From 5d67bea04939407f02572e14834fb8ac511bea0f Mon Sep 17 00:00:00 2001
From: Alexander Stein <alexander.stein@nist.gov>
Date: Wed, 1 Jun 2022 18:04:07 -0400
Subject: [PATCH 1/3] [WIP] Add rules model and refs into component-definition
 model.

---
 src/metaschema/examples/rules-component.xml   |  73 ++++++++++++
 src/metaschema/oscal_component_metaschema.xml |  19 ++++
 .../oscal_rules-common_metaschema.xml         | 105 ++++++++++++++++++
 3 files changed, 197 insertions(+)
 create mode 100644 src/metaschema/examples/rules-component.xml
 create mode 100644 src/metaschema/oscal_rules-common_metaschema.xml

diff --git a/src/metaschema/examples/rules-component.xml b/src/metaschema/examples/rules-component.xml
new file mode 100644
index 0000000000..0184e6b15f
--- /dev/null
+++ b/src/metaschema/examples/rules-component.xml
@@ -0,0 +1,73 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!-- This is a mapping example used for development. This file should be moved to the oscal-content repo when this feature is ready. -->
+<component-definition xmlns="http://csrc.nist.gov/ns/oscal/1.0"
+    xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+    xsi:schemaLocation="http://csrc.nist.gov/ns/oscal/1.0 ../../../xml/schema/oscal_complete_schema.xsd" uuid="3559d200-4849-41ac-a420-28b2ffa22c52">
+    <metadata>
+        <title></title>
+        <last-modified></last-modified>
+        <version></version>
+        <oscal-version></oscal-version>
+    </metadata>
+    <rule uuid="97a52f09-0248-45f4-8ac7-b7566170d733">
+        <title>Important Rule 1</title>
+        <description>This is a description of Important Rule 1.</description>
+    </rule>
+    <test uuid="7d50cd70-f0b3-4922-a566-3526d5eba97b">
+        <title>Test A for Rule 1</title>
+        <description>This is Test A, it can be executed to demonstrate a system meets requirements for Rule 1.</description>
+    </test>
+    <test uuid="2388cb25-ccbc-4de0-9630-675de624593f">
+        <title>Test B for Rule 1</title>
+        <description>This is Test B, it can be executed to demonstrate a system meets requirements for Rule 1.</description>
+    </test>
+    <test uuid="b426642a-7ff0-42a0-9ef5-ceed4e14f326">
+        <title>Test C for Rule 1</title>
+        <description>This is Test C, it can be optionally executed to demonstrate a system meets requirements for Rule 1.</description>
+    </test>
+    <test uuid="2f6c5c71-13fb-43c8-beca-1e79498b34c4">
+        <title>Test D for Rule 1</title>
+        <description>This is Test C, it can be optionally executed to demonstrate a system meets requirements for Rule 1.</description>
+    </test>
+    <!--
+        The testing-scenarios below exhibit three common usage patterns:
+    
+        1. A simple scenario where one test (Test A) is sufficient for one rule (Rule 1).
+        2. A complex scenario where one test (Test B) is sufficient for one rule (Rule 1), and that test depends on a prerequisite test (Test A).
+        3. A complex scenario with a condition, where one of either Test C or Test D, is sufficient for one rule (Rule 1).
+    -->
+    <!-- Testing Scenario Usage Pattern 1 -->
+    <testing-scenario uuid="0666cbf2-2b76-4e9d-ba99-a783419ff1fe" rule-uuid="97a52f09-0248-45f4-8ac7-b7566170d733">
+        <test-reference test-uuid="7d50cd70-f0b3-4922-a566-3526d5eba97b" />
+    </testing-scenario>
+    <!-- Testing Scenario Usage Pattern 2 -->
+    <testing-scenario uuid="ccb267c8-f672-4aac-b522-5bbaef26f8e4" rule-uuid="97a52f09-0248-45f4-8ac7-b7566170d733">
+        <condition operator="and">
+            <pre-requisite>
+                <test-reference test-uuid="7d50cd70-f0b3-4922-a566-3526d5eba97b" />
+            </pre-requisite>
+            <test-reference test-uuid="2388cb25-ccbc-4de0-9630-675de624593f" />
+        </condition>
+    </testing-scenario>
+    <!-- Testing Scenario Usage Pattern 3 -->
+    <testing-scenario uuid="f3edfdbf-b3b4-48c9-8733-fd3ebdeed43c" rule-uuid="97a52f09-0248-45f4-8ac7-b7566170d733">
+        <condition operator="or">
+            <test-reference test-uuid="b426642a-7ff0-42a0-9ef5-ceed4e14f326" />
+            <test-reference test-uuid="2f6c5c71-13fb-43c8-beca-1e79498b34c4" />
+        </condition>
+    </testing-scenario>
+    <component uuid="94512adf-d8df-4535-a5af-57aaa1eed131" type="software">
+        <title>Example Rule &amp; Test Component 1</title>
+        <description>A Sample Component with Rule and Test Integration</description>
+        <rule-implementation uuid="c4fee229-784a-4943-908c-2b9a23ee192b" test-scenario-uuid="0666cbf2-2b76-4e9d-ba99-a783419ff1fe">
+            <description>Rule Implementation for Testing Scenario Usage Pattern 1.</description>
+        </rule-implementation>
+        <rule-implementation uuid="e7607d3f-bf62-4832-98d8-c8e82ef520bd" test-scenario-uuid="ccb267c8-f672-4aac-b522-5bbaef26f8e4">
+            <description>Rule Implementation for Testing Scenario Usage Pattern 2.</description>
+        </rule-implementation>
+        <rule-implementation uuid="8a6a2f49-4996-4aaa-9598-047efe91d0ac" test-scenario-uuid="f3edfdbf-b3b4-48c9-8733-fd3ebdeed43c">
+            <description>Rule Implementation for Testing Scenario Usage Pattern 3.</description>
+        </rule-implementation>
+    </component>
+    <back-matter/>
+</component-definition>
\ No newline at end of file
diff --git a/src/metaschema/oscal_component_metaschema.xml b/src/metaschema/oscal_component_metaschema.xml
index c757be4c80..a74385fb18 100644
--- a/src/metaschema/oscal_component_metaschema.xml
+++ b/src/metaschema/oscal_component_metaschema.xml
@@ -26,6 +26,7 @@
   </remarks>
 
   <import href="oscal_implementation-common_metaschema.xml"/>
+  <import href="oscal_rules-common_metaschema.xml"/>
 
   <define-assembly name="component-definition">
     <formal-name>Component Definition</formal-name>
@@ -41,6 +42,17 @@
       <assembly ref="import-component-definition" max-occurs="unbounded">
         <group-as name="import-component-definitions" in-json="ARRAY"/>
       </assembly>
+      <assembly ref="rule-definition" max-occurs="unbounded">
+        <use-name>rule</use-name>
+        <group-as name="rules" in-json="ARRAY"/>
+      </assembly>
+      <assembly ref="test-definition" max-occurs="unbounded">
+        <use-name>test</use-name>
+        <group-as name="tests" in-json="ARRAY"/>
+      </assembly>
+      <assembly ref="testing-scenario" max-occurs="unbounded">
+        <group-as name="testing-scenarios" in-json="ARRAY"/>
+      </assembly>
       <assembly ref="defined-component" max-occurs="unbounded">
         <use-name>component</use-name>
         <group-as name="components" in-json="ARRAY"/>
@@ -118,6 +130,7 @@
       <assembly ref="control-implementation" max-occurs="unbounded">
