Homogeneous control of stateless firewalls with OpenC2

The growing complexity of modern network infrastructures and the heterogeneity of firewall and security technologies have made standardization and automation essential for effective cyber defense management. The Open Command and Control (OpenC2) standard, developed by OASIS, defines a unified language for commanding and controlling security components, enabling interoperability between heterogeneous systems through well-defined producer-consumer interactions. The Stateful Packet Filtering (SLPF) profile specifies how OpenC2 commands can be applied to network filtering systems, defining standardized actions, targets, arguments and results for managing firewalls and similar packet filtering technologies. This thesis defines a complete implementation of the OpenC2 Stateful Packet Filtering (SLPF) profile across four representative platforms: iptables, OpenStack Security Groups, Kubernetes Network Policies and Microsoft Azure Network Security Groups. Each actuator translates OpenC2 actions, such as query, allow, deny, delete and update, into the corresponding native operations, ensuring functional consistency while preserving the semantics defined by the SLPF specification. The work introduces a modular architecture that clearly separates the logic that depends on platform-specific implementations from the general OpenC2 SLPF management, allowing easier extension and integration of additional platforms in the future. The implementation is validated through comprehensive testing, including syntactic and semantic verification, functional evaluation and performance measurements. Finally, the thesis provides a critical assessment of the SLPF profile, evaluating its expressiveness and applicability across heterogeneous environments. The results confirm the feasibility of OpenC2 as a unified, interoperable and automatable control mechanism for diverse network protection systems.