scieee Science in your language
[en] (orig)

D1.2 Data modelling and interaction mechanisms-v2

Author: Deimling, Franz
Publisher: Zenodo
DOI: 10.5281/zenodo.17045735
Source: https://zenodo.org/records/17045735/files/EMERALD_D1.2_Data-modelling-and-interaction-mechanisms-v2_v1.0.pdf
Deli e able D1.2
Da a Modelling and in e ac ion mechanisms – 2
Edi o (s):
F anz Deimling
Responsible Pa ne :
Fabaso R&D GmbH
S a us-Ve sion:
Final - 1.0
Da e:
30.04.2025
Type:
R
Dis ibu ion le el (SEN, PU):
PU
D1.2 – Da a Modelling and in e ac ion mechanisms – 2 Ve sion 1.0 – Final. Da e: 30.04.2025
© EMERALD Conso ium Con ac No. GA 101120688 Page 2 o 39
www.eme ald-he.eu
P ojec Numbe :
101120688
P ojec Ti le:
EMERALD
Ti le o Deli e able:
D1.2 - Da a Modelling and in e ac ion mechanisms – 2
Due Da e o Deli e y o he EC
30.04.2025
Wo kpackage esponsible o he
Deli e able:
WP1 - Concep and me hodology o EMERALD
Edi o (s):
F anz Deimling (FABA)
Con ibu o (s):
CNR, FABA, FhG, SCCH, TECNALIA
Re iewe (s):
C is ina Reguei o (TECNALIA)
C is ina Ma ínez, Juncal Alonso (TECNALIA)
App o ed by:
All Pa ne s
Recommended/manda o y
eade s:
WP1, WP2, WP3, WP4, WP5
Abs ac :
Final e sion o he o e iew o da a models and
echniques used o c ea ing and linking he da a o
e idence (anno a ion, e c)
Keywo d Lis :
Da a diag am, da a model, componen o e iew
Licensing in o ma ion:
This wo k is licensed unde C ea i e Commons
A ibu ion-Sha eAlike 4.0 In e na ional (CC BY-SA 4.0
DEED h ps://c ea i ecommons.o g/licenses/by-sa/4.0/
Disclaime :
Funded by he Eu opean Union. Views and opinions
exp essed a e howe e hose o he au ho (s) only and
do no necessa ily e lec hose o he Eu opean Union.
The Eu opean Union canno be held esponsible o
hem.
D1.2 – Da a Modelling and in e ac ion mechanisms – 2 Ve sion 1.0 – Final. Da e: 30.04.2025
© EMERALD Conso ium Con ac No. GA 101120688 Page 3 o 39
www.eme ald-he.eu
Documen Desc ip ion
Ve sion
Da e
Modi ica ions In oduced
Modi ica ion Reason
Modi ied by
0.1
20.02.2025
Fi s d a e sion
FABA
0.2
09.04.2025
Commen s and sugges ions ecei ed
by conso ium pa ne s
WP1, WP2 and WP3
pa ne s
0.3
16.04.2025
Figu es and lis ings upda ed
FABA, Tecnalia, FhG
0.4
16.04.2025
QA Re iew
TECNALIA
0.5
22.04.2025
Add essed all commen s ecei ed in
he In e nal QA e iew and sen o
inal e iew
FABA
0.6
23.04.2025
Add essed ecommenda ions om he
inal e iew
FABA
1.0
30.04.2025
Submi ed o he Eu opean
Commission
TECNALIA
D1.2 – Da a Modelling and in e ac ion mechanisms – 2 Ve sion 1.0 – Final. Da e: 30.04.2025
© EMERALD Conso ium Con ac No. GA 101120688 Page 4 o 39
www.eme ald-he.eu
Table o con en s
Te ms and abb e ia ions ............................................................................................................... 6
Execu i e Summa y ....................................................................................................................... 7
1 In oduc ion ........................................................................................................................... 8
1.1 Abou his deli e able .................................................................................................... 8
1.2 Documen s uc u e ....................................................................................................... 8
1.3 Upda es om D1.1......................................................................................................... 9
2 Da a Model O e iew .......................................................................................................... 10
3 Componen Da a Models .................................................................................................... 12
3.1 E idence Collec o Da a Models .................................................................................. 14
3.1.1 AI-SEC ................................................................................................................. 14
3.1.2 AMOE ................................................................................................................. 15
3.1.3 Cloudi o -Disco e y ........................................................................................... 16
3.1.4 Codyze ............................................................................................................... 18
3.1.5 eknows-e3 ......................................................................................................... 19
3.2 T us wo hiness Sys em (TWS) Da a Model ................................................................ 21
3.3 Mapping Assis an o Regula ions wi h In elligence (MARI) Da a Model .................. 22
3.4 Reposi o y o Con ols and Me ics (RCM) Da a Model .............................................. 23
3.5 O ches a o Da a Model............................................................................................. 25
3.6 E idence S o e Da a Model ......................................................................................... 27
3.7 Assessmen Da a Model .............................................................................................. 27
3.8 E alua ion Da a Model ................................................................................................ 28
4 In e ac i e Documen a ion ................................................................................................. 30
4.1 Plan UML ..................................................................................................................... 30
4.2 Web Se ice ................................................................................................................. 30
4.2.1 Implemen a ion de ails ..................................................................................... 31
4.3 Da a model e sioning ................................................................................................. 32
5 Da a Exchange and Fo ma s ................................................................................................ 33
5.1 In e ac ion mechanisms be ween componen s .......................................................... 33
5.2 Sequence diag ams ...................................................................................................... 35
6 Conclusions .......................................................................................................................... 37
7 Re e ences ........................................................................................................................... 38
APPENDIX: Release 1.4.3 o A chi ec u e and Da a Modelling ................................................... 39
D1.2 – Da a Modelling and in e ac ion mechanisms – 2 Ve sion 1.0 – Final. Da e: 30.04.2025
© EMERALD Conso ium Con ac No. GA 101120688 Page 5 o 39
www.eme ald-he.eu
Lis o igu es
FIGURE 1. EMERALD DATA DIAGRAM ................................................................................................ 11