         <group-as name="control-implementations" in-json="ARRAY"/>
       </assembly>
+
       <!--
          <assembly ref="configuration" max-occurs="unbounded">
            <group-as name="configurations" in-json="BY_KEY" />
@@ -375,6 +388,9 @@
       <assembly ref="statement" max-occurs="unbounded">
         <group-as name="statements" in-json="ARRAY"/>
       </assembly>
+      <assembly ref="rule-condition">
+        <use-name>condition</use-name>
+      </assembly>
       <field ref="remarks" in-xml="WITH_WRAPPER"/>
     </model>
     <constraint>
@@ -429,6 +445,9 @@
       <assembly ref="responsible-role" max-occurs="unbounded">
         <group-as name="responsible-roles" in-json="ARRAY"/>
       </assembly>
+      <assembly ref="rule-implementation" max-occurs="unbounded">
+        <group-as name="rule-implementations" in-json="ARRAY"/>
+      </assembly>
       <field ref="remarks" in-xml="WITH_WRAPPER"/>
     </model>
     <constraint>
diff --git a/src/metaschema/oscal_rules-common_metaschema.xml b/src/metaschema/oscal_rules-common_metaschema.xml
new file mode 100644
index 0000000000..87f5299748
--- /dev/null
+++ b/src/metaschema/oscal_rules-common_metaschema.xml
@@ -0,0 +1,105 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<METASCHEMA xmlns="http://csrc.nist.gov/ns/oscal/metaschema/1.0" abstract="yes">
+    <schema-name>OSCAL Rules -- Common Modules</schema-name>
+    <schema-version>1.2.0</schema-version>
+    <short-name>oscal-rules-common</short-name>
+    <namespace>http://csrc.nist.gov/ns/oscal/1.0</namespace>
+    <json-base-uri>http://csrc.nist.gov/ns/oscal</json-base-uri>
+    <remarks>
+        <p>TODO</p>
+    </remarks>
+    <import href="oscal_metadata_metaschema.xml"/>
+    <define-assembly name="rule-definition">
+        <formal-name>Rule Definition</formal-name>
+        <description>TODO</description>
+        <define-flag name="uuid" required="yes" as-type="uuid">
+            <formal-name>Rule Definition Universally Unique Identifier</formal-name>
+            <description>TODO</description>
+        </define-flag>
+    </define-assembly>
+    <define-assembly name="test-definition">
+        <formal-name>Test Definition</formal-name>
+        <description>TODO</description>
+        <define-flag name="uuid" required="yes" as-type="uuid">
+            <formal-name>Test Definition Universally Unique Identifier</formal-name>
+            <description>TODO</description>
+        </define-flag>
+    </define-assembly>
+    <define-assembly name="testing-scenario">
+        <formal-name>Rule Testing Scenario</formal-name>
+        <description>A rule testing scenario</description>
+        <use-name>scenario</use-name>
+        <define-flag name="uuid" required="yes" as-type="uuid">
+            <formal-name>Testing Scenario Universally Unique Identifier</formal-name>
+            <description>TODO</description>
+        </define-flag>
+        <model>
+            <assembly ref="rule-condition" min-occurs="1">
+                <use-name>condition</use-name>
+            </assembly>
+        </model>
+    </define-assembly>
+    <define-assembly name="rule-condition">
+        <formal-name>Rule Condition</formal-name>
+        <description>A rule implementation condition</description>
+        <define-flag name="operator" required="yes" as-type="token">
+            <formal-name>Rule Condition Operator</formal-name>
+            <description>TODO</description>
+            <constraint>
+                <allowed-values allow-other="no">
+                    <enum value="and">and</enum>
+                    <enum value="or">or</enum>
+                    <enum value="not">not</enum>
+                </allowed-values>
+            </constraint>
+        </define-flag>
+        <model>
+            <assembly ref="rule-condition">
+                <use-name>pre-condition</use-name>
+            </assembly>
+            <choice>
+                <assembly ref="rule-condition">
+                    <use-name>condition</use-name>
+                </assembly>
+                <define-assembly name="test-reference" min-occurs="1" max-occurs="unbounded">
+                    <formal-name>Test Reference</formal-name>
+                    <description>TODO</description>
+                    <define-flag name="uuid" required="yes" as-type="uuid">
+                        <formal-name>Test Reference Universally Unique Identifier</formal-name>
+                        <description>TODO</description>
+                    </define-flag>
+                    <define-flag name="test-uuid" required="yes" as-type="uuid">
+                        <formal-name>Test Universally Unique Identifier Reference</formal-name>
+                        <description>A test UUID reference</description>
+                    </define-flag>
+                </define-assembly>
+            </choice>
+        </model>
+    </define-assembly>
+    <define-assembly name="rule-implementation">
+        <formal-name>Rule Implementation</formal-name>
+        <description>TODO</description>
+        <define-flag name="uuid" required="yes" as-type="uuid">
+            <formal-name>Rule Implementation Universally Unique Identifier</formal-name>
+            <description>TODO</description>
+        </define-flag>
+        <model>
+            <define-assembly name="testing-scenario-reference">
+                <formal-name>Testing Scenario Reference</formal-name>
+                <description>A reference to a testing scenario.</description>
+                <define-flag name="uuid" required="yes" as-type="uuid">
+                    <formal-name>Rule Reference Universally Unique Identifier</formal-name>
+                    <description>TODO</description>
+                </define-flag>
+                <define-flag name="rule-uuid" required="yes" as-type="uuid">
+                    <formal-name>Rule Universally Unique Identifier Reference</formal-name>
+                    <description>A rule UUID reference</description>
+                </define-flag>
+                <define-flag name="test-scenario-uuid" required="yes" as-type="uuid">
+                    <formal-name>Rule Universally Unique Identifier Reference</formal-name>
+                    <description>A rule UUID reference</description>
+                </define-flag>
+            </define-assembly>
+        </model>
+    </define-assembly>
+</METASCHEMA>
\ No newline at end of file

From 15bb7af3a64ecc02b3b4e7ca0de96d0fc2039905 Mon Sep 17 00:00:00 2001
From: Alexander Stein <alexander.stein@nist.gov>
Date: Mon, 22 Aug 2022 12:39:04 -0400
Subject: [PATCH 2/3] [WIP] Highlight example touch-ups with model changes for
 review later today.

