Abstract
Formal Ontology is a discipline whose business is to develop formal theories about general aspects of reality such as identity, dependence, parthood, truthmaking, causality, etc. A foundational ontology is a specific consistent set of these ontological theories that support activities such as domain analysis, conceptual clarification, and meaning negotiation. A (well-founded) core ontology specifies, under a foundational ontology, the central concepts and relations of a given domain. Foundational and core ontologies can be seen as ontology engineering frameworks to systematically address the laborious task of building large (more specific) domain ontologies. However, both in research and industry, it is common that ontologies as computational artifacts are built without the aid of any framework of this kind, favoring the occurrence of numerous modeling mistakes and gaps. Through a case study, here we show an exemplar of such a case in the domain of cybersecurity by providing an ontological analysis of D3FEND, an OWL knowledge graph of cybersecurity countermeasure techniques proposed by the MITRE Corporation. Based on the Reference Ontology for Security Engineering (ROSE), a core ontology of the security domain founded in the Unified Foundational Ontology (UFO), our investigation reveals a number of semantic deficiencies in D3FEND, including missing concepts, semantic overload of terms, and a systematic lack of constraints that renders that model under-specified. As a result of our ontological analysis, we propose several suggestions for the appropriate redesign of D3FEND to overcome those issues. © 2023 The Authors.