You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
methodology/UseCases.md lists UC_004 (test plan authoring) and UC_005 (test report correlation) as V1.0 use cases. Today RDX has no schema objects for test cases, test results, or coverage — so tests can only be linked as free-text evidence. That blocks the testing-exchange profile from #50 and the cybersecurity verification side of #57.
Motivation
methodology/UseCases.mdlists UC_004 (test plan authoring) and UC_005 (test report correlation) as V1.0 use cases. Today RDX has no schema objects for test cases, test results, or coverage — so tests can only be linked as free-text evidence. That blocks the testing-exchange profile from #50 and the cybersecurity verification side of #57.Proposed change
testCases[](top-level):id,title,objective,method(penetration-test | fuzzing | static-analysis | code-review | dast | sast | requirement-test),targetedCybersecurityRequirementIds[],targetedThreatScenarioIds[],targetedAttackPathIds[],procedureRef,tooling,prerequisites[],status.testResults[](top-level):id,testCaseId,executedAt,executor,outcome(pass | fail | inconclusive | skipped),findings[](linked tovulnerabilityLinksfrom #44),evidenceRefs[](link tolinkedArtifacts[]Richer SBOM/HBOM/VEX linkage via a typed linkedArtifacts[] traceability layer #52 — typically a test report),confidence.coverageReport(optional, onriskSet):coveredRequirementIds[],coveredThreatScenarioIds[],coveredAttackPathIds[],coverageMetricRef.verifiedBy,evidencedBy(alongside existing).examples/rdx-testing-exchange-example.jsonshowing CSR → test case → test result → coverage report.References
Acceptance criteria
testCases[],testResults[],coverageReportadded in JSON Schema + XSDmethodology/UseCases.mdupdates UC_004/UC_005 to "Supported" with criteriaSurfaced by external AI peer review; see chat transcript for full review text.