Jane Edwards 
MITRE has expanded its D3FEND cybersecurity ontology to include operational technology.
Attend the Potomac Officers Club’s 2026 Cyber Summit on May 21, and engage with top decision-makers and explore the latest strategies in cyber defense. Sign up now to secure your seat!
The nonprofit research and development organization said Tuesday the expansion seeks to deliver a structured cybersecurity knowledge base to help the cyber community secure and defend controllers, defense systems, sensors, actuators and other cyber-physical systems.
“The launch of D3FEND for OT demonstrates our unwavering commitment to delivering unbiased, open-sourced tools that are mission-critical,” said Wen Masters, vice president of cyber technologies at MITRE.
How Does D3FEND for OT Help Cyber Professionals Understand and Secure OT Systems?
D3FEND for OT seeks to help cyber professionals use the D3FEND knowledge model to understand what artifacts, events and relationships comprise an OT security model.
The ontology aims to guide them in mapping adversary capabilities and constraints onto the behaviors and structure of OT systems. It also provides insight into minimal observations and controls necessary to detect malicious changes and ensure safe operation.
What Is MITRE D3FEND?
MITRE D3FEND is a knowledge graph of cybersecurity countermeasures funded by the National Security Agency and the Cyber Warfare Directorate within the Office of the Under Secretary of War for Acquisition and Sustainment.
A beta version of the MITRE-developed framework was released in June 2021.
In January, the nonprofit launched D3FEND 1.0 designed to establish a common language and defense concepts in the cyber domain. The framework’s features include a cyber attack-defense tool and an expanded lineup of defense tactics and risk classifications.
