1 / 11

CTI STIX SC Kickoff Meeting

www.oasis-open.org. CTI STIX SC Kickoff Meeting. July 16, 2015. www.oasis-open.org. Agenda. Approach and policies for the SC Coordination across TC Types of work products to be pursued Developing a roadmap for SC work Specific work products Questions to be resolved.

brooker
Download Presentation

CTI STIX SC Kickoff Meeting

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. www.oasis-open.org CTI STIX SCKickoff Meeting July 16, 2015

  2. www.oasis-open.org Agenda • Approach and policies for the SC • Coordination across TC • Types of work products to be pursued • Developing a roadmap for SC work • Specific work products • Questions to be resolved

  3. Approach and Policies • Coordinated collaboration • Everyone contributes opinions • As much as possible everyone contributes work • Sean and Aharon coordinate the madness • Leverage CTI resources as much as possible • Avoid having EVERYTHING occur on email list • Record, persist and publish all plans and decisions • We will work out policies as we go forward

  4. Coordination across TC • Inform, collaborate, monitor • Semantic intersections • Naming conventions • Meeting schedules • Release schedules • Processes (as much as possible)

  5. Types or Work Products • Language specs • Implementation specific binding specs • Best practice and usage documentation • Supporting utilities • Test data • Content catalogs

  6. Roadmap • Will be developing roadmap over next few weeks • Roadmap will likely contain list of work products with details for each • Name of work product • Scope of work product • Type of work product (SC vs TC, standard vs non-standard) • Editors • Intended timing (rough time targets or dependencies) • Initial thoughts • STIX v1.2.1 + Tail work products • STIX v2.0 + Tail work products • Catalogs (COAs, TTPs, Profiles)

  7. STIX v1.2.1 Specification • Baseline spec within OASIS • Minimal scope change possible • Multipart standard • Directly map across existing docs to new docs • Input (v1.2) specs should be complete within a couple weeks • Timing depends on DHS IP transfer • We hope to get a significant headstart behind the scenes

  8. STIX v1.2.1 “Tail” • STIX 1.2.1 XML binding spec • + XML Schemas • Related automation updates • Python-stix for 1.2.1 • java-stix for 1.2.1 • STIX 1.2.1 XML test data set • other documentation • other utilities

  9. STIX v2.0 Specification • Tackle some of the bigger refactoring issues • Same multipart approach as v1.2.1 expected • Actual spec work will need to wait until v1.2.1 release • We can start discussing issues today • Primarily using github issue trackers • Will likely involve some initial steps in semantic modeling

  10. STIX v2.0 “Tail” • STIX 2.0 XML binding spec • + XML Schemas • STIX JSON binding spec • STIX SQL binding spec ?? • Related automation updates • Python-stix for 2.0 • java-stix for 2.0 • STIX 2.0 XML test data set • other documentation • other utilities

  11. Open Questions • What documentation need to be maintained for each spec version? • What new documentation should be created? • What utilities need to be maintained for each spec version? • What new utilities should be created? • How will we handle editors and process for each work product? • What will be our guidelines for determining what sort of document each work product will be (TC vs SC, standards vs non-standards, etc.)? • What will be our meeting schedule? • How formally will we track meeting participation?

More Related