usnistgov · david-waltermire · Aug 15, 2017 · Aug 14, 2017 · Aug 14, 2017 · Aug 14, 2017
diff --git a/draft/OSCAL-dev.xpr b/draft/OSCAL-dev.xpr
diff --git a/draft/notes-201707.txt b/draft/notes-201707.txt
diff --git a/draft/punchlist.txt b/draft/punchlist.txt
@@ -37,54 +37,69 @@ o write XSLT to produce RACI chart for (all of) COBIT 5?
 
 NOT EXTRAS
 
-Schema maintenance model
-  Finish OSCAL tag library
-  Convert RNC to RNG
-  Convert RNG+OSCAL -> XSD
-  Document all this on Github
-
-Github Issues
-  Namespace update
-
-Define spec for content enhancement tranformation over SP800-53
-  Infer links (there are lots e.g. inside Supplemental Guidance)
-  Infer assignments
-  Add IDs
-Same for content enhancement XSLT over COBIT5
- o convert input/output feature prop[@class=('to','from')] into links
-   o similarly introduce link elements into IT goals
-   o similarly upconvert Activities (into ...?)
-
-Same for other catalogs? such as 
-Complete (OSCAL) mapping documents for three applications (flavors) so far
-
-Regression testing (for schema, XSLT etc.)
+o Regression testing (for schema, XSLT etc.)
   Requiring authoritative sample docs
     Go / no-go
     Schematron XSpec
 
 in SaxonJS demo:
 look for ixsl:onchange mode (dynamic rendering)
 
-add @datatype to 'param'
-o add xsd-type for declaration i.e. <xsd-type>decimal</xsd:type> validates $x castable as xs:decimal? (use eval)
+x XSD pathway
+  x RNC -> XSD frame via Trang
+  x XSD frame + OSCAL.oscal -> XSD (w/ warnings re disparities) cf xsd-merge-docs.xsl
+  o XProc for Trang?
+
+Monday Aug 14
+  Adjusted schema and Schematron
+    changed xref to a (inline links)
+    pulled link validation into a separate Schematron
+  Updated ISO27002 extraction
+  Implemented ISO27002 enhancement (adding internal links)
+  Improved SP800-53 enhancement (picking up "withdrawn")
+  Tightened and tested schema, Schematrons
+  Much documentation
+
+  to do:
+
+  XSLT to add/normalized assign/@id
+  Adjust assign model:
+
+  Repair "Assignment" Schematron to new model
 
-remove parameter declarations
-remove param/@class (till later)
+links -
+  x validate internal cross-references - href[starts-with(.,'#)]
+  x change xref to a
+  o VALIDATE link in declarations - validate required and singleton by @rel (relationship) not @class
 
-rough out profile functionality
-  select controls by ID
-  (then deselect controls by arbitrary criteria)
-  implement paramesters and assignments (crude is okay)
-  validation collection (selected controls) against source
-    catalog to verify (existence) of control
 
-links - validate internal cross-references
-  validate required and singleton by @rel (relationship)
+o add xsd-type for declaration i.e. <xsd-type>decimal</xsd:type> validates $x castable as xs:decimal? (use eval)
+  o prop, param
 
-fix up parameter (Schematron) implementation
+o Rough out profile functionality
+  select controls by ID
+  (then deselect controls by arbitrary criteria?)
+  implement parameters and assignments (crude is okay)
+    pass 1: expand profile to contain params for all //assign
+    pass 2: produce collection with params in place
+            (and other mods e.g. overwrites, additions)
+
+  o validate collection (selected controls) against source catalog?
+    to verify (existence/coverage) of control
 
 OSCAL framework in oXygen? 
   oXygen macros, boilerplate and auto-insert
   e.g. parameter names by reference to declarations
+
+o relax declarations: not declaring something is not an error
+o collapse features and statements:
+  o permit prose in features
+  o eliminate statements and rename stmts as features
+
+  o experiment (again) w/ semantic aliases for feat[@class='objectives'] etc
+  o add declarations for paragraph[@class]
+  o contemplate recursion
+
+
+
 
