{ "version": "1.0-to-2.3", "date": "2026-04-24", "description": "Mapping of ATX-1 technique IDs from v1.0 through v2.2 to v2.3 for traceability. v1.0, v2.0, v2.1, and v2.2 remain frozen at their published DOIs. v2.3 removes the `severity` field from technique definitions in alignment with MITRE ATT&CK and ATLAS conventions, which leave contextual scoring to the consumer; no tactics, techniques, sub-techniques, root causes, or mitigations were renamed, moved, removed, or added relative to v2.2. v2.2 introduced 29 sub-techniques (T####.###) under T9002, T10001, T10002, T10003, and T10004 — no v2.1 techniques were renamed, moved, or removed.", "references": { "v1_ieee_dataport": "10.21227/f87b-1d57", "v1_zenodo": "10.5281/zenodo.19225676", "v2_zenodo": "10.5281/zenodo.19238844", "v2.1_zenodo": "10.5281/zenodo.19251098", "v2.2_zenodo": "10.5281/zenodo.19483999", "v2.3_zenodo": "10.5281/zenodo.20171712", "v2.3_ieee_dataport": "10.21227/jr43-0571" }, "v2.3_changes": { "field_removed": "severity", "rationale": "Alignment with MITRE ATT&CK and ATLAS conventions, which do not rate technique severity. Severity is contextual to deployment; consumers should apply their own scoring frameworks (e.g., CVSS, OWASP Risk Rating) per environment.", "schema_impact": "atx-technique.schema.json: `severity` removed from `required`; `severity` property definition removed; schema_version bumped 2.2 → 2.3.", "data_impact": "All 58 entries in atx-1-techniques.json had `severity` removed. No other field changes. Field order otherwise preserved.", "stix_impact": "None — STIX bundle attack-pattern objects did not carry severity (severity was an ATX-1 extension field present only in atx-1-techniques.json)." }, "mappings": [ { "v1_id": "T1001", "v2_id": "T1001", "v1_name": "Non-Owner Instruction Compliance", "v2_name": "Execute Non-Owner Instruction", "v1_tactic": "TA001", "v2_tactic": "TA001", "change": "renamed" }, { "v1_id": "T1002", "v2_id": "T1002", "v1_name": "Implicit Authority Acceptance", "v2_name": "Infer Implicit Authority", "v1_tactic": "TA001", "v2_tactic": "TA001", "change": "renamed" }, { "v1_id": "T1003", "v2_id": "T1003", "v1_name": "Mass Distribution Under Spoofed Authority", "v2_name": "Propagate Spoofed Authority at Scale", "v1_tactic": "TA001", "v2_tactic": "TA001", "change": "renamed" }, { "v1_id": "T3001", "v2_id": "T2001", "v1_name": "Persistent Process Injection", "v2_name": "Expand Task Scope Autonomously", "v1_tactic": "TA003", "v2_tactic": "TA002", "change": "moved+renamed" }, { "v1_id": "T2003", "v2_id": "T2002", "v1_name": "Guilt-Induced Self-Restriction", "v2_name": "Perform Unvalidated Bulk Operations", "v1_tactic": "TA002", "v2_tactic": "TA002", "change": "moved+renamed" }, { "v1_id": null, "v2_id": "T2003", "v1_name": null, "v2_name": "Obscure Objective Through Delegation", "v1_tactic": null, "v2_tactic": "TA002", "change": "new" }, { "v1_id": null, "v2_id": "T2004", "v1_name": null, "v2_name": "Exploit Tool-Chain Composition", "v1_tactic": null, "v2_tactic": "TA002", "change": "new" }, { "v1_id": "T2001", "v2_id": "T3001", "v1_name": "Irreversible Collateral Action", "v2_name": "Perform Irreversible Destructive Action", "v1_tactic": "TA002", "v2_tactic": "TA003", "change": "moved+renamed" }, { "v1_id": "T2002", "v2_id": "T3002", "v1_name": "Social Pressure Escalation", "v2_name": "Trigger Cascading System Changes", "v1_tactic": "TA002", "v2_tactic": "TA003", "change": "moved+renamed" }, { "v1_id": "T4001", "v2_id": "T4001", "v1_name": "Bulk Data Disclosure via Indirect Request", "v2_name": "Exfiltrate Context-Scoped Data", "v1_tactic": "TA004", "v2_tactic": "TA004", "change": "renamed" }, { "v1_id": "T4002", "v2_id": "T4002", "v1_name": "Semantic Sensitivity Bypass", "v2_name": "Leak Cross-Session or Persistent Data", "v1_tactic": "TA004", "v2_tactic": "TA004", "change": "renamed" }, { "v1_id": null, "v2_id": "T4003", "v1_name": null, "v2_name": "Cross-Domain Secret Leakage", "v1_tactic": null, "v2_tactic": "TA004", "change": "new" }, { "v1_id": "T8001", "v2_id": "T5001", "v1_name": "False Deletion Confirmation", "v2_name": "Report False Task Completion", "v1_tactic": "TA008", "v2_tactic": "TA005", "change": "moved+renamed" }, { "v1_id": "T5002", "v2_id": "T5002", "v1_name": "Display Name Authority Claim", "v2_name": "Fabricate Action Attribution", "v1_tactic": "TA005", "v2_tactic": "TA005", "change": "renamed" }, { "v1_id": "T9001", "v2_id": "T5003", "v1_name": "Silent Provider-Level