From 1b859e681685566f821025fb94fe8a3ce87705bf Mon Sep 17 00:00:00 2001
From: Bryan Worrell <bworrell@mitre.org>
Date: Wed, 11 Sep 2013 18:20:23 -0400
Subject: [PATCH 01/14] initial commit of stix validator script

---
 stix_validator/LICENSE.txt                    |   24 +
 stix_validator/README.md                      |    0
 stix_validator/__init__.py                    |    0
 stix_validator/schema/campaign.xsd            |  209 ++
 stix_validator/schema/course_of_action.xsd    |  165 +
 stix_validator/schema/cybox/cybox_common.xsd  | 2319 ++++++++++++
 stix_validator/schema/cybox/cybox_core.xsd    | 1090 ++++++
 .../cybox/cybox_default_vocabularies.xsd      | 3106 +++++++++++++++++
 .../cybox/extensions/platform/README.txt      |    1 +
 .../cybox/extensions/platform/cpe2.3.xsd      |   40 +
 .../schema/cybox/objects/API_Object.xsd       |   55 +
 .../schema/cybox/objects/Account_Object.xsd   |   50 +
 .../schema/cybox/objects/Address_Object.xsd   |  122 +
 .../schema/cybox/objects/Artifact_Object.xsd  |  206 ++
 .../schema/cybox/objects/Code_Object.xsd      |  417 +++
 .../schema/cybox/objects/Custom_Object.xsd    |   43 +
 .../schema/cybox/objects/DNS_Cache_Object.xsd |   53 +
 .../schema/cybox/objects/DNS_Query_Object.xsd |  159 +
 .../cybox/objects/DNS_Record_Object.xsd       |   87 +
 .../schema/cybox/objects/Device_Object.xsd    |   55 +
 .../schema/cybox/objects/Disk_Object.xsd      |  117 +
 .../cybox/objects/Disk_Partition_Object.xsd   |  199 ++
 .../cybox/objects/Email_Message_Object.xsd    |  273 ++
 .../schema/cybox/objects/File_Object.xsd      |  359 ++
 .../cybox/objects/GUI_Dialogbox_Object.xsd    |   41 +
 .../schema/cybox/objects/GUI_Object.xsd       |   40 +
 .../cybox/objects/GUI_Window_Object.xsd       |   46 +
 .../cybox/objects/HTTP_Session_Object.xsd     |  623 ++++
 .../schema/cybox/objects/Library_Object.xsd   |  114 +
 .../schema/cybox/objects/Link_Object.xsd      |   24 +
 .../cybox/objects/Linux_Package_Object.xsd    |  119 +
 .../schema/cybox/objects/Memory_Object.xsd    |   70 +
 .../schema/cybox/objects/Mutex_Object.xsd     |   40 +
 .../objects/Network_Connection_Object.xsd     |  609 ++++
 .../cybox/objects/Network_Flow_Object.xsd     | 1559 +++++++++
 .../cybox/objects/Network_Packet_Object.xsd   | 2948 ++++++++++++++++
 .../objects/Network_Route_Entry_Object.xsd    |  155 +
 .../cybox/objects/Network_Route_Object.xsd    |   93 +
 .../cybox/objects/Network_Socket_Object.xsd   |  524 +++
 .../cybox/objects/Network_Subnet_Object.xsd   |   64 +
 .../schema/cybox/objects/PDF_File_Object.xsd  |  601 ++++
 .../schema/cybox/objects/Pipe_Object.xsd      |   40 +
 .../schema/cybox/objects/Port_Object.xsd      |   74 +
 .../schema/cybox/objects/Process_Object.xsd   |  197 ++
 .../schema/cybox/objects/Product_Object.xsd   |   60 +
 .../schema/cybox/objects/Semaphore_Object.xsd |   50 +
 .../cybox/objects/Socket_Address_Object.xsd   |   42 +
 .../schema/cybox/objects/System_Object.xsd    |  409 +++
 .../schema/cybox/objects/URI_Object.xsd       |   62 +
 .../schema/cybox/objects/Unix_File_Object.xsd |  164 +
 .../Unix_Network_Route_Entry_Object.xsd       |   56 +
 .../schema/cybox/objects/Unix_Pipe_Object.xsd |   36 +
 .../cybox/objects/Unix_Process_Object.xsd     |  143 +
 .../objects/Unix_User_Account_Object.xsd      |   78 +
 .../cybox/objects/Unix_Volume_Object.xsd      |   41 +
 .../cybox/objects/User_Account_Object.xsd     |  110 +
 .../cybox/objects/User_Session_Object.xsd     |   60 +
 .../schema/cybox/objects/Volume_Object.xsd    |  235 ++
 .../schema/cybox/objects/Whois_Object.xsd     |  456 +++
 .../objects/Win_Computer_Account_Object.xsd   |  135 +
 .../objects/Win_Critical_Section_Object.xsd   |   40 +
 .../cybox/objects/Win_Driver_Object.xsd       |  269 ++
 .../cybox/objects/Win_Event_Log_Object.xsd    |  137 +
 .../schema/cybox/objects/Win_Event_Object.xsd |   80 +
 .../objects/Win_Executable_File_Object.xsd    | 1333 +++++++
 .../schema/cybox/objects/Win_File_Object.xsd  |  269 ++
 .../cybox/objects/Win_Handle_Object.xsd       |  186 +
 .../cybox/objects/Win_Kernel_Hook_Object.xsd  |  109 +
 .../cybox/objects/Win_Kernel_Object.xsd       |  128 +
 .../cybox/objects/Win_Mailslot_Object.xsd     |   56 +
 .../objects/Win_Memory_Page_Region_Object.xsd |  198 ++
 .../schema/cybox/objects/Win_Mutex_Object.xsd |   42 +
 .../Win_Network_Route_Entry_Object.xsd        |  200 ++
 .../objects/Win_Network_Share_Object.xsd      |  205 ++
 .../schema/cybox/objects/Win_Pipe_Object.xsd  |   73 +
 .../cybox/objects/Win_Prefetch_Object.xsd     |  113 +
 .../cybox/objects/Win_Process_Object.xsd      |  167 +
 .../cybox/objects/Win_Registry_Key_Object.xsd |  290 ++
 .../cybox/objects/Win_Semaphore_Object.xsd    |   42 +
 .../cybox/objects/Win_Service_Object.xsd      |  287 ++
 .../cybox/objects/Win_System_Object.xsd       |  126 +
 .../objects/Win_System_Restore_Object.xsd     |  199 ++
 .../schema/cybox/objects/Win_Task_Object.xsd  |  755 ++++
 .../cybox/objects/Win_Thread_Object.xsd       |  146 +
 .../cybox/objects/Win_User_Account_Object.xsd |   73 +
 .../cybox/objects/Win_Volume_Object.xsd       |  161 +
 .../objects/Win_Waitable_Timer_Object.xsd     |   90 +
 .../cybox/objects/X509_Certificate_Object.xsd |  270 ++
 stix_validator/schema/data_marking.xsd        |   92 +
 stix_validator/schema/exploit_target.xsd      |  223 ++
 .../extensions/address/ciq_address_3.0.xsd    |   27 +
 .../schema/extensions/address/readme.txt      |    1 +
 .../extensions/attack_pattern/capec_2.5.xsd   |   31 +
 .../extensions/identity/ciq_identity_3.0.xsd  |  108 +
 .../schema/extensions/identity/readme.txt     |    1 +
 .../schema/extensions/malware/maec_4.0.xsd    |   32 +
 .../schema/extensions/malware/readme.txt      |    3 +
 .../extensions/marking/simple_marking.xsd     |   30 +
 .../schema/extensions/marking/tlp.xsd         |   39 +
 .../extensions/structured_coa/generic.xsd     |   46 +
 .../extensions/test_mechanism/generic.xsd     |   46 +
 .../test_mechanism/open_ioc_2010.xsd          |   32 +
 .../extensions/test_mechanism/oval_5.10.xsd   |   37 +
 .../extensions/test_mechanism/snort.xsd       |   36 +
 .../schema/extensions/test_mechanism/yara.xsd |   36 +
 .../extensions/vulnerability/cvrf_1.1.xsd     |   33 +
 .../extensions/vulnerability/readme.txt       |    1 +
 .../external/capec_2.5/ap_schema_v2.5.xsd     | 2671 ++++++++++++++
 .../schema/external/cvrf_1.1/common.xsd       |  176 +
 .../external/cvrf_1.1/cpe-language_2.2a.xsd   |  182 +
 .../schema/external/cvrf_1.1/cvrf.xsd         |  487 +++
 .../schema/external/cvrf_1.1/cvss-v2_0.9.xsd  |  415 +++
 .../schema/external/cvrf_1.1/dc.xsd           |  118 +
 .../schema/external/cvrf_1.1/prod.xsd         |  292 ++
 .../external/cvrf_1.1/scap-core_0.9.xsd       |  170 +
 .../schema/external/cvrf_1.1/vuln.xsd         |  631 ++++
 .../schema/external/cvrf_1.1/xml.xsd          |  287 ++
 .../external/oasis_ciq_3.0/CommonTypes.xsd    |  104 +
 .../external/oasis_ciq_3.0/xAL-types.xsd      |  511 +++
 .../schema/external/oasis_ciq_3.0/xAL.xsd     |  672 ++++
 .../external/oasis_ciq_3.0/xNAL-types.xsd     |   36 +
 .../schema/external/oasis_ciq_3.0/xNAL.xsd    |  126 +
 .../external/oasis_ciq_3.0/xNL-types.xsd      |  222 ++
 .../schema/external/oasis_ciq_3.0/xNL.xsd     |  284 ++
 .../external/oasis_ciq_3.0/xPIL-types.xsd     |  854 +++++
 .../schema/external/oasis_ciq_3.0/xPIL.xsd    | 1621 +++++++++
 .../oasis_ciq_3.0/xlink-2003-12-31.xsd        |   90 +
 .../schema/external/open_ioc_2010/ioc-TR.xsd  |   25 +
 .../schema/external/open_ioc_2010/ioc.xsd     |  105 +
 .../external/oval_5.10/oval-common-schema.xsd |  781 +++++
 .../oval_5.10/oval-definitions-schema.xsd     | 1608 +++++++++
 .../oval_5.10/oval-variables-schema.xsd       |   84 +
 .../oval_5.10/xmldsig-core-schema.xsd         |  309 ++
 stix_validator/schema/incident.xsd            |  786 +++++
 stix_validator/schema/indicator.xsd           |  309 ++
 stix_validator/schema/stix_common.xsd         |  762 ++++
 stix_validator/schema/stix_core.xsd           |  217 ++
 .../schema/stix_default_vocabularies.xsd      | 1578 +++++++++
 stix_validator/schema/test.xsd                |   15 +
 stix_validator/schema/threat_actor.xsd        |  173 +
 stix_validator/schema/ttp.xsd                 |  340 ++
 stix_validator/sdv.py                         |   69 +
 stix_validator/validator.py                   |  154 +
 143 files changed, 43429 insertions(+)
 create mode 100755 stix_validator/LICENSE.txt
 create mode 100644 stix_validator/README.md
 create mode 100644 stix_validator/__init__.py
 create mode 100755 stix_validator/schema/campaign.xsd
 create mode 100755 stix_validator/schema/course_of_action.xsd
 create mode 100755 stix_validator/schema/cybox/cybox_common.xsd
 create mode 100755 stix_validator/schema/cybox/cybox_core.xsd
 create mode 100755 stix_validator/schema/cybox/cybox_default_vocabularies.xsd
 create mode 100755 stix_validator/schema/cybox/extensions/platform/README.txt
 create mode 100755 stix_validator/schema/cybox/extensions/platform/cpe2.3.xsd
 create mode 100755 stix_validator/schema/cybox/objects/API_Object.xsd
 create mode 100755 stix_validator/schema/cybox/objects/Account_Object.xsd
 create mode 100755 stix_validator/schema/cybox/objects/Address_Object.xsd
 create mode 100755 stix_validator/schema/cybox/objects/Artifact_Object.xsd
 create mode 100755 stix_validator/schema/cybox/objects/Code_Object.xsd
 create mode 100755 stix_validator/schema/cybox/objects/Custom_Object.xsd
 create mode 100755 stix_validator/schema/cybox/objects/DNS_Cache_Object.xsd
 create mode 100755 stix_validator/schema/cybox/objects/DNS_Query_Object.xsd
 create mode 100755 stix_validator/schema/cybox/objects/DNS_Record_Object.xsd
 create mode 100755 stix_validator/schema/cybox/objects/Device_Object.xsd
 create mode 100755 stix_validator/schema/cybox/objects/Disk_Object.xsd
 create mode 100755 stix_validator/schema/cybox/objects/Disk_Partition_Object.xsd
 create mode 100755 stix_validator/schema/cybox/objects/Email_Message_Object.xsd
 create mode 100755 stix_validator/schema/cybox/objects/File_Object.xsd
 create mode 100755 stix_validator/schema/cybox/objects/GUI_Dialogbox_Object.xsd
 create mode 100755 stix_validator/schema/cybox/objects/GUI_Object.xsd
 create mode 100755 stix_validator/schema/cybox/objects/GUI_Window_Object.xsd
 create mode 100755 stix_validator/schema/cybox/objects/HTTP_Session_Object.xsd
 create mode 100755 stix_validator/schema/cybox/objects/Library_Object.xsd
 create mode 100755 stix_validator/schema/cybox/objects/Link_Object.xsd
 create mode 100755 stix_validator/schema/cybox/objects/Linux_Package_Object.xsd
 create mode 100755 stix_validator/schema/cybox/objects/Memory_Object.xsd
 create mode 100755 stix_validator/schema/cybox/objects/Mutex_Object.xsd
 create mode 100755 stix_validator/schema/cybox/objects/Network_Connection_Object.xsd
 create mode 100755 stix_validator/schema/cybox/objects/Network_Flow_Object.xsd
 create mode 100755 stix_validator/schema/cybox/objects/Network_Packet_Object.xsd
 create mode 100755 stix_validator/schema/cybox/objects/Network_Route_Entry_Object.xsd
 create mode 100755 stix_validator/schema/cybox/objects/Network_Route_Object.xsd
 create mode 100755 stix_validator/schema/cybox/objects/Network_Socket_Object.xsd
 create mode 100755 stix_validator/schema/cybox/objects/Network_Subnet_Object.xsd
 create mode 100755 stix_validator/schema/cybox/objects/PDF_File_Object.xsd
 create mode 100755 stix_validator/schema/cybox/objects/Pipe_Object.xsd
 create mode 100755 stix_validator/schema/cybox/objects/Port_Object.xsd
 create mode 100755 stix_validator/schema/cybox/objects/Process_Object.xsd
 create mode 100755 stix_validator/schema/cybox/objects/Product_Object.xsd
 create mode 100755 stix_validator/schema/cybox/objects/Semaphore_Object.xsd
 create mode 100755 stix_validator/schema/cybox/objects/Socket_Address_Object.xsd
 create mode 100755 stix_validator/schema/cybox/objects/System_Object.xsd
 create mode 100755 stix_validator/schema/cybox/objects/URI_Object.xsd
 create mode 100755 stix_validator/schema/cybox/objects/Unix_File_Object.xsd
 create mode 100755 stix_validator/schema/cybox/objects/Unix_Network_Route_Entry_Object.xsd
 create mode 100755 stix_validator/schema/cybox/objects/Unix_Pipe_Object.xsd
 create mode 100755 stix_validator/schema/cybox/objects/Unix_Process_Object.xsd
 create mode 100755 stix_validator/schema/cybox/objects/Unix_User_Account_Object.xsd
 create mode 100755 stix_validator/schema/cybox/objects/Unix_Volume_Object.xsd
 create mode 100755 stix_validator/schema/cybox/objects/User_Account_Object.xsd
 create mode 100755 stix_validator/schema/cybox/objects/User_Session_Object.xsd
 create mode 100755 stix_validator/schema/cybox/objects/Volume_Object.xsd
 create mode 100755 stix_validator/schema/cybox/objects/Whois_Object.xsd
 create mode 100755 stix_validator/schema/cybox/objects/Win_Computer_Account_Object.xsd
 create mode 100755 stix_validator/schema/cybox/objects/Win_Critical_Section_Object.xsd
 create mode 100755 stix_validator/schema/cybox/objects/Win_Driver_Object.xsd
 create mode 100755 stix_validator/schema/cybox/objects/Win_Event_Log_Object.xsd
 create mode 100755 stix_validator/schema/cybox/objects/Win_Event_Object.xsd
 create mode 100755 stix_validator/schema/cybox/objects/Win_Executable_File_Object.xsd
 create mode 100755 stix_validator/schema/cybox/objects/Win_File_Object.xsd
 create mode 100755 stix_validator/schema/cybox/objects/Win_Handle_Object.xsd
 create mode 100755 stix_validator/schema/cybox/objects/Win_Kernel_Hook_Object.xsd
 create mode 100755 stix_validator/schema/cybox/objects/Win_Kernel_Object.xsd
 create mode 100755 stix_validator/schema/cybox/objects/Win_Mailslot_Object.xsd
 create mode 100755 stix_validator/schema/cybox/objects/Win_Memory_Page_Region_Object.xsd
 create mode 100755 stix_validator/schema/cybox/objects/Win_Mutex_Object.xsd
 create mode 100755 stix_validator/schema/cybox/objects/Win_Network_Route_Entry_Object.xsd
 create mode 100755 stix_validator/schema/cybox/objects/Win_Network_Share_Object.xsd
 create mode 100755 stix_validator/schema/cybox/objects/Win_Pipe_Object.xsd
 create mode 100755 stix_validator/schema/cybox/objects/Win_Prefetch_Object.xsd
 create mode 100755 stix_validator/schema/cybox/objects/Win_Process_Object.xsd
 create mode 100755 stix_validator/schema/cybox/objects/Win_Registry_Key_Object.xsd
 create mode 100755 stix_validator/schema/cybox/objects/Win_Semaphore_Object.xsd
 create mode 100755 stix_validator/schema/cybox/objects/Win_Service_Object.xsd
 create mode 100755 stix_validator/schema/cybox/objects/Win_System_Object.xsd
 create mode 100755 stix_validator/schema/cybox/objects/Win_System_Restore_Object.xsd
 create mode 100755 stix_validator/schema/cybox/objects/Win_Task_Object.xsd
 create mode 100755 stix_validator/schema/cybox/objects/Win_Thread_Object.xsd
 create mode 100755 stix_validator/schema/cybox/objects/Win_User_Account_Object.xsd
 create mode 100755 stix_validator/schema/cybox/objects/Win_Volume_Object.xsd
 create mode 100755 stix_validator/schema/cybox/objects/Win_Waitable_Timer_Object.xsd
 create mode 100755 stix_validator/schema/cybox/objects/X509_Certificate_Object.xsd
 create mode 100755 stix_validator/schema/data_marking.xsd
 create mode 100755 stix_validator/schema/exploit_target.xsd
 create mode 100755 stix_validator/schema/extensions/address/ciq_address_3.0.xsd
 create mode 100755 stix_validator/schema/extensions/address/readme.txt
 create mode 100755 stix_validator/schema/extensions/attack_pattern/capec_2.5.xsd
 create mode 100755 stix_validator/schema/extensions/identity/ciq_identity_3.0.xsd
 create mode 100755 stix_validator/schema/extensions/identity/readme.txt
 create mode 100755 stix_validator/schema/extensions/malware/maec_4.0.xsd
 create mode 100755 stix_validator/schema/extensions/malware/readme.txt
 create mode 100755 stix_validator/schema/extensions/marking/simple_marking.xsd
 create mode 100755 stix_validator/schema/extensions/marking/tlp.xsd
 create mode 100755 stix_validator/schema/extensions/structured_coa/generic.xsd
 create mode 100755 stix_validator/schema/extensions/test_mechanism/generic.xsd
 create mode 100755 stix_validator/schema/extensions/test_mechanism/open_ioc_2010.xsd
 create mode 100755 stix_validator/schema/extensions/test_mechanism/oval_5.10.xsd
 create mode 100755 stix_validator/schema/extensions/test_mechanism/snort.xsd
 create mode 100755 stix_validator/schema/extensions/test_mechanism/yara.xsd
 create mode 100755 stix_validator/schema/extensions/vulnerability/cvrf_1.1.xsd
 create mode 100755 stix_validator/schema/extensions/vulnerability/readme.txt
 create mode 100755 stix_validator/schema/external/capec_2.5/ap_schema_v2.5.xsd
 create mode 100755 stix_validator/schema/external/cvrf_1.1/common.xsd
 create mode 100755 stix_validator/schema/external/cvrf_1.1/cpe-language_2.2a.xsd
 create mode 100755 stix_validator/schema/external/cvrf_1.1/cvrf.xsd
 create mode 100755 stix_validator/schema/external/cvrf_1.1/cvss-v2_0.9.xsd
 create mode 100755 stix_validator/schema/external/cvrf_1.1/dc.xsd
 create mode 100755 stix_validator/schema/external/cvrf_1.1/prod.xsd
 create mode 100755 stix_validator/schema/external/cvrf_1.1/scap-core_0.9.xsd
 create mode 100755 stix_validator/schema/external/cvrf_1.1/vuln.xsd
 create mode 100755 stix_validator/schema/external/cvrf_1.1/xml.xsd
 create mode 100755 stix_validator/schema/external/oasis_ciq_3.0/CommonTypes.xsd
 create mode 100755 stix_validator/schema/external/oasis_ciq_3.0/xAL-types.xsd
 create mode 100755 stix_validator/schema/external/oasis_ciq_3.0/xAL.xsd
 create mode 100755 stix_validator/schema/external/oasis_ciq_3.0/xNAL-types.xsd
 create mode 100755 stix_validator/schema/external/oasis_ciq_3.0/xNAL.xsd
 create mode 100755 stix_validator/schema/external/oasis_ciq_3.0/xNL-types.xsd
 create mode 100755 stix_validator/schema/external/oasis_ciq_3.0/xNL.xsd
 create mode 100755 stix_validator/schema/external/oasis_ciq_3.0/xPIL-types.xsd
 create mode 100755 stix_validator/schema/external/oasis_ciq_3.0/xPIL.xsd
 create mode 100755 stix_validator/schema/external/oasis_ciq_3.0/xlink-2003-12-31.xsd
 create mode 100755 stix_validator/schema/external/open_ioc_2010/ioc-TR.xsd
 create mode 100755 stix_validator/schema/external/open_ioc_2010/ioc.xsd
 create mode 100755 stix_validator/schema/external/oval_5.10/oval-common-schema.xsd
 create mode 100755 stix_validator/schema/external/oval_5.10/oval-definitions-schema.xsd
 create mode 100755 stix_validator/schema/external/oval_5.10/oval-variables-schema.xsd
 create mode 100755 stix_validator/schema/external/oval_5.10/xmldsig-core-schema.xsd
 create mode 100755 stix_validator/schema/incident.xsd
 create mode 100755 stix_validator/schema/indicator.xsd
 create mode 100755 stix_validator/schema/stix_common.xsd
 create mode 100755 stix_validator/schema/stix_core.xsd
 create mode 100755 stix_validator/schema/stix_default_vocabularies.xsd
 create mode 100755 stix_validator/schema/test.xsd
 create mode 100755 stix_validator/schema/threat_actor.xsd
 create mode 100755 stix_validator/schema/ttp.xsd
 create mode 100755 stix_validator/sdv.py
 create mode 100755 stix_validator/validator.py

diff --git a/stix_validator/LICENSE.txt b/stix_validator/LICENSE.txt
new file mode 100755
index 0000000..1ee58c7
--- /dev/null
+++ b/stix_validator/LICENSE.txt
@@ -0,0 +1,24 @@
+Copyright (c) 2013, The MITRE Corporation
+All rights reserved.
