diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml new file mode 100644 index 0000000..b658a73 --- /dev/null +++ b/.github/workflows/ci.yml @@ -0,0 +1,33 @@ +# This software was developed at the National Institute of Standards +# and Technology by employees of the Federal Government in the course +# of their official duties. Pursuant to title 17 Section 105 of the +# United States Code this software is not subject to copyright +# protection and is in the public domain. NIST assumes no +# responsibility whatsoever for its use by other parties, and makes +# no guarantees, expressed or implied, about its quality, +# reliability, or any other characteristic. +# +# We would appreciate acknowledgement if the software is used. + +# This workflow uses Make to confirm ontology files have been +# normalized according to the procedures in NORMALIZE.md. + +name: Continuous Integration + +on: + push: + branches: [ master, develop ] + pull_request: + branches: [ master, develop ] + +jobs: + build: + + runs-on: ubuntu-latest + + steps: + - uses: actions/checkout@v2 + - name: Start from clean state + run: make clean + - name: Run tests + run: make check diff --git a/.gitignore b/.gitignore index a6c6bd7..37fbcfd 100644 --- a/.gitignore +++ b/.gitignore @@ -1,10 +1,13 @@ *.pyc *.pyo +# Unit testing files +.lib.done.log +.*.ttl # Pycharm files .idea # Protege files catalog-v001.xml -.project \ No newline at end of file +.project diff --git a/ChangeLog b/ChangeLog index e90ef07..5f83c16 100644 --- a/ChangeLog +++ b/ChangeLog @@ -1,28 +1,56 @@ +2021-03-18 + * ONT-362: Release CASE 0.3.0, with release notes at https://caseontology.org/releases/0.3.0/ + +2021-03-18 + * (22b313d) ONT-413, CP-25: Defined and used prefixes for imported concepts (new feature) + * CP-25: https://drive.google.com/file/d/1HUeY8AHxsnukP0sFOvsPQZRuyNbqcf6n/view + +2021-03-17 + * (f754fd4) ONT-379, CP-18: Updated and improve Investigation namespace class definition comments for clarity and consistency (new feature) + * CP-18: https://drive.google.com/file/d/1AmVX6x2ZORr2-h2OIXug2PiptYaHcvuh/view + +2021-03-16 + * (a8209d7) ONT-363, CP-15: Removed intermediate role classes (breaking change) + * CP-15: https://drive.google.com/file/d/1PLcPA3TSDqt7wX84SYlezC1thK_Sznrc/view + * (b515a81) ONT-251, CP-16: Established unit tests and Continuous Integration for ontology repository (new feature) + * CP-16: https://drive.google.com/file/d/1622v5k7fXo2fjDs_EzfhbTyvWIjDBZv-/view + 2020-08-19 * ONT-293: Release CASE 0.2.0, with release notes at https://caseontology.org/releases/0.2.0/ 2020-08-13 - * (19b698a) ONT-314: Removed documentation generated for CASE 0.1.0 (breaking change) - * (1d9b468) ONT-140: Linked Style Guidance as development practice (new feature) - * (965f5e4) ONT-231: Resolved naming inconsistency and associated equivalent class complexity (breaking change) + * (19b698a) ONT-314, CP-12: Removed documentation generated for CASE 0.1.0 (breaking change) + * CP-12: https://drive.google.com/file/d/1LE2P12w66TjIFVah567gyKbYWYkZziP5/view + * (1d9b468) ONT-140, CP-6: Linked Style Guidance as development practice (new feature) + * CP-6: https://drive.google.com/file/d/1jlCFCuL4BDojJOsIzR8asJjf-lAp8uLd/view + * (965f5e4) ONT-231, CP-10: Resolved naming inconsistency and associated equivalent class complexity (breaking change) + * CP-10: https://drive.google.com/file/d/1lut9Km0rYp2Iaftz7m0f4u50R4YD60F6/view 2020-08-12 - * (12a081a) ONT-318: Updated ontology README to reflect website and Jira (bugfix) - * (cd8b27f) ONT-281: Moved investigation.ttl and related vocabulary into CASE from UCO (new feature) - * (fe7f069) ONT-288: ChangeLog format selected (new feature) + * (12a081a) ONT-318, CP-13: Updated ontology README to reflect website and Jira (bugfix) + * CP-13: https://drive.google.com/file/d/1fJoDjMjfbaXw0BWKKZ_9mK-gZzoJpgFS/view + * (cd8b27f) ONT-281, CP-9: Moved investigation.ttl and related vocabulary into CASE from UCO (new feature) + * CP-9: https://drive.google.com/file/d/1TNL7NtkSy4Veo1eObJGCmMGvmmxqeCJB/view + * (fe7f069) ONT-288, CP-11: ChangeLog format selected (new feature) + * CP-11: https://drive.google.com/file/d/1zWjQ_uhhVxEjkqS2mrcabT4tNh8s0JQx/view 2020-07-29 - * (07e6c12) ONT-144: Moved examples directory to own repository, CASE-Examples (new feature, breaking change) + * (07e6c12) ONT-144, CP-7: Moved examples directory to own repository, CASE-Examples (new feature, breaking change) + * CP-7: https://drive.google.com/file/d/1DiLxBTQYt0FQSdjn3mX6RabhqK9QbiDo/view 2020-06-16 - * (2fed9a5) ONT-5: Established ontology normalization procedure (new feature) + * (2fed9a5) ONT-5, CP-3: Established ontology normalization procedure (new feature) + * CP-3: https://caseontology.org/resources/references/CASE%20Change%20Proposal%203.zip 2020-04-01 - * (5c2a19b) ONT-201: Renamed "propertyBundle" to "hasPropertyBundle", per CASE Style Guide + * (5c2a19b) ONT-201, CP-8: Renamed "propertyBundle" to "hasPropertyBundle", per CASE Style Guide + * CP-8: https://caseontology.org/resources/references/CASE%20Change%20Proposal%208.zip 2019-08-06 - * (ca5ca15) ONT-51: Separated CASE ontology files by namespace (breaking change) + * (ca5ca15) ONT-51, CP-4: Separated CASE ontology files by namespace (breaking change) 2019-07-13 - * (93b40ac) ONT-51: Removed prototype contents of case.ttl file (breaking change) - * (93b40ac) ONT-53: Changed namespace to caseontology.org (new feature, breaking change) + * (93b40ac) ONT-51, CP-4: Removed prototype contents of case.ttl file (breaking change) + * CP-4: https://drive.google.com/file/d/1CE9sfrc-czegRX15Q5xeqaffAfAH06ov/view + * (93b40ac) ONT-53, CP-2: Changed namespace to caseontology.org (new feature, breaking change) + * CP-2: https://drive.google.com/file/d/1_J3994JiPA5PMIHfno9x-NeXKaHFVCrJ/view diff --git a/Makefile b/Makefile new file mode 100644 index 0000000..4cfd093 --- /dev/null +++ b/Makefile @@ -0,0 +1,31 @@ +#!/usr/bin/make -f + +# This software was developed at the National Institute of Standards +# and Technology by employees of the Federal Government in the course +# of their official duties. Pursuant to title 17 Section 105 of the +# United States Code this software is not subject to copyright +# protection and is in the public domain. NIST assumes no +# responsibility whatsoever for its use by other parties, and makes +# no guarantees, expressed or implied, about its quality, +# reliability, or any other characteristic. +# +# We would appreciate acknowledgement if the software is used. + +all: + +.lib.done.log: + $(MAKE) \ + --directory lib + touch $@ + +check: \ + .lib.done.log + $(MAKE) \ + --directory ontology \ + check + +clean: + @rm -f .lib.done.log + @$(MAKE) \ + --directory ontology \ + clean diff --git a/lib/.gitignore b/lib/.gitignore new file mode 100644 index 0000000..d392f0e --- /dev/null +++ b/lib/.gitignore @@ -0,0 +1 @@ +*.jar diff --git a/lib/Makefile b/lib/Makefile new file mode 100644 index 0000000..b65d1ff --- /dev/null +++ b/lib/Makefile @@ -0,0 +1,46 @@ +#!