The Open Checklist Interactive Language (OCIL) is a language to express a set of questions to be presented and procedures to interpret responses to these questions for the purpose of developing security checklists. Although its intended domain of use is IT security, its generic nature allows for other applications. For instance, it could be used for authoring research surveys, academic course exams, and instructional walkthroughs. It can also be used to harvest information from previous data collection efforts. This document was originally developed by David Waltermire (The Center for Internet Security) and has been revised by The MITRE Corp with input from the security benchmark community. It is intended for developers and assumes familiarity with XML. The @default_answer_ref on <choice_question @id=''> must specify an answer applicable for the question The @choice_ref on <answer> in <choice_question_result @question_ref=''> must specify an answer applicable for the question <local_variable @id='' references a question of type <> and therefore must be @datatype='TEXT' <local_variable @id='' references a question of type <> and therefore must be @datatype='NUMERIC' <local_variable @id='' references a question of type <> and therefore must be @datatype='TEXT' <local_variable @id='' references a question of type <> and therefore all expressions in <set> must be <when_boolean> <local_variable @id='' references a question of type <> and therefore all expressions in <set> must be <when_choice> <local_variable @id='' references a question of type <> and therefore all expressions in <set> must be <when_pattern> or <when_range> <local_variable @id='' references a question of type <> and therefore all expressions in <set> must be <when_pattern> The @choice_ref on every <when_choice> in <set> in <local_variable @id=''> must specify a choice applicable for the question being referenced in @question_ref='' If @response on < @question_ref=''> is not provided, or is set to 'ANSWERED', then <answer> must not be nil and a value must be provided (or @choice_ref specified if applicable), otherwise <answer> must be nil and no other attributes or values may be specified on <answer> This namespace is required for xml:lang support. The OCILType represents the primary content model for the OCIL. The generator element contains information related to the generation of the file. Specifically, a generator contains information about the application used to create the file, when it was created, and the schema to use to validate it. This element contains document-level information, including title, descriptions, and notices. The questionnaires element contains all the questionnaire constructs defined within the document. The test_actions element contains all the boolean, choice, string, and numeric test actions defined within the document. The questions element contains all the boolean, choice, string, and numeric questions, and any other supporting elements (e.g. choice group) defined within the document. The artifacts element contains all the artifact constructs to be retrieved (as necessary) during evaluation. The variables element contains all the constant, local, and external variables available to be used within the document. The results element contains the results of an evaluation of the OCIL file. This includes records of all questionnaire results, question results, and test_action results. The ocil element is the root XML element of an OCIL document. It contains information about one or more questionnaires. It may also contain results elements to store prior responses. Insures that all test actions are unique. This is a common base element for the question_test_action element. The question_test_action element contains a reference to a single question along with a set of handlers that indicate how processing should proceed based on the answer provided. This element is abstract and is implemented in a document as a boolean_question_test_action, choice_question_test_action, numeric_question_test_action, or string_question_test_action. The type of question_test_action must match the type of question referenced (e.g. a boolean_question_test_action MUST reference a boolean_question.) A boolean_question_test_action element references a boolean_question and includes handlers for TRUE (YES) or FALSE (NO) responses. A choice_question_test_action element references a choice_question and includes handlers for the various choices set out in the choice_question. Ensure that no choice_question_test_action has multiple branches for a single choice. A numeric_question_test_action element references a numeric_question and includes handlers that indicate actions to perform based on whether the response matches a particular value or falls within a particular range. A string_question_test_action element references a string_question and includes handlers that indicate actions to perform based on whether the response matches a given regular expression. A question element contains information for one question that needs to be answered. It can be a boolean_question, choice_question, numeric_question, or string_question depending on the set of acceptable answers. A boolean_question is a type of question element with valid responses of either {TRUE, FALSE} or {YES, NO}. A choice_question is a type of question element with one or more acceptable answers specified by the author. One of