Package dev.metaschema.oscal.lib.model

Class PlanOfActionAndMilestones

java.lang.Object
dev.metaschema.oscal.lib.model.AbstractOscalInstance
dev.metaschema.oscal.lib.model.PlanOfActionAndMilestones
All Implemented Interfaces:
dev.metaschema.core.model.IBoundObject, IOscalInstance
@MetaschemaAssembly(formalName="Plan of Action and Milestones (POA&M)", description="A plan of action and milestones which identifies initial and residual risks, deviations, and disposition, such as those required by FedRAMP.", name="plan-of-action-and-milestones", moduleClass=OscalPoamModule.class, rootName="plan-of-action-and-milestones", remarks="Either an OSCAL-based SSP must be imported, or a unique system-id must be specified. Both may be present.", valueConstraints=@ValueConstraints(lets=@Let(name="all-imports",target="recurse-depth(\'.[import-ap]/doc(resolve-uri(Q{http://csrc.nist.gov/ns/oscal/1.0}resolve-reference(import-ap/@href)))/assessment-plan|.[import-ssp]/doc(resolve-uri(Q{http://csrc.nist.gov/ns/oscal/1.0}resolve-reference(import-ssp/@href)))/system-security-plan|.[import-profile]/resolve-profile(doc(resolve-uri(Q{http://csrc.nist.gov/ns/oscal/1.0}resolve-reference(import-profile/@href))))/catalog\')")), modelConstraints=@AssemblyConstraints(index={@Index(id="oscal-poam-index-metadata-scoped-role-id",formalName="In-Scope Role Identifiers",description="An index of role identifiers that are in-scope for the plan-of-action-and-milestones model. Roles are collected from imported system-securtity-plans, which in turn includes referenced profiles and catalogs. For a given role @id, a locally declared role takes precedence over a role that is imported, the role that was last imported.",level=ERROR,target="map:merge($all-imports/metadata/role ! map:entry(@id,.))?*",name="index-imports-metadata-role-id",keyFields=@KeyField(target="@id")),@Index(id="oscal-poam-index-metadata-scoped-location-uuid",level=ERROR,target="map:merge($all-imports/metadata/location ! map:entry(@uuid,.))?*",name="index-imports-metadata-location-uuid",keyFields=@KeyField(target="@uuid")),@Index(id="oscal-poam-index-metadata-scoped-party-uuid",level=ERROR,target="map:merge($all-imports/metadata/party ! map:entry(@uuid,.))?*",name="index-imports-metadata-party-uuid",keyFields=@KeyField(target="@uuid")),@Index(id="oscal-poam-index-metadata-scoped-party-organization-uuid",level=ERROR,target="map:merge($all-imports/metadata/party[@type=\'organization\'] ! map:entry(@uuid,.))?*",name="index-imports-metadata-party-organization-uuid",keyFields=@KeyField(target="@uuid")),@Index(id="oscal-poam-index-metadata-scoped-property-uuid",level=ERROR,target="map:merge($all-imports//prop[@uuid] ! map:entry(@uuid,.))?*",name="index-imports-metadata-property-uuid",keyFields=@KeyField(target="@uuid"))},unique={@IsUnique(id="oscal-unique-document-id",formalName="Unique Document Identifier",description="Ensure all document identifiers have a unique combination of @scheme and value.",level=ERROR,target="document-id",keyFields={@KeyField(target="@scheme"),@KeyField}),@IsUnique(id="oscal-unique-property-in-context-location",formalName="Unique Properties",description="Ensure all properties are unique for a given location using a unique combination of @ns, @name, @class. @group. and @value.",level=ERROR,target=".//prop",keyFields={@KeyField(target="path(..)"),@KeyField(target="@name"),@KeyField(target="@ns"),@KeyField(target="@class"),@KeyField(target="@group"),@KeyField(target="@value")}),@IsUnique(id="oscal-unique-link-in-context-location",formalName="Unique Links",description="Ensure all links are unique for a given location using a unique combination of @href, @rel, and @media-type.",level=ERROR,target=".//link",keyFields={@KeyField(target="path(..)"),@KeyField(target="@href"),@KeyField(target="@rel"),@KeyField(target="@media-type"),@KeyField(target="@resource-fragment")}),@IsUnique(id="oscal-unique-responsibility-in-context-location",formalName="Unique Responsibilities",description="Ensure all responsible-roles and responsible-parties are unique for a given location using a unique combination of @role-id and the combination of @party-uuid values.",level=ERROR,target=".//(responsible-party|responsible-role)",keyFields={@KeyField(target="path(..)"),@KeyField(target="@role-id"),@KeyField(target="@party-uuid")},remarks="Since `responsible-party` and `responsible-role` associate multiple `party-uuid` entries with a single `role-id`, each role-id must be referenced only once.")})) public class PlanOfActionAndMilestones extends AbstractOscalInstance implements dev.metaschema.core.model.IBoundObject
A plan of action and milestones which identifies initial and residual risks, deviations, and disposition, such as those required by FedRAMP.

  • Constructor Details

    • PlanOfActionAndMilestones

      public PlanOfActionAndMilestones()
      Constructs a new dev.metaschema.oscal.lib.model.PlanOfActionAndMilestones instance with no metadata.

    • PlanOfActionAndMilestones

      public PlanOfActionAndMilestones(dev.metaschema.core.model.IMetaschemaData data)
      Constructs a new dev.metaschema.oscal.lib.model.PlanOfActionAndMilestones instance with the specified metadata.
      Parameters:
      data - the metaschema data, or null if none

  • Method Details

    • getMetaschemaData

      public dev.metaschema.core.model.IMetaschemaData getMetaschemaData()
      Specified by:
      getMetaschemaData in interface dev.metaschema.core.model.IBoundObject

    • getUuid

      @NonNull public UUID getUuid()
      Get the "POA&M Universally Unique Identifier".

      A machine-oriented, globally unique identifier with instancescope that can be used to reference this POA&M instance in this OSCAL instance. This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document.

      Specified by:
      getUuid in interface IOscalInstance
      Returns:
      the uuid value

    • setUuid

      public void setUuid(@NonNull UUID value)
      Set the "POA&M Universally Unique Identifier".

      A machine-oriented, globally unique identifier with instancescope that can be used to reference this POA&M instance in this OSCAL instance. This UUID should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document.

      Parameters:
      value - the uuid value to set

    • getMetadata

      @NonNull public Metadata getMetadata()
      Get the "Document Metadata".

      Provides information about the containing document, and defines concepts that are shared across the document.

      Specified by:
      getMetadata in interface IOscalInstance
      Returns:
      the metadata value

    • setMetadata

      public void setMetadata(@NonNull Metadata value)
      Set the "Document Metadata".

      Provides information about the containing document, and defines concepts that are shared across the document.

      Parameters:
      value - the metadata value to set

    • getImportSsp

      @Nullable public ImportSsp getImportSsp()
      Get the "Import System Security Plan".

      Used by the assessment plan and POA&M to import information about the system.

      Returns:
      the import-ssp value, or null if not set

    • setImportSsp

      public void setImportSsp(@Nullable ImportSsp value)
      Set the "Import System Security Plan".

      Used by the assessment plan and POA&M to import information about the system.

      Parameters:
      value - the import-ssp value to set, or null to clear

    • getSystemId

      @Nullable public SystemId getSystemId()
      Get the "System Identification".

      A human-oriented, globally unique identifier with cross-instance scope that can be used to reference this system identification property elsewhere in this or other OSCAL instances. When referencing an externally defined system identification, the system identification must be used in the context of the external / imported OSCAL instance (e.g., uri-reference). This string should be assigned per-subject, which means it should be consistently used to identify the same system across revisions of the document.

      Returns:
      the system-id value, or null if not set

    • setSystemId

      public void setSystemId(@Nullable SystemId value)
      Set the "System Identification".

      A human-oriented, globally unique identifier with cross-instance scope that can be used to reference this system identification property elsewhere in this or other OSCAL instances. When referencing an externally defined system identification, the system identification must be used in the context of the external / imported OSCAL instance (e.g., uri-reference). This string should be assigned per-subject, which means it should be consistently used to identify the same system across revisions of the document.

      Parameters:
      value - the system-id value to set, or null to clear

    • getLocalDefinitions

      @Nullable public LocalDefinitions getLocalDefinitions()
      Get the "Local Definitions".

      Allows components, and inventory-items to be defined within the POA&M for circumstances where no OSCAL-based SSP exists, or is not delivered with the POA&M.

      Returns:
      the local-definitions value, or null if not set

    • setLocalDefinitions

      public void setLocalDefinitions(@Nullable LocalDefinitions value)
      Set the "Local Definitions".

      Allows components, and inventory-items to be defined within the POA&M for circumstances where no OSCAL-based SSP exists, or is not delivered with the POA&M.

      Parameters:
      value - the local-definitions value to set, or null to clear

    • getObservations

      @NonNull public List<Observation> getObservations()
      Get the "Observation".

      Describes an individual observation.

      Returns:
      the observation value

    • setObservations

      public void setObservations(@NonNull List<Observation> value)
      Set the "Observation".

      Describes an individual observation.

      Parameters:
      value - the observation value to set

    • addObservation

      public boolean addObservation(Observation item)
      Add a new Observation item to the underlying collection.
      Parameters:
      item - the item to add
      Returns:
      true

    • removeObservation

      public boolean removeObservation(Observation item)
      Remove the first matching Observation item from the underlying collection.
      Parameters:
      item - the item to remove
      Returns:
      true if the item was removed or false otherwise

    • getRisks

      @NonNull public List<Risk> getRisks()
      Get the "Identified Risk".

      An identified risk.

      Returns:
      the risk value

    • setRisks

      public void setRisks(@NonNull List<Risk> value)
      Set the "Identified Risk".

      An identified risk.

      Parameters:
      value - the risk value to set

    • addRisk

      public boolean addRisk(Risk item)
      Add a new Risk item to the underlying collection.
      Parameters:
      item - the item to add
      Returns:
      true

    • removeRisk

      public boolean removeRisk(Risk item)
      Remove the first matching Risk item from the underlying collection.
      Parameters:
      item - the item to remove
      Returns:
      true if the item was removed or false otherwise

    • getFindings

      @NonNull public List<Finding> getFindings()
      Get the "Finding".

      Describes an individual finding.

      Returns:
      the finding value

    • setFindings

      public void setFindings(@NonNull List<Finding> value)
      Set the "Finding".

      Describes an individual finding.

      Parameters:
      value - the finding value to set

    • addFinding

      public boolean addFinding(Finding item)
      Add a new Finding item to the underlying collection.
      Parameters:
      item - the item to add
      Returns:
      true

    • removeFinding

      public boolean removeFinding(Finding item)
      Remove the first matching Finding item from the underlying collection.
      Parameters:
      item - the item to remove
      Returns:
      true if the item was removed or false otherwise

    • getPoamItems

      @NonNull public List<PoamItem> getPoamItems()
      Get the "POA&M Item".

      Describes an individual POA&M item.

      Returns:
      the poam-item value

    • setPoamItems

      public void setPoamItems(@NonNull List<PoamItem> value)
      Set the "POA&M Item".

      Describes an individual POA&M item.

      Parameters:
      value - the poam-item value to set

    • addPoamItem

      public boolean addPoamItem(PoamItem item)
      Add a new PoamItem item to the underlying collection.
      Parameters:
      item - the item to add
      Returns:
      true

    • removePoamItem

      public boolean removePoamItem(PoamItem item)
      Remove the first matching PoamItem item from the underlying collection.
      Parameters:
      item - the item to remove
      Returns:
      true if the item was removed or false otherwise

    • getBackMatter

      @Nullable public BackMatter getBackMatter()
      Get the "Back matter".

      A collection of resources that may be referenced from within the OSCAL document instance.

      Specified by:
      getBackMatter in interface IOscalInstance
      Returns:
      the back-matter value, or null if not set

    • setBackMatter

      public void setBackMatter(@Nullable BackMatter value)
      Set the "Back matter".

      A collection of resources that may be referenced from within the OSCAL document instance.

      Parameters:
      value - the back-matter value to set, or null to clear

    • toString

      public String toString()
      Overrides:
      toString in class Object