This repository contains associated data for the published paper Layered Security Guidance for Data Asset Management in Additive Manufacturing by Fahad Milaat and Joshua Lubell. An earlier version is available for free from NIST. The associated data is the source of the OSCAL representations in Section 4 of the paper. If you have not already read the paper, please read it now before proceeding any further.
This data was initially created using an XML authoring tool and validated against the OSCAL catalog and profile XML schemas. Using a multi-step process, it was converted into JSON and, subsequently, the YAML syntax presented in the paper.
src
contains:
csf-oscal-no-refs.xml
: an XML representation of Cybersecurity Framework subcategory ID.AM-3 (omitting informative references) in OSCAL catalog format.- XML representations in OSCAL profile format.
csf-oscal-profile-ot-id.am-3.xml
supplements ID.AM-3 with guidance from the Guide to Operational Technology Security.csf-oscal-profile-additive-id.am-3.xml
adds a additional layer of Additive Manufacturing security guidance to ID.AM-3.
resolved
contains XML representations of csf-oscal-profile-ot-id.am-3.xml
and csf-oscal-profile-additive-id.am-3.xml
after applying OSCAL's profile resolution algorithm. The algorothm implementation used is
here.
Profile resolution transforms an OSCAL profile into a "resolved" OSCAL catalog.
json
contains the contents of src
and resolved
converted into JSON via OSCAL's
XML-to-JSON converters.
yaml
contains the contents of json
converted into YAML via a third-party JSON-to-YAML converter.
Since JSON is a subset of YAML, conversion from JSON to YAML is easy. JSON-to-YAML converters are
plentiful.
css
contains a Cascading Style Sheet for rendering the XML content in an XML authoring tool
that supports CSS.