Skip to content

OpenC2 Plugfest Players

Jump to bottom Edit New page
David Kemp edited this page Aug 1, 2020 · 10 revisions

The SBOM Proof-of-Concept Vision is to:

"... prove several concepts associated with several independent efforts (e.g. OpenC2, NTIA SBOM, ...).
This work is intended to be virtual (ie no physical meetings needed) and consist of many pairwise
interworking steps growing to larger many-party working scenarios or use cases."

Although described under SBOM, the same process applies to Proof-of-Concept demonstrations for all OpenC2 use cases.

Anyone interested in interoperability testing any OpenC2 endpoint for any scenario or use case should add their name and area of interest here, to discover others interested in the same topics and to coordinate test activities.

  • David Kemp @davaya, National Security Agency
    • Developer worksheet for Actuator Profiles:
      • Template for actuator profiles
      • Schema for an example actuator
      • Test messages for example actuator
    • Schema processing software (Python)
  • DaveL and/or HII goes here since they have done the most
  • Duncan Sparrell, @sparrell, sFractal Consulting
    • BlinkyHaha (https://github.com/sparrell/BlinkyHaHa) is
      • blinky (IoT "Hello World" to blink a light)
      • haha (Http Api Helloworld openc2 Actuator, the "Hello World" of OpenC2)
      • it also serves as an OpenC2 SBOM Actuator for testing the SBOM Actuator Specification and performing SBOM usecases such as https://github.com/oasis-tcs/openc2-usecases/blob/master/SBOM-PoC/sFractalScenarios/fow.01.png
      • initial testing with HII acheived rudimentary interoperability and another interaction will occur to get beyond rudimentary (ie to blink a light and to retrieve an sbom)
    • TwinklyHaHa (https://github.com/sparrell/TwinklyHaHa) will be BlinkyHaHa's digital twin in the cloud (ie change colors on image on web instead of blinking real leds). It is not ready for interworking yet as TwinklyMaHa is taking priority
    • BlinkyMaHa (https://github.com/sparrell/BlinkyMaHa) will be blinkyhaha but using MQTT instead of Http. It is not ready for interworking yet as TwinklyMaHa is taking priority
    • TwinklyMaHa (https://github.com/sparrell/TwinklyMaHa) will be blinkymaha's digital twin. It is a work in progress and not ready for interworking yet
    • MuddyHaHa (still conceptual) is BlinkyHaHa with a MUD interface as well
    • I am interested in OpenC2 and in anything I can do to help OpenC2 use cases (eg support projects above but not limited to them)
    • I am interested in SBOM and in anything I can do to help SBOM usecases (eg support projects above but not limited to them. I can have my software respond with 'fake' SBOMs to drive certain use cases if desired. I can even use 'real' SBOMs designed to drive the use cases, eg build with know software vulnerabilities so SBOM shows vulnerable components)
    • I am interested in IACD, particularly in moving OpenC2 and SBOM from "proof of concept" to "proof of value" which will require the other components in an IACD architecture to fill out the https://github.com/oasis-tcs/openc2-usecases/blob/master/SBOM-PoC/sFractalScenarios/fow.01.png use case.
  • Next person or org goes here
  • Next person or org goes here
  • Next person or org goes here
Add a custom footer
Add a custom sidebar
Clone this wiki locally