componentDefinition.schema.json
A collection of component descriptions, which may optionally be grouped by capability.
type · thingNIST vocabularystatus · draftv1
{
"ComponentDefinition": {
"@type": "ComponentDefinition",
"schemaVersion": 1,
"uuid": "String",
"metadata": {
"@type": "Metadata",
"title": "String",
"published": "Datetime",
"last-modified": "Datetime",
"version": "String",
"oscal-version": "String",
"revisions": [
{
"revisions(item)": {
"@type": "Revisions(item)",
"props": [
{
"props(item)": {
"@type": "Props(item)",
"name": "String",
"ns": "URI",
"value": "String",
"class": "String",
"group": "String",
"remarks": "String"
}
}
],
"links": [
{
"links(item)": {
"@type": "Links(item)",
"href": "URI",
"rel": "String",
"media-type": "String",
"resource-fragment": "String",
"text": "String"
}
}
]
}
}
],
"document-ids": [
{
"document-ids(item)": {
"@type": "Document-ids(item)",
"scheme": "URI",
"identifier": "String"
}
}
],
"roles": [
{
"roles(item)": {
"@type": "Roles(item)",
"description": "String",
"id": "String",
"short-name": "String"
}
}
],
"locations": [
{
"locations(item)": {
"@type": "Locations(item)",
"address": {
"@type": "Address",
"type": "String",
"addr-lines": [
{
"addr-lines(item)": "String"
}
],
"city": "String",
"state": "String",
"postal-code": "String",
"country": "String"
},
"email-addresses": [
{
"email-addresses(item)": "String"
}
],
"telephone-numbers": [
{
"telephone-numbers(item)": "TelephoneNumber"
}
],
"urls": [
{
"urls(item)": "URI"
}
]
}
}
],
"parties": [
{
"parties(item)": {
"@type": "Parties(item)",
"external-ids": [
{
"external-ids(item)": {
"@type": "External-ids(item)"
}
}
],
"addresses": [
{
"addresses(item)": {
"@type": "Addresses(item)"
}
}
],
"member-of-organizations": [
{
"member-of-organizations(item)": "String"
}
],
"location-uuids": [
{
"location-uuids(item)": "String"
}
]
}
}
],
"responsible-parties": [
{
"responsible-parties(item)": {
"@type": "Responsible-parties(item)",
"role-id": "String",
"party-uuids": [
{
"party-uuids(item)": "String"
}
]
}
}
],
"actions": [
{
"actions(item)": {
"@type": "Actions(item)",
"date": "Datetime",
"system": "URI"
}
}
]
},
"import-component-definitions": [
{
"import-component-definitions(item)": {
"@type": "Import-component-definitions(item)"
}
}
],
"components": [
{
"components(item)": {
"@type": "Components(item)",
"purpose": "String",
"responsible-roles": [
{
"responsible-roles(item)": {
"@type": "Responsible-roles(item)"
}
}
],
"status": "String",
"protocols": [
{
"protocols(item)": {
"@type": "Protocols(item)",
"port-ranges": [
{
"port-ranges(item)": {
"@type": "Port-ranges(item)",
"start": "Integer",
"end": "Integer",
"transport": "String"
}
}
]
}
}
],
"control-implementations": [
{
"control-implementations(item)": {
"@type": "Control-implementations(item)",
"source": "URI",
"set-parameters": [
{
"set-parameters(item)": {
"@type": "Set-parameters(item)",
"param-id": "String",
"depends-on": "String",
"label": "String",
"usage": "String",
"constraints": [
{
"constraints(item)": {
"@type": "Constraints(item)",
"tests": [
{
"tests(item)": {
"@type": "Tests(item)",
"expression": "String"
}
}
]
}
}
],
"guidelines": [
{
"guidelines(item)": {
"@type": "Guidelines(item)",
"prose": "String"
}
}
],
"values": [
{
"values(item)": "String"
}
],
"select": {
"@type": "Select",
"how-many": "String",
"choice": [
{
"choice(item)": "String"
}
]
}
}
}
],
"implemented-requirements": [
{
"implemented-requirements(item)": {
"@type": "Implemented-requirements(item)",
"control-id": "String",
"statements": [
{
"statements(item)": {
"@type": "Statements(item)",
"statement-id": "String",
"by-components": [
{
"by-components(item)": {
"@type": "By-components(item)",
"component-uuid": "String",
"implementation-status": {
"@type": "Implementation-status"
},
"export": {
"@type": "Export",
"provided": [
{
"provided(item)": {
"@type": "Provided(item)"
}
}
],
"responsibilities": [
{
"responsibilities(item)": {
"@type": "Responsibilities(item)",
"provided-uuid": "String"
}
}
]
},
"inherited": [
{
"inherited(item)": {
"@type": "Inherited(item)"
}
}
],
"satisfied": [
{
"satisfied(item)": {
"@type": "Satisfied(item)",
"responsibility-uuid": "String"
}
}
]
}
}
]
}
}
]
}
}
]
}
}
]
}
}
],
"capabilities": [
{
"capabilities(item)": {
"@type": "Capabilities(item)",
