Refine SP800-53 OSCAL extraction and enhancement #8
Assignees
Milestone
Comments
|
Many of these are now done in the third step of the extraction pipeline. However the entire pipeline should be shaken out, since things are now remapped after mapping ... |
wendellpiez
changed the title
|
This ticket is still relevant but only generally, as it may come up again with rev 5 data. As noted (comment above), most of the enhancements described are performed in the XSLT extraction for rev 4. If rev 5 also comes through NVD XML format we may be able to reuse this. Suggest this can be closed or reframed as a quality-check requirement for all catalog outputs especially in samples/demonstrations. |
david-waltermire
added
Discussion Needed
|
We need to solidify a scripted process for importing 800-53 rev 4 and 5 data. We also need to make sure we have had the necessary subject matter experts review the resulting content and that they are good with the final result. |
david-waltermire
added a commit
that referenced
this issue
Apr 3, 2018
# The first commit's message is: # This is a combination of 54 commits. # The first commit's message is: # This is a combination of 4 commits. # The first commit's message is: # This is a combination of 2 commits. # The first commit's message is: # This is a combination of 2 commits. # The first commit's message is: # This is a combination of 6 commits. # The first commit's message is: # This is a combination of 3 commits. # The first commit's message is: # This is a combination of 111 commits. # The first commit's message is: Initial commit of docs branch. # This is the commit message #2: Create CONTRIBUTING.md # This is the commit message #3: Create ROADMAP.md # This is the commit message #4: Update README.md # This is the commit message #5: Create README.md # This is the commit message #6: Update README.md # This is the commit message #7: Update README.md # This is the commit message #8: Create OSCAL-PRODUCERS.md # This is the commit message #9: Create OSCAL-CONSUMERS.md # This is the commit message #10: Update and rename OSCAL-CONSUMERS.md to USERS.md # This is the commit message #11: Update and rename OSCAL-PRODUCERS.md to IMPLEMENTERS.md # This is the commit message #12: Rename CONTRIBUTING.md to CONTRIBUTORS.md # This is the commit message #13: Update README.md # This is the commit message #14: Update README.md # This is the commit message #15: Update USERS.md # This is the commit message #16: Update README.md # This is the commit message #17: Update IMPLEMENTERS.md # This is the commit message #18: Update README.md # This is the commit message #19: Update ROADMAP.md # This is the commit message #20: Update USERS.md # This is the commit message #21: Update CONTRIBUTORS.md # This is the commit message #22: Update README.md # This is the commit message #23: Update README.md # This is the commit message #24: Update IMPLEMENTERS.md # This is the commit message #25: Update IMPLEMENTERS.md # This is the commit message #26: Rename CONTRIBUTORS.md to CONTRIBUTING.md # This is the commit message #27: Create control.md # This is the commit message #28: Update control.md # This is the commit message #29: Update control.md # This is the commit message #30: Update control.md # This is the commit message #31: Update control.md # This is the commit message #32: Add files via upload # This is the commit message #33: Update control.md # This is the commit message #34: Create temp.md # This is the commit message #35: Delete NIST-SP-800-53-Rev4-AC1.png # This is the commit message #36: Add files via upload # This is the commit message #37: Delete temp.md # This is the commit message #38: Add files via upload # This is the commit message #39: Update control.md # This is the commit message #40: Add files via upload # This is the commit message #41: Add files via upload # This is the commit message #42: Update control.md # This is the commit message #43: Update CONTRIBUTING.md # This is the commit message #44: Update CONTRIBUTING.md # This is the commit message #45: Update USERS.md # This is the commit message #46: Update CONTRIBUTING.md # This is the commit message #47: Delete CONTRIBUTING.md # This is the commit message #48: Delete USERS.md # This is the commit message #49: Add files via upload # This is the commit message #50: Delete CSA-CCM-IAM02.png # This is the commit message #51: Update control.md # This is the commit message #52: Update control.md # This is the commit message #53: Update control.md # This is the commit message #54: Update control.md # This is the commit message #55: Update control.md # This is the commit message #56: Update control.md # This is the commit message #57: Update control.md # This is the commit message #58: Update control.md # This is the commit message #59: Update control.md # This is the commit message #60: Update control.md # This is the commit message #61: Delete NIST-SP-800-53-AC1-in-OSCAL-XML.png # This is the commit message #62: Update README.md # This is the commit message #63: Update control.md # This is the commit message #64: Update control.md # This is the commit message #65: Add files via upload # This is the commit message #66: Delete ISO-27001-Control-A9.png # This is the commit message #67: Update control.md # This is the commit message #68: Add files via upload # This is the commit message #69: Add files via upload # This is the commit message #70: Delete ISO-27002-Control-9.1.1-part1.png # This is the commit message #71: Delete ISO-27002-Control-9.1.1-part2.png # This is the commit message #72: Update control.md # This is the commit message #73: Update control.md # This is the commit message #74: Update control.md # This is the commit message #75: Update control.md # This is the commit message #76: Update control.md # This is the commit message #77: Update README.md # This is the commit message #78: Update IMPLEMENTERS.md # This is the commit message #79: Add files via upload # This is the commit message #80: Delete oscal-layers.png # This is the commit message #81: Add files via upload # This is the commit message #82: Delete oscal-layers.png # This is the commit message #83: Add files via upload # This is the commit message #84: Update IMPLEMENTERS.md # This is the commit message #85: Update control.md # This is the commit message #86: Update IMPLEMENTERS.md # This is the commit message #87: Update control.md # This is the commit message #88: Rename IMPLEMENTERS.md to docs/prose/IMPLEMENTERS.md # This is the commit message #89: Rename IMPLEMENTERS.md to implementers.md # This is the commit message #90: Rearranged and outlined catalog documentation based on the conversation with karen and Wendell. # This is the commit message #91: Create catalog-xml.md # This is the commit message #92: Rename control.md to catalog.md # This is the commit