.org July 16, 2015.

CTI STIX SC Kickoff Meeting July 16, 2015.
Faculty of Informatics and Information Technologies Slovak University of Technology Peter Kajsa and Ľubomír Majtás Design.

Faculty of Informatics and Information Technologies Slovak University of Technology Peter Kajsa and Ľubomír Majtás Design.

Similar presentations

Ads by Google