/usr/bin/make -f + +# This software was developed at the National Institute of Standards +# and Technology by employees of the Federal Government in the course +# of their official duties. Pursuant to title 17 Section 105 of the +# United States Code this software is not subject to copyright +# protection and is in the public domain. NIST assumes no +# responsibility whatsoever for its use by other parties, and makes +# no guarantees, expressed or implied, about its quality, +# reliability, or any other characteristic. +# +# We would appreciate acknowledgement if the software is used. + +SHELL := /bin/bash + +all: \ + rdf-toolkit.jar + +# Downloading rdf-toolkit was previously done following the directions +# at: +# https://github.com/edmcouncil/rdf-toolkit +# However, on the file becoming temporarily unavailable, CASE has placed +# a verified copy at a custom location, as a fallback for an alternative +# retrieval from an EDM Council member's repository. +# The checksum of the original file from EDM Council's build server is +# confirmed before moving file into position. (This practice will +# probably require frequent updates, unless a signed checksum for the +# jar can be retrieved somehow.) +# In case there are concerns on potentially multiple writes to the same +# file, the documentation for wget's "--output-document file" flag notes +# that "... file will be truncated immediately, and all downloaded +# content will be written there." +rdf-toolkit.jar: + test -r rdf-toolkit.jar.sha512 + # Try retrieval from Github, then from files.caseontology.org. + wget \ + --output-document $@_ \ + https://github.com/trypuz/openfibo/blob/1f9ab415e8ebd131eadcc9b0fc46241adeeb0384/etc/serialization/rdf-toolkit.jar?raw=true \ + || wget \ + --output-document $@_ \ + http://files.caseontology.org/rdf-toolkit.jar + test \ + "x$$(openssl dgst -sha512 $@_ | awk '{print($$NF)}')" \ + == \ + "x$$(head -n1 rdf-toolkit.jar.sha512)" + mv $@_ $@ diff --git a/lib/rdf-toolkit.jar.sha512 b/lib/rdf-toolkit.jar.sha512 new file mode 100644 index 0000000..4c4f5e0 --- /dev/null +++ b/lib/rdf-toolkit.jar.sha512 @@ -0,0 +1 @@ +24890b4aa484a46803841fbe5938daf60bf2d0889c0e231102c033d71cb84a2bfa8b44419df3ad896d833609afddd4b3910d2ce28660b3350cca22bea0770dad diff --git a/ontology/Makefile b/ontology/Makefile new file mode 100644 index 0000000..dfca17c --- /dev/null +++ b/ontology/Makefile @@ -0,0 +1,67 @@ +#!/usr/bin/make -f + +# This software was developed at the National Institute of Standards +# and Technology by employees of the Federal Government in the course +# of their official duties. Pursuant to title 17 Section 105 of the +# United States Code this software is not subject to copyright +# protection and is in the public domain. NIST assumes no +# responsibility whatsoever for its use by other parties, and makes +# no guarantees, expressed or implied, about its quality, +# reliability, or any other characteristic. +# +# We would appreciate acknowledgement if the software is used. + +all: + +top_srcdir := .. + +.PHONY: \ + check-investigation \ + check-master \ + check-vocabulary \ + clean-investigation \ + clean-master \ + clean-vocabulary + +check: \ + check-master \ + check-investigation \ + check-vocabulary + +check-investigation: \ + $(top_srcdir)/.lib.done.log + $(MAKE) \ + --directory investigation \ + check + +check-master: \ + $(top_srcdir)/.lib.done.log + $(MAKE) \ + --directory master \ + check + +check-vocabulary: \ + $(top_srcdir)/.lib.done.log + $(MAKE) \ + --directory vocabulary \ + check + +clean: \ + clean-investigation \ + clean-master \ + clean-vocabulary + +clean-investigation: + @$(MAKE) \ + --directory investigation \ + clean + +clean-master: + @$(MAKE) \ + --directory master \ + clean + +clean-vocabulary: + @$(MAKE) \ + --directory vocabulary \ + clean diff --git a/ontology/investigation/Makefile b/ontology/investigation/Makefile new file mode 100644 index 0000000..3500669 --- /dev/null +++ b/ontology/investigation/Makefile @@ -0,0 +1,51 @@ +#!