diff --git a/draft/working/COBIT5/cobit5-selection-oscal.xml b/draft/working/COBIT5/cobit5-selection-oscal.xml
@@ -1,8 +1,9 @@
 <?xml version="1.0" encoding="UTF-8"?>
 <?xml-model href="../lib/oscal-working.rnc" type="application/relax-ng-compact-syntax"?>
-<?xml-stylesheet type="text/css" href="../lib/oscal.css" title="Basic" alternate="yes"?>
-<?xml-stylesheet type="text/css" href="../lib/oscal-ui.css" title="Forms interface" alternate="yes"?>
-<?xml-stylesheet type="text/css" href="../lib/oscal-cobit5.css" title="COBIT" alternate="yes"?>
+<?xml-model href="../lib/Schematron/oscal-as-declared.sch" type="application/xml" schematypens="http://purl.oclc.org/dsdl/schematron"?>
+<?xml-stylesheet type="text/css" href="../lib/CSS/oscal.css" title="Basic" alternate="yes"?>
+<?xml-stylesheet type="text/css" href="../lib/CSS/oscal-ui.css" title="Forms interface" alternate="yes"?>
+<?xml-stylesheet type="text/css" href="../lib/CSS/oscal-cobit5.css" title="COBIT" alternate="yes"?>
 <catalog xmlns="http://scap.nist.gov/schema/oscal">
   <title>COBIT 5 (extracts / examples)</title>
   <declarations href="cobit5-tuned-declarations.xml"/>

diff --git a/...t/working/ISO-27002/ISO-epub-to-OSCAL.xsl → ...g/ISO-27002/Convert-ISO-epub-to-OSCAL.xsl b/...t/working/ISO-27002/ISO-epub-to-OSCAL.xsl → ...g/ISO-27002/Convert-ISO-epub-to-OSCAL.xsl
@@ -19,27 +19,29 @@
       <title>ISO/IEC 27002</title>
 
       <declarations>
-        <property role="number" where="control-category">
+        <property context="control-category" class="number">
           <required/>
-          <regex>\d\d?</regex>
-          <!--<autonum>1</autonum> auto numbering needs to manage scope, starting point ... -->
-          <!--<limit type="not-less-than">5</limit>
-    <limit type="not-more-than">12</limit>-->
+          <identifier/>
+          <regex>^\d\d?$</regex>
         </property>
-        <property role="number" where="clause">
+        <property context="clause" class="number">
           <required/>
-          <!--<value>5.1</value> ... <value>18.2</value>-->
+          <identifier/>
+          <value><inherit/><autonum>.1</autonum></value>
         </property>
-        <statement role="objective" where="clause">
+        <statement context="clause" class="objective">
           <required/>
         </statement>
-        <property role="number" where="iso-27002">
+        <property context="iso-27002" class="number">
           <required/>
-          <!--<value>5.1.1</value> ...
-      <value>18.2.3</value>-->
+          <identifier/>
+          <value><inherit/><autonum>.1</autonum></value>
         </property>
-        <statement role="implementation-guidance" where="control"/>
-        <statement role="other-information" where="control"/>
+        <statement context="control" class="description">
+          <required/>
+        </statement>
+        <statement context="control" class="guidance"/>
+        <statement context="control" class="information"/>
       </declarations>
 
       <xsl:apply-templates select="/*/body/div/div[@class = 'MainContent'][2]"/>
@@ -58,12 +60,12 @@
     <xsl:variable name="in-bibliography" select="h1[@id = 'toc_marker-58']/(.|following-sibling::*)"/>
     <xsl:for-each-group select="$after-intro except $in-bibliography" group-starting-with="h1">
       <xsl:variable name="category-head" select="current-group()/self::h1"/>
-      <group type="control-category">
+      <group class="control-category">
         <xsl:apply-templates select="$category-head" mode="no-num"/>
         <xsl:apply-templates select="$category-head" mode="num"/>
         <xsl:for-each-group select="current-group() except $category-head" group-starting-with="h2">
           <xsl:variable name="clause-head" select="current-group()/self::h2"/>
-          <group type="clause">
+          <group class="clause">
             <xsl:variable name="first-control-head" select="(current-group()/self::h3)[1]"/>
             <xsl:variable name="controls"
               select="$first-control-head | current-group()[. >> $first-control-head]"/>
@@ -76,7 +78,7 @@
             <xsl:apply-templates select="current-group() except ($clause-head|$controls)"/>
 