---
 src/metaschema/examples/rules-component.xml   |  46 +++--
 .../oscal_rules-common_metaschema.xml         | 177 ++++++++++++++----
 2 files changed, 171 insertions(+), 52 deletions(-)

diff --git a/src/metaschema/examples/rules-component.xml b/src/metaschema/examples/rules-component.xml
index 0184e6b15f..45b14ea7e3 100644
--- a/src/metaschema/examples/rules-component.xml
+++ b/src/metaschema/examples/rules-component.xml
@@ -4,53 +4,65 @@
     xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
     xsi:schemaLocation="http://csrc.nist.gov/ns/oscal/1.0 ../../../xml/schema/oscal_complete_schema.xsd" uuid="3559d200-4849-41ac-a420-28b2ffa22c52">
     <metadata>
-        <title></title>
-        <last-modified></last-modified>
-        <version></version>
-        <oscal-version></oscal-version>
+        <title>Example Component Definition with Rules and Tests Linked to Component</title>
+        <last-modified>2022-08-22T00:00:00.000000000-04:00</last-modified>
+        <version>0.0.1-alpha</version>
+        <oscal-version>1.2.0</oscal-version>
     </metadata>
     <rule uuid="97a52f09-0248-45f4-8ac7-b7566170d733">
         <title>Important Rule 1</title>
-        <description>This is a description of Important Rule 1.</description>
+        <description>
+            <p> is a description of Important Rule 1.</p>
+        </description>
     </rule>
     <test uuid="7d50cd70-f0b3-4922-a566-3526d5eba97b">
         <title>Test A for Rule 1</title>
-        <description>This is Test A, it can be executed to demonstrate a system meets requirements for Rule 1.</description>
+        <description>
+            <p>This is Test A, it can be executed to demonstrate a system meets requirements for Rule 1.</p>
+        </description>
     </test>
     <test uuid="2388cb25-ccbc-4de0-9630-675de624593f">
         <title>Test B for Rule 1</title>
-        <description>This is Test B, it can be executed to demonstrate a system meets requirements for Rule 1.</description>
+        <description>
+            <p>This is Test B, it can be executed to demonstrate a system meets requirements for Rule 1.</p>
+        </description>
     </test>
     <test uuid="b426642a-7ff0-42a0-9ef5-ceed4e14f326">
         <title>Test C for Rule 1</title>
-        <description>This is Test C, it can be optionally executed to demonstrate a system meets requirements for Rule 1.</description>
+        <description>
+            <p>This is Test C, it can be optionally executed to demonstrate a system meets requirements for Rule 1.</p>
+        </description>
     </test>
     <test uuid="2f6c5c71-13fb-43c8-beca-1e79498b34c4">
         <title>Test D for Rule 1</title>
-        <description>This is Test C, it can be optionally executed to demonstrate a system meets requirements for Rule 1.</description>
+        <description>
+            <p>This is Test D, it can be optionally executed to demonstrate a system meets requirements for Rule 1.</p>    
+        </description>
     </test>
     <!--
-        The testing-scenarios below exhibit three common usage patterns:
+        The scenarios below exhibit three common usage patterns:
     
         1. A simple scenario where one test (Test A) is sufficient for one rule (Rule 1).
         2. A complex scenario where one test (Test B) is sufficient for one rule (Rule 1), and that test depends on a prerequisite test (Test A).
         3. A complex scenario with a condition, where one of either Test C or Test D, is sufficient for one rule (Rule 1).
     -->
     <!-- Testing Scenario Usage Pattern 1 -->
-    <testing-scenario uuid="0666cbf2-2b76-4e9d-ba99-a783419ff1fe" rule-uuid="97a52f09-0248-45f4-8ac7-b7566170d733">
-        <test-reference test-uuid="7d50cd70-f0b3-4922-a566-3526d5eba97b" />
+    <testing-scenario rule-uuid="15ea20bc-75d5-43b0-a98d-cab984afeeb9" uuid="0666cbf2-2b76-4e9d-ba99-a783419ff1fe">  <!-- TODOD: Discuss that We don't need rule-uuid anymore? -->
+        <condition operator="and"> <!-- TODO: Discuss that We can't have a default operator to Metaschema defaults merged?  -->
+            <test-reference uuid="9d0a52e3-2bb6-4b39-9614-2dfa72271b57" test-uuid="7d50cd70-f0b3-4922-a566-3526d5eba97b" /> <!-- TODO: Discuss we need a uuid here now too? -->
+        </condition>
     </testing-scenario>
     <!-- Testing Scenario Usage Pattern 2 -->
-    <testing-scenario uuid="ccb267c8-f672-4aac-b522-5bbaef26f8e4" rule-uuid="97a52f09-0248-45f4-8ac7-b7566170d733">
+    <testing-scenario rule-uuid="" uuid="ccb267c8-f672-4aac-b522-5bbaef26f8e4">
         <condition operator="and">
-            <pre-requisite>
+            <pre-condition operator="and"> <!-- TODO: Discuss we changed pre-requisite to pre-condition intentionally, right? -->
                 <test-reference test-uuid="7d50cd70-f0b3-4922-a566-3526d5eba97b" />
-            </pre-requisite>
-            <test-reference test-uuid="2388cb25-ccbc-4de0-9630-675de624593f" />
+            </pre-condition>
+            <test-reference uuid="9376b219-659f-4846-88ad-130b8c9074b9" test-uuid="2388cb25-ccbc-4de0-9630-675de624593f" />
         </condition>
     </testing-scenario>
     <!-- Testing Scenario Usage Pattern 3 -->
-    <testing-scenario uuid="f3edfdbf-b3b4-48c9-8733-fd3ebdeed43c" rule-uuid="97a52f09-0248-45f4-8ac7-b7566170d733">
+    <testing-scenario rule-uuid="" uuid="f3edfdbf-b3b4-48c9-8733-fd3ebdeed43c">
         <condition operator="or">
             <test-reference test-uuid="b426642a-7ff0-42a0-9ef5-ceed4e14f326" />
             <test-reference test-uuid="2f6c5c71-13fb-43c8-beca-1e79498b34c4" />
diff --git a/src/metaschema/oscal_rules-common_metaschema.xml b/src/metaschema/oscal_rules-common_metaschema.xml
index 87f5299748..a948111db6 100644
--- a/src/metaschema/oscal_rules-common_metaschema.xml
+++ b/src/metaschema/oscal_rules-common_metaschema.xml
@@ -16,6 +16,31 @@
             <formal-name>Rule Definition Universally Unique Identifier</formal-name>
             <description>TODO</description>
         </define-flag>
+        <model>
+            <define-field name="title" as-type="markup-line" min-occurs="1">
+                <formal-name>Rule Title</formal-name>
+                <description>A name given to the rule, which may be used by a tool for display and navigation.</description>
+            </define-field>
+            <define-field name="description" as-type="markup-multiline" min-occurs="1" in-xml="WITH_WRAPPER">
+                <formal-name>Rule Description</formal-name>
+                <description>A summary of the rule, including the requirement(s) to be met when evaluating the rule against a target that the rule applies to.</description>
+            </define-field>
+            <assembly ref="property" max-occurs="unbounded">
+                <group-as name="props" in-json="ARRAY"/>
+            </assembly>
+            <assembly ref="link" max-occurs="unbounded">
+                <group-as name="links" in-json="ARRAY"/>
+            </assembly>
+            <define-field ref="remarks"/>
+        </model>
+        <constraint>
+            <allowed-values target="prop[has-oscal-namespace('http://csrc.nist.gov/ns/oscal')]/@name">
+              <enum value="version">A string that identifies the revision of the rule.</enum>
+            </allowed-values>
+            <allowed-values target="link/@rel">
