OASIS Open Command and Control (OpenC2) TC

Join TC     TC Page     Send a comment to this TC

Creating a standardized language for the command and control of technologies that provide or support cyber defenses.

Joe Brule, jmbrule@radium.ncsc.mil, Chair
Sounil Yu, sounil.yu@bankofamerica.com, Chair
David Lemire, dave.lemire@g2-inc.com, Secretary

Table of Contents


Announcements

See press release: "International Community Comes Together at OASIS to Advance OpenC2 Standard for Automated Defense Against Cyber-Attacks."

You may join the OASIS OpenC2 TC at any time. Contact join@oasis-open.org for more information.

All three subcommittees, Language, Actuator Profile, Implementation Considerations, have been officially stood up. Select the subcommittee(s) of interest to you, join as a member, and then add their upcoming meetings into your calendar.

A high level overview of OpenC2 featuring insights from the Technical Director of NSA's Capabilities Directorate can be viewed at OpenC2 Overview.

Overview

The OpenC2 TC was chartered to draft documents, specifications, lexicons or other artifacts to fulfill the needs of cyber security command and control in a standardized manner. The Technical Committee will leverage pre-existing standards to the greatest extent practical, identifying gaps pertaining to the command and control of technologies that provide or support cyber defenses. The TC will base its initial efforts on artifacts generated by the OpenC2 Forum, a community of cyber-security stakeholders that was facilitated by the National Security Agency; the Forum has published a language description document (RC4), actuator profiles, and open source prototype implementations.

The TC expects to produce at least these deliverables: a Language Description Document (LDD); Security Considerations Document (SCD); Implementation Considerations Document (ICD); JSON Abstract Encoding Notation (JAEN); an OpenC2 JSON Schema; other artifacts like interoperability specifications, implementation guidelines, and OpenC2 tutorials.

For more information on the OpenC2 TC, see the TC Charter.


Subcommittees

The following subcommittees are active in the OpenC2 TC:


TC Liaisons

No TC Liaisons have been announced for this TC.


TC Tools and Approved Publications


Technical Work Produced by the Committee

As of August 2018, the TC has progressed three documents to Committee Specification Draft level:

  • OpenC2 Language Specification v1.0 (CSD04) — The OpenC2 Language Specification provides the semantics for the essential elements of the language, the structure for commands and responses, and the schema that defines the proper syntax for the language elements that represents the command or response. (Publication of CSD05 is pending.)
  • Open Command and Control (OpenC2) Profile for Stateless Packet Filtering Firewall Functions v1.0 (CSD01) — OpenC2 Actuator Profiles specify the subset of the OpenC2 language relevant in the context of specific actuator functions. This actuator profile specifies the set of actions, targets, specifiers, and command arguments that integrates Stateless Packet Filtering functionality with the Open Command and Control (OpenC2) command set. (Publication of CSD02 is pending.)
  • Specification for Transfer of OpenC2 Messages via HTTPS v1.0 (CSD01) — OpenC2 transfer specifications utilize existing protocols and standards to implement OpenC2 in specific environments. This specification describes the use of HTTP over TLS as a transfer mechanism for OpenC2 messages. (Publication of CSD01 is pending; the link is to the working draft 01 package that was approved on a ballot that ended 23 August 2018.)

OASIS TC Open Repositories Sponsored by the Committee

OASIS TC Open Repositories:

  • openc2-lycan-python — A GitHub public repository for development of a python library to transform between data-interchange formats (such as JSON) and python language objects
  • openc2-lycan-java — A GitHub public repository for development of a java library to transform between data-interchange formats (such as JSON) and java language objects
  • openc2-lycan-beam — Developing a collection of applications and libraries, coded in languages that run on the BEAM virtual machine (e.g., erlang, elixir), for the purpose of implementing OpenC2
  • openc2-compatibility — Supporting the capture of OpenC2 core design principles and development of implementation guidelines so that implementers can agree on language and protocols to build interoperable systems
  • openc2-ocas — OpenC2 API Simulator erlang/OTP application designed to demonstrate and exercise the OpenC2 specification
  • openc2-yuuki — Yuuki is a python package for building an OpenC2 proxy using multiple dispatch on type with updating of actuators without interrupting the operations of the orchestrator or other actuators
  • openc2-pub-sub-on-bsd — A prototype reference implementation that demonstrates OpenC2 working within a pub/sub environment
  • openc2-jadn — Supports Development and maintenance of JADN (JSON Abstract Data Notation), a JSON document format for defining abstract schemas
  • openc2-orchid — OpenC2 proxy built in Django to provide a simple, modular API accepting OpenC2 commands and converting them into Python actions
  • openc2-iacd — Supports development of a Java OpenC2 implementation which implements fifteen OpenC2 actions issued to nine actuators
  • openc2-reactor-master — A feedback-driven GUI master/actuator orchestration framework for the OpenC2 language, written in Python
  • openc2-reactor-relay — A simple, modular API for accepting OpenC2 commands and converting them into Python actions

Expository Work Produced by the Committee

There are no approved expository work products for this TC yet.


External Resources

Although not produced by the OASIS OpenC2 TC, the following information offers useful insights into its work.

External resources have not yet been identified.


Mailing Lists and Comments

openc2: the discussion list used by TC members to conduct Committee work. TC membership is required to post, and TC members are automatically subscribed. The public may view the OASIS list archives, also mirrored by MarkLogic at MarkMail.org.

openc2-comment: a public mailing list for providing feedback on the technical work of the OASIS OpenC2 TC. Send a comment or view the OASIS comment list archives, also mirrored by MarkLogic at MarkMail.org.


Press Coverage and Commentary


Additional Information


Providing Feedback: OASIS welcomes feedback on its technical activities from potential users, developers, and others to better assure the interoperability and quality of OASIS work.