Figurit Homepage

A Knowledge Graph of Cybersecurity Vulnerabilities

A knowledge graph of 2,071 vulnerabilities from industrial control system devices. This will help drive applications like the vulnerability prioritization tool.

Request the Knowledge Graph:

Available in Turtle, N-Triples, Notation3, and RDF/XML

SPARQL Endpoint

Enter “vulnerability” in the field “Default Data Set Name (Graph IRI)”

Vulnerability Knowledge Graph

Sample Query #1

Find all vulnerabilities with corresponding type and reference link that affected products provided by “Advantech” and has a confirmed report value.

PREFIX myOntology: <http://www.semanticweb.org/myOntology#>
PREFIX ns1: <http://example.org/AttackVector/>
PREFIX ns2: <http://example.org/CVSS/>
PREFIX ns3: <http://example.org/vulnerability/>
PREFIX ns4: <http://example.org/vulType/>
PREFIX ns5: <http://example.org/product/>
PREFIX ns6: <http://example.org/infection/>
PREFIX ns7: <http://example.org/AttackComplexity/>
PREFIX ns8: <http://example.org/RemediationLevel/>
PREFIX ns9: <http://example.org/ReportConfidence/>
PREFIX ns10: <http://example.org/UserInteraction/>

select distinct ?vulnerability_type ?reference_link {
?vulnerability ns3:has_vul_type ?var3 .
?var3 ns4:has_type_name ?vulnerability_type .
?vulnerability ns3:affects ?var1 .
?var1 ns5:provided_by "Advantech" .
?vulnerability ns3:has_rc ?var2 .
?var2 ns9:value_of_rc "Confirmed(RC:C)" .
?vulnerability ns3:has_reference_link ?reference_link
}

Sample Query #2

Find all product names that were affected by vulnerability with low attack complexity reported by Maxim Rupp.

PREFIX myOntology: <http://www.semanticweb.org/myOntology#>
PREFIX ns1: <http://example.org/AttackVector/>
PREFIX ns2: <http://example.org/CVSS/>
PREFIX ns3: <http://example.org/vulnerability/>
PREFIX ns4: <http://example.org/vulType/>
PREFIX ns5: <http://example.org/product/>
PREFIX ns6: <http://example.org/infection/>
PREFIX ns7: <http://example.org/AttackComplexity/>
PREFIX ns8: <http://example.org/RemediationLevel/>
PREFIX ns9: <http://example.org/ReportConfidence/>
PREFIX ns10: <http://example.org/UserInteraction/>

select distinct ?product_name {
?var2 ns3:has_ac ?var3 .
?var2 ns3:affects ?var1 .
?var1 ns5:has_product_name ?product_name .
?var2 ns3:reported_by "Maxim rupp" .
?var3 ns7:value_of_ac "Low(AC:L)" .
}

Schema Diagram

Vulnerability Knowledge Graph Schema