"incorporates-components": [
{
"incorporates-components(item)": {
"@type": "Incorporates-components(item)"
}
}
]
}
}
],
"back-matter": {
"@type": "Back-matter",
"resources": [
{
"resources(item)": {
"@type": "Resources(item)",
"citation": {
"@type": "Citation"
},
"rlinks": [
{
"rlinks(item)": {
"@type": "Rlinks(item)",
"hashes": [
{
"hashes(item)": {
"@type": "Hashes(item)",
"algorithm": "String"
}
}
]
}
}
],
"base64": {
"@type": "Base64",
"filename": "String"
}
}
}
]
}
}
}{
"ComponentDefinition": {
"@type": "ComponentDefinition",
"schemaVersion": 1,
"description": "A collection of component descriptions, which may optionally be grouped by capability.",
"uuid": {
"description": "Provides a globally unique means to identify a given catalog instance.",
"type": "String"
},
"metadata": {
"@type": "Metadata",
"description": "Provides information about the containing document, and defines concepts that are shared across the document.",
"title": {
"description": "Document title as published, whitespace-normalized and BibTeX-escaped.",
"type": "String"
},
"published": {
"description": "The date and time the document was last made available.",
"nullable": true,
"type": "Datetime"
},
"last-modified": {
"description": "The date and time the document was last stored for later retrieval.",
"type": "Datetime"
},
"version": {
"description": "Version information for an item.",
"type": "String"
},
"oscal-version": {
"description": "The OSCAL model version the document was authored against and will conform to as valid.",
"type": "String"
},
"revisions": [
{
"revisions(item)": {
"@type": "Revisions(item)",
"description": "An entry in a sequential list of revisions to the containing document, expected to be in reverse chronological order (i.e. latest first).",
"props": [
{
"props(item)": {
"@type": "Props(item)",
"description": "An attribute, characteristic, or quality of the containing object expressed as a namespace qualified name/value pair.",
"name": {
"description": "The name of the item or record.",
"type": "String"
},
"ns": {
"description": "A namespace qualifying the property's name. This allows different organizations to associate distinct semantics with the same name.",
"nullable": true,
"type": "URI"
},
"value": {
"description": "Indicates the value of the attribute, characteristic, or quality.",
"type": "String"
},
"class": {
"description": "A textual label that provides a sub-type or characterization of the property's name.",
"nullable": true,
"type": "String"
},
"group": {
"description": "An identifier for relating distinct sets of properties.",
"nullable": true,
"type": "String"
},
"remarks": {
"description": "Additional commentary about the containing object.",
"nullable": true,
"type": "String"
}
}
}
],
"links": [
{
"links(item)": {
"@type": "Links(item)",
"description": "A reference to a local or remote resource, that has a specific relation to the containing object.",
"href": {
"description": "A resolvable URL reference to a resource.",
"type": "URI"
},
"rel": {
"description": "Describes the type of relationship provided by the link's hypertext reference. This can be an indicator of the link's purpose.",
"nullable": true,
"type": "String"
},
"media-type": {
"description": "A label that indicates the nature of a resource, as a data serialization or format.",
"nullable": true,
"type": "String"
},
"resource-fragment": {
"description": "In case where the href points to a back-matter/resource, this value will indicate the URI fragment to append to any rlink associated with the resource. This value MUST be URI encoded.",
"nullable": true,
"type": "String"
},
"text": {
"description": "Generic text of any sort.",
"type": "String"
}
}
}
]
}
}
],
"document-ids": [
{
"document-ids(item)": {
"@type": "Document-ids(item)",
"description": "A document identifier qualified by an identifier scheme.",
"scheme": {
"description": "Qualifies the kind of document identifier using a URI. If the scheme is not provided the value of the element will be interpreted as a string of characters.",
"nullable": true,
"type": "URI"
},
"identifier": {
"description": "A non-empty string with leading and trailing whitespace disallowed. Whitespace is: U+9, U+10, U+32 or [ \n\t]+",
"type": "String"
}
}
}
],
"roles": [
{
"roles(item)": {
"@type": "Roles(item)",
"description": {