/usr/bin/make -f + +# This software was developed at the National Institute of Standards +# and Technology by employees of the Federal Government in the course +# of their official duties. Pursuant to title 17 Section 105 of the +# United States Code this software is not subject to copyright +# protection and is in the public domain. NIST assumes no +# responsibility whatsoever for its use by other parties, and makes +# no guarantees, expressed or implied, about its quality, +# reliability, or any other characteristic. +# +# We would appreciate acknowledgement if the software is used. + +top_srcdir := ../.. + +all: + +.check-investigation.ttl: \ + $(top_srcdir)/.lib.done.log \ + investigation.ttl + java -jar $(top_srcdir)/lib/rdf-toolkit.jar \ + --infer-base-iri \ + --inline-blank-nodes \ + --source investigation.ttl \ + --source-format turtle \ + --target _$@ \ + --target-format turtle + mv _$@ $@ + +.check-investigation-da.ttl: \ + $(top_srcdir)/.lib.done.log \ + investigation-da.ttl + java -jar $(top_srcdir)/lib/rdf-toolkit.jar \ + --infer-base-iri \ + --inline-blank-nodes \ + --source investigation-da.ttl \ + --source-format turtle \ + --target _$@ \ + --target-format turtle + mv _$@ $@ + +check: \ + .check-investigation.ttl \ + .check-investigation-da.ttl + diff investigation.ttl .check-investigation.ttl + diff investigation-da.ttl .check-investigation-da.ttl + +clean: + @rm -f \ + .check-*.ttl \ + _* diff --git a/ontology/investigation/investigation.ttl b/ontology/investigation/investigation.ttl index f11f975..b0d17b8 100644 --- a/ontology/investigation/investigation.ttl +++ b/ontology/investigation/investigation.ttl @@ -10,6 +10,10 @@ @prefix owl: . @prefix rdf: . @prefix rdfs: . +@prefix uco-action: . +@prefix uco-core: . +@prefix uco-role: . +@prefix vocabulary: . @prefix xsd: . @@ -27,15 +31,15 @@ investigation:Attorney a owl:Class ; - rdfs:subClassOf ; + rdfs:subClassOf uco-role:Role ; rdfs:label "Attorney"@en ; - rdfs:comment ""@en ; + rdfs:comment "Attorney is a role involved in preparing, interpreting, and applying law."@en ; . investigation:Authorization a owl:Class ; rdfs:subClassOf - , + uco-core:UcoObject , [ a owl:Restriction ; owl:onProperty investigation:authorizationType ; @@ -43,13 +47,13 @@ investigation:Authorization ] , [ a owl:Restriction ; - owl:onProperty ; + owl:onProperty uco-core:endTime ; owl:maxQualifiedCardinality "1"^^xsd:nonNegativeInteger ; owl:onDataRange xsd:dateTime ; ] , [ a owl:Restriction ; - owl:onProperty ; + owl:onProperty uco-core:startTime ; owl:maxQualifiedCardinality "1"^^xsd:nonNegativeInteger ; owl:onDataRange xsd:dateTime ; ] , @@ -61,27 +65,27 @@ investigation:Authorization ] ; rdfs:label "Authorization"@en ; - rdfs:comment "Identifies some form of authorization for investigatory action."@en ; + rdfs:comment "An authorization is a grouping of characteristics unique to some form of authoritative permission identified for investigative action."