FIGURE 2. OVERVIEW OF THE EMERALD COMPONENTS........................................................................ 13
FIGURE 3. OVERVIEW OF THE AI-SEC COMPONENT DATA MODEL ............................................................ 14
FIGURE 4. OVERVIEW OF THE AMOE COMPONENT DATA MODEL ............................................................ 16
FIGURE 5. OVERVIEW OF THE CLOUDITOR-DISCOVERY COMPONENT DATA MODEL ...................................... 17
FIGURE 6. CODYZE COMPONENT OVERVIEW ......................................................................................... 19
FIGURE 7. OVERVIEW OF THE EKNOWS-E3 COMPONENT DATA MODEL ...................................................... 21
FIGURE 8. OVERVIEW OF THE TRUSTWORTHINESS SYSTEM COMPONENT DATA MODEL ................................ 22
FIGURE 9. OVERVIEW OF THE MARI COMPONENT DATA MODEL .............................................................. 23
FIGURE 10. OVERVIEW OF THE RCM COMPONENT DATA MODEL ............................................................. 25
FIGURE 11. OVERVIEW OF THE ORCHESTRATOR COMPONENT DATA MODEL .............................................. 26
FIGURE 12. OVERVIEW OF THE EVIDENCE STORE COMPONENT DATA MODEL ............................................. 27
FIGURE 13. OVERVIEW OF THE ASSESSMENT COMPONENT DATA MODEL ................................................... 28
FIGURE 14. OVERVIEW OF THE EVALUATION COMPONENT DATA MODEL ................................................... 29
FIGURE 15. INTERACTIVE SVG - HIGHLIGHT NEIGHBOURS ON CLICK .......................................................... 30
FIGURE 16. LANDING PAGE OF THE INTERACTIVE DOCUMENTATION .......................................................... 31
Lis o lis ings
LISTING 1. EXAMPLE OF VIRTUAL MACHINE PROPERTIES......................................................................... 18
LISTING 2. AMOE EXAMPLE EVIDENCE IN JSON ................................................................................... 33
LISTING 3. CLOUDITOR EXAMPLE EVIDENCE IN JSON ............................................................................. 34
LISTING 4. AN EUCS REQUIREMENT MAPPING IN OSCAL ...................................................................... 35

D1.2 – Da a Modelling and in e ac ion mechanisms – 2 Ve sion 1.0 – Final. Da e: 30.04.2025
© EMERALD Conso ium Con ac No. GA 101120688 Page 6 o 39
www.eme ald-he.eu
Te ms and abb e ia ions
AI
A i icial In elligence
AIC4
A i icial In elligence Cloud Se ice Compliance C i e ia Ca alogue
AI-SEC
AI Secu i y E idence Collec o
AMOE
Assessmen and Managemen o O ganisa ional E idence
API
Applica ion P og amming In e ace
AST
Abs ac Syn ax T ee
BSI
Bundesam ü Siche hei in de In o ma ions echnik
CI/CD
Con inuous In eg a ion / Con inuous Deli e y
CLI
Command Line In e ace
CSP
Cloud Se ice P o ide
DoA
Desc ip ion o Ac ion
EC
Eu opean Commission
EUCS
Eu opean Cybe secu i y Ce i ica ion Scheme o Cloud Se ices
GA
G an Ag eemen o he p ojec
GASTM
Gene ic Abs ac Syn ax T ee
gRPC
Google Remo e P ocedu e Call
JSON
Ja aSc ip Objec No a ion
KPI
Key Pe o mance Indica o
MARI
Mapping Assis an o Regula ions wi h In elligence
ML
Machine Lea ning
NLP
Na u al Language P ocessing
OSCAL
Open Secu i y Con ols Assessmen Language
PDF
Po able Documen Fo ma
PNG
Po able Ne wo k G aphics
RCM
Reposi o y o Con ols and Me ics
REST
Rep esen a ional S a e T ans e
SARIF
S a ic Analysis Resul s In e change Fo ma
SVG
Scalable Vec o G aphics
TRL
Technology Readiness Le el
TWS
T us wo hiness Sys em
UML
Uni ied Modelling Language
UUID
Uni e sally Unique Iden i ie
WP
Wo k Package
D1.2 – Da a Modelling and in e ac ion mechanisms – 2 Ve sion 1.0 – Final. Da e: 30.04.2025
© EMERALD Conso ium Con ac No. GA 101120688 Page 7 o 39
www.eme ald-he.eu
Execu i e Summa y
This deli e able, he inal e sion o he da a modelling and in e ac ion mechanisms, p o ides a
epo on he da a diag ams, design and documen a ion o he EMERALD amewo k and i s
componen s. The goal o he co esponding ask T1.1 in wo k package 1 is o coo dina e he
di e en ypes o da a sha ed be ween he componen s o WP2, WP3 and WP4. The deli e able
p o ides an o e iew o he da a model, as well as he se up o he in e ac i e documen a ion.
Fu he mo e, he da a exchange and o ma s a e desc ibed.
D1.2 lays he ounda ion o he da a model – he unde lying wo k o Task 1.1. The esul ing
documen a ion se es as a common g ound o de elop he di e en componen s and hei APIs.
I should o e a high-le el o e iew o he componen s – displaying he low o he da a.
Technical de ails can be ound in he o e all da a diag am and da a o ma desc ip ions.
Addi ionally, an o e iew pe componen is p o ided, so as no o be o e whelmed by de ails,
and o be able o ocus only on pa s o he EMERALD amewo k.
The documen is s uc u ed in ou main pa s: he da a model, he componen o e iew, he
in e ac i e documen a ion and inally he da a exchange and o ma desc ip ion. I s a s by
gi ing de ailed insigh s in o he da a classes used in EMERALD. This is ollowed by an o e iew
o each componen is p o ided, s a ing wi h he e idence collec o s (WP2) and con inuing wi h
he di e en componen s o WP3. In he in e ac i e documen a ion sec ion, he echnical se up
o he documen a ion is desc ibed. Finally, plans o he in e ac ion mechanisms a e ou lined.
This is he second and inal e sion o he p e ious deli e able D1.1 [1]. The con en s o his
deli e able ha e e ol ed depending on he di e en upda es equi ed by he de elopmen
p ocess o he EMERALD componen s and he in e ac ion mechanisms. The upda es e lec
changes needed o add ess he equi emen s coming om he pilo s (WP5), wo k lows (WP4)
and he echnical wo k packages (WP2 and WP3). As his is he inal deli e able o he ask T1.1,
he desc ip ions and da a models e lec he cu en s a us o he componen s and planned
ex ensions. The da a model and in e ac ion mechanisms will con inue o be upda ed; howe e ,
he expec ed changes a e mino , and his inal elease can be conside ed s able.
D1.2 – Da a Modelling and in e ac ion mechanisms – 2 Ve sion 1.0 – Final. Da e: 30.04.2025
© EMERALD Conso ium Con ac No. GA 101120688 Page 8 o 39
www.eme ald-he.eu
1 In oduc ion
This sec ion explains he goal and pu pose o he deli e able, i s con ex and i s s uc u e.
1.1 Abou his deli e able
This deli e able is he inal elease o he ask T1.1 “Da a modelling and in o ma ion sha ing
mechanisms” o WP1 o he EMERALD p ojec [2]. I shall p o ide an o e iew o he da a model
ha is used in he EMERALD amewo k. Fu he mo e, he deli e able p o ides an o e iew o
each componen ’s da a and how i is linked o o he componen s. The goal is o p o ide insigh s
o he cu en s a e o he da a used in EMERALD and how i is o ganized.
The da a model will be used by all he componen s in collabo a ion wi h WP2 and WP3, as well
as he Eme aldUI componen ha will be de eloped in WP4. The in e ac ion mechanism
be ween he di e en so wa e componen s will be desc ibed and he p e e ed da a o ma s
o acili a e da a access and sha ing will be p esen ed.
