Extending the Cybersecurity Digital Thread with XForms
National Institute of Standards and Technology
The digital thread for cybersecurity enables security technologies and data sources to interoperate. It consists of an integrated collection of languages, taxonomies, and metrics represented using the Extensible Markup Language (XML). A current gap in the cybersecurity digital thread is the lack of good software for tailoring the security controls found in National Institute of Standards and Technology's (NIST) Special Publication (SP) 800-53, and exporting the result in a structured XML format. An application built using XForms demonstrated success in providing a specialized user interface for tailoring security controls, enforcing NIST SP 800-53 tailoring guidelines, and in generating XML content suitable for automated processing by other cybersecurity tools.