The CyberML™ (Cyber Modeling Language™) is a UML profile and model library for specifying the architectures and designs of cybersecurity applications.
Since CyberML is designed and implemented as a UML profile (UML dialect) and model library it is compatible with the UML and OMG SysML architecture modeling language standards, and can be implemented in popular visual modeling tools that comply with those standards.
The CyberML profile
specifies basic constructs for specifying network topologies, network communication protocols, cyber devices, and cyber assets. Cyber devices supported include routers/switches, firewalls, encryption/decryption devices, Intrusion Detection/Protection Systems (IDS/IPS), and Unified Threat Management (UTM) devices.
The CyberML model library specifies recursive analysis, design and architecture patterns that can be applied during the full System Development Life Cycle (SDLC) on "both sides" of the System V-Model (a.k.a. System Vee Model)
. When used with a pragmatic "Agile" subset of either UML 2 or SysML 1.x, these recursive analysis, design and architecture patterns facilitate scalable traceability on the "left side" of the System-V Model
, and scalable Verification & Validation (V&V) on the "right side" of the System-V Model.
The CyberML can be customized to support emerging Cybersecurity Framework standards, such as the NIST Cybersecurity Framework (NIST Special Publication 800-37)
, DoD Risk Management Framework (RMF)
, and ISO/IEC 27000