New Ontology anchor metaschema

[netfl0]

TLDR:

Create a new metaschema object to support anchoring OCSF concepts in ontology. The primary goal is to enable richer and deeper programmatic integration, and ontological reasoning between the OCSF and D3FEND ontology projects.

Ontology and schema development are complimentary and essential. The schema project moves fast, it captures the information needs of leading edge users, technology developers, and practitioners into a conceptual model. The ontology development compliments this by integrating these needs and concepts into a comprehensive ontological model of Digital Systems. This has many use cases, but foremost model-based systems engineering and ontological model validation.

We believe we need the expressiveness, at a minimum, of OWL2-DL Axioms to drive ontological systems model validation.

Additional goals:

• D3FEND Ontology adopts OCSF properties on D3FEND Classes, especially forthcoming Event Classes
• Drive insights from ontology modeling back into OCSF Event to Object relationships
• Align schema and knowledge base efforts to increase practitioner understanding and technical knowledge.

The integration of OCSF and D3FEND ontology, in the manner prescribed by this eventual pull request, will enable us to take real world collections of events and infer a complex systems model for analysis. There is considerable work to get to this vision, but we believe the combination of the open source D3FEND ontology and the open source OCSF are the most promising path forward.

[netfl0]

Initial cut of proposed additions. Recommend we keep existing references but add new ontology "metaschema".

ec267b9

[tsale]

@netfl0 - Following our private chat, could you please highlight the changes you want me to make on the EDR Telemetry Project to help with the integration? I'll try to work on that as soon as possible once I have that info.