+
+Redistribution and use in source and binary forms, with or without
+modification, are permitted provided that the following conditions are met:
+    * Redistributions of source code must retain the above copyright
+      notice, this list of conditions and the following disclaimer.
+    * Redistributions in binary form must reproduce the above copyright
+      notice, this list of conditions and the following disclaimer in the
+      documentation and/or other materials provided with the distribution.
+    * Neither the name of The MITRE Corporation nor the 
+      names of its contributors may be used to endorse or promote products
+      derived from this software without specific prior written permission.
+
+THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND
+ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
+WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
+DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR
+ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
+(INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND
+ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+(INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
+SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
diff --git a/stix_validator/README.md b/stix_validator/README.md
new file mode 100644
index 0000000..e69de29
diff --git a/stix_validator/__init__.py b/stix_validator/__init__.py
new file mode 100644
index 0000000..e69de29
diff --git a/stix_validator/schema/campaign.xsd b/stix_validator/schema/campaign.xsd
new file mode 100755
index 0000000..b423998
--- /dev/null
+++ b/stix_validator/schema/campaign.xsd
@@ -0,0 +1,209 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<xs:schema xmlns:xs="http://www.w3.org/2001/XMLSchema" xmlns:cybox="http://cybox.mitre.org/cybox-2" xmlns:stixCommon="http://stix.mitre.org/common-1" xmlns:campaign="http://stix.mitre.org/Campaign-1" xmlns:marking="http://data-marking.mitre.org/Marking-1" targetNamespace="http://stix.mitre.org/Campaign-1" elementFormDefault="qualified" attributeFormDefault="unqualified" version="1.0" xml:lang="English">
+	<xs:annotation>
+		<xs:documentation>This schema was originally developed by The MITRE Corporation. The STIX XML Schema implementation is maintained by The MITRE Corporation and developed by the open STIX Community. For more information, including how to get involved in the effort and how to submit change requests, please visit the STIX website at http://stix.mitre.org. </xs:documentation>
+		<xs:appinfo>
+			<schema>STIX Campaign</schema>
+			<version>1.0</version>
+			<date>04/08/2013 9:00:00 AM</date>
+			<short_description>Structured Threat Information eXpression (STIX) - Campaign - Schematic implementation for the Campaign construct within the STIX structured cyber threat expression language architecture.</short_description>
+			<terms_of_use>Copyright (c) 2012-2013, The MITRE Corporation. All rights reserved. The contents of this file are subject to the terms of the STIX License located at http://stix.mitre.org/about/termsofuse.html. See the STIX License for the specific language governing permissions and limitations for use of this schema. When distributing copies of the STIX Schema, this license header must be included. </terms_of_use>
+		</xs:appinfo>
+	</xs:annotation>
+	<xs:import namespace="http://cybox.mitre.org/cybox-2" schemaLocation="cybox/cybox_core.xsd"/>
+	<xs:import namespace="http://stix.mitre.org/common-1" schemaLocation="stix_common.xsd"/>
+	<xs:import namespace="http://data-marking.mitre.org/Marking-1" schemaLocation="data_marking.xsd"/>
+	<xs:element name="Campaign" type="campaign:CampaignType">
+		<xs:annotation>
+			<xs:documentation>The Campaign field characterizes a single cyber threat Campaign.</xs:documentation>
+		</xs:annotation>
+	</xs:element>
+	<xs:complexType name="CampaignType">
+		<xs:annotation>
+			<xs:documentation>The CampaignType characterizes a single cyber threat Campaign.</xs:documentation>
+		</xs:annotation>
+		<xs:complexContent>
+			<xs:extension base="stixCommon:CampaignBaseType">
+				<xs:sequence>
+					<xs:element name="Title" type="xs:string" minOccurs="0">
+						<xs:annotation>
+							<xs:documentation>The Title field provides a simple title for this Campaign.</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+					<xs:element name="Names" type="campaign:NamesType" minOccurs="0">
+						<xs:annotation>
+							<xs:documentation>The Names field specifies Names used to identify this Campaign. These may be either internal or external names.</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+					<xs:element name="Intended_Effect" type="stixCommon:StatementType" minOccurs="0" maxOccurs="unbounded">
+						<xs:annotation>
+							<xs:documentation>
+								The Intended_Effect field characterizes the intended effect of this cyber threat Campaign.
+							
+								It is implemented through the StatementType, which allows for the expression of a statement in a vocabulary (Value), a description of the statement (Description), a confidence in the statement (Confidence), and the source of the statement (Source). The default vocabulary type for the Value is IntendedEffectVocab-1.0 in the http://stix.mitre.org/default_vocabularies-1 namespace. This type is defined in the stix_default_vocabularies.xsd file or at the URL http://stix.mitre.org/XMLSchema/default_vocabularies/1.0.0/stix_default_vocabularies.xsd .
+
+								Users may also define their own vocabulary using the type extension mechanism, specify a vocabulary name and reference using the attributes, or simply use this as a string field.
+							</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+					<xs:element name="Status" type="stixCommon:ControlledVocabularyStringType" minOccurs="0">
+						<xs:annotation>
+							<xs:documentation>
+								The status of this Campaign. For example, is the Campaign ongoing, historical, future, etc.
+							
+								This field is implemented through the xsi:type controlled vocabulary extension mechanism. The default vocabulary type is CampaignStatusType in the http://stix.mitre.org/default_vocabularies-1 namespace. This type is defined in the stix_default_vocabularies.xsd file or at the URL http://stix.mitre.org/XMLSchema/default_vocabularies/1.0.0/stix_default_vocabularies.xsd .
+
+								Users may also define their own vocabulary using the type extension mechanism, specify a vocabulary name and reference using the attributes, or simply use this as a string field.
+							</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+					<xs:element name="Related_TTPs" type="campaign:RelatedTTPsType" minOccurs="0">
+						<xs:annotation>
+							<xs:documentation>The Related_TTPs field specifies TTPs asserted to be related to this cyber threat Campaign.</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+					<xs:element name="Related_Incidents" type="campaign:RelatedIncidentsType" minOccurs="0">
+						<xs:annotation>
+							<xs:documentation>The Related_Incidents field identifies or characterizes one or more Incidents related to this cyber threat Campaign. </xs:documentation>
+						</xs:annotation>
+					</xs:element>
+					<xs:element name="Related_Indicators" type="campaign:RelatedIndicatorsType" minOccurs="0">
+						<xs:annotation>
+							<xs:documentation>The Related_Indicators field identifies or characterizes one or more cyber threat Indicators related to this cyber threat Campaign.</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+					<xs:element name="Attribution" type="campaign:AttributionType" minOccurs="0" maxOccurs="unbounded">
+						<xs:annotation>
+							<xs:documentation>The Attribution field specifies assertions of attibuted Threat Actors for this cyber threat Campaign.</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+					<xs:element name="Associated_Campaigns" type="campaign:AssociatedCampaignsType" minOccurs="0">
+						<xs:annotation>
+							<xs:documentation>The Associated_Campaigns field specifies other cyber threat Campaigns asserted to be associated with this cyber threat Campaign.</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+					<xs:element name="Confidence" type="stixCommon:ConfidenceType" minOccurs="0">
+						<xs:annotation>
+							<xs:documentation>The Confidence field characterizes the level of confidence held in the characterization of this Campaign.</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+					<xs:element name="Activity" type="stixCommon:ActivityType" minOccurs="0" maxOccurs="unbounded">
+						<xs:annotation>
+							<xs:documentation>The Activity field characterizes actions taken in regards to this ThreatActor. This field is defined as of type ActivityType which is an abstract type enabling the extension and inclusion of various formats of Activity characterization.</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+					<xs:element name="Information_Source" type="stixCommon:InformationSourceType" minOccurs="0">
+						<xs:annotation>
+							<xs:documentation>The Information_Source field details the source of this entry.</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+					<xs:element name="Handling" type="marking:MarkingType" minOccurs="0">
+						<xs:annotation>
+							<xs:documentation>The Handling field specifies the appropriate data handling markings for the elements of this Campaign. The valid marking scope is the nearest CampaignBaseType ancestor of this Handling element and all its descendants.</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+				</xs:sequence>
+				<xs:attribute name="version" type="campaign:CampaignVersionType" default="1.0">
+					<xs:annotation>
+						<xs:documentation>Specifies the relevant STIX-Campaign schema version for this content.</xs:documentation>
+					</xs:annotation>
+				</xs:attribute>
+			</xs:extension>
+		</xs:complexContent>
+	</xs:complexType>
+	<!---->
+	<xs:simpleType name="CampaignVersionType">
+		<xs:annotation>
+			<xs:documentation>An enumeration of all versions of the Campaign type valid in the current release of STIX.</xs:documentation>
+		</xs:annotation>
+		<xs:restriction base="xs:string">
+			<xs:enumeration value="1.0"/>
+		</xs:restriction>
+	</xs:simpleType>
+	<xs:complexType name="AttributionType">
+		<xs:annotation>
+			<xs:documentation>AttributionType specifies suspected Threat Actors attributed to a given Campaign.</xs:documentation>
+		</xs:annotation>
+		<xs:complexContent>
+			<xs:extension base="stixCommon:GenericRelationshipListType">
+				<xs:sequence>
+					<xs:element name="Attributed_Threat_Actor" type="stixCommon:RelatedThreatActorType" maxOccurs="unbounded">
+						<xs:annotation>
+							<xs:documentation>The Attributed_Threat_Actor field specifies a Threat Actor asserted to be attributed for a Campaign. The specification of multiple ThreatActor entries for a single Attribution entry would be interpreted as a logical AND composition of the set of specified ThreatActors with a shared Confidence and Information Source. This would be used to assert attribution to a combined set of ThreatActors.</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+				</xs:sequence>
+			</xs:extension>
+		</xs:complexContent>
+	</xs:complexType>
+	<!---->
+	<xs:complexType name="RelatedTTPsType">
+		<xs:complexContent>
+			<xs:extension base="stixCommon:GenericRelationshipListType">
+				<xs:sequence>
+					<xs:sequence>
+						<xs:element name="Related_TTP" type="stixCommon:RelatedTTPType" maxOccurs="unbounded">
+							<xs:annotation>
+								<xs:documentation>The Related_TTP field specifies a single TTP asserted to be related to this cyber threat Campaign.</xs:documentation>
+							</xs:annotation>
+						</xs:element>
+					</xs:sequence>
+				</xs:sequence>
+			</xs:extension>
+		</xs:complexContent>
+	</xs:complexType>
+	<xs:complexType name="NamesType">
+		<xs:sequence>
+			<xs:element name="Name" type="stixCommon:ControlledVocabularyStringType" maxOccurs="unbounded">
+				<xs:annotation>
+					<xs:documentation>
+						The Name field specifies a Name used to identify this Campaign. This field can be used to capture various aliases used to identify this Campaign.
+					
+						This field is implemented through the xsi:type controlled vocabulary extension mechanism. No default vocabulary type has been defined for STIX 1.0. Users may either define their own vocabulary using the type extension mechanism, specify a vocabulary name and reference using the attributes, or simply use this as a free string field.					
+					</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+		</xs:sequence>
+	</xs:complexType>
+	<xs:complexType name="RelatedIncidentsType">
+		<xs:complexContent>
+			<xs:extension base="stixCommon:GenericRelationshipListType">
+				<xs:sequence>
+					<xs:sequence>
+						<xs:element name="Related_Incident" type="stixCommon:RelatedIncidentType" maxOccurs="unbounded">
+							<xs:annotation>
+								<xs:documentation>Identifies or characterizes an Incident related to this Campaign. </xs:documentation>
+							</xs:annotation>
+						</xs:element>
+					</xs:sequence>
+				</xs:sequence>
+			</xs:extension>
+		</xs:complexContent>
+	</xs:complexType>
+	<xs:complexType name="RelatedIndicatorsType">
+		<xs:complexContent>
+			<xs:extension base="stixCommon:GenericRelationshipListType">
+				<xs:sequence>
+					<xs:element name="Related_Indicator" type="stixCommon:RelatedIndicatorType" maxOccurs="unbounded">
+						<xs:annotation>
+							<xs:documentation>The Related_Indicator field identifies or characterizes a cyber threat Indicator related to this Campaign. Such loose associations between Campaigns and Indicators are typically part of the early phases of Campaign identification and characterization. As the Campaign characterization matures these associations are often used to identify relevant TTPs and/or Incidents associated with the Campaign.</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+				</xs:sequence>
+			</xs:extension>
+		</xs:complexContent>
+	</xs:complexType>
+	<xs:complexType name="AssociatedCampaignsType">
+		<xs:complexContent>
+			<xs:extension base="stixCommon:GenericRelationshipListType">
+				<xs:sequence>
+					<xs:element name="Associated_Campaign" type="stixCommon:RelatedCampaignType" maxOccurs="unbounded">
+						<xs:annotation>
+							<xs:documentation>The Associated_Campaign field specifies a single other cyber threat Campaign asserted to be associated with this cyber threat Campaign.</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+				</xs:sequence>
+			</xs:extension>
+		</xs:complexContent>
+	</xs:complexType>
+</xs:schema>
diff --git a/stix_validator/schema/course_of_action.xsd b/stix_validator/schema/course_of_action.xsd
new file mode 100755
index 0000000..df1b5d4
--- /dev/null
+++ b/stix_validator/schema/course_of_action.xsd
@@ -0,0 +1,165 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<xs:schema xmlns:xs="http://www.w3.org/2001/XMLSchema" xmlns:coa="http://stix.mitre.org/CourseOfAction-1" xmlns:stixCommon="http://stix.mitre.org/common-1" xmlns:marking="http://data-marking.mitre.org/Marking-1" targetNamespace="http://stix.mitre.org/CourseOfAction-1" elementFormDefault="qualified" attributeFormDefault="unqualified" version="1.0" xml:lang="English">
+	<xs:annotation>
+		<xs:documentation>This schema was originally developed by The MITRE Corporation. The STIX XML Schema implementation is maintained by The MITRE Corporation and developed by the open STIX Community. For more information, including how to get involved in the effort and how to submit change requests, please visit the STIX website at http://stix.mitre.org. </xs:documentation>
+		<xs:appinfo>
+			<schema>STIX COA</schema>
+			<version>1.0</version>
+			<date>04/08/2013 9:00:00 AM</date>
+			<short_description>Structured Threat Information eXpression (STIX) - COA - Schematic implementation for the CourseOfAction construct within the STIX structured cyber threat expression language architecture.</short_description>
+			<terms_of_use>Copyright (c) 2012-2013, The MITRE Corporation. All rights reserved. The contents of this file are subject to the terms of the STIX License located at http://stix.mitre.org/about/termsofuse.html. See the STIX License for the specific language governing permissions and limitations for use of this schema. When distributing copies of the STIX Schema, this license header must be included. </terms_of_use>
+		</xs:appinfo>
+	</xs:annotation>
+	<xs:import namespace="http://stix.mitre.org/common-1" schemaLocation="stix_common.xsd"/>
+	<xs:import namespace="http://data-marking.mitre.org/Marking-1" schemaLocation="data_marking.xsd"/>
+	<xs:element name="Course_Of_Action" type="coa:CourseOfActionType">
+		<xs:annotation>
+			<xs:documentation>The CourseOfAction field characterizes a Course of Action to be taken in regards to one of more cyber threats. NOTE: This construct is still in its early stages of maturity and will require a good deal of review and refinement.</xs:documentation>
+		</xs:annotation>
+	</xs:element>
+	<xs:complexType name="CourseOfActionType">
+		<xs:annotation>
+			<xs:documentation>The CourseOfActionType characterizes a Course of Action to be taken in regards to one of more cyber threats. NOTE: This construct is still in its early stages of maturity and will require a good deal of review and refinement.</xs:documentation>
+		</xs:annotation>
+		<xs:complexContent>
+			<xs:extension base="stixCommon:CourseOfActionBaseType">
+				<xs:sequence>
+					<xs:element name="Title" type="xs:string" minOccurs="0">
+						<xs:annotation>
+							<xs:documentation>The Title field provides a simple title for this CourseOfAction.</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+					<xs:element name="Stage" type="stixCommon:ControlledVocabularyStringType" minOccurs="0">
+						<xs:annotation>
+							<xs:documentation>
+								The Stage field specifies what stage in the cyber threat management lifecycle this CourseOfAction is relevant to (e.g. Remedy or Reponse).
