OASIS Open Command and Control (OpenC2) TC

Join TC     TC Page     Send a comment to this TC

Creating a standardized language for the command and control of technologies that provide or support cyber defenses

Joe Brule, jmbrule@radium.ncsc.mil, Chair
Sounil Yu, sounil.yu@bankofamerica.com, Chair
Joyce Fai, jlfai@nsa.gov, Secretary

Table of Contents


Announcements

See press release: "International Community Comes Together at OASIS to Advance OpenC2 Standard for Automated Defense Against Cyber-Attacks."

You may join the OASIS OpenC2 TC at any time. Contact join@oasis-open.org for more information.

All three subcommittees, Language, Actuator Profile, Implementation Considerations, have been officially stood up. Select the subcommittee(s) of interest to you, join as a member, and then add their upcoming meetings into your calendar.

A high level overview of OpenC2 featuring insights from the Technical Director of NSA's Capabilities Directorate can be viewed at OpenC2 Overview.

Overview

The OpenC2 TC was chartered to draft documents, specifications, lexicons or other artifacts to fulfill the needs of cyber security command and control in a standardized manner. The Technical Committee will leverage pre-existing standards to the greatest extent practical, identifying gaps pertaining to the command and control of technologies that provide or support cyber defenses. The TC will base its initial efforts on artifacts generated by the OpenC2 Forum, a community of cyber-security stakeholders that was facilitated by the National Security Agency; the Forum has published a language description document (RC4), actuator profiles, and open source prototype implementations.

The TC expects to produce at least these deliverables: a Language Description Document (LDD); Security Considerations Document (SCD); Implementation Considerations Document (ICD); JSON Abstract Encoding Notation (JAEN); an OpenC2 JSON Schema; other artifacts like interoperability specifications, implementation guidelines, and OpenC2 tutorials.

For more information on the OpenC2 TC, see the TC Charter.


Standing Rules

The OASIS OpenC2 Technical Committee has adopted the following standing rules to aid in the execution of the business of the Technical Committee. In particular, the standing rules are intended to ensure sufficient deliberation, prioritize the business brought before the committee, and aid in the progress of the effort. To the greatest extent practical, the subcommittees are operated at the discretion of subcommittee chairs, therefore these standing rules do not apply to the subcommittees.

SR-1: SUSPENSION OF STANDING RULES FOR THE DURATION OF THE MEETING
  1. The rules of OASIS or Roberts Rule of Order cannot be suspended as they are not standing rules and always apply.
  2. During the course of a meeting, a standing rule may be suspended for the duration of a meeting. A motion to suspend a standing rule is not debatable and must be called to question immediately.
  3. The rule will be suspended if any of the following criteria are met;
    1. By a vote of 2/3 majority of the voting members present without prior notice
    2. By a simple majority vote of the voting members present with prior notice
SR-2: CONSIDERATION OF ARTIFACTS PRESENTED BY A SUBCOMMITTEE TO THE COMMITTEE AS A WHOLE
  1. All artifacts must be provided to the Executive Secretary no later than seven business days prior to the meeting of the technical committee. The topic may be added to the agenda upon approval of the co-chairs or by proposal by members of the TC as described in Rule Three of these standing rules. If approved as an agenda item, the executive secretary will provide the artifacts to the members of the TC no later than three business days prior to the meeting of the technical committee.
  2. Prior to consideration, the chair will call for objections.
  3. Any member present may object. An objection must include a brief reason for the objection.
  4. Any other member present may support one or more objections.
  5. If a threshold of 25% or more of the members present object, then the committee will take it as sufficient cause to send the artifact back to the subcommittee for further deliberation.
  6. If the threshold is not met, then a motion to consider the artifact may proceed.
  7. If the artifact is called to question, then the voting members present may accept, reject or send the artifact back to the subcommittee for further deliberation.
SR-3: CONSIDERATION OF AGENDA ITEMS FOR COMMITTEE MEETINGS
  1. For items that are not artifacts as referenced in rule two, all members may propose agenda items to the technical committee by providing a summary of the item to the executive secretary no later than five days prior to the meeting.
  2. All agenda items are subject to the approval of the co-chairs.

  3. Subcommittees

    The following subcommittees are active in the OpenC2 TC:


    TC Liaisons

    No TC Liaisons have been announced for this TC.


    TC Tools and Approved Publications


    Technical Work Produced by the Committee

    This Committee has not produced technical work yet.


    OASIS Open Source Repositories Sponsored by the Committee

    OASIS Open Repositories:

    • openc2-ocas — OpenC2 API Simulator erlang/OTP application designed to demonstrate and exercise the OpenC2 specification
    • openc2-yuuki — Yuuki is a python package for building an OpenC2 proxy using multiple dispatch on type with updating of actuators without interrupting the operations of the orchestrator or other actuators
    • openc2-pub-sub-on-bsd — A prototype reference implementation that demonstrates OpenC2 working within a pub/sub environment
    • openc2-jadn — Supports Development and maintenance of JADN (JSON Abstract Data Notation), a JSON document format for defining abstract schemas
    • openc2-orchid — OpenC2 proxy built in Django to provide a simple, modular API accepting OpenC2 commands and converting them into Python actions
    • openc2-iacd — Supports development of a Java OpenC2 implementation which implements fifteen OpenC2 actions issued to nine actuators
    • openc2-reactor-master — A feedback-driven GUI master/actuator orchestration framework for the OpenC2 language, written in Python
    • openc2-reactor-relay — A simple, modular API for accepting OpenC2 commands and converting them into Python actions

    Expository Work Produced by the Committee

    There are no approved expository work products for this TC yet.


    External Resources

    Although not produced by the OASIS OpenC2 TC, the following information offers useful insights into its work.

    External resources have not yet been identified.


    Mailing Lists and Comments

    openc2: the discussion list used by TC members to conduct Committee work. TC membership is required to post, and TC members are automatically subscribed. The public may view the OASIS list archives, also mirrored by MarkLogic at MarkMail.org.

    openc2-comment: a public mailing list for providing feedback on the technical work of the OASIS OpenC2 TC. Send a comment or view the OASIS comment list archives, also mirrored by MarkLogic at MarkMail.org.


    Press Coverage and Commentary


    Additional Information


    Providing Feedback: OASIS welcomes feedback on its technical activities from potential users, developers, and others to better assure the interoperability and quality of OASIS work.