About the OVAL Language
The OVAL Language standardizes the three main steps of the assessment process: representing configuration information of systems for testing; analyzing the system for the presence of the specified machine state (vulnerability, configuration, patch state, etc.); and reporting the results of the assessment.
The documents below explain the OVAL Language in more detail.
Language Basics
OVAL Language Overview
Explains how the OVAL Language works, the benefits of the OVAL Language, and how the community participates in the ongoing creation of the OVAL Language.
Use Cases
Seven use cases that exemplify why a standard like the OVAL Language is needed, and how use of OVAL improves the following areas of information security: distribution of security advisories, vulnerability assessment, patch management, configuration management, auditing and centralized audit validation, security information management systems (SIMs), and system inventory.
Language Structure
Provides a detailed explanation of how the OVAL Language is structured with three main categories of XML schemas (system characteristics, definitions, and results), and how each category contains a core schema and a number of component schemas.
Definition Tutorial
How an OVAL Definition is structured in the OVAL Language.
Validating a Document
Explains how to validate an OVAL document to ensure a common and expected structure amongst OVAL documents being passed between different users.
OVAL Developer’s Forum Discussion Archives
Archive of community discussions regarding the ongoing development of the OVAL Language.
Using OVAL
OVAL Language Sandbox
Provides a collaborative environment for the OVAL Community to propose, experiment with, and fully investigate and implement new capabilities before including them in an official release of the language. This ensures that only mature and implementable constructs are added to the OVAL Language even as the effort continuously evolves and stays current with new and emerging technologies.
OVAL Test Content
A set of OVAL Definitions that provides a simple way to test the capability of OVAL Definition Evaluators. After running the OVAL Test Content through an OVAL Definition Evaluator, the OVAL Results will show you which tests are properly supported by that tool. This allows unit testing of tools against the language. Developers may use this content to help guide the development of new tools, users may use this content as part of their evaluation of competing products, and content authors may use the content as a reference for writing new content.
OVAL Author’s Resources
Gathers documents and tools for authoring content in the OVAL Language into a single location. Included are prerequisites, instructional documents, useful tools, and how to obtain further assistance.
Process and Policy Documents
How to Request Changes to the OVAL Language
Guidelines to help OVAL Community members propose changes to the OVAL Language, including requests to add new OVAL Constructs (e.g., component schemas, core capabilities, tests, entities, or functions), improve existing OVAL Constructs, and/or deprecate OVAL Constructs.
Language Revision Process
Details how the OVAL Language changes and evolves, including the four major milestones for creating a new version of the OVAL Language.
Versioning Policy
Defines the methodology used to version the OVAL Language, including what constitutes version changes and how OVAL differentiates language versions via namespace version.
Deprecation Policy
Details how and why unneeded constructs are deprecated from the OVAL Language.
Changes That Break Backward Compatibility
A list by release version (e.g., OVAL 5.10, OVAL 5.9, etc.) of any changes that break backward compatibility with previous versions of the OVAL Language.
Regular Expression Support
OVAL supports a common subset of the regular expression character classes, operations, expressions and other lexical tokens defined within Perl 5’s regular expression specification. This common subset is described here.
Research Efforts
Using the Trusted Platform Module (TPM) to Enhance OVAL Driven Assessments
Provides a basic introduction to the Trusted Computing Group’s Trusted Platform Module (TPM) technology and outlines the synergies between it and the assessment infrastructure supported by the OVAL Language. The document is intended to educate the OVAL community about TPMs in general and about the exciting possibilities made possible by OVAL interactions with the TPM. It is hoped that the paper will encourage vendors to support expansions of OVAL to include TPM information as well as consider infrastructure enhancements that could lead to greater security of the OVAL process.
OVAL Reporting
A resource page for OVAL Reporting, which seeks to address the case where security-relevant information can be automatically located and extracted from a system but a human is required to determine whether it complies with policies. Templates and other downloads are also included.
Page Last Updated: April 28, 2015