message #93: Update catalog.md # This is the commit message #94: Update catalog.md # This is the commit message #95: Update catalog.md # This is the commit message #96: Update catalog-xml.md # This is the commit message #97: Update catalog-xml.md # This is the commit message #98: Update catalog-xml.md # This is the commit message #99: Update catalog-xml.md # This is the commit message #100: Update catalog-xml.md # This is the commit message #101: Update catalog-xml.md # This is the commit message #102: Update catalog-xml.md # This is the commit message #103: Update catalog-xml.md # This is the commit message #104: Update catalog-xml.md # This is the commit message #105: Update catalog-xml.md # This is the commit message #106: Docset migration to Slate # This is the commit message #107: Removing unused file. # This is the commit message #108: Update README.md Corrected a typo # This is the commit message #109: Add files via upload Graphical representation of OSCAL schemas aligned with Risk Management Framework steps and tasks. # This is the commit message #110: Create CONTRIBUTING.md # This is the commit message #111: Create ROADMAP.md # This is the commit message #2: Create README.md # This is the commit message #3: Update README.md # This is the commit message #2: Create OSCAL-PRODUCERS.md # This is the commit message #3: Create OSCAL-CONSUMERS.md # This is the commit message #4: Update and rename OSCAL-CONSUMERS.md to USERS.md # This is the commit message #5: Update and rename OSCAL-PRODUCERS.md to IMPLEMENTERS.md # This is the commit message #6: Rename CONTRIBUTING.md to CONTRIBUTORS.md # This is the commit message #2: Update USERS.md # This is the commit message #2: Update IMPLEMENTERS.md # This is the commit message #2: Update ROADMAP.md # This is the commit message #3: Update USERS.md # This is the commit message #4: Update CONTRIBUTORS.md # This is the commit message #2: Update IMPLEMENTERS.md # This is the commit message #3: Update IMPLEMENTERS.md # This is the commit message #4: Rename CONTRIBUTORS.md to CONTRIBUTING.md # This is the commit message #5: Create control.md # This is the commit message #6: Update control.md # This is the commit message #7: Update control.md # This is the commit message #8: Update control.md # This is the commit message #9: Update control.md # This is the commit message #10: Add files via upload # This is the commit message #11: Update control.md # This is the commit message #12: Create temp.md # This is the commit message #13: Delete NIST-SP-800-53-Rev4-AC1.png # This is the commit message #14: Add files via upload # This is the commit message #15: Delete temp.md # This is the commit message #16: Add files via upload # This is the commit message #17: Update control.md # This is the commit message #18: Add files via upload # This is the commit message #19: Add files via upload # This is the commit message #20: Update control.md # This is the commit message #21: Update CONTRIBUTING.md # This is the commit message #22: Update CONTRIBUTING.md # This is the commit message #23: Update USERS.md # This is the commit message #24: Update CONTRIBUTING.md # This is the commit message #25: Delete CONTRIBUTING.md # This is the commit message #26: Delete USERS.md # This is the commit message #27: Add files via upload # This is the commit message #28: Delete CSA-CCM-IAM02.png # This is the commit message #29: Update control.md # This is the commit message #30: Update control.md # This is the commit message #31: Update control.md # This is the commit message #32: Update control.md # This is the commit message #33: Update control.md # This is the commit message #34: Update control.md # This is the commit message #35: Update control.md # This is the commit message #36: Update control.md # This is the commit message #37: Update control.md # This is the commit message #38: Update control.md # This is the commit message #39: Delete NIST-SP-800-53-AC1-in-OSCAL-XML.png # This is the commit message #40: Update README.md # This is the commit message #41: Update control.md # This is the commit message #42: Update control.md # This is the commit message #43: Add files via upload # This is the commit message #44: Delete ISO-27001-Control-A9.png # This is the commit message #45: Update control.md # This is the commit message #46: Add files via upload # This is the commit message #47: Add files via upload # This is the commit message #48: Delete ISO-27002-Control-9.1.1-part1.png # This is the commit message #49: Delete ISO-27002-Control-9.1.1-part2.png # This is the commit message #50: Update control.md # This is the commit message #51: Update control.md # This is the commit message #52: Update control.md # This is the commit message #53: Update control.md # This is the commit message #54: Update control.md # This is the commit message #2: Update IMPLEMENTERS.md # This is the commit message #3: Add files via upload # This is the commit message #4: Delete oscal-layers.png # This is the commit message #5: Add files via upload # This is the commit message #6: Delete oscal-layers.png # This is the commit message #7: Add files via upload # This is the commit message #8: Update IMPLEMENTERS.md # This is the commit message #9: Update control.md # This is the commit message #10: Update IMPLEMENTERS.md # This is the commit message #11: Update control.md # This is the commit message #12: Rename IMPLEMENTERS.md to docs/prose/IMPLEMENTERS.md # This is the commit message #13: Rename IMPLEMENTERS.md to implementers.md # This is the commit message #14: Rearranged and outlined catalog documentation based on the conversation with karen and Wendell. # This is the commit message #15: Create catalog-xml.md # This is the commit message #16: Rename control.md to catalog.md # This is the commit message #17: Update catalog.md # This is the commit message #18: Update catalog.md # This is the commit message #19: Update catalog.md # This is the commit message #20: Update catalog-xml.md # This is the commit message #21: Update catalog-xml.md # This is the commit message #22: Update catalog-xml.md # This is the commit message #23: Update catalog-xml.md # This is the commit message #24: Update catalog-xml.md # This is the commit message #25: Update catalog-xml.md # This is the commit message #26: Update catalog-xml.md # This is the commit message #27: Update catalog-xml.md # This is the commit message #28: Update catalog-xml.md # This is the commit message #29: Fixed typos, updated repo documentation, and migrated documentation for use in Slate. Corrected a typo (+4 squashed commit) Squashed commit: [6ada57f] Removing unused file. [503ad71] Docset migration to Slate [351257e] Update catalog-xml.md [aae1e8b] Add files via upload Graphical representation of OSCAL schemas aligned with Risk Management Framework steps and tasks.
