rhohimer
commented
1 month ago @peternowee I'm so sorry for this epic failure. The intension of the underscore at the start of the _Organizational-gain-amov is as a visual clue that it is and instance (owl:NamedIndividual). This is an instance of rdf:type stix:AttackMotivationOv
You have highlighted an error in the current ontology. In the STIX 2.1 Specification, the property of primary_motivation is to be of type string. In the stix ontology (stix.owl), the primary_motivation SHOULD BE an Object Property, not a Data Type Property.
It is my opinion that instances (owl:NamedIndividual) should have as a datatype property their STIX 2.1 Specification string value. Allowing the triple: stix:_Organizational-gain-amov stix:has-specification-string "organizational-gain"^^xsd:string
If you are still interested, and looking at this, I am available to discuss further. In the meantime, I will correct the error in the current ontology. If I can, I will implement a use case to illustrate the use of the vocabularies.
Hi,
More a support question, but perhaps a feature request:
I am looking for an IRI to use instead of a string when referring to STIX vocabulary values.
For example, if I want to refer to the value
organizational-gainfrom the Attack Motivation Vocabularyattack-motivation-ovas defined instix/vocabularies/vocabularies.owl:Now if I have this example triple...
Can I replace that last line with the following?
The underscore at the start (
_Organizational-gain-amov) gives the impression that it is for internal use only. I know it is used "internally" in the SWRL rules in threat-actor.owl and intrusion-set.owl, but can I refer to that IRI directly "externally" as well?If not, is some other IRI for vocabulary values foreseen, or am I completely misunderstanding? Hope to hear your thoughts. Thanks!