@en ; . investigation:Examiner a owl:Class ; - rdfs:subClassOf ; + rdfs:subClassOf uco-role:Role ; rdfs:label "Examiner"@en ; - rdfs:comment ""@en ; + rdfs:comment "Examiner is a role involved in providing scientific evaluations of evidence that are used to aid law enforcement investigations and court cases."@en ; . investigation:ExaminerActionLifecylce a owl:Class ; - rdfs:subClassOf ; + rdfs:subClassOf uco-action:ActionLifecycle ; rdfs:label "ExaminerActionLifecylce"@en ; - rdfs:comment ""@en ; + rdfs:comment "An examiner action life cycle is an action pattern consisting of an ordered set of actions or subordinate action-lifecycles performed by an entity acting in a role involved in providing scientific evaluations of evidence that is used to aid law enforcement investigations and court cases."@en ; . investigation:Investigation a owl:Class ; rdfs:subClassOf - , + uco-core:ContextualCompilation , [ a owl:Restriction ; owl:onProperty investigation:investigationForm ; @@ -94,37 +98,37 @@ investigation:Investigation ] , [ a owl:Restriction ; - owl:onProperty ; + owl:onProperty uco-core:endTime ; owl:maxCardinality "1"^^xsd:nonNegativeInteger ; ] , [ a owl:Restriction ; - owl:onProperty ; + owl:onProperty uco-core:startTime ; owl:maxCardinality "1"^^xsd:nonNegativeInteger ; ] ; rdfs:label "Investigation"@en ; - rdfs:comment "An exploration of the facts involved in a cyber-relevant set of suspicious activity."@en ; + rdfs:comment "An investigation is a grouping of characteristics unique to an exploration of the facts involved in a cyber-relevant set of suspicious activity."@en ; . investigation:InvestigativeAction a owl:Class ; - rdfs:subClassOf ; + rdfs:subClassOf uco-action:Action ; rdfs:label "InvestigativeAction"@en ; - rdfs:comment "An examination action taken as part of a cyber investigation."@en ; + rdfs:comment "An investigative action is something that may be done or performed within the context of an investigation, typically to examine or analyze evidence or other data."@en ; . investigation:Investigator a owl:Class ; - rdfs:subClassOf ; + rdfs:subClassOf uco-role:Role ; rdfs:label "Investigator"@en ; - rdfs:comment ""@en ; + rdfs:comment "Investigator is a role involved in coordinating an investigation."@en ; . investigation:ProvenanceRecord a owl:Class ; rdfs:subClassOf - , + uco-core:ContextualCompilation , [ a owl:Restriction ; owl:onProperty investigation:exhibitNumber ; @@ -133,28 +137,28 @@ investigation:ProvenanceRecord ] ; rdfs:label "ProvenanceRecord"@en ; - rdfs:comment "A provenantial connection between a forensic action and a set of observations (items and/or actions) or interpretations that result from it."@en ; + rdfs:comment "A provenance record is a grouping of characteristics unique to the provenantial (chronology of the ownership, custody or location) connection between an investigative action and a set of observations (items and/or actions) or interpretations that result from it."@en ; . investigation:Subject a owl:Class ; - rdfs:subClassOf ; + rdfs:subClassOf uco-role:Role ; rdfs:label "Subject"@en ; - rdfs:comment ""@en ; + rdfs:comment "Subject is a role whose conduct is within the scope of an investigation."@en ; . investigation:SubjectActionLifecycle a owl:Class ; - rdfs:subClassOf ; + rdfs:subClassOf uco-action:ActionLifecycle ; rdfs:label "SubjectActionLifecycle"@en ; - rdfs:comment ""@en ; + rdfs:comment "A subject action life cycle is an action pattern consisting of an ordered set of multiple actions or subordinate action-lifecycles performed by an entity acting in a role whose conduct may be within the scope of an investigation."