From 4b453ac70a1e65250675ccc5de2db6a8260fa660 Mon Sep 17 00:00:00 2001 From: sparrell Date: Fri, 11 Mar 2022 15:28:45 -0500 Subject: [PATCH] subdirs, lycan, misc --- Agenda.md | 89 ++++++++++++++++++++++++- SweatEquity/Cybeats/README.md | 6 ++ SweatEquity/DoD/README.md | 6 ++ SweatEquity/HuntingtonIngalls/README.md | 6 ++ SweatEquity/LinuxFoundation/README.md | 6 ++ SweatEquity/UniversityOslo/README.md | 6 ++ SweatEquity/sFractal/README.md | 5 ++ index.md | 71 +++++++++++++++----- lycan.md | 23 +++++++ 9 files changed, 198 insertions(+), 20 deletions(-) create mode 100644 lycan.md diff --git a/Agenda.md b/Agenda.md index 0a9fb55..23fd609 100644 --- a/Agenda.md +++ b/Agenda.md @@ -1,5 +1,90 @@ # Agenda -under construction. +```markdown +**Under Construction** -stay tuned +``` + +The Workshop will take place 9AM-5PM EDT 2-June-2022. + +The four keynote speakers will be: +- Dan Solero (AT&T) +- Allan Friedman (CISA) +- Chuck Brooks (Georgetown University) +- Neal Ziring (NSA) + +Feedback from the last workshop recommended +fewer keynotes and spreading the +keynotes throughout the day instead of all at kickoff. +Keynotes were reduced to 4 and they will be: +- kickoff +- just before lunch +- just after lunch +- closing + +These times were chosen to keep the meeting on track +(eg you miss hearing keynote if you aren't back from lunch). + +The remaining time will be spent either: +- demonstrating interworking parts/all of a use case + + the hope is much of the details will be worked out prior to the Workshop as to what systems will interoperate on which use case(s) +- trouble shooting interworking +- hackathon to create new lycans or modify interfaces in the spirit of addine new interworking scenarios. + +At the last Workshop, participants created <3 min videos introducing themselves +and what they were bringing to the Workshop. +The intent is to do similar for this workshop with some changes: +- videos are to be made prior to 26-May +- videos will be compiled into a YouTube playlist +- playlist will be made available to participants 27-May +- videos will NOT be shown at Workshop. Participants should watch all the videos prior to the start of the Workshop. + +Single or multiple track is not yet decided and will depend on +the number and extent of the interworking scenarios. + +Prior to 2-June: +- use cases established +- interworking scenarios defined including use cases, systems, interfaces, and participants +- participant videos created and viewed + +## Schedule +All times EDT: +- 8am-9am Inflow + + inflow to physical meeting, + light refreshments, + equipment setup, + virtual meeting setup + social, +- 9AM kickoff + + Welcome to Venue + + Safety review + + Intro to kickoff Keynote + + Keynote +- 9:45AM AM Interworking Session(s) +- break? +- 11:30AM Keynote 2 +- Noon Lunch in situ +- 1:00PM Keynote 3 +- 1:30PM PM Interworking Session(s) +- break? +- 4PM Summary Plenary session + + review successes and learnings +- 4:30PM Closing Keynote +- 5PM Adjourn +- 6PM Optional BBQ at Duncan's house + + + +Feedback from the last workshop recommended +fewer keynotes and spreading the +keynotes throughout the day instead of all at kickoff. +Keynotes were reduced to 4 and they will be: +- kickoff +- just before lunch +- just after lunch +- closing + + + +## Return to Home +[return to Home](./index.md) diff --git a/SweatEquity/Cybeats/README.md b/SweatEquity/Cybeats/README.md index 029df6e..b8aee71 100644 --- a/SweatEquity/Cybeats/README.md +++ b/SweatEquity/Cybeats/README.md @@ -1 +1,7 @@ # Cybeats Sweat Equity + +put stuff here + + +## Return to Home +[return to Home](../../index.md) diff --git a/SweatEquity/DoD/README.md b/SweatEquity/DoD/README.md index 9e01a87..7cb3ae1 100644 --- a/SweatEquity/DoD/README.md +++ b/SweatEquity/DoD/README.md @@ -1 +1,7 @@ # DoD Sweat Equity + +put stuff here + + +## Return to Home +[return to Home](../../index.md) diff --git a/SweatEquity/HuntingtonIngalls/README.md b/SweatEquity/HuntingtonIngalls/README.md index efab899..ef67376 100644 --- a/SweatEquity/HuntingtonIngalls/README.md +++ b/SweatEquity/HuntingtonIngalls/README.md @@ -1 +1,7 @@ # Huntington IngallsSweat Equity + +put stuff here + + +## Return to Home +[return to Home](../../index.md) diff --git a/SweatEquity/LinuxFoundation/README.md b/SweatEquity/LinuxFoundation/README.md index 09889f9..8cc8a31 100644 --- a/SweatEquity/LinuxFoundation/README.md +++ b/SweatEquity/LinuxFoundation/README.md @@ -1 +1,7 @@ # Linux Foundation Sweat Equity + +put stuff here + + +## Return to Home +[return to Home](../../index.md) diff --git a/SweatEquity/UniversityOslo/README.md b/SweatEquity/UniversityOslo/README.md index d4ea46a..fd1e1d0 100644 --- a/SweatEquity/UniversityOslo/README.md +++ b/SweatEquity/UniversityOslo/README.md @@ -1 +1,7 @@ # University of Oslo Sweat Equity + +put stuff here + + +## Return to Home +[return to Home](../../index.md) diff --git a/SweatEquity/sFractal/README.md b/SweatEquity/sFractal/README.md index 534ce27..c7ecdca 100644 --- a/SweatEquity/sFractal/README.md +++ b/SweatEquity/sFractal/README.md @@ -323,3 +323,8 @@ Once use cases are fleshed out, sFractal hopes to instantiate in Ogres the various opensource conversion tools between the various formats/serializations. SBOM format lycans :-). + + + +## Return to Home +[return to Home](../../index.md) diff --git a/index.md b/index.md index 4968a7f..e8142cc 100644 --- a/index.md +++ b/index.md @@ -14,17 +14,30 @@ in Washington, DC. **Agenda** -Schedule is tentatively 9AM-5PM 2-June-2022; -details are still being worked. - -Feedback from the last workshop recommended -fewer keynotes and spreading the -keynotes throughout the day instead of all at kickoff. -Keynotes were reduced to 4 and they will be: -- kickoff -- just before lunch -- just after lunch -- closing +The Workshop will take place 9AM-5PM EDT 2-June-2022. + +The four keynote speakers will be: +- Dan Solero (AT&T) +- Allan Friedman (CISA) +- Chuck Brooks (Georgetown University) +- Neal Ziring (NSA) + +The remaining time will be spent either: +- demonstrating interworking parts/all of a use case + + the hope is much of the details will be worked out prior to the Workshop as to what systems will interoperate on which use case(s) +- trouble shooting interworking +- hackathon to create new lycans or modify interfaces in the spirit of adding new interworking scenarios. + +At the last Workshop, participants created <3 min videos introducing themselves +and what they were bringing to the Workshop. +The intent is to do similar for this workshop with some changes: +- videos are to be made prior to 26-May +- videos will be compiled into a YouTube playlist +- playlist will be made available to participants 27-May +- videos will NOT be shown at Workshop. Participants should watch all the videos prior to the start of the Workshop. + +Single or multiple track is not yet decided and will depend on +the number and extent of the interworking scenarios. See [Agenda](./Agenda.md) for more details. @@ -71,10 +84,6 @@ with a tie-breaker to who registers first. Participation will require registration. Details forthcoming. -## Keynotes -The 4 keynote speakers have been lined up. -Eventually add them here or make a subtending page. - ## Participating Organizations Strictly speaking none (ie workshop is a collection of individuals @@ -112,7 +121,8 @@ that they have had a positive engagement with their peers and have more confidence cybersecurity automation -is in a better state. +is in a better state +because of effort put into the Workshop. The objective is demonstrating working interoperating systems contributing to cybersecurity automation, @@ -121,13 +131,36 @@ and across the different standards and organizations in this mashup of meetups. The method to achieve the objective will be -demonstration(s) of the use cases -in a subsequent section. +demonstration(s) of +[use cases](./DemoUseCases/README.md). There may be a certain amount of hackathon to fill in the gaps to complete missing aspects of the use cases. +The focus of the Workshop is really up to the participants +and what they bring for interworking. +At least some participants are focusing on +PACE use cases involving getting/retrieving/evaluating +SBOMs/VEXs/CVEs/... including the larger context playbooks in +which this is a part, and the subsequent actions taken as a result. + +put in pithy meaty example here and ref to rest in use cases. + +The Workshop is **NOT** a bakeoff. +The goal is interworking, not 'picking a winner' among multiple standards +(e.g. focus on transforming between SPDX/CycloneDX +instead of focusing on the differences +or which is better for a given ecosystem/usecase). + +The Workshop is **NOT** a trade show or beauty pageant. +Vendors (and open source projects) can shill their products +only in the context +of meeting the interworking interfaces +(even if it's with the ["hand-waving" lycan](./lycan.md)). +Consider the Code of Conduct to have "vendor" added to the harassment-free +list. Talk up your value, don't talk down your competitors. + ## Sweat Equity To learn more about what participants are bringing to the workshop, see @@ -175,6 +208,8 @@ can be found at This workshop is being organized by one passionate individual volunteer who was unelected and will be running it on the D-cubed model (Duncan/democratic/dictator). +Hopefully others will step in to help and we'll evolve to +spread the joy around. ## Code of Conduct TL;DR - don't be a jerk. diff --git a/lycan.md b/lycan.md new file mode 100644 index 0000000..3f6897f --- /dev/null +++ b/lycan.md @@ -0,0 +1,23 @@ +# Lycans + +Interworking involves interfaces from one system +interworking with interfaces from another system +using one of the standard interfaces of the workshop. +Ideally the systems implement the standard interfaces. +If not, an open source "lycan" or "shifter" (*1) +may be used to convert back and forth +between the vendor interface and the standard interface. +For the purpose of demonstrating use cases, +the "hand waving lycan" can be used +when actual lycan has not yet been coded. +Hackathon activities may focus on creating a real lycan +from a hand waving lycan. +Example hand waving lycans can be seen +{Link here to blinky pace sfractal use cases designed to explain this} + + +Footnote *1 - Both OpenC2 and Stixshifter use +werewolf/lycanthrope/shapeshifter terminology. +Instead of transforming between wolf and human, these shims +transform between vendor and standard interfaces. +Stix uses "shifter" and OpenC2 uses "lycan".