+                <enum value="source">A pointer to the resource that this rule is derived from.</enum>
+            </allowed-values>
+        </constraint>
     </define-assembly>
     <define-assembly name="test-definition">
         <formal-name>Test Definition</formal-name>
@@ -24,58 +49,144 @@
             <formal-name>Test Definition Universally Unique Identifier</formal-name>
             <description>TODO</description>
         </define-flag>
+        <model>
+            <define-field name="title" as-type="markup-line" min-occurs="0" max-occurs="1">
+                <formal-name>Test Title</formal-name>
+                <description>A name given to the test, which may be used by a tool for display and navigation.</description>
+            </define-field>
+            <define-field name="description" as-type="markup-multiline" in-xml="WITH_WRAPPER">
+                <formal-name>Test Description</formal-name>
+                <description>A summary of the test, including implementation details of how its use examines an aspect or trait of a system.</description>
+            </define-field>
+            <assembly ref="property" max-occurs="unbounded">
+                <group-as name="props" in-json="ARRAY"/>
+            </assembly>
+            <assembly ref="link" max-occurs="unbounded">
+                <group-as name="links" in-json="ARRAY"/>
+            </assembly>
+            <!-- TODO: address activities and actions -->
+            <define-field ref="remarks"/>
+        </model>
+        <constraint>
+            <allowed-values target="prop[has-oscal-namespace('http://csrc.nist.gov/ns/oscal')]/@name">
+              <enum value="version">A string that identifies the revision of the test.</enum>
+            </allowed-values>
+            <allowed-values target="link/@rel">
+                <enum value="source">A pointer to the resource that this test is derived from.</enum>
+            </allowed-values>
+        </constraint>
     </define-assembly>
     <define-assembly name="testing-scenario">
         <formal-name>Rule Testing Scenario</formal-name>
         <description>A rule testing scenario</description>
-        <use-name>scenario</use-name>
         <define-flag name="uuid" required="yes" as-type="uuid">
             <formal-name>Testing Scenario Universally Unique Identifier</formal-name>
             <description>TODO</description>
         </define-flag>
+        <define-flag name="rule-uuid" required="yes" as-type="uuid">
+            <formal-name>Testing Scenario Rule Universally Unique Identifier Reference</formal-name>
+            <description>TODO</description>
+        </define-flag>
         <model>
-            <assembly ref="rule-condition" min-occurs="1">
-                <use-name>condition</use-name>
+            <assembly ref="property" max-occurs="unbounded">
+                <group-as name="props" in-json="ARRAY"/>
+            </assembly>
+            <assembly ref="link" max-occurs="unbounded">
+                <group-as name="links" in-json="ARRAY"/>
             </assembly>
+            <choice>
+                <assembly ref="rule-condition" min-occurs="1">
+                    <use-name>condition</use-name>
+                </assembly>
+                <assembly ref="test-reference" min-occurs="1"/>
+            </choice>
+            <define-field ref="remarks"/>
         </model>
     </define-assembly>
+    <define-assembly name="test-reference" min-occurs="1" max-occurs="unbounded">
+        <formal-name>Test Reference</formal-name>
+        <description>TODO</description>
+        <!-- TODO: Consider if we need a specific uuid per test-reference for each ref in final impl. 
+            <define-flag name="uuid" required="yes" as-type="uuid">
+                <formal-name>Test Reference Universally Unique Identifier</formal-name>
+                <description>TODO</description>
+            </define-flag>
+        -->
+        <define-flag name="test-uuid" required="yes" as-type="uuid">
+            <formal-name>Test Universally Unique Identifier Reference</formal-name>
+            <description>A test UUID reference</description>
+        </define-flag>
+    </define-assembly>
     <define-assembly name="rule-condition">
         <formal-name>Rule Condition</formal-name>
         <description>A rule implementation condition</description>
-        <define-flag name="operator" required="yes" as-type="token">
+        <define-flag name="negate" required="no" as-type="boolean" default="false">
+            <formal-name>Rule Condition Negation Flag</formal-name>
+            <description>TODO</description>
+            <remarks>
+                <p>
+                    <h1>Negate Truth Table</h1>
+                    <p>true -> false, false -> true, error -> error, not-applicable -> not-applicable</p>
+                </p>
+            </remarks>
+        </define-flag>
+        <define-flag name="operator" required="yes" as-type="token" default="and">
             <formal-name>Rule Condition Operator</formal-name>
             <description>TODO</description>
             <constraint>
                 <allowed-values allow-other="no">
                     <enum value="and">and</enum>
                     <enum value="or">or</enum>
-                    <enum value="not">not</enum>
                 </allowed-values>
             </constraint>
+            <remarks>
+                <p>
+                    <h1>Operator Truth Table</h1>
+                    <p></p>
+                </p>
+                <p>What is eager evaluation and why does it matter?</p>
+                <p>How do prerequisites work in the processing of condition operators and precedence.</p>
+            </remarks>
         </define-flag>
         <model>
+            <assembly ref="property" max-occurs="unbounded">
+                <group-as name="props" in-json="ARRAY"/>
+            </assembly>
+            <assembly ref="link" max-occurs="unbounded">
+                <group-as name="links" in-json="ARRAY"/>
+            </assembly>
             <assembly ref="rule-condition">
-                <use-name>pre-condition</use-name>
+                <use-name>prerequisite</use-name>
             </assembly>
             <choice>
+                <!-- TODO: consider making this a multi-choice if that feature is implemented. -->
                 <assembly ref="rule-condition">
                     <use-name>condition</use-name>
                 </assembly>
-                <define-assembly name="test-reference" min-occurs="1" max-occurs="unbounded">
-                    <formal-name>Test Reference</formal-name>
-                    <description>TODO</description>
-                    <define-flag name="uuid" required="yes" as-type="uuid">
-                        <formal-name>Test Reference Universally Unique Identifier</formal-name>
-                        <description>TODO</description>
-                    </define-flag>
-                    <define-flag name="test-uuid" required="yes" as-type="uuid">
-                        <formal-name>Test Universally Unique Identifier Reference</formal-name>
-                        <description>A test UUID reference</description>
-                    </define-flag>
-                </define-assembly>
+                <assembly ref="test-reference" min-occurs="1" max-occurs="unbounded"/>
