To get started with the OpenC2 Integration Framework (OIF) Orchestrator please reference the WalkThrough.md found under docs.
This GitHub public repository openc2-oif-orchestrator was created at the request of the OASIS OpenC2 Technical Committee as an OASIS TC Open Repository to support development of open source resources related to Technical Committee work.
While this TC Open Repository remains associated with the sponsor TC, its development priorities, leadership, intellectual property terms, participation rules, and other matters of governance are separate and distinct from the OASIS TC Process and related policies.
All contributions made to this TC Open Repository are subject to open source license terms expressed in Apache License v 2.0. That license was selected as the declared Applicable License when the TC voted to create this Open Repository.
As documented in Public Participation Invited, contributions to this TC Open Repository are invited from all parties, whether affiliated with OASIS or not. Participants must have a GitHub account, but no fees or OASIS membership obligations are required. Participation is expected to be consistent with the OASIS TC Open Repository Guidelines and Procedures, the open source LICENSE.md designated for this particular repository, and the requirement for an Individual Contributor License Agreement that governs intellectual property.
OpenC2 Integration Framework (OIF) is a project which enables developers to create and test OpenC2 specifications and implementations without having to recreate an entire OpenC2 ecosystem. The OIF consists of two major parts:
- The "OIF Orchestrator" (this repository), which functions as an OpenC2 producer, and
- The "OIF Device", which functions as an OpenC2 consumer.
When used together the OIF Orchestrator and Device implement both sides of the OpenC2 Producer / Consumer model.
Motivation: The OIF Orchestrator was created with the intent of being an easy-to-configure OpenC2 producer that can be used in the creation of reference implementations to control multiple devices. To that end it allows for the addition of multiple serializations and message transfer solutions. The intent is to reduce the time and effort needed to produce an OpenC2 reference implementation. The OpenC2 specification does not limit the types of data serialization or transport protocols that can be utilized to deliver the message content. OIF was built with the capability to easily add serialization and transport functionality in order to be able to represent a wide range of use cases. Additionally, OIF allows newcomers a lower barrier to entry by providing a framework to work within, allowing a developer to focus their product's functionality without having to build out the rest of the supporting architecture.
In short, OIF is being used to work through interoperability use cases in order to mature the OpenC2 specification. In the future, OIF plans to help guide the community towards conformance by providing a validation/test capability that will determine if the vendor implementation meets the requirements set forth in OpenC2 specifications.
The first step to using OIF is establishing the connection with another Device. Along the menu bar, you will see a tab labelled "Devices" that will bring you to the Orchestrator Devices viewer. Using the Register button, you may register a Device, entering a Name, a Device UUID, and Connection and connection Authentication information to the Device. The Device will now appear on the Devices page for viewing and editing its connection information.
Once you have entered a Device, you can enter an Actuator with OpenC2 capabilities on that Device into OIF using the Actuators tab of the menu bar. Actuators are given a Name, a UUID, a Parent Device, and a Schema defining its OpenC2 capabilities. OIF accepts schemas in JSON schema format. These documents can be pasted in, or pulled using the "Upload Schema" option at the bottom of the text box.
The Command tab of the menu bar gives access to the Command Generator, OIF's tool for sending OpenC2 commands. The left side of the page has a selection of all loaded Actuator schemas to choose from, and after making this selection the chosen schema will appear onscreen. The right side of the screen has command generation tools available from the chosen schema, with Creator, Message, and Warning tabs. The Creator tab houses the user options for command generation based on the chosen schema, with these utilities lying under the "OpenC2-Command" option. The structural elements of an OpenC2 command are all represented here, with form options valid for the input schema to generate a corresponding OpenC2 command. In addition to the Creator tab, the Message and Warnings tabs are useful tools for viewing the text of the message to be sent or any warnings or errors in the command.
After sending a command, you can view its text, data, status or results with the Previous Commands option of the Command menu tab. This view displays the historical command info, with an additional "Info" button to view the full command text as well as any responses received by OIF that are attributed to that command.
On the far right of the menu bar is the access to user features, with a breakdown of all the user's site entries, command history, and authentication, as well as password and logout options.
TC Open Repository Maintainers are responsible for oversight of this project's community development activities, including evaluation of GitHub pull requests and preserving open source principles of openness and fairness. Maintainers are recognized and trusted experts who serve to implement community goals and consensus design preferences.
Initially, the associated TC members have designated one or more persons to serve as Maintainer(s); subsequently, participating community members may select additional or substitute Maintainers.
Current Maintainers of this TC Open Repository
- David Lemire; Email: david.lemire@hii-tsd.com
- The ScreamingBunny Development team; GitHub ID: https://github.com/ScreamBun
- TC Open Repositories: Overview and Resources
- Frequently Asked Questions
- Open Source Licenses
- Contributor License Agreements (CLAs)
- Maintainers' Guidelines and Agreement
Questions or comments about this TC Open Repository's activities should be composed as GitHub issues or comments. If use of an issue/comment is not possible or appropriate, questions may be directed by email to the Maintainer(s) listed above. Please send general questions about TC Open Repository participation to OASIS Staff at repository-admin@oasis-open.org and any specific CLA-related questions to repository-cla@oasis-open.org.