Package gov.nist.secauto.oscal.lib.model

Class Control

  • All Implemented Interfaces:
    gov.nist.secauto.metaschema.binding.io.IDeserializationHandler, IControl, IControlContainer
    @MetaschemaAssembly(formalName="Control",
                    description="A [structured object](https://pages.nist.gov/OSCAL/concepts/terminology/#control) representing a requirement or guideline, which when implemented will reduce an aspect of risk related to an information system and its information.",
                    name="control",
                    metaschema=OscalCatalogMetaschema.class,
                    remarks="Each security or privacy control within the catalog is defined by a distinct control instance. Controls may be as complex or as simple as a catalog defines them. They may be decomposed or further specified into child `control` objects, for example to represent control enhancements or specific breakouts of control functionality, to be maintained as discrete requirements. Controls may also contain structured parts (using `part`) and they may be grouped together in families or classes with `group`.\n\nControl structures in OSCAL will also exhibit regularities and rules that are not codified in OSCAL but in its applications or domains of application. For example, for catalogs describing controls as defined by NIST SP 800-53, a control must have a part with the name \"statement\", which represents the textual narrative of the control. This \"statement\" part must occur only once, but may have nested parts to allow for multiple paragraphs or sections of text. This organization supports addressability of this data content as long as, and only insofar as, it is consistently implemented across the control set. As given with these model definitions, constraints defined and assigned here can aid in ensuring this regularity; but other such constraints and other useful patterns of use remain to be discovered and described.")
@ValueConstraints(allowedValues={@AllowedValues(level=ERROR,target="prop[has-oscal-namespace(\'http://csrc.nist.gov/ns/oscal\')]/@name",values={@AllowedValue(value="label",description="A human-readable label for the parent context, which may be rendered in place of the actual identifier for some use cases."),@AllowedValue(value="sort-id",description="An alternative identifier, whose value is easily sortable among other such values in the document."),@AllowedValue(value="alt-identifier",description="An alternate or aliased identifier for the parent context."),@AllowedValue(value="status",description="The status of a `control`. For example, a value of \'withdrawn\' can indicate that the `control` has been withdrawn and should no longer be used.")}),@AllowedValues(level=ERROR,target="prop[has-oscal-namespace(\'http://csrc.nist.gov/ns/oscal\') and @name=\'status\']/@value",values={@AllowedValue(value="withdrawn",description="The control is no longer used."),@AllowedValue(value="Withdrawn",description="\\*\\*(deprecated)\\*\\*\\* Use \'withdrawn\' instead.")}),@AllowedValues(level=ERROR,target="link/@rel",allowOthers=true,values={@AllowedValue(value="reference",description="The link cites an external resource related to this control."),@AllowedValue(value="related",description="The link identifies another control with bearing to this control."),@AllowedValue(value="required",description="The link identifies another control that must be present if this control is present."),@AllowedValue(value="incorporated-into",description="The link identifies other control content where this control content is now addressed."),@AllowedValue(value="moved-to",description="The containing control definition was moved to the referenced control.")}),@AllowedValues(level=ERROR,target="part[has-oscal-namespace(\'http://csrc.nist.gov/ns/oscal\')]/@name",values={@AllowedValue(value="overview",description="An introduction to a control or a group of controls."),@AllowedValue(value="statement",description="A set of implementation requirements or recommendations."),@AllowedValue(value="guidance",description="Additional information to consider when selecting, implementing, assessing, and monitoring a control."),@AllowedValue(value="example",description="An example of an implemented requirement or control statement."),@AllowedValue(value="assessment",description="\\*\\*(deprecated)\\*\\* Use \'assessment-method\' instead."),@AllowedValue(value="assessment-method",description="The part describes a method-based assessment over a set of assessment objects.")}),@AllowedValues(level=ERROR,target="part[has-oscal-namespace(\'http://csrc.nist.gov/ns/oscal\') and @name=\'statement\']//part[has-oscal-namespace(\'http://csrc.nist.gov/ns/oscal\')]/@name",values=@AllowedValue(value="item",description="An individual item within a control statement."),remarks="Nested statement parts are \"item\" parts."),@AllowedValues(level=ERROR,target=".//part[has-oscal-namespace(\'http://csrc.nist.gov/ns/oscal\')]/@name",values={@AllowedValue(value="objective",description="\\*\\*(deprecated)\\*\\* Use \'assessment-objective\' instead."),@AllowedValue(value="assessment-objective",description="The part describes a set of assessment objectives.")},remarks="Objectives can be nested."),@AllowedValues(level=ERROR,target="part[has-oscal-namespace(\'http://csrc.nist.gov/ns/oscal\') and @name=(\'assessment\',\'assessment-method\')]/part[has-oscal-namespace(\'http://csrc.nist.gov/ns/oscal\')]/@name",values={@AllowedValue(value="objects",description="\\*\\*(deprecated)\\*\\* Use \'assessment-objects\' instead."),@AllowedValue(value="assessment-objects",description="Provides a listing of assessment objects.")},remarks="Assessment objects appear on assessment methods."),@AllowedValues(level=ERROR,target="part[has-oscal-namespace(\'http://csrc.nist.gov/ns/oscal\') and @name=(\'assessment\',\'assessment-method\')]/prop[has-oscal-namespace(\'http://csrc.nist.gov/ns/oscal\')]/@name",values=@AllowedValue(value="method",description="\\*\\*(deprecated)\\*\\* Use \'method\' in the \'http://csrc.nist.gov/ns/rmf\' namespace. The assessment method to use. This typically appears on parts with the name \"assessment-method\".")),@AllowedValues(level=ERROR,target="part[has-oscal-namespace(\'http://csrc.nist.gov/ns/oscal\') and @name=(\'assessment\',\'assessment-method\')]/prop[has-oscal-namespace(\'http://csrc.nist.gov/ns/rmf\')]/@name",values=@AllowedValue(value="method",description="The assessment method to use. This typically appears on parts with the name \"assessment-method\".")),@AllowedValues(level=ERROR,target="part[has-oscal-namespace(\'http://csrc.nist.gov/ns/oscal\') and @name=(\'assessment\',\'assessment-method\')]/prop[has-oscal-namespace((\'http://csrc.nist.gov/ns/oscal\',\'http://csrc.nist.gov/ns/rmf\')) and @name=\'method\']/@value",values={@AllowedValue(value="INTERVIEW",description="The process of holding discussions with individuals or groups of individuals within an organization to once again, facilitate assessor understanding, achieve clarification, or obtain evidence."),@AllowedValue(value="EXAMINE",description="The process of reviewing, inspecting, observing, studying, or analyzing one or more assessment objects (i.e., specifications, mechanisms, or activities)."),@AllowedValue(value="TEST",description="The process of exercising one or more assessment objects (i.e., activities or mechanisms) under specified conditions to compare actual with expected behavior.")})},indexHasKey=@IndexHasKey(level=ERROR,target="link[@rel=(\'related\',\'required\',\'incorporated-into\',\'moved-to\') and starts-with(@href,\'#\')]",indexName="catalog-groups-controls-parts",keyFields=@KeyField(target="@href",pattern="#(.*)")),expect={@Expect(id="catalog-control-require-statement-when-not-withdrawn",level=ERROR,test="prop[@name=\'status\']/@value=(\'withdrawn\',\'Withdrawn\') or part[@name=\'statement\']"),@Expect(level=WARNING,target="part[has-oscal-namespace(\'http://csrc.nist.gov/ns/oscal\') and @name=(\'assessment\',\'assessment-method\')]",test="prop[has-oscal-namespace((\'http://csrc.nist.gov/ns/oscal\',\'http://csrc.nist.gov/ns/rmf\')) and @name=\'method\']")})
public class Control
extends AbstractControl
    A structured object representing a requirement or guideline, which when implemented will reduce an aspect of risk related to an information system and its information.