+							
+								This field is implemented through the xsi:type controlled vocabulary extension mechanism. The default vocabulary type is COAStageVocab-1.0 in the http://stix.mitre.org/default_vocabularies-1 namespace. This type is defined in the stix_default_vocabularies.xsd file or at the URL http://stix.mitre.org/XMLSchema/default_vocabularies/1.0.0/stix_default_vocabularies.xsd .
+
+								Users may also define their own vocabulary using the type extension mechanism, specify a vocabulary name and reference using the attributes, or simply use this as a string field.
+							</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+					<xs:element name="Type" type="stixCommon:ControlledVocabularyStringType" minOccurs="0">
+						<xs:annotation>
+							<xs:documentation>
+								The Type field specifies the type of this CourseOfAction.
+							
+								This field is implemented through the xsi:type controlled vocabulary extension mechanism. No default vocabulary type has been defined for STIX 1.0. Users may either define their own vocabulary using the type extension mechanism, specify a vocabulary name and reference using the attributes, or simply use this as a free string field.
+							</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+					<xs:element name="Description" type="stixCommon:StructuredTextType" minOccurs="0">
+						<xs:annotation>
+							<xs:documentation>The Description element is optional and enables a generalized but structured description of this CourseOfAction.</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+					<xs:element name="Objective" type="coa:ObjectiveType" minOccurs="0">
+						<xs:annotation>
+							<xs:documentation>The Objective field characterizes the objective of this CourseOfAction.</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+					<xs:element name="Structured_COA" type="coa:StructuredCOAType" minOccurs="0">
+						<xs:annotation>
+							<xs:documentation>
+								The Structured_COA field enables the specification of an actionable structured representation for the CourseOfAction potentially for automated consumption and implementation.
+
+								This field is implemented through the xsi:type extension mechanism. While STIX has not defined a default type, it has provided support for passing proprietary or externally defined structured courses of action using the Generic Structured COA extension. The Generic Structured COA extension is captured in the GenericStructuredCOAType in the http://stix.mitre.org/extensions/StructuredCOA#Generic-1 namespace. This type is defined in the extensions/structured_coa/generic.xsd file or at the URL http://stix.mitre.org/XMLSchema/extensions/structured_coa/generic/1.0/generic.xsd.
+							</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+					<xs:element name="Impact" type="stixCommon:StatementType" minOccurs="0">
+						<xs:annotation>
+							<xs:documentation>
+								The Impact field characterizes the estimated impact of applying this CourseOfAction.
+
+								It is implemented through the StatementType, which allows for the expression of a statement in a vocabulary (Value), a description of the statement (Description), a confidence in the statement (Confidence), and the source of the statement (Source). The default vocabulary type for the Value is HighMediumLowVocab-1.0 in the http://stix.mitre.org/default_vocabularies-1 namespace. This type is defined in the stix_default_vocabularies.xsd file or at the URL http://stix.mitre.org/XMLSchema/default_vocabularies/1.0.0/stix_default_vocabularies.xsd .
+
+								Users may also define their own vocabulary using the type extension mechanism, specify a vocabulary name and reference using the attributes, or simply use this as a string field.
+							</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+					<xs:element name="Cost" type="stixCommon:StatementType" minOccurs="0">
+						<xs:annotation>
+							<xs:documentation>
+								The Cost field characterizes the estimated cost for applying this CourseOfAction.
+
+								It is implemented through the StatementType, which allows for the expression of a statement in a vocabulary (Value), a description of the statement (Description), a confidence in the statement (Confidence), and the source of the statement (Source). The default vocabulary type for the Value is HighMediumLowVocab-1.0 in the http://stix.mitre.org/default_vocabularies-1 namespace. This type is defined in the stix_default_vocabularies.xsd file or at the URL http://stix.mitre.org/XMLSchema/default_vocabularies/1.0.0/stix_default_vocabularies.xsd .
+
+								Users may also define their own vocabulary using the type extension mechanism, specify a vocabulary name and reference using the attributes, or simply use this as a string field.
+							</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+					<xs:element name="Efficacy" type="stixCommon:StatementType" minOccurs="0">
+						<xs:annotation>
+							<xs:documentation>
+								The Efficacy field characterizes the effectiveness of this CourseOfAction in achieving its targeted Objective.
+
+								It is implemented through the StatementType, which allows for the expression of a statement in a vocabulary (Value), a description of the statement (Description), a confidence in the statement (Confidence), and the source of the statement (Source). The default vocabulary type for the Value is HighMediumLowVocab-1.0 in the http://stix.mitre.org/default_vocabularies-1 namespace. This type is defined in the stix_default_vocabularies.xsd file or at the URL http://stix.mitre.org/XMLSchema/default_vocabularies/1.0.0/stix_default_vocabularies.xsd .
+
+								Users may also define their own vocabulary using the type extension mechanism, specify a vocabulary name and reference using the attributes, or simply use this as a string field.
+							</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+					<xs:element name="Handling" type="marking:MarkingType" minOccurs="0">
+						<xs:annotation>
+							<xs:documentation>The Handling field specifies the appropriate data handling markings for the elements of this COA. The valid marking scope is the nearest CourseOfActionBaseType ancestor of this Handling element and all its descendants.</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+				</xs:sequence>
+				<xs:attribute name="version" type="coa:CourseOfActionVersionType" default="1.0">
+					<xs:annotation>
+						<xs:documentation>Specifies the relevant STIX-COA schema version for this content.</xs:documentation>
+					</xs:annotation>
+				</xs:attribute>
+			</xs:extension>
+		</xs:complexContent>
+	</xs:complexType>
+	<!---->
+	<xs:simpleType name="CourseOfActionVersionType">
+		<xs:annotation>
+			<xs:documentation>An enumeration of all versions of the Course of Action type valid in the current release of STIX.</xs:documentation>
+		</xs:annotation>
+		<xs:restriction base="xs:string">
+			<xs:enumeration value="1.0"/>
+		</xs:restriction>
+	</xs:simpleType>
+	<xs:complexType name="StructuredCOAType" abstract="true">
+		<xs:annotation>
+			<xs:documentation>
+				The StructuredCOAType enables the specification of an actionable structured representation for the CourseOfAction potentially for automated consumption and implementation. 
+
+				This type is defined as an abstract type and is intended to be extended using the XML Schema extension mechanism to allow for the expression of a variety of structured COA types. Instance documents representing structured COAs use the xsi:type attribute to specify which implementation of this type they wish to use.
+
+				STIX has provided one implementation to allow for the passing of proprietary or externally defined structured courses of action in a CDATA block. This implementation is captured in the Generic Structured COA extension, which provides the GenericStructuredCOAType in the http://stix.mitre.org/extensions/StructuredCOA#Generic-1 namespace. The extension is defined in the extensions/structured_coa/generic.xsd file or at the URL http://stix.mitre.org/XMLSchema/extensions/structured_coa/generic/1.0/generic.xsd.
+			</xs:documentation>
+		</xs:annotation>
+		<xs:attribute name="id" type="xs:QName">
+			<xs:annotation>
+				<xs:documentation>Specifies a unique ID for this StructuredCOA.</xs:documentation>
+			</xs:annotation>
+		</xs:attribute>
+		<xs:attribute name="idref" type="xs:QName">
+			<xs:annotation>
+				<xs:documentation>Specifies a reference to the ID for this StructuredCOA specified elsewhere.</xs:documentation>
+			</xs:annotation>
+		</xs:attribute>
+	</xs:complexType>
+	<xs:complexType name="ObjectiveType">
+		<xs:annotation>
+			<xs:documentation>The ObjectiveType characterizes the objective of this CourseOfAction.</xs:documentation>
+		</xs:annotation>
+		<xs:sequence>
+			<xs:element name="Description" type="stixCommon:StructuredTextType" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>The Description element is optional and enables a generalized description of the objective of this CourseOfAction.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="Applicability_Confidence" type="stixCommon:ConfidenceType" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>The Applicability_Confidence field characterizes the level of confidence held in the applicability of this suggested COA for its targeted Objective.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+		</xs:sequence>
+	</xs:complexType>
+</xs:schema>
diff --git a/stix_validator/schema/cybox/cybox_common.xsd b/stix_validator/schema/cybox/cybox_common.xsd
new file mode 100755
index 0000000..49da7c9
--- /dev/null
+++ b/stix_validator/schema/cybox/cybox_common.xsd
@@ -0,0 +1,2319 @@
+<?xml version="1.0" encoding="utf-8"?>
+<xs:schema xmlns:cyboxCommon="http://cybox.mitre.org/common-2" xmlns:xs="http://www.w3.org/2001/XMLSchema" targetNamespace="http://cybox.mitre.org/common-2" elementFormDefault="qualified" attributeFormDefault="unqualified" version="2.0">
+	<xs:annotation>
+		<xs:documentation>This schema was originally developed by The MITRE Corporation. The CybOX XML Schema implementation is maintained by The MITRE Corporation and developed by the open CybOX Community. For more information, including how to get involved in the effort and how to submit change requests, please visit the CybOX website at http://cybox.mitre.org. </xs:documentation>
+		<xs:appinfo>
+			<schema>CybOX Common</schema>
+			<version>2.0</version>
+			<date>04/08/2013 9:00:00 AM</date>
+			<short_description>The following specifies the fields and types that compose this defined CybOX Common Types.</short_description>
+			<terms_of_use>Copyright (c) 2012-2013, The MITRE Corporation. All rights reserved. The contents of this file are subject to the terms of the CybOX License located at http://cybox.mitre.org/about/termsofuse.html. See the CybOX License for the specific language governing permissions and limitations for use of this schema. When distributing copies of the CybOX Schema, this license header must be included. </terms_of_use>
+		</xs:appinfo>
+	</xs:annotation>
+	<xs:complexType name="MeasureSourceType">
+		<xs:annotation>
+			<xs:documentation>The MeasureSourceType is a type representing a description of a single cyber observation source.</xs:documentation>
+		</xs:annotation>
+		<xs:sequence>
+			<xs:element name="Information_Source_Type" type="cyboxCommon:ControlledVocabularyStringType" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>The Information_Source_Type field is optional and utilizes a standardized controlled vocabulary to identify the type of information source leveraged for this cyber observation source.</xs:documentation>
+					<xs:documentation>This field is implemented through the xsi:type controlled vocabulary extension mechanism. The default vocabulary type is InformationSourceTypeVocab in the http://cybox.mitre.org/default_vocabularies-2 namespace. This type is defined in the cybox_default_vocabularies.xsd file or at the URL http://cybox.mitre.org/XMLSchema/default_vocabularies/2.0/cybox_default_vocabularies.xsd.
+						Users may also define their own vocabulary using the type extension mechanism (by specifying a vocabulary name and/or reference using the vocab_name and vocab_reference attributes, respectively) or simply use this as a string field. </xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="Tool_Type" type="cyboxCommon:ControlledVocabularyStringType" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>The Tool_Type field is optional and (when tools are used) enables identification of the type of tool leveraged as part of this cyber observation source, via a standardized controlled vocabulary.</xs:documentation>
+					<xs:documentation>This field is implemented through the xsi:type controlled vocabulary extension mechanism. The default vocabulary type is ToolTypeVocab in the http://cybox.mitre.org/default_vocabularies-2 namespace. This type is defined in the cybox_default_vocabularies.xsd file or at the URL http://cybox.mitre.org/XMLSchema/default_vocabularies/2.0/cybox_default_vocabularies.xsd.
+						Users may also define their own vocabulary using the type extension mechanism (by specifying a vocabulary name and/or reference using the vocab_name and vocab_reference attributes, respectively) or simply use this as a string field. </xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="Description" type="cyboxCommon:StructuredTextType" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>The Description field is optional and enables a generalized but structured description of this syber observation source.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="Contributors" type="cyboxCommon:PersonnelType" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>The Contributors field is optional and enables description of the individual contributors involved in this cyber observation source.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="Time" type="cyboxCommon:TimeType" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>The Time field is optional and enables description of various time-related properties for this cyber observation source instance.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="Tools" type="cyboxCommon:ToolsInformationType" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>The Tools field is optional and enables description of the tools utilized for this cyber observation source.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="Platform" type="cyboxCommon:PlatformSpecificationType" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>The Platform field is optional and enables a formal, standardized specification of the platform for this cyber observation source. </xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="System" type="cyboxCommon:ObjectPropertiesType" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>The System field is optional and enables characterization of the system on which the mechanism of cyber observation executed. System should be an object of type SystemObj:SystemObjectType</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="Instance" type="cyboxCommon:ObjectPropertiesType" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>The Instance field is optional and enables characterization of the process instance in which the mechanism of cyber observation executed. Instance should be of type ProcessObj:ProcessObjectType.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+		</xs:sequence>
+		<xs:attribute name="class" type="cyboxCommon:SourceClassTypeEnum">
+			<xs:annotation>
+				<xs:documentation>The class field is optional and enables identification of the high-level class of this cyber observation source.</xs:documentation>
+			</xs:annotation>
+		</xs:attribute>
+		<xs:attribute name="source_type" type="cyboxCommon:SourceTypeEnum">
+			<xs:annotation>
+				<xs:documentation>The source_type field is optional and enables identification of the broad type of this cyber observation source.</xs:documentation>
+			</xs:annotation>
+		</xs:attribute>
+		<xs:attribute name="name" type="xs:string">
+			<xs:annotation>
+				<xs:documentation>The name field is optional and enables the assignment of a relevant name to a this Discovery Method.</xs:documentation>
+			</xs:annotation>
+		</xs:attribute>
+	</xs:complexType>
+	<xs:simpleType name="SourceClassTypeEnum">
+		<xs:annotation>
+			<xs:documentation>The SourceClassTypeEnum is a (non-exhaustive) enumeration of cyber observation source classes.</xs:documentation>
+		</xs:annotation>
+		<xs:restriction base="xs:string">
+			<xs:enumeration value="Network">
+				<xs:annotation>
+					<xs:documentation>Describes a Network-based cyber observation.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="System">
+				<xs:annotation>
+					<xs:documentation>Describes a System-based cyber observation.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Software">
+				<xs:annotation>
+					<xs:documentation>Describes a Software-based cyber observation.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+		</xs:restriction>
+	</xs:simpleType>
+	<xs:simpleType name="SourceTypeEnum">
+		<xs:annotation>
+			<xs:documentation>The SourceTypeEnum is a (non-exhaustive) enumeration of cyber observation source types.</xs:documentation>
+		</xs:annotation>
+		<xs:restriction base="xs:string">
+			<xs:enumeration value="Tool">
+				<xs:annotation>
+					<xs:documentation>Describes a cyber observation made using various tools, such as scanners, firewalls, gateways, protection systems, and detection systems. See ToolTypeEnum for a more complete list of tools that CybOX supports.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Analysis">
+				<xs:annotation>
+					<xs:documentation>Describes a cyber observation made from analysis methods, such as Static and Dynamic methods. See AnalysisMethodTypeEnum for a more complete list of methods that CybOX supports.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Information Source">
+				<xs:annotation>
+					<xs:documentation>Describes a cyber observation made using other information sources, such as logs, Device Driver APIs, and TPM output data. See InformationSourceTypeEnum for a more complete list of information sources that CybOX supports. </xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+		</xs:restriction>
+	</xs:simpleType>
+	<xs:complexType name="ContributorType">
+		<xs:annotation>
+			<xs:documentation>The ContributorType represents a description of an individual who contributed as a source of cyber observation data.</xs:documentation>
+		</xs:annotation>
+		<xs:sequence>
+			<xs:element name="Role" type="xs:string" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>This field describes the role played by this contributor.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="Name" type="xs:string" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>This field contains the name of this contributor.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="Email" type="xs:string" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>This field contains the email of this contributor.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="Phone" type="xs:string" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>This field contains a telephone number of this contributor.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="Organization" type="xs:string" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>This field contains the organization name of this contributor.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="Date" type="cyboxCommon:DateRangeType" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>This field contains a description (bounding) of the timing of this contributor's involvement.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="Contribution_Location" type="xs:string" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>This field contains information describing the location at which the contributory activity occured.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+		</xs:sequence>
+	</xs:complexType>
+	<xs:complexType name="DateRangeType">
+		<xs:annotation>
+			<xs:documentation>The DateRangeType specifies a range of dates.</xs:documentation>
+		</xs:annotation>
+		<xs:sequence>
+			<xs:element name="Start_Date" type="xs:date" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>This field contains the start date for this contributor's involvement. </xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="End_Date" type="xs:date" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>This field contains the end date for this contributor's involvement. </xs:documentation>
+				</xs:annotation>
+			</xs:element>
+		</xs:sequence>
+	</xs:complexType>
+	<xs:complexType name="PersonnelType">
+		<xs:annotation>
+			<xs:documentation>The PersonnelType is an abstracted data type to standardize the description of sets of personnel.</xs:documentation>
+		</xs:annotation>
+		<xs:sequence>
+			<xs:element name="Contributor" type="cyboxCommon:ContributorType" maxOccurs="unbounded">
+				<xs:annotation>
+					<xs:documentation>This field contains information describing the identify, resources and timing of involvement for a single contributor.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+		</xs:sequence>
+	</xs:complexType>
+	<xs:complexType name="TimeType">
+		<xs:annotation>
+			<xs:documentation>The TimeType specifies various time properties for a cyber observation source.</xs:documentation>
+		</xs:annotation>
+		<xs:sequence>
+			<xs:element name="Start_Time" type="xs:dateTime" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>The Start_Time field is optional and describes the starting time for this cyber observation source instance.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="End_Time" type="xs:dateTime" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>The End_Time field is optional and describes the ending time for this cyber observation source instance.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="Produced_Time" type="xs:dateTime" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>The Produced_Time field is optional and describes the time that this cyber observation source instance was produced.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="Received_Time" type="xs:dateTime" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>The Received_Time field is optional and describes the time that this cyber observation source instance was received.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+		</xs:sequence>
+	</xs:complexType>
+	<xs:complexType name="ToolSpecificDataType" abstract="true">
+		<xs:annotation>
+			<xs:documentation>The ToolSpecificDataType is an Abstract type placeholder within the CybOX schema enabling the inclusion of metadata for a specific type of tool through the use of a custom type defined as an extension of this base Abstract type.</xs:documentation>
+		</xs:annotation>
+	</xs:complexType>
+	<xs:complexType name="ToolsInformationType">
+		<xs:annotation>
+			<xs:documentation>The ToolsInformationType represents a description of a set of automated tools.</xs:documentation>
+		</xs:annotation>
+		<xs:sequence>
+			<xs:element name="Tool" type="cyboxCommon:ToolInformationType" maxOccurs="unbounded">
+				<xs:annotation>
+					<xs:documentation>The Tool field is optional and enables description of a single tool utilized for this cyber observation source.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+		</xs:sequence>
+	</xs:complexType>
+	<xs:complexType name="ToolInformationType">
+		<xs:annotation>
+			<xs:documentation>The ToolInformationType represens a description of a single automated tool.</xs:documentation>
+		</xs:annotation>
+		<xs:sequence>
+			<xs:element name="Name" type="xs:string" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>This field contains the name of the tool leveraged.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="Type" type="cyboxCommon:ControlledVocabularyStringType" minOccurs="0" maxOccurs="unbounded">
+				<xs:annotation>
+					<xs:documentation>
+						This field contains the type of the tool leveraged.
