I would like to express some IT security facts about building
My conclusion so far is that there is little work done in relation with It security.
Thus I have to extend some IFC schemas ( IFCs 4 ? / BAMie subset ?) and/or define
new Psets in order to be able to model these facts.
The facts could be device related, helping to answer questions
- “Does this device possess some identifiable firmware” ?
- “Is the firmware associated to a device upgradable ?”,
- “Is the device intended to contains some GDPR regulated data”,
Facts may also be more general, helping for example to answer to
“Does the device maker and/or the contractor owns a dedicated
communication channel for vulnerability disclosures related to the device” ?
My question is : would it be sufficient to express these properties
as Psets or will it be required to extend the step schema ?