Centro Nazionale della Ricerca (CNR) has prepared a whitepaper entitled ‘The MEDINA Controlled Natural Language’.
This whitepaper provides an overview of the MEDINA Controlled Natural Language, which has been designed in the framework of the EU MEDINA project. This document highlights its pivotal role as a dedicated language designed to express requirements from schemes like the European Union Cloud Security Certification Scheme (EUCS) in a formal, machine-readable manner, to automate automatic compliance assessment for cybersecurity certification schemes.
The report initially introduces the motivations behind creating the Medina CNL to bridge the gap between natural language controls and automated compliance assessment. Then, it presents the structure and functionality of the Medina CNL, emphasizing its significance within the cloud service certification context. Furthermore, the benefits of using Medina CNL include enhanced automation, improved accuracy in compliance checks, and streamlined certification processes. The drawbacks of the presented approach are primarily related to the learning curve for users transitioning to CNL-based compliance assessments and potential limitations in expressing highly complex requirements.
In summary, the MEDINA CNL serves as a critical tool for automating the assessment of compliance with security certification schemes in cloud services. It bridges the gap between human-readable security requirements and machine-processing, enhancing the trust and security of cloud environments.
See whitepaper: Download