+						
+						This field is implemented through the xsi:type controlled vocabulary extension mechanism. No default vocabulary type has been defined for CybOX 2.0. Users may either define their own vocabulary using the type extension mechanism (by specifying a vocabulary name and/or reference using the vocab_name and vocab_reference attributes, respectively) or simply use this as a free string field. Additionally, locations where the ToolInformationType is used may define default vocabularies for this field.
+					</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="Description" type="cyboxCommon:StructuredTextType" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>This field contains general descriptive information for this tool.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="References" type="cyboxCommon:ToolReferencesType" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>This field contains references to instances or additional information for this tool.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="Vendor" type="xs:string" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>This field contains information identifying the vendor organization for this tool.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="Version" type="xs:string" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>This field contains an appropriate version descriptor of this tool.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="Service_Pack" type="xs:string" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>This field contains an appropriate service pack descriptor for this tool.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="Tool_Specific_Data" type="cyboxCommon:ToolSpecificDataType" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>This is an abstract type provided to a flexible mechanism for enabling tool-specific data to be included. </xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="Tool_Hashes" type="cyboxCommon:HashListType" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>This field contains a hash value computed on the tool file content in order to verify its integrity.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="Tool_Configuration" type="cyboxCommon:ToolConfigurationType" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>This field contains information describing the configuration and usage of the tool.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="Execution_Environment" type="cyboxCommon:ExecutionEnvironmentType" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>This field contains information describing the execution environment of the tool.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="Errors" type="cyboxCommon:ErrorsType" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>This field captures any errors generated during the run of the tool.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="Metadata" type="cyboxCommon:MetadataType" minOccurs="0" maxOccurs="unbounded">
+				<xs:annotation>
+					<xs:documentation>This field captures other relevant metadata including tool-specific fields.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+		</xs:sequence>
+		<xs:attribute name="id" type="xs:QName">
+			<xs:annotation>
+				<xs:documentation>The id field specifies a unique ID for this Tool.</xs:documentation>
+			</xs:annotation>
+		</xs:attribute>
+		<xs:attribute name="idref" type="xs:QName">
+			<xs:annotation>
+				<xs:documentation>The idref field specifies reference to a unique ID for this Tool.</xs:documentation>
+			</xs:annotation>
+		</xs:attribute>
+	</xs:complexType>
+	<xs:complexType name="ToolReferencesType">
+		<xs:annotation>
+			<xs:documentation>Used to indicate one or more references to tool instances and information</xs:documentation>
+		</xs:annotation>
+		<xs:sequence>
+			<xs:element name="Reference" type="cyboxCommon:ToolReferenceType" maxOccurs="unbounded">
+				<xs:annotation>
+					<xs:documentation>Contains one reference to information or instances of a given tool</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+		</xs:sequence>
+	</xs:complexType>
+	<xs:complexType name="ToolReferenceType">
+		<xs:annotation>
+			<xs:documentation>Contains one reference to information or instances of a given tool</xs:documentation>
+		</xs:annotation>
+		<xs:simpleContent>
+			<xs:extension base="xs:anyURI">
+				<xs:attribute name="reference_type" type="cyboxCommon:ToolReferenceTypeEnum">
+					<xs:annotation>
+						<xs:documentation>Indicates the nature of the referenced material (documentation, source, executable, etc.)</xs:documentation>
+					</xs:annotation>
+				</xs:attribute>
+			</xs:extension>
+		</xs:simpleContent>
+	</xs:complexType>
+	<xs:simpleType name="ToolReferenceTypeEnum">
+		<xs:annotation>
+			<xs:documentation>The nature of referenced material regarding a tool</xs:documentation>
+		</xs:annotation>
+		<xs:restriction base="xs:string">
+			<xs:enumeration value="Documentation">
+				<xs:annotation>
+					<xs:documentation>The reference is to documentation about the identified tool</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Source">
+				<xs:annotation>
+					<xs:documentation>The reference is to source code for the identified tool</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Download">
+				<xs:annotation>
+					<xs:documentation>The reference is to where an executable version of the tool can be downloaded</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Execute">
+				<xs:annotation>
+					<xs:documentation>The reference is to the tool implemented as an online service.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Other">
+				<xs:annotation>
+					<xs:documentation>The reference is to material about the tool not covered by other values in this enumeration.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+		</xs:restriction>
+	</xs:simpleType>
+	<xs:complexType name="ToolConfigurationType">
+		<xs:annotation>
+			<xs:documentation>The ToolConfigurationType characterizes the configuration for a tool used as a cyber observation source.</xs:documentation>
+		</xs:annotation>
+		<xs:sequence>
+			<xs:element name="Configuration_Settings" type="cyboxCommon:ConfigurationSettingsType">
+				<xs:annotation>
+					<xs:documentation>This field describes the configuration settings of this tool instance.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="Dependencies" type="cyboxCommon:DependenciesType" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>This field contains information describing the relevant dependencies for this tool.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="Usage_Context_Assumptions" type="cyboxCommon:UsageContextAssumptionsType" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>This field contains descriptions of the various relevant usage context assumptions for this tool .</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="Internationalization_Settings" type="cyboxCommon:InternationalizationSettingsType" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>This field contains information describing relevant internationalization setting for this tool .</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="Build_Information" type="cyboxCommon:BuildInformationType" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>This field contains information describing how this tool was built.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+		</xs:sequence>
+	</xs:complexType>
+	<xs:complexType name="ConfigurationSettingsType">
+		<xs:annotation>
+			<xs:documentation>The ConfigurationSettingsType is a modularized data type used to provide a consistent approach to describing configuration settings for a tool, application or other cyber object</xs:documentation>
+		</xs:annotation>
+		<xs:sequence minOccurs="0">
+			<xs:element name="Configuration_Setting" type="cyboxCommon:ConfigurationSettingType" maxOccurs="unbounded">
+				<xs:annotation>
+					<xs:documentation>This field contains a single configuration setting instance.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+		</xs:sequence>
+	</xs:complexType>
+	<xs:complexType name="ConfigurationSettingType">
+		<xs:annotation>
+			<xs:documentation>The ConfigurationSettingType is a modularized data type used to provide a consistent approach to describing a particular configuration setting for a tool, application or other cyber object</xs:documentation>
+		</xs:annotation>
+		<xs:sequence>
+			<xs:element name="Item_Name" type="xs:string">
+				<xs:annotation>
+					<xs:documentation>This field contains the name of the configuration item referenced by this configuration setting instance.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="Item_Value" type="xs:string">
+				<xs:annotation>
+					<xs:documentation>This field contains the value of this configuration setting instance.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="Item_Type" type="xs:string" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>This field contains the type of the configuration item referenced in this configuration setting instance.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="Item_Description" type="xs:string" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>This field contains a description of the configuration item referenced in this configuration setting instance.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+		</xs:sequence>
+	</xs:complexType>
+	<xs:complexType name="DependenciesType">
+		<xs:annotation>
+			<xs:documentation>The DependenciesType contains information describing a set of dependencies for this tool.</xs:documentation>
+		</xs:annotation>
+		<xs:sequence>
+			<xs:element name="Dependency" type="cyboxCommon:DependencyType" maxOccurs="unbounded">
+				<xs:annotation>
+					<xs:documentation>This field contains information describing a single dependency for this tool.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+		</xs:sequence>
+	</xs:complexType>
+	<xs:complexType name="DependencyType">
+		<xs:annotation>
+			<xs:documentation>The DependencyType contains information describing a single dependency for this tool.</xs:documentation>
+		</xs:annotation>
+		<xs:sequence>
+			<xs:element name="Dependency_Type" type="xs:string" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>This field describes the type of this dependency instance.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="Dependency_Description" type="cyboxCommon:StructuredTextType">
+				<xs:annotation>
+					<xs:documentation>This field contains a description of this dependency instance.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+		</xs:sequence>
+	</xs:complexType>
+	<xs:complexType name="UsageContextAssumptionsType">
+		<xs:annotation>
+			<xs:documentation>The UsageContextAssumptionsType contains descriptions of the various relevant usage context assumptions for this tool</xs:documentation>
+		</xs:annotation>
+		<xs:sequence>
+			<xs:element name="Usage_Context_Assumption" type="cyboxCommon:StructuredTextType" maxOccurs="unbounded">
+				<xs:annotation>
+					<xs:documentation>This field contains a single usage context assumption for this tool.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+		</xs:sequence>
+	</xs:complexType>
+	<xs:complexType name="InternationalizationSettingsType">
+		<xs:annotation>
+			<xs:documentation>The InternationalizationSettingsType contains information describing relevant internationalization setting for this tool</xs:documentation>
+		</xs:annotation>
+		<xs:sequence>
+			<xs:element name="Internal_Strings" type="cyboxCommon:InternalStringsType" maxOccurs="unbounded">
+				<xs:annotation>
+					<xs:documentation>This field contains a single internal string instance for this internationalization setting instance.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+		</xs:sequence>
+	</xs:complexType>
+	<xs:complexType name="InternalStringsType">
+		<xs:annotation>
+			<xs:documentation>The InternalStringsType contains a single internal string instance for this internationalization setting instance.</xs:documentation>
+		</xs:annotation>
+		<xs:sequence>
+			<xs:element name="Key" type="xs:string">
+				<xs:annotation>
+					<xs:documentation>This field contains the actual key of this internal string instance.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="Content" type="xs:string">
+				<xs:annotation>
+					<xs:documentation>This field contains the actual content of this internal string instance.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+		</xs:sequence>
+	</xs:complexType>
+	<xs:complexType name="BuildInformationType">
+		<xs:annotation>
+			<xs:documentation>The BuildInformationType contains information describing how this tool was built.</xs:documentation>
+		</xs:annotation>
+		<xs:sequence>
+			<xs:element name="Build_ID" type="xs:string" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>This field contains an externally defined unique identifier of this build of this application instance.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="Build_Project" type="xs:string" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>This field contains the project name of this build of this application instance.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="Build_Utility" type="cyboxCommon:BuildUtilityType" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>This field contains information identifying the utility used to build this application.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="Build_Version" type="xs:string" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>This field contains the appropriate version descriptor of this build of this application instance.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="Build_Label" type="xs:string" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>This field contains any relevant label for this build of this application instance.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="Compilers" type="cyboxCommon:CompilersType" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>This field describes the compilers utilized during this build of this application.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="Compilation_Date" type="xs:dateTime" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>This field identifies the compilation date for the build of the tool.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="Build_Configuration" type="cyboxCommon:BuildConfigurationType" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>This field describes how the build utility was configured for this build of this application.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="Build_Script" type="xs:string" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>This field contains the actual build script for this build of this application instance.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="Libraries" type="cyboxCommon:LibrariesType" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>This field identifies the libraries incorporated into the build of the tool.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="Build_Output_Log" type="xs:string" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>This field contains a capture of the output log of the build process.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+		</xs:sequence>
+	</xs:complexType>
+	<xs:complexType name="BuildUtilityType">
+		<xs:annotation>
+			<xs:documentation>The BuildUtilityType contains information identifying the utility used to build this application.</xs:documentation>
+		</xs:annotation>
+		<xs:sequence>
+			<xs:element name="Build_Utility_Name" type="xs:string">
+				<xs:annotation>
+					<xs:documentation>This field contains the informally defined name of the utility used to build this application instance.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="Build_Utility_Platform_Specification" type="cyboxCommon:PlatformSpecificationType">
+				<xs:annotation>
+					<xs:documentation>This field identifies the build utility used to build this application.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+		</xs:sequence>
+	</xs:complexType>
+	<xs:complexType name="CompilersType">
+		<xs:annotation>
+			<xs:documentation>The CompilersType describes the compilers utilized during this build of this application.</xs:documentation>
+		</xs:annotation>
+		<xs:sequence>
+			<xs:element name="Compiler" type="cyboxCommon:CompilerType" maxOccurs="unbounded">
+				<xs:annotation>
+					<xs:documentation>This field describes a single compiler utilized during this build of this application.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+		</xs:sequence>
+	</xs:complexType>
+	<xs:complexType name="CompilerType">
+		<xs:annotation>
+			<xs:documentation>The CompilerType describes a single compiler utilized during this build of this application.</xs:documentation>
+		</xs:annotation>
+		<xs:sequence>
+			<xs:element name="Compiler_Informal_Description" type="cyboxCommon:CompilerInformalDescriptionType" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>This field contains the informal description of this compiler instance.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="Compiler_Platform_Specification" type="cyboxCommon:PlatformSpecificationType" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>This field identifies this compiler instance.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+		</xs:sequence>
+	</xs:complexType>
+	<xs:complexType name="CompilerInformalDescriptionType">
+		<xs:annotation>
+			<xs:documentation>The CompilerInformalDescriptionType contains the informal description of this compiler instance.</xs:documentation>
+		</xs:annotation>
+		<xs:sequence>
+			<xs:element name="Compiler_Name" type="xs:string">
+				<xs:annotation>
+					<xs:documentation>This field contains the name of the compiler.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="Compiler_Version" type="xs:string" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>This field contains the version of the compiler.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+		</xs:sequence>
+	</xs:complexType>
+	<xs:complexType name="BuildConfigurationType">
+		<xs:annotation>
+			<xs:documentation>The BuildConfigurationType describes how the build utility was configured for this build of this application.</xs:documentation>
+		</xs:annotation>
+		<xs:sequence>
+			<xs:element name="Configuration_Setting_Description" type="xs:string" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>This field contains the description of the configuration settings for this build of this application instance.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="Configuration_Settings" type="cyboxCommon:ConfigurationSettingsType">
+				<xs:annotation>
+					<xs:documentation>This field contains the configuration settings for this build of this application instance.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+		</xs:sequence>
+	</xs:complexType>
+	<xs:complexType name="LibrariesType">
+		<xs:annotation>
+			<xs:documentation>The LibrariesType identifies the libraries incorporated into the build of the tool.</xs:documentation>
+		</xs:annotation>
+		<xs:sequence>
+			<xs:element name="Library" type="cyboxCommon:LibraryType" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>This field identifies a library incorporated into the build of the tool.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+		</xs:sequence>
+	</xs:complexType>
+	<xs:complexType name="LibraryType">
+		<xs:annotation>
+			<xs:documentation>The LibraryType identifies a single library incorporated into the build of the tool.</xs:documentation>
+		</xs:annotation>
+		<xs:attribute name="name" type="xs:string">
+			<xs:annotation>
+				<xs:documentation>This field identifies the name of the library.</xs:documentation>
+			</xs:annotation>
+		</xs:attribute>
+		<xs:attribute name="version" type="xs:string">
+			<xs:annotation>
+				<xs:documentation>This field identifies the version of the library.</xs:documentation>
+			</xs:annotation>
+		</xs:attribute>
+	</xs:complexType>
+	<xs:complexType name="ExecutionEnvironmentType">
+		<xs:annotation>
+			<xs:documentation>The ExecutionEnvironmentType contains information describing the execution environment of the tool.</xs:documentation>
+		</xs:annotation>
+		<xs:sequence>