these specified answers will be given as the response. Acceptable answers are specified either explicitly using the choice element or implicitly using the choice_group_ref element to reference a choice_group element. Choices are presented in the order in which they are provided. All the choices in a choice_group are inserted in the order in which they appear within the choice_group. A numeric_question is a type of question element that requires a numeric answer. Acceptable values may be positive or negative and may include decimals. A string_question is a type of question element that requires a string answer. A variable element holds information defined by the author, an answer value, or values from external sources. A constant_variable element holds a value defined by the author of the document. A local_variable element holds a value defined during evaluation. It will try to match and set the value based on the answer to a question. An external_variable element is a variable defined elsewhere (an external source). A target element describes the user, system, or role that applies to all questionnaires in scope. For instance, specifying that user Joe Smith should complete this document; applies to system with ip address of 123.45.67.89; applies to all systems functioning as (role) web servers; or all (role) administrators should complete this document. A user element contains information about a target user such as name, organization, position, email, and role. The system element contains information about the organization it belongs to, a set of ip addresses of computers/networks included in the system, description about it, and the roles it performs. A question_result element contains result information associated with a specific question. The specific type of question_result (boolean_question_result, choice_question_result, etc.) depends on the type of the associated question (boolean_question, choice_question, etc.) A boolean_question_result element contains a reference to a boolean_question, the response, and whether the question was successfully posed. A choice_question_result element contains a reference to a choice_question, the response, and whether the question was successfully posed. A numeric_question_result element contains a reference to a numeric_question, the number provided in response, and whether the question was successfully posed. A string_question_result element contains a reference to a string_question, the string provided in response, and whether the question was successfully posed. The QuestionnairesType type defines a container for a set of questionnaire elements. A questionnaire contains a set of questions that determines compliance with a check. Each questionnaire returns a value based on the responses to the various questions that it references. Each questionnaire acting as top-level should represent a single compliance check, such as might be referenced by an XCCDF Rule. The QuestionnaireType type defines a structure that represents a specific question or set of questions that evaluate to a single result. A questionnaire may contain multiple test_actions. test_actions may be nested and aggregated through an acceptable operation to produce the result of a check. Each questionnaire is required to have a unique identifier that conforms to the definition of NCName in the Recommendation "Namespaces in XML 1.0", i.e., all XML 1.0 names that do not contain colons. This attribute specifies whether or not this questionnaire should only appear as a child of another questionnaire. All questionnaires must be defined within the body of the ocil element and, by default, interpreters might simply grab all questionnaires and evaluate them. However, questionnaires can reference other questionnaires through a test_action_ref. If an author references a questionnaire in this way, they may not wish that the questionnaire be evaluated except as a child of another questionnaire. By setting the child_only attribute to true, the author is indicating that the given questionnaire should not be a "top-level" questionnaire but should instead only be evaluated as the child of another questionnaire. The GeneratorType type defines an element that is used to hold information about when a particular OCIL document was generated, what version of the schema was used, what tool was used to generate the document, and what version of the tool was used. Additional generator information is also allowed although it is not part of the official OCIL language. Individual organizations can place generator information that they feel is important. The product_name element specifies the name of the application used to generate the file. The product_version element specifies the version of the application used to generate the file. The author element identifies one of the authors of this document. The schema_version element specifies the version of the OCIL schema that the document has been written in and that should be used for validation. The timestamp element specifies when the particular OCIL document was generated. The format for the timestamp is yyyy-mm-ddThh:mm:ss. The additional_data element can be used to contain metadata extensions about the generator used to create the OCIL document instance. The DocumentType type describes structures used to provide document-level information, including title, descriptions, and notices. The title element provides a