1 Data modelling language SRS-001
The data model of SATRAP-DL SHALL be specified using a data modelling language based on description logics, such as OWL, or on type theory such as TypeQL.
Rationale
To enforce a rigorous logical model specification close to the conceptual model where the semantics of information are captured.
Parent links: MRS-001 Semantic data model
Child links: ARC-001 System structure overview, TST-001 TC: Verify data modelling artifacts, ARC-002 Logical view of SATRAP-DL, ARC-003 ETL high-level design, ARC-004 ETL components
| Attribute | Value |
|---|---|
| release | Alpha |
| type | A |
| urgency | 5 |
| vm | R |
2 Database paradigm SRS-002
SATRAP-DL SHALL rely on a database paradigm that allows for knowledge representation based on semantics as opposed to based on structure of the information. Possible candidates are the PERA model and the graph model implemented by TypeDB and, e.g., Neo4J respectively.
Rationale
To enable intrinsic semantic search capabilities and automated reasoning over the data model.
Parent links: MRS-002 CTI knowledge base
Child links: ARC-001 System structure overview, TST-001 TC: Verify data modelling artifacts, ARC-002 Logical view of SATRAP-DL, ARC-003 ETL high-level design, ARC-004 ETL components
| Attribute | Value |
|---|---|
| release | Alpha |
| type | A |
| urgency | 5 |
| vm | R |
3 Semantic search SRS-003
The system SHALL support querying the CTI SKB based on semantic criteria.
Rationale
To enable users to perform meaningful searches and data manipulation based on semantics rather than just data structure.
Parent links: MRS-002 CTI knowledge base
Child links: ARC-001 System structure overview, TST-001 TC: Verify data modelling artifacts, ARC-002 Logical view of SATRAP-DL, ARC-003 ETL high-level design, ARC-004 ETL components
| Attribute | Value |
|---|---|
| release | Alpha |
| type | A |
| urgency | 5 |
| vm | R |
4 Extensibility of the data model SRS-004
The data model of the CTI SKB SHALL be extensible to accommodate for the integration of new information (e.g., facts, entities, or relationships) without requiring a complete redesign.
Rationale
Extensibility of the data model allows for gradual enrichment of the CTI SKB by combining multiple threat frameworks, as CTI might not be expressible in a single one.
Parent links: MRS-003 CTI SKB extensibility
Child links: ARC-001 System structure overview, TST-001 TC: Verify data modelling artifacts, ARC-002 Logical view of SATRAP-DL, ARC-003 ETL high-level design, ARC-004 ETL components
| Attribute | Value |
|---|---|
| release | Alpha |
| type | A |
| urgency | 5 |
| vm | R |
5 NoSQL data model SRS-005
The data model of the CTI SKB SHALL rely on either a NoSQL graph-based or a document-based database solution or a type-theoretic polymorphic entity-relation-attribute (PERA) data model to allow for the addition of new entities and relationships without requiring a schema migration.
Rationale
Flexibility enables further customization for specific domains, such as healthcare or military related ones.
Parent links: MRS-004 SKB data model flexibility
Child links: ARC-001 System structure overview, TST-001 TC: Verify data modelling artifacts, ARC-002 Logical view of SATRAP-DL, ARC-003 ETL high-level design, ARC-004 ETL components
| Attribute | Value |
|---|---|
| release | Alpha |
| type | A |
| urgency | 5 |
| vm | R |
6 Integration of common CTI SRS-006
SATRAP-DL SHALL provide a mechanism for retrieving datasets from MITRE ATT&CK in STIX 2.1, ingesting the payload via an ETL pipeline and loading the transformed content into the CTI SKB.
Rationale
For scenarios that deal with CTI generation and operation, we consider that a knowledge base requires information from at least three categories. This requirement addresses the integration of common cybersecurity knowledge.
Parent links: MRS-005 Default CTI content
Child links: ARC-003 ETL high-level design, ARC-004 ETL components, TST-008 Test setup + MITRE ATT&CK ingestion
| Attribute | Value |
|---|---|
| release | Alpha |
| type | F |
| urgency | 5 |
| vm | T |
7 Semantic data integrity SRS-007
The data model SHALL enforce semantic integrity ensuring that relationships and constraints adhere to the intended meaning. Semantic data integrity can be enforced by measures such as data validation with respect to schemas and relationships constraints, automated checks for data redundancy and inference powered with a reasoning engine.
