Model stage

The Model stage is the pre-generation verification step. Use it to confirm your diagram state and policy behavior are correct before producing specification or outputs.

What happens in this stage

  • Rules execute against current component/connection configuration.
  • Findings, control gaps, and diagnostic traces are computed.
  • Not-assessed/unconfigured states are surfaced for remediation.

Tabs and how to use them

  • Findings

- Use for top-level alignment summary (counts and headline status).

- Good for quick health checks before deeper inspection.

  • Vulnerabilities

- Use this to prioritise introducing groups of controls

- Policy files may group controls by CVSS vulnerability characteristics

- Does not imply the control addresses the vulnerability, simply association

  • Rules

- Use to inspect rule matching behavior and expected controls.

- Check whether a rule is matched, unmatched, or skipped by conditions.

  • Diagnostics

- Use when behavior looks wrong and you need root-cause detail.

- Inspect matched entities, condition traces, and derived values.

Practical workflow

1. Resolve not-assessed states first.

2. Recheck Findings and Vulnerabilities.

3. Confirm key rule matches in Rules/Diagnostics.

4. Move to Specification only when Model state is stable.