cti stix sc kickoff meeting july 16, 2015
TRANSCRIPT
CTI STIX SCCTI STIX SCKickoff MeetingKickoff Meeting
www.oasis-open.org
July 16, 2015July 16, 2015
www.oasis-open.org
Agenda
Approach and policies for the SC Coordination across TC Types of work products to be pursued Developing a roadmap for SC work
Specific work products Questions to be resolved
Approach and Policies
Coordinated collaboration Everyone contributes opinions As much as possible everyone contributes work Sean and Aharon coordinate the madness
Leverage CTI resources as much as possible Avoid having EVERYTHING occur on email list
Record, persist and publish all plans and decisions
We will work out policies as we go forward
Coordination across TC
Inform, collaborate, monitor
Semantic intersections Naming conventions Meeting schedules Release schedules Processes (as much as possible)
Types or Work Products
Language specs Implementation specific binding specs
Best practice and usage documentation
Supporting utilities Test data Content catalogs
Roadmap Will be developing roadmap over next few weeks Roadmap will likely contain list of work products
with details for each Name of work product Scope of work product Type of work product (SC vs TC, standard vs non-
standard) Editors Intended timing (rough time targets or dependencies)
Initial thoughts STIX v1.2.1 + Tail work products STIX v2.0 + Tail work products Catalogs (COAs, TTPs, Profiles)
STIX v1.2.1 Specification
Baseline spec within OASIS Minimal scope change possible Multipart standard
Directly map across existing docs to new docs Input (v1.2) specs should be complete within
a couple weeks Timing depends on DHS IP transfer We hope to get a significant headstart behind
the scenes
STIX v1.2.1 “Tail” STIX 1.2.1 XML binding spec
+ XML Schemas Related automation updates
Python-stix for 1.2.1 java-stix for 1.2.1
STIX 1.2.1 XML test data set other documentation other utilities
STIX v2.0 Specification
Tackle some of the bigger refactoring issues Same multipart approach as v1.2.1 expected Actual spec work will need to wait until v1.2.1
release We can start discussing issues today
Primarily using github issue trackers Will likely involve some initial steps in
semantic modeling
STIX v2.0 “Tail” STIX 2.0 XML binding spec
+ XML Schemas STIX JSON binding spec STIX SQL binding spec ?? Related automation updates
Python-stix for 2.0 java-stix for 2.0
STIX 2.0 XML test data set other documentation other utilities
Open Questions What documentation need to be maintained for each spec
version? What new documentation should be created? What utilities need to be maintained for each spec version? What new utilities should be created? How will we handle editors and process for each work
product? What will be our guidelines for determining what sort of
document each work product will be (TC vs SC, standards vs non-standards, etc.)?
What will be our meeting schedule? How formally will we track meeting participation?