@en ; . investigation:VictimActionLifecycle a owl:Class ; - rdfs:subClassOf ; + rdfs:subClassOf uco-action:ActionLifecycle ; rdfs:label "VictimActionLifecycle"@en ; - rdfs:comment ""@en ; + rdfs:comment "A victim action life cycle is an action pattern consisting of an ordered set of multiple actions or subordinate action-lifecycles performed by an entity acting in a role characterized by its potential to be harmed as a result of a crime, accident, or other event or action."@en ; . investigation:authorizationIdentifier @@ -189,7 +193,7 @@ investigation:investigationForm a owl:DatatypeProperty ; rdfs:label "investigationForm"@en ; rdfs:comment "A label categorizing a type of investigation (case, incident, suspicious-activity, etc.)"@en ; - rdfs:range ; + rdfs:range vocabulary:InvestigationFormVocab ; . investigation:investigationStatus diff --git a/ontology/master/Makefile b/ontology/master/Makefile new file mode 100644 index 0000000..40f2c8f --- /dev/null +++ b/ontology/master/Makefile @@ -0,0 +1,37 @@ +#!/usr/bin/make -f + +# This software was developed at the National Institute of Standards +# and Technology by employees of the Federal Government in the course +# of their official duties. Pursuant to title 17 Section 105 of the +# United States Code this software is not subject to copyright +# protection and is in the public domain. NIST assumes no +# responsibility whatsoever for its use by other parties, and makes +# no guarantees, expressed or implied, about its quality, +# reliability, or any other characteristic. +# +# We would appreciate acknowledgement if the software is used. + +top_srcdir := ../.. + +all: + +.check-case.ttl: \ + $(top_srcdir)/.lib.done.log \ + case.ttl + java -jar $(top_srcdir)/lib/rdf-toolkit.jar \ + --infer-base-iri \ + --inline-blank-nodes \ + --source case.ttl \ + --source-format turtle \ + --target _$@ \ + --target-format turtle + mv _$@ $@ + +check: \ + .check-case.ttl + diff case.ttl .check-case.ttl + +clean: + @rm -f \ + .check-*.ttl \ + _* diff --git a/ontology/master/case.ttl b/ontology/master/case.ttl index f54330d..e758fbc 100644 --- a/ontology/master/case.ttl +++ b/ontology/master/case.ttl @@ -26,6 +26,6 @@ owl:incompatibleWith ; owl:ontologyIRI ; owl:priorVersion ; - owl:versionInfo "0.2.0" ; + owl:versionInfo "0.3.0" ; . diff --git a/ontology/vocabulary/Makefile b/ontology/vocabulary/Makefile new file mode 100644 index 0000000..2d4bdcb --- /dev/null +++ b/ontology/vocabulary/Makefile @@ -0,0 +1,37 @@ +#!/usr/bin/make -f + +# This software was developed at the National Institute of Standards +# and Technology by employees of the Federal Government in the course +# of their official duties. Pursuant to title 17 Section 105 of the +# United States Code this software is not subject to copyright +# protection and is in the public domain. NIST assumes no +# responsibility whatsoever for its use by other parties, and makes +# no guarantees, expressed or implied, about its quality, +# reliability, or any other characteristic. +# +# We would appreciate acknowledgement if the software is used. + +top_srcdir := ../.. + +all: + +.check-vocabulary.ttl: \ + $(top_srcdir)/.lib.done.log \ + vocabulary.ttl + java -jar $(top_srcdir)/lib/rdf-toolkit.jar \ + --infer-base-iri \ + --inline-blank-nodes \ + --source vocabulary.ttl \ + --source-format turtle \ + --target _$@ \ + --target-format turtle + mv _$@ $@ + +check: \ + .check-vocabulary.ttl + diff vocabulary.ttl .check-vocabulary.ttl + +clean: + @rm -f \ + .check-*.ttl \ + _*