+                <assembly ref="testing-scenario-reference" min-occurs="1" max-occurs="unbounded"/>
             </choice>
+            <define-field ref="remarks"/>
         </model>
     </define-assembly>
+    <define-flag name="testing-scenario-uuid" as-type="uuid" scope="local">
+        <formal-name>Testing Scenario Universally Unique Identifier Reference</formal-name>
+        <description>A testing scenario UUID reference</description>
+    </define-flag>
+    <define-field name="testing-scenario-uuid" required="yes" as-type="uuid" scope="local">
+        <formal-name>Testing Scenario Universally Unique Identifier</formal-name>
+        <description>A testing scenari UUID reference</description>
+    </define-field>
+    <define-assembly name="testing-scenario-reference">
+        <formal-name>Testing Scenario Reference</formal-name>
+        <description>A reference to a testing scenario.</description>
+        <define-flag name="uuid" required="yes" as-type="uuid">
+            <formal-name>Testing Scenario Universally Unique Identifier Reference</formal-name>
+            <description>TODO</description>
+        </define-flag>
+        <flag ref="testing-scenario-uuid" required="yes"/>
+    </define-assembly>
+
     <define-assembly name="rule-implementation">
         <formal-name>Rule Implementation</formal-name>
         <description>TODO</description>
@@ -83,23 +194,19 @@
             <formal-name>Rule Implementation Universally Unique Identifier</formal-name>
             <description>TODO</description>
         </define-flag>
+        <define-field name="description" as-type="markup-multiline" min-occurs="1" in-xml="WITH_WRAPPER">
+            <formal-name>Rule Implementation Description</formal-name>
+            <description>A summary of the rule implementation.</description>
+        </define-field>
         <model>
-            <define-assembly name="testing-scenario-reference">
-                <formal-name>Testing Scenario Reference</formal-name>
-                <description>A reference to a testing scenario.</description>
-                <define-flag name="uuid" required="yes" as-type="uuid">
-                    <formal-name>Rule Reference Universally Unique Identifier</formal-name>
-                    <description>TODO</description>
-                </define-flag>
-                <define-flag name="rule-uuid" required="yes" as-type="uuid">
-                    <formal-name>Rule Universally Unique Identifier Reference</formal-name>
-                    <description>A rule UUID reference</description>
-                </define-flag>
-                <define-flag name="test-scenario-uuid" required="yes" as-type="uuid">
-                    <formal-name>Rule Universally Unique Identifier Reference</formal-name>
-                    <description>A rule UUID reference</description>
-                </define-flag>
-            </define-assembly>
+            <assembly ref="property" max-occurs="unbounded">
+                <group-as name="props" in-json="ARRAY"/>
+            </assembly>
+            <assembly ref="link" max-occurs="unbounded">
+                <group-as name="links" in-json="ARRAY"/>
+            </assembly>
+            <assembly ref="testing-scenario-reference" min-occurs="1"/>
+            <define-field ref="remarks"/>
         </model>
     </define-assembly>
-</METASCHEMA>
\ No newline at end of file
+</METASCHEMA>

From 095f0a627aae71da06f7539a801b58e772d9c12f Mon Sep 17 00:00:00 2001
From: Alexander Stein <alexander.stein@nist.gov>
Date: Tue, 23 Aug 2022 09:11:32 -0400
Subject: [PATCH 3/3] Schema touch-ups and updated example.

Signed-off-by: Alexander Stein <alexander.stein@nist.gov>
---
 src/metaschema/examples/rules-component.xml   | 134 ++++++++++++------
 src/metaschema/oscal_component_metaschema.xml |  10 +-
 .../oscal_rules-common_metaschema.xml         |  70 +++++----
 3 files changed, 136 insertions(+), 78 deletions(-)

diff --git a/src/metaschema/examples/rules-component.xml b/src/metaschema/examples/rules-component.xml
index 45b14ea7e3..1bc5007f26 100644
--- a/src/metaschema/examples/rules-component.xml
+++ b/src/metaschema/examples/rules-component.xml
@@ -4,82 +4,126 @@
     xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
     xsi:schemaLocation="http://csrc.nist.gov/ns/oscal/1.0 ../../../xml/schema/oscal_complete_schema.xsd" uuid="3559d200-4849-41ac-a420-28b2ffa22c52">
     <metadata>
-        <title>Example Component Definition with Rules and Tests Linked to Component</title>
-        <last-modified>2022-08-22T00:00:00.000000000-04:00</last-modified>
+        <title>Example Component Definition for Openshift Container Platform v4, Rules, and Tests</title>
+        <last-modified>2022-08-23T00:00:00.000000000-04:00</last-modified>
         <version>0.0.1-alpha</version>
         <oscal-version>1.2.0</oscal-version>
     </metadata>
     <rule uuid="97a52f09-0248-45f4-8ac7-b7566170d733">
-        <title>Important Rule 1</title>
+        <title>Disable Anonymous Unauthenticated Access to Components</title>
         <description>
-            <p> is a description of Important Rule 1.</p>
+            <p>Anonymous (i.e. unauthenticated) access to any OCP4 sub-system documented in the components below must prevent anonymous, unauthenticated access.</p>
         </description>
     </rule>
     <test uuid="7d50cd70-f0b3-4922-a566-3526d5eba97b">
-        <title>Test A for Rule 1</title>
+        <title>Disable Anonymous Authentication to the Kubelet - Iac Analysis</title>
         <description>
-            <p>This is Test A, it can be executed to demonstrate a system meets requirements for Rule 1.</p>
+            <p>This test will analyze Infrastructure-as-Code (IaC) written in Ansible to provision OCP4 cluster(s). If the necessary configuration in <code>/etc/kubernetes/kubelet.conf</code> disables anonymous authentication with the appropriate setting (<code>authentication.anonymous.enabled: false</code>), this test will return a passing value. It will be one example of an aspect of OCP4 cluster(s) configured to meet CM-6 requirements.</p>
         </description>
     </test>
     <test uuid="2388cb25-ccbc-4de0-9630-675de624593f">
-        <title>Test B for Rule 1</title>
+        <title>Disable Anonymous Authentication to the Kubelet - Runtime Analysis with OCP4 Compliance Operator</title>
         <description>
-            <p>This is Test B, it can be executed to demonstrate a system meets requirements for Rule 1.</p>
+            <p>
+                This test will analyze running OCP4 cluster(s) with its configured Compliance Operator to perform the necessary configuration management scans. If operator conducts scans of node kubelets and the necessary configuration in <code>/etc/kubernetes/kubelet.conf</code> disables anonymous authentication with the appropriate setting (<code>authentication.anonymous.enabled: false</code>), this test will return a passing value. It will be one example of an aspect of OCP4 cluster(s) configured to meet CM-6 requirements.</p>
         </description>
+        <prop name="version" ns="https://www.open-scap.org/" value="0.1.63"/>
+        <prop name="id" ns="https://www.open-scap.org/" value="xccdf_org.ssgproject.content_rule_kubelet_anonymous_auth"/>
+        <link href="https://static.open-scap.org/ssg-guides/ssg-ocp4-guide-moderate-node.html#xccdf_org.ssgproject.content_rule_kubelet_anonymous_auth" rel="reference"/>
