Balisage Paper: Extending the Cybersecurity Digital Thread with XForms

Balisage: The Markup Conference 2015
August 11 - 14, 2015

The materials listed below were provided by the speaker as supplements to a presentation at Balisage. These materials may include the slides or visuals used in the presentation; supplementary material, such as code samples or a demonstration application; and/or the paper accompanying the presentation (if it has not been provided in XML). These materials have been zipped for easy download and are identified by a brief description of the contents. The materials themselves are untouched, that is, they have not been tested or edited by Balisage: The Markup Conference or by Mulberry Technologies, Inc. As such, they are included on this website AS IS, i.e., as provided by the speaker, with no warranties, express or otherwise, made by Balisage or Mulberry.

Slides and Materials

×

D. Wu, D. W. Rosen, L. Wang, and D. Schaefer, Cloud-based design and manufacturing: A new paradigm in digital manufacturing and design innovation, Computer-Aided Design, vol. 59, no. 0, pp. 1–14, Feb. 2015. doi:https://doi.org/10.1016/j.cad.2014.07.006.

×

Feeney A, Frechette SP, Srinivasan V. A Portrait of an ISO STEP Tolerancing Standard as an Enabler of Smart Manufacturing Systems. ASME. Journal of Computing and Information Science in Engineering. 2015;15(2):021001-021001-5. doi:https://doi.org/10.1115/1.4029050.

×

Extensible Markup Language (XML) 1.0 (Fifth Edition), W3C Recommendation, 26 November 2008. http://www.w3.org/TR/xml.

×

G. T. McGuire and E. E. Reid, The state of security automation standards-2011, The MITRE Corporation, MP1 1 04 3 9, 2011. http://www.mitre.org/sites/default/files/pdf/11_3822.pdf

×

Stephen Quinn, Karen Scarfone, David Waltermire, Guide to Adopting and Using the Security Content Automation Protocol (SCAP) Version 1.2 (Draft), NIST Special Publication 800-117, Revision 1 (Draft), January 2012. http://csrc.nist.gov/publications/PubsDrafts.html#SP-800-117-Rev.%201.

×

S. Radack and R. Kuhn, Managing Security: The Security Content Automation Protocol, IT Professional, vol. 13, no. 1, pp. 9–11, Feb. 2011. doi:https://doi.org/10.1109/MITP.2011.11.

×

National Vulnerability Database. http://nvd.nist.gov.

×

Security Content Automation Protocol (SCAP) Validation Program. http://scap.nist.gov/validation.

×

National Information Assurance (IA) Glossary. Committee on National Security Systems. CNSS Instruction No. 4009. Apr. 2010. http://www.ncsc.gov/publications/policy/docs/CNSSI_4009.pdf.

×

Joint Task Force Transformation Initiative, Security and Privacy Controls for Federal Information Systems and Organizations, NIST Special Publication 800-53, Revision 4, April 2013, doi:https://doi.org/10.6028/NIST.SP.800-53r4.

×

R. Montesino and S. Fenz, Information Security Automation: How Far Can We Go? Availability, Reliability and Security (ARES), 2011 Sixth International Conference on, pp. 280–285, Aug. 2011. doi:https://doi.org/10.1109/ARES.2011.48.

×

XForms 1.1, W3C Recommendation, 20-Oct-2009. http://www.w3.org/TR/xforms.

×

Keith Stouffer, Victoria Pillitteri, Suzanne Lightman, Marshall Abrams, Adam Hahn, Guide to Industrial Control Systems (ICS) Security, NIST Special Publication 800-82, Revision 2, May 2015. doi:https://doi.org/10.6028/NIST.SP.800-82r2.

×

D. Waltermire, C. Schmidt, K. Scarfone, N. Ziring. Specification for the Extensible Configuration Checklist Description Format (XCCDF) Version 1.2. NIST Interagency Report 7275 Revision 4. Sep. 2011. http://csrc.nist.gov/publications/PubsNISTIRs.html.

×

United States Government Configuration Baseline. http://usgcb.nist.gov

×

Government Mobile and Wireless Security Baseline. Chief Information Officers Council. https://cio.gov/resources/document-library.

×

Lubell, Joshua. XForms User Interfaces for Small Arcane Nontrivial Datasets. Presented at Balisage: The Markup Conference 2014, Washington, DC, August 5 - 8, 2014. In Proceedings of Balisage: The Markup Conference 2014. Balisage Series on Markup Technologies, vol. 13 (2014). doi:https://doi.org/10.4242/BalisageVol13.Lubell01.

×

A. Mesbah and A. van Deursen, Migrating Multi-page Web Applications to Single-page AJAX Interfaces, Software Maintenance and Reengineering, 2007. CSMR ’07. 11th European Conference on, pp. 181–190, Mar. 2007, doi:https://doi.org/10.1109/CSMR.2007.33.

×

ISO/IEC 19757-2:2008. Information technology — Document Schema Definition Language (DSDL) — Part 2: Regular-grammar-based validation — RELAX NG.

×

XHTML 1.1 - Module-based XHTML - Second Edition, W3C Recommendation, 23 November 2010. http://www.w3.org/TR/xhtml11.

×

XSL Transformations (XSLT) Version 1.0, W3C Recommendation, 16 November 1999. http://www.w3.org/TR/xslt.

×

XSLTForms - agenceXML. http://www.agencexml.com/xsltforms.

×

Richard Candell, Keith A. Stouffer, Dhananjay Anand. A Cybersecurity Testbed for Industrial Control Systems. Proceedings of the 2014 Process Control and Safety Symposium. Houston, TX. October 6-9, 2014. http://www.nist.gov/manuscript-publication-search.cfm?pub_id=915876.

×

Stouffer, Keith, and Rick Candell. Measuring Impact of Cybersecurity on the Performance of Industrial Control Systems. Mechanical Engineering 136.12 (2014): S4. http://www.nist.gov/manuscript-publication-search.cfm?pub_id=917176.

×

Berjon, Robin. Mending Fences and Saving Babies. Presented at Symposium on HTML5 and XML, Washington, DC, August 4, 2014. In Proceedings of the Symposium on HTML5 and XML. Balisage Series on Markup Technologies, vol. 14 (2014). doi:https://doi.org/10.4242/BalisageVol14.Berjon01.

×

National Institute of Standards and Technology (NIST) and United States of America, Framework for Improving Critical Infrastructure Cybersecurity, 2014. http://www.nist.gov/cyberframework.

Author's keywords for this paper:
cybersecurity; XForms; security control; tailored baseline; overlay; SCAP; Security Content Automation Protocol; National Vulnerability Database; NVD; Small Arcane Nontrivial Dataset; Industrial Control System; NIST SP 800-53; NIST SP 800-82