An Ontological Analysis and Redesign of the D3FEND Cybersecurity Model

D3FEND is an OWL knowledge graph of cybersecurity countermeasures proposed by a group at the MITRE Corporation. Based on the Reference Ontology for Security Enginnering (ROSE), we provide an ontological analysis and redesign of the D3FEND cybersecurity model. This repository includes all files related to this study.

PURL for this repository: https://purl.org/d3fend-analysis

Acknowledgement: This work was done in collaboration with Accenture Labs, Israel.

Project Structure

• /original-d3fend contains the original versions of D3FEND that are the objects of our study.
• /d3fend-issues contains files that show some of the D3FEND's ontological issues discovered by our analysis.
• /ontouml-d3fend should, in the future, contain files related to the redesigned conceptual model of D3FEND based on ROSE, represented in OntoUML language.
• /new-owl-d3fend should, in the future, contain files related to the gUFO-based implementation of the redesigned conceptual model of D3FEND.

Reusing .vpp files

• To open and edit .vpp files, use Visual Paradigm
• To open and edit .ttl or .owl files, use Protégé

Built With

• Visual Paradigm - a UML CASE tool that offers a free community edition version
• The OntoUML Plugin for Visual Paradigm
• Protégé ontology editor

Slide Presentation

• Click here.

Authors

• Ítalo Oliveira - Free University of Bozen-Bolzano, Bolzano, Italy
• Pedro Paulo F. Barcelos - Free University of Bozen-Bolzano, Bolzano, Italy
• Gal Engelberg - Accenture Israel Cyber R&D Lab, Tel Aviv, Israel
• Tiago Prince Sales - Semantics, Cybersecurity & Services (SCS), University of Twente, Enschede, The Netherlands
• Mattia Fumagalli - Free University of Bozen-Bolzano, Bolzano, Italy
• Riccardo Baratella - Free University of Bozen-Bolzano, Bolzano, Italy
• Dan Klein - Accenture Israel Cyber R&D Lab, Tel Aviv, Israel
• Giancarlo Guizzardi - Semantics, Cybersecurity & Services (SCS), University of Twente, Enschede, The Netherlands

Publications

• Oliveira, Í., Engelberg, G., Barcelos, P.P.F., Sales, T.P., Fumagalli, M., Baratella, R., Klein, D. and Guizzardi, G., 2023. Boosting D3FEND: Ontological analysis and recommendations. In Formal Ontology in Information Systems (pp. 334-348). IOS Press. https://doi.org/10.3233/FAIA231138
• Oliveira, Í., Sales, T.P., Baratella, R., Fumagalli, M., Guizzardi, G. (2022). An Ontology of Security from a Risk Treatment Perspective. In: Ralyté, J., Chakravarthy, S., Mohania, M., Jeusfeld, M.A., Karlapalem, K. (eds) Conceptual Modeling. ER 2022. Lecture Notes in Computer Science, vol 13607. Springer, Cham. https://doi.org/10.1007/978-3-031-17995-2_26

Errata

For questions, commentaries, or reporting mistakes, feel free to use Issues.

• Nothing yet.