|
Agreed. Currently we have XProc scripts that produce OSCAL from NVD XML, but the pipelines need to be shaken down and repaired/tested (for each/both revs), also perhaps exposed (minimally) via shell scripts for easy reproducibility. NB soft areas in casting the 800-53 catalogs include ID assignments especially to low-level components. |
david-waltermire
pushed a commit
that referenced
this issue
Apr 5, 2018
# The first commit's message is: Restructuring for new initiative Moved everything into 'old' and added a new subdirectory for new experiments. More early iteration over names More adjustments in names mostly HTML page for Word import testing Just touchups this time Updates and misc improvements Changed document element to 'catalog' Improved and renamed mapping transformation Adjustments to models, schema, Schematron Managing gitignore Same Minor adjustments First cut at 27K mapping into OSCAL Renamed directories for consistency Cleanup Bit more cleanup Adjustments to mapping Same Numerous enhancements, some reorg Planning notes Added starter FO XSLT First cut at FO XSL Minor improvements Small adjustments Many/much schema enhancements; proto XSD version First cut at inline declarations with live validation Implementing declarations; styling Refinements and extensions; new assign, select, withdrawn elements More support for parameters etc. Now implementing parameters etc. More touches Misc improvements Sundry adjustments Many more small improvements Much documentation More touchups Updates Misc adjustments and notes Significant rework following design session esp declarations More improvements incl extending declarations to groups More adjustments; now mapping SP800-53A also. More polishing and maintenance Much more including hierarchical number checking Adjustments, extensions, corrections Name changes in the model More adjustments Cleanup of obsolete artifacts Minor alignment Mostly CSS, also Schematron improvements ISO27002 mapping document Many enhancements; new COBIT 5 mappings More on COBIT Improvements to mapping docs Adjustments to mappings incl HTML versions Moved screenshot for documentation More adjustments and docs Mostly improvements to documentation Refreshed 800-53 data with adjustments More general improvements to models and mappings Continuing refinements to validations in samples Update README.md Update README.md Update README.md Update README.md Minor tweaks Including initial cut at profiling (1st, rule-based control extraction) among other refinements and improvements No longer extant Added new control to COBIT5 example Misc improvements including more COBIT5 support File rename and further adjustments Misc adjustment; SaxonJS demo files Misc adjustments Updated readme contents to reflect merge. Fixed links. Changed text to better reflect current state and to add more links. Rearrangement and cleanup Schematron and schema adjustment and refactoring SP800-53 extraction improvement, enhancement, cleanup Improvements and enhancements to ISO27002 extraction OSCAL Documentation COBIT5 example tweakage Organizational notes Adjustments Removed old files directory. Moved files from draft to root. Updated README.md to reflect new pathing. Updated readme to contain more documentation of the OSCAL layers. Added documentation for the working directory. Update README.md Edited the text. Update README.md Edited the text. Added Aug 10 tiger team slides with notes Create a prose overview of OSCAL Update OSCAL Overview.md Update OSCAL Overview.md Profile and catalog mapping: a trivial example Replacing graphic with rescaled version Update OSCAL Overview.md Rescaled image Update OSCAL Overview.md Mods to oXygen project file Removing 'demo' (till later) Moved proprietary file Refinements to ISO27002 mappings (new model) Refining SP800-53 conversion/mappings Updating lib support for new model Top-level org Draft readme docs Further adjustment to directory readme.md More adjustments to ISO 27002 and SP800-53 (new model etc.) More cleanup to main sample subdirectories + readme tweakage Mostly restructuring More adjustments to extraction, parameter support Includes more model refinements; draft implementation of parameter resolution Adjustments for revised models Adjustments to demos and conversion pipelines Experimenting with profiles Infrastructure adjustments Schema modifications # This is the commit message #2: Minor correction to schema docs merge # This is the commit message #3: Updating XSD w/ docs # This is the commit message #4: More element renaming/adjustment # This is the commit message #5: Now a stable schema again? With SP800-53 extraction adjustments # This is the commit message #6: Profile-related mods # This is the commit message #7: Org stuff # This is the commit message #8: Moved mappind docs; added readme # This is the commit message #9: schema documentation # This is the commit message #10: Schema production and documentation pipeline # This is the commit message #11: More reorg; tweaked schema; more docs # This is the commit message #12: Improvements to tag library # This is the commit message #13: Another attempt at internal links in md # This is the commit message #14: trying again # This is the commit message #15: Gonna get this eventually # This is the commit message #16: More updates and tuneups # This is the commit message #17: More updates to schema and docs # This is the commit message #18: Lighter adjustments # This is the commit message #19: Similarly subtle adjustments # This is the commit message #20: Adjustments supporting parameter assignments # This is the commit message #21: More docs # This is the commit message #22: Enhancements to demo # This is the commit message #23: Moving distractions out of the way # This is the commit message #24: Slight readme tweakage # This is the commit message #25: Tag library tweaks # This is the commit message #26: More tag library adjustments # This is the commit message #27: New readme for Schematrons # This is the commit message #28: Adjustments to readme # This is the commit message #29: Adjustments to mapping documents # This is the commit message #30: Adjustments to readme # This is the commit message #31: More adjustments to mapping documents # This is the commit message #32: Updated punchlist # This is the commit message #33: Updates to mapping docs # This is the commit message #34: # This is the commit message #35: CSS for local editing of OSCAL OSCAL # This is the commit message #36: Slight adjustments # This is the commit message #37: Light editing # This is the commit message #38: Light editing # This is the commit message #39: Light edits # This is the commit message #40: Light edits # This is the commit message #41: Light edits # This is the commit message #42: Light edits # This is the commit message #43: More work on profiles # This is the commit message #44: Revised directory descriptions # This is the commit message #45: Added an explanation of the demo directories # This is the commit message #46: More on profiling # This is the commit message #47: Editorial tweaks to oscal-oscal.xml # This is the commit message #48: Editorial tweaks to oscal-oscal.xml # This is the commit message #49: Edits to schema documentation # This is the commit message #50: More enhancements to tag library and its presentation # This is the commit message #51: Internal links? # This is the commit message #52: Slight adjustments # This is the commit message #53: Further touchups to schema docs and their HTML rendering # This is the commit message #54: Support for 'pre' # This is the commit message #55: Rearranged and touched up profile experiments # This is the commit message #56: More touchups to tag library (linking) # This is the commit message #57: More adjustments to copy # This is the commit message #58: More adjustments # This is the commit message #59: Correcting display bug failing to render chars in CSS # This is the commit message #60: Added a PDF with the notes.