+			<xs:element name="System" type="cyboxCommon:ObjectPropertiesType" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>This field contains information describing the system on which the tool was executed. System should be of type SystemObj:SystemObjectType.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="User_Account_Info" type="cyboxCommon:ObjectPropertiesType" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>This field contains information describing the user account that executed the tool. User_Account_Info should be of type UserAccountObj:UserAccountObjectType.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="Command_Line" type="xs:string" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>This field specifies the command line string used to run the tool.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="Start_Time" type="xs:dateTime" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>Thie field specifies when the tool was run.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+		</xs:sequence>
+	</xs:complexType>
+	<xs:complexType name="ErrorsType">
+		<xs:annotation>
+			<xs:documentation>The ErrorsType captures any errors generated during the run of the tool.</xs:documentation>
+		</xs:annotation>
+		<xs:sequence>
+			<xs:element name="Error" type="cyboxCommon:ErrorType" maxOccurs="unbounded">
+				<xs:annotation>
+					<xs:documentation>This field captures a single type of error generated during the run of the tool.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+		</xs:sequence>
+	</xs:complexType>
+	<xs:complexType name="ErrorType">
+		<xs:annotation>
+			<xs:documentation>The ErrorType captures a single error generated during the run of the tool.</xs:documentation>
+		</xs:annotation>
+		<xs:sequence>
+			<xs:element name="Error_Type" type="xs:string">
+				<xs:annotation>
+					<xs:documentation>This field specifies the the type for this tool run error.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="Error_Count" type="xs:integer" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>This field specifies the count of instances for this error in the tool run.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="Error_Instances" type="cyboxCommon:ErrorInstancesType" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>This field captures the actual error output for each instance of this type of error.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+		</xs:sequence>
+	</xs:complexType>
+	<xs:complexType name="ErrorInstancesType">
+		<xs:annotation>
+			<xs:documentation>The ErrorInstancesType captures the actual error output for each instance of this type of error.</xs:documentation>
+		</xs:annotation>
+		<xs:sequence>
+			<xs:element name="Error_Instance" type="xs:string" maxOccurs="unbounded">
+				<xs:annotation>
+					<xs:documentation>This field captures the actual error output for a single instance of this type of error.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+		</xs:sequence>
+	</xs:complexType>
+	<!---->
+	<xs:complexType name="ObjectPropertiesType" abstract="true">
+		<xs:annotation>
+			<xs:documentation>The ObjectPropertiesType is an Abstract type placeholder within the CybOX schema enabling the inclusion of contextually varying object properties descriptions. This Abstract type is leveraged as the extension base for all predefined CybOX object properties schemas. Through this extension mechanism any object instance data based on an object properties schema extended from ObjectPropertiesType (e.g. File_Object, Address_Object, etc.) can be directly integrated into any instance document where a field is defined as ObjectPropertiesType. For flexibility and extensibility purposes any user of CybOX can specify their own externally defined object properties schemas (outside of or derived from the set of predefined objects) extended from ObjectPropertiesType and utilize them as part of their CybOX content.</xs:documentation>
+		</xs:annotation>
+		<xs:sequence>
+			<xs:element name="Custom_Properties" type="cyboxCommon:CustomPropertiesType" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>The Custom_Properties construct is optional and enables the specification of a set of custom Object Properties that may not be defined in existing Properties schemas. </xs:documentation>
+				</xs:annotation>
+			</xs:element>
+		</xs:sequence>
+		<xs:attribute name="object_reference" type="xs:QName">
+			<xs:annotation>
+				<xs:documentation>The object_reference field specifies a unique ID reference to an Object defined elsewhere. This construct allows for the re-use of the defined Properties of one Object within another, without the need to embed the full Object in the location from which it is being referenced. Thus, this ID reference is intended to resolve to the Properties of the Object that it points to.</xs:documentation>
+			</xs:annotation>
+		</xs:attribute>
+	</xs:complexType>
+	<xs:complexType name="CustomPropertiesType">
+		<xs:annotation>
+			<xs:documentation>The CustomPropertiesType enables the specification of a set of custom Object Properties that may not be defined in existing Properties schemas. </xs:documentation>
+		</xs:annotation>
+		<xs:sequence>
+			<xs:element name="Property" type="cyboxCommon:PropertyType" maxOccurs="unbounded">
+				<xs:annotation>
+					<xs:documentation>The Property construct enables the specification of a single Object Property.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+		</xs:sequence>
+	</xs:complexType>
+	<xs:complexType name="PropertyType">
+		<xs:annotation>
+			<xs:documentation>The PropertyType is a type representing the specification of a single Object Property.</xs:documentation>
+		</xs:annotation>
+		<xs:simpleContent>
+			<xs:extension base="cyboxCommon:BaseObjectPropertyType">
+				<xs:attribute name="name" type="xs:string">
+					<xs:annotation>
+						<xs:documentation>The name field specifies a name for this property.</xs:documentation>
+					</xs:annotation>
+				</xs:attribute>
+				<xs:attribute name="description" type="xs:string">
+					<xs:annotation>
+						<xs:documentation>A description of what this property represents.</xs:documentation>
+					</xs:annotation>
+				</xs:attribute>
+			</xs:extension>
+		</xs:simpleContent>
+	</xs:complexType>
+	<!---->
+	<xs:complexType name="BaseObjectPropertyType" abstract="true">
+		<xs:annotation>
+			<xs:documentation>The BaseObjectPropertyType is a type representing a common typing foundation for the specification of a single Object Property.</xs:documentation>
+			<xs:documentation>Properties that use this type can express multiple values by providing them using a comma separated list. As such, a comma is a reserved character in all uses of this type. Commas in values should be expressed as &amp;comma; (that is, ampersand-"comma"-semicolon). Such expressions should be converted back to a comma before displaying to users or handing off values to tools for processing. Note that whitespace is preserved and so, when specifying a list of values, do not include a space following a comma in a list unless the first character of the next list item should, in fact, be a space.</xs:documentation>
+		</xs:annotation>
+		<xs:simpleContent>
+			<xs:extension base="xs:anySimpleType">
+				<xs:attributeGroup ref="cyboxCommon:BaseObjectPropertyGroup"/>
+				<xs:attributeGroup ref="cyboxCommon:PatternFieldGroup"/>
+			</xs:extension>
+		</xs:simpleContent>
+	</xs:complexType>
+	<xs:complexType name="IntegerObjectPropertyType">
+		<xs:annotation>
+			<xs:documentation>The IntegerObjectPropertyType is a type (extended from BaseObjectPropertyType) representing the specification of a single Object property whose core value is of type Int. This type will be assigned to any property of a CybOX object that should contain content of type Integer and enables the use of relevant metadata for the property.</xs:documentation>
+			<xs:documentation>Properties that use this type can express multiple values by providing them using a comma separated list. As such, a comma is a reserved character in all uses of this type. Commas in values should be expressed as &amp;comma; (that is, ampersand-"comma"-semicolon). Such expressions should be converted back to a comma before displaying to users or handing off values to tools for processing. Note that whitespace is preserved and so, when specifying a list of values, do not include a space following a comma in a list unless the first character of the next list item should, in fact, be a space.</xs:documentation>
+		</xs:annotation>
+		<xs:simpleContent>
+			<xs:restriction base="cyboxCommon:BaseObjectPropertyType">
+				<xs:simpleType>
+					<xs:union memberTypes="xs:string"/>
+				</xs:simpleType>
+				<xs:attribute name="datatype" type="cyboxCommon:DatatypeEnum" fixed="int">
+					<xs:annotation>
+						<xs:documentation>This attribute is optional and specifies the expected type for the value of the specified property.</xs:documentation>
+					</xs:annotation>
+				</xs:attribute>
+			</xs:restriction>
+		</xs:simpleContent>
+	</xs:complexType>
+	<xs:complexType name="StringObjectPropertyType">
+		<xs:annotation>
+			<xs:documentation>The StringObjectPropertyType is a type (extended from BaseObjectPropertyType) representing the specification of a single Object property whose core value is of type String. This type will be assigned to any property of a CybOX object that should contain content of type String and enables the use of relevant metadata for the property.</xs:documentation>
+			<xs:documentation>Properties that use this type can express multiple values by providing them using a comma separated list. As such, a comma is a reserved character in all uses of this type. Commas in values should be expressed as &amp;comma; (that is, ampersand-"comma"-semicolon). Such expressions should be converted back to a comma before displaying to users or handing off values to tools for processing. Note that whitespace is preserved and so, when specifying a list of values, do not include a space following a comma in a list unless the first character of the next list item should, in fact, be a space.</xs:documentation>
+		</xs:annotation>
+		<xs:simpleContent>
+			<xs:restriction base="cyboxCommon:BaseObjectPropertyType">
+				<xs:simpleType>
+					<xs:union memberTypes="xs:string"/>
+				</xs:simpleType>
+				<xs:attribute name="datatype" type="cyboxCommon:DatatypeEnum" fixed="string">
+					<xs:annotation>
+						<xs:documentation>This attribute is optional and specifies the expected type for the value of the specified property.</xs:documentation>
+					</xs:annotation>
+				</xs:attribute>
+			</xs:restriction>
+		</xs:simpleContent>
+	</xs:complexType>
+	<xs:complexType name="NameObjectPropertyType">
+		<xs:annotation>
+			<xs:documentation>The NameObjectPropertyType is a type (extended from BaseObjectPropertyType) representing the specification of a single Object property whose core value is of type Name. This type will be assigned to any property of a CybOX object that should contain content of type Name and enables the use of relevant metadata for the property.</xs:documentation>
+			<xs:documentation>Properties that use this type can express multiple values by providing them using a comma separated list. As such, a comma is a reserved character in all uses of this type. Commas in values should be expressed as &amp;comma; (that is, ampersand-"comma"-semicolon). Such expressions should be converted back to a comma before displaying to users or handing off values to tools for processing. Note that whitespace is preserved and so, when specifying a list of values, do not include a space following a comma in a list unless the first character of the next list item should, in fact, be a space.</xs:documentation>
+		</xs:annotation>
+		<xs:simpleContent>
+			<xs:restriction base="cyboxCommon:BaseObjectPropertyType">
+				<xs:simpleType>
+					<xs:union memberTypes="xs:string"/>
+				</xs:simpleType>
+				<xs:attribute name="datatype" type="cyboxCommon:DatatypeEnum" use="optional" fixed="name">
+					<xs:annotation>
+						<xs:documentation>This attribute is optional and specifies the expected type for the value of the specified property.</xs:documentation>
+					</xs:annotation>
+				</xs:attribute>
+			</xs:restriction>
+		</xs:simpleContent>
+	</xs:complexType>
+	<xs:complexType name="DateObjectPropertyType">
+		<xs:annotation>
+			<xs:documentation>The DateObjectPropertyType is a type (extended from BaseObjectPropertyType) representing the specification of a single Object property whose core value is of type Date. This type will be assigned to any property of a CybOX object that should contain content of type Date and enables the use of relevant metadata for the property.</xs:documentation>
+			<xs:documentation>Properties that use this type can express multiple values by providing them using a comma separated list. As such, a comma is a reserved character in all uses of this type. Commas in values should be expressed as &amp;comma; (that is, ampersand-"comma"-semicolon). Such expressions should be converted back to a comma before displaying to users or handing off values to tools for processing. Note that whitespace is preserved and so, when specifying a list of values, do not include a space following a comma in a list unless the first character of the next list item should, in fact, be a space.</xs:documentation>
+		</xs:annotation>
+		<xs:simpleContent>
+			<xs:restriction base="cyboxCommon:BaseObjectPropertyType">
+				<xs:simpleType>
+					<xs:union memberTypes="xs:string"/>
+				</xs:simpleType>
+				<xs:attribute name="datatype" type="cyboxCommon:DatatypeEnum" fixed="date">
+					<xs:annotation>
+						<xs:documentation>This attribute is optional and specifies the expected type for the value of the specified property.</xs:documentation>
+					</xs:annotation>
+				</xs:attribute>
+			</xs:restriction>
+		</xs:simpleContent>
+	</xs:complexType>
+	<xs:complexType name="DateTimeObjectPropertyType">
+		<xs:annotation>
+			<xs:documentation>The DateTimeObjectPropertyType is a type (extended from BaseObjectPropertyType) representing the specification of a single Object property whose core value is of type DateTime. This type will be assigned to any property of a CybOX object that should contain content of type DateTime and enables the use of relevant metadata for the property.</xs:documentation>
+			<xs:documentation>Properties that use this type can express multiple values by providing them using a comma separated list. As such, a comma is a reserved character in all uses of this type. Commas in values should be expressed as &amp;comma; (that is, ampersand-"comma"-semicolon). Such expressions should be converted back to a comma before displaying to users or handing off values to tools for processing. Note that whitespace is preserved and so, when specifying a list of values, do not include a space following a comma in a list unless the first character of the next list item should, in fact, be a space.</xs:documentation>
+		</xs:annotation>
+		<xs:simpleContent>
+			<xs:restriction base="cyboxCommon:BaseObjectPropertyType">
+				<xs:simpleType>
+					<xs:union memberTypes="xs:string"/>
+				</xs:simpleType>
+				<xs:attribute name="datatype" type="cyboxCommon:DatatypeEnum" use="optional" fixed="dateTime">
+					<xs:annotation>
+						<xs:documentation>This attribute is optional and specifies the expected type for the value of the specified property.</xs:documentation>
+					</xs:annotation>
+				</xs:attribute>
+			</xs:restriction>
+		</xs:simpleContent>
+	</xs:complexType>
+	<xs:complexType name="FloatObjectPropertyType">
+		<xs:annotation>
+			<xs:documentation>The FloatObjectPropertyType is a type (extended from BaseObjectPropertyType) representing the specification of a single Object property whose core value is of type Float. This type will be assigned to any property of a CybOX object that should contain content of type Float and enables the use of relevant metadata for the property.</xs:documentation>
+			<xs:documentation>Properties that use this type can express multiple values by providing them using a comma separated list. As such, a comma is a reserved character in all uses of this type. Commas in values should be expressed as &amp;comma; (that is, ampersand-"comma"-semicolon). Such expressions should be converted back to a comma before displaying to users or handing off values to tools for processing. Note that whitespace is preserved and so, when specifying a list of values, do not include a space following a comma in a list unless the first character of the next list item should, in fact, be a space.</xs:documentation>
+		</xs:annotation>
+		<xs:simpleContent>
+			<xs:restriction base="cyboxCommon:BaseObjectPropertyType">
+				<xs:simpleType>
+					<xs:union memberTypes="xs:string"/>
+				</xs:simpleType>
+				<xs:attribute name="datatype" type="cyboxCommon:DatatypeEnum" use="optional" fixed="float">
+					<xs:annotation>
+						<xs:documentation>This attribute is optional and specifies the expected type for the value of the specified property.</xs:documentation>
+					</xs:annotation>
+				</xs:attribute>
+			</xs:restriction>
+		</xs:simpleContent>
+	</xs:complexType>
+	<xs:complexType name="DoubleObjectPropertyType">
+		<xs:annotation>
+			<xs:documentation>The DoubleObjectPropertyType is a type (extended from BaseObjectPropertyType) representing the specification of a single Object property whose core value is of type Double. This type will be assigned to any property of a CybOX object that should contain content of type Double and enables the use of relevant metadata for the property.</xs:documentation>
+			<xs:documentation>Properties that use this type can express multiple values by providing them using a comma separated list. As such, a comma is a reserved character in all uses of this type. Commas in values should be expressed as &amp;comma; (that is, ampersand-"comma"-semicolon). Such expressions should be converted back to a comma before displaying to users or handing off values to tools for processing. Note that whitespace is preserved and so, when specifying a list of values, do not include a space following a comma in a list unless the first character of the next list item should, in fact, be a space.</xs:documentation>
+		</xs:annotation>
+		<xs:simpleContent>
+			<xs:restriction base="cyboxCommon:BaseObjectPropertyType">
+				<xs:simpleType>
+					<xs:union memberTypes="xs:string"/>
+				</xs:simpleType>
+				<xs:attribute name="datatype" type="cyboxCommon:DatatypeEnum" fixed="double">
+					<xs:annotation>
+						<xs:documentation>This attribute is optional and specifies the expected type for the value of the specified property.</xs:documentation>
+					</xs:annotation>
+				</xs:attribute>
+			</xs:restriction>
+		</xs:simpleContent>
+	</xs:complexType>
+	<xs:complexType name="UnsignedLongObjectPropertyType">
+		<xs:annotation>
+			<xs:documentation>The UnsignedLongObjectPropertyType is a type (extended from BaseObjectPropertyType) representing the specification of a single Object property whose core value is of type UnsignedLong. This type will be assigned to any property of a CybOX object that should contain content of type UnsignedLong and enables the use of relevant metadata for the property.</xs:documentation>
+			<xs:documentation>Properties that use this type can express multiple values by providing them using a comma separated list. As such, a comma is a reserved character in all uses of this type. Commas in values should be expressed as &amp;comma; (that is, ampersand-"comma"-semicolon). Such expressions should be converted back to a comma before displaying to users or handing off values to tools for processing. Note that whitespace is preserved and so, when specifying a list of values, do not include a space following a comma in a list unless the first character of the next list item should, in fact, be a space.</xs:documentation>
+		</xs:annotation>
+		<xs:simpleContent>
+			<xs:restriction base="cyboxCommon:BaseObjectPropertyType">
+				<xs:simpleType>
+					<xs:union memberTypes="xs:string"/>
+				</xs:simpleType>
+				<xs:attribute name="datatype" type="cyboxCommon:DatatypeEnum" fixed="unsignedLong">
+					<xs:annotation>
+						<xs:documentation>This attribute is optional and specifies the expected type for the value of the specified property.</xs:documentation>
+					</xs:annotation>
+				</xs:attribute>
+			</xs:restriction>
+		</xs:simpleContent>
+	</xs:complexType>
+	<xs:complexType name="UnsignedIntegerObjectPropertyType">
+		<xs:annotation>
+			<xs:documentation>The UnsignedIntegerObjectPropertyType is a type (extended from BaseObjectPropertyType) representing the specification of a single Object property whose core value is of type UnsignedInt. This type will be assigned to any property of a CybOX object that should contain content of type UnsignedInteger and enables the use of relevant metadata for the property.</xs:documentation>
