[WIP] Add rules model and refs into component-definition model.

usnistgov · Jul 27, 2022 · 2242e65 · 2242e65
1 parent bfd262a
commit 2242e65
Show file tree

Hide file tree

Showing 2 changed files with 207 additions and 0 deletions.
diff --git a/src/metaschema/oscal_component_metaschema.xml b/src/metaschema/oscal_component_metaschema.xml
@@ -1,4 +1,5 @@
 <?xml version="1.0" encoding="UTF-8"?>
+<?xml-model href="../../build/metaschema/schema/xml/metaschema.xsd"?>
 <?xml-model href="../../build/metaschema/toolchains/xslt-M4/validate/metaschema-composition-check.sch" type="application/xml" schematypens="http://purl.oclc.org/dsdl/schematron"?>
 <!DOCTYPE METASCHEMA [
   <!ENTITY allowed-values-responsible-roles-operations SYSTEM "./shared-constraints/allowed-values-responsible-roles-operations.ent">
@@ -26,6 +27,7 @@
   </remarks>
 
   <import href="oscal_implementation-common_metaschema.xml"/>
+  <import href="oscal_rules-common_metaschema.xml"/>
 
   <define-assembly name="component-definition">
     <formal-name>Component Definition</formal-name>
@@ -41,6 +43,17 @@
       <assembly ref="import-component-definition" max-occurs="unbounded">
         <group-as name="import-component-definitions" in-json="ARRAY"/>
       </assembly>
+      <assembly ref="rule-definition" max-occurs="unbounded">
+        <use-name>rule</use-name>
+        <group-as name="rules" in-json="ARRAY"/>
+      </assembly>
+      <assembly ref="test-definition" max-occurs="unbounded">
+        <use-name>test</use-name>
+        <group-as name="tests" in-json="ARRAY"/>
+      </assembly>
+      <assembly ref="testing-scenario" max-occurs="unbounded">
+        <group-as name="testing-scenarios" in-json="ARRAY"/>
+      </assembly>
       <assembly ref="defined-component" max-occurs="unbounded">
         <use-name>component</use-name>
         <group-as name="components" in-json="ARRAY"/>
@@ -57,12 +70,21 @@
           <p>Since multiple <code>component</code> entries can be provided, each component must have a unique <code>uuid</code>.</p>
         </remarks>
       </index>
+      <index name="index-back-matter-resource" target="back-matter/resource">
+        <formal-name>Backmatter Resource Index</formal-name>
+        <description>An index of all backmatter resources.</description>
+        <key-field target="@uuid"/>
+      </index>
       <is-unique id="unique-component-definition-capability" target="capability">
         <key-field target="@uuid"/>
         <remarks>
           <p>A given <code>component</code> must not be referenced more than once within the same <code>capability</code>.</p>
         </remarks>
       </is-unique>
+      <index-has-key name="index-back-matter-resource" target="//link[@rel='source' and starts-with(@href,'#')]">
+        <description>Ensure that sources that reference a back-matter resource exist.</description>
+        <key-field target="@href" pattern="#(.*)"/>
+      </index-has-key>
     </constraint>
   </define-assembly>
 
@@ -118,6 +140,11 @@
       <assembly ref="control-implementation" max-occurs="unbounded">
         <group-as name="control-implementations" in-json="ARRAY"/>
       </assembly>
+
+      <assembly ref="rule-implementation" max-occurs="unbounded">
+        <group-as name="rule-implementations" in-json="ARRAY"/>
+      </assembly>
+
       <!--
          <assembly ref="configuration" max-occurs="unbounded">
            <group-as name="configurations" in-json="BY_KEY" />
@@ -375,6 +402,9 @@
       <assembly ref="statement" max-occurs="unbounded">
         <group-as name="statements" in-json="ARRAY"/>
       </assembly>
+      <assembly ref="rule-implementation" max-occurs="unbounded">
+        <group-as name="rule-implementations" in-json="ARRAY"/>
+      </assembly>
       <field ref="remarks" in-xml="WITH_WRAPPER"/>
     </model>
     <constraint>
@@ -429,6 +459,9 @@
       <assembly ref="responsible-role" max-occurs="unbounded">
         <group-as name="responsible-roles" in-json="ARRAY"/>
       </assembly>
+      <assembly ref="rule-implementation" max-occurs="unbounded">
+        <group-as name="rule-implementations" in-json="ARRAY"/>
+      </assembly>
       <field ref="remarks" in-xml="WITH_WRAPPER"/>
     </model>
     <constraint>

