Merge pull request #175 from casework/release-1.4.0

Release 1.4.0

Author: plbt5

.github/workflows/ci.yml

@@ -1,11 +1,14 @@
+# Portions of this file contributed by NIST are governed by the
+# following statement:
+#
 # This software was developed at the National Institute of Standards
 # and Technology by employees of the Federal Government in the course
-# of their official duties. Pursuant to title 17 Section 105 of the
-# United States Code this software is not subject to copyright
-# protection and is in the public domain. NIST assumes no
-# responsibility whatsoever for its use by other parties, and makes
-# no guarantees, expressed or implied, about its quality,
-# reliability, or any other characteristic.
+# of their official duties. Pursuant to Title 17 Section 105 of the
+# United States Code, this software is not subject to copyright
+# protection within the United States. NIST assumes no responsibility
+# whatsoever for its use by other parties, and makes no guarantees,
+# expressed or implied, about its quality, reliability, or any other
+# characteristic.
 #
 # We would appreciate acknowledgement if the software is used.
 
@@ -26,8 +29,8 @@ jobs:
     runs-on: ubuntu-latest
 
     steps:
-    - uses: actions/checkout@v2
-    - uses: actions/setup-java@v3
+    - uses: actions/checkout@v4
+    - uses: actions/setup-java@v4
       with:
         distribution: 'temurin'
         java-version: '11'

ChangeLog

@@ -1,3 +1,48 @@
+2025-03-18
+	* (7ecdaf4) UCO Issue 629: Revise vocabulary pattern
+
+2025-02-13
+	* (256b474) UCO Issue 640: Add `core:informalType` and link as parent of type-describing properties
+
+2024-12-19
+	* (a0a62e9) Issue 167: Adjust top Makefile dependency ordering in submodule initialization
+
+2024-11-23
+	* (b5720af) UCO Issue 624: Add cpeid to DeviceFacet
+
+2024-11-08
+	* (96d45fb) UCO Issue 632: Prepare OperatingSystem to become a subclass of Software
+	* (f759e47) Pull Request 164: Update NIST licensing text 
+	* (2eb3991) UCO Pull Request 642: Update NIST licensing text 
+
+2024-11-07
+	* (820d63d) UCO Pull Request 639: Bump GitHub Action versions
+	* (cc5535e) UCO Pull Request 638: Refresh validation files to reflect validation tool template updates
+
+2024-10-18
+	* (557269c) UCO Issue 593: Remove owl:onDatatype from vocabulary definitions
+
+2024-10-16
+	* (8a353f8) UCO Issue 612: Warn if a `Disk` instance is not also a `StorageMedium`
+
+2024-09-11
+	* (8ba5929) UCO Issue 549: Add `core:objectStatus`
+
+2024-07-26
+	* (b93add7) UCO Issue 602: Warn about key-uniqueness enforcement to `types:Dictionary`
+
+2024-06-18
+	* (0d409cc) UCO Issue 609: Fix typo
+
+2024-06-10
+	* (5cf57b7) UCO Issues 586, 590: Warn of prior disjointedness declarations in `core:` and `types:`; warn if an `AlternateDataStream` instance is not also a `FileSystemObject`
+
+2024-05-01
+	* (50eb05b) UCO Issues 573, 584, 599: Warn if target or source on an `ObservableRelationship` are not `Observable`s; replace errant reference to non-existent concept `owl:Datatype`; remove 1-member minimum on `core:ContextualCompilation`
+
+2024-01-24
+	* OCCASE-495: Release CASE 1.3.0, with release notes at https://caseontology.org/releases/1.3.0/
+
 2024-01-24
 	* (79afa93) UCO Pull Request 579: Update change request template
 

Makefile

@@ -1,13 +1,16 @@
 #!/usr/bin/make -f
 
+# Portions of this file contributed by NIST are governed by the
+# following statement:
+#
 # This software was developed at the National Institute of Standards
 # and Technology by employees of the Federal Government in the course
-# of their official duties. Pursuant to title 17 Section 105 of the
-# United States Code this software is not subject to copyright
-# protection and is in the public domain. NIST assumes no
-# responsibility whatsoever for its use by other parties, and makes
-# no guarantees, expressed or implied, about its quality,
-# reliability, or any other characteristic.
+# of their official duties. Pursuant to Title 17 Section 105 of the
+# United States Code, this software is not subject to copyright
+# protection within the United States. NIST assumes no responsibility
+# whatsoever for its use by other parties, and makes no guarantees,
+# expressed or implied, about its quality, reliability, or any other
+# characteristic.
 #
 # We would appreciate acknowledgement if the software is used.
 