+			<xs:documentation>Properties that use this type can express multiple values by providing them using a comma separated list. As such, a comma is a reserved character in all uses of this type. Commas in values should be expressed as &amp;comma; (that is, ampersand-"comma"-semicolon). Such expressions should be converted back to a comma before displaying to users or handing off values to tools for processing. Note that whitespace is preserved and so, when specifying a list of values, do not include a space following a comma in a list unless the first character of the next list item should, in fact, be a space.</xs:documentation>
+		</xs:annotation>
+		<xs:simpleContent>
+			<xs:restriction base="cyboxCommon:BaseObjectPropertyType">
+				<xs:simpleType>
+					<xs:union memberTypes="xs:string"/>
+				</xs:simpleType>
+				<xs:attribute name="datatype" type="cyboxCommon:DatatypeEnum" fixed="unsignedInt">
+					<xs:annotation>
+						<xs:documentation>This attribute is optional and specifies the expected type for the value of the specified property.</xs:documentation>
+					</xs:annotation>
+				</xs:attribute>
+			</xs:restriction>
+		</xs:simpleContent>
+	</xs:complexType>
+	<xs:complexType name="PositiveIntegerObjectPropertyType">
+		<xs:annotation>
+			<xs:documentation>The PositiveIntegerObjectPropertyType is a type (extended from BaseObjectPropertyType) representing the specification of a single Object property whose core value is of type PositveInteger. This type will be assigned to any property of a CybOX object that should contain content of type PositiveInteger and enables the use of relevant metadata for the property.</xs:documentation>
+			<xs:documentation>Properties that use this type can express multiple values by providing them using a comma separated list. As such, a comma is a reserved character in all uses of this type. Commas in values should be expressed as &amp;comma; (that is, ampersand-"comma"-semicolon). Such expressions should be converted back to a comma before displaying to users or handing off values to tools for processing. Note that whitespace is preserved and so, when specifying a list of values, do not include a space following a comma in a list unless the first character of the next list item should, in fact, be a space.</xs:documentation>
+		</xs:annotation>
+		<xs:simpleContent>
+			<xs:restriction base="cyboxCommon:BaseObjectPropertyType">
+				<xs:simpleType>
+					<xs:union memberTypes="xs:string"/>
+				</xs:simpleType>
+				<xs:attribute name="datatype" type="cyboxCommon:DatatypeEnum" fixed="positiveInteger">
+					<xs:annotation>
+						<xs:documentation>This attribute is optional and specifies the expected type for the value of the specified property.</xs:documentation>
+					</xs:annotation>
+				</xs:attribute>
+			</xs:restriction>
+		</xs:simpleContent>
+	</xs:complexType>
+	<xs:complexType name="HexBinaryObjectPropertyType">
+		<xs:annotation>
+			<xs:documentation>The HexBinaryObjectPropertyType is a type (extended from BaseObjectPropertyType) representing the specification of a single Object property whose core value is of type HexBinary. This type will be assigned to any property of a CybOX object that should contain content of type HexBinary and enables the use of relevant metadata for the property.</xs:documentation>
+			<xs:documentation>Properties that use this type can express multiple values by providing them using a comma separated list. As such, a comma is a reserved character in all uses of this type. Commas in values should be expressed as &amp;comma; (that is, ampersand-"comma"-semicolon). Such expressions should be converted back to a comma before displaying to users or handing off values to tools for processing. Note that whitespace is preserved and so, when specifying a list of values, do not include a space following a comma in a list unless the first character of the next list item should, in fact, be a space.</xs:documentation>
+		</xs:annotation>
+		<xs:simpleContent>
+			<xs:restriction base="cyboxCommon:BaseObjectPropertyType">
+				<xs:simpleType>
+					<xs:union memberTypes="xs:string"/>
+				</xs:simpleType>
+				<xs:attribute name="datatype" type="cyboxCommon:DatatypeEnum" fixed="hexBinary">
+					<xs:annotation>
+						<xs:documentation>This attribute is optional and specifies the expected type for the value of the specified property.</xs:documentation>
+					</xs:annotation>
+				</xs:attribute>
+			</xs:restriction>
+		</xs:simpleContent>
+	</xs:complexType>
+	<xs:complexType name="LongObjectPropertyType">
+		<xs:annotation>
+			<xs:documentation>The LongObjectPropertyType is a type (extended from BaseObjectPropertyType) representing the specification of a single Object property whose core value is of type Long. This type will be assigned to any property of a CybOX object that should contain content of type Long and enables the use of relevant metadata for the property.</xs:documentation>
+			<xs:documentation>Properties that use this type can express multiple values by providing them using a comma separated list. As such, a comma is a reserved character in all uses of this type. Commas in values should be expressed as &amp;comma; (that is, ampersand-"comma"-semicolon). Such expressions should be converted back to a comma before displaying to users or handing off values to tools for processing. Note that whitespace is preserved and so, when specifying a list of values, do not include a space following a comma in a list unless the first character of the next list item should, in fact, be a space.</xs:documentation>
+		</xs:annotation>
+		<xs:simpleContent>
+			<xs:restriction base="cyboxCommon:BaseObjectPropertyType">
+				<xs:simpleType>
+					<xs:union memberTypes="xs:string"/>
+				</xs:simpleType>
+				<xs:attribute name="datatype" type="cyboxCommon:DatatypeEnum" fixed="long">
+					<xs:annotation>
+						<xs:documentation>This attribute is optional and specifies the expected type for the value of the specified property.</xs:documentation>
+					</xs:annotation>
+				</xs:attribute>
+			</xs:restriction>
+		</xs:simpleContent>
+	</xs:complexType>
+	<xs:complexType name="NonNegativeIntegerObjectPropertyType">
+		<xs:annotation>
+			<xs:documentation>The NonNegativeIntegerObjectPropertyType is a type (extended from BaseObjectPropertyType) representing the specification of a single Object property whose core value is of type nonNegativeInteger. This type will be assigned to any property of a CybOX object that should contain content of type NonNegativeInteger and enables the use of relevant metadata for the property.</xs:documentation>
+			<xs:documentation>Properties that use this type can express multiple values by providing them using a comma separated list. As such, a comma is a reserved character in all uses of this type. Commas in values should be expressed as &amp;comma; (that is, ampersand-"comma"-semicolon). Such expressions should be converted back to a comma before displaying to users or handing off values to tools for processing. Note that whitespace is preserved and so, when specifying a list of values, do not include a space following a comma in a list unless the first character of the next list item should, in fact, be a space.</xs:documentation>
+		</xs:annotation>
+		<xs:simpleContent>
+			<xs:restriction base="cyboxCommon:BaseObjectPropertyType">
+				<xs:simpleType>
+					<xs:union memberTypes="xs:string"/>
+				</xs:simpleType>
+				<xs:attribute name="datatype" type="cyboxCommon:DatatypeEnum" fixed="nonNegativeInteger">
+					<xs:annotation>
+						<xs:documentation>This attribute is optional and specifies the expected type for the value of the specified property.</xs:documentation>
+					</xs:annotation>
+				</xs:attribute>
+			</xs:restriction>
+		</xs:simpleContent>
+	</xs:complexType>
+	<xs:complexType name="AnyURIObjectPropertyType">
+		<xs:annotation>
+			<xs:documentation>The AnyURIObjectPropertyType is a type (extended from BaseObjectPropertyType) representing the specification of a single Object property whose core value is of type anyURI. This type will be assigned to any property of a CybOX object that should contain content of type AnyURI and enables the use of relevant metadata for the property.</xs:documentation>
+			<xs:documentation>Properties that use this type can express multiple values by providing them using a comma separated list. As such, a comma is a reserved character in all uses of this type. Commas in values should be expressed as &amp;comma; (that is, ampersand-"comma"-semicolon). Such expressions should be converted back to a comma before displaying to users or handing off values to tools for processing. Note that whitespace is preserved and so, when specifying a list of values, do not include a space following a comma in a list unless the first character of the next list item should, in fact, be a space.</xs:documentation>
+		</xs:annotation>
+		<xs:simpleContent>
+			<xs:restriction base="cyboxCommon:BaseObjectPropertyType">
+				<xs:simpleType>
+					<xs:union memberTypes="xs:string"/>
+				</xs:simpleType>
+				<xs:attribute name="datatype" type="cyboxCommon:DatatypeEnum" fixed="anyURI">
+					<xs:annotation>
+						<xs:documentation>This attribute is optional and specifies the expected type for the value of the specified property.</xs:documentation>
+					</xs:annotation>
+				</xs:attribute>
+			</xs:restriction>
+		</xs:simpleContent>
+	</xs:complexType>
+	<xs:complexType name="DurationObjectPropertyType">
+		<xs:annotation>
+			<xs:documentation>The DurationObjectPropertyType is a type (extended from BaseObjectPropertyType) representing the specification of a single Object property whose core value is of type duration. This type will be assigned to any property of a CybOX object that should contain content of type Duration and enables the use of relevant metadata for the property.</xs:documentation>
+			<xs:documentation>Properties that use this type can express multiple values by providing them using a comma separated list. As such, a comma is a reserved character in all uses of this type. Commas in values should be expressed as &amp;comma; (that is, ampersand-"comma"-semicolon). Such expressions should be converted back to a comma before displaying to users or handing off values to tools for processing. Note that whitespace is preserved and so, when specifying a list of values, do not include a space following a comma in a list unless the first character of the next list item should, in fact, be a space.</xs:documentation>
+		</xs:annotation>
+		<xs:simpleContent>
+			<xs:restriction base="cyboxCommon:BaseObjectPropertyType">
+				<xs:simpleType>
+					<xs:union memberTypes="xs:string"/>
+				</xs:simpleType>
+				<xs:attribute name="datatype" type="cyboxCommon:DatatypeEnum" fixed="duration">
+					<xs:annotation>
+						<xs:documentation>This attribute is optional and specifies the expected type for the value of the specified property.</xs:documentation>
+					</xs:annotation>
+				</xs:attribute>
+			</xs:restriction>
+		</xs:simpleContent>
+	</xs:complexType>
+	<xs:complexType name="TimeObjectPropertyType">
+		<xs:annotation>
+			<xs:documentation>The TimeObjectPropertyType is a type (extended from BaseObjectPropertyType) representing the specification of a single Object property whose core value is of type time. This type will be assigned to any property of a CybOX object that should contain content of type Time and enables the use of relevant metadata for the property.</xs:documentation>
+			<xs:documentation>Properties that use this type can express multiple values by providing them using a comma separated list. As such, a comma is a reserved character in all uses of this type. Commas in values should be expressed as &amp;comma; (that is, ampersand-"comma"-semicolon). Such expressions should be converted back to a comma before displaying to users or handing off values to tools for processing. Note that whitespace is preserved and so, when specifying a list of values, do not include a space following a comma in a list unless the first character of the next list item should, in fact, be a space.</xs:documentation>
+		</xs:annotation>
+		<xs:simpleContent>
+			<xs:restriction base="cyboxCommon:BaseObjectPropertyType">
+				<xs:simpleType>
+					<xs:union memberTypes="xs:string"/>
+				</xs:simpleType>
+				<xs:attribute name="datatype" type="cyboxCommon:DatatypeEnum" fixed="time">
+					<xs:annotation>
+						<xs:documentation>This attribute is optional and specifies the expected type for the value of the specified property.</xs:documentation>
+					</xs:annotation>
+				</xs:attribute>
+			</xs:restriction>
+		</xs:simpleContent>
+	</xs:complexType>
+	<xs:complexType name="Base64BinaryObjectPropertyType">
+		<xs:annotation>
+			<xs:documentation>The Base64BinaryObjectPropertyType is a type (extended from BaseObjectPropertyType) representing the specification of a single Object property whose core value is of type base64Binary. This type will be assigned to any property of a CybOX object that should contain content of type Base64Binary and enables the use of relevant metadata for the property.</xs:documentation>
+			<xs:documentation>Properties that use this type can express multiple values by providing them using a comma separated list. As such, a comma is a reserved character in all uses of this type. Commas in values should be expressed as &amp;comma; (that is, ampersand-"comma"-semicolon). Such expressions should be converted back to a comma before displaying to users or handing off values to tools for processing. Note that whitespace is preserved and so, when specifying a list of values, do not include a space following a comma in a list unless the first character of the next list item should, in fact, be a space.</xs:documentation>
+		</xs:annotation>
+		<xs:simpleContent>
+			<xs:restriction base="cyboxCommon:BaseObjectPropertyType">
+				<xs:simpleType>
+					<xs:union memberTypes="xs:string"/>
+				</xs:simpleType>
+				<xs:attribute name="datatype" type="cyboxCommon:DatatypeEnum" fixed="base64Binary">
+					<xs:annotation>
+						<xs:documentation>This attribute is optional and specifies the expected type for the value of the specified property.</xs:documentation>
+					</xs:annotation>
+				</xs:attribute>
+			</xs:restriction>
+		</xs:simpleContent>
+	</xs:complexType>
+	<xs:attributeGroup name="BaseObjectPropertyGroup">
+		<xs:annotation>
+			<xs:documentation>The ObjectPropertyGroup is a simple field group aggregating a set of fields for Object Properties.</xs:documentation>
+		</xs:annotation>
+		<xs:attribute name="id" type="xs:QName">
+			<xs:annotation>
+				<xs:documentation>The id field specifies a unique ID for this Object Property.</xs:documentation>
+			</xs:annotation>
+		</xs:attribute>
+		<xs:attribute name="idref" type="xs:QName">
+			<xs:annotation>
+				<xs:documentation>The idref field specifies a unique ID reference for this Object Property.</xs:documentation>
+			</xs:annotation>
+		</xs:attribute>
+		<xs:attribute name="datatype" type="cyboxCommon:DatatypeEnum" default="string">
+			<xs:annotation>
+				<xs:documentation>This attribute is optional and specifies the expected type for the value of the specified property.</xs:documentation>
+			</xs:annotation>
+		</xs:attribute>
+		<xs:attribute name="appears_random" type="xs:boolean">
+			<xs:annotation>
+				<xs:documentation>This field is optional and conveys whether the associated object property value appears to somewhat random in nature. An object property with this field set to TRUE need not provide any further information including a value. If more is known about the particular variation of randomness, a regex value could be provided to outline what is known of the structure.</xs:documentation>
+			</xs:annotation>
+		</xs:attribute>
+		<xs:attribute name="is_obfuscated" type="xs:boolean">
+			<xs:annotation>
+				<xs:documentation>This field is optional and conveys whether the associated Object property has been obfuscated.</xs:documentation>
+			</xs:annotation>
+		</xs:attribute>
+		<xs:attribute name="obfuscation_algorithm_ref" type="xs:anyURI">
+			<xs:annotation>
+				<xs:documentation>This field is optional and conveys a reference to a description of the algorithm used to obfuscate this Object property.</xs:documentation>
+			</xs:annotation>
+		</xs:attribute>
+		<xs:attribute name="is_defanged" type="xs:boolean">
+			<xs:annotation>
+				<xs:documentation>This field is optional and conveys whether the associated Object property has been defanged (representation changed to prevent malicious effects of handling/processing).</xs:documentation>
+			</xs:annotation>
+		</xs:attribute>
+		<xs:attribute name="defanging_algorithm_ref" type="xs:anyURI">
+			<xs:annotation>
+				<xs:documentation>This field is optional and conveys a reference to a description of the algorithm used to defang (representation changed to prevent malicious effects of handling/processing) this Object property.</xs:documentation>
+			</xs:annotation>
+		</xs:attribute>
+		<xs:attribute name="refanging_transform_type" type="xs:string">
+			<xs:annotation>
+				<xs:documentation>This field is optional and specifies the type (e.g. RegEx) of refanging transform specified in the optional accompanying refangingTransform property.</xs:documentation>
+			</xs:annotation>
+		</xs:attribute>
+		<xs:attribute name="refanging_transform" type="xs:string">
+			<xs:annotation>
+				<xs:documentation>This field is optional and specifies an automated transform that can be applied to the Object property content in order to refang it to its original format.</xs:documentation>
+			</xs:annotation>
+		</xs:attribute>
+	</xs:attributeGroup>
+	<xs:attributeGroup name="PatternFieldGroup">
+		<xs:annotation>
+			<xs:documentation>The PatternFieldGroup is a simple field group aggregating a set of fields for application of patterns.</xs:documentation>
+		</xs:annotation>
+		<xs:attribute name="condition" type="cyboxCommon:ConditionTypeEnum">
+			<xs:annotation>
+				<xs:documentation>This field is optional and defines the relevant condition to apply to the value.</xs:documentation>
+			</xs:annotation>
+		</xs:attribute>
+		<xs:attribute name="apply_condition" type="cyboxCommon:ConditionApplicationEnum" default="ANY">
+			<xs:annotation>
+				<xs:documentation>This field indicates how a condition should be applied when the field body contains a list of values. (Its value is moot if the field value contains only a single value - both possible values for this field would have the same behavior.) If this field is set to ANY, then a pattern is considered to be matched if the provided condition successfully evaluates for any of the values in the field body. If the field is set to ALL, then the patern only matches if the provided condition successfully evaluates for every value in the field body.</xs:documentation>
+			</xs:annotation>
+		</xs:attribute>
+		<xs:attribute name="bit_mask" type="xs:hexBinary">
+			<xs:annotation>
+				<xs:documentation>Used to specify a bit_mask in conjunction with one of the defined binary conditions (bitwiseAnd, bitwiseOr, and bitwiseXor). This bitmask is then uses as one operand in the indicated bitwise computation.</xs:documentation>
+			</xs:annotation>
+		</xs:attribute>
+		<xs:attribute name="pattern_type" type="cyboxCommon:PatternTypeEnum">
+			<xs:annotation>
+				<xs:documentation>This field is optional and defines the type of pattern used if one is specified for the field value. This is applicable only if the Condition field is set to 'FitsPattern'. </xs:documentation>
+			</xs:annotation>
+		</xs:attribute>
+		<xs:attribute name="regex_syntax" type="xs:string">
+			<xs:annotation>
+				<xs:documentation>This field is optional and defines the syntax format used for a regular expression, if one is specified for the field value. This is applicable only if the Condition field is set to 'FitsPattern'.
+					
+					Setting this attribute with an empty value (e.g., "") or omitting it entirely notifies CybOX consumers and pattern evaluators that the corresponding regular expression utilizes capabilities, character classes, escapes, and other lexical tokens defined by the CybOX Language Specification. 
+					
+					Setting this attribute with a non-empty value notifies CybOX consumers and pattern evaluators that the corresponding regular expression utilizes capabilities not definied by the CybOX Language Specification. The regular expression must be evaluated through a compatible regular expression engine in this case.