diff --git a/src/metaschema/oscal_rules-common_metaschema.xml b/src/metaschema/oscal_rules-common_metaschema.xml
@@ -0,0 +1,174 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<?xml-model href="../../build/metaschema/schema/xml/metaschema.xsd" ?>
+<METASCHEMA xmlns="http://csrc.nist.gov/ns/oscal/metaschema/1.0" abstract="yes">
+    <schema-name>OSCAL Rules -- Common Modules</schema-name>
+    <schema-version>1.2.0</schema-version>
+    <short-name>oscal-rules-common</short-name>
+    <namespace>http://csrc.nist.gov/ns/oscal/1.0</namespace>
+    <json-base-uri>http://csrc.nist.gov/ns/oscal</json-base-uri>
+    <remarks>
+        <p>TODO</p>
+    </remarks>
+    <import href="oscal_metadata_metaschema.xml"/>
+    <define-assembly name="rule-definition">
+        <formal-name>Rule Definition</formal-name>
+        <description>TODO</description>
+        <define-flag name="uuid" required="yes" as-type="uuid">
+            <formal-name>Rule Definition Universally Unique Identifier</formal-name>
+            <description>TODO</description>
+        </define-flag>
+        <model>
+            <define-field name="title" as-type="markup-line" min-occurs="1">
+                <formal-name>Rule Title</formal-name>
+                <description>A name given to the rule, which may be used by a tool for display and navigation.</description>
+            </define-field>
+            <define-field name="description" as-type="markup-multiline" min-occurs="1" in-xml="WITH_WRAPPER">
+                <formal-name>Rule Description</formal-name>
+                <description>A summary of the rule, including the requirement(s) to be met when evaluating the rule against a target that the rule applies to.</description>
+            </define-field>
+            <assembly ref="property" max-occurs="unbounded">
+                <group-as name="props" in-json="ARRAY"/>
+            </assembly>
+            <assembly ref="link" max-occurs="unbounded">
+                <group-as name="links" in-json="ARRAY"/>
+            </assembly>
+        </model>
+        <constraint>
+            <allowed-values target="prop[has-oscal-namespace('http://csrc.nist.gov/ns/oscal')]/@name">
+              <enum value="version">A string that identifies the revision of the rule.</enum>
+            </allowed-values>
+            <allowed-values target="link/@rel">
+                <enum value="source">A pointer to the resource that this rule is derived from.</enum>
+            </allowed-values>
+          </constraint>
+    </define-assembly>
+    <define-assembly name="test-definition">
+        <formal-name>Test Definition</formal-name>
+        <description>TODO</description>
+        <define-flag name="uuid" required="yes" as-type="uuid">
+            <formal-name>Test Definition Universally Unique Identifier</formal-name>
+            <description>TODO</description>
+        </define-flag>
+        <model>
+            <define-field name="title" as-type="markup-line" min-occurs="0" max-occurs="1">
+                <formal-name>Test Title</formal-name>
+                <description>A name given to the test, which may be used by a tool for display and navigation.</description>
+            </define-field>
+            <define-field name="description" as-type="markup-multiline" in-xml="WITH_WRAPPER">
+                <formal-name>Test Description</formal-name>
+                <description>A summary of the test, including implementation details of how its use examines an aspect or trait of a system.</description>
+            </define-field>
+            <assembly ref="property" max-occurs="unbounded">
+                <group-as name="props" in-json="ARRAY"/>
+            </assembly>
+            <assembly ref="link" max-occurs="unbounded">
+                <group-as name="links" in-json="ARRAY"/>
+            </assembly>
+            <!-- TODO: address activities and actions -->
+        </model>
+        <constraint>
+            <allowed-values target="prop[has-oscal-namespace('http://csrc.nist.gov/ns/oscal')]/@name">
+              <enum value="version">A string that identifies the revision of the test.</enum>
+            </allowed-values>
+            <allowed-values target="link/@rel">
+                <enum value="source">A pointer to the resource that this test is derived from.</enum>
+            </allowed-values>
+        </constraint>
+    </define-assembly>
+    <define-assembly name="test-reference">
+        <formal-name>Test Reference</formal-name>
+        <description>A reference to a test defined in this or an imported instance.</description>
+        <define-flag name="test-uuid" required="yes" as-type="uuid">