The ask uses he exis ing da a classes o he componen s and ocuses on p o iding ele an
in o ma ion o he di e en pa ne s, un amilia o he di e en componen s. Di e en
abs ac ion laye s a e used o p o ide an o e iew and de ailed insigh s. The diag ams ha e
been adjus ed o e he cou se o he p ojec and ha e been adop ed o he equi emen s o he
di e en componen s. In o de no o lose ack o any changes, dedica ed p ocesses (see
Sec ion 4.3) ha e been se up o check his.
1.2 Documen s uc u e
The documen is o ganized in o ou main sec ions:
• Da a model
• Componen o e iew
• In e ac i e documen a ion
• Da a exchange and o ma s
The da a model o e iew sec ion, Sec ion 2, depic s and desc ibes he cu en s a e o he whole
da a model used in EMERALD. I gi es de ailed insigh s in o he in e -componen ela ionships
o he EMERALD da a.
In o de o ha e a mo e abs ac iew and no ge los in he de ails, an o e iew o he
componen s is p o ided in Sec ion 3. This sec ion con ains a subsec ion dedica ed o each
EMERALD componen .
Sec ion 4 desc ibes he deploymen and co e implemen a ion o he in e ac i e documen a ion
app oach used o sha e he da a model wi hin he EMERALD p ojec . The e a e h ee
subsec ions, s a ing wi h a sec ion desc ibing Plan UML and how i is used o c ea e he
diag ams. This is ollowed by a desc ip ion o he web se ice. Finally, he p ocess on e sioning
and upda ing he diag ams is desc ibed.
Sec ion 5 desc ibes he di e en o ma s used in he p ojec and how he componen s
communica e. The deli e able is summa ized in Sec ion 6.
Finally, he cu en elease o he in e ac i e documen a ion can be ound in he APPENDIX:
Release 1.4.3 o A chi ec u e and Da a Modelling .
D1.2 – Da a Modelling and in e ac ion mechanisms – 2 Ve sion 1.0 – Final. Da e: 30.04.2025
© EMERALD Conso ium Con ac No. GA 101120688 Page 9 o 39
www.eme ald-he.eu
1.3 Upda es om D1.1
This deli e able e ol es om D1.1 [1], and wi h he ul ima e goal o making he documen sel -
con ained and easie o ollow, pa o he con en comes om D.1.1 since i has no changed.
To simpli y acking p og ess and upda es om he p e ious e sion (D1.1), Table 1 shows a
summa y o he changes and addi ions o each sec ion o he documen .
Table 1. O e iew o deli e able upda es wi h espec o D1.1
Sec ion
Changes
1
This sec ion is based on he p e ious deli e able D1.1 wi h he addi ion o his
sec ion 1.3 – Upda es om D1.1.
2
The diag am o he gene al da a model o e iew was upda ed o he cu en
elease and some mo e ex ual de ails ega ding he a ows ha e been added.
3
The componen da a models ha e been upda ed acco ding o he cu en
elease. Also, he ex has been adap ed o desc ibe he cu en da a classes,
hei p ope ies and ela ions o o he componen s.
4
The ex has been ex ended wi h some de ails ega ding he e sioning o he
da a model.
5
The e idence examples ha e been upda ed as well as he sequence diag am
sec ion 5.2.
6
The conclusion has been upda ed.
7
The e e ences ha e been upda ed.
Appendix
The appendix was upda ed o con ain he cu en elease a he ime o
w i ing his deli e able.
D1.2 – Da a Modelling and in e ac ion mechanisms – 2 Ve sion 1.0 – Final. Da e: 30.04.2025
© EMERALD Conso ium Con ac No. GA 101120688 Page 16 o 39
www.eme ald-he.eu
Figu e 4. O e iew o he AMOE componen da a model
3.1.3 Cloudi o -Disco e y
The Cloudi o -Disco e y componen is an e idence ga he ing ool which ex ac s Cloud
con igu a ions o di e en Cloud esou ces (e.g., Vi ual Machine, Objec S o age, Ne wo k
In e ace) om se e al Cloud p o ide s (e.g., Azu e) ia API calls.
The e ie ed cloud con igu a ion in o ma ion is s o ed in an in e nal Resou ce class
objec ha u ilizes p ope ies om he EMERALD G aph On ology. While he G aph
On ology is desc ibed in D2.1 [7], he p ope ies can be ound wi hin he on ology. An
example o a Resou ce objec o a Vi ual Machine can be ound in Lis ing 1.
Besides he Resou ce class objec , he Cloudi o -Disco e y s o es he ga he ed in o ma ion in
he Cloudi o Disco e yE idence class objec (see Figu e 5), which is he same class objec as he
E idence p o ided by he E idence S o e componen . E idence objec s a e s o ed in he
E idence S o e componen , a desc ip ion o he E idence can be ound in Sec ion 3.6.
The link om he O ches a o o he a ge O E alua ionId p ope y in he
Cloudi o Disco e yE idence class e e s o he Ta ge o E alua ion de ined in he O ches a o
componen (see Sec ion 3.5).

D1.2 – Da a Modelling and in e ac ion mechanisms – 2 Ve sion 1.0 – Final. Da e: 30.04.2025
© EMERALD Conso ium Con ac No. GA 101120688 Page 17 o 39
www.eme ald-he.eu
De ails on he app oach o he Cloudi o -Disco e y componen and i s ela ed Task 2.5 ha e
been epo ed in deli e able D2.8 “Run ime e idence ex ac o – 1” (M12) [8] and will be
upda ed in Deli e able D2.9 “Run ime e idence ex ac o – 2” (M24).
Figu e 5. O e iew o he Cloudi o -Disco e y componen da a model
D1.2 – Da a Modelling and in e ac ion mechanisms – 2 Ve sion 1.0 – Final. Da e: 30.04.2025
© EMERALD Conso ium Con ac No. GA 101120688 Page 18 o 39
www.eme ald-he.eu
Lis ing 1. Example o Vi ual Machine p ope ies
3.1.4 Codyze
The Codyze componen is a s a ic sou ce code analysis ool which analyses sou ce code o
applica ions comp ising Cloud se ices and assesses secu i y- ele an implemen a ion de ails.
The analysis epo p esen s implemen a ion de ails ha mee o espec i ely iola e speci ied
secu i y equi emen s. As pa o a CI/CD pipeline, Codyze ac s as a quali y and compliance ga e
allowing only he deli e y o applica ions ha mee secu i y equi emen s and p e en ing i
o he wise. Each upda e o he applica ion’s sou ce code o new elease can igge an execu ion
o he CI/CD pipeline and he eby Codyze. In addi ion, manual o scheduled assessmen s a e
possible.
