National Institute of Standards and Technology (NIST) - Information technology Laboratory (ITL)

SCAP Validation Program Publications and Resources

The following documents and resources are relevant to the SCAP Validation Program.

Documents

SCAP Version 1.2 Validation Program Derived Test Requirements
Revision: 3
Status: Draft
Specification: NIST IR 7511 Rev. 3
SCAP: Security Content Automation Protocol
Version: 1.2
Status: Final
Specification: NIST SP 800-126 Rev. 2

SCAP 1.2 Validation Program FAQ

The FAQ addresses common questions about updates to the SCAP 1.2 Validation Program.
FAQ: SCAP 1.2 Validation Program FAQ

Validation Test Content

SCAP Validation Test Suite
The SCAP 1.2 Validation Test Suite contains data streams in the new SCAP 1.2 combined data stream file format. This test suite is closer to unit testing rather than being based on a checklist. We recommend reviewing the FAQ and Validation Test Suite readme file prior to use.
Validation Test Suite Download: Validation Test Suite Bundle
USGCB Content
Description: The USGCB Red Hat and Windows content is included in the SCAP 1.2 Validation Program.
USGCB Download: http://usgcb.nist.gov/

Tools

SCAP Content Validation Tool
Download: SCAP Content Validation Tool
Description: The SCAP Content Validation Tool is designed to validate the correctness of a SCAP data stream for a particular use case according to what is defined in SP 800-126. This version of the tool is designed to validate SCAP content adhering to SCAP version 1.0 and 1.1. The scapval.html within the tool zip file contains additional information about how to run the tool.
SCAP Reference Implementation Tool
Download: SCAP Interpreter
Description: The SCAP Interpreter is an open source application that processes SCAP data streams. SCAP versions 1.0, 1.1, and 1.2 are supported. The SCAP Interpreter uses the XCCDF and OVAL Interpreters.
XCCDF Reference Implementation Tool
Download: XCCDF Interpreter
Description: The XCCDF Interpreter is an open source application for performing system analysis and report generation using the XCCDF format. This application will process an XCCDF and OVAL file.
OVAL Reference Implementation Tool
Download: OVAL Interpreter
Description: The OVAL interpreter (ovaldi) is an open source application that demonstrates the evaluation of OVAL definitions. This interpreter collects system information, evaluates it, and generates a detailed OVAL Results file.
OCIL Reference Implementation Tool
Download: OCIL Interpreter
Description: The OCIL interpreter (ocilqi) is an open source application that demonstrates how an OCIL document can be evaluated. It guides the end user in completing questionnaires, viewing, and computing results.