+            <formal-name>Test Definition Universally Unique Identifier Reference</formal-name>
+            <description>A reference to a test definition.</description>
+        </define-flag>
+    </define-assembly>
+    <define-field name="testing-scenario-uuid" as-type="uuid">
+        <formal-name>Testing Scenario Universally Unique Identifier Reference</formal-name>
+        <description>A reference to a testing scenario.</description>
+    </define-field>
+    <define-assembly name="rule-condition">
+        <formal-name>Rule Condition</formal-name>
+        <description>A rule implementation condition</description>
+        <define-flag name="negate" as-type="boolean" default="false">
+            <formal-name>Condition Negation</formal-name>
+            <description>Determines if the result of evaluating the condition should be negated.</description>
+            <remarks>
+                <p>A condition can be negated using the following truth table.</p>
+                <table>
+                    <tr><th>Result Value</th><th>Negation Value</th></tr>
+                    <tr><td>true</td><td>false</td></tr>
+                    <tr><td>false</td><td>true</td></tr>
+                    <tr><td>error</td><td>error</td></tr>
+                    <tr><td>not-applicable</td><td>not-applicable</td></tr>
+                </table>
+            </remarks>
+        </define-flag>
+        <define-flag name="operator" required="yes" as-type="token" default="and">
+            <formal-name>Rule Condition Operator</formal-name>
+            <description>TODO</description>
+            <constraint>
+                <allowed-values allow-other="no">
+                    <enum value="and">and</enum>
+                    <enum value="or">or</enum>
+                </allowed-values>
+            </constraint>
+        </define-flag>
+        <model>
+            <assembly ref="rule-condition">
+                <use-name>pre-requisite</use-name>
+            </assembly>
+            <choice>
+                <assembly ref="rule-condition" min-occurs="1" max-occurs="unbounded">
+                    <use-name>condition</use-name>
+                </assembly>
+                <assembly ref="test-reference" min-occurs="1" max-occurs="unbounded"/>
+                <field ref="testing-scenario-uuid" min-occurs="1" max-occurs="unbounded"/>
+            </choice>
+        </model>
+    </define-assembly>
+    <define-assembly name="testing-scenario">
+        <formal-name>Rule Testing Scenario</formal-name>
+        <description>A rule testing scenario</description>
+        <define-flag name="uuid" as-type="uuid" required="yes">
+            <formal-name>Testing Scenario Universally Unique Identifier</formal-name>
+            <description>TODO</description>
+        </define-flag>
+        <define-flag name="rule-uuid" as-type="uuid" required="yes">
+            <formal-name>Rule Universally Unique Identifier Reference</formal-name>
+            <description>A reference to a rule definition.</description>
+        </define-flag>
+        <model>
+            <choice>
+                <assembly ref="rule-condition" min-occurs="1">
+                    <use-name>condition</use-name>
+                </assembly>
+                <assembly ref="test-reference" min-occurs="1" max-occurs="unbounded"/>
+            </choice>
+        </model>
+    </define-assembly>
+    <define-assembly name="rule-implementation">
+        <formal-name>Rule Implementation</formal-name>
+        <description>TODO</description>
+        <define-flag name="uuid" required="yes" as-type="uuid">
+            <formal-name>Rule Implementation Universally Unique Identifier</formal-name>
+            <description>TODO</description>
+        </define-flag>
+        <define-flag name="test-scenario-uuid" as-type="uuid" required="yes">
+            <formal-name>Rule Universally Unique Identifier Reference</formal-name>
+            <description>A rule UUID reference</description>
+        </define-flag>
+        <model>
+            <define-field name="description" as-type="markup-multiline" in-xml="WITH_WRAPPER">
+                <formal-name>Rule Implementation Description</formal-name>
+                <description>A summary of why the referenced test scenario is applicable in this context.</description>
+            </define-field>
+            <assembly ref="property" max-occurs="unbounded">
+                <group-as name="props" in-json="ARRAY"/>
+            </assembly>
+            <assembly ref="link" max-occurs="unbounded">
+                <group-as name="links" in-json="ARRAY"/>
+            </assembly>
+        </model>
+    </define-assembly>
+</METASCHEMA>