Skip to content

Add NCISS decision points #707

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Draft
wants to merge 44 commits into
base: main
Choose a base branch
from
Draft

Add NCISS decision points #707

wants to merge 44 commits into from

Conversation

ahouseholder
Copy link
Contributor

@ahouseholder ahouseholder commented Feb 20, 2025
edited
Loading

Creating this as a draft so we can figure out where to go with it.

Copilot Summary

This pull request introduces comprehensive support for National Cybersecurity Incident Scoring System (NCISS) decision points, including new data definitions, documentation, and navigation updates. It adds JSON schemas for various NCISS decision points (Functional Impact, Incident Severity, Information Impact, Observed Activity, Observed Activity Location, and Recoverability), provides corresponding documentation pages with usage examples, and updates the documentation navigation to include these new sections. Additionally, it introduces a new NcissDecisionPoint class in the codebase to model NCISS decision points.

NCISS Decision Point Data Definitions:

  • Added JSON files defining NCISS decision points and their versions for:
    • Functional Impact (functional_impact_1_0_0.json, functional_impact_2_0_0.json) [1] [2]
    • Incident Severity (incident_severity_1_0_0.json, incident_severity_2_0_0.json) [1] [2]
    • Information Impact (information_impact_1_0_0.json, information_impact_2_0_0.json) [1] [2]
    • Observed Activity (observed_activity_0_0_1.json)
    • Observed Activity Location (observed_activity_location_1_0_0.json)
    • Recoverability (recoverability_1_0_0.json)

Documentation Additions:

  • Created new documentation pages for each NCISS decision point, including code examples and versioning details:
    • Functional Impact
    • Incident Severity
    • Information Impact
    • Observed Activity
    • Observed Activity Location
    • Recoverability
  • Added an index page introducing NCISS and listing all decision points

Documentation Navigation:

  • Updated mkdocs.yml to add a new "NCISS Decision Points" section with links to all new documentation pages

Codebase Updates:

  • Introduced the NcissDecisionPoint class in base.py to model NCISS decision points in the codebase

@ahouseholder
refactor a _Valued mixin class
bbc77ff
@ahouseholder
add incident severity decision point (+1 squashed commit)
1cd67e9 
Squashed commits:
[7e4fada] update incident severity
@ahouseholder
add recoverability decision point (+1 squashed commit)
b349146 
Squashed commits:
[f5827ab] add recoverability

add incident severity decision point
@ahouseholder
add observed activity location
0e40c2f
@ahouseholder
add index
0fe62b8
@ahouseholder
add recoverability
0aa9f93 
add recoverability decision point
@ahouseholder
s/cybersecurity/cyber/
b1c44b2
@ahouseholder
markdownlint
466bf0d
@ahouseholder
Merge branch 'main' of https://github.com/CERTCC/SSVC into 705-model-…
989c78e 
…national-cybersecurity-incident-scoring-system

# Conflicts:
#	mkdocs.yml
@ahouseholder ahouseholder linked an issue Feb 20, 2025 that may be closed by this pull request
Model National Cyber Incident Scoring System (NCISS) #705
Open
@ahouseholder ahouseholder mentioned this pull request Feb 20, 2025
Closed
@ahouseholder ahouseholder self-assigned this Feb 24, 2025
@ahouseholder ahouseholder mentioned this pull request Mar 13, 2025
Merged
@ahouseholder
markdownlint --fix
bb09944
@ahouseholder
Merge branch 'feature/reorder-base-class-mixins' into 705-model-natio…
5c900cf 
…nal-cybersecurity-incident-scoring-system

# Conflicts:
#	src/test/test_doctools.py
@ahouseholder
move header
433d259
@ahouseholder ahouseholder mentioned this pull request Mar 18, 2025
Merged
@ahouseholder
Merge branch 'main' of https://github.com/CERTCC/SSVC into 705-model-…
5d4490b 
…national-cybersecurity-incident-scoring-system
@ahouseholder
Merge branch 'add_namespace_enum' into 705-model-national-cybersecuri…
6c5389d 
…ty-incident-scoring-system

