CybOX Maturity Spectrum

To help the broader community and ourselves assess the current state of CybOX, we’ve developed a three-tiered “maturity spectrum” for categorizing the major entities and their corresponding models. This is based on the following factors:

• The relative sense of community agreement/disagreement with regards to the data model and what it’s attempting to model (i.e., does it make sense? is it accurate?).
• The relative semantic completeness of the model around the entity (i.e., does it, without any doubt, completely capture the properties of the entity?).
• The relative use of the model (through serialization) in existing implementations.
• The ‘Existing Use’ data reflects the latest available cti-stats dataset as of 19 November 2015.

Metric

High (green)

• Semantic consensus: Little to no known semantic issues and/or virtually no disagreement about the data model in the community.
• Semantic completeness: No known missing fields/capabilities and/or a sense of certainty that the model is “complete”. Capable of being used effectively in ALL applicable domains.
• Existing use: Widely used in existing implementations.

Medium (yellow)

• Semantic consensus: Several minor known semantic issues, or one or two larger issues and/or some level of disagreement about the data model in the community.
• Semantic completeness: One or two known minor missing fields and/or some uncertainty around complete coverage of the entity. Capable of being used effectively in most applicable domains.
• Existing use: Some known use in existing implementations.

Low (red)

• Semantic consensus: One or more major known semantic issues and/or significant disagreement about the data model in the community.
• Semantic completeness: One or two known major missing fields/capabilities and/or major uncertainty about coverage of the entity. Generally not useful for all or most applicable domains.
• Existing use: Little to no known use in existing implementations.

Spectrum

The table below captures the current maturity spectrum as of CybOX v2.1. Note: this is a subjective rating as assigned by the CybOX SC co-chairs and development team, and is open to personal interpretation.

Each entity is assigned an individual maturity score for semantic consensus, semantic completeness, and existing use, as well as an “overall” maturity score based on the lowest of its three scores. Also, each entity links to a CybOX wiki page that describes the rationale behind the scores and discussion of the maturity score around each entity, including applications where it is being used.