Rationale
To ensure consistency, accuracy and reliability of data, preventing among others contradictory and repeated data to be stored.
Parent links: MRS-008 CTI SKB data integrity
Child links: ARC-001 System structure overview, ARC-002 Logical view of SATRAP-DL, ARC-003 ETL high-level design, ARC-004 ETL components, TST-007 TC: Verify secure programming
| Attribute | Value |
|---|---|
| release | Alpha |
| type | S |
| urgency | 5 |
| vm | R |
8 ETL orchestrator SRS-008
The ETL module SHALL provide a component in charge of orchestrating the ingestion of datasets in STIX 2.1 and the insertion of the content into the CTI SKB.
Rationale
To provide a single means of data ingestion regardless of the data source, enforcing separation of duties and modularity in the design.
Parent links: MRS-011 Ingestion of standardized CTI, MRS-024 Frontend and CTI SKB mediator, MRS-025 Reasoning engine controller
Child links: ARC-003 ETL high-level design, ARC-004 ETL components, TST-009 Verify ETL architecture
| Attribute | Value |
|---|---|
| release | Alpha |
| type | A |
| urgency | 5 |
| vm | R |
9 ETL Transformer SRS-009
The ETL module SHALL provide a component in charge of transforming data in STIX 2.1 format into the representation language of the the CTI SKB schema.
Rationale
To address data parsing enforcing separation of duties and modularity.
Parent links: MRS-011 Ingestion of standardized CTI
Child links: ARC-003 ETL high-level design, ARC-004 ETL components, TST-009 Verify ETL architecture
| Attribute | Value |
|---|---|
| release | Alpha |
| type | A |
| urgency | 5 |
| vm | R |
10 Database manager SRS-010
The system SHALL have a component in charge of managing database operations and connections.
Rationale
To deal with database management enforcing separation of duties and modularity.
Parent links: MRS-011 Ingestion of standardized CTI
Child links: ARC-001 System structure overview, ARC-002 Logical view of SATRAP-DL, ARC-003 ETL high-level design, ARC-004 ETL components, TST-009 Verify ETL architecture
| Attribute | Value |
|---|---|
| release | Alpha |
| type | A |
| urgency | 5 |
| vm | R |
11 Ingestion of internal and external CTI SRS-011
SATRAP-DL SHALL implement a mechanism for programmatically fetching data from MISP or OpenCTI via API access or wrapper libraries (e.g., PyMISP) in STIX 2.1 format, making them available for other system components to adequately process and insert the information into the CTI SKB.
Rationale
For scenarios that deal with CTI generation and operation, we consider that a knowledge base requires information from at least three categories. This requirement addresses the integration of internal and external CTI.
Parent links: MRS-012 CyFORT CTI repository, MRS-042 TIP inference connector, MRS-043 TIP enrichment connector
Child links: ARC-001 System structure overview, ARC-002 Logical view of SATRAP-DL, ARC-003 ETL high-level design, ARC-004 ETL components
| Attribute | Value |
|---|---|
| release | Beta |
| type | F |
| urgency | 4 |
| vm | T |
12 Inference rules SRS-012
SATRAP-DL SHALL implement inference rules that allow for the automated derivation of knowledge over existing relations in the CTI SKB.
Rationale
To address one of the major challenges for incident responders, namely, manual data correlation and contextualization of collected IoCs.
Parent links: MRS-014 Automated CTI enrichment
Child links: ARC-001 System structure overview, ARC-002 Logical view of SATRAP-DL, ARC-003 ETL high-level design, ARC-004 ETL components, TST-010 Verify CTI SKB inference rules
| Attribute | Value |
|---|---|
| release | Alpha |
| type | F |
| urgency | 4 |
| vm | A |
13 STIX 2.1 data model SRS-013
The data model of SATRAP-DL SHALL be aligned with the data model of STIX 2.1.
Rationale
Such a design enables a direct mapping of the imported data into the concepts in the database and allows for the use of the integrity checks defined over the database model.
Parent links: MRS-015 Semantic relations preservation
Child links: ARC-003 ETL high-level design, ARC-004 ETL components, TST-004 TC: Verify data model
| Attribute | Value |
|---|---|
| release | Alpha |
| type | A |
| urgency | 5 |
| vm | A |
14 Native reasoning engine SRS-014
SATRAP-DL SHALL use a DBMS technology that integrates or has compatibility with a reasoning engine. The preferred solution is TypeDB.