+				</xs:documentation>
+			</xs:annotation>
+		</xs:attribute>
+		<xs:attribute name="has_changed" type="xs:boolean">
+			<xs:annotation>
+				<xs:documentation>This field is optional and conveys a targeted observation pattern of whether the associated field value has changed. This field would be leveraged within a pattern observable triggering on whether the value of a single field value has changed.</xs:documentation>
+			</xs:annotation>
+		</xs:attribute>
+		<xs:attribute name="trend" type="xs:boolean">
+			<xs:annotation>
+				<xs:documentation>This field is optional and conveys a targeted observation pattern of the nature of any trend in the associated field value. This field would be leveraged within a pattern observable triggering on the matching of a specified trend in the value of a single specified field.</xs:documentation>
+			</xs:annotation>
+		</xs:attribute>
+	</xs:attributeGroup>
+	<xs:simpleType name="ConditionTypeEnum">
+		<xs:annotation>
+			<xs:documentation>ConditionTypeEnum is a (non-exhaustive) enumeration of condition types.</xs:documentation>
+		</xs:annotation>
+		<xs:restriction base="xs:string">
+			<xs:enumeration value="Equals">
+				<xs:annotation>
+					<xs:documentation>Specifies the equality or = condition.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="DoesNotEqual">
+				<xs:annotation>
+					<xs:documentation>Specifies the "does not equal" or != condition.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Contains">
+				<xs:annotation>
+					<xs:documentation>Specifies the "contains" condition.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="DoesNotContain">
+				<xs:annotation>
+					<xs:documentation>Specifies the "does not contain" condition.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="StartsWith">
+				<xs:annotation>
+					<xs:documentation>Specifies the "starts with" condition.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="EndsWith">
+				<xs:annotation>
+					<xs:documentation>Specifies the "ends with" condition.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="GreaterThan">
+				<xs:annotation>
+					<xs:documentation>Specifies the "greater than" condition.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="GreaterThanOrEqual">
+				<xs:annotation>
+					<xs:documentation>Specifies the "greater than or equal to" condition.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="LessThan">
+				<xs:annotation>
+					<xs:documentation>Specifies the "less than" condition.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="LessThanOrEqual">
+				<xs:annotation>
+					<xs:documentation>Specifies the "less than or equal" condition.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="InclusiveBetween">
+				<xs:annotation>
+					<xs:documentation>The pattern is met if the given value lies between the values indicated in the field value body, inclusive of the bounding values themselves. The field value body MUST contain at least 2 values to be valid. If the field value body contains more than 2 values, then only the greatest and least values are considered. (I.e., If the body contains "2,4,6", then an InclusiveBetween condition would be satisfied if the observed value fell between 2 and 6, inclusive. Since this is an inclusive range, an observed value of 2 or 6 would fit the pattern in this example.) As such, always treat the InclusiveBetween condition as applying to a single range for the purpose of evaluating the apply_condition attribute.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="ExclusiveBetween">
+				<xs:annotation>
+					<xs:documentation>The pattern is met if the given value lies between the values indicated in the field value body, exclusive of the bounding values themselves. The field value body MUST contain at least 2 values to be valid. If the field value body contains more than 2 values, then only the greatest and least values are considered. (I.e., If the body contains "2,4,6", then an InclusiveBetween condition would be satisfied if the observed value fell between 2 and 6, exclusive. Since this is an exclusive range, an observed value of 2 or 6 would not fit the pattern in this example.) As such, always treat the ExclusiveBetween condition as applying to a single range for the purpose of evaluating the apply_condition attribute.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="FitsPattern">
+				<xs:annotation>
+					<xs:documentation>Specifies the condition that a value fits a given pattern.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="BitwiseAnd">
+				<xs:annotation>
+					<xs:documentation>Specifies the condition of bitwise AND. Specifically, when applying this pattern, a given value is bitwise-ANDed with the bit_mask attribute value (which must be present). If the result is identical to the value provided in the body of this field value, the pattern is considered fulfilled.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="BitwiseOr">
+				<xs:annotation>
+					<xs:documentation>Specifies the condition of bitwise OR. Specifically, when applying this pattern, a given value is bitwise-ORed with the bit_mask attribute value (which must be present). If the result is identical to the value provided in the body of this field value, the pattern is considered fulfilled.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="BitwiseXor">
+				<xs:annotation>
+					<xs:documentation>Specifies the condition of bitwise XOR. Specifically, when applying this pattern, a given value is bitwise-XORed with the bit_mask attribute value (which must be present). If the result is identical to the value provided in the body of this field value, the pattern is considered fulfilled.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+		</xs:restriction>
+	</xs:simpleType>
+	<xs:simpleType name="ConditionApplicationEnum">
+		<xs:annotation>
+			<xs:documentation>Used to indicate how a condition should be applied to a list of values.</xs:documentation>
+		</xs:annotation>
+		<xs:restriction base="xs:string">
+			<xs:enumeration value="ANY">
+				<xs:annotation>
+					<xs:documentation>Indicates that a pattern holds if the given condition can be successfully applied to any of the field values.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="ALL">
+				<xs:annotation>
+					<xs:documentation>Indicates that a pattern holds only if the given condition can be successfully applied to all of the field values.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="NONE">
+				<xs:annotation>
+					<xs:documentation>Indicates that a pattern holds only if the given condition can be successfully applied to none of the field values.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+		</xs:restriction>
+	</xs:simpleType>
+	<xs:simpleType name="DatatypeEnum">
+		<xs:annotation>
+			<xs:documentation>DataTypeEnum is a (non-exhaustive) enumeration of data types.</xs:documentation>
+		</xs:annotation>
+		<xs:restriction base="xs:string">
+			<xs:enumeration value="string">
+				<xs:annotation>
+					<xs:documentation>Specifies the string datatype as it applies to the W3C standard. See http://www.w3.org/TR/xmlschema-2/#string for more information.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="int">
+				<xs:annotation>
+					<xs:documentation>Specifies the int datatype as it applies to the W3C standard for int. See http://www.w3.org/TR/xmlschema-2/#int for more information.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="float">
+				<xs:annotation>
+					<xs:documentation>Specifies the float datatype as it apples to the W3C standard. See http://www.w3.org/TR/xmlschema-2/#float for more information. </xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="date">
+				<xs:annotation>
+					<xs:documentation>Specifies a date, which is usually in the form yyyy-mm--dd as it applies to the W3C standard. See http://www.w3.org/TR/xmlschema-2/#date for more information.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="positiveInteger">
+				<xs:annotation>
+					<xs:documentation>Specifies a positive integer in the infinite set {1,2,...} as it applies to the W3C standard. See http://www.w3.org/TR/xmlschema-2/#positiveInteger for more information.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="unsignedInt">
+				<xs:annotation>
+					<xs:documentation>Specifies an unsigned integer, which is a nonnegative integer in the set {0,1,2,...,4294967295} as it applies to the W3C standard. See http://www.w3.org/TR/xmlschema-2/#unsignedInt for more information.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="dateTime">
+				<xs:annotation>
+					<xs:documentation>Specifies a date in full format including both date and time as it applies to the W3C standard. See http://www.w3.org/TR/xmlschema-2/#dateTime for more information.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="time">
+				<xs:annotation>
+					<xs:documentation>Specifies a time as it applies to the W3C standard. See http://www.w3.org/TR/xmlschema-2/#time for more information.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="boolean">
+				<xs:annotation>
+					<xs:documentation>Specifies a boolean value in the set {true,false,1,0} as it applies to the W3C standard. See http://www.w3.org/TR/xmlschema-2/#boolean for more information.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="name">
+				<xs:annotation>
+					<xs:documentation>Specifies a name (which represents XML Names) as it applies to the W3C standard. See http://www.w3.org/TR/xmlschema-2/#Name and http://www.w3.org/TR/2000/WD-xml-2e-20000814#dt-name for more information.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="long">
+				<xs:annotation>
+					<xs:documentation>Specifies a long integer, which is an integer whose maximum value is 9223372036854775807 and minimum value is -9223372036854775808 as it applies to the W3C standard. See http://www.w3.org/TR/xmlschema-2/#long for more information.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="unsignedLong">
+				<xs:annotation>
+					<xs:documentation>Specifies an unsigned long integer, which is an integer whose maximum value is 18446744073709551615 and minimum value is 0 as it applies to the W3C standard. See http://www.w3.org/TR/xmlschema-2/#unsignedLong for more information.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="duration">
+				<xs:annotation>
+					<xs:documentation>Specifies a length of time in the extended format PnYn MnDTnH nMnS, where nY represents the number of years, nM the number of months, nD the number of days, 'T' is the date/time separator, nH the number of hours, nM the number of minutes and nS the number of seconds, as it applies to the W3 standard. See http://www.w3.org/TR/xmlschema-2/#duration for more information.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="double">
+				<xs:annotation>
+					<xs:documentation>Specifies a decimal of datatype double as it is patterned after the IEEE double-precision 64-bit floating point type (IEEE 754-1985) and as it applies to the W3C standard. See http://www.w3.org/TR/xmlschema-2/#double for more information.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="nonNegativeInteger">
+				<xs:annotation>
+					<xs:documentation>Specifies a non-negative integer in the infinite set {0,1,2,...} as it applies to the W3C standard. See http://www.w3.org/TR/xmlschema-2/#nonNegativeInteger for more information.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="hexBinary">
+				<xs:annotation>
+					<xs:documentation>Specifies arbitrary hex-encoded binary data as it applies to the W3C standard. See http://www.w3.org/TR/xmlschema-2/#hexBinary for more information.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="anyURI">
+				<xs:annotation>
+					<xs:documentation>Specifies a Uniform Resource Identifier Reference (URI) as it applies to the W3C standard and to RFC 2396, as amended by RFC 2732. See http://www.w3.org/TR/xmlschema-2/#anyURI for more information.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="base64Binary">
+				<xs:annotation>
+					<xs:documentation>Specifies base64-encoded arbitrary binary data as it applies to the W3C standard. See http://www.w3.org/TR/xmlschema-2/#base64Binary for more information.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="IPv4 Address">
+				<xs:annotation>
+					<xs:documentation>Specifies an IPV4 address in dotted decimal form. CIDR notation is also accepted.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="IPv6 Address">
+				<xs:annotation>
+					<xs:documentation>Specifies an IPV6 address, which is represented by eight groups of 16-bit hexadecimal values separated by colons (:) in the form a:b:c:d:e:f:g:h. CIDR notation is also accepted.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Host Name">
+				<xs:annotation>
+					<xs:documentation>Specifies a host name. For compatability reasons, this could be any string. Even so, it is best to use the proper notation for the given host type. For example, web hostnames should be written as fully qualified hostnames in practice.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="MAC Address">
+				<xs:annotation>
+					<xs:documentation>Specifies a MAC address, which is represented by six groups of 2 hexdecimal digits, separated by hyphens (-) or colons (:) in transmission order.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Domain Name">
+				<xs:annotation>
+					<xs:documentation>Specifies a domain name, which is represented by a series of labels concatenated with dots comforming to the rules in RFC 1035, RFC 1123, and RFC 2181.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="URI">
+				<xs:annotation>
+					<xs:documentation>Specifies a Uniform Resource Identifier, which identifies a name or resource and can act as a URL or URN.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="TimeZone">
+				<xs:annotation>
+					<xs:documentation>Specifies a timezone in UTC notation (UTC+number).</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Octal">
+				<xs:annotation>
+					<xs:documentation>Specifies arbitrary octal (base-8) encoded data.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Binary">
+				<xs:annotation>
+					<xs:documentation>Specifies arbitrary binary encoded data.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="BinHex">
+				<xs:annotation>
+					<xs:documentation>Specifies arbitrary data encoded in the Mac OS-originated BinHex format.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Subnet Mask">
+				<xs:annotation>
+					<xs:documentation>Specifies a subnet mask in IPv4 or IPv6 notation.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="UUID/GUID">
+				<xs:annotation>
+					<xs:documentation>Specifies a globally/universally unique ID represented as a 32-character hexadecimal string. See ISO/IEC 11578:1996 Information technology -- Open Systems Interconnection -- Remote Procedure Call - http://www.iso.ch/cate/d2229.html</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Collection">
+				<xs:annotation>
+					<xs:documentation>Specifies data represented as a container of multiple data of a shared elemental type.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="CVE ID">
+				<xs:annotation>
+					<xs:documentation>Specifies a CVE ID, expressed as CVE- appended by a four-digit integer, a - and another four-digit integer, as in CVE-2012-1234.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="CWE ID">
+				<xs:annotation>
+					<xs:documentation>Specifies a CWE ID, expressed as CWE- appended by an integer.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="CAPEC ID">
+				<xs:annotation>
+					<xs:documentation>Specifies a CAPEC ID, expressed as CAPEC- appended by an integer.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="CCE ID">
+				<xs:annotation>
+					<xs:documentation>Specifies a CCE ID, expressed as CCE- appended by an integer.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="CPE Name">
+				<xs:annotation>
+					<xs:documentation>Specifies a CPE Name. See http://cpe.mitre.org/specification/archive/version2.0/cpe-specification_2.0.pdf for more information.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+		</xs:restriction>
+	</xs:simpleType>
+	<xs:simpleType name="PatternTypeEnum">
+		<xs:annotation>
+			<xs:documentation>The PatternTypeEnum type is a non-exhaustive enumeration of potentially relevant pattern types.</xs:documentation>
+		</xs:annotation>
+		<xs:restriction base="xs:string">
+			<xs:enumeration value="Regex">
+				<xs:annotation>
+					<xs:documentation>Specifies the regular expression pattern type.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Binary">
+				<xs:annotation>
+					<xs:documentation>Specifies the binary (bit operations) pattern type.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="XPath">
+				<xs:annotation>
+					<xs:documentation>Specifies the XPath 1.0 expression pattern type.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+		</xs:restriction>
+	</xs:simpleType>
+	<!---->
+	<xs:complexType name="ExtractedFeaturesType">
+		<xs:annotation>
+			<xs:documentation>The ExtractedFeaturesType is a type representing a description of features extracted from an object such as a file.</xs:documentation>
+		</xs:annotation>
+		<xs:sequence>
+			<xs:element name="Strings" type="cyboxCommon:ExtractedStringsType" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>This field enables description of a set of static strings extracted from a raw cyber object.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="Imports" type="cyboxCommon:ImportsType" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>This field enables description of a set of references to external resources imported by a raw cyber object.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="Functions" type="cyboxCommon:FunctionsType" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>This field enables description of a set of references to functions called by a raw cyber object.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="Code_Snippets" type="cyboxCommon:CodeSnippetsType" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>This field enables description of a set of code snippets extracted from a raw cyber object.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+		</xs:sequence>
+	</xs:complexType>
+	<xs:complexType name="ExtractedStringsType">
+		<xs:annotation>
+			<xs:documentation>The ExtractedStringsType type is intended as container for strings extracted from CybOX objects.</xs:documentation>
+		</xs:annotation>
+		<xs:sequence>
+			<xs:element name="String" type="cyboxCommon:ExtractedStringType" maxOccurs="unbounded">
+				<xs:annotation>
+					<xs:documentation>This field enables description of a single static string extracted from a raw cyber object.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+		</xs:sequence>
+	</xs:complexType>
+	<xs:complexType name="ExtractedStringType">
+		<xs:annotation>
+			<xs:documentation>The ExtractedStringType type is intended as container a single string extracted from a CybOX object.</xs:documentation>
+		</xs:annotation>
+		<xs:sequence>
+			<xs:element name="Encoding" type="cyboxCommon:ControlledVocabularyStringType" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>The Encoding field refers to the encoding method used for the string extracted from the CybOX object, via a standardized controlled vocabulary.</xs:documentation>
+					<xs:documentation>This field is implemented through the xsi:type controlled vocabulary extension mechanism. The default vocabulary type is CharacterEncodingVocab in the http://cybox.mitre.org/default_vocabularies-2 namespace. This type is defined in the cybox_default_vocabularies.xsd file or at the URL http://cybox.mitre.org/XMLSchema/default_vocabularies/2.0/cybox_default_vocabularies.xsd.