Codyze is de eloped in Ko lin
5
and uses a g aph-based ep esen a ion o sou ce code u ilizing
he concep o a code p ope y g aph. The esul ing ep esen a ion is la gely p og amming
language agnos ic. Thus, i acili a es he implemen a ion o gene ic, eusable sou ce code
5
h ps://en.wikipedia.o g/wiki/Ko lin_(p og amming_language)
message Vi ualMachine {
op ion ( esou ce_ ype_names) = "Vi ualMachine";
op ion ( esou ce_ ype_names) = "Compu e";
op ion ( esou ce_ ype_names) = "CloudResou ce";
op ion ( esou ce_ ype_names) = "Resou ce";
google.p o obu .Times amp c ea ion_ ime = 2132;
s ing id = 15888 [(bu . alida e. ield). equi ed = ue];
bool in e ne _accessible_endpoin = 11229;
map<s ing, s ing> labels = 12634;
s ing name = 5434 [(bu . alida e. ield). equi ed = ue];
// The aw ield con ains he aw in o ma ion ha is used o
ill in he ields o he on ology.
s ing aw = 17236;
Ac i i yLogging ac i i y_logging = 17610;
Au oma icUpda es au oma ic_upda es = 7698;
epea ed s ing block_s o age_ids = 14852;
Boo Logging boo _logging = 4303;
Enc yp ionInUse enc yp ion_in_use = 5839;
GeoLoca ion geo_loca ion = 17337;
Malwa eP o ec ion malwa e_p o ec ion = 5352;
epea ed s ing ne wo k_in e ace_ids = 150;
OSLogging os_logging = 14872;
epea ed Redundancy edundancies = 11599;
Remo eA es a ion emo e_a es a ion = 16051;
op ional s ing pa en _id = 7061;
Resou ceLogging esou ce_logging = 17205;
UsageS a is ics usage_s a is ics = 4834;
}
D1.2 – Da a Modelling and in e ac ion mechanisms – 2 Ve sion 1.0 – Final. Da e: 30.04.2025
© EMERALD Conso ium Con ac No. GA 101120688 Page 19 o 39
www.eme ald-he.eu
analysis echniques. Cu en ly, Codyze suppo s he p og amming languages C, C++, Ja a, Go
and Py hon.
Wi hin EMERALD, Codyze in e ac s wi h he O ches a o o o ches a e i s analysis, and epo s
i s indings as e idence o he E idence S o e (see Figu e 6). The eby, Codyze gene a es an
analysis epo in SARIF
6
(CodyzeSa i ). This epo con ains aw e idence om Codyze’s analysis,
which is pe sis ed o he E idence S o e o acili a e u he analysis ex e nally o Codyze.
Mo eo e , Codyze p ocesses he indings in he SARIF epo in o e idence o he EMERALD
amewo k. Each inding is con e ed in o a CodyzeE idence ha iden i ies he analysed Ta ge
o E alua ion ( a ge O E alua ionId), speci ies he analysed esou ce ( esou ce), links i o he
unde lying SARIF epo (sa i Id), classi ies he inding acco ding o he EMERALD on ology
(on ologyRe ) and summa izes he esul ( esul ).
In addi ion, Codyze will submi hashes o i s e idence o he TWS (c . componen da a model o
he TWS in Sec ion 3.2). The submi ed hashes p o ide addi ional p oo ha e idence collec ed
by Codyze and submi ed o he E idence S o e a e he same and ha e no been ampe ed wi h.
De ails on he app oach o he Codyze componen and i s ela ed Task 2.2 ha e been epo ed
in he deli e able D2.2 “Sou ce E idence Ex ac o – 1” (M12) [3] and will be upda ed in he
deli e able D2.3 “Sou ce E idence Ex ac o – 2” (M24).
Figu e 6. Codyze componen o e iew
3.1.5 eknows-e3
The eknows-e3 componen – based on a pla o m o mul i-language so wa e analysis and
documen a ion gene a ion – ex ac s e idence om sou ce code iles. The sou ce code iles a e
collec ed om he Cloud Se ice en i onmen a ce ain poin s in ime. A se o p ede ined
igge s will be a ailable (e.g., once a week/mon h/e c., o upon changes) o con igu e he poin s
in ime acco ding o he espec i e use case. eknows-e3 analyses he collec ed iles and ex ac s
me ada a ela ed o he sou ces (e.g., om code eposi o ies) and me ics.
eknows-e3 uses s a ic code analysis o ex ac e idence. The unde lying Ja a-based so wa e
pla o m p o ides a modula , ex ensible se o so wa e componen s o (i) sou ce code pa sing
using language-speci ic on ends (cu en ly mo e han 16 p og amming languages, including
6
S a ic Analysis Resul s In e change Fo ma (SARIF), h ps://docs.oasis-open.o g/sa i /sa i / 2.1.0/sa i -
2.1.0.h ml
D1.2 – Da a Modelling and in e ac ion mechanisms – 2 Ve sion 1.0 – Final. Da e: 30.04.2025
© EMERALD Conso ium Con ac No. GA 101120688 Page 20 o 39
www.eme ald-he.eu
Ja a and Py hon) (ex ac ion), (ii) ans o ma ion o pa sed sou ce code in o a gene ic abs ac
syn ax ee (GASTM), (iii) s uc u al and language-independen analysis o secu i y- ela ed
in o ma ion, and (i ) epo ing o analysis esul s o secu i y me ics. The ex ac ed and
analysed aw e idence is hen o wa ded o he E idence S o e componen .
A he momen o w i ing, eknows-e3 logically comp ises wo main da a classes (see Figu e 7):
EknowsAnalysisResul and EknowsE idence. No e ha hese in e nal da a classes o eknows-e3
a e no 1:1 implemen ed as physical classes and migh change in he nex ew mon hs, acco ding
o he equi emen s de ined o he Eme aldUI in D4.2 [5] and u he needs o he pilo
pa ne s.
EknowsAnalysisResul se es as an in e nal ep esen a ion o he esul o analysing a sou ce
code ile. I is based on he compila ion uni , i.e. he gene a ed abs ac syn ax ee (AST) model
o he pa sed sou ce code e ie ed by eknows co e lib a y. The class is iden i ied by a unique
iden i ie o he aw e idence ( awId). I con ains addi ional (op ional) a ibu es ob ained om
he compila ion uni and u he specialized analysis acco ding o secu i y me ics. These
a ibu es deno e he name o he ile ( ileName), he loca ion (usually a sou ce code eposi o y)
om whe e o collec he ile ( ilePa h), he da e o i s las modi ica ion (modi ica ionDa e), he
line o code whe e he e idence was ound (lineO Code), he ele an pa o he AST o u he
explana ion ( ele an AST), and he espec i e secu i y me ic (me icId).