Rationale
A native implementation of the KB and reasoning engine in one platform typically optimizes performance as it allows for the implementation of efficient data management strategies.
Parent links: MRS-018 Automated reasoning
Child links: ARC-001 System structure overview, ARC-002 Logical view of SATRAP-DL, ARC-003 ETL high-level design, TST-003 TC: Verify STIX and reasoning engine, ARC-004 ETL components
| Attribute | Value |
|---|---|
| release | Alpha |
| type | A |
| urgency | 5 |
| vm | R, I |
15 Jupyter Notebook frontend SRS-015
SATRAP-DL SHALL implement an analysis frontend in the form of a Jupyter notebook that makes use of the SATRAP-DL analysis toolbox SDK to offer an initial set of predefined CTI investigations operations forming a reusable playbook.
Rationale
For interoperability with the ecosystem, to enable the automation of the CTI lifecycle through the integration of multiple complementary solutions.
Parent links: MRS-020 Interactive frontend, MRS-021 Self-defined CTI queries, MRS-022 Saved queries, MRS-023 Query parameterization, MRS-025 Reasoning engine controller, MRS-026 Query result viewer, MRS-027 Frontend query status, MRS-029 Frontend design, MRS-030 Frontend terminology, MRS-031 Frontend STIX compliance, MRS-034 Frontend cross-platform support, MRS-037 SATRAP as software library
Child links: ARC-001 System structure overview, ARC-002 Logical view of SATRAP-DL, ARC-003 ETL high-level design, ARC-004 ETL components, TST-011 Test Jupyter notebook frontend
| Attribute | Value |
|---|---|
| release | Alpha |
| type | F |
| urgency | 3 |
| vm | T |
16 API based on OAS SRS-016
The API of SATRAP-DL SHALL comply with the OpenAPI Specification (OAS) standard.
Rationale
To enable automatic generation of documentation, automated API testing and validation, and a language-agnostic human and machine-readable specification.
Parent links: MRS-038 Platform-independent API
| Attribute | Value |
|---|---|
| release | Beta |
| type | C |
| urgency | 2 |
| vm | R |
17 Integration of behavioral data SRS-017
SATRAP-DL SHALL implement a mechanism for programmatically retrieving data in STIX 2.1 from IDPS-ESCAPE via API access, making it available for other system components to adequately process and insert the information into the CTI SKB.
Rationale
For scenarios that deal with CTI generation and operation, we consider that a knowledge base requires information from at least three categories. This requirement addresses the integration of behavioral data.
Parent links: MRS-039 CTI ingestion from IDPS-ESCAPE
Child links: ARC-001 System structure overview, ARC-002 Logical view of SATRAP-DL, ARC-003 ETL high-level design, ARC-004 ETL components
| Attribute | Value |
|---|---|
| release | Beta |
| type | F |
| urgency | 4 |
| vm | T |
18 IDPS-ESCAPE ingestion policy SRS-018
The automated data retrieval mechanism of SATRAP-DL for ingesting IDPS-ESCAPE data SHALL operate according to the settings specified in a pre-defined policy.
Rationale
For scenarios that deal with CTI generation and operation, we consider that a knowledge base requires information from at least three categories. This requirement addresses the integration of behavioral data.
Parent links: MRS-039 CTI ingestion from IDPS-ESCAPE
Child links: ARC-003 ETL high-level design, ARC-004 ETL components
| Attribute | Value |
|---|---|
| release | Beta |
| type | F |
| urgency | 4 |
| vm | T |
19 CTI export to STIX SRS-019
SATRAP-DL SHALL provide a feature for exporting the results of queries processed by the CTI analysis toolbox (run over the CTI SKB) in STIX format.
Rationale
For persistence of the analysis results in a standard human readable format, useful for sharing the findings.
Parent links: MRS-041 Inferred CTI export
Child links: ARC-003 ETL high-level design, ARC-004 ETL components
| Attribute | Value |
|---|---|
| release | Beta |
| type | F |
| urgency | 2 |
| vm | T |
20 System configuration file SRS-020
SATRAP-DL SHALL allow for customization of system parameters (e.g., logging severity: debug, info, warn, error; db connections; file paths) in a dedicated configuration file.