title for this document. Each description element contains part of an overall description for the entire document. (Note that questionnaires contain their own description for questionnaire specific descriptions.) TODO: Consider changing this to XHTML structured text in the next revision. Each notice element contains a notice or warning to the user of this document. TODO: Consider changing this to XHTML structured text in the next revision. The TestActionsType type defines a container for a set of test action elements. The test_action element contains information about what action to take based on the answer to a referenced question element within a questionnaire. It can be a compound_test_action, boolean_question_test_action, choice_question_test_action, numeric_question_test_action, or string_question_test_action. The QuestionTestActionType type defines structures that are used to hold handlers for non-standard results (UNKNOWN, NOT_TESTED, NOT_APPLICABLE, and ERROR) received from a referenced question. All children of question_test_action extend this type. The title element contains a descriptive heading for this set of handlers. The when_unknown element contains processing instructions for when the received result is UNKNOWN. The when_not_tested element contains processing instructions for when the received result is NOT_TESTED. The when_not_applicable element contains processing instructions for when the received result is NOT_APPLICABLE. The when_error element contains processing instructions for when the received result is ERROR. The question_ref attribute contains the id value of a question element. Each item is required to have a unique identifier that conforms to the definition of NCName in the Recommendation "Namespaces in XML 1.0", i.e., all XML 1.0 names that do not contain colons. The BooleanQuestionTestActionType type defines a structure that references a boolean_question and includes handlers for TRUE (YES) or FALSE (NO) responses. The element when_true specifies the action to do when the answer is true. The element when_false specifies the action to do when the answer is false. The ChoiceQuestionTestActionType type defines a structure that references a choice_question and includes handlers for the various choices set out in the choice_question. Specifies the action to perform when the indicated choice is selected. The NumericQuestionTestActionType type defines a structure that references a numeric_question and includes handlers that indicate actions to perform based on whether the response matches a particular value or falls within a particular range. This structure is used to ensure that any number of when_equals and when_range handlers may appear, but there must be at least one handler (of one type or the other) and any when_equals handlers must precede any when_range. This element holds information on what to do when the answer matches the specified value. This element holds information on what to do when the answer is within a specified range of values. This element holds information on what to do when the answer is within a specified range of values. The StringQuestionTestActionType type defines a structure that references a string_question and includes handlers that indicate actions to perform based on whether the response matches a given regular expression. This element holds information on what to do when the answer matches a specified regular expression pattern. The TestActionRefType type defines a structure that holds a reference (id) to a test_action or questionnaire. The negate attribute can be used to specify whether to toggle the result from PASS to FAIL, and vice versa. A result other than PASS or FAIL (e.g. ERROR, NOT_TESTED) will be unchanged by a negate operation. The ChoiceTestActionConditionType type defines a structure that specifies the action to take in a choice_test_action when a particular choice is selected in response to a choice_question. The choice_ref element specifies the id of a choice. The EqualsTestActionConditionType defines a structure that specifies the action to take in a numeric_test_action when a particular value is given in response to a numeric_question. Each value holds what is to be matched. The RangeTestActionConditionType type defines a structure that specifies the action to take in a numeric_test_action when a value given in response to a numeric_question falls within the indicated range. Each range element holds a single numeric range. The PatternTestActionConditionType type defines a structure that specifies the action to take in a string_test_action when a string given in response to a string_question matches the given regular expression. Each pattern element holds a regular expression against which the response string is to be compared. The PatternType type defines a structure that specifies a regular expression against which a string will be compared. This contents of this field must be a Perl Compatible Regular Expression (PCRE). TODO: use a pattern to constrain the syntax of the PCRE pattern. The RangeType type defines a structure that specifies a range against which a numeric response is to be compared. The min element contains a minimum value for the range. The max element contains a maximum value for teh range. The TestActionConditionType complex type specifies processing instructions - either produce a result or move on to another test. The TestActionConditionType is