110 likes | 119 Views
www.oasis-open.org. CTI STIX SC Kickoff Meeting. July 16, 2015. www.oasis-open.org. Agenda. Approach and policies for the SC Coordination across TC Types of work products to be pursued Developing a roadmap for SC work Specific work products Questions to be resolved.
E N D
www.oasis-open.org CTI STIX SCKickoff Meeting July 16, 2015
www.oasis-open.org Agenda • Approach and policies for the SC • Coordination across TC • Types of work products to be pursued • Developing a roadmap for SC work • Specific work products • Questions to be resolved
Approach and Policies • Coordinated collaboration • Everyone contributes opinions • As much as possible everyone contributes work • Sean and Aharon coordinate the madness • Leverage CTI resources as much as possible • Avoid having EVERYTHING occur on email list • Record, persist and publish all plans and decisions • We will work out policies as we go forward
Coordination across TC • Inform, collaborate, monitor • Semantic intersections • Naming conventions • Meeting schedules • Release schedules • Processes (as much as possible)
Types or Work Products • Language specs • Implementation specific binding specs • Best practice and usage documentation • Supporting utilities • Test data • Content catalogs
Roadmap • Will be developing roadmap over next few weeks • Roadmap will likely contain list of work products with details for each • Name of work product • Scope of work product • Type of work product (SC vs TC, standard vs non-standard) • Editors • Intended timing (rough time targets or dependencies) • Initial thoughts • STIX v1.2.1 + Tail work products • STIX v2.0 + Tail work products • Catalogs (COAs, TTPs, Profiles)
STIX v1.2.1 Specification • Baseline spec within OASIS • Minimal scope change possible • Multipart standard • Directly map across existing docs to new docs • Input (v1.2) specs should be complete within a couple weeks • Timing depends on DHS IP transfer • We hope to get a significant headstart behind the scenes
STIX v1.2.1 “Tail” • STIX 1.2.1 XML binding spec • + XML Schemas • Related automation updates • Python-stix for 1.2.1 • java-stix for 1.2.1 • STIX 1.2.1 XML test data set • other documentation • other utilities
STIX v2.0 Specification • Tackle some of the bigger refactoring issues • Same multipart approach as v1.2.1 expected • Actual spec work will need to wait until v1.2.1 release • We can start discussing issues today • Primarily using github issue trackers • Will likely involve some initial steps in semantic modeling
STIX v2.0 “Tail” • STIX 2.0 XML binding spec • + XML Schemas • STIX JSON binding spec • STIX SQL binding spec ?? • Related automation updates • Python-stix for 2.0 • java-stix for 2.0 • STIX 2.0 XML test data set • other documentation • other utilities
Open Questions • What documentation need to be maintained for each spec version? • What new documentation should be created? • What utilities need to be maintained for each spec version? • What new utilities should be created? • How will we handle editors and process for each work product? • What will be our guidelines for determining what sort of document each work product will be (TC vs SC, standards vs non-standards, etc.)? • What will be our meeting schedule? • How formally will we track meeting participation?