Stored, sent and received data assets are always processed #18
Conversation
Data assets of a technical asset that are stored by that technical asset or are sent to or received by that technical asset via a communication link are also always implicitly processed by that technical asset. - Always add stored, sent and received data assets to processed assets. - Remove code no longer necessay due to the above change. - Ensure uniqueness of `DataAssetsProcessed`, `DataAssetsStored`, `DataAssetsSent` and `DataAssetsReceived`. - Do not require presence of `data_assets_processed`, `data_assets_stored`, `data_assets_sent` or `data_assets_received`. - Fix wording in rules because stored data assets are already processed.
Data assets sent to or received by a technical asset as the target of a communication link are also always implicitly processed by that target. - Data assets sent to or received by a target through a communication link are always added to that targets' processed data assets.
|
Nice idea... Yep, there is definitely some kind of indirect relationship between the processed assets as being based on the stored/sent/received ones. Even in some model-validating rules this is checked. The ideas was to allow a top-down modeling approach to model the communication links after all the components have been modeled and therefore already have a laid-out plan of what to process (as some kind of cross-check). But indeed, when modeling this all in a row, the value could also nicely be inferred, easing the modeling process. |
|
... speaking of inferring model values: It would probably also make sense to infer the C,I,A ratings (Confidentiality, Integrity, Availability) of technical components based on the highest data assets' C,I,A ratings of stored/sent/received data assets. This could ease the modeling approach even more... |
Yes, I think so too and already implemented that some days ago. Just didn't want to mix up things, so I just opened another PR. |
|
@joreiche this PR joreiche#4 is for merging this PR into your fork which later may be used in #57 |
|
this pr has been resolved with #57 |
Hi,
thank you very much for your great work on this project, I hope it is still active and open for pull requests.
Rationale
Whenever data assets are stored, sent or received by a technical asset they are also processed in some way by that technical asset. This leads to tight coupling of
data_assets_processedwithdata_assets_stored,data_assets_sentanddata_assets_received(relating to both, outgoing and incoming communication links). IMHOdata_assets_processedis of almost no practical use, when a data asset processed is not stored and not transferred somewhere.Proposal
Infer
data_assets_processedbased on data assets stored and data assets used in outgoing and incoming communication links and do not requiredata_assets_processedto be set and continuously maintained.As a stored data asset always implies a processed data asset some of the code became redundant and was removed.
I look forward to your feedback!