extended by all handlers ("when_...") in test_actions. This element indicates that a final value (i.e. PASS, FAIL, ERROR, UNKNOWN, NOT_TESTED, NOT_APPLICABLE) should be returned if the encapsulating handler is invoked. This element indicates that a new test_action should be processed if the encapsulating handler is invoked. The artifact_refs element contains all the artifacts that must be requested when a question, test_action, or questionnaire has been evaluated. Defines a specific bound in a range. The inclusive attribute specifies whether the value should be in the specified range. The default is true, indicating it is included. A reference to a variable to use as the value. The QuestionsType type defines structures containing a set of QuestionType and ChoiceGroupType elements. The question element contains information for a single question to be answered. Based on the data type of acceptable answers to the question, it can be a boolean_question, choice_question, numeric_question, or string_question. Holds choice groups which represent possible sets of choices for choice_questions. Choice_groups may be reused across multiple choice_questions. The QuestionTextType complex type defines a structure to hold the text and variables that comprise a question's text. Allow the inclusion of arbitrary text contained within a variable. The QuestionType complex type defines a structure to describe a question and any instructions to help in determining an answer. The question_text element provides the text of the question to pose. An optional instructions element may be included to hold additional instructions to assist the user in determining the answer to the question. Each item is required to have a unique identifier that conforms to the definition of NCName in the Recommendation "Namespaces in XML 1.0", i.e., all XML 1.0 names that do not contain colons. The BooleanQuestionType type defines a question with valid responses of either {TRUE, FALSE} or {YES, NO}. The default_answer attribute specifies the default value of the boolean_question. Its value may be set to true or false. The model attribute specifies whether the response should be from the set {True, False} or the set {YES, NO}. If the value of this attribute is not set, then it defaults to MODEL_YES_NO (i.e. response can either be YES or NO). The ChoiceQuestionType type defines a question with one or more acceptable answers specified by the author. The response will be one of these specified answers. Acceptable answers are specified either explicitly using the choice element or implicitly using the choice_group_ref element to reference a choice_group element. Choices are presented in the order in which they are provided. All the choices in a choice_group are inserted in the order in which they appear within the choice_group. Holds the information associated with one of the possible responses to this choice_question. Holds a reference to a choice_group. The questions described in this choice group are used as possible responses for this choice_question. The default_answer_ref specifies the choice id of the default answer to the question. The NumericQuestionType type defines a question that requires a numeric answer. Acceptable values may be positive or negative and may include decimals. An optional default value may be specified as the answer. The StringQuestionType type defines a question that requires a string answer. An optional default value may be specified as the answer. The BooleanQuestionModelType type provides the acceptable models (i.e. set of acceptable responses) for a boolean_question. MODEL_YES_NO represents a response set of {YES, NO}. MODEL_TRUE_FALSE represents a response set of {TRUE, FALSE}. The ChoiceType type defines structures that hold information about one acceptable answer to a choice_question. All choices are tagged with a unique identifier that may be referenced by a choice_test_action referencing the encapsulating choice_question. The ChoiceGroupType type defines a group of choices that may then be reused in multiple choice_question elements. For example, a document may include multiple choice_questions with the options of "Good", "Fair", or "Poor". By defining these choices in a single choice_group, the author would not need to list them out explicitly in every choice_question. Holds the information associated with one of the possible responses for a choice_question. Holds the id of this choice group. This id is referenced within choice_question elements to include the choices contained in a group. The InstructionsType type defines a series of steps intended to guide the user in answering a question. The title element contains a descriptive heading for the instructions. Each step element contains a single step within the instructions. The ResultsType type defines structures containing results from questionnaires, test actions, questions, artifacts, and metadata about the start/end time of evaluation, any targets, and a short caption or title. The title element contains a descriptive heading or caption describing the result set. The questionnare_results element contains computed results of all the evaluated questionnaires. The test_action_results element contains computed results of all the evaluated test_action types. The question_results element contains computed results of all evaluated question types. The artifact_results element contains all artifacts that have been retrieved during evaluation. Scope is the entire document. The targets element contains all the actual target users, systems, and roles for which the OCIL document has been applied. The start_time attribute is an optional attribute that specifies when the evaluation of this OCIL file started. The end_time attribute is an optional attribute that specifies when the evaluation of this OCIL file ended. The QuestionnaireResultsType type defines structures containing computed results of all the evaluated questionnaires. The questionnaire_result element contains information about the result of a particular questionnaire. The TestActionResultsType type defines structures containing computed results of all the evaluated test action types. The test_action_result element contains the result of a test_action evaluation. One of these elements will appear for each test_action evaluated. The QuestionResultsType type defines structures containing computed results of all evaluated question types. A question_result element contains result information associated with a specific question. The specific type of question_result (boolean_question_result, choice_question_result, etc.) depends on the type of the associated question (boolean_question, choice_question, etc.) The QuestionnaireResultType type defines structures containing the computed result, associated artifacts and targets of a particular questionnaire. The artifact_results element contains a set of retrieved artifacts. The questionnaire_ref attribute identifies a particular questionnaire using its id. The result attribute holds the result of evaluating the specified questionnaire. The TestActionResultType type defines structures containing all computed results of a TestActionType. One of these elements will appear for each test_action evaluated. The artifact_results element contains a set of retrieved artifacts. The test_action_ref attribute identifies a specific test_action using its id. The result attribute holds the result of evaluating the specified test_action specified. The QuestionResultType complex type defines structures that hold information about a question and the response to it. The question_ref attribute contains the id of a question. The response attribute classifies the response. If the answer to the question is standard, the response is set to ANSWERED (the default). If, however, the answer is exceptional (UNKNOWN, NOT_APPLICABLE, etc.) then this attribute will be set to the corresponding exceptional result. The BooleanQuestionResultType type defines structures containing a reference to a boolean_question, the response, and whether the question was successfully posed. The value of the answer to the boolean_question. It could either be TRUE or FALSE. The ChoiceQuestionResultType type defines structures containing a reference to a choice_question, the response, and whether the question was successfully posed. The answer element contains a choice_ref attribute that identifies the selected choice. The NumericQuestionResultType type defines structures containing a reference to a numeric_question, the provided response, and whether the question was successfully posed. The decimal value of the answer to a numeric_question. The StringQuestionResultType type defines structures containing a reference to a string_question, the string provided in response, and whether the question was successfully posed. The string value of the answer to a string_question. The ResultType simple type defines acceptable result values for questionnaires and test_actions. || P | F | E | U | NT | NA || ---------------||-----------------------------||------------------||------------------------------------------ || 1+ | 0 | 0 | 0 | 0 | 0+ || Pass || 0+ | 1+ | 0+ | 0+ | 0+ | 0+ || Fail AND || 0+ | 0 | 1+ | 0+ | 0+ | 0+ || Error || 0+ | 0 | 0 | 1+ | 0+ | 0+ || Unknown || 0+ | 0 | 0 | 0 | 1+ | 0+ || Not Tested || 0 | 0 | 0 | 0 | 0 | 1+ || Not Applicable || 0 | 0 | 0 | 0 | 0 | 0 || Not Tested ---------------||-----------------------------||------------------||------------------------------------------ || 1+ | 0+ | 0+ | 0+ | 0+ | 0+ || Pass || 0 | 1+ | 0 | 0 | 0 | 0+ || Fail OR || 0 | 0+ | 1+ | 0+ | 0+ | 0+ || Error || 0 | 0+ | 0 | 1+ | 0+ | 0+ || Unknown || 0 | 0+ | 0 | 0 | 1+ | 0+ || Not Tested || 0 | 0 | 0 | 0 | 0 | 1+ || Not Applicable || 0 | 0 | 0 | 0 | 0 | 0 || Not Tested A PASS value indicates that the check passed its test. A FAIL value indicates that the check did not pass its test. The ExceptionalResultType type defines possible exceptional results of a question. An UNKNOWN value indicates that the result of a test cannot be determined. An ERROR value indicates that an error occured while processing the check. Among other causes, this can indicate an unexpected response. A NOT_TESTED value indicates that the check has not been tested yet. A NOT_APPLICABLE value indicates that the check is not relevant and can be skipped. The UserResponseType type defines structures containing the type of response. The question could have been answered or an exceptional condition may have occurred. Indicates that the question was answered. The ChoiceAnswerType type defines structures containing a choice_ref attribute that identifies the selected choice. The choice_ref attribute specifies the id of the selected choice. The ArtifactsType type defines structures containing a set of artifact elements. An artifact element holds information about an artifact, which is evidence supporting an answer. Examples include a file or submitted text. The ArtifactType type defines structures containing information about an artifact such as title, description, persistence, and if it's required to complete an answer to a question. The title element holds a short summary or a caption about the artifact. The description element holds information that describes what the artifact is about. Each item is required to have a unique identifier that conforms to the definition of NCName in the Recommendation "Namespaces in XML 1.0", i.e., all XML 1.0 names that do not contain colons. The persistent attribute specifies whether the artifact is time sensitive or not. If the value is true, then a snapshot or a copy must be kept. Otherwise, a pointer to the location of the artifact is enough. The default value is true. The ArtifactRefsType type defines a collection of artifact references that may be collected as part of a questionnaire assessment. A single reference to an artifact. The ArtifactRefType type defines a single artifact reference that may be collected as part of a questionnaire assessment. The identifier of a referenced artifact. The required element specifies whether the artifact must be included or not. If true, then it must be included. The questionnaire is not considered complete without it. Otherwise, it is desired but not necessary. The ArtifactResultsType type defines structures containing a set of artifact_result elements. The artifact_result element contains an artifact, its value, who submitted it, and who provided it. The ArtifactValueType type defines structures containing either the artifact data itself or a pointer to it. The artifact_value element contains either a piece of artifact data itself or a pointer to it. The base data structure that holds artifact values that are embedded into the results model. The MIME type of the embedded content. Since the list of MIME types are continually expanding, this schema does not make an attempt to constrain the allowed values. The data model that holds text-based artifacts. The data element contains the text of an artifact that was provided as a text file or a block of text. The text_artifact_value element contains an artifact that was provided as a text file or a block of text. The data model that holds binary data-based artifacts. The data element contains a binary file, which was provided as an artifact. The binary_artifact_value element contains an artifact that was provided as a binary file. The data model that references external artifacts. The reference element contains a URI, which is a pointer to the location of an artifact. The href attribute specifies a URI provided by the user. The reference_artifact_value element contains a reference to the location of an artifact. The ArtifactResultType type defines structures containing information about the submitted artifact, its value, who provided and submitted it, and when it was submitted. The artifact_value element contains either the artifact data itself or a pointer to it. The provider element contains information about the user or system that provided the artifact. The submitter element contains information about the user who submitted the artifact. The artifact_ref holds the unique identifier of the artifact object that describes what the artifact is about, the type of data it holds, and other metadata. The timestamp attribute holds the date and time when the artifact was collected. The TargetsType type defines structures containing a set of target elements. A target element describes the user, system, or role that applies to all questionnaires in scope. For instance, specifying that user Joe Smith should complete this document; applies to system with ip address of 123.45.67.89; applies to all systems functioning as (role) web servers; or all (role) administrators should complete this document. The UserType type defines structures containing information about a user such as name, organization, position, email, and role. The organization element specifies the company or institution that the user belongs to. The position element holds the job title or the position of the user within his/her organization. The email element holds the email address where the user can be contacted. TODO: define an email pattern The SystemTargetType type defines structures containing information about the organization it belongs to, a set of ip addresses of computers/networks included in the system, descrioption about it, and the roles it performs. The organization element specifies what company or institution the system belongs to. The ipaddress element holds the ip address of a target computer/network. TODO: define an IPv4/v6 address pattern The description element holds information on what the target system is about. The VariablesType type defines structures containing a set of variables. A variable element holds a value defined by the author, a value based on a question's answer, or a value from an external source. The VariableType type defines structures used to hold a single value. The description element holds information that describes the value stored on the variable. Each item is required to have a unique identifier that conforms to the definition of NCName in the Recommendation "Namespaces in XML 1.0", i.e., all XML 1.0 names that do not contain colons. The datatype attribute specifies how to treat the variable's value. It can be TEXT or NUMERIC. The ConstantVariableType type defines structures containing a value defined by the author of the document. The value element holds the data stored on the variable. The LocalVariableType type defines structures containing a value determined during evaluation. The value is determined based on the answer to the linked question. If one or more set elements are present, the value is computed based on those set elements. The value stored in the first set element that produces a match pattern is used. If none of the set elements have a pattern that matches the response, then an error result is generated. If no set element is provided, the value used will be the same as the answer, with a few exceptions. The mappings are listed below. 1) If the question is a boolean question and the variable data type is NUMERIC, then the value based on the answer must be 1 for true and 0 for false. 2) If the question is a boolean question and the variable data type is TEXT, then the value is determined by the question's model as follows: a) MODEL_YES_NO: the value must be yes if true or no if false. b) MODEL_TRUE_FALSE: the value must be true if true or false if false. 3) If the question is a choice question, the variable data type must be TEXT and the value must be set to the text value of the choice. 4) If the question is a numeric question, the variable data type must be NUMERIC and the value must be set to the value of the answer. 5) If the question is a string question, the variable data type must be TEXT and the value must be set to the value of the answer. If a local variable is referenced and the value cannot be determined, then the referencing question or test action should cause an ERROR result to be generated by all referencing test actions. The set element contains information describing how to compute the value to be stored on the variable. It holds the patterns, choice_refs, range or boolean values to be matched with the answer to the linked question; and the appropriate value to be stored on the variable based on the match. The question_ref attribute holds the unique identifier of the question in which the variable is linked. The ExternalVariableType type defines structures containing a value defined elsewhere or some external source. The SetExpressionBaseType type is the base type of all set expressions. It defines the value to use if the expression evaluates to TRUE. The value element contains the data to be stored on the variable if the expression evaluates to TRUE. The expression element provides a substitution for a variety of expressions that can be used to compute a variable value. The SetExpressionPatternType type defines criteria for evaluating the result of a question answer as a string. If the pattern matches, the expression must evaluate to TRUE. The pattern attribute is a string representation of the pattern to be matched. The when_pattern element type defines criteria for evaluating the result of a numeric or string question result based on a pattern. If the pattern matches, the expression must evaluate to TRUE. The SetExpressionChoiceType type defines criteria for evaluating the result of a question answer based on the choice made. If the referenced choice is selected the expression must evaluate to TRUE. The choice_ref attribute is a reference to the choice associated with the question. The when_choice element type defines criteria for evaluating the result of a choice question result based on the answer selected. If the choice_ref matches identifier of the selected choice, the expression must evaluate to TRUE. The SetExpressionRangeType type defines criteria for evaluating the result of a question answer based on the decimal value entered. If the answer is within the range (inclusive) the expression must evaluate to TRUE. The minimum decimal value of the range (inclusive). The maximum decimal value of the range (inclusive). The when_range element type defines criteria for evaluating the result of a numeric question result based on the answer selected. If the answer is within the range (inclusive), the expression must evaluate to TRUE. The SetExpressionBooleanType type defines criteria for evaluating the result of a question answer based on the boolean value entered. If the answer matches the expression must evaluate to TRUE. The boolean value to match. The when_boolean element type defines criteria for evaluating the result of a boolean question result based on the answer selected. If the answer matches, the expression must evaluate to TRUE. The VariableSetType type defines structures containing information describing how to compute a variable value. It holds the patterns, choice_refs, range, or boolean values to be matched; and the appropriate value to be stored on the variable based on the match. The expression element provides a substitution for a variety of expressions that can be used to compute a variable value. Each expression must be evaluated in order until one expression matches. The computed value of the set is the value of first expression that matches. The VariableDataType simple type defines how a variable data value should be treated or used. The TEXT value specifies that the variable data value should be treated as text. The NUMERIC value specifies that the variable data value should be treated as numeric. A type that is used to represent text from a