Description
STONEWORK is an OWL 2 ontology and research framework for modeling cyber threat intelligence concepts, objects, relationships, workflows, and knowledge. It is the primary ontology in the CyberTerrain ecosystem — the ground-truth model that all other CyberTerrain work is built on.
STONEWORK defines classes for security controls, weaknesses, products, tactics, techniques, procedures, threat scenarios, risk, likelihood, and impact, and establishes a semantic interoperability layer that aligns with established CTI framework ontologies — including STIX (via STONES), ATT&CK, CAPEC, CWE, CVE, and CPE — treating each as an authoritative reference vocabulary rather than a base to extend.
Documentation
Full ontology documentation including class hierarchy, object properties, and datatype properties is available as a browsable specification.
Ontology Metadata
| IRI | https://cyberterrain.org/ns/stonework# |
| Version IRI | https://cyberterrain.org/ns/stonework/0.4.0 |
| Version | 0.4.0 |
| Creator | Hohimer Intelligence Strategies LLC |
| License | MIT License |
| Aligns with | STONES (STIX), ATT&CK, CAPEC, CWE, CVE, CPE |
Downloads
Usage
Reference the ontology in your Turtle files:
@prefix stonework: <https://cyberterrain.org/ns/stonework#> .
Or import it in OWL:
owl:imports <https://cyberterrain.org/ns/stonework#> .
Related Framework Ontologies
STONEWORK does not import these ontologies — it aligns with them as independently maintained reference vocabularies, in the same way CVE, CWE, and CAPEC function as framework ontologies in their own right.
| STONES | https://cyberterrain.org/ns/stones# |