"description": "A summary of the role's purpose and associated responsibilities.",
"nullable": true,
"type": "String"
},
"id": {
"description": "Provenance link to the source corpus document_id.",
"type": "String"
},
"short-name": {
"description": "A short common name, abbreviation, or acronym for the role.",
"nullable": true,
"type": "String"
}
}
}
],
"locations": [
{
"locations(item)": {
"@type": "Locations(item)",
"description": "A physical point of presence, which may be associated with people, organizations, or other concepts within the current or linked OSCAL document.",
"address": {
"@type": "Address",
"description": "A postal address for the location.",
"type": {
"description": "Indicates the type of address.",
"nullable": true,
"type": "String"
},
"addr-lines": [
{
"addr-lines(item)": {
"description": "A single line of an address.",
"type": "String"
}
}
],
"city": {
"description": "City, town or geographical region for the mailing address.",
"nullable": true,
"type": "String"
},
"state": {
"description": "State, province or analogous geographical region for a mailing address.",
"nullable": true,
"type": "String"
},
"postal-code": {
"description": "Postal or ZIP code for mailing address.",
"nullable": true,
"type": "String"
},
"country": {
"description": "The ISO 3166-1 alpha-2 country code for the mailing address.",
"nullable": true,
"type": "String"
}
},
"email-addresses": [
{
"email-addresses(item)": {
"description": "An email address as defined by RFC 5322 Section 3.4.1.",
"type": "String"
}
}
],
"telephone-numbers": [
{
"telephone-numbers(item)": {
"description": "A telephone service number as defined by ITU-T E.164.",
"type": "TelephoneNumber"
}
}
],
"urls": [
{
"urls(item)": {
"description": "The uniform resource locator (URL) for a web site or other resource associated with the location.",
"type": "URI"
}
}
]
}
}
],
"parties": [
{
"parties(item)": {
"@type": "Parties(item)",
"description": "An organization or person, which may be associated with roles or other concepts within the current or linked OSCAL document.",
"external-ids": [
{
"external-ids(item)": {
"@type": "External-ids(item)",
"description": "An identifier for a person or organization using a designated scheme. e.g. an Open Researcher and Contributor ID (ORCID)."
}
}
],
"addresses": [
{
"addresses(item)": {
"@type": "Addresses(item)",
"description": "A postal address for the location."
}
}
],
"member-of-organizations": [
{
"member-of-organizations(item)": {
"description": "A reference to another party by UUID, typically an organization, that this subject is associated with.",
"type": "String"
}
}
],
"location-uuids": [
{
"location-uuids(item)": {
"description": "Reference to a location by UUID.",
"type": "String"
}
}
]
}
}
],
"responsible-parties": [
{
"responsible-parties(item)": {
"@type": "Responsible-parties(item)",
"description": "A reference to a set of persons and/or organizations that have responsibility for performing the referenced role in the context of the containing object.",
"role-id": {
"description": "A reference to a role performed by a party.",
"type": "String"
},
"party-uuids": [
{
"party-uuids(item)": {
"description": "Reference to a party by UUID.",
"type": "String"
}
}
]
}
}
],
"actions": [
{
"actions(item)": {
"@type": "Actions(item)",
"description": "An action applied by a role within a given party to the content.",
"date": {
"description": "The date and time when the action occurred.",
"nullable": true,
"type": "Datetime"
},
"system": {
"description": "Specifies the action type system used.",
"type": "URI"
}
}
}
]
},
"import-component-definitions": [
{
"import-component-definitions(item)": {
"@type": "Import-component-definitions(item)",
"description": "Loads a component definition from another resource."
}
}
],
"components": [
{
"components(item)": {
"@type": "Components(item)",
"purpose": {
"description": "A summary of the technological or business purpose of the component.",
"nullable": true,
"type": "String"
},
"responsible-roles": [
{
"responsible-roles(item)": {
"@type": "Responsible-roles(item)",
"description": "A reference to a role with responsibility for performing a function relative to the containing object, optionally associated with a set of persons and/or organizations that perform that role."