Rationale
In agreement with clean code and best practices for software development, to promote code maintainability.
Parent links: MRS-044 Modular architecture
Child links: ARC-001 System structure overview, ARC-002 Logical view of SATRAP-DL, ARC-003 ETL high-level design, ARC-004 ETL components, TST-005 TC: Verify centralized management
| Attribute | Value |
|---|---|
| release | Alpha |
| type | Q |
| urgency | 3 |
| vm | I |
21 Centralized logging SRS-021
The logs of the system SHALL be handled in a central location.
Rationale
In agreement with clean code and best practices for software development, to promote code maintainability.
Parent links: MRS-044 Modular architecture
Child links: ARC-001 System structure overview, ARC-002 Logical view of SATRAP-DL, TST-005 TC: Verify centralized management
| Attribute | Value |
|---|---|
| release | Alpha |
| type | Q |
| urgency | 2 |
| vm | I |
22 Centralized exception handling SRS-022
SATRAP-DL SHALL manage exceptions in a centralized manner, e.g., by maintaining all the error codes in a configuration file.
Rationale
In agreement with clean code and best practices for software development, to promote code maintainability.
Parent links: MRS-044 Modular architecture
Child links: ARC-001 System structure overview, ARC-002 Logical view of SATRAP-DL, TST-005 TC: Verify centralized management
| Attribute | Value |
|---|---|
| release | Alpha |
| type | Q |
| urgency | 5 |
| vm | I |
23 CTI representation in STIX 2.1 SRS-023
SATRAP-DL SHALL use STIX 2.1 as the default standard format for CTI representation.
Rationale
For interoperability
Parent links: MRS-045 STIX compliance
Child links: ARC-003 ETL high-level design, TST-003 TC: Verify STIX and reasoning engine, ARC-004 ETL components
| Attribute | Value |
|---|---|
| release | Alpha |
| type | C |
| urgency | 5 |
| vm | R, I |
24 Design and implementation principles SRS-024
The design and implementation of SATRAP-DL SHALL adhere to software best practices such as naming convention, clean code, SOLID principles, etc.
Rationale
Among others, for maintainability, security, reliability and robustness fo code.
Parent links: MRS-044 Modular architecture, MRS-046 C5-DEC compliance
Child links: TST-002 TC: Verify software engineering, ARC-003 ETL high-level design, ARC-004 ETL components
| Attribute | Value |
|---|---|
| release | Alpha |
| type | A, S, Q |
| urgency | 5 |
| vm | R |
25 Code readability SRS-025
The source code of SATRAP-DL SHALL be self explanatory and well documented.
Rationale
To support maintainability, extensibility and adoption of the software.
Parent links: MRS-046 C5-DEC compliance
Child links: TST-006 TC: Verify code clarity
| Attribute | Value |
|---|---|
| release | Alpha |
| type | Q |
| urgency | 5 |
| vm | I |
26 Public release SRS-026
The source code of SATRAP-DL SHALL be released in a GitHub public repository.
Rationale
Open-source releases allow contributions and usage by the community, which in turn foster adoption and constant exchange of feedback.
Parent links: MRS-051 Open-source releases
Child links: TST-018 Verify release and licensing
| Attribute | Value |
|---|---|
| release | Alpha |
| type | C |
| urgency | 3 |
| vm | I |
27 Open-source licensing SRS-027
Third-party libraries used in SATRAP-DL SHALL have open source licenses that do not restrict the privileges granted by the license selected for SATRAP-DL.
Rationale
To avoid the introduction of limitations in the distribution and use of SATRAP-DL derived from the use of third-party software.
Parent links: MRS-051 Open-source releases
Child links: TST-018 Verify release and licensing
| Attribute | Value |
|---|---|
| release | Alpha |
| type | C |
| urgency | 3 |
| vm | A |
28 Input validation SRS-028
SATRAP-DL components receiving input to the system SHALL validate the input and reject it in case the validation fails. The validation may include integrity checks, syntactic checks, semantic checks, parameter out-of-range checks, etc.
Rationale
To prevent code injection.