+        <link href="https://docs.openshift.com/container-platform/4.10/security/compliance_operator/compliance-operator-understanding.html" rel="reference"/>
     </test>
     <test uuid="b426642a-7ff0-42a0-9ef5-ceed4e14f326">
-        <title>Test C for Rule 1</title>
+        <title>Disable Anonymous Authentication to the Kubelet - Runtime Analysis with CSP API for Managed OCP4 Control Plane</title>
         <description>
-            <p>This is Test C, it can be optionally executed to demonstrate a system meets requirements for Rule 1.</p>
+            <p>This test will analyze running OCP4 cluster(s) with a managed service from a cloud service provider (CSP). The CSP has a managed service that provisions OCP4 cluster(s) for customers. A REST API for this managed service can be queried. If the API confirms the setting is appropriately set, this test will return a passing value. It will be one example of an aspect of OCP4 cluster(s) configured to meet CM-6 requirements.</p>
         </description>
     </test>
     <test uuid="2f6c5c71-13fb-43c8-beca-1e79498b34c4">
-        <title>Test D for Rule 1</title>
+        <title>OCP4 Cluster Properly Configured and Deployed with Compliance Operator</title>
         <description>
-            <p>This is Test D, it can be optionally executed to demonstrate a system meets requirements for Rule 1.</p>    
+            <p>This is a test that provides automated evaluation to confirm that an OCP4 cluster has the Compliance Operator properly installed and configured.</p>    
         </description>
+        <prop name="version" ns="https://github.com/openshift/compliance-operator" value="0.1.49"/>
+        <link href="https://docs.openshift.com/container-platform/4.10/security/compliance_operator/compliance-operator-installation.html" rel="reference"/>
+        <link href="https://www.redhat.com/en/technologies/cloud-computing/openshift/what-are-openshift-operators" rel="reference"/>
+        <link href="https://kubernetes.io/docs/concepts/extend-kubernetes/operator/" rel="reference"/>
     </test>
-    <!--
-        The scenarios below exhibit three common usage patterns:
-    
-        1. A simple scenario where one test (Test A) is sufficient for one rule (Rule 1).
-        2. A complex scenario where one test (Test B) is sufficient for one rule (Rule 1), and that test depends on a prerequisite test (Test A).
-        3. A complex scenario with a condition, where one of either Test C or Test D, is sufficient for one rule (Rule 1).
-    -->
-    <!-- Testing Scenario Usage Pattern 1 -->
-    <testing-scenario rule-uuid="15ea20bc-75d5-43b0-a98d-cab984afeeb9" uuid="0666cbf2-2b76-4e9d-ba99-a783419ff1fe">  <!-- TODOD: Discuss that We don't need rule-uuid anymore? -->
-        <condition operator="and"> <!-- TODO: Discuss that We can't have a default operator to Metaschema defaults merged?  -->
-            <test-reference uuid="9d0a52e3-2bb6-4b39-9614-2dfa72271b57" test-uuid="7d50cd70-f0b3-4922-a566-3526d5eba97b" /> <!-- TODO: Discuss we need a uuid here now too? -->
-        </condition>
+    <testing-scenario rule-uuid="97a52f09-0248-45f4-8ac7-b7566170d733" uuid="0666cbf2-2b76-4e9d-ba99-a783419ff1fe">
+        <!-- Bind rule to static analysis test only. -->
+        <test-reference test-uuid="7d50cd70-f0b3-4922-a566-3526d5eba97b"/>
+    </testing-scenario>
+    <testing-scenario rule-uuid="97a52f09-0248-45f4-8ac7-b7566170d733" uuid="ccb267c8-f672-4aac-b522-5bbaef26f8e4">
+        <!-- Bind rule to only runtime analysis rule with OpenSCAP in Compliance Operator test only. -->
+        <test-reference test-uuid="2388cb25-ccbc-4de0-9630-675de624593f" />
     </testing-scenario>
-    <!-- Testing Scenario Usage Pattern 2 -->
-    <testing-scenario rule-uuid="" uuid="ccb267c8-f672-4aac-b522-5bbaef26f8e4">
+    <testing-scenario rule-uuid="97a52f09-0248-45f4-8ac7-b7566170d733" uuid="ccb267c8-f672-4aac-b522-5bbaef26f8e4">
+        <!-- Bind rule to only runtime analysis rule with CSP API test only. -->
+        <test-reference test-uuid="b426642a-7ff0-42a0-9ef5-ceed4e14f326" />
+    </testing-scenario>
+    <testing-scenario rule-uuid="97a52f09-0248-45f4-8ac7-b7566170d733" uuid="e88b710f-41cc-4096-8a95-c91d986ae09a">
+        <!-- Bind rule to both static analysis and CSP API tests. -->
         <condition operator="and">
-            <pre-condition operator="and"> <!-- TODO: Discuss we changed pre-requisite to pre-condition intentionally, right? -->
-                <test-reference test-uuid="7d50cd70-f0b3-4922-a566-3526d5eba97b" />
-            </pre-condition>
-            <test-reference uuid="9376b219-659f-4846-88ad-130b8c9074b9" test-uuid="2388cb25-ccbc-4de0-9630-675de624593f" />
+            <test-reference test-uuid="7d50cd70-f0b3-4922-a566-3526d5eba97b" />
+            <test-reference test-uuid="2388cb25-ccbc-4de0-9630-675de624593f" />
         </condition>
     </testing-scenario>
-    <!-- Testing Scenario Usage Pattern 3 -->
-    <testing-scenario rule-uuid="" uuid="f3edfdbf-b3b4-48c9-8733-fd3ebdeed43c">
+    <testing-scenario rule-uuid="97a52f09-0248-45f4-8ac7-b7566170d733" uuid="37853442-2fc2-4e33-aca2-ddf8ff49390c">
+        <!-- Bind rule to either static analysis or CSP API tests. -->
         <condition operator="or">
-            <test-reference test-uuid="b426642a-7ff0-42a0-9ef5-ceed4e14f326" />
-            <test-reference test-uuid="2f6c5c71-13fb-43c8-beca-1e79498b34c4" />
+            <test-reference test-uuid="7d50cd70-f0b3-4922-a566-3526d5eba97b" />
+            <test-reference test-uuid="2388cb25-ccbc-4de0-9630-675de624593f" />
+        </condition>
+    </testing-scenario>
+    <testing-scenario rule-uuid="97a52f09-0248-45f4-8ac7-b7566170d733" uuid="f3edfdbf-b3b4-48c9-8733-fd3ebdeed43c">
+        <condition operator="and">
+            <condition operator="and">
+                <prerequisite operator="and">
+                    <!-- Cannot run the Compliance Operator test without Compliance Operator, make sure it is installed. -->
+                    <test-reference test-uuid="2f6c5c71-13fb-43c8-beca-1e79498b34c4" />
+                </prerequisite>
+                <test-reference test-uuid="2388cb25-ccbc-4de0-9630-675de624593f" />
+            </condition>
+            <condition operator="and">
+                <test-reference test-uuid="7d50cd70-f0b3-4922-a566-3526d5eba97b"/>
+                <test-reference test-uuid="b426642a-7ff0-42a0-9ef5-ceed4e14f326"/>
+            </condition>
         </condition>
     </testing-scenario>
     <component uuid="94512adf-d8df-4535-a5af-57aaa1eed131" type="software">
-        <title>Example Rule &amp; Test Component 1</title>
-        <description>A Sample Component with Rule and Test Integration</description>
-        <rule-implementation uuid="c4fee229-784a-4943-908c-2b9a23ee192b" test-scenario-uuid="0666cbf2-2b76-4e9d-ba99-a783419ff1fe">
-            <description>Rule Implementation for Testing Scenario Usage Pattern 1.</description>
-        </rule-implementation>
-        <rule-implementation uuid="e7607d3f-bf62-4832-98d8-c8e82ef520bd" test-scenario-uuid="ccb267c8-f672-4aac-b522-5bbaef26f8e4">
-            <description>Rule Implementation for Testing Scenario Usage Pattern 2.</description>
-        </rule-implementation>
-        <rule-implementation uuid="8a6a2f49-4996-4aaa-9598-047efe91d0ac" test-scenario-uuid="f3edfdbf-b3b4-48c9-8733-fd3ebdeed43c">