    • Constructor Detail

    • Method Detail

      • getTitle

        public gov.nist.secauto.metaschema.model.common.datatype.markup.MarkupLine getTitle()

      • setTitle

        public void setTitle​(gov.nist.secauto.metaschema.model.common.datatype.markup.MarkupLine value)

      • addParam

        public boolean addParam​(Parameter item)
        Add a new Parameter item to the underlying collection.
        Parameters:
        item - the item to add
        Returns:
        true

      • removeParam

        public boolean removeParam​(Parameter item)
        Remove the first matching Parameter item from the underlying collection.
        Parameters:
        item - the item to remove
        Returns:
        true if the item was removed or false otherwise

      • addProp

        public boolean addProp​(Property item)
        Add a new Property item to the underlying collection.
        Parameters:
        item - the item to add
        Returns:
        true

      • removeProp

        public boolean removeProp​(Property item)
        Remove the first matching Property item from the underlying collection.
        Parameters:
        item - the item to remove
        Returns:
        true if the item was removed or false otherwise

      • addLink

        public boolean addLink​(Link item)
        Add a new Link item to the underlying collection.
        Parameters:
        item - the item to add
        Returns:
        true

      • removeLink

        public boolean removeLink​(Link item)
        Remove the first matching Link item from the underlying collection.
        Parameters:
        item - the item to remove
        Returns:
        true if the item was removed or false otherwise

      • addPart

        public boolean addPart​(ControlPart item)
        Add a new ControlPart item to the underlying collection.
        Parameters:
        item - the item to add
        Returns:
        true

      • removePart

        public boolean removePart​(ControlPart item)
        Remove the first matching ControlPart item from the underlying collection.
        Parameters:
        item - the item to remove
        Returns:
        true if the item was removed or false otherwise

      • addControl

        public boolean addControl​(Control item)
        Add a new Control item to the underlying collection.
        Parameters:
        item - the item to add
        Returns:
        true

      • removeControl

        public boolean removeControl​(Control item)
        Remove the first matching Control item from the underlying collection.
        Parameters:
        item - the item to remove
        Returns:
        true if the item was removed or false otherwise