Parent links: MRS-053 Secure programming compliance
Child links: ARC-001 System structure overview, ARC-002 Logical view of SATRAP-DL, ARC-003 ETL high-level design, ARC-004 ETL components, TST-007 TC: Verify secure programming
| Attribute | Value |
|---|---|
| release | Alpha |
| type | S |
| urgency | 5 |
| vm | I |
29 Input sanitization SRS-029
SATRAP-DL components SHALL perform sanitization of input and output (data passed across a trust boundary). Sanitization may include removing, replacing, encoding, or escaping unwanted characters.
Rationale
To prevent code injection.
Parent links: MRS-053 Secure programming compliance
Child links: ARC-001 System structure overview, ARC-002 Logical view of SATRAP-DL, ARC-003 ETL high-level design, ARC-004 ETL components, TST-007 TC: Verify secure programming
| Attribute | Value |
|---|---|
| release | Alpha |
| type | S |
| urgency | 5 |
| vm | I |
30 Resource management SRS-030
Network connections and other resources accessed SHALL be properly terminated when no further required.
Rationale
To prevent data leakage or DoS attacks.
Parent links: MRS-053 Secure programming compliance
Child links: TST-007 TC: Verify secure programming
| Attribute | Value |
|---|---|
| release | Alpha |
| type | S |
| urgency | 5 |
| vm | I |
31 Code static analysis SRS-031
The code of SATRAP-DL SHALL be statically analyzed using an appropriate software to identify potential issues. The static analysis of Python code shall aim to detect:
- error handling
- commented-out code
- input validation
- code injection
- concurrency and race conditions (if applicable)
- canonical representation vulnerabilities
- minimum amount of dependencies
Rationale
To detect common security vulnerabilities in an automated way.
Parent links: MRS-053 Secure programming compliance
| Attribute | Value |
|---|---|
| release | Beta |
| type | S |
| urgency | 5 |
| vm | I, A |
32 Dependencies management SRS-032
All software dependencies including third-party libraries SHALL be listed and maintained in a configuration file.
Rationale
To enforce a centralized control over external dependencies.
Parent links: MRS-053 Secure programming compliance
Child links: TST-007 TC: Verify secure programming
| Attribute | Value |
|---|---|
| release | Alpha |
| type | S |
| urgency | 5 |
| vm | I |
33 Functional ETL events logging SRS-033
SATRAP-DL SHALL log at least one timestamped event with an associated log level recording the ETL execution status (success/failure) per each phase, i.e., extraction, transformation, and loading.
Rationale
To provide information for security investigations.
Parent links: MRS-053 Secure programming compliance
Child links: TST-012 Test ETL logging
| Attribute | Value |
|---|---|
| release | Alpha |
| type | F |
| urgency | 3 |
| vm | T |
34 Detailed event logging SRS-034
SATRAP-DL logs SHALL be stored in a secure location and SHALL be accessible only to authorized personnel.
Rationale
To provide information for debugging purposes.
Parent links: MRS-053 Secure programming compliance
| Attribute | Value |
|---|---|
| release | Beta |
| type | S |
| urgency | 3 |
| vm | T |
35 Consistent logging format SRS-035
SATRAP-DL logs SHALL be stored for at least X time duration according to a data retention policy.
Rationale
To generate human-readable and informative logs.
Parent links: MRS-053 Secure programming compliance
| Attribute | Value |
|---|---|
| release | Beta |
| type | C |
| urgency | 1 |
| vm | T |
36 Log validation SRS-036
Log strings SHALL be sanitized and validated before logging to prevent log injection attacks.
Rationale
To prevent log injection attacks.
Parent links: MRS-053 Secure programming compliance
Child links: TST-007 TC: Verify secure programming
| Attribute | Value |
|---|---|
| release | Alpha |
| type | S |
| urgency | 4 |
| vm | I |
37 Sensitive information SRS-037
SATRAP-DL SHALL not log sensitive information such as passwords or entity identifiers.
Rationale
To avoid intended or unintended leakage of sensitive information.
Parent links: MRS-053 Secure programming compliance
Child links: TST-007 TC: Verify secure programming
| Attribute | Value |
|---|---|
| release | Alpha |
| type | S |
| urgency | 5 |
| vm | I |
38 Software identification SRS-038
The deployment build of SATRAP-DL SHALL provide a way to retrieve its version and other identification details via the frontend.
Rationale
To inform the user of the specific version of the system that is being used, often required for consulting user manuals, reporting bugs, etc.