david-waltermire
pushed a commit
that referenced
this issue
Apr 13, 2018
# The first commit's message is: # This is a combination of 60 commits. # The first commit's message is: # This is a combination of 17 commits. # The first commit's message is: Restructuring for new initiative Moved everything into 'old' and added a new subdirectory for new experiments. More early iteration over names More adjustments in names mostly HTML page for Word import testing Just touchups this time Updates and misc improvements Changed document element to 'catalog' Improved and renamed mapping transformation Adjustments to models, schema, Schematron Managing gitignore Same Minor adjustments First cut at 27K mapping into OSCAL Renamed directories for consistency Cleanup Bit more cleanup Adjustments to mapping Same Numerous enhancements, some reorg Planning notes Added starter FO XSLT First cut at FO XSL Minor improvements Small adjustments Many/much schema enhancements; proto XSD version First cut at inline declarations with live validation Implementing declarations; styling Refinements and extensions; new assign, select, withdrawn elements More support for parameters etc. Now implementing parameters etc. More touches Misc improvements Sundry adjustments Many more small improvements Much documentation More touchups Updates Misc adjustments and notes Significant rework following design session esp declarations More improvements incl extending declarations to groups More adjustments; now mapping SP800-53A also. More polishing and maintenance Much more including hierarchical number checking Adjustments, extensions, corrections Name changes in the model More adjustments Cleanup of obsolete artifacts Minor alignment Mostly CSS, also Schematron improvements ISO27002 mapping document Many enhancements; new COBIT 5 mappings More on COBIT Improvements to mapping docs Adjustments to mappings incl HTML versions Moved screenshot for documentation More adjustments and docs Mostly improvements to documentation Refreshed 800-53 data with adjustments More general improvements to models and mappings Continuing refinements to validations in samples Update README.md Update README.md Update README.md Update README.md Minor tweaks Including initial cut at profiling (1st, rule-based control extraction) among other refinements and improvements No longer extant Added new control to COBIT5 example Misc improvements including more COBIT5 support File rename and further adjustments Misc adjustment; SaxonJS demo files Misc adjustments Updated readme contents to reflect merge. Fixed links. Changed text to better reflect current state and to add more links. Rearrangement and cleanup Schematron and schema adjustment and refactoring SP800-53 extraction improvement, enhancement, cleanup Improvements and enhancements to ISO27002 extraction OSCAL Documentation COBIT5 example tweakage Organizational notes Adjustments Removed old files directory. Moved files from draft to root. Updated README.md to reflect new pathing. Updated readme to contain more documentation of the OSCAL layers. Added documentation for the working directory. Update README.md Edited the text. Update README.md Edited the text. Added Aug 10 tiger team slides with notes Create a prose overview of OSCAL Update OSCAL Overview.md Update OSCAL Overview.md Profile and catalog mapping: a trivial example Replacing graphic with rescaled version Update OSCAL Overview.md Rescaled image Update OSCAL Overview.md Mods to oXygen project file Removing 'demo' (till later) # This is the commit message #2: Moved proprietary file # This is the commit message #3: Refinements to ISO27002 mappings (new model) # This is the commit message #4: Refining SP800-53 conversion/mappings # This is the commit message #5: Updating lib support for new model # This is the commit message #6: Top-level org # This is the commit message #7: Draft readme docs # This is the commit message #8: Further adjustment to directory readme.md # This is the commit message #9: More adjustments to ISO 27002 and SP800-53 (new model etc.) # This is the commit message #10: More cleanup to main sample subdirectories + readme tweakage # This is the commit message #11: Mostly restructuring # This is the commit message #12: More adjustments to extraction, parameter support # This is the commit message #13: Includes more model refinements; draft implementation of parameter resolution # This is the commit message #14: Adjustments for revised models # This is the commit message #15: Adjustments to demos and conversion pipelines # This is the commit message #16: Experimenting with profiles # This is the commit message #17: Infrastructure adjustments # This is the commit message #2: Minor correction to schema docs merge # This is the commit message #3: Updating XSD w/ docs # This is the commit message #4: More element renaming/adjustment # This is the commit message #5: Now a stable schema again? With SP800-53 extraction adjustments # This is the commit message #6: Profile-related mods # This is the commit message #7: Org stuff # This is the commit message #8: Moved mappind docs; added readme # This is the commit message #9: schema documentation # This is the commit message #10: Schema production and documentation pipeline # This is the commit message #11: More reorg; tweaked schema; more docs # This is the commit message #12: Improvements to tag library # This is the commit message #13: Another attempt at internal links in md # This is the commit message #14: trying again # This is the commit message #15: Gonna get this eventually # This is the commit message #16: More updates and tuneups # This is the commit message #17: More updates to schema and docs # This is the commit message #18: Lighter adjustments # This is the commit message #19: Similarly subtle adjustments # This is the commit message #20: Adjustments supporting parameter assignments # This is the commit message #21: More docs # This is the commit message #22: Enhancements to demo # This is the commit message #23: Moving distractions out of the way # This is the commit message #24: Slight readme tweakage # This is the commit message #25: Tag library tweaks # This is the commit message #26: More tag library adjustments # This is the commit message #27: New readme for Schematrons # This is the commit message #28: Adjustments to readme # This is the commit message #29: Adjustments to mapping documents # This is the commit message #30: Adjustments to readme # This is the commit message #31: More adjustments to mapping documents # This is the commit message #32: Updated punchlist # This is the commit message #33: Updates to mapping docs # This is the commit message #34: # This is the commit message #35: CSS for local editing of OSCAL OSCAL # This is the commit message #36: Slight adjustments # This is the commit message #37: Light editing # This is the commit message #38: Light editing # This is the commit message #39: Light edits # This is the commit message #40: Light edits # This is the commit message #41: Light edits # This is the commit message #42: Light edits # This is the commit message #43: More work on profiles # This is the commit message #44: Revised directory descriptions # This is the commit message #45: Added an explanation of the demo directories # This is the commit message #46: More on profiling # This is the commit message #47: Editorial tweaks to oscal-oscal.xml # This is the commit message #48: Editorial tweaks to oscal-oscal.xml # This is the commit message #49: Edits to schema documentation # This is the commit message #50: More enhancements to tag library and its presentation # This is the commit message #51: Internal links? # This is the commit message #52: Slight adjustments # This is the commit message #53: Further touchups to schema docs and their HTML rendering # This is the commit message #54: Support for 'pre' # This is the commit message #55: Rearranged and touched up profile experiments # This is the commit message #56: More touchups to tag library (linking) # This is the commit message #57: More adjustments to copy # This is the commit message #58: More adjustments # This is the commit message #59: Correcting display bug failing to render chars in CSS # This is the commit message #60: Added a PDF with the notes. # This is the commit message #2: Decided to risk it # This is the commit message #3: One more readme
david-waltermire
added a commit
that referenced
this issue
Apr 13, 2018
# The first commit's message is: # This is a combination of 4 commits. # The first commit's message is: # This is a combination of 60 commits. # The first commit's message is: # This is a combination of 17 commits. # The first commit's message is: Restructuring for new initiative Moved everything into 'old' and added a new subdirectory for new experiments. More early iteration over names More adjustments in names mostly HTML page for Word import testing Just touchups this time Updates and misc improvements Changed document element to 'catalog' Improved and renamed mapping transformation Adjustments to models, schema, Schematron Managing gitignore Same Minor adjustments First cut at 27K mapping into OSCAL Renamed directories for consistency Cleanup Bit more cleanup Adjustments to mapping Same Numerous enhancements, some reorg Planning notes Added starter FO XSLT First cut at FO XSL Minor improvements Small adjustments Many/much schema enhancements; proto XSD version First cut at inline declarations with live validation Implementing declarations; styling Refinements and extensions; new assign, select, withdrawn elements More support for parameters etc. Now implementing parameters etc. More touches Misc improvements Sundry adjustments Many more small improvements Much documentation More touchups Updates Misc adjustments and notes Significant rework following design session esp declarations More improvements incl extending declarations to groups More adjustments; now mapping SP800-53A also. More polishing and maintenance Much more including hierarchical number checking Adjustments, extensions, corrections Name changes in the model More adjustments Cleanup of obsolete artifacts Minor alignment Mostly CSS, also Schematron improvements ISO27002 mapping document Many enhancements; new COBIT 5 mappings More on COBIT Improvements to mapping docs Adjustments to mappings incl HTML versions Moved screenshot for documentation More adjustments and docs Mostly improvements to documentation Refreshed 800-53 data with adjustments More general improvements to models and mappings Continuing refinements to validations in samples Update README.md Update README.md Update README.md Update README.md Minor tweaks Including initial cut at profiling (1st, rule-based control extraction) among other refinements and improvements No longer extant Added new control to COBIT5 example Misc improvements including more COBIT5 support File rename and further adjustments Misc adjustment; SaxonJS demo files Misc adjustments Updated readme contents to reflect merge. Fixed links. Changed text to better reflect current state and to add more links. Rearrangement and cleanup Schematron and schema adjustment and refactoring SP800-53 extraction improvement, enhancement, cleanup Improvements and enhancements to ISO27002 extraction OSCAL Documentation COBIT5 example tweakage Organizational notes Adjustments Removed old files directory. Moved files from draft to root. Updated README.md to reflect new pathing. Updated readme to contain more documentation of the OSCAL layers. Added documentation for the working directory. Update README.md Edited the text. Update README.md Edited the text. Added Aug 10 tiger team slides with notes Create a prose overview of OSCAL Update OSCAL Overview.md Update OSCAL Overview.md Profile and catalog mapping: a trivial example Replacing graphic with rescaled version Update OSCAL Overview.md Rescaled image Update OSCAL Overview.md Mods to oXygen project file Removing 'demo' (till later) # This is the commit message #2: Moved proprietary file # This is the commit message #3: Refinements to ISO27002 mappings (new model) # This is the commit message #4: Refining SP800-53 conversion/mappings # This is the commit message #5: Updating lib support for new model # This is the commit message #6: Top-level org # This is the commit message #7: Draft readme docs # This is the commit message #8: Further adjustment to directory readme.md # This is the commit message #9: More adjustments to ISO 27002 and SP800-53 (new model etc.) # This is the commit message #10: More cleanup to main sample subdirectories + readme tweakage # This is the commit message #11: Mostly restructuring # This is the commit message #12: More adjustments to extraction, parameter support # This is the commit message #13: Includes more model refinements; draft implementation of parameter resolution # This is the commit message #14: Adjustments for revised models # This is the commit message #15: Adjustments to demos and conversion pipelines # This is the commit message #16: Experimenting with profiles # This is the commit message #17: Infrastructure adjustments # This is the commit message #2: Minor correction to schema docs merge # This is the commit message #3: Updating XSD w/ docs # This is the commit message #4: More element renaming/adjustment # This is the commit message #5: Now a stable schema again? With SP800-53 extraction adjustments # This is the commit message #6: Profile-related mods # This is the commit message #7: Org stuff # This is the commit message #8: Moved mappind docs; added readme # This is the commit message #9: schema documentation # This is the commit message #10: Schema production and documentation pipeline # This is the commit message #11: More reorg; tweaked schema; more docs # This is the commit