search

OpenC2-org / openc2-org

The Open Command and Control Forum promotes the global development and adoption of the OpenC2 language and reference material.
Other
30 stars 4 forks source link

Rename Target:Software as Target:Application #11

Open sparrell opened 7 years ago

sparrell commented 7 years ago

PROBLEM

Current LDD has a target openc2:software. I propose software is not correct term for what would be targeted by openc2. Recall openc2's definition of target is 'target' of the action. For example the command 'deny' has a target IP. In one sense 'software' is too broad a term (eg Source code, Documentation, data). In another sense, it's too narrow (eg vs firmware). This is a case where stix may be broader than openc2 because they can have indicators on source code, documentation, and people whereas openc2 would not be automagically updating those at machine speed.

ISO/IEC 24765:2009 defines software as:

(1) all or part of the programs, procedures, rules, and associated documentation of an information processing system. (2) computer programs, procedures, and possibly associated documentation and data pertaining to the operation of a computer system.

POTENTIAL SOLUTION

Replace with openc2:application or openc2:module

I personally think application would be appropriate but it could be pointed out that operating system software would be out of scope (personally I consider OS another application but I may be unique).

Program ("A combination of computer instructions and data definitions that enable computer hardware to perform computational or control functions" according to IEEE) is probably pendantly correct but it is too overloaded in my opinion.

Module is probably the most pendantly accurate word. IEEE Std 1633-2008 (Software Reliability) defines Module as:

(A) A program unit that is discrete and identifiable with respect to compiling, combining with other units, and loading; for example, input to or output from an assembler, compiler, linkage editor, or executive routine. (B) A logically separable part of a program.

jmbrule commented 7 years ago

Agree with the change, I do not have a strong preference, but suggest application

davaya commented 7 years ago

No strong preference among software, program, application or module. Program, application and module are countable units, as opposed to software which is an uncountable substance. Given that a module is subset of a program or application, it does seem to be most appropriate in the context of software, but it could also be used in a hardware context. For that reason I lean slightly toward program or application.

jmbrule commented 7 years ago

We have two 'votes' (albeit not strong preferences) for application. Let's leave this open for a couple more days and if no chatter, then close.

romanojd commented 7 years ago

This isn't necessarily a vote, but the software shows up in the current STIX Cyber Observables, and application currently does not.

sparrell commented 7 years ago

I don't know if Stix discussed. If they did someone please recap. Stix is broader than openc2 since they can report on CVE and source code and broader software issues. If you are commanding "something" you need more specific so I think software is too amorphous.  

iPhone, iTypo, iApologize

On Thu, Feb 2, 2017 at 10:53 AM -0500, "Jason Romano" notifications@github.com wrote:

This isn't necessarily a vote, but the software shows up in the current STIX Cyber Observables, and application currently does not.

— You are receiving this because you authored the thread. Reply to this email directly, view it on GitHub, or mute the thread.