Product Object Refactoring #400
Comments
|
I concur with the observations. To go further: Vendor and Manufacturer could (MUST imho) be "Asset" Objects. By that, I mean that Vendor and Manufacturer are Organization or Person (or group of). Use of something like NISTIR 7693 would be of great benefit... (e.g. A Product's Vendor could be a STIX Information_Source, or an OVAL Definition Producer, etc.) Note for later: a Component Object will help to define relationships for both Products' Components (e.g.: files, libraries, DLLs, etc.) and Devices' Components (e.g.: motherboard, processor, chip, SIM card, etc.) |
|
@athiasjerome thanks for the feedback! I think Assets are something that is being covered by STIX, though there's obviously overlap here. |
|
Also, one suggested possibility for the refactoring of the Product Object into the new "Software Product" Object would be to use the SWID schema as a basis: http://standards.iso.org/iso/19770/-2/2015-current/schema.xsd If we do take this approach, we'd have to determine which fields from SWID make sense in CybOX, and which do not. Update: Some suggested fields from SWID
|
Although the existing Product Object is intended to characterize software or hardware products, it has a few semantic inconsistencies in this regard:
EditionandLanguage, are largely specific to software.Device_Detailsfield is intended to capture device-specific details of the product through the use of the Device Object. However, the Device Object contains several fields that may have semantic overlaps with those in the Product Object. For instance, theVendorfield in the Product andManufacturerfield in the Device could both be used to capture the name of the company that produced the Product/Device.Accordingly, it may make sense to relegate the Product Object to just characterizing software and the Device Object to just hardware. This would entail deprecating the
Device_Detailsfield and otherwise leaving the object the same.The text was updated successfully, but these errors were encountered: