TREsPASS-ISKE Integration -- The Case Study
Back to the list of topics.
One of the goals of the TREsPASS project is to integrate (if it is possible) the TREsPASS platform into ISKE, the baseline security best practices catalogue, used in Estonia.
The suggested topic builds up on the results of the thesis named "Assessment of Integration Possibilities of the TREsPASS Toolset into the ISKE Tool" defended in January 2015. The thsis provides a high-level outline of, as the title of the thesis sais, the integration possibilities of the TREsPASS toolset into the ISKE tool. An initial arcitecture of the integrated solution is one of the results of the thesis. The thesis concludes that for the time being, out-of-the-box integration of TREsPASS into ISKE is impossible. TREsPASS requires the description of the target infrastructure on much greater level of detailzation, that ISKE might provide, which results in extra effort in designing and deploying extra components, such as the MPL (aka Model Pattern Library). From the analysis point of view the fact that too much input information for the model is taken from the shared libraries (and thus is based on assumptions) we face too many assumptions in our models which might make the result of such an analysis not reliable. Still, on the other hand, integration of TREsPASS into ISKE is a fruitful goal for the project and TREsPASS-ISKE integration implications need to be investigated further.
In this thesis, based on the two case studies of the TREsPASS project, we need to derive specific functional requirements for the further development of the ISKE tool. The refined version of the tasks:
- Get familiar with the TREsPASS project, ISKE, and ISKE tool.
- Model the two case studies in ISKE tool.
- Create corresponding TREsPASS models.
- Derive and outline missing parts (what w.r.t. the specific case studies TREsPASS model requires that ISKE cannot provide)
- Derive the set of functional requirements for the future iteration of development of the ISKE tool.