EknowsE idence is he in e nal ep esen a ion o he ound e idence in he sou ce code ile o
a secu i y me ic du ing he ex ac ion p ocess. Based on he analysis esul ob ained, an
e idence objec is buil acco ding o he de ined EMERALD e idence o ma , which is sen o he
E idence S o e. I is iden i ied by a unique iden i ie (id) and s o es he analysis esul as aw
e idence ( awId). SARIF is used as o ma o he aw e idence, because i is a well-es ablished
o ma and is also used by Codyze. The class u he con ains closely ela ed a ibu es, such as
he ime o he ex ac ion ( imes amp), he co esponding Ta ge O E alua ion
( a ge O E alua ionId), he oolId, he e sion o he analyse o be e aceabili y in he e en
o inco ec e idence (analyze Ve sion), and he key indings o he analysis ep esen ed in
on ology e m ( esou ce).
EknowsE idence is ela ed o he E idence S o e. Please no e ha an au ho ized connec ion
(OAu h) is cu en ly necessa y ia a Cloudi o ins ance o be able o ansmi e idence o he
E idence S o e.
eknows-e3 can be con igu ed and s a ed ia CLI (Command Line In e ace) and se up ia he
upcoming Eme aldUI.
De ails on he app oach o he eknows-e3 componen and i s ela ed Task 2.2 ha e been
epo ed in deli e able D2.2 “Sou ce E idence Ex ac o – 1” (M12) and will be upda ed in
deli e able D2.3 “Sou ce E idence Ex ac o – 2” (M24).
D1.2 – Da a Modelling and in e ac ion mechanisms – 2 Ve sion 1.0 – Final. Da e: 30.04.2025
© EMERALD Conso ium Con ac No. GA 101120688 Page 21 o 39
www.eme ald-he.eu
Figu e 7. O e iew o he eknows-e3 componen da a model
3.2 T us wo hiness Sys em (TWS) Da a Model
The TWS componen secu ely s o es he in o ma ion and associa ed me ada a o e idence and
assessmen esul s on he Blockchain o be able o gua an ee i s in eg i y and anspa ency
h ough he Eme aldUI.
Due o he use o Blockchain, sensi i e in o ma ion such as e idence and assessmen esul s a e
no s o ed and jus a summa y o hem is eco ded on he Blockchain h ough iden i ie s and
hashes. In ac , in he case o assessmen esul s, wo di e en hashes a e s o ed: he
assessmen esul i sel and he compliance commen s. The e idence and assessmen esul
hemsel es a e kep in a local s o age - E idence S o e and Assessmen componen s
espec i ely.
In addi ion, TWS also eco ds me ada a in o ma ion o p o ide some con ex . In he case o
e idence, hey a e usually ela ed o speci ic Ta ge o E alua ion ( a ge O E alua ionId) and he
cloud esou ces o which hey e e ( esou ceId). In he case o an Assessmen Resul , he
equi emen o which i e e s ( equi emen Id), and he associa ed e idence iden i ie s
conside ed in he assessmen (e idenceIds) a e also s o ed. Finally, o bo h e idence and
assessmen esul s, eco ding in o ma ion abou he imes amp when hey we e c ea ed
( imes amp) is also use ul.
Figu e 8 summa ises he cu en da a model o e idence (T us wo hyE idence) and
assessmen esul s (T us wo hyAssessmen Resul ) o be eco ded on he Blockchain-based
TWS. I also shows he in e ac ions wi h o he componen s: i) wi h he Assessmen componen ,
which p o ides in o ma ion o be eco ded in he TWS, and om whe e he TWS e ie es he
ac ual E idence and Assessmen Resul s o alida e hei in eg i y; ii) wi h he e idence
collec o s as hey can op ionally eco d e idence p oo s o in eg i y om he sou ce (in
pa icula , Codyze will be conside ed as an example), and iii) wi h he Eme aldUI, which p o ides
a g aphical in e ace o use s o au oma ically alida e he in eg i y s a us o he E idence and
Assessmen Resul s.
De ails on he app oach o he TWS componen and i s ela ed Task 3.5 ha e been epo ed in
he deli e able D3.2 “E idence assessmen and Ce i ica ion–Concep s- 2” [9] (M18).

D1.2 – Da a Modelling and in e ac ion mechanisms – 2 Ve sion 1.0 – Final. Da e: 30.04.2025
© EMERALD Conso ium Con ac No. GA 101120688 Page 22 o 39
www.eme ald-he.eu
Figu e 8. O e iew o he T us wo hiness Sys em componen da a model
3.3 Mapping Assis an o Regula ions wi h In elligence (MARI) Da a
Model
MARI – Mapping Assis an o Regula ions wi h In elligence - is a componen ha uses
ans o me -based ools o au oma ically associa e:
• A secu i y con ol and one, o mo e, secu i y me ic(s)
• Two secu i y con ols om wo di e en ce i ica ion schemes.
Fo he associa ion con ol-me ic(s), MARI akes as inpu he ex ual desc ip ion o a secu i y
con ol in na u al language, he ex ual desc ip ion o a lis o me ics, again in na u al language,
and as a esul e u ns he lis o me ics associa ed o ha con ol, in descending o de o
ele ance. To do his, he ex ual desc ip ions o he me ics and con ols a e ans o med in o
ea u e ec o s by p e- ained models.
Fo he associa ion con ol-con ol, MARI can suppo a a ie y o ce i ica ion schemes and
enables he au oma ic associa ions be ween con ols om hese di e en schemes.
D1.2 – Da a Modelling and in e ac ion mechanisms – 2 Ve sion 1.0 – Final. Da e: 30.04.2025
© EMERALD Conso ium Con ac No. GA 101120688 Page 23 o 39
www.eme ald-he.eu
MARI in e ac s wi h RCM, e ching con ol and me ic da a om i , hen gene a ing bo h
con ol-me ic(s) and con ol-con ol associa ions using ans o me -based models. These
associa ions a e compu ed based on he simila i y be ween embeddings de i ed om he
na u al language desc ip ions o he con ols and me ics. Wi h he in oduc ion o a new e sion
o he mapping API and he addi ion o a simila i y h eshold a ibu e, only associa ions wi h
high simila i y sco es a e e u ned o RCM.
Figu e 9 shows he second e sion o he MARI da a model, based on he RCM da a model. The
RCM da a classes Secu i yMe ic and Secu i yCon ol a e aken as inpu o p oduce wo new da a
classes (Con ol2Con olAssocia ion and Me ics2Con olAssocia ion). These ep esen he
associa ions gene a ed by MARI’s p ocessing. De ails on he app oach o MARI componen and
i s ela ed Task 3.3 ha e been epo ed in D3.2 [9].
Figu e 9. O e iew o he MARI componen da a model
3.4 Reposi o y o Con ols and Me ics (RCM) Da a Model
The Reposi o y o Con ols and Me ics (RCM) p o ides a cen al poin in EMERALD amewo k
whe e he ce i ica ion schemes a e s o ed and managed. The eposi o y can con ain di e en
schemes and includes a comple e in o ma ion o each scheme, wi h he co esponding
ca ego iza ion.