+						Users may also define their own vocabulary using the type extension mechanism (by specifying a vocabulary name and/or reference using the vocab_name and vocab_reference attributes, respectively) or simply use this as a string field. </xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="String_Value" type="cyboxCommon:StringObjectPropertyType" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>The String_Value field specifies the actual value of the string extracted from the CybOX object, if it is capable of being represented in the encoding scheme used in the document (most commonly UTF-8).</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="Byte_String_Value" type="cyboxCommon:HexBinaryObjectPropertyType" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>The Byte_String_Value field specifies the raw, byte-string representation of the string extracted from the CybOX object, in hexadecimal format.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="Hashes" type="cyboxCommon:HashListType" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>The Hashes field is used to include any hash values computed using the string extracted from the CybOX object as input.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="Address" type="cyboxCommon:HexBinaryObjectPropertyType" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>The Address field specifies the location or offset of the specified string in the CybOX objects.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="Length" type="cyboxCommon:PositiveIntegerObjectPropertyType" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>The Length field specifies the length, in characters, of the string extracted from the CybOX object.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="Language" type="cyboxCommon:StringObjectPropertyType" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>The Language field specifies the language the string is written in, e.g. English.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="English_Translation" type="cyboxCommon:StringObjectPropertyType" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>The English_Translation field specifies the English translation of the string, if it is not written in English.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+		</xs:sequence>
+	</xs:complexType>
+	<xs:complexType name="ImportsType">
+		<xs:annotation>
+			<xs:documentation>The ImportsType is intended to represent an extracted list of imports specified within a CybOX object.</xs:documentation>
+		</xs:annotation>
+		<xs:sequence>
+			<xs:element name="Import" type="cyboxCommon:StringObjectPropertyType" maxOccurs="unbounded">
+				<xs:annotation>
+					<xs:documentation>This field enables description of a single reference to an external resource imported by a raw cyber object.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+		</xs:sequence>
+	</xs:complexType>
+	<xs:complexType name="FunctionsType">
+		<xs:annotation>
+			<xs:documentation>The FunctionsType is intended to represent an extracted list of functions leveraged within a CybOX object.</xs:documentation>
+		</xs:annotation>
+		<xs:sequence>
+			<xs:element name="Function" type="cyboxCommon:StringObjectPropertyType" maxOccurs="unbounded">
+				<xs:annotation>
+					<xs:documentation>This field enables description of a single reference to a function called by a raw cyber object.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+		</xs:sequence>
+	</xs:complexType>
+	<xs:complexType name="CodeSnippetsType">
+		<xs:annotation>
+			<xs:documentation>The CodeSnippetsType is intended to represent an set of code snippets extracted from within a CybOX object.</xs:documentation>
+		</xs:annotation>
+		<xs:sequence>
+			<xs:element name="Code_Snippet" type="cyboxCommon:ObjectPropertiesType" maxOccurs="unbounded">
+				<xs:annotation>
+					<xs:documentation>This field enables description of a single code snippet extracted from a raw cyber object. Code_Snippet should be of CodeObj:CodeObjectType.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+		</xs:sequence>
+	</xs:complexType>
+	<!---->
+	<xs:complexType name="ByteRunsType">
+		<xs:annotation>
+			<xs:documentation>The ByteRunsType is used for representing a list of byte runs from within a raw object.</xs:documentation>
+		</xs:annotation>
+		<xs:sequence>
+			<xs:element name="Byte_Run" type="cyboxCommon:ByteRunType" maxOccurs="unbounded">
+				<xs:annotation>
+					<xs:documentation>The Byte_Run field contains a single byte run from the raw object.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+		</xs:sequence>
+	</xs:complexType>
+	<xs:complexType name="ByteRunType">
+		<xs:annotation>
+			<xs:documentation>The ByteRunType is used for representing a single byte run from within a raw object.</xs:documentation>
+		</xs:annotation>
+		<xs:sequence>
+			<xs:element name="Offset" type="cyboxCommon:IntegerObjectPropertyType" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>The Offset field specifies the offset of the beginning of the byte run as measured from the beginning of the object.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="File_System_Offset" type="cyboxCommon:IntegerObjectPropertyType" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>The File_System_Offset field is relevant only for byte runs of files in forensic analysis.It specifies the offset of the beginning of the byte run as measured from the beginning of the relevant file system.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="Image_Offset" type="cyboxCommon:IntegerObjectPropertyType" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>The Image_Offset field is provided for forensic analysis purposes and specifies the offset of the beginning of the byte run as measured from the beginning of the relevant forensic image.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="Length" type="cyboxCommon:IntegerObjectPropertyType" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>The Length field specifies the number of bytes in the byte run.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="Hashes" type="cyboxCommon:HashListType" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>The Hashes field contains computed hash values for this the data in this byte run.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="Byte_Run_Data" type="xs:anyType" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>The Byte_Run_Data field contains a raw dump of the byte run data, typically enclosed within an XML CDATA section.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+		</xs:sequence>
+	</xs:complexType>
+	<!---->
+	<xs:complexType name="HashListType">
+		<xs:annotation>
+			<xs:documentation>The HashListType type is used for representing a list of hash values.</xs:documentation>
+		</xs:annotation>
+		<xs:sequence>
+			<xs:element name="Hash" type="cyboxCommon:HashType" maxOccurs="unbounded">
+				<xs:annotation>
+					<xs:documentation>The Hash field specifies a single calculated hash value.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+		</xs:sequence>
+	</xs:complexType>
+	<xs:complexType name="HashValueType">
+		<xs:annotation>
+			<xs:documentation>The HashValueType is used for specifying the resulting value from a hash calculation.</xs:documentation>
+		</xs:annotation>
+		<xs:choice>
+			<xs:element name="Simple_Hash_Value" type="cyboxCommon:SimpleHashValueType" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>The Simple_Hash_Value field specifies a single result value of a basic cryptograhic hash function outputing a single hexbinary hash value.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="Fuzzy_Hash_Value" type="cyboxCommon:FuzzyHashValueType" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>The Fuzzy_Hash_Value field specifies a single result value of a cryptograhic fuzzy hash function outputing a single complex string based hash value. (e.g. SSDEEP's Block1hash:Block2hash format).</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+		</xs:choice>
+	</xs:complexType>
+	<xs:complexType name="SimpleHashValueType">
+		<xs:annotation>
+			<xs:documentation>The SimpleHashValueType is used for characterizing the output of basic cryptograhic hash functions outputing a single hexbinary hash value.</xs:documentation>
+		</xs:annotation>
+		<xs:complexContent>
+			<xs:extension base="cyboxCommon:HexBinaryObjectPropertyType"/>
+		</xs:complexContent>
+	</xs:complexType>
+	<xs:complexType name="FuzzyHashValueType">
+		<xs:annotation>
+			<xs:documentation>The FuzzyHashValueType is used for characterizing the output of cryptograhic fuzzy hash functions outputing a single complex string based hash value.</xs:documentation>
+		</xs:annotation>
+		<xs:complexContent>
+			<xs:extension base="cyboxCommon:StringObjectPropertyType"/>
+		</xs:complexContent>
+	</xs:complexType>
+	<xs:complexType name="FuzzyHashStructureType">
+		<xs:annotation>
+			<xs:documentation>The FuzzyHashStructureType is used for characterizing the internal components of a cryptograhic fuzzy hash algorithmic calculation.</xs:documentation>
+		</xs:annotation>
+		<xs:sequence>
+			<xs:element name="Block_Size" type="cyboxCommon:IntegerObjectPropertyType" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>The Block_Size field is optional and specifies the calculated block size for this fuzzy hash calculation.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="Block_Hash" type="cyboxCommon:FuzzyHashBlockType" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>The Block_Hash field is optional and enables specification of the elemental components utilized for a fuzzy hash calcuation on the hashed object utilizing Block_Size to calculate trigger points.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+		</xs:sequence>
+	</xs:complexType>
+	<xs:complexType name="FuzzyHashBlockType">
+		<xs:annotation>
+			<xs:documentation>The FuzzyHashBlockType is used for characterizing the internal components of a single block in a cryptograhic fuzzy hash algorithmic calculation.</xs:documentation>
+		</xs:annotation>
+		<xs:sequence>
+			<xs:element name="Block_Hash_Value" type="cyboxCommon:HashValueType" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>The Block_Hash_Value field is optional and specifies a fuzzy hash calculation result value for this Block.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="Segment_Count" type="cyboxCommon:IntegerObjectPropertyType" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>The Segment_Count field is optional and specifies the number of segments identified and utlized within this fuzzy hash calculation.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="Segments" type="cyboxCommon:HashSegmentsType" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>The Segments field is optional and specifies the set of segments identified and utlized within this fuzzy hash calculation.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+		</xs:sequence>
+	</xs:complexType>
+	<xs:complexType name="HashSegmentsType">
+		<xs:annotation>
+			<xs:documentation>The HashSegmentsType is used for characterizing the internal components of a set of trigger point-delimited segments in a cryptograhic fuzzy hash algorithmic calculation.</xs:documentation>
+		</xs:annotation>
+		<xs:sequence>
+			<xs:element name="Segment" type="cyboxCommon:HashSegmentType" maxOccurs="unbounded">
+				<xs:annotation>
+					<xs:documentation>The Segment field is optional and specifies a single segment identified and utlized within this fuzzy hash calculation.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+		</xs:sequence>
+	</xs:complexType>
+	<xs:complexType name="HashSegmentType">
+		<xs:annotation>
+			<xs:documentation>The HashSegmentType is used for characterizing the internal components of a single trigger point-delimited segment in a cryptograhic fuzzy hash algorithmic calculation.</xs:documentation>
+		</xs:annotation>
+		<xs:sequence>
+			<xs:element name="Trigger_Point" type="cyboxCommon:HexBinaryObjectPropertyType" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>The Trigger_point field is optional and specifies the offset within the hashed object of the trigger point for this segment.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="Segment_Hash" type="cyboxCommon:HashValueType" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>The Segment_Hash field is optional and specifies a calculated hash value for this segment.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="Raw_Segment_Content" type="xs:anyType" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>The Raw_Segment_Content field is optional and contains the raw content of this segment of the hashed object.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+		</xs:sequence>
+	</xs:complexType>
+	<xs:complexType name="HashType">
+		<xs:annotation>
+			<xs:documentation>The HashType type is intended to characterize hash values.</xs:documentation>
+		</xs:annotation>
+		<xs:sequence>
+			<xs:element name="Type" type="cyboxCommon:ControlledVocabularyStringType" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>The Type field utilizes a standardized controlled vocabulary to capture the type of hash used in the Simple_Hash_Value or Fuzzy_Hash_Value elements.</xs:documentation>
+					<xs:documentation>This field is implemented through the xsi:type controlled vocabulary extension mechanism. The default vocabulary type is HashNameVocab in the http://cybox.mitre.org/default_vocabularies-2 namespace. This type is defined in the cybox_default_vocabularies.xsd file or at the URL http://cybox.mitre.org/XMLSchema/default_vocabularies/2.0/cybox_default_vocabularies.xsd.
+						Users may also define their own vocabulary using the type extension mechanism (by specifying a vocabulary name and/or reference using the vocab_name and vocab_reference attributes, respectively) or simply use this as a string field. </xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:choice>
+				<xs:element name="Simple_Hash_Value" type="cyboxCommon:SimpleHashValueType" minOccurs="0">
+					<xs:annotation>
+						<xs:documentation>The Simple_Hash_Value field specifies a single result value of a basic cryptograhic hash function outputing a single hexbinary hash value.</xs:documentation>
+					</xs:annotation>
+				</xs:element>
+				<xs:element name="Fuzzy_Hash_Value" type="cyboxCommon:FuzzyHashValueType" minOccurs="0">
+					<xs:annotation>
+						<xs:documentation>The Fuzzy_Hash_Value field specifies a single result value of a cryptograhic fuzzy hash function outputing a single complex string based hash value. (e.g. SSDEEP's Block1hash:Block2hash format).</xs:documentation>
+					</xs:annotation>
+				</xs:element>
+			</xs:choice>
+			<xs:element name="Fuzzy_Hash_Structure" type="cyboxCommon:FuzzyHashStructureType" minOccurs="0" maxOccurs="unbounded">
+				<xs:annotation>
+					<xs:documentation>The Fuzzy_Hash_Structure field is optional and enables the characterization of the key internal components of a fuzzy hash calculation with a given block size. </xs:documentation>
+				</xs:annotation>
+			</xs:element>
+		</xs:sequence>
+	</xs:complexType>
+	<!---->
+	<xs:complexType name="StructuredTextType">
+		<xs:annotation>
+			<xs:documentation>The StructuredTextType is a type representing a generalized structure for capturing structured or unstructured textual information such as descriptions of things.</xs:documentation>
+		</xs:annotation>
+		<xs:simpleContent>
+			<xs:extension base="xs:string">
+				<xs:attribute name="structuring_format" type="xs:string" use="optional">
+					<xs:annotation>
+						<xs:documentation>Used to indicate a particular structuring format (e.g., HTML5) used within an instance of StructuredTextType. Note that if the markup tags used by this format would be interpreted as XML information (such as the bracket-based tags of HTML) the text area should be enclosed in a CDATA section to prevent the markup from interferring with XML validation of the CybOX document. If this attribute is absent, the implication is that no markup is being used.</xs:documentation>
+					</xs:annotation>
+				</xs:attribute>
+			</xs:extension>
+		</xs:simpleContent>
+	</xs:complexType>
+	<xs:complexType name="ReferenceListType">
+		<xs:annotation>
+			<xs:documentation>The ReferencesListType contains one or more Reference elements, each of which provide further reading and insight into the item. This should be filled out as appropriate.</xs:documentation>
+		</xs:annotation>
+		<xs:sequence>
+			<xs:element name="Reference" type="cyboxCommon:ReferenceType" maxOccurs="unbounded">
+				<xs:annotation>
+					<xs:documentation> Each Reference subelement should provide a single source from which more information and deeper insight can be obtained, such as a research paper or an excerpt from a publication. Multiple Reference subelements can exist. The sole component of this field is the id. The id is optional and translates to a preceding footnote below the context notes if the author of the entry wants to cite a reference. Not all subelements need to be completed, since some are designed for web references and others are designed for book references. The fields Reference_Author and Reference_Title should be filled out for all references if possible. Reference_Section and Reference_Date can be included for either book references or online references. Reference_Edition, Reference_Publication, Reference_Publisher, and Reference_PubDate are intended for book references, however they can be included where appropriate for other types of references. Reference_Link is intended for web references, however it can be included for book references as well if applicable. </xs:documentation>
+				</xs:annotation>
+			</xs:element>
+		</xs:sequence>
+	</xs:complexType>
+	<xs:complexType name="ReferenceType">
+		<xs:annotation>
+			<xs:documentation>The ReferenceType is a type representing a single reference to a source of information.</xs:documentation>
+		</xs:annotation>
+		<xs:sequence>
+			<xs:element name="Reference_Description" type="cyboxCommon:StructuredTextType" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>This field provides a description of the reference.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="Reference_Author" type="xs:string" minOccurs="0" maxOccurs="unbounded">
+				<xs:annotation>
+					<xs:documentation> This field identifies an individual author of the material being referenced. It is not required, but may be repeated sequentially in order to identify multiple authors for a single piece of material.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="Reference_Title" type="xs:string" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation> This field identifies the title of the material being referenced. It is not required if the material does not have a title.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="Reference_Section" type="xs:string" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation> This field is intended to provide a means of identifying the exact location of the material inside of the publication source, such as the relevant pages of a research paper, the appropriate chapters from a book, etc. This is useful for both book references and internet references.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="Reference_Edition" type="xs:string" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation> This field identifies the edition of the material being referenced in the event that multiple editions of the material exist. This will usually only be useful for book references. </xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="Reference_Publication" type="xs:string" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation> This field identifies the publication source of the reference material, if one exists. </xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="Reference_Publisher" type="xs:string" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation> This field identifies the publisher of the reference material, if one exists. </xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="Reference_Date" type="xs:date" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation> This field identifies the date when the reference was included in the entry. This provides the reader with a time line for when the material in the reference, usually the link, was valid. The date should be of the format YYYY-MM-DD. </xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="Reference_PubDate" type="xs:string" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation> This field describes the date when the reference was published YYYY. </xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="Reference_Link" type="xs:string" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation> This field should hold the URL for the material being referenced, if one exists. This should always be used for web references, and may optionally be used for book and other publication references.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+		</xs:sequence>
+		<xs:attribute name="reference_id" type="xs:string">
+			<xs:annotation>
+				<xs:documentation> The id field is optional and is used as a mechanism for citing text in the entry. If an id is provided, it is placed between brackets and precedes this reference and the matching id should be used inside of the text for the entry itself where this reference is applicable. All reference ids assigned within an entry must be unique. </xs:documentation>
+			</xs:annotation>
+		</xs:attribute>
+	</xs:complexType>
+	<!---->
+	<xs:complexType name="DataSegmentType">
+		<xs:annotation>
+			<xs:documentation>The DataSegmentType is intended to provide a relatively abstract way of characterizing data segments that may be written/read/transmitted or otherwise utilized in actions or behaviors. </xs:documentation>
+		</xs:annotation>
+		<xs:sequence>
+			<xs:element name="Data_Format" type="cyboxCommon:DataFormatEnum" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>The Data_Format field refers to the type of data contained in the Data_Segment element. </xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="Data_Size" type="cyboxCommon:DataSizeType" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>The Data_Size field contains the size of the data contained in this element.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="Data_Segment" type="cyboxCommon:StringObjectPropertyType" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>The Data_Segment field contains the actual segment of data being characterized.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="Offset" type="cyboxCommon:IntegerObjectPropertyType" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>The Offset field allows for the specification of where to start searching for the specified data segment in an object, in bytes.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="Search_Distance" type="cyboxCommon:IntegerObjectPropertyType" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>The Search_Distance field specifies how far into an object should be ignored, in bytes, before starting to search for the specified data segment relative to the end of the previous data segment.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="Search_Within" type="cyboxCommon:IntegerObjectPropertyType" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>The Search_Within field specifies that at most N bytes are between data segments in related objects.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+		</xs:sequence>
+		<xs:attribute name="id" type="xs:QName">
+			<xs:annotation>
+				<xs:documentation>The id field specifies a unique id for this data segment.</xs:documentation>
+			</xs:annotation>
+		</xs:attribute>
+	</xs:complexType>
+	<xs:simpleType name="DataFormatEnum">
+		<xs:annotation>
+			<xs:documentation>The DataFormatEnum is a (non-exhaustive) enumeration of data formats.</xs:documentation>
+		</xs:annotation>
+		<xs:restriction base="xs:string">
+			<xs:enumeration value="Binary">
+				<xs:annotation>
+					<xs:documentation>Specifies binary data.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Hexadecimal">
+				<xs:annotation>
+					<xs:documentation>Specifies hexadecimal data.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Text">
+				<xs:annotation>
+					<xs:documentation>Specifies text.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Other">
+				<xs:annotation>
+					<xs:documentation>Specifies any other type of data from the ones listed.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+		</xs:restriction>
+	</xs:simpleType>
+	<xs:complexType name="DataSizeType">
+		<xs:annotation>
+			<xs:documentation>The DataSizeType specifies the size of the data segment.</xs:documentation>
+		</xs:annotation>
+		<xs:simpleContent>
+			<xs:extension base="cyboxCommon:StringObjectPropertyType">
+				<xs:attribute name="units" type="cyboxCommon:DataSizeUnitsEnum" use="required">
+					<xs:annotation>
+						<xs:documentation>This field represents the Units used in the object size element. Possible values are: Bytes, Kilobytes, Megabytes.</xs:documentation>
+					</xs:annotation>
+				</xs:attribute>
+			</xs:extension>
+		</xs:simpleContent>
+	</xs:complexType>
+	<xs:simpleType name="DataSizeUnitsEnum">
+		<xs:annotation>
+			<xs:documentation>The DataSizeUnitsEnum is a (non-exhaustive) enumeration of data size units.</xs:documentation>
+		</xs:annotation>
+		<xs:restriction base="xs:string">
+			<xs:enumeration value="Bytes">
+				<xs:annotation>
+					<xs:documentation>Specifies an object size in Bytes.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Kilobytes">
+				<xs:annotation>
+					<xs:documentation>Specifies an object size in Kilobytes.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Megabytes">
+				<xs:annotation>
+					<xs:documentation>Specifies an object size in Megabytes.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+		</xs:restriction>
+	</xs:simpleType>
+	<!---->
+	<xs:complexType name="PlatformSpecificationType">
+		<xs:annotation>
+			<xs:documentation>PlatformSpecificationType is a modularized data type intended for providing a consistent approach to uniquely specifying the identity of a specific platform.</xs:documentation>
+			<xs:documentation>In addition to capturing basic information, this type is intended to be extended to enable the structured description of a platform instance using the XML Schema extension feature. The CybOX default extension uses the Common Platform Enumeration (CPE) Applicability Language schema to do so. The extension that defines this is captured in the CPE23PlatformSpecificationType in the http://cybox.mitre.org/extensions/platform#CPE2.3-1 namespace. This type is defined in the extensions/platform/cpe2.3.xsd file.</xs:documentation>
+		</xs:annotation>
+		<xs:sequence>
+			<xs:element name="Description" type="cyboxCommon:StructuredTextType" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>A prose description of the indicated platform.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="Identifier" type="cyboxCommon:PlatformIdentifierType" minOccurs="0" maxOccurs="unbounded">
+				<xs:annotation>
+					<xs:documentation>Indicates a pre-defined name for the given platform using some naming scheme. For example, one could provide a CPE (Common Platform Enumeration) name using the CPE naming format.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+		</xs:sequence>
+	</xs:complexType>
+	<xs:complexType name="PlatformIdentifierType">
+		<xs:annotation>
+			<xs:documentation>Used to specify a name for a platform using a particular naming system and also allowing a reference pointing to more information about that naming scheme. For example, one could provide a CPE (Common Platform Enumeration) name using the CPE naming format. In this case, the system value could be "CPE" while the system_ref value could be "http://scap.nist.gov/specifications/cpe/".</xs:documentation>
+		</xs:annotation>
+		<xs:simpleContent>
+			<xs:extension base="cyboxCommon:StringObjectPropertyType">
+				<xs:attribute name="system" type="xs:string">
+					<xs:annotation>
+						<xs:documentation>Indicates the naming system from which the indicated name was drawn.</xs:documentation>
+					</xs:annotation>
+				</xs:attribute>
+				<xs:attribute name="system-ref" type="xs:anyURI">
+					<xs:annotation>
+						<xs:documentation>A reference to information about the naming system from which the indicated name was drawn.</xs:documentation>
+					</xs:annotation>
+				</xs:attribute>
+			</xs:extension>
+		</xs:simpleContent>
+	</xs:complexType>
+	<!---->
+	<xs:complexType name="MetadataType">
+		<xs:annotation>
+			<xs:documentation>The MetadataType is intended as mechanism to capture any non-context-specific metadata</xs:documentation>
+		</xs:annotation>
+		<xs:sequence>
+			<xs:element name="Value" type="xs:string" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>This field specifies the value of name of a single metadata field.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="SubDatum" type="cyboxCommon:MetadataType" minOccurs="0" maxOccurs="unbounded">
+				<xs:annotation>
+					<xs:documentation>This field uses recursion of the MetadataType specify subdatum structures for this metadata field.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+		</xs:sequence>
+		<xs:attribute name="type" type="xs:string">
+			<xs:annotation>
+				<xs:documentation>This field specifies the type of name of a single metadata field.</xs:documentation>
+			</xs:annotation>
+		</xs:attribute>
+	</xs:complexType>
+	<!---->
+	<xs:complexType name="EnvironmentVariableListType">
+		<xs:annotation>
+			<xs:documentation>The EnvironmentVariableListType type is used for representing a list of environment variables.</xs:documentation>
+		</xs:annotation>
+		<xs:sequence>
+			<xs:element name="Environment_Variable" type="cyboxCommon:EnvironmentVariableType" maxOccurs="