diff --git a/features/fedramp_extensions.feature b/features/fedramp_extensions.feature index 423497d98..68f7d9687 100644 --- a/features/fedramp_extensions.feature +++ b/features/fedramp_extensions.feature @@ -137,6 +137,7 @@ Examples: | security-level | | security-sensitivity-level-matches-security-impact-level | | unique-inventory-item-asset-id | + | used-by-link-references-component | | user-authentication | | user-has-authorized-privilege | | user-has-role-id | @@ -385,6 +386,8 @@ Examples: | security-sensitivity-level-matches-security-impact-level-PASS.yaml | | unique-inventory-item-asset-id-FAIL.yaml | | unique-inventory-item-asset-id-PASS.yaml | + | used-by-link-references-component-FAIL.yaml | + | used-by-link-references-component-PASS.yaml | | user-authentication-FAIL.yaml | | user-authentication-PASS.yaml | | user-has-authorized-privilege-FAIL.yaml | diff --git a/src/validations/constraints/content/ssp-used-by-link-references-component-INVALID.xml b/src/validations/constraints/content/ssp-used-by-link-references-component-INVALID.xml new file mode 100644 index 000000000..1b56f1fef --- /dev/null +++ b/src/validations/constraints/content/ssp-used-by-link-references-component-INVALID.xml @@ -0,0 +1,11 @@ + + + + + + + + + + \ No newline at end of file diff --git a/src/validations/constraints/fedramp-external-constraints.xml b/src/validations/constraints/fedramp-external-constraints.xml index af7ae5b20..61e439248 100644 --- a/src/validations/constraints/fedramp-external-constraints.xml +++ b/src/validations/constraints/fedramp-external-constraints.xml @@ -564,6 +564,11 @@

A FedRAMP SSP's inventory item MUST have an Asset ID that is unique across all inventory items in the system and its components.

+ + Used-By Link References Component + + A FedRAMP SSP's component MUST reference the existing component(s) that use it via network communication. However, component "{../@uuid}" references a nonexistent component "{@href}". + diff --git a/src/validations/constraints/unit-tests/used-by-link-references-component-FAIL.yaml b/src/validations/constraints/unit-tests/used-by-link-references-component-FAIL.yaml new file mode 100644 index 000000000..1f595610c --- /dev/null +++ b/src/validations/constraints/unit-tests/used-by-link-references-component-FAIL.yaml @@ -0,0 +1,9 @@ +test-case: + name: Negative Test for used-by-link-references-component + description: >- + This test case validates the behavior of constraint + used-by-link-references-component + content: ../content/ssp-used-by-link-references-component-INVALID.xml + expectations: + - constraint-id: used-by-link-references-component + result: fail diff --git a/src/validations/constraints/unit-tests/used-by-link-references-component-PASS.yaml b/src/validations/constraints/unit-tests/used-by-link-references-component-PASS.yaml new file mode 100644 index 000000000..11c276fad --- /dev/null +++ b/src/validations/constraints/unit-tests/used-by-link-references-component-PASS.yaml @@ -0,0 +1,9 @@ +test-case: + name: Positive Test for used-by-link-references-component + description: >- + This test case validates the behavior of constraint + used-by-link-references-component + content: ../../../content/rev5/examples/ssp/xml/fedramp-ssp-example.oscal.xml + expectations: + - constraint-id: used-by-link-references-component + result: pass