The da a model o he RCM has been adap ed om he i s e sion, ha was EUCS-cen e ed
[10]. In his second e sion, he BSI C5
7
and AIC4
8
schemes ha e also been inco po a ed o he
RCM. Each schema has i s own s uc u e, bu all sha e a common g ound: hey consis in a
ca alogue o con ols (also called c i e ia), g ouped in o se e al a eas o objec i es. Main
changes a e ela ed o he Secu i yCon ol class, ha is now he basic o he
Secu i yCon olF amewo k. The Secu i yRequi emen , a pa icula class o map he EUCS
s uc u e, emains only in e nal o he RCM componen and is mainly used in he EUCS
Ques ionnai e.
7
h ps://www.bsi.bund.de/Sha edDocs/Downloads/EN/BSI/CloudCompu ing/ComplianceCon olsCa alo
gue/2020/C5_2020.pd ?__blob=publica ionFile& =3
8
h ps://www.bsi.bund.de/Sha edDocs/Downloads/EN/BSI/CloudCompu ing/AIC4/AI-Cloud-Se ice-
Compliance-C i e ia-Ca alogue_AIC4.pd ?__blob=publica ionFile& =4
D1.2 – Da a Modelling and in e ac ion mechanisms – 2 Ve sion 1.0 – Final. Da e: 30.04.2025
© EMERALD Conso ium Con ac No. GA 101120688 Page 24 o 39
www.eme ald-he.eu
Figu e 10 shows he esul ing da a model. The p incipal da a classes implemen ed in he RCM
a e Secu i yCon olF amewo k, Secu i yCa ego y and Secu i yCon ol ha e lec he
o ganiza ion o a gene al amewo k. Along wi h hese, some o he auxilia y en i ies a e
implemen ed, such as Simila Con ols and Con olMe icMap, ha suppo he mapping among
con ols o di e en schemes and he mapping o me ics o con ols, and
Implemen a ionGuidelines, ha helps he use wi h he implemen a ion o con ols. RCM also
inco po a es he de ini ion o he Secu i yMe ic class used in EMERALD o de ine wha o
measu e o assess he collec ed e idence.
The RCM classes ha e in e ac ions wi h o he EMERALD componen s as ollows:
• Secu i yCon olF amewo k, Secu i yCon ol and Secu i yMe ic a e ela ed wi h he
O ches a o , which in e nally manages he schemes.
• Secu i yMe ic is also ela ed wi h he AMOE and he Assessmen componen s.
• Secu i yMe ic and Secu i yCon ol a e also sha ed wi h he MARI componen .
RCM calls he MARI componen o gene a e con ol-me ic(s) and con ol-con ol mappings.
The esul is s o ed in he RCM, whe e i is accessible o he es o componen s. The las e sion
o he mapping API includes a simila i y “ h eshold” a ibu e, so ha only associa ions wi h
highe simila i y sco es a e e u ned o RCM. This a oids he e u n o a lis wi h all he possible
simila i ems, which is he s anda d ope a ing mode o he ool. The “s a usMa i” and
“s a usUse ” a ibu es ha e been in oduced in each mapped i em o di e en ia e and
main ain con olled he o iginal mapping e u ned by MARI and he changes done by he use
o i , espec i ely.
Ano he unc ionali y o e ed by he RCM is a Ques ionnai e o p o ide use s he possibili y o
pe o m a sel -assessmen o check compliance wi h he EUCS scheme. The Ques ionnai e-
ela ed da a classes ha e been sligh ly modi ied since he p e ious e sion by emo ing some
edundan links and changing some names o be e e lec he unde lying da a which a e
enclosed in a box in he diag am (see Figu e 10). These da a classes a e as ollows: Use Answe ,
Ques ionnai eAssu anceLe el, Ques ion, Ques ionAnswe , Use Answe NonCon o mi ies, and
jhiUse . All hese en i ies a e de o ed o (i) Implemen se e al ques ions pe equi emen , (ii)
manage he esponses gi en; (iii) calcula e he esul s o his speci ic use , and (i ) o e he
deg ee o compliance wi h he EUCS scheme ega ding he selec ed assu ance le el.
Finally, he Eme aldUI componen is also ela ed wi h he da a en i ies used in he RCM o
p o ide he inal use wi h a g aphical iew o he schemes and all he associa ed in o ma ion.
De ails on he app oach o he RCM componen and i s ela ed Task 3.2 ha e been epo ed in
D3.2 [9].
D1.2 – Da a Modelling and in e ac ion mechanisms – 2 Ve sion 1.0 – Final. Da e: 30.04.2025
© EMERALD Conso ium Con ac No. GA 101120688 Page 25 o 39
www.eme ald-he.eu
Figu e 10. O e iew o he RCM componen da a model
3.5 O ches a o Da a Model
The O ches a o is he cen al managemen and o ches a ion componen in EMERALD. I s
main pu pose is o hold all dynamic in o ma ion abou he cu en audi p ocess, such as he
Ta ge o E alua ion, Assessmen Resul s, and he inal Ce i ica e s a e (see Figu e 11).
Fu he mo e, i e ches s a ic da a om he RCM, such as he a ailable schemes and i s
associa ed me ics. Fo pe o mance easons his da a (Secu i yCon olF amewo k,
Secu i yCon olCa ego y, Secu i yCon ol and Secu i yMe ic) is cached in he O ches a o . The
mos impo an dynamic da a classes a e:
• Ta ge o E alua ion, which holds he logical ep esen a ion o a single se ice, which
aims o be ce i ied.
• Audi Scope, which akes an exis ing a ge O E alua ionId and combines i wi h one
dedica ed secu i y ca alogue o p oduce a Ce i ica e.
• Ce i ica e, which is he da a class ep esen ing di e en s a es and is ela ed o he
E alua ionResul s.
• Con ol, which is he neu al ep esen a ion o ei he a con ol, equi emen o objec i e
( his de ini ion o Con ol is simila o he e m de ined in OSCAL
9
). Since e e y
Secu i yCon olF amewo k/secu i y scheme uses di e en names, he O ches a o
no malizes hem in he Con ol da a class. In addi ion, each Con ol can ha e sub-
con ols, which allows o include di e en Secu i yCon olF amewo ks in EMERALD.
De ails on he app oach o he O ches a o componen and i s ela ed Task 3.1 ha e been
epo ed in D3.2 “E idence assessmen and Ce i ica ion – Concep s – 2” [9].
9
h ps://pages.nis .go /OSCAL/lea n/concep s/ e minology/#con ol
D1.2 – Da a Modelling and in e ac ion mechanisms – 2 Ve sion 1.0 – Final. Da e: 30.04.2025
© EMERALD Conso ium Con ac No. GA 101120688 Page 32 o 39
www.eme ald-he.eu
4.3 Da a model e sioning
As he Plan UML based diag ams con ain ex /code, he iles can be used in e sioning sys ems
such as gi
14
. This allows o di e en o ganisa ional p ocesses, which a e no possible in
common online ools wi h g aphical suppo (e.g., d aw.io
15
– al hough i allows e sioning,
he e a e no p ocesses o keep di e en e sions o he diag ams and p oposed changes, as i is
possible using ex -based diag ams and gi + Gi Lab
16
). Di e en e sions o he diag ams can be
s o ed in commi s, and me ge eques s can be c ea ed o deal wi h changes o he diag ams.