             <xsl:for-each-group select="$controls" group-starting-with="h3">
-              <control type="iso-27002">
+              <control class="iso-27002">
 <!--                <prop name="category">
                   <xsl:value-of select="$category-head/replace(normalize-space(), '^[\d\s\.]+', '')"
                   />
@@ -93,31 +95,31 @@
                     select="current-group()[normalize-space(.) = $statement-headers]"/>
                   <xsl:choose>
                     <xsl:when test="$statement-head = 'Control'">
-                      <description>
+                      <stmt class="description">
                         <xsl:call-template name="structure-lines">
                           <xsl:with-param name="lines"
                             select="current-group() except $statement-head"/>
                         </xsl:call-template>
-                      </description>
+                      </stmt>
                     </xsl:when>
                     <xsl:when test="$statement-head = 'Implementation guidance'">
-                      <guidance>
+                      <stmt class="guidance">
                         <xsl:call-template name="structure-lines">
                           <xsl:with-param name="lines"
                             select="current-group() except $statement-head"/>
                         </xsl:call-template>
-                      </guidance>
+                      </stmt>
                     </xsl:when>
                     <xsl:when test="$statement-head = 'Other information'">
-                      <information>
+                      <stmt class="information">
                         <xsl:call-template name="structure-lines">
                           <xsl:with-param name="lines"
                             select="current-group() except $statement-head"/>
                         </xsl:call-template>
-                      </information>
+                      </stmt>
                     </xsl:when>
                     <xsl:otherwise>
-                      <stmt role="{replace(lower-case(normalize-space($statement-head)),' ','-')}">
+                      <stmt class="{replace(lower-case(normalize-space($statement-head)),' ','-')}">
                         <xsl:call-template name="structure-lines">
                           <xsl:with-param name="lines"
                             select="current-group() except $statement-head"/>
@@ -192,14 +194,14 @@
   </xsl:template>
 
   <xsl:template match="h1 | h2 | h3" mode="num" priority="5">
-    <prop role="number">
+    <prop class="number">
       <xsl:value-of select="replace(.,'[^\d\.].*$','')"/>
     </prop>
   </xsl:template>
 
 
   <xsl:template match="p[starts-with(., 'Objective:')]">
-    <stmt role="objective">
+    <stmt class="objective">
       <p>
         <xsl:apply-templates mode="tune">
           <xsl:with-param name="trim" tunnel="yes" as="xs:string">Objective: </xsl:with-param>
@@ -247,9 +249,9 @@
   <xsl:template match="a[not(matches(., '\S'))]" priority="3"/>
 
   <xsl:template match="a" priority="2">
-    <xref>
+    <a>
       <xsl:apply-templates/>
-    </xref>
+    </a>
   </xsl:template>
 
 </xsl:stylesheet>
diff --git a/draft/working/ISO-27002/Enhance-iso-27002-oscal.xsl b/draft/working/ISO-27002/Enhance-iso-27002-oscal.xsl
@@ -0,0 +1,54 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<xsl:stylesheet xmlns:xsl="http://www.w3.org/1999/XSL/Transform"
+  xmlns:xs="http://www.w3.org/2001/XMLSchema"
+  exclude-result-prefixes="xs"
+  xmlns="http://scap.nist.gov/schema/oscal"
+  xpath-default-namespace="http://scap.nist.gov/schema/oscal"
+  expand-text="true"
+  version="3.0">
+
+<!-- Enhances ISO 27002 OSCAL:
+  * Adds @id to controls and subcontrols
+  * Adds @href for internal cross-references to 'a' elements when the target is present
+
+  Assumes all controls and subcontrols have a prop[@class='number'] (which is used for the ID)
+
+  -->
+
+  <xsl:mode on-no-match="shallow-copy"/>
+
+  <xsl:template match="/node()">
+    <xsl:text>&#xA;</xsl:text>
+    <xsl:next-match/>
+  </xsl:template>
+
+  <xsl:template match="group | control | subcontrol">
+    <xsl:copy>
+      <xsl:copy-of select="@*"/>
+      <xsl:attribute name="id">
+        <xsl:apply-templates select="." mode="id"/>
+      </xsl:attribute>
+      <xsl:apply-templates/>
+    </xsl:copy>
+  </xsl:template>
+
+  <xsl:template match="group | control | subcontrol" mode="id">
+    <xsl:value-of select="replace(name(.), '[^gsc]', '') || replace(prop[@class = 'number'], '\.', '-')"/>
+  </xsl:template>
+
+  <xsl:key name="by-number" match="group | control | subcontrol" use="prop[@class = 'number']"/>
+
+  <xsl:template match="a">
+    <a>
+      <xsl:copy-of select="@*"/>
+      <xsl:for-each select="key('by-number',normalize-space(.))">
+        <xsl:attribute name="href">
+          <xsl:text>#</xsl:text>
+          <xsl:apply-templates select="." mode="id"/>
+        </xsl:attribute>
+      </xsl:for-each>
+      <xsl:apply-templates/>
+    </a>
+  </xsl:template>
+
+</xsl:stylesheet>