@@ -43,7 +46,6 @@ all: \
 
 # The two CASE-Utility... files are to trigger rebuilds based on command-line interface changes or version increments.
 .venv.done.log: \
-  .git_submodule_init.done.log \
   dependencies/UCO/dependencies/CASE-Utility-SHACL-Inheritance-Reviewer/case_shacl_inheritance_reviewer/__init__.py \
   dependencies/UCO/dependencies/CASE-Utility-SHACL-Inheritance-Reviewer/setup.cfg \
   dependencies/UCO/requirements.txt
@@ -100,14 +102,26 @@ clean:
 	@rm -rf \
 	  venv
 
+# This recipe maintains timestamp order.
+# The target file creation is handled by recursive initialization done
+# in the recipe for .git_submodule_init.done.log.
 dependencies/UCO/dependencies/CASE-Utility-SHACL-Inheritance-Reviewer/case_shacl_inheritance_reviewer/__init__.py: \
   .git_submodule_init.done.log
-	$(MAKE) \
-	  --directory dependencies/UCO \
-	  dependencies/CASE-Utility-SHACL-Inheritance-Reviewer/case_shacl_inheritance_reviewer/__init__.py
+	test -r $@
+	touch -c $@
 
+# This recipe maintains timestamp order.
+# The target file creation is handled by recursive initialization done
+# in the recipe for .git_submodule_init.done.log.
 dependencies/UCO/dependencies/CASE-Utility-SHACL-Inheritance-Reviewer/setup.cfg: \
   .git_submodule_init.done.log
-	$(MAKE) \
-	  --directory dependencies/UCO \
-	  dependencies/CASE-Utility-SHACL-Inheritance-Reviewer/setup.cfg
+	test -r $@
+	touch -c $@
+
+# This recipe maintains timestamp order.
+# The target file creation is handled by initialization done in the
+# recipe for .git_submodule_init.done.log.
+dependencies/UCO/requirements.txt: \
+  .git_submodule_init.done.log
+	test -r $@
+	touch -c $@

dependencies/UCO

@@ -1,13 +1,16 @@
 #!/usr/bin/make -f
 
+# Portions of this file contributed by NIST are governed by the
+# following statement:
+#
 # This software was developed at the National Institute of Standards
 # and Technology by employees of the Federal Government in the course
-# of their official duties. Pursuant to title 17 Section 105 of the
-# United States Code this software is not subject to copyright
-# protection and is in the public domain. NIST assumes no
-# responsibility whatsoever for its use by other parties, and makes
-# no guarantees, expressed or implied, about its quality,
-# reliability, or any other characteristic.
+# of their official duties. Pursuant to Title 17 Section 105 of the
+# United States Code, this software is not subject to copyright
+# protection within the United States. NIST assumes no responsibility
+# whatsoever for its use by other parties, and makes no guarantees,
+# expressed or implied, about its quality, reliability, or any other
+# characteristic.
 #
 # We would appreciate acknowledgement if the software is used.
 

ontology/Makefile

@@ -1,13 +1,16 @@
 #!/usr/bin/make -f
 
+# Portions of this file contributed by NIST are governed by the
+# following statement:
+#
 # This software was developed at the National Institute of Standards
 # and Technology by employees of the Federal Government in the course
-# of their official duties. Pursuant to title 17 Section 105 of the
-# United States Code this software is not subject to copyright
-# protection and is in the public domain. NIST assumes no
-# responsibility whatsoever for its use by other parties, and makes
-# no guarantees, expressed or implied, about its quality,
-# reliability, or any other characteristic.
+# of their official duties. Pursuant to Title 17 Section 105 of the
+# United States Code, this software is not subject to copyright
+# protection within the United States. NIST assumes no responsibility
+# whatsoever for its use by other parties, and makes no guarantees,
+# expressed or implied, about its quality, reliability, or any other
+# characteristic.
 #
 # We would appreciate acknowledgement if the software is used.
 