The p ocess o add changes o he da a model has been de ined as ollows: majo changes a e
comple ed in a sepa a e b anch – when inished, a me ge eques should be c ea ed in he
EMERALD Gi Lab and he changes will be e iewed o check o inconsis encies and b eaks o
he in e ac i e, web-se ice-based deploymen . A e he e iew, he new e sion will be
me ged, which igge s he build pipeline, and a new elease will be deployed o he EMERALD
Kube ne es clus e . New elease numbe ing is au oma ed using he CI/CD s a egy om
EMERALD as epo ed in o he WP1 deli e ables such as D1.7 [12]. The changelog and upda ed
elease (i done au oma ically) is based on he commi messages. The cu en elease numbe ing
has been included in he web page and can be iewed in he op igh co ne . Once me ged, he
la es elease e sion o he diag ams will be a ailable o all de elope s and can be e ie ed a
h ps://models.eme ald.digi al. ecnalia.de /. I he e a e any p oblems, o addi ional diag ams
a e needed, Gi lab’s issue unc ionali y can be used o documen , communica e and coo dina e
he equi ed changes.
14
h ps://gi -scm.com/
15
h ps://www.d aw.io
16
h ps://gi lab.com/

D1.2 – Da a Modelling and in e ac ion mechanisms – 2 Ve sion 1.0 – Final. Da e: 30.04.2025
© EMERALD Conso ium Con ac No. GA 101120688 Page 33 o 39
www.eme ald-he.eu
5 Da a Exchange and Fo ma s
This sec ion p o ides a sho o e iew o he planned da a exchange app oach, as well as he
o ma s used. Al hough all EMERALD componen s use di e en da a ypes, hey all
communica e in a s anda dized way and o ma , which speeds up de elopmen as componen s
do no need o build special da a connec o s o he di e en ools.
5.1 In e ac ion mechanisms be ween componen s
The in e ac ion be ween he componen s will be implemen ed using REST
17
– ep esen a ional
s a e ans e . Each componen is using and/o se ing REST-APIs ha a e documen ed in he
OpenAPI
18
speci ica ion iles. This helps de elope s o sha e he di e en endpoin s and allows
o gene a e code o clien in e aces. Some componen s may also o e gRPC connec ions
(Remo e P ocedu e Call amewo k by Google) o sha e da a be ween closely ela ed
componen s such as E idence S o e and Assessmen . The mos common o ma o REST-API
will be JSON
19
, as i allows o easy access o a ibu e- alue pai s and a ays.
Lis ing 2 shows he JSON example o a piece o e idence ha is sen om AMOE o he E idence
S o e. Simila ly, Lis ing 3 shows a mo e ex ensi e example o da a ep esen ed in JSON and how
i is used by some EMERALD componen s, such as Cloudi o -Disco e y.
17
h ps://en.wikipedia.o g/wiki/REST
18
h ps://en.wikipedia.o g/wiki/OpenAPI_Speci ica ion
19
h ps://en.wikipedia.o g/wiki/JSON
{
"id": "b11a1b4b-4c -4135-a bb- 6e30364d881",
" imes amp": "2024-06-26T18:23:45.123456",
" a ge _o _e alua ion_id": "3 1c2e4c-8bd5-45d1-a6a3-0 9a9a8e4d35",
" ool_id": "amoe",
" esou ce": {
"policyDocumen ": {
"id": "165483",
"name": "165483",
" aw": "passwo d mus con ain mo e han 15 cha ac e s",
"amoe_ esul ": ue
}
}
}
Lis ing 2. AMOE example e idence in JSON
D1.2 – Da a Modelling and in e ac ion mechanisms – 2 Ve sion 1.0 – Final. Da e: 30.04.2025
© EMERALD Conso ium Con ac No. GA 101120688 Page 34 o 39
www.eme ald-he.eu
Some componen s will o e da a impo / expo unc ionali y, in pa icula he Reposi o y o
Con ols and Me ics will allow impo o secu i y schemes using he OSCAL
20
o ma . The API
desc ip ion and mo e de ails on he o ma will be desc ibed in he u u e deli e able D3.4
“E idence assessmen and Ce i ica ion–Implemen a ion- 2” (M24). The OSCAL o ma allows
di e en ile ypes and da a o ma s such as YAML
21
and JSON. Lis ing 4 shows a en a i e
example o he mapping o an EUCS Requi emen in OSCAL. I can be seen how he pa s o he
Con ol (ops-02) a e speci ied using he OSCAL elemen s ”id”, “ i le”, ”p ope ies”, and wi h
”pa s” and ”p ose”; he Requi emen s a e implemen ed wi h “pa s” wi hin he uppe “pa s”
20
h ps://pages.nis .go /OSCAL/
21
h ps://en.wikipedia.o g/wiki/YAML
{
"id": "11100000-1000-0001-0000-000000011111",
" imes amp": "2020-05-22T20:32:05Z",
" a ge O E alua ionId": "00000000-0000-0000-0000-000000000000",
" oolId": "Cloudi o E idence Collec ion",
" esou ce": {
"objec S o ageSe ice": {
"c ea ionTime": "2023-07-09T10:35:18.246911100Z",
"id":
"/subsc ip ions/XXXXX/ esou ceg oups/democloudi o happy/p o ide s/mic o
so .s o age/s o ageaccoun s/democloudi o diagnos ics",
"labels": {
"owne ": "cloudi o "
},
"name": "democloudi o diagnos ics",
"geoLoca ion": {
" egion": "wes eu ope"
},
"h pEndpoin ": {
"u l":
"h ps://democloudi o diagnos ics.[ ile,blob].co e.windows.ne /",
" anspo Enc yp ion": {
"enabled": ue,
"en o ced": ue,
"p o ocol": "TLS",
"p o ocolVe sion": 1.2,
"ciphe Sui es": []
}
},
"pa en Id":
"/subsc ip ions/XXXXX/ esou ceg oups/democloudi o happy"
}
}
}
Lis ing 3. Cloudi o example e idence in JSON
D1.2 – Da a Modelling and in e ac ion mechanisms – 2 Ve sion 1.0 – Final. Da e: 30.04.2025
© EMERALD Conso ium Con ac No. GA 101120688 Page 35 o 39
www.eme ald-he.eu
o Con ol. The Requi emen ID (OPS-02.3) is speci ied wi h “p ope ies”, and he equi emen
i sel wi h “p ose”.
