Open rhohimer opened 2 years ago
@Vasileios-Mavroeidis I have create a subdirectory in stix-semex and added the security-playbook.owl file. You will want to review this file as there are changes (per our discussions)
Although I added the security-playbook.owl file, I have not imported it into stix-semex.owl !!! Until this is done the ontology will not be visible.
I did add the import of the security-playbook ontology into the stix-semex ontology. It is now visible. It is obvious that the subclassing of cti:Object, stix:StixObject; needs to be added. I am uncertain by subspect the intention is that SecurityPlaybook is supposed to be a subclass of stixCore:StixDomainObject as well. However, I have not had the opportunity to discuss the taxonomic hierarchy with @Vasileios-Mavroeidis yet.
My personal opinion is that it should be a subclass of CourseOfAction. This has yet to be termined.
As we discussed. A security playbook is a subclass of course of action.
SecurityPlaybook is now a subclass of CourseOfAction
The image in the above comment shows that the new objects associated with the Incident object should be handled in the same way that the SecurityPlaybook class was handled. We know it is not handled the same because of the bold font on the new objects.
A new Issue should be created specifically for the creation of the Incident extension project.
A bit more cleanup to do.
Contributors should have conventions to follow when them are submitting ontology files that extend existing concepts.
Discussions have been held that lean toward keeping semantic extensions in a directory structure under the stix-semex folder.
This proposed structure is new, and did not exist prior. Some legacy extensions will need to be modified to conform to the new conventions. Example extensions:
A new branch is being created to address the naming conventions to be used. issue-003-extensions