6 hours ago
2
Upgrade to High-Speed Internet for only ₱1499/month!
Enjoy up to 100 Mbps fiber broadband, perfect for browsing, streaming, and gaming.
Visit Suniway.ph to learn
A language for cybersecurity assessments in system design
BOSTON, MA, April 29, 2025 (GLOBE NEWSWIRE) -- Today, Object Management Group®️ (OMG®️) published the SPECTRA Comma-Separated Values proposed specification (SPECTRA-CSV) for public comment. We invite comments from any interested parties on this specification, which OMG has proposed for standardization via our "Request for Comments” process.
This specification is one of four specifications issued for public review and comments, which will ultimately be combined into one System Profile for Effective Cyber Threat-based Risk Assessments (SPECTRA) OMG standard. SPECTRA is a language that describes cyber and cyber-physical systems for risk assessments, cybersecurity assessments, and vulnerability assessments. The other components are SPECTRA for SysML v1, SPECTRA for SysML v2 (which have already completed their public comments phase), and SPECTRA Core Assertions Metamodel and this SPECTRA CSV specification.
System descriptions-including models-consist of many essential artifacts for one or more lifecycle phases. For a cybersecurity assessment, certain artifacts are essential-for example, what the parts of the system are, how these parts are connected to convey information, what information is being conveyed, and what the nature of the parts is. Cybersecurity implies a filter for the level of technical detail compared to other disciplines involved in the system lifecycle. Extracting only the relevant cybersecurity assertions from a larger system description is challenging.
The SPECTRA language - a set of conceptual entities and relations, collectively referred to as Core Assertions for cybersecurity - extends Systems Engineering languages with the means to identify the core entities and their relationships to support the task of interpreting and postprocessing a system description by automated tools and enabling cybersecurity analytics. SPECTRA facilitates ingesting normalized machine-consumable system descriptions into compliant tools for big data analytics in cybersecurity. SPECTRA's objective is to provide a standard compliance reference for acquisition contracts soliciting models for various assessments, as well as tools and services for performing such assessments automatically
Get the latest news
delivered to your inbox
Sign up for The Manila Times newsletters
By signing up with an email address, I acknowledge that I have read and agree to the Terms of Service and Privacy Policy.
This specification defines the Comma-Separated Value (CSV) Tabular Representation of the SPECTRA Core Assertions metamodel as part of the standard.
The OMG aims to publish unique, timely standards that provide business value. We are particularly interested in comments regarding this specification's suitability, usability, timeliness, and uniqueness. Please let us know if you are aware of any other publicly available standard that covers the requirements or any commercial or industry issues regarding this specification as currently proposed. This is part of our due diligence toward advancing this specification to become a formal international standard.
Anyone can respond to this request for public comments via the form at https://www.omg.org/technology/rfc-form.htm.
Comments are due by May 12, 2025. All public comments will be reviewed when the OMG next meets in June 2025 and considered before we progress into the "Finalization” process to adopt this as a formal OMG specification. Minor comments will be addressed during Finalization.
You can view all the deliverables that make up this specification on our Public Schedule page under "Pending Requests for Comments” or read the specification document itself directly at https://www.omg.org/cgi-bin/doc.cgi?sysa/2025-3-1
About OMG
The Object Management Group® (OMG®) is an international, open membership, not-for-profit technology standards consortium with representation from government, industry, and academia. OMG Task Forces develop enterprise integration standards for a wide range of technologies and an even more comprehensive range of industries. OMG's modeling standards enable robust visual design, execution, and maintenance of software and other processes. Visit www.omg.org for more information.
Object Management Group and OMG are registered trademarks of the Object Management Group. For a listing of all OMG trademarks, visit https://www.omg.org/legal/tm_list.htm. All other trademarks are the property of their respective owners.
CONTACT: Karen Quatromoni
Object Management Group SDO
978-855-0412
