New to CAPEC? Start Here
Home > CAPEC List > Reports > Differences between Schema 2.1 and 2.3  

Differences between Schema 2.1 and 2.3

There were only four changes of note between the v2.1 and v2.3 schemas.

  1. The namespace declaration and import for the observables schema has been updated from the older CAPEC-specific Observables schema to the new independent CybOX (Cyber Observable eXpression) schema. All relevant namespace prefix uses throughout the CAPEC schema have also been updated.
  2. Added Comment and Images structures to the Structured_Text_Type to add expressiveness.
  3. Significantly changed the Attack_Motivation-Consequences type structure for greater expressiveness, maturity and alignment with the consequences structure in the Common Weakness Enumeration (CWE). Both schemas now utilize the same underlying Common_ConsequencesType.

    The previous structure for Attack_Motivation-Consequences was simply a string field with 5 possible enumerated values:

    • Denial of Service
    • Run Arbitrary Code
    • Information Leakage
    • Data Modification
    • Privilege Escalation

    The new structure is composed of:

    • A Common_Consequences_ID attibute to enable referencing identical consequence entries
    • A Consequence_Scope element that can capture {0 to *} areas of relevant consequence. It is a string field with 9 possible enumerated values:
      • Confidentiality
      • Integrity
      • Availability
      • Access_Control
      • Non-Repudiation
      • Accountability
      • Authentication
      • Authorization
      • Other
    • A Consequence_Technical_Impact element that can capture {0 to *} specific technical impacts. It is a string field with 21 possible enumerated values:
      • Modify memory
      • Read memory
      • Modify files or directories
      • Read files or directories
      • Modify application data
      • Read application data
      • DoS: crash / exit / restart
      • DoS: amplification
      • DoS: instability
      • DoS: resource consumption (CPU)
      • DoS: resource consumption (memory)
      • DoS: resource consumption (other)
      • Execute unauthorized code or commands
      • Gain privileges / assume identity
      • Bypass protection mechanism
      • Hide activities
      • Alter execution logic
      • Quality Degradation
      • Varies by context"
      • Unexpected State
      • Other
    • A Consequence_Note element of Structured_Text_Type to enable capture descriptive information about the motivation or consequence.

    The new structure can be visualized in the below diagram.

    CAPEC Schema v2.3 structure
  4. Added the above-described Attack_Motivation-Consequences structure to the CAPEC Category structure in addition to the Attack_Pattern Structure.
  5. More information is available — Please select a different filter.
Page Last Updated or Reviewed: October 28, 2016