Package dev.metaschema.oscal.lib.model

Class AssessmentResults

java.lang.Object
dev.metaschema.oscal.lib.model.AbstractOscalInstance
dev.metaschema.oscal.lib.model.AssessmentResults
All Implemented Interfaces:
dev.metaschema.core.model.IBoundObject, IOscalInstance
@MetaschemaAssembly(formalName="Security Assessment Results (SAR)", description="Security assessment results, such as those provided by a FedRAMP assessor in the FedRAMP Security Assessment Report.", name="assessment-results", moduleClass=OscalArModule.class, rootName="assessment-results", valueConstraints=@ValueConstraints(lets=@Let(name="all-imports",target="recurse-depth(\'.[import-ap]/doc(resolve-uri(Q{http://csrc.nist.gov/ns/oscal/1.0}resolve-reference(import-ap/@href)))/assessment-plan|.[import-ssp]/doc(resolve-uri(Q{http://csrc.nist.gov/ns/oscal/1.0}resolve-reference(import-ssp/@href)))/system-security-plan|.[import-profile]/resolve-profile(doc(resolve-uri(Q{http://csrc.nist.gov/ns/oscal/1.0}resolve-reference(import-profile/@href))))/catalog\')")), modelConstraints=@AssemblyConstraints(index={@Index(id="oscal-ar-index-metadata-scoped-role-id",formalName="In-Scope Role Identifiers",description="An index of role identifiers that are in-scope for the assessment-result model. Roles are collected from imported assessment-plans, which in turn includes referenced system-securtity-plans, which in turn includes referenced profiles and catalogs. For a given role @id, a locally declared role takes precedence over a role that is imported, the role that was last imported.",level=ERROR,target="map:merge($all-imports/metadata/role ! map:entry(@id,.))?*",name="index-imports-metadata-role-id",keyFields=@KeyField(target="@id")),@Index(id="oscal-ar-index-metadata-scoped-location-uuid",level=ERROR,target="map:merge($all-imports/metadata/location ! map:entry(@uuid,.))?*",name="index-imports-metadata-location-uuid",keyFields=@KeyField(target="@uuid")),@Index(id="oscal-ar-index-metadata-scoped-party-uuid",level=ERROR,target="map:merge($all-imports/metadata/party ! map:entry(@uuid,.))?*",name="index-imports-metadata-party-uuid",keyFields=@KeyField(target="@uuid")),@Index(id="oscal-ar-index-metadata-scoped-party-organization-uuid",level=ERROR,target="map:merge($all-imports/metadata/party[@type=\'organization\'] ! map:entry(@uuid,.))?*",name="index-imports-metadata-party-organization-uuid",keyFields=@KeyField(target="@uuid")),@Index(id="oscal-ar-index-metadata-scoped-property-uuid",level=ERROR,target="map:merge($all-imports//prop[@uuid] ! map:entry(@uuid,.))?*",name="index-imports-metadata-property-uuid",keyFields=@KeyField(target="@uuid"))},unique={@IsUnique(id="oscal-unique-document-id",formalName="Unique Document Identifier",description="Ensure all document identifiers have a unique combination of @scheme and value.",level=ERROR,target="document-id",keyFields={@KeyField(target="@scheme"),@KeyField}),@IsUnique(id="oscal-unique-property-in-context-location",formalName="Unique Properties",description="Ensure all properties are unique for a given location using a unique combination of @ns, @name, @class. @group. and @value.",level=ERROR,target=".//prop",keyFields={@KeyField(target="path(..)"),@KeyField(target="@name"),@KeyField(target="@ns"),@KeyField(target="@class"),@KeyField(target="@group"),@KeyField(target="@value")}),@IsUnique(id="oscal-unique-link-in-context-location",formalName="Unique Links",description="Ensure all links are unique for a given location using a unique combination of @href, @rel, and @media-type.",level=ERROR,target=".//link",keyFields={@KeyField(target="path(..)"),@KeyField(target="@href"),@KeyField(target="@rel"),@KeyField(target="@media-type"),@KeyField(target="@resource-fragment")}),@IsUnique(id="oscal-unique-responsibility-in-context-location",formalName="Unique Responsibilities",description="Ensure all responsible-roles and responsible-parties are unique for a given location using a unique combination of @role-id and the combination of @party-uuid values.",level=ERROR,target=".//(responsible-party|responsible-role)",keyFields={@KeyField(target="path(..)"),@KeyField(target="@role-id"),@KeyField(target="@party-uuid")},remarks="Since `responsible-party` and `responsible-role` associate multiple `party-uuid` entries with a single `role-id`, each role-id must be referenced only once.")})) public class AssessmentResults extends AbstractOscalInstance implements dev.metaschema.core.model.IBoundObject
Security assessment results, such as those provided by a FedRAMP assessor in the FedRAMP Security Assessment Report.

  • Constructor Details

    • AssessmentResults

      public AssessmentResults()
      Constructs a new dev.metaschema.oscal.lib.model.AssessmentResults instance with no metadata.

    • AssessmentResults

      public AssessmentResults(dev.metaschema.core.model.IMetaschemaData data)
      Constructs a new dev.metaschema.oscal.lib.model.AssessmentResults instance with the specified metadata.
      Parameters:
      data - the metaschema data, or null if none

  • Method Details

    • getMetaschemaData

      public dev.metaschema.core.model.IMetaschemaData getMetaschemaData()
      Specified by:
      getMetaschemaData in interface dev.metaschema.core.model.IBoundObject

    • getUuid

      @NonNull public UUID getUuid()
      Get the "Assessment Results Universally Unique Identifier".

      A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this assessment results instance in this or other OSCAL instances. The locally defined UUID of the assessment result can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document.

      Specified by:
      getUuid in interface IOscalInstance
      Returns:
      the uuid value

    • setUuid

      public void setUuid(@NonNull UUID value)
      Set the "Assessment Results Universally Unique Identifier".

      A machine-oriented, globally unique identifier with cross-instance scope that can be used to reference this assessment results instance in this or other OSCAL instances. The locally defined UUID of the assessment result can be used to reference the data item locally or globally (e.g., in an imported OSCAL instance). This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document.

      Parameters:
      value - the uuid value to set

    • getMetadata

      @NonNull public Metadata getMetadata()
      Get the "Document Metadata".

      Provides information about the containing document, and defines concepts that are shared across the document.

      Specified by:
      getMetadata in interface IOscalInstance
      Returns:
      the metadata value

    • setMetadata

      public void setMetadata(@NonNull Metadata value)
      Set the "Document Metadata".

      Provides information about the containing document, and defines concepts that are shared across the document.

      Parameters:
      value - the metadata value to set

    • getImportAp

      @NonNull public ImportAp getImportAp()
      Get the "Import Assessment Plan".

      Used by assessment-results to import information about the original plan for assessing the system.

      Returns:
      the import-ap value

    • setImportAp

      public void setImportAp(@NonNull ImportAp value)
      Set the "Import Assessment Plan".

      Used by assessment-results to import information about the original plan for assessing the system.

      Parameters:
      value - the import-ap value to set

    • getLocalDefinitions

      @Nullable public AssessmentResults.LocalDefinitions getLocalDefinitions()
      Get the "Local Definitions".

      Used to define data objects that are used in the assessment plan, that do not appear in the referenced SSP.

      Returns:
      the local-definitions value, or null if not set

    • setLocalDefinitions

      public void setLocalDefinitions(@Nullable AssessmentResults.LocalDefinitions value)
      Set the "Local Definitions".

      Used to define data objects that are used in the assessment plan, that do not appear in the referenced SSP.

      Parameters:
      value - the local-definitions value to set, or null to clear

    • getResults

      @NonNull public List<Result> getResults()
      Get the "Assessment Result".

      Used by the assessment results and POA&M. In the assessment results, this identifies all of the assessment observations and findings, initial and residual risks, deviations, and disposition. In the POA&M, this identifies initial and residual risks, deviations, and disposition.

      Returns:
      the result value

    • setResults

      public void setResults(@NonNull List<Result> value)
      Set the "Assessment Result".

      Used by the assessment results and POA&M. In the assessment results, this identifies all of the assessment observations and findings, initial and residual risks, deviations, and disposition. In the POA&M, this identifies initial and residual risks, deviations, and disposition.

      Parameters:
      value - the result value to set

    • addResult

      public boolean addResult(Result item)
      Add a new Result item to the underlying collection.
      Parameters:
      item - the item to add
      Returns:
      true

    • removeResult

      public boolean removeResult(Result item)
      Remove the first matching Result item from the underlying collection.
      Parameters:
      item - the item to remove
      Returns:
      true if the item was removed or false otherwise

    • getBackMatter

      @Nullable public BackMatter getBackMatter()
      Get the "Back matter".

      A collection of resources that may be referenced from within the OSCAL document instance.

      Specified by:
      getBackMatter in interface IOscalInstance
      Returns:
      the back-matter value, or null if not set

    • setBackMatter

      public void setBackMatter(@Nullable BackMatter value)
      Set the "Back matter".

      A collection of resources that may be referenced from within the OSCAL document instance.

      Parameters:
      value - the back-matter value to set, or null to clear

    • toString

      public String toString()
      Overrides:
      toString in class Object