stella-ops.org/git.stella-ops.org
1
0
Fork 0
Code Issues Pull Requests Actions 16 Releases Wiki Activity
Files
10212d67c0dfa0dd849fd798c24502b773664749
git.stella-ops.org/docs/modules/concelier/feeds/icscisa-kisa.md
master 10212d67c0
Some checks failed
Docs CI / lint-and-preview (push) Has been cancelled
Details
api-governance / spectral-lint (push) Has been cancelled
Details
Refactor code structure for improved readability and maintainability; removed redundant code blocks and optimized function calls.
2025-11-20 07:50:52 +02:00

47 lines
2.5 KiB
Markdown
Raw Blame History

# ICSCISA / KISA Feed Remediation Plan (v0.1 · 2025-11-19)
## Purpose
Define a minimal, actionable plan to refresh overdue ICSCISA and KISA connectors, restore provenance freshness, and publish normalized payload fields for downstream Advisory AI and Concelier consumers.
## Owners
- Feed owners: Concelier Feed Guild
- Product advisory liaison: Product Advisory Guild
- Backup: Docs Guild
## Scope & cadence
- Feeds: ICSCISA, KISA (security advisories)
- Refresh cadence: weekly pull; publish hashlist and timestamps per run
- Staleness budget: <14 days; alert if exceeded
## Deliverables (for PREP-FEEDCONN-ICS-KISA-PLAN)
1) **Provenance refresh SOP**
- Mirror source URLs to internal cache
- Record `source_url`, `fetched_at` (UTC), `sha256`, `signature` (if present)
- Store run log under `out/feeds/icscisa-kisa/<YYYYMMDD>/fetch.log`
2) **Normalized payload fields**
- `advisory_id`, `title`, `summary`, `published`, `updated`, `severity` (pass-through), `cvss` (if provided), `cwe`, `affected_products` (list), `references` (list of URL strings), `signature` (object or null)
- Preserve source values; no inference or merging
3) **Backlog cleanup**
- Reprocess last 60 days; compare hash to prior ingests; flag changed advisories
- Emit delta report (`out/feeds/icscisa-kisa/<YYYYMMDD>/delta.json`): added/updated/removed ids, counts
4) **Provenance note**
- Publish `docs/modules/concelier/feeds/icscisa-kisa-provenance.md` with current signing keys/fingerprints, expected headers, and fallback when signatures missing
5) **Next review date**
- Set to 2025-12-03 (two-week check) and capture SIG verification status
## Actions & timeline
- T0 (2025-11-19): adopt SOP + field map; create delta report template
- T0+2d (2025-11-21): run backlog reprocess, publish artefacts + hashes
- T0+14d (2025-12-03): review staleness, adjust cadence if needed
## Artefact locations
- Normalized advisories: `out/feeds/icscisa-kisa/<YYYYMMDD>/advisories.ndjson`
- Fetch log + hashes: `out/feeds/icscisa-kisa/<YYYYMMDD>/fetch.log`, `hashes.sha256`
- Delta report: `out/feeds/icscisa-kisa/<YYYYMMDD>/delta.json`
- Provenance note: `docs/modules/concelier/feeds/icscisa-kisa-provenance.md`
## Risks & mitigations
- Source downtime mirror last good snapshot; retry daily for 3 days.
- Missing signatures record `signature=null`, log `skip_reason` in provenance note; do not infer validity.
- Schema drift treat as new fields, store raw, add to field map after review (no drop).
Reference in New Issue View Git Blame Copy Permalink