The Smart Citizen Cyber Resilience Ontology (SC2RO) maps the cyber resilience landscape for individuals. It identifies cyber resources, vulnerabilities, threats, responses and harms associated with and specific to individual citizen's cyber functionings. As an example, beyond the technical threats associated with the confidentiality, integrity and availability (CIA-triad) goals, the ontology also maps socio-technical threats as well as natural threats that hamper individuals cyber functionings.
Cyber resilience is the ability to maintain positive functioning and adaptation in the context of adverse cyber incidents, which can be technical, socio-technical, natural, and manmade.
Cyber resilience has largely been framed from the perspectives of nation-states, governments, and the private sector. This framing tends to neglect the cyber resilience role of civil society stakeholders. Further, cybersecurity frameworks, as well as resilience management frameworks have focused on building the security and resilience of critical infrastructures, information systems, critical sectors, and for-profit organizations. Such a focus makes it difficult to operationalize cyber resilience into relevant instruments and modalities for engagement and participation of civil society stakeholders as active cyber resilience agents.
This ontology is part of a project that is undertaken to enhance the resilience of citizens in smart digital futures.
The SC2RO is under active development towards the first release version (v1.0)
Version 1.0 (Planned release)
- Description (rdfs:comment) and labeling (rdfs:label) of all the Classes
Version 0.1 (Current)
- Formulation of key properties in the ontology
- High-level modeling of the domain concepts: Resources (Assets), Vulnerabilities, Threats, Responses (Countermeasures), and Harms (Impacts)
- External validation and supplementation of the ontology
- Development of a RESTful API based on the ontology
- Populating the ontology with context-specific instances and relations
The SC2RO ontology can be used for several purposes including:
- To provide a common vocabulary and shared understanding of the citizens' cybersecurity domain
- To facilitate semantic interoperability, communication, and coordination between stakeholders (e.g., for incident reporting)
- To serve as a reference model and to inform operationalization of citizens' cyber resilience
- To serve as a knowledge repository for relevant ICT artifacts and tools (e.g., risk assessment tools, APIs)
- Use an RDF/OWL Ontology Editor of your choice to view the sc2ro.owl file, but we recommend Protege
- To incorporate the SC2RO ontology into software solutions, most RDF/OWL semantic web libraries should suffice. We recommend OwlReady2 for python developers and Jena for Java developers.
- To visualize the ontology we recommend using the OntoGraf plugin in Protege or WebVOWL visualizer.
To reference the SC2RO in your research and publications, please use the following citation:
Mamello Thinyane and Debora Christine. 2021. SMART Citizen Cyber Resilience (SC2R) Ontology. In 13th International Conference on Security of Information and Networks (SIN 2020). Association for Computing Machinery, New York, NY, USA, Article 14, 1–8. https://doi.org/10.1145/3433174.3433617
For more information on this ontology please visit the Smart Citizen Cyber Resilience project website.
Contact details are available from the project website.