message #12: Improvements to tag library # This is the commit message #13: Another attempt at internal links in md # This is the commit message #14: trying again # This is the commit message #15: Gonna get this eventually # This is the commit message #16: More updates and tuneups # This is the commit message #17: More updates to schema and docs # This is the commit message #18: Lighter adjustments # This is the commit message #19: Similarly subtle adjustments # This is the commit message #20: Adjustments supporting parameter assignments # This is the commit message #21: More docs # This is the commit message #22: Enhancements to demo # This is the commit message #23: Moving distractions out of the way # This is the commit message #24: Slight readme tweakage # This is the commit message #25: Tag library tweaks # This is the commit message #26: More tag library adjustments # This is the commit message #27: New readme for Schematrons # This is the commit message #28: Adjustments to readme # This is the commit message #29: Adjustments to mapping documents # This is the commit message #30: Adjustments to readme # This is the commit message #31: More adjustments to mapping documents # This is the commit message #32: Updated punchlist # This is the commit message #33: Updates to mapping docs # This is the commit message #34: # This is the commit message #35: CSS for local editing of OSCAL OSCAL # This is the commit message #36: Slight adjustments # This is the commit message #37: Light editing # This is the commit message #38: Light editing # This is the commit message #39: Light edits # This is the commit message #40: Light edits # This is the commit message #41: Light edits # This is the commit message #42: Light edits # This is the commit message #43: More work on profiles # This is the commit message #44: Revised directory descriptions # This is the commit message #45: Added an explanation of the demo directories # This is the commit message #46: More on profiling # This is the commit message #47: Editorial tweaks to oscal-oscal.xml # This is the commit message #48: Editorial tweaks to oscal-oscal.xml # This is the commit message #49: Edits to schema documentation # This is the commit message #50: More enhancements to tag library and its presentation # This is the commit message #51: Internal links? # This is the commit message #52: Slight adjustments # This is the commit message #53: Further touchups to schema docs and their HTML rendering # This is the commit message #54: Support for 'pre' # This is the commit message #55: Rearranged and touched up profile experiments # This is the commit message #56: More touchups to tag library (linking) # This is the commit message #57: More adjustments to copy # This is the commit message #58: More adjustments # This is the commit message #59: Correcting display bug failing to render chars in CSS # This is the commit message #60: Added a PDF with the notes. # This is the commit message #2: Decided to risk it # This is the commit message #3: One more readme # This is the commit message #4: Added timestamping to extractors # This is the commit message #2: Light edits to oscal-oscal.xml # This is the commit message #3: More edits to oscal-oscal.xml with regenerated materials # This is the commit message #4: Refining markdown export # This is the commit message #5: More edits to docs and rendering # This is the commit message #6: This time smaller adjustments # This is the commit message #7: More improvements to docs and rendering
|
@wendellpiez has this been addressed and can we close? |
|
@anweiss Yes the Issue can be closed. It will come up again in the context of the rev5 conversion, but that is only now being planned. It will go away never to return, but only when we have a production pipeline for SP800-53 data (any revision) that includes robust quality checking by subject experts. |
wendellpiez
referenced
this issue
in wendellpiez/OSCAL
Mar 1, 2019
|
The SP 800-53 rev5 work will be addressed by #232. Closing this issue. |
david-waltermire
referenced
this issue
in david-waltermire/OSCAL
Jun 6, 2019
Remove some JSON testing custom code and pip installs for Python in favor of AJV-CLI. Added XPath to the XML comparison code. Testing for XMLDIFF. Remove Unnecessary Python Libraries No longer using several external libraries Minor Updates FIxed git ignores Changed from -v check to something more compatible Updates to Testing Remove some JSON testing custom code and pip installs for Python in favor of AJV-CLI. Added XPath to the XML comparison code. Testing for XMLDIFF. Minor Updates FIxed git ignores Changed from -v check to something more compatible Bash Generalization Fixed the -v statements to use a more portable -z statement. Added Exit Code Logic to XML Round Trip Comparison Refactor XML Comparison Removes XMLDiff Adds exit code to the Python code, does error count tracking Test Content Converer Fix XML RoundTrip in Run All Tests Round Trip XML->JSON->XML Working for all NIST 800-53 checks (FedRAMP currently bombing) Color Output Printf messages are now color coded for improved readability in large log files Temp Directory Round trip files now written to the Temp directory, this directory added to build artifacts in CI/CD Rename Temporal Files Build files for roundtrip now carry their base naming conventions for troubleshooting Add Roundtrip Check to CI/CD Initial Attempt Fix CI/CD Bug Typo on base image Local JAR Trying to get it working end to end with local file Dynamic Paths Fix CI/CD bug finding Python/Saxon scripts PIP Installs Python Import Error Fix UTF Encoding Refactor Python Get etree.parse to work in CI/CD Shorten FileNames Build Artifacts Use the supplied build directory Troubleshoot Artifacts Dynamic JAR Dynamic JAR 2 Maven Install Adds Maven to the Circle CI image Maven Attempt #2 Class Path Refactor Refactor CI/CD Faster build time CI/CD Bug Fix Fix Path Error Copy Build Artifacts Copy Artifacts Attempt #2 Artifact Try #3 Artifact Attempt #4 Copy Step Artifacts #5 Fix Tab Artifact #6 Artifact #7 Artifact #8 Artifact #9 Initial JSON Roundtrip Remove Diff Updates to Testing Remove some JSON testing custom code and pip installs for Python in favor of AJV-CLI. Added XPath to the XML comparison code. Testing for XMLDIFF. Minor Updates FIxed git ignores Changed from -v check to something more compatible Updates to Testing Remove some JSON testing custom code and pip installs for Python in favor of AJV-CLI. Added XPath to the XML comparison code. Testing for XMLDIFF. Bash Generalization Fixed the -v statements to use a more portable -z statement. Added Exit Code Logic to XML Round Trip Comparison Refactor XML Comparison Removes XMLDiff Adds exit code to the Python code, does error count tracking Test Content Converer Fix XML RoundTrip in Run All Tests Round Trip XML->JSON->XML Working for all NIST 800-53 checks (FedRAMP currently bombing) Color