-            <description>Rule Implementation for Testing Scenario Usage Pattern 3.</description>
-        </rule-implementation>
+        <title>RedHit Openshift Container Platform v4</title>
+        <description>
+            <p>This component documents the usage of RedHat's OpenShift Container Platform v4 (OCP4) in a system.</p>
+            <p>For many OpenShift Container Platform customers, regulatory readiness, or compliance, on some level is required before any systems can be put into production. That regulatory readiness can be imposed by national standards, industry standards, or the organization's corporate governance framework.</p>
+            <p>This component documents a system's use of OCP4 and its regulatory readiness in relation to NIST's Special Publication 800-37 information security and risk management framework. Implemented requirements are documented through security and privacy controls from NIST's Special Publication 800-53 Revision 5 Catalog.</p>
+            <p>Many of the implemented requirements provide supporting evidence of already implemented requirements with OCP4 cluster(s) as-is or recommendations for customers to configure cluster(s) accordingly in their own environment when it is their responsibility, on a control-by-control basis. Where applicable, OSCAL and its <code>rule</code>s provide machine-readable instructions for recommended security tools to evaluate security and privacy control requirements are met and provide machine-readable evidence of such requirements.</p>
+        </description>
+        <link href="https://docs.openshift.com/container-platform/4.10/security/index.html" rel="website"/>
+        <responsible-role role-id="ocp4-configuration-manager"/>
+        <control-implementation uuid="1ca1e0bf-4164-4823-9887-efbcee85d567" source="https://raw.githubusercontent.com/usnistgov/oscal-content/036b80f4153a2646b6a9dcb8902ebe519bc76225/nist.gov/SP800-53/rev5/xml/NIST_SP-800-53_rev5_catalog.xml">
+            <description>
+                <p>Control implementations and their documented requirements for OCP4 from the NIST 800-53 Revision 5 Catalog (sourced from NIST ITL CSD's official OSCAL catalog).</p>
+            </description>
+            <implemented-requirement uuid="55c45f52-2d99-4efb-a429-479662428a88" control-id="cm-6">
+                <description>
+                    <p>
+                        OCP4 implements requirements to support NIST 800-53 Revision 5 control CM-6: Configuration Settings.
+                    </p>
+                </description>
+                <set-parameter param-id="cm-6_prm_1">
+                    <value>common secure configurations from official RedHat or community OpenSCAP sources</value>
+                </set-parameter>
+                <responsible-role role-id="ocp4-configuration-manager"/>
+                <statement statement-id="cm-6_smt.a" uuid="3cf1d575-82f7-44c1-bef9-f0d09178c726">
+                    <description>
+                        <p>Configuration managers can use the product's functionality to establish and document configuration settings for OCP4 cluster(s) employed within the system. When not using system defaults, configuration managers can use <insert type="param" id-ref="cm-06_prm_1"/> that reflect the most restrictive mode consistent with operational requirements.</p>
+                    </description>
+                </statement>
+                <condition operator="and">
+                    <!-- Bind testing scenario for static analysis test only. -->
+                    <testing-scenario-reference testing-scenario-uuid="0666cbf2-2b76-4e9d-ba99-a783419ff1fe" />
+                </condition>
+            </implemented-requirement>
+        </control-implementation>
     </component>
     <back-matter/>
 </component-definition>
\ No newline at end of file
diff --git a/src/metaschema/oscal_component_metaschema.xml b/src/metaschema/oscal_component_metaschema.xml
index a74385fb18..794cc88c32 100644
--- a/src/metaschema/oscal_component_metaschema.xml
+++ b/src/metaschema/oscal_component_metaschema.xml
@@ -388,8 +388,11 @@
       <assembly ref="statement" max-occurs="unbounded">
         <group-as name="statements" in-json="ARRAY"/>
       </assembly>
-      <assembly ref="rule-condition">
-        <use-name>condition</use-name>
+      <assembly ref="rule-implementation" max-occurs="unbounded">
+        <group-as name="rule-implementations" in-json="ARRAY"/>
+        <remarks>
+          <p>Multiple rule implementations can be provided to describe alternative approaches for using rules to evaluate the implementation and effectiveness of the containing control.</p>
+        </remarks>
       </assembly>
       <field ref="remarks" in-xml="WITH_WRAPPER"/>
     </model>
@@ -447,6 +450,9 @@
       </assembly>
       <assembly ref="rule-implementation" max-occurs="unbounded">
         <group-as name="rule-implementations" in-json="ARRAY"/>
+        <remarks>
+          <p>Multiple rule implementations can be provided to describe alternative rule-based implementations used to evaluate the implementation and effectiveness of the containing control statement.</p>
+        </remarks>
       </assembly>
       <field ref="remarks" in-xml="WITH_WRAPPER"/>
     </model>
diff --git a/src/metaschema/oscal_rules-common_metaschema.xml b/src/metaschema/oscal_rules-common_metaschema.xml
index a948111db6..8175a3f440 100644
--- a/src/metaschema/oscal_rules-common_metaschema.xml
+++ b/src/metaschema/oscal_rules-common_metaschema.xml
@@ -31,7 +31,7 @@
             <assembly ref="link" max-occurs="unbounded">
                 <group-as name="links" in-json="ARRAY"/>
             </assembly>
-            <define-field ref="remarks"/>
+            <field ref="remarks"/>
         </model>
         <constraint>
             <allowed-values target="prop[has-oscal-namespace('http://csrc.nist.gov/ns/oscal')]/@name">
@@ -42,6 +42,11 @@
             </allowed-values>
         </constraint>
     </define-assembly>
+    <define-field name="rule-uuid" as-type="uuid" scope="local">
+        <formal-name>Rule Universally Unique Identifier Reference</formal-name>
+        <description>A rule UUID reference</description>
+    </define-field>
+
     <define-assembly name="test-definition">
         <formal-name>Test Definition</formal-name>
         <description>TODO</description>
@@ -65,7 +70,7 @@
                 <group-as name="links" in-json="ARRAY"/>
             </assembly>
             <!-- TODO: address activities and actions -->
-            <define-field ref="remarks"/>
+            <field ref="remarks"/>
         </model>
         <constraint>
             <allowed-values target="prop[has-oscal-namespace('http://csrc.nist.gov/ns/oscal')]/@name">
@@ -100,10 +105,10 @@
                 </assembly>
                 <assembly ref="test-reference" min-occurs="1"/>
             </choice>
-            <define-field ref="remarks"/>
+            <field ref="remarks"/>
         </model>
     </define-assembly>
-    <define-assembly name="test-reference" min-occurs="1" max-occurs="unbounded">
+    <define-assembly name="test-reference">
         <formal-name>Test Reference</formal-name>
         <description>TODO</description>
         <!-- TODO: Consider if we need a specific uuid per test-reference for each ref in final impl. 
