184. Situation-dependent information extraction uses advanced algorithms to support situation associative processing and improve human systems collaboration. Tools are needed to go beyond static data filtering and template matching. Early work has shown that Bayesian networks, statistical analysis, and hidden Markov models can be used to extract meaning and context from complex and cluttered data streams. Application of the se techniques for disparate sensors that are not temporally or specially matched would enable NATO to detect, discern, analyze, and understand the actions of stealthy adversaries embedded in complex domains.

185. Importance: Effective implementation and utilization of these tools in conjunction with better understanding of the operational environment and adversary activities will improve performance of NATO forces across the decision-making spectrum from tactical to strategic, and cross the pre- to post-conflict timeline. Improvements in link analysis and intent inference will result in faster and more complete understanding of options leading to better decisions.

186. Future operations can be expected to require the contextual exploitation capability to handle exabytes of data at transfer rates of terabytes per second, coupled to decision timelines in seconds to minutes. As the threat base evolves, there will be a greater dependence on integrated, multiple-domain sensors with much greater dynamic range, spatial reach, sample rate, and temporal history. Mega-scale data management will apply an integrated, federated, and scalable data framework to link disparate information sources and provide robust knowledge management to permit conclusions based on contextual relationships. It will also incorporate a robust security and access in a timely manner. Advanced automated decision tools will increase the war fighter’s ability to make timely decisions with an explicit evidential basis and reduced the level of information overload often experienced in answering prioritized information requests. User-defined knowledge sharing will minimize catastrophic errors due to cognitive biases and other limitations.

187. Importance: Member nations must take a look at the private sector and emulate data management tools being explored in this area. Member nations must become more agile and responsive adapters of commercial advances in this and related fields in order to achieve the anticipated operational demands of future data management requirements.

188. Application Vulnerability Description Language (AVDL) is a security interoperability standard for creating a uniform method of describing application security vulnerabilities using XML. With the growing adoption of web-based technologies, applications have become far more dynamic, with changes taking place daily or even hourly. Consequently, enterprises must deal with a constant flood of new security patches from their application and infrastructure vendors.

189. To make matters worse, network-level security products do little to protect against vulnerabilities at the application level. To address this problem, enterprises today have deployed a host of best-of-breed security products to discover application vulnerabilities, block application-layer attacks, repair vulnerable web sites, distribute patches, and manage security events. Enterprises have come to view application security as a continuous life-cycle. Unfortunately, there is currently no standard way for the products these enterprises have implemented to communicate with each other, making the overall security management process far too manual, time-consuming, and error prone.

190. Importance: AVDL will create a uniform way of describing application security vulnerabilities. This information may be utilized by application security gateways to recommend the optimal attack prevention policy for that specific application. Remediation products could use AVDL files to suggest the best course of action for correcting problems, while reporting tools could use AVDL to correlate event logs with areas of known vulnerability.

191. Status:The AVDL 1.0 specification was approved by OASIS in May 2004.

192. The Common Alerting Protocol is a simple but general format for exchanging all-hazard emergency alerts and public warnings over all kinds of networks. CAP is a XML-based data format for exchanging public warnings and emergencies between alerting technologies. CAP allows a warning message to be consistently disseminated simultaneously over many warning systems to many applications. CAP increases warning effectiveness and simplifies the task of activating a warning for responsible officials. Individuals can receive standardized alerts from many sources and configure their applications to process and respond to the alerts as desired.

193. Importance: The Common Alerting Protocol will enhance organizations 'situational awareness' at all levels by providing a continual real-time database of all warnings, even local ones. It will extend the reach of warning messages and enhance the effectiveness of those messages by providing timely corroboration of warnings from several sources. This system will also simplify the work of alerting officials by giving them a write-it-once method for issuing warnings over multiple dissemination systems without duplicate effort.

194. Status: The 1.0 specification was approved by OASIS in, 2004. Based on experience with 1.0, the OASIS Emergency Management Technical Committee adopted an updated 1.1 specification in October 2005. At a meeting in October, 2006 the 1.1 specification was taken under consideration by the International Telecommunications for adoption as an ITU recommendation.

195. Emergency Data Exchange Language, Distribution Element (EDXL-DE), facilitates emergency information sharing and data exchange across local, regional, tribal, national, and international organizations in the public and private sectors. This standard has the ability to transmit any content, from files to technical data exchange information.

196. Importance: Same as CAP.

197. Status: 20 June 2006 - The OASIS international standards consortium approved the Emergency Data Exchange Language Distribution Element (EDXL-DE) version 1.0 as an OASIS Standard.