Output Printf messages are now color coded for improved readability in large log files Temp Directory Round trip files now written to the Temp directory, this directory added to build artifacts in CI/CD Rename Temporal Files Build files for roundtrip now carry their base naming conventions for troubleshooting Add Roundtrip Check to CI/CD Initial Attempt Fix CI/CD Bug Typo on base image Local JAR Trying to get it working end to end with local file Dynamic Paths Fix CI/CD bug finding Python/Saxon scripts PIP Installs Python Import Error Fix UTF Encoding Refactor Python Get etree.parse to work in CI/CD Shorten FileNames Build Artifacts Use the supplied build directory Troubleshoot Artifacts Dynamic JAR Dynamic JAR 2 Maven Install Adds Maven to the Circle CI image Maven Attempt #2 Class Path Refactor CI/CD Bug Fix Fix Path Error Copy Build Artifacts Copy Artifacts Attempt #2 Artifact Try #3 Artifact Attempt #4 Copy Step Artifact #7 Artifact #8 Artifact #9 Initial JSON Roundtrip Remove Diff Merge with Master CI/CD Fix #2 CI/CD Fix #4 CI/CD Fix #5 CI/CD Fix #6
david-waltermire
removed
Discussion Needed
david-waltermire
referenced
this issue
in david-waltermire/OSCAL
Jun 6, 2019
Remove some JSON testing custom code and pip installs for Python in favor of AJV-CLI. Added XPath to the XML comparison code. Testing for XMLDIFF. Remove Unnecessary Python Libraries No longer using several external libraries Minor Updates FIxed git ignores Changed from -v check to something more compatible Updates to Testing Remove some JSON testing custom code and pip installs for Python in favor of AJV-CLI. Added XPath to the XML comparison code. Testing for XMLDIFF. Minor Updates FIxed git ignores Changed from -v check to something more compatible Bash Generalization Fixed the -v statements to use a more portable -z statement. Added Exit Code Logic to XML Round Trip Comparison Refactor XML Comparison Removes XMLDiff Adds exit code to the Python code, does error count tracking Test Content Converer Fix XML RoundTrip in Run All Tests Round Trip XML->JSON->XML Working for all NIST 800-53 checks (FedRAMP currently bombing) Color Output Printf messages are now color coded for improved readability in large log files Temp Directory Round trip files now written to the Temp directory, this directory added to build artifacts in CI/CD Rename Temporal Files Build files for roundtrip now carry their base naming conventions for troubleshooting Add Roundtrip Check to CI/CD Initial Attempt Fix CI/CD Bug Typo on base image Local JAR Trying to get it working end to end with local file Dynamic Paths Fix CI/CD bug finding Python/Saxon scripts PIP Installs Python Import Error Fix UTF Encoding Refactor Python Get etree.parse to work in CI/CD Shorten FileNames Build Artifacts Use the supplied build directory Troubleshoot Artifacts Dynamic JAR Dynamic JAR 2 Maven Install Adds Maven to the Circle CI image Maven Attempt #2 Class Path Refactor Refactor CI/CD Faster build time CI/CD Bug Fix Fix Path Error Copy Build Artifacts Copy Artifacts Attempt #2 Artifact Try #3 Artifact Attempt #4 Copy Step Artifacts #5 Fix Tab Artifact #6 Artifact #7 Artifact #8 Artifact #9 Initial JSON Roundtrip Remove Diff Updates to Testing Remove some JSON testing custom code and pip installs for Python in favor of AJV-CLI. Added XPath to the XML comparison code. Testing for XMLDIFF. Minor Updates FIxed git ignores Changed from -v check to something more compatible Updates to Testing Remove some JSON testing custom code and pip installs for Python in favor of AJV-CLI. Added XPath to the XML comparison code. Testing for XMLDIFF. Bash Generalization Fixed the -v statements to use a more portable -z statement. Added Exit Code Logic to XML Round Trip Comparison Refactor XML Comparison Removes XMLDiff Adds exit code to the Python code, does error count tracking Test Content Converer Fix XML RoundTrip in Run All Tests Round Trip XML->JSON->XML Working for all NIST 800-53 checks (FedRAMP currently bombing) Color Output Printf messages are now color coded for improved readability in large log files Temp Directory Round trip files now written to the Temp directory, this directory added to build artifacts in CI/CD Rename Temporal Files Build files for roundtrip now carry their base naming conventions for troubleshooting Add Roundtrip Check to CI/CD Initial Attempt Fix CI/CD Bug Typo on base image Local JAR Trying to get it working end to end with local file Dynamic Paths Fix CI/CD bug finding Python/Saxon scripts PIP Installs Python Import Error Fix UTF Encoding Refactor Python Get etree.parse to work in CI/CD Shorten FileNames Build Artifacts Use the supplied build directory Troubleshoot Artifacts Dynamic JAR Dynamic JAR 2 Maven Install Adds Maven to the Circle CI image Maven Attempt #2 Class Path Refactor CI/CD Bug Fix Fix Path Error Copy Build Artifacts Copy Artifacts Attempt #2 Artifact Try #3 Artifact Attempt #4 Copy Step Artifact #7 Artifact #8 Artifact #9 Initial JSON Roundtrip Remove Diff Merge with Master CI/CD Fix #2 CI/CD Fix #4 CI/CD Fix #5 CI/CD Fix #6
david-waltermire
referenced
this issue
in david-waltermire/OSCAL
Jun 6, 2019
Remove some JSON testing custom code and pip installs for Python in favor of AJV-CLI. Added XPath to the XML comparison code. Testing for XMLDIFF. Remove Unnecessary Python Libraries No longer using several external libraries Minor Updates FIxed git ignores Changed from -v check to something more compatible Updates to Testing Remove some JSON testing custom code and pip installs for Python in favor of AJV-CLI. Added XPath to the XML comparison code. Testing for XMLDIFF. Minor Updates FIxed git ignores Changed from -v check to something more compatible Bash Generalization Fixed the -v statements to use a more portable -z statement. Added Exit Code Logic to XML Round Trip Comparison Refactor XML Comparison Removes XMLDiff Adds exit code to the Python code, does error count tracking Test Content Converer Fix XML RoundTrip in Run All Tests Round Trip XML->JSON->XML Working for all NIST 800-53 checks (FedRAMP currently bombing) Color Output Printf messages are now color coded for improved readability in large log files Temp Directory Round trip files now written to the Temp directory, this directory added to build artifacts in CI/CD Rename Temporal Files Build files for roundtrip now carry their base naming conventions for troubleshooting Add Roundtrip Check to CI/CD Initial Attempt Fix CI/CD Bug Typo on base image Local JAR Trying to get it working end to end with local file Dynamic Paths Fix CI/CD bug finding Python/Saxon scripts PIP Installs Python Import Error Fix UTF Encoding Refactor Python Get etree.parse to work in CI/CD Shorten FileNames Build Artifacts Use the supplied build directory Troubleshoot Artifacts Dynamic JAR Dynamic JAR 2 Maven Install Adds Maven to the Circle CI image Maven Attempt #2 Class Path Refactor Refactor CI/CD