5.2 Sequence diag ams
To illus a e he in e ac ions be ween he componen s, sequence diag ams ha e been c ea ed
and ex ended as pa o he wo k o Task 1.1. Addi ional documen a ion will be p o ided which
can be included in he in e ac i e Plan UML diag ams. The sequence diag ams o he es o he
componen s ha e been added o he in e ac i e documen a ion and ha e been epo ed in he
"con ols": [
{
"id": "ops-02",
" i le": "CAPACITY MANAGEMENT - MONITORING",
"p ope ies": [
{
"name": "label",
" alue": "OPS-02"
}
],
"pa s": [
{
"id": "ops_02_obj",
"name": "con ol-objec i e",
"p ose": "The capaci ies o c i ical esou ces such as
pe sonnel and IT esou ces a e moni o ed."
},
{
"id": "ops-02_sm ",
"name": "s a emen ",
"pa s": [
{
"id": "ops-02_sm .3",
"name": "i em",
"p ope ies": [
{
"name": "label",
" alue": "OPS-02.3"
}
],
"p ose": "The p o isioning and de-p o isioning o
cloud se ices shall be au oma ically moni o ed o gua an ee ul ilmen o
OPS-02.1"
}
]
}
]
}
]
Lis ing 4. An EUCS Requi emen mapping in OSCAL
D1.2 – Da a Modelling and in e ac ion mechanisms – 2 Ve sion 1.0 – Final. Da e: 30.04.2025
© EMERALD Conso ium Con ac No. GA 101120688 Page 36 o 39
www.eme ald-he.eu
deli e able D1.3 “EMERALD solu ion a chi ec u e- 1” (M12) [13] and will ecei e upda es in he
deli e able D1.4 “EMERALD solu ion a chi ec u e- 2” (M24).
D1.2 – Da a Modelling and in e ac ion mechanisms – 2 Ve sion 1.0 – Final. Da e: 30.04.2025
© EMERALD Conso ium Con ac No. GA 101120688 Page 37 o 39
www.eme ald-he.eu
6 Conclusions
This documen p o ides an o e iew o he o e all EMERALD da a model, as well as a mo e
de ailed iew o he componen da a models. The da a model o e iew depic s all he classes o
he di e en EMERALD componen s. Fu he mo e, i shows, how he classes a e linked oge he
and he di ec ion o he in e componen da a exchange is e lec ed.
The da a model is p esen ed in a web se ice, o allow in e ac i e in es iga ion o he di e en
diag ams. The diag ams a e based on ex ins uc ions using Plan UML and hen ende ed in SVG
iles. This allows he diag ams o be e sioned and he a ious unc ionali ies o he EMERALD
Gi Lab eposi o y can be used o manage and coo dina e he upda es. The basic idea o his
in e ac i e documen a ion is o s a wi h an abs ac o e iew (landing page) and hen d ill
down o he di e en componen s o in e es . The di e en classes and componen s o he
diag ams can be clicked/ho e ed o na iga e and highligh di ec connec ions.
Finally, his deli e able desc ibes he main da a o ma ha will be used o da a exchange
be ween EMERALD componen s and ex e nal sou ces – JSON. To p o ide mo e insigh , an
example o AMOE e idence and ano he o Cloudi o -Disco e y e idence ha e been p o ided.
The Reposi o y o Con ols and Me ics (RCM) will p o ide impo /expo unc ionali y o
secu i y schemes in OSCAL o ma – o which a JSON example was also p o ided.
The da a diag ams will be upda ed acco ding o he needs and changes o he di e en
componen s. These changes will be subjec o he desc ibed p ocesses in his deli e able, sha ed
wi h he conso ium in di e en e sion eleases, and deployed in he EMERALD Kube ne es
in as uc u e. Al hough, his is he las deli e able o his ask in EMERALD, u u e upda es o
he da a model (e.g. e o co ec ions) will be collec ed and desc ibed in he EMERALD
de elopmen gi en i onmen and he new eleases o he in e ac i e web se ice will con inue
o be deployed alongside he EMERALD componen s.

D1.2 – Da a Modelling and in e ac ion mechanisms – 2 Ve sion 1.0 – Final. Da e: 30.04.2025
© EMERALD Conso ium Con ac No. GA 101120688 Page 38 o 39
www.eme ald-he.eu
7 Re e ences
[1]
EMERALD Conso ium, “D1.1 Da a modelling and in e ac ion mechanisms - 1,” 2024.
[2]
EMERALD Conso ium, “EMERALD - Annex 1 - Desc ip ion o Ac ion - GA 101120688,”
2022.
[3]
EMERALD Conso ium, “D2.2 Sou ce E idence Ex ac o – 1: E idence ex ac ion om
sou ce code ha can be in eg a ed wi h he ce i ica ion g aph,” 2024.
[4]
EMERALD Conso ium, “D2.6 ML model ce i ica ion – 1: Secu i y and p i acy p ese ing
e idence ha can be in eg a ed wi h he ce i ica ion g aph,” 2024.
[5]
EMERALD Conso ium, “D4.2 Resul s o he UI-UX equi emen s analysis and he wo k
p ocesses– 2,” 2025.
[6]
EMERALD Conso ium, “D2.4 AMOE – 1: E idence ex ac ion om policy documen s ha
can be in eg a ed wi h he ce i ica ion g aph,” 2024.
[7]
EMERALD Conso ium, “D2.1 G aph On ology o E idence S o age,” 2024.
[8]
EMERALD Conso ium, “D2.8 Run ime E idence Ex ac o - 1,” 2024.
[9]
EMERALD Conso ium, “D3.2 E idence assessmen and Ce i ica ion–Concep s- 2,” 2025.
[10]
ENISA, “EUCS - Cloud Se ices Scheme,” [Online]. A ailable:
h ps://www.enisa.eu opa.eu/publica ions/eucs-cloud-se ice-scheme. [Accessed July
2024].
[11]
EMERALD Conso ium, “D2.10 Ce i ica ion G aph - 1,” 2025.
[12]
EMERALD Conso ium, “D1.7 EMERALD in eg a ed solu ion - 1,” 2025.
[13]
EMERALD Conso ium, “D1.3 EMERALD solu ion a chi ec u e - 1,” 2024.
D1.2 – Da a Modelling and in e ac ion mechanisms – 2 Ve sion 1.0 – Final. Da e: 30.04.2025
© EMERALD Conso ium Con ac No. GA 101120688 Page 39 o 39
www.eme ald-he.eu
APPENDIX: Release 1.4.3 o A chi ec u e and Da a Modelling
In o de o allow he eade s o his documen o consul he documen a ion and da a model
hemsel es, he cu en e sion o he iles ha e been a chi ed in a zip ile. The con en s a e
images o he di e en da a models, as well as a webpage o aid in na iga ion. The 1.4.3 elease
e sion o he in e ac i e documen a ion is a ailable he e: D1.2 Appendix Release 1-4-3 o
A chi ec u e and Da a Modelling
To open he in e ac i e documen a ion locally, you need o ex ac he zip ile. Then na iga e o
he “a chi ec u e_and_da a_model” olde and open he index.h ml ile in a common web
b owse .