ontology/investigation/Makefile

@@ -2,14 +2,14 @@
 <catalog xmlns="urn:oasis:names:tc:entity:xmlns:xml:catalog" prefer="public">
     <uri id="User Entered Import Resolution" uri="../../dependencies/UCO/dependencies/collections-ontology/collections.owl" name="http://purl.org/co"/>
     <uri id="User Entered Import Resolution" uri="../../dependencies/UCO/dependencies/error/docs/current/error.ttl" name="http://purl.org/spar/error"/>
-    <uri id="User Entered Import Resolution" uri="../../dependencies/UCO/ontology/co/co.ttl" name="https://ontology.unifiedcyberontology.org/co/1.3.0"/>
-    <uri id="User Entered Import Resolution" uri="../../dependencies/UCO/ontology/uco/action/action.ttl" name="https://ontology.unifiedcyberontology.org/uco/action/1.3.0"/>
-    <uri id="User Entered Import Resolution" uri="../../dependencies/UCO/ontology/uco/core/core.ttl" name="https://ontology.unifiedcyberontology.org/uco/core/1.3.0"/>
-    <uri id="User Entered Import Resolution" uri="../../dependencies/UCO/ontology/uco/location/location.ttl" name="https://ontology.unifiedcyberontology.org/uco/location/1.3.0"/>
-    <uri id="User Entered Import Resolution" uri="../../dependencies/UCO/ontology/uco/pattern/pattern.ttl" name="https://ontology.unifiedcyberontology.org/uco/pattern/1.3.0"/>
-    <uri id="User Entered Import Resolution" uri="../../dependencies/UCO/ontology/uco/role/role.ttl" name="https://ontology.unifiedcyberontology.org/uco/role/1.3.0"/>
-    <uri id="User Entered Import Resolution" uri="../../dependencies/UCO/ontology/uco/types/types.ttl" name="https://ontology.unifiedcyberontology.org/uco/types/1.3.0"/>
-    <uri id="User Entered Import Resolution" uri="../../dependencies/UCO/ontology/uco/vocabulary/vocabulary.ttl" name="https://ontology.unifiedcyberontology.org/uco/vocabulary/1.3.0"/>
-    <uri id="User Entered Import Resolution" uri="../vocabulary/vocabulary.ttl" name="https://ontology.caseontology.org/case/vocabulary/1.3.0"/>
+    <uri id="User Entered Import Resolution" uri="../../dependencies/UCO/ontology/co/co.ttl" name="https://ontology.unifiedcyberontology.org/co/1.4.0"/>
+    <uri id="User Entered Import Resolution" uri="../../dependencies/UCO/ontology/uco/action/action.ttl" name="https://ontology.unifiedcyberontology.org/uco/action/1.4.0"/>
+    <uri id="User Entered Import Resolution" uri="../../dependencies/UCO/ontology/uco/core/core.ttl" name="https://ontology.unifiedcyberontology.org/uco/core/1.4.0"/>
+    <uri id="User Entered Import Resolution" uri="../../dependencies/UCO/ontology/uco/location/location.ttl" name="https://ontology.unifiedcyberontology.org/uco/location/1.4.0"/>
+    <uri id="User Entered Import Resolution" uri="../../dependencies/UCO/ontology/uco/pattern/pattern.ttl" name="https://ontology.unifiedcyberontology.org/uco/pattern/1.4.0"/>
+    <uri id="User Entered Import Resolution" uri="../../dependencies/UCO/ontology/uco/role/role.ttl" name="https://ontology.unifiedcyberontology.org/uco/role/1.4.0"/>
+    <uri id="User Entered Import Resolution" uri="../../dependencies/UCO/ontology/uco/types/types.ttl" name="https://ontology.unifiedcyberontology.org/uco/types/1.4.0"/>
+    <uri id="User Entered Import Resolution" uri="../../dependencies/UCO/ontology/uco/vocabulary/vocabulary.ttl" name="https://ontology.unifiedcyberontology.org/uco/vocabulary/1.4.0"/>
+    <uri id="User Entered Import Resolution" uri="../vocabulary/vocabulary.ttl" name="https://ontology.caseontology.org/case/vocabulary/1.4.0"/>
     <uri id="User Entered Import Resolution" uri="investigation.ttl" name="https://ontology.caseontology.org/case/investigation"/>
 </catalog>

ontology/investigation/catalog-v001.xml

@@ -1,6 +1,6 @@
-# imports: https://ontology.caseontology.org/case/vocabulary/1.3.0
-# imports: https://ontology.unifiedcyberontology.org/uco/action/1.3.0
-# imports: https://ontology.unifiedcyberontology.org/uco/role/1.3.0
+# imports: https://ontology.caseontology.org/case/vocabulary/1.4.0
+# imports: https://ontology.unifiedcyberontology.org/uco/action/1.4.0
+# imports: https://ontology.unifiedcyberontology.org/uco/role/1.4.0
 
