About the OVAL Language

The OVAL Language standardizes the three main steps of the assessment process: representing configuration information of systems for testing; analyzing the system for the presence of the specified machine state (vulnerability, configuration, patch state, etc.); and reporting the results of the assessment.

The documents below explain the OVAL Language in more detail.

Language Basics

OVAL Language Overview

Explains how the OVAL Language works, the benefits of the OVAL Language, and how the community participates in the ongoing creation of the OVAL Language.

Use Cases

Seven use cases that exemplify why a standard like the OVAL Language is needed, and how use of OVAL improves the following areas of information security: distribution of security advisories, vulnerability assessment, patch management, configuration management, auditing and centralized audit validation, security information management systems (SIMs), and system inventory.

Language Structure

Provides a detailed explanation of how the OVAL Language is structured with three main categories of XML schemas (system characteristics, definitions, and results), and how each category contains a core schema and a number of component schemas.

Definition Tutorial

How an OVAL Definition is structured in the OVAL Language.

Validating a Document

Explains how to validate an OVAL document to ensure a common and expected structure amongst OVAL documents being passed between different users.

OVAL Developer’s Forum Discussion Archives

Archive of community discussions regarding the ongoing development of the OVAL Language.

Using OVAL

OVAL Language Sandbox

Provides a collaborative environment for the OVAL Community to propose, experiment with, and fully investigate and implement new capabilities before including them in an official release of the language. This ensures that only mature and implementable constructs are added to the OVAL Language even as the effort continuously evolves and stays current with new and emerging technologies.

OVAL Test Content

A set of OVAL Definitions that provides a simple way to test the capability of OVAL Definition Evaluators. After running the OVAL Test Content through an OVAL Definition Evaluator, the OVAL Results will show you which tests are properly supported by that tool. This allows unit testing of tools against the language. Developers may use this content to help guide the development of new tools, users may use this content as part of their evaluation of competing products, and content authors may use the content as a reference for writing new content.

OVAL Author’s Resources

Gathers documents and tools for authoring content in the OVAL Language into a single location. Included are prerequisites, instructional documents, useful tools, and how to obtain further assistance.

Process and Policy Documents

How to Request Changes to the OVAL Language

Guidelines to help OVAL Community members propose changes to the OVAL Language, including requests to add new OVAL Constructs (e.g., component schemas, core capabilities, tests, entities, or functions), improve existing OVAL Constructs, and/or deprecate OVAL Constructs.

Language Revision Process

Details how the OVAL Language changes and evolves, including the four major milestones for creating a new version of the OVAL Language.

Versioning Policy

Defines the methodology used to version the OVAL Language, including what constitutes version changes and how OVAL differentiates language versions via namespace version.

Deprecation Policy

Details how and why unneeded constructs are deprecated from the OVAL Language.

Changes That Break Backward Compatibility

A list by release version (e.g., OVAL 5.10, OVAL 5.9, etc.) of any changes that break backward compatibility with previous versions of the OVAL Language.

Regular Expression Support

OVAL supports a common subset of the regular expression character classes, operations, expressions and other lexical tokens defined within Perl 5’s regular expression specification. This common subset is described here.

Research Efforts

Using the Trusted Platform Module (TPM) to Enhance OVAL Driven Assessments

Provides a basic introduction to the Trusted Computing Group’s Trusted Platform Module (TPM) technology and outlines the synergies between it and the assessment infrastructure supported by the OVAL Language. The document is intended to educate the OVAL community about TPMs in general and about the exciting possibilities made possible by OVAL interactions with the TPM. It is hoped that the paper will encourage vendors to support expansions of OVAL to include TPM information as well as consider infrastructure enhancements that could lead to greater security of the OVAL process.

OVAL Reporting

A resource page for OVAL Reporting, which seeks to address the case where security-relevant information can be automatically located and extracted from a system but a human is required to determine whether it complies with policies. Templates and other downloads are also included.

Back to top

Page Last Updated: April 28, 2015