securechainkg

SecureChain KG

SecureChain is a knowledge graph for resilient, trustworthy, and secure software supply chains.

75.2M triples

898 classes

50 properties

10.3M subjects

Overview Example Queries Endpoints Schema

SecureChain KG is a knowledge graph for resilient, trustworthy, and secure software supply chains.

SecureChain KG is a large-scale knowledge graph that maps software components and vulnerabilities across multiple programming languages to strengthen software supply chain security. Built for developers, security analysts, and policymakers, it contains 9.8 million entities capturing 803,769 software packages, 8.6 million software versions, 259,806 vulnerabilities, and 53,378 hardware components with their versions, interconnected through 73.5 million triples. The ontology models dependencies between software versions and other components through properties like sc:dependsOn, which help assess potential risks and identify vulnerabilities, with links to licenses ensuring compliance across the supply chain. Dominated by PyPI (603K packages) and Cargo (180K packages) ecosystems, SecureChain primarily covers Python and Rust software. Continuously updated through neural knowledge acquisition pipelines that extract information from documentation, CVEs, bug reports, and online discussions, it provides a real-time view of software supply chain risks.

List software dependencies of versions of ffmpeg

PREFIX schema: <http://schema.org/>
PREFIX sc: <https://w3id.org/secure-chain/>
SELECT ?package ?dependency {
  ?software schema:name "ffmpeg" .
  ?software sc:hasSoftwareVersion ?package .
  ?package sc:dependsOn ?dependency
}
LIMIT 100

graph TD
classDef projected fill:lightgreen;
classDef literal fill:orange;
classDef iri fill:yellow;
  v3("?dependency"):::projected 
  v2("?package"):::projected 
  v1("?software")
  c2(["ffmpeg"]):::literal 
  v1 --"schema:name"-->  c2
  v1 --"secure-chain:hasSoftwareVersion"-->  v2
  v2 --"secure-chain:dependsOn"-->  v3

Run in FRINK

List vulnerabilities in versions of ffmpeg

PREFIX schema: <http://schema.org/>
PREFIX sc: <https://w3id.org/secure-chain/>
SELECT ?vuln ?software {
  ?software schema:name "ffmpeg" .
  ?software sc:hasSoftwareVersion ?package .
  ?package sc:vulnerableTo ?vuln .
}
LIMIT 100

graph TD
classDef projected fill:lightgreen;
classDef literal fill:orange;
classDef iri fill:yellow;
  v2("?package")
  v1("?software"):::projected 
  v3("?vuln"):::projected 
  c2(["ffmpeg"]):::literal 
  v1 --"schema:name"-->  c2
  v1 --"secure-chain:hasSoftwareVersion"-->  v2
  v2 --"secure-chain:vulnerableTo"-->  v3

Run in FRINK

SPARQL Endpoint	`https://frink.apps.renci.org/securechainkg/sparql`
Triple Pattern Fragments	`https://frink.apps.renci.org/ldf/securechainkg`

Open in FRINK Query UI

Classes (898) Properties (50)

Class	Entities

Property	Triples