Motivation
TAF and AFR assessments rely on consistent attacker capability descriptions (resources, skills, time, equipment) to be comparable across assessments and between organizations. RDX currently supports tafAssessments but lacks a canonical, reusable attacker capability catalog. A shared Attacker Capability Library (ACL) enables: consistent TAF scoring, sharing of attacker capability definitions between OEMs and suppliers, and small-footprint references in tafAssessments rather than repeating freeform attacker descriptions.
Proposed change
- Schema additions
-
Add optional attackerCapabilities[] at riskSet level. Each capability entry SHOULD include:
id (string)
title (string)
description (string)
resourceProfile (object): { "timeHours": { "min": number, "median": number, "max": number }, "budgetUSD": { "min": number, "median": number, "max": number } } (optional)
skillSet[] (array of strings or enumerated values, e.g., ["exploitDev","socialEngineering","hardwareReverse"])
equipment[] (array strings, e.g., ["JTAG","Oscilloscope","customFirmwareTooling"])
accessModes[] (enum): subset of ["remote","adjacent","physical","insider"]
detectionRisk (enum): ["low","medium","high"] — ease of evading detection
confidence (string|number) — optional confidence metadata
references[] — external taxonomy links (e.g., ATT&CK PATTERN ids)
-
Add attackerCapabilityRefs[] (array of capability ids) to tafAssessments and attackFeasibilityRatings. Allow each reference to include weight (0..1) to support blended capability profiles.
- Library provisioning & reuse
- Provide a suggested baseline ACL in
spec/attacker-capabilities/standard-acl.json with a small curated set (e.g., "opportunist", "skilled-criminal", "nation-state"), each with example numeric resource profiles to seed tooling.
- Examples
- Add
examples/rdx-taf-acl-example.json showing tafAssessments referencing attackerCapability ids and how factorRatings map to capability properties.
- Backwards compatibility
- If no
attackerCapabilities present, tafAssessments continue to support existing freeform targetContext.attackerProfile strings; the ACL is additive and optional.
- New requirement ID: RDX-117 (new requirement): "Provide an optional attackerCapabilities library for standardized TAF capability descriptions and referencing from tafAssessments and AFRs." Update REQUIREMENTS.md.
References
Acceptance criteria
- Schema: spec/json/rdx.schema.json and spec/xml/rdx.xsd accept
attackerCapabilities[] and attackerCapabilityRefs[] and validate the new example.
- Example:
examples/rdx-taf-acl-example.json demonstrates referencing standard ACL entries from tafAssessments and includes at least three capability examples (opportunist, organized-criminal, nation-state) with numeric resource profiles.
- Documentation: methodology/CAL-TAF-Integration.md updated explaining how to use ACL entries, weightings, and how to map capability properties to tafAssessments
factorRatings.
- REQUIREMENTS.md: add RDX-117 and map to RDX-021 (Attack Feasibility Ratings) and RDX-024 (Impact Ratings) in the rationale.
- CI: validation of example passes in ./tools/validate.sh.
Generated by tools/ai_idea_scout.py via the AI Idea Scout workflow.
Review the proposal, refine the title/body/labels, and close if not desired.
Motivation
TAF and AFR assessments rely on consistent attacker capability descriptions (resources, skills, time, equipment) to be comparable across assessments and between organizations. RDX currently supports
tafAssessmentsbut lacks a canonical, reusable attacker capability catalog. A shared Attacker Capability Library (ACL) enables: consistent TAF scoring, sharing of attacker capability definitions between OEMs and suppliers, and small-footprint references intafAssessmentsrather than repeating freeform attacker descriptions.Proposed change
Add optional
attackerCapabilities[]atriskSetlevel. Each capability entry SHOULD include:id(string)title(string)description(string)resourceProfile(object):{ "timeHours": { "min": number, "median": number, "max": number }, "budgetUSD": { "min": number, "median": number, "max": number } }(optional)skillSet[](array of strings or enumerated values, e.g., ["exploitDev","socialEngineering","hardwareReverse"])equipment[](array strings, e.g., ["JTAG","Oscilloscope","customFirmwareTooling"])accessModes[](enum): subset of ["remote","adjacent","physical","insider"]detectionRisk(enum): ["low","medium","high"] — ease of evading detectionconfidence(string|number) — optional confidence metadatareferences[]— external taxonomy links (e.g., ATT&CK PATTERN ids)Add
attackerCapabilityRefs[](array of capabilityids) totafAssessmentsandattackFeasibilityRatings. Allow each reference to includeweight(0..1) to support blended capability profiles.spec/attacker-capabilities/standard-acl.jsonwith a small curated set (e.g., "opportunist", "skilled-criminal", "nation-state"), each with example numeric resource profiles to seed tooling.examples/rdx-taf-acl-example.jsonshowing tafAssessments referencing attackerCapability ids and how factorRatings map to capability properties.attackerCapabilitiespresent, tafAssessments continue to support existing freeformtargetContext.attackerProfilestrings; the ACL is additive and optional.References
Acceptance criteria
attackerCapabilities[]andattackerCapabilityRefs[]and validate the new example.examples/rdx-taf-acl-example.jsondemonstrates referencing standard ACL entries fromtafAssessmentsand includes at least three capability examples (opportunist, organized-criminal, nation-state) with numeric resource profiles.factorRatings.Generated by
tools/ai_idea_scout.pyvia the AI Idea Scout workflow.Review the proposal, refine the title/body/labels, and close if not desired.