variable that may be inserted into a text string within this model. The ReferenceType complex type defines structures used to hold information about an external reference given its URI and description. This structure may be used to reference other standards such as CVE, CCE, or CPE. To do so, the href attribute would give the relevant namespace. For example, the namespace of the current version of CPE is http://cpe.mitre.org/dictionary/2.0 and the body of this element would hold a specific CPE identifier. References to other information (documents, web pages, etc.) are also permitted. The href attribute holds the URI of an external reference. This may be the namespace associated with the information in the body or a web URL containing relevant information. The StepType complex type defines structures that describe one step (out of possibly multiple steps) that a user should take to respond to a question. The steps would appear as part of the question's instructions element. The description element contains information about this step. The reference element contains information about any external references related to this step. The step element contains a substep for this step. The is_done attribute indicates whether this step has been done. The value is true when it is done. Otherwise, it is false. It is an optional attribute that defaults to false. The is_required attribute indicates whether a step is required or not. If it is not, then it can be skipped. It is an optional attribute that defaults to true. The ItemBaseType complex type defines structures allowing a set of notes to be included. This type is inherited by many of the elements in the OCIL language. An optional set of notes to describe additional information. The specific refision of this item. This attribute is optional to support compatability with existing content. By default the revision is '0' meaning that it is the initial revision. It is assumed that subsequent revisions will increment this value by 1. The NamedItemBaseType complex type defines structures allowing a set of notes and the name of a target (system or user) to be included. The name element holds the name of a target (system or user). The CompoundTestActionType type describes the structures used to combine multiple test_action elements into a single result. The title element contains a descriptive heading for the set of test_actions. The description element holds information describing the set of test_actions. The references element holds one or more reference elements. Examples could include references to other standards, including but not limited to CVE, CCE, or CPE. The actions element holds one or more test_action elements along with the operators used to combine them into a single result. The ReferencesType complex type contains a set of references. The reference element contains information about any external references. Examples could include references to other standards such as CVE, CCE, or CPE. The OperationType type defines structures that hold a set of test_actions and provide instructions as to how to aggregate their individual results into a single result. The test_action_ref element holds the identifier of a test_action element. At least one test_action_ref must be included. The operation attribute describes how to aggregate the results of a set of test_actions. Its value defaults to the Boolean operator "AND". The negate attribute can be used to specify whether to toggle the result from PASS to FAIL, and vice versa. A result other than PASS or FAIL (e.g. ERROR, NOT_TESTED) will be unchanged by a negate operation. The OperatorType simple type provides a list of possible operator values that operate on a set of test_action elements. The AND operator produces a true result if every argument is true. If one or more arguments are false, the result of the AND is false. See the truth table provided in the ResultType type for a complete list of how the various result types are combined by an AND operation. The OR operator produces a true result if one or more arguments is true. If every argument is false, the result of the OR is false. See the truth table provided in the ResultType type for a complete list of how the various result types are combined by an OR operation. The TextType complex type defines an element that holds basic string information. This attribute specifies the language in which to interpret the information. A test_action_ref may refer to either a test_action or a questionnaire. This type represents the union of these two ID patterns. ID values for questionnaires must match this pattern. Each ID must be unique within an OCIL document. ID values for test_actions must match this pattern. Each ID must be unique within an OCIL document. ID values for questions must match this pattern. Each ID must be unique within an OCIL document. ID values for choices in choice_questions must match this pattern. Each ID must be unique within an OCIL document. ID values for choice_group references in choice_questions must match this pattern. Each ID must be unique within an OCIL document. ID values for variable references must match this pattern. Each ID must be unique within an OCIL document. ID values for artifact references must match this pattern. Each ID must be unique within an OCIL document. Provider for artifacts may be a user or a system. This type represents the union of these two ID patterns.