What’s New:
ModelOp Center v3.3.2 is a minor released focused on the following:
Configurable Approval Tasks — added ability to create ModelOp-managed approvals with configurable titles, resolutions, and comment tracking
Risk / Control Mapping — added support for automated risk and control mapping based on a list of inputs
Documentation Controls — added automated checks for specific documentation to satisfy a control
Release Details:
Full List of Enhancements:
Inventory & Reporting:
ModelOp-Managed Approvals: added support in the ModelOp UI to create ModelOp-managed approvals of different types. Each type has configurable titles and resolution states.
Comments Tracking: added UI support for comment tracking across users on the new ModelOp-Managed approvals
Automated Risk Mapping:
Risk / Control Mapping: added support for automated risk and control mapping based on a set of list of criteria. This criteria is configurable by the Customer and can take into account any Use Case metadata to appropriately map the given set of risks and corresponding controls.
Delegate: added a delegate that inputs a DMN (of controls) and creates Risk Notifications for all matching rules within that DMN
File/Documentation Controls: added automated checks for specific files/documentation to satisfy a control
External Task: added an external task that would automatically check for the presence of a File and close the related ModelApprovalNotification that expects the file
Governance Score:
Custom Form Data: updated the Governance Score calculations to support more than 50 custom fields in a given form
Assets by Regex: added capability to evaluate Assets by Regex (e.g. evaluated by Regex on the filename). Previously, an asset was evaluated only by Asset_Role (e.g. Design_Documentation)
Example: if the control is to ensure that a file of name “AI_monitoring_plan.docx” is uploaded, the Governance Score can be configured to find an asset by Regex on the file name.
This feature can be found in the Scores Admin page, under the Assets section:
Custom Forms:
Field Structure: updated the structure for how each field in a custom form is stored for a given Use Case or Implementation. The new format includes a NEW “formFieldId” for each field in a custom form such that a field can more easily be referenced in MLC’s and DMN’s
For any Use Case or Implementation that contains a custom form, the New Structure will be as follows:
{ "mocApplicationFormId": "7fef4718-a19e-4db0-b7b4-d4bdb0c7394b", "overview": { "1": { "question": "Division", "answer": "Finance" }, "2": { "question": "Purpose", "answer": "Probability of default predictor" }, "3": { "question": "Limitations", "answer": "Prime lending only" }, "name": "Overview" }, "accountability": { "1": { "question": "Business Owner/Sponsor", "answer": "Jane Doe" }, "2": { "question": "Governance Officer", "answer": "Jim Dean" }, "3": { "question": "Model Owner", "answer": "Jon B Goode" } "name": "Accountability" }
Referencing Custom Fields in a DMN’s: using this new structure allows for easier reference of the custom fields within a DMN:
Example: in the above example, the “Division” field can be referenced by a DMN with the following in this new structure:
modelMetaData.custom(overview)(1)(answer)
ModelOp Runtime:
Jobs with No Results: update the handling of Jobs that return no data.
Details: For Jobs (eg metrics jobs), if the runtime successfully establishes a connection to the Input Asset and the query / params are valid , but the input asset returns no data, then the runtime will now (1) return an empty data frame (2) log that “No results were returned for the specified input asset for the job”
ODBC Encoding Issues: updated the handling of ODBC sources where the odbc code can’t encode the data and gives back an error. Previously, it would crash the runtime. Now, the runtime handles it gracefully and
(1) skips the record (2) identifies which record it skipped (3) lets the job complete (4) logs how many records were (a) successfully processed (b) skipped (c) total recordsThere are two new sccs properties to support this feature:
modelop.runtime.odbc-allowed-skipped-count (defaults to 100)
modelop.runtime.odbc-error-job-on-skip (defaults to false)
When error-job is set to true, and the number of skipped rows exceeds the value set by allowed-skipped-count (so if its set to 100, 101 rows must be skipped), the job won’t start and will instead error on input with
2025-01-06 20:06:01.733 [error] Too many records failed to decode while modelop.runtime.odbc-error-job-on-skip was enabled, reporting error...2025-01-06 20:06:01.733 [info] Shutting down current batch early because of an error on input
Security:
Import Utility:
Bug Fixes:
Security:
Addressed an issue where an incomplete RWX entry was being created for the ALL group when default-groups configuration is enabled
PowerBI:
Addressed an issue where the ModelOp PowerBI Connector would fail if there was invalid/broken JSON
UI:
Notification Details: addressed an issue with word wrap in the Risk details section of a Model Risk notification
Snapshot: updated the Snapshot page to hide the “Edit Snapshot” button for users that have READ-ONLY access permission for that snapshot
Assets: updated the Assets page to hide the “Edit Assets” button for users that have READ-ONLY permission for that item
Runtime:
Addressed an issue where the Runtime would partially reset if the ModelOp Registry service went down. Now, the existing deployments on a Runtime will continue to operate unaffected if the Registry Service goes down.
Security Fixes/Patches:
NOTE: many of the below are NOT related to ModelOp software, but rather related to dependencies
Addressed CVE-2023-34036 - Reactive web applications that use Spring HATEOAS to produce hypermedia-based responses might be exposed to malicious forwarded headers.
Issue Link: https://spring.io/security/cve-2023-34036
Addressed CVE-2023-4759 - a symbolic link present in a specially crafted git repository can be used to write a file to locations outside the working tree