Attack Step Framework Update

[JohnASRG]

Update the schema to allow references for attack steps to the existing attack frameworks such as MITRE ATTACK, Emb3d, Auto-ISAC Threat Matrix, etc.

[JohnASRG]

@claude

[JohnASRG]

@claude

[claude]

Claude finished @JohnASRG's task in 16m 8s —— View job • claude/issue-38-20260505-1548 • Create PR ➔

---

Attack Step Framework References — Implementation

Tasks:

• Gather context (read schema, REQUIREMENTS.md, examples)
• Understand request (add frameworkReferences to attackSteps for MITRE ATT&CK, EMB3D, Auto-ISAC Threat Matrix, etc.)
• Update JSON schema — frameworkReferences field on attackSteps + FrameworkReference $defs type
• Update XML schema — frameworkReferences element on attackStepType + frameworkReferencesType / frameworkReferenceType complex types
• Update rdx-example.json — all four attack steps carry frameworkReferences covering all three target frameworks
• Update REQUIREMENTS.md — added RDX-114
• Commit and push

---

What was added

JSON schema (spec/json/rdx.schema.json):

Each attackStep now accepts an optional frameworkReferences array. Each entry is a FrameworkReference object:

Field	Required	Description
framework	✅	Framework name (e.g. "MITRE ATT&CK for Automotive", "EMB3D", "Auto-ISAC Threat Matrix", "CAPEC")
techniqueId	✅	Technique/tactic/threat ID within the framework (e.g. "AUT.001", "EMB.CAP.003", "T1059")
url	optional	Deep-link URI to the framework entry
description	optional	How this entry relates to the attack step

Example usage:

{
  "id": "AS-002",
  "title": "Exploit vulnerability",
  "frameworkReferences": [
    {
      "framework": "MITRE ATT&CK for Automotive",
      "techniqueId": "AUT.007",
      "description": "Exploit Public-Facing Application — UDS/DoIP authentication bypass"
    },
    {
      "framework": "EMB3D",
      "techniqueId": "EMB.CAP.003",
      "description": "Weak Authentication — authentication bypass on diagnostic interface"
    }
  ]
}

XML schema (spec/xml/rdx.xsd): Added <frameworkReferences> element to attackStepType, with frameworkReferencesType / frameworkReferenceType complex types.

Requirement: Added RDX-114 to REQUIREMENTS.md.

---

|