 @prefix investigation: <https://ontology.caseontology.org/case/investigation/> .
 @prefix owl: <http://www.w3.org/2002/07/owl#> .
@@ -17,14 +17,14 @@
 	a owl:Ontology ;
 	rdfs:label "investigation"@en ;
 	rdfs:comment "This ontology defines key concepts, and their associated properties and relationships, for characterizing cyber-investigations in the broadest range of contexts, including security incidents, criminal investigations, civil and regulatory matters, intelligence operations, international disputes, accident inquiries, policy violations, and others." ;
-	owl:backwardCompatibleWith investigation:1.2.0 ;
+	owl:backwardCompatibleWith investigation:1.3.0 ;
 	owl:imports
-		vocabulary:1.3.0 ,
-		uco-action:1.3.0 ,
-		uco-role:1.3.0
+		vocabulary:1.4.0 ,
+		uco-action:1.4.0 ,
+		uco-role:1.4.0
 		;
-	owl:priorVersion investigation:1.2.0 ;
-	owl:versionIRI investigation:1.3.0 ;
+	owl:priorVersion investigation:1.3.0 ;
+	owl:versionIRI investigation:1.4.0 ;
 	.
 
 investigation:Attorney
@@ -105,6 +105,7 @@ investigation:Investigation
 	rdfs:label "Investigation"@en ;
 	rdfs:comment "An investigation is a grouping of characteristics unique to an exploration of the facts involved in a cyber-relevant set of suspicious activity."@en ;
 	sh:property
+		investigation:Investigation-investigationForm-in-shape ,
 		[
 			sh:class investigation:Authorization ;
 			sh:nodeKind sh:BlankNodeOrIRI ;
@@ -130,49 +131,36 @@ investigation:Investigation
 		] ,
 		[
 			sh:datatype xsd:string ;
-			sh:nodeKind sh:Literal ;
-			sh:path investigation:focus ;
-		] ,
-		[
-			sh:datatype vocabulary:InvestigationFormVocab ;
-			sh:message "Value is outside the default vocabulary InvestigationFormVocab." ;
+			sh:message "As of CASE 1.4.0, the datatype to use for investigation:investigationForm should be xsd:string.  Not using xsd:string will be an error in CASE 2.0.0." ;
 			sh:path investigation:investigationForm ;
-			sh:severity sh:Info ;
+			sh:severity sh:Warning ;
 		] ,
 		[
-			sh:maxCount "1"^^xsd:integer ;
+			sh:datatype xsd:string ;
 			sh:nodeKind sh:Literal ;
-			sh:or (
-				[
-					sh:datatype vocabulary:InvestigationFormVocab ;
-				]
-				[
-					sh:datatype xsd:string ;
-				]
-			) ;
-			sh:path investigation:investigationForm ;
+			sh:path investigation:focus ;
 		] ,
 		[
-			sh:message "Value is not member of the vocabulary InvestigationFormVocab." ;
-			sh:or (
-				[
-					sh:datatype vocabulary:InvestigationFormVocab ;
-					sh:in (
-						"case"^^vocabulary:InvestigationFormVocab
-						"incident"^^vocabulary:InvestigationFormVocab
-						"suspicious-activity"^^vocabulary:InvestigationFormVocab
-					) ;
-				]
-				[
-					sh:datatype xsd:string ;
-				]
-			) ;
+			sh:maxCount "1"^^xsd:integer ;
+			sh:nodeKind sh:Literal ;
 			sh:path investigation:investigationForm ;
 		]
 		;
 	sh:targetClass investigation:Investigation ;
 	.
 