Faster build time CI/CD Bug Fix Fix Path Error Copy Build Artifacts Copy Artifacts Attempt #2 Artifact Try #3 Artifact Attempt #4 Copy Step Artifacts #5 Fix Tab Artifact #6 Artifact #7 Artifact #8 Artifact #9 Initial JSON Roundtrip Remove Diff Updates to Testing Remove some JSON testing custom code and pip installs for Python in favor of AJV-CLI. Added XPath to the XML comparison code. Testing for XMLDIFF. Minor Updates FIxed git ignores Changed from -v check to something more compatible Updates to Testing Remove some JSON testing custom code and pip installs for Python in favor of AJV-CLI. Added XPath to the XML comparison code. Testing for XMLDIFF. Bash Generalization Fixed the -v statements to use a more portable -z statement. Added Exit Code Logic to XML Round Trip Comparison Refactor XML Comparison Removes XMLDiff Adds exit code to the Python code, does error count tracking Test Content Converer Fix XML RoundTrip in Run All Tests Round Trip XML->JSON->XML Working for all NIST 800-53 checks (FedRAMP currently bombing) Color Output Printf messages are now color coded for improved readability in large log files Temp Directory Round trip files now written to the Temp directory, this directory added to build artifacts in CI/CD Rename Temporal Files Build files for roundtrip now carry their base naming conventions for troubleshooting Add Roundtrip Check to CI/CD Initial Attempt Fix CI/CD Bug Typo on base image Local JAR Trying to get it working end to end with local file Dynamic Paths Fix CI/CD bug finding Python/Saxon scripts PIP Installs Python Import Error Fix UTF Encoding Refactor Python Get etree.parse to work in CI/CD Shorten FileNames Build Artifacts Use the supplied build directory Troubleshoot Artifacts Dynamic JAR Dynamic JAR 2 Maven Install Adds Maven to the Circle CI image Maven Attempt #2 Class Path Refactor CI/CD Bug Fix Fix Path Error Copy Build Artifacts Copy Artifacts Attempt #2 Artifact Try #3 Artifact Attempt #4 Copy Step Artifact #7 Artifact #8 Artifact #9 Initial JSON Roundtrip Remove Diff Merge with Master CI/CD Fix #2 CI/CD Fix #4 CI/CD Fix #5 CI/CD Fix #6
david-waltermire
referenced
this issue
in david-waltermire/OSCAL
Jun 11, 2019
Remove some JSON testing custom code and pip installs for Python in favor of AJV-CLI. Added XPath to the XML comparison code. Testing for XMLDIFF. Remove Unnecessary Python Libraries No longer using several external libraries Minor Updates FIxed git ignores Changed from -v check to something more compatible Updates to Testing Remove some JSON testing custom code and pip installs for Python in favor of AJV-CLI. Added XPath to the XML comparison code. Testing for XMLDIFF. Minor Updates FIxed git ignores Changed from -v check to something more compatible Bash Generalization Fixed the -v statements to use a more portable -z statement. Added Exit Code Logic to XML Round Trip Comparison Refactor XML Comparison Removes XMLDiff Adds exit code to the Python code, does error count tracking Test Content Converer Fix XML RoundTrip in Run All Tests Round Trip XML->JSON->XML Working for all NIST 800-53 checks (FedRAMP currently bombing) Color Output Printf messages are now color coded for improved readability in large log files Temp Directory Round trip files now written to the Temp directory, this directory added to build artifacts in CI/CD Rename Temporal Files Build files for roundtrip now carry their base naming conventions for troubleshooting Add Roundtrip Check to CI/CD Initial Attempt Fix CI/CD Bug Typo on base image Local JAR Trying to get it working end to end with local file Dynamic Paths Fix CI/CD bug finding Python/Saxon scripts PIP Installs Python Import Error Fix UTF Encoding Refactor Python Get etree.parse to work in CI/CD Shorten FileNames Build Artifacts Use the supplied build directory Troubleshoot Artifacts Dynamic JAR Dynamic JAR 2 Maven Install Adds Maven to the Circle CI image Maven Attempt #2 Class Path Refactor Refactor CI/CD Faster build time CI/CD Bug Fix Fix Path Error Copy Build Artifacts Copy Artifacts Attempt #2 Artifact Try #3 Artifact Attempt #4 Copy Step Artifacts #5 Fix Tab Artifact #6 Artifact #7 Artifact #8 Artifact #9 Initial JSON Roundtrip Remove Diff Updates to Testing Remove some JSON testing custom code and pip installs for Python in favor of AJV-CLI. Added XPath to the XML comparison code. Testing for XMLDIFF. Minor Updates FIxed git ignores Changed from -v check to something more compatible Updates to Testing Remove some JSON testing custom code and pip installs for Python in favor of AJV-CLI. Added XPath to the XML comparison code. Testing for XMLDIFF. Bash Generalization Fixed the -v statements to use a more portable -z statement. Added Exit Code Logic to XML Round Trip Comparison Refactor XML Comparison Removes XMLDiff Adds exit code to the Python code, does error count tracking Test Content Converer Fix XML RoundTrip in Run All Tests Round Trip XML->JSON->XML Working for all NIST 800-53 checks (FedRAMP currently bombing) Color Output Printf messages are now color coded for improved readability in large log files Temp Directory Round trip files now written to the Temp directory, this directory added to build artifacts in CI/CD Rename Temporal Files Build files for roundtrip now carry their base naming conventions for troubleshooting Add Roundtrip Check to CI/CD Initial Attempt Fix CI/CD Bug Typo on base image Local JAR Trying to get it working end to end with local file Dynamic Paths Fix CI/CD bug finding Python/Saxon scripts PIP Installs Python Import Error Fix UTF Encoding Refactor Python Get etree.parse to work in CI/CD Shorten FileNames Build Artifacts Use the supplied build directory Troubleshoot Artifacts Dynamic JAR Dynamic JAR 2 Maven Install Adds Maven to the Circle CI image Maven Attempt #2 Class Path Refactor CI/CD Bug Fix Fix Path Error Copy Build Artifacts Copy Artifacts Attempt #2 Artifact Try #3 Artifact Attempt #4 Copy Step Artifact #7 Artifact #8 Artifact #9 Initial JSON Roundtrip Remove Diff Merge with Master CI/CD Fix #2 CI/CD Fix #4 CI/CD Fix #5 CI/CD Fix #6
wandmagic
pushed a commit
to xvii-corp/OSCAL
that referenced
this issue
Mar 28, 2024
…ty-model Removed implemented-by flag from the responsibility assembly.
9 tasks
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
The current copy of SP800-53/53A, in OSCAL, is produced programmatically by XSLT running over the NVD XML, which maps its XML format. Results are consistent but could use further enhancement, if not by extending the XSLT then by post-process. Requirements include:
An earlier iteration of an XSLT for (some of) this is in lib/OSCAL-adjust.xsl.
Once this is done, the method for producing SP800-53 XML in OSCAL (the entire chain) should be documented and the results validated by close review.
In this process we may also identify needs for manual enhancement.
The text was updated successfully, but these errors were encountered: