Objective: the project(s) aims to develop an OpenC2 Actuator Profile for a specific cybersecurity/cyber-defence function (e.g., packet filtering, cyber-analytics, endpoint response, sandboxing) with the aim to have the produced specification incorporated into the official OASIS OpenC2 suite of specifications.
Deliverables:
- Required: Thesis based on a developed by the student with the support of the supervisor OpenC2 Actuator Profile (AP) Specification.
- As a reference, check the AP for "Endpoint Response", that was developed by the Master's student Martin Evandt of IFI: https://github.com/oasis-tcs/openc2-ap-er/blob/working/oc2edr.md
- Optional: Proof of Concept code/implementation of the developed AP.
Note: This project may accommodate multiple students, and programming skills are not required for the completion of the project.
| Name | OpenC2 Actuator Profile | Workbench |
|---|---|---|
| Andreas Hverven | (cyber) Analytics | TBA |
| Martin Evandt | Endpoint Response | [ GitHub ] |
Background information: Cyberattacks are increasingly sophisticated, less expensive to execute, dynamic and automated. The commission of cyber defense via statically configured products operating in isolation is untenable. Standardized interfaces, protocols and data models will facilitate the integration of the functional blocks within and between systems.
Open Command and Control (OpenC2) is a concise and extensible language to enable machine communications for purposes of command and control of cyber defense components, subsystems and/or systems that are agnostic of the underlying products, technologies, transport mechanisms, or other aspects of the implementation.
More information about OpenC2:
As this is Standards Development work, the students are recommended to join the OASIS OpenC2 Technical Committee to discuss their findings and request feedback.
