Skip to main content
U.S. flag

An official website of the United States government

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Secure .gov websites use HTTPS
A lock ( ) or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.

Extending the Cybersecurity Digital Thread with XForms



Joshua Lubell


The digital thread for cybersecurity enables security technologies and data sources to interoperate. It consists of an integrated collection of languages, taxonomies, and metrics represented using the Extensible Markup Language (XML). A gap in the cybersecurity digital thread is the lack of good software for tailoring the National Institute of Standards and Technology (NIST) Special Publication (SP) 800-53 security controls and exporting the result in a structured XML format. An application built using XForms demonstrated success in providing specialized user interface for tailoring security controls, enforcing NIST SP 800-53 tailoring guidelines, and in generating XML content suitable for automated processing by other cybersecurity tools.
Proceedings Title
Balisage Series on Markup Technologies
Conference Dates
August 11-14, 2015
Conference Location
Washington, DC
Conference Title
Balisage: The Markup Conference


cybersecurity, XForms, security control, tailored baseline, overlay, SCAP, Security Content Automation Protocol, National Vulnerability Database, NVD, Small Arcane Nontrivial Dataset, Industrial Control System, NIST SP 800-53, NIST SP 800-82


Lubell, J. (2015), Extending the Cybersecurity Digital Thread with XForms, Balisage Series on Markup Technologies, Washington, DC, [online], (Accessed June 21, 2024)


If you have any questions about this publication or are having problems accessing it, please contact

Created August 3, 2015, Updated November 10, 2018