The Object Management Group (omg.org) in collaboration with government, industry and academic organizations has initiated a standards activity for an operational threat and risk model (AKA Ontology) intended to federate multiple formats, technologies, sectors and use cases to enable a fusion of information in support of proactive and reactive threat/risk assessment, analytics, mitigation and information sharing. The focus of this effort is fusion of threat and risk information across physical, criminal and cyber concerns. Some of the data structures we are federating include the STIX, NIEM and EDXL standards.
As an OMG standards effort a team has formed to respond to this RFP with a specification for a proposed standard. This repository provides the foundation for the evolving specification.
Our current in-progress draft submission is HERE
The OMG Request For Proposal (RFP) is available here
The workgroup meets each week and at OMG meetings. This submission team is reaching out to industry experts to participate, particularly vendors, researchers and organizations with critical threat/risk needs. Please contact us if you are interested in joining us.
Our team artifacts are located on github, here:
** Web view of conceptual model
All information posted to this site must be unclassified and unrestricted. The site is open to all. Information derived from posted information may be utilized in the OMG specification being developed for threats and risks. Unless otherwise specified, all information posted to this site shall be deemed licensed under the Create Commons license.
This work is licensed under a Creative Commons Attribution 4.0 International License.
