A language for representing system configuration information, assessing machine state, and reporting assessment results.
Sources:
CNSSI 4009-2015
under open vulnerability assessment language (OVAL)
from
NIST SP 800-126 Rev. 2
SCAP language for specifying low-level testing procedures used by checklists.
Sources:
NIST SP 800-128