@@ -124,10 +129,8 @@
             <formal-name>Rule Condition Negation Flag</formal-name>
             <description>TODO</description>
             <remarks>
-                <p>
-                    <h1>Negate Truth Table</h1>
-                    <p>true -> false, false -> true, error -> error, not-applicable -> not-applicable</p>
-                </p>
+                <h1>Negate Truth Table</h1>
+                <p>true -> false, false -> true, error -> error, not-applicable -> not-applicable</p>
             </remarks>
         </define-flag>
         <define-flag name="operator" required="yes" as-type="token" default="and">
@@ -140,10 +143,7 @@
                 </allowed-values>
             </constraint>
             <remarks>
-                <p>
-                    <h1>Operator Truth Table</h1>
-                    <p></p>
-                </p>
+                <h1>Operator Truth Table</h1>
                 <p>What is eager evaluation and why does it matter?</p>
                 <p>How do prerequisites work in the processing of condition operators and precedence.</p>
             </remarks>
@@ -160,31 +160,31 @@
             </assembly>
             <choice>
                 <!-- TODO: consider making this a multi-choice if that feature is implemented. -->
-                <assembly ref="rule-condition">
+                <assembly ref="rule-condition" min-occurs="1" max-occurs="unbounded">
                     <use-name>condition</use-name>
+                    <group-as name="rule-conditions" in-json="ARRAY"/>
+                </assembly>
+                <assembly ref="test-reference" min-occurs="1" max-occurs="unbounded">
+                    <group-as name="test-references" in-json="ARRAY"/>
+                </assembly>
+                <assembly ref="testing-scenario-reference" min-occurs="1" max-occurs="unbounded">
+                    <group-as name="testing-scenario-references" in-json="ARRAY"/>
                 </assembly>
-                <assembly ref="test-reference" min-occurs="1" max-occurs="unbounded"/>
-                <assembly ref="testing-scenario-reference" min-occurs="1" max-occurs="unbounded"/>
             </choice>
-            <define-field ref="remarks"/>
+            <field ref="remarks"/>
         </model>
     </define-assembly>
-    <define-flag name="testing-scenario-uuid" as-type="uuid" scope="local">
-        <formal-name>Testing Scenario Universally Unique Identifier Reference</formal-name>
-        <description>A testing scenario UUID reference</description>
-    </define-flag>
-    <define-field name="testing-scenario-uuid" required="yes" as-type="uuid" scope="local">
+    <define-field name="testing-scenario-uuid" as-type="uuid" scope="local">
         <formal-name>Testing Scenario Universally Unique Identifier</formal-name>
-        <description>A testing scenari UUID reference</description>
+        <description>A testing scenario UUID reference</description>
     </define-field>
     <define-assembly name="testing-scenario-reference">
         <formal-name>Testing Scenario Reference</formal-name>
         <description>A reference to a testing scenario.</description>
-        <define-flag name="uuid" required="yes" as-type="uuid">
+        <define-flag name="testing-scenario-uuid" as-type="uuid">
             <formal-name>Testing Scenario Universally Unique Identifier Reference</formal-name>
-            <description>TODO</description>
+            <description>A testing scenario UUID reference</description>
         </define-flag>
-        <flag ref="testing-scenario-uuid" required="yes"/>
     </define-assembly>
 
     <define-assembly name="rule-implementation">
@@ -194,19 +194,27 @@
             <formal-name>Rule Implementation Universally Unique Identifier</formal-name>
             <description>TODO</description>
         </define-flag>
-        <define-field name="description" as-type="markup-multiline" min-occurs="1" in-xml="WITH_WRAPPER">
-            <formal-name>Rule Implementation Description</formal-name>
-            <description>A summary of the rule implementation.</description>
-        </define-field>
         <model>
+            <define-field name="description" as-type="markup-multiline" min-occurs="1" in-xml="WITH_WRAPPER">
+                <formal-name>Rule Implementation Description</formal-name>
+                <description>A summary of the rule implementation.</description>
+            </define-field>
             <assembly ref="property" max-occurs="unbounded">
                 <group-as name="props" in-json="ARRAY"/>
             </assembly>
             <assembly ref="link" max-occurs="unbounded">
                 <group-as name="links" in-json="ARRAY"/>
             </assembly>
-            <assembly ref="testing-scenario-reference" min-occurs="1"/>
-            <define-field ref="remarks"/>
+            <choice>
+                <assembly ref="rule-condition">
+                    <use-name>condition</use-name>
+                </assembly>
+                <field ref="rule-uuid" min-occurs="1" max-occurs="unbounded">
+                    <description>Provides a placeholder for cases where a rule can be identified, but the specific tests to evaluate the rule cannot be identified.</description>
+                    <group-as name="rule-uuids" in-json="ARRAY"/>
+                </field>
+            </choice>
+            <field ref="remarks"/>
         </model>
     </define-assembly>
 </METASCHEMA>