}
}
],
"status": {
"description": "Release status: Released, In Review, or On Hold.",
"type": "String"
},
"protocols": [
{
"protocols(item)": {
"@type": "Protocols(item)",
"description": "Information about the protocol used to provide a service.",
"port-ranges": [
{
"port-ranges(item)": {
"@type": "Port-ranges(item)",
"description": "Where applicable this is the transport layer protocol port range an IPv4-based or IPv6-based service uses.",
"start": {
"description": "Indicates the starting port number in a port range for a transport layer protocol",
"nullable": true,
"type": "Integer"
},
"end": {
"description": "Indicates the ending port number in a port range for a transport layer protocol",
"nullable": true,
"type": "Integer"
},
"transport": {
"description": "Indicates the transport type.",
"nullable": true,
"type": "String"
}
}
}
]
}
}
],
"control-implementations": [
{
"control-implementations(item)": {
"@type": "Control-implementations(item)",
"source": {
"description": "A reference to an OSCAL catalog or profile providing the referenced control or subcontrol definition.",
"type": "URI"
},
"set-parameters": [
{
"set-parameters(item)": {
"@type": "Set-parameters(item)",
"description": "A parameter setting, to be propagated to points of insertion.",
"param-id": {
"description": "An identifier for the parameter.",
"nullable": true,
"type": "String"
},
"depends-on": {
"description": "(deprecated) Another parameter invoking this one. This construct has been deprecated and should not be used.",
"nullable": true,
"type": "String"
},
"label": {
"description": "A short, placeholder name for the parameter, which can be used as a substitute for a value if no value is assigned.",
"nullable": true,
"type": "String"
},
"usage": {
"description": "Describes the purpose and use of a parameter.",
"nullable": true,
"type": "String"
},
"constraints": [
{
"constraints(item)": {
"@type": "Constraints(item)",
"tests": [
{
"tests(item)": {
"@type": "Tests(item)",
"description": "A test expression which is expected to be evaluated by a tool.",
"expression": {
"description": "A formal (executable) expression of a constraint.",
"type": "String"
}
}
}
]
}
}
],
"guidelines": [
{
"guidelines(item)": {
"@type": "Guidelines(item)",
"description": "A prose statement that provides a recommendation for the use of a parameter.",
"prose": {
"description": "Prose permits multiple paragraphs, lists, tables etc.",
"type": "String"
}
}
}
],
"values": [
{
"values(item)": {
"description": "A parameter value or set of values.",
"type": "String"
}
}
],
"select": {
"@type": "Select",
"description": "Presenting a choice among alternatives.",
"how-many": {
"description": "Describes the number of selections that must occur. Without this setting, only one value should be assumed to be permitted.",
"nullable": true,
"type": "String"
},
"choice": [
{
"choice(item)": {
"description": "A value selection among several such options.",
"type": "String"
}
}
]
}
}
}
],
"implemented-requirements": [
{
"implemented-requirements(item)": {
"@type": "Implemented-requirements(item)",
"control-id": {
"description": "A reference to a control with a corresponding id value. When referencing an externally defined control, the Control Identifier Reference must be used in the context of the external / imported OSCAL instance (e.g., uri-reference).",
"type": "String"
},
"statements": [
{
"statements(item)": {
"@type": "Statements(item)",
"statement-id": {
"description": "A human-oriented identifier reference to a control statement.",
"type": "String"
},
"by-components": [
{
"by-components(item)": {
"@type": "By-components(item)",
"component-uuid": {
"description": "A machine-oriented identifier reference to a component.",
"type": "String"
},
"implementation-status": {
"@type": "Implementation-status",
"description": "Indicates the degree to which the a given control is implemented."
},
"export": {
"@type": "Export",
"provided": [
{
"provided(item)": {
"@type": "Provided(item)"
}
}
],
"responsibilities": [
{
"responsibilities(item)": {
"@type": "Responsibilities(item)",
"provided-uuid": {
"description": "A machine-oriented identifier reference to an inherited control implementation that a leveraging system is inheriting from a leveraged system.",
"nullable": true,
"type": "String"
}
}
}
]
},
"inherited": [
{
"inherited(item)": {
"@type": "Inherited(item)"
}
}
],
"satisfied": [
{
"satisfied(item)": {
"@type": "Satisfied(item)",
"responsibility-uuid": {
"description": "A machine-oriented identifier reference to a control implementation that satisfies a responsibility imposed by a leveraged system.",
"nullable": true,
"type": "String"
}
}
}
]
}
}
]
}
}
]
}
}
]
}
}
]
}
}
],
"capabilities": [
{
"capabilities(item)": {
"@type": "Capabilities(item)",
"incorporates-components": [
{
"incorporates-components(item)": {
"@type": "Incorporates-components(item)"
}
}
]
}
}
],
"back-matter": {
"@type": "Back-matter",
"description": "A collection of resources that may be referenced from within the OSCAL document instance.",
"resources": [
{
"resources(item)": {
"@type": "Resources(item)",
"citation": {
"@type": "Citation",
"description": "An optional citation consisting of end note text using structured markup."
},
"rlinks": [
{
"rlinks(item)": {
"@type": "Rlinks(item)",
"description": "A URL-based pointer to an external resource with an optional hash for verification and change detection.",
"hashes": [
{
"hashes(item)": {
"@type": "Hashes(item)",
"description": "A representation of a cryptographic digest generated over a resource using a specified hash algorithm.",
"algorithm": {
"description": "The digest method by which a hash is derived.",
"type": "String"
}
}
}
]
}
}
],
"base64": {
"@type": "Base64",
"description": "A resource encoded using the Base64 alphabet defined by RFC 2045.",
"filename": {
"description": "Name of the file before it was encoded as Base64 to be embedded in a resource. This is the name that will be assigned to the file when the file is decoded.",
"nullable": true,
"type": "String"
}
}
}
}
]
}
}
}