+investigation:Investigation-investigationForm-in-shape
+	a sh:PropertyShape ;
+	sh:in (
+		"case"
+		"incident"
+		"suspicious-activity"
+	) ;
+	sh:message "Value is not member of the vocabulary InvestigationFormVocab." ;
+	sh:path investigation:investigationForm ;
+	sh:severity sh:Info ;
+	.
+
 investigation:InvestigativeAction
 	a
 		owl:Class ,
@@ -267,6 +255,7 @@ investigation:authorizationIdentifier
 
 investigation:authorizationType
 	a owl:DatatypeProperty ;
+	rdfs:subPropertyOf uco-core:informalType ;
 	rdfs:label "authorizationType"@en ;
 	rdfs:comment "A label categorizing a type of authorization (e.g. warrant)"@en ;
 	rdfs:range xsd:string ;
@@ -288,6 +277,7 @@ investigation:focus
 
 investigation:investigationForm
 	a owl:DatatypeProperty ;
+	rdfs:subPropertyOf uco-core:informalType ;
 	rdfs:label "investigationForm"@en ;
 	rdfs:comment "A label categorizing a type of investigation (case, incident, suspicious-activity, etc.)"@en ;
 	rdfs:range [

ontology/investigation/investigation.ttl

@@ -1,13 +1,16 @@
 #!/usr/bin/make -f
 
+# Portions of this file contributed by NIST are governed by the
+# following statement:
+#
 # This software was developed at the National Institute of Standards
 # and Technology by employees of the Federal Government in the course
-# of their official duties. Pursuant to title 17 Section 105 of the
-# United States Code this software is not subject to copyright
-# protection and is in the public domain. NIST assumes no
-# responsibility whatsoever for its use by other parties, and makes
-# no guarantees, expressed or implied, about its quality,
-# reliability, or any other characteristic.
+# of their official duties. Pursuant to Title 17 Section 105 of the
+# United States Code, this software is not subject to copyright
+# protection within the United States. NIST assumes no responsibility
+# whatsoever for its use by other parties, and makes no guarantees,
+# expressed or implied, about its quality, reliability, or any other
+# characteristic.
 #
 # We would appreciate acknowledgement if the software is used.
 

ontology/master/Makefile

@@ -1,6 +1,6 @@
-# imports: https://ontology.caseontology.org/case/investigation/1.3.0
-# imports: https://ontology.caseontology.org/case/vocabulary/1.3.0
-# imports: https://ontology.unifiedcyberontology.org/uco/uco/1.3.0
+# imports: https://ontology.caseontology.org/case/investigation/1.4.0
+# imports: https://ontology.caseontology.org/case/vocabulary/1.4.0
+# imports: https://ontology.unifiedcyberontology.org/uco/uco/1.4.0
 
 @prefix dct: <http://purl.org/dc/terms/> .
 @prefix owl: <http://www.w3.org/2002/07/owl#> .
@@ -16,14 +16,14 @@
 	rdfs:label "case-master"@en ;
 	rdfs:comment "The Cyber-investigation Analysis Standard Expression (CASE) ontology is a community-developed standard that defines concepts used in a broad range of cyber-investigation domains, including digital forensic science, incident response, counter-terrorism, criminal justice, forensic intelligence, and situational awareness. CASE includes all aspects of the digital forensic process, from evidence-gathering and chain of custody, to generating a final report. The goal is to increase sharing and interoperability of cyber-investigation information among organizations and between forensic analytic tools. CASE aligns with and extends the Unified Cyber Ontology (UCO). The preferred namespace abbreviation for this ontology is: case-master."@en ;
 	dct:title "Cyber-investigation Analysis Standard Expression (CASE)"@en ;
-	owl:backwardCompatibleWith <https://ontology.caseontology.org/case/case/1.2.0> ;
+	owl:backwardCompatibleWith <https://ontology.caseontology.org/case/case/1.3.0> ;
 	owl:imports
-		<https://ontology.caseontology.org/case/investigation/1.3.0> ,
-		<https://ontology.caseontology.org/case/vocabulary/1.3.0> ,
-		<https://ontology.unifiedcyberontology.org/uco/uco/1.3.0>
+		<https://ontology.caseontology.org/case/investigation/1.4.0> ,
+		<https://ontology.caseontology.org/case/vocabulary/1.4.0> ,
+		<https://ontology.unifiedcyberontology.org/uco/uco/1.4.0>
 		;
-	owl:priorVersion <https://ontology.caseontology.org/case/case/1.2.0> ;
-	owl:versionIRI <https://ontology.caseontology.org/case/case/1.3.0> ;
-	owl:versionInfo "1.3.0" ;
+	owl:priorVersion <https://ontology.caseontology.org/case/case/1.3.0> ;
+	owl:versionIRI <https://ontology.caseontology.org/case/case/1.4.0> ;
+	owl:versionInfo "1.4.0" ;
 	.