Parent links: MRS-053 Secure programming compliance
| Attribute | Value |
|---|---|
| release | Beta |
| type | F,S |
| urgency | 3 |
| vm | T |
40 Authentication and authorization SRS-040
The SATRAP-DL subsystem integrated with the SATRAP TIP for automated ingestion and enrichment SHALL rely on the SATRAP TIP built-in solution for user authentication and authorization, e.g., OpenCTI or MISP LDAP or native user management.
Rationale
To enforce user identification and resource access authorization by building on well-established solutions.
Parent links: MRS-056 Access control
| Attribute | Value |
|---|---|
| release | Beta |
| type | S |
| urgency | 3 |
| vm | T |
41 Configuration management mechanism SRS-041
The system SHALL provide a configuration management mechanism with a set of predefined values for the user to adjust various system settings.
Rationale
To enforce a centralized user-configurable mechanism for managing system settings.
Parent links: MRS-016 Configuration management, MRS-017 Conformance with user settings
Child links: TST-013 Inspect settings for CM
| Attribute | Value |
|---|---|
| release | Alpha |
| type | F |
| urgency | 2 |
| vm | I |
42 Command line interface (CLI) SRS-042
The SATRAP-DL system SHALL provide a command line interface (CLI) for users to interact with the system. The CLI shall support at least the following commands:
setup: Initialize the backend CTI SKB.etl: Launch the ETL pipeline.help: Display a list of available commands and their descriptions.
This will allow users to quickly set up the backend CTI SKB and launch the ETL pipeline without needing to navigate through a graphical user interface (GUI). The CLI will also provide a help command to assist users in understanding the available commands and their usage.
Rationale
To provide easy and efficient access to core data processing functionality through a command line interface (CLI) for users who prefer command line tools.
Parent links: MRS-020 Interactive frontend, MRS-033 File-based SKB update, MRS-034 Frontend cross-platform support
Child links: TST-014 Test command line interface (CLI)
| Attribute | Value |
|---|---|
| release | Alpha |
| type | F |
| urgency | 5 |
| vm | T |
43 TypeDB Studio SRS-043
The SATRAP-DL system SHALL adopt TypeDB Studio as a Graphical User Interface (GUI) for users to interact with the SATRAP CTI SKB using the native TypeQL query language.
Rationale
To provide the means to the user to execute queries in the native query language of the CTI SKB.
Parent links: MRS-020 Interactive frontend, MRS-028 Native query execution, MRS-029 Frontend design, MRS-032 User-controlled CTI curation
Child links: TST-008 Test setup + MITRE ATT&CK ingestion
| Attribute | Value |
|---|---|
| release | Alpha |
| type | F |
| urgency | 5 |
| vm | T |
44 Open-source TIP integration SRS-044
The SATRAP-DL system SHALL adopt both MISP and OpenCTI as open-source TIPs (Threat Intelligence Platform) to manage threat intelligence data.
Rationale
To host and manage CTI data, by relying on stable and mature solutions, without reinventing the wheel. The choice of integrating a well-established open-source TIP would
- provide a solution capable of ingesting, storing, and distributing threat intelligence data from various sources, including open-source feeds, commercial feeds, and internal sources.
- provide a user-friendly interface for analysts to search, filter, and visualize threat intelligence data.
- support integration with other security tools and platforms, such as SIEM (Security Information and Event Management) systems, SOAR (Security Orchestration, Automation, and Response) platforms, and threat intelligence sharing platforms.
- support standardized formats for threat intelligence data, such as STIX (Structured Threat Information Expression) and TAXII (Trusted Automated Exchange of Indicator Information), to facilitate interoperability with other systems.
- support the ability to create and manage threat intelligence feeds, including the ability to schedule updates and manage data retention policies.
- support the ability to create and manage threat intelligence reports, including the ability to generate reports in various formats, such as PDF, HTML, and CSV.
- support the ability to create and manage threat intelligence dashboards, including the ability to customize the layout and content of the dashboards.
- support the ability to create and manage threat intelligence alerts, including the ability to configure alert thresholds and notification mechanisms.
Parent links: MRS-012 CyFORT CTI repository, MRS-039 CTI ingestion from IDPS-ESCAPE
Child links: TST-017 Verify open-source TIP integration
| Attribute | Value |
|---|---|
| release | Alpha |
| type | A |
| urgency | 5 |
| vm | R |