Task Failure", "v2_name": "Suppress or Omit Execution Failure", "v1_tactic": "TA009", "v2_tactic": "TA005", "change": "moved+renamed" }, { "v1_id": "T3001", "v2_id": "T6001", "v1_name": "Persistent Process Injection", "v2_name": "Execute Recursive Invocation Loops", "v1_tactic": "TA003", "v2_tactic": "TA006", "change": "moved+renamed" }, { "v1_id": "T3002", "v2_id": "T6002", "v1_name": "Inter-Agent Conversational Loop", "v2_name": "Consume Unbounded External Resources", "v1_tactic": "TA003", "v2_tactic": "TA006", "change": "moved+renamed" }, { "v1_id": "T7001", "v2_id": "T7001", "v1_name": "Tribal Knowledge Transfer", "v2_name": "Spoof Agent Identity", "v1_tactic": "TA007", "v2_tactic": "TA007", "change": "renamed" }, { "v1_id": "T7002", "v2_id": "T7002", "v1_name": "Compromised Governance Propagation", "v2_name": "Inject Malicious Delegation Chains", "v1_tactic": "TA007", "v2_tactic": "TA007", "change": "renamed" }, { "v1_id": null, "v2_id": "T7003", "v1_name": null, "v2_name": "Induce Cross-Agent Behavioral Drift", "v1_tactic": null, "v2_tactic": "TA007", "change": "new" }, { "v1_id": null, "v2_id": "T7004", "v1_name": null, "v2_name": "Induce Unsafe Consensus", "v1_tactic": null, "v2_tactic": "TA007", "change": "new" }, { "v1_id": "T6001", "v2_id": "T8001", "v1_name": "Externally Editable Governance Injection", "v2_name": "Poison Persistent Memory", "v1_tactic": "TA006", "v2_tactic": "TA008", "change": "moved+renamed" }, { "v1_id": "T6002", "v2_id": "T8002", "v1_name": "Covert Constitutional Amendment", "v2_name": "Corrupt Governance or Policy State", "v1_tactic": "TA006", "v2_tactic": "TA008", "change": "moved+renamed" }, { "v1_id": null, "v2_id": "T9001", "v1_name": null, "v2_name": "Operate Outside Monitoring Boundaries", "v1_tactic": null, "v2_tactic": "TA009", "change": "new" }, { "v1_id": null, "v2_id": "T9002", "v1_name": null, "v2_name": "Obfuscate Action Traceability", "v1_tactic": null, "v2_tactic": "TA009", "change": "new" }, { "v1_id": null, "v2_id": "T10001", "v1_name": null, "v2_name": "Exploit Pseudo-Filesystem Capabilities", "v1_tactic": null, "v2_tactic": "TA010", "change": "new-v2.1", "discovery": "RFC-0006 adversarial testing, Round 3" }, { "v1_id": null, "v2_id": "T10002", "v1_name": null, "v2_name": "Establish Persistence via Environment Auto-Execution", "v1_tactic": null, "v2_tactic": "TA010", "change": "new-v2.1", "discovery": "RFC-0006 adversarial testing, Rounds 4-5" }, { "v1_id": null, "v2_id": "T10003", "v1_name": null, "v2_name": "Inject Persistent Agent Instructions", "v1_tactic": null, "v2_tactic": "TA010", "change": "new-v2.1", "discovery": "RFC-0006 adversarial testing, Round 5" }, { "v1_id": null, "v2_id": "T10004", "v1_name": null, "v2_name": "Exploit Governance-Runtime Parser Divergence", "v1_tactic": null, "v2_tactic": "TA010", "change": "new-v2.1", "discovery": "RFC-0006 adversarial testing, Rounds 1-3" } ], "tactic_mappings": [ { "v1_id": "TA001", "v2_id": "TA001", "v1_name": "Authority Boundary Violation", "v2_name": "Violate Authority Boundaries", "change": "renamed" }, { "v1_id": "TA002", "v2_id": "TA003", "v1_name": "Disproportionate Execution", "v2_name": "Compromise System Integrity", "change": "renamed+restructured" }, { "v1_id": "TA003", "v2_id": "TA002", "v1_name": "Resource Exhaustion", "v2_name": "Exceed Operational Scope", "change": "renamed+restructured" }, { "v1_id": "TA004", "v2_id": "TA004", "v1_name": "Unauthorized Disclosure", "v2_name": "Expose or Exfiltrate Information", "change": "renamed" }, { "v1_id": "TA005", "v2_id": "TA005", "v1_name": "Identity and Authority Confusion", "v2_name": "Violate State Integrity", "change": "renamed+restructured" }, { "v1_id": "TA006", "v2_id": "TA006", "v1_name": "Governance State Corruption", "v2_name": "Abuse Resource Allocation", "change": "renamed+restructured" }, { "v1_id": "TA007", "v2_id": "TA007", "v1_name": "Cross-Agent Propagation", "v2_name": "Manipulate Agent Interactions", "change": "renamed" }, { "v1_id": "TA008", "v2_id": "TA008", "v1_name": "False Completion Reporting", "v2_name": "Establish or Modify Persistence", "change": "renamed+restructured" }, { "v1_id": "TA009", "v2_id": "TA009", "v1_name": "Provider Constraint Opacity", "v2_name": "Evade Detection or Oversight", "change": "renamed+restructured" }, { "v1_id": null, "v2_id": "TA010", "v1_name": null, "v2_name": "Act Beyond Governance Interpretation", "change": "new-v2.1", "root_cause": "RC5 (No Environment Model)" } ] }