Rule Checks in OSCAL Models

[aj-stein-nist]

User Story:

As an OSCAL tool developer, in order to ensure my software can process and test requirements that evidence an information has properly met specific criteria defined as part of security control implementation requirements, I would like enhancement to the OSCAL models to make rule checks a first-class citizen. Modifications and new additions to OSCAL to encode these results of checking such rules (especially when automated) would allow a bigger and more efficient impact from the use of OSCAL in my security assessment tooling.

Goals:

{A clear and concise description of what you want to happen. This should be outcome focused. Include concise description of any alternative solutions or features you've considered. Feel free to include screenshots or examples about the feature request here.}

Dependencies:

Rule checks are the result of analyzing conformance with rules and their tests, so #1058 must be completed before or concurrently with this story.

Acceptance Criteria

• All OSCAL website and readme documentation affected by the changes in this issue have been updated. Changes to the OSCAL website can be made in the docs/content directory of your branch.
• A Pull Request (PR) is submitted that fully addresses the goals of this User Story. This issue is referenced in the PR.
• The CI-CD build process runs without any reported errors on the PR. This can be confirmed by reviewing that all checks have passed in the PR.

{The items above are general acceptance criteria for all User Stories. Please describe anything else that must be completed for this issue to be considered resolved.}

[aj-stein-nist]

Given the questions around core requirements for this issue and existing comments and labels, I will align the status with "DEFINE Research Needed."