[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: STIX Confidence proposal nearing completion
We feel that we have reached a general consensus on the approach for confidence. In following with the procedure outlined in the CTI meeting last Thursday, we are bringing this topic to the list for any other changes and comments.
If you haven’t had a chance to review it yet, the proposal is located here:
A summary of the approach:
An optional confidence property will be added to each SDO. This confidence value indicates the producer’s confidence in the correctness of their data. Confidence MUST be an integer value in the range 0-100. An appendix will be provided that contains normative mappings to other scales like low/med/high, 0-10, Words of Estimative Probability (WEP), and Admiralty credibility. These mappings MUST be used if any scale not 0-100 is used.
If you have not had a chance to review the proposal, please do so before Wednesday March 1st. At that point, we will be moving confidence into the STIX 2.1 spec. While this does not mean that additional changes cannot be made, we would prefer to make any major revisions before the proposal goes into the working 2.1 specification.
Senior Cyber Threat Analyst
Center for Internet Security (CIS)
Integrated Intelligence Center (IIC)
Multi-State Information Sharing and Analysis Center (MS-ISAC)
1-866-787-4722 (7×24 SOC)
Follow us @CISecurity
. . .