# Conflicts:
#	src/ssvc/decision_points/base.py
@ahouseholder
add nciss namespace
fbb93e2
@ahouseholder
Merge branch 'feature/reorder-base-class-mixins' into 705-model-natio…
d8a436c 
…nal-cybersecurity-incident-scoring-system

# Conflicts:
#	src/test/test_mixins.py
github-advanced-security[bot]
github-advanced-security bot found potential problems Mar 19, 2025
View reviewed changes
github-advanced-security[bot]
github-advanced-security bot found potential problems Mar 19, 2025
View reviewed changes
@ahouseholder ahouseholder mentioned this pull request Mar 20, 2025
Closed
ahouseholder and others added 6 commits March 20, 2025 12:50
@ahouseholder
Merge branch 'main' into 705-model-national-cybersecurity-incident-sc…
2d3eefa 
…oring-system

# Conflicts:
#	data/schema/v1/Decision_Point-1-0-1.schema.json
#	src/ssvc/_mixins.py
#	src/ssvc/decision_points/base.py
#	src/ssvc/namespaces.py
#	src/test/test_mixins.py
@ahouseholder
Merge branch 'feature/reorder-base-class-mixins' into 705-model-natio…
ea61ee5 
…nal-cybersecurity-incident-scoring-system

# Conflicts:
#	src/ssvc/decision_points/base.py
@ahouseholder
Merge branch 'main' of https://github.com/CERTCC/SSVC into 705-model-…
5985520 
…national-cybersecurity-incident-scoring-system

# Conflicts:
#	src/ssvc/decision_points/base.py
@ahouseholder
update copyright
d42d61b
@ahouseholder
Merge branch 'main' into feature/705-model-national-cybersecurity-inc…
0e43c0c 
…ident-scoring-system
@ahouseholder
Merge branch 'main' into 705-model-national-cybersecurity-incident-sc…
28e29f0 
…oring-system
@ahouseholder ahouseholder added tech/data Data implementation (content of /data, data object instances, etc.) integration Related to integration of SSVC into another framework or system labels Jul 1, 2025
ahouseholder and others added 9 commits August 7, 2025 13:55
@ahouseholder
Merge branch 'main' into 705-model-national-cybersecurity-incident-sc…
08c04c0 
…oring-system
@ahouseholder
Merge branch 'main' into 705-model-national-cybersecurity-incident-sc…
534f281 
…oring-system

# Conflicts:
#	src/ssvc/namespaces.py
@ahouseholder
merge nciss modules into ssvc.decision_points.cisa (+1 squashed commit)
3d87594 
Squashed commits:
[33590fc] use cisa namespace for nciss too
@ahouseholder
Merge branch '705-model-national-cybersecurity-incident-scoring-syste…
931515d 
…m' of https://github.com/CERTCC/SSVC into 705-model-national-cybersecurity-incident-scoring-system
@ahouseholder
Merge branch 'main' into 705-model-national-cybersecurity-incident-sc…
033e60d 
…oring-system
@ahouseholder
Merge branch 'main' of https://github.com/CERTCC/SSVC into 705-model-…
5513459 
…national-cybersecurity-incident-scoring-system
@ahouseholder
update namespace string
8972eac
@ahouseholder
update description -> definition
37e4085
@ahouseholder
regenerate json
b420809
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@sei-vsarvepalli sei-vsarvepalli Awaiting requested review from sei-vsarvepalli sei-vsarvepalli will be requested when the pull request is marked ready for review sei-vsarvepalli is a code owner

@cgyarbrough cgyarbrough Awaiting requested review from cgyarbrough cgyarbrough will be requested when the pull request is marked ready for review cgyarbrough is a code owner

@j--- j--- Awaiting requested review from j--- j--- will be requested when the pull request is marked ready for review j--- is a code owner

Copilot code review Copilot Awaiting requested review from Copilot Copilot will automatically review once the pull request is marked ready for review

At least 1 approving review is required to merge this pull request.

Assignees

@ahouseholder ahouseholder

Labels
integration Related to integration of SSVC into another framework or system tech/data Data implementation (content of /data, data object instances, etc.)
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

Model National Cyber Incident Scoring System (NCISS)
1 participant
@ahouseholder