NISTIR 8278, National Cybersecurity Online Informative References (OLIR)
Program: Program Overview and OLIR Uses, describes the
OLIR Program, what OLIRs are, what benefits they provide, how anyone
can search and access OLIRs, and how subject matter experts can contribute
OLIRs. This report includes:
- Additional Focal Document
Templates - Functional enhancements to the
OLIR Catalog and Derived Relationships Mapping (DRM) display tool
NISTIR 8278A, National Cybersecurity Online Informative References (OLIR)
Program: Submission Guidance for OLIR Developers, replaces NISTIR
8204. The primary focus of NISTIR 8278A is to instruct Developers on how
to complete the OLIR Focal Document spreadsheet when submitting an Informative
Reference to NIST for inclusion in the OLIR Catalog. This report includes:
- Requirement guidance to include
additional focal document templates introduced in NISTIR 8278. - A “Strength of Relationships”
section (3.2.11) that includes guidance for populating the magnitude field
when evaluating focal and reference document elements. Interested
commenters should read the ‘Note to Reviewers’ (page iii) as we seek
feedback on this requested feature describing additional detail about the
relationship.
Both
publications are based on feedback received from early adopters as well as
discussions at the December 2019
OLIR workshop.
NISTIR
8278 details:
https://csrc.nist.gov/publications/detail/nistir/8278/final
NISTIR
8278A details:
https://csrc.nist.gov/publications/detail/nistir/8278a/final
OLIR
Workshop (December 2019):
https://www.nccoe.nist.gov/events/workshop-cybersecurity-online-informative-references