[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: RE: ISO 15926 for Cybersecurity
Superb! I look forward to talking in person. Perhaps more than once. tc From: Shawn Riley <shawn.p.riley@darklight.ai> At Integrated Cyber on May 2-3 I’ll be giving a joint presentation with R9B on Modern A.I. Expert Systems for Active Defense and explaining how the expert system uses W3C OWL2 (DL) standardized knowledge representation language to create
ontologies. We have ontologies to represent enterprise assets, sensor output, ontologies to represent the layers of cyber terrain, ontologies to represent the cyber effects matrix (CEM), ontologies for cyber dictionaries like CAPEC, CWE, and CVE, ontologies
for modeling threats like STIX v2, ODNI Cyber Threat Framework, and the NSA/CSS Technical Cyber Threat Framework. We also have ontologies that are being developed by the wider cybersecurity community such as the Unified Cyber Ontology and the Cyber-investigation
Analysis Standard _expression_ (developed by the DFIR community). We also have SWRL ontologies that encode human expert experience in reasoning that can be applied to any knowledge in the knowledge base such as rules for reasoning over STIX data, rules for reasoning
over the NSA/CSS Technical Cyber Threat Framework, rules for converting sensor observations to STIX, rules for reasoning over the layers of the cyber terrain, etc.
Happy to chat more about ontologies (knowledge representation and reasoning) and how we’re using them in the cyber domain. If you’re at Integrated Cyber this week we can chat in person, otherwise we can find a time to chat online.
Best, Shawn Shawn Riley Chief Visionary Officer &
Technical Advisor to the CEO DarkLight, Inc. Email:
shawn@darklight.ai From:
openc2-lang@lists.oasis-open.org <openc2-lang@lists.oasis-open.org>
On Behalf Of Considine, Toby ISO 15926 for Cybersecurity In large industrial controls systems have worked on ontological management for some time. For example, large oil and gas systems have multi-business unit scale control systems that have interactions with each other that vary from sequencing
(interfering with an upstream process will shutdown later sates in processing) to competition for resources over time, to spatial (these things run through the same chase, so a fire in one will shut down control of the other) and many more.
These large systems have built ontological systems around the processes to manage inter-system interactions and vulnerabilities. (I’m thinking of ISO 15926). Are there similar developments in use to understand cybersecurity issues in large
processes and should this sort of issue be noted in a high level view of distributed cybersecurity? tc "A designer knows he has achieved perfection not when there is nothing left to add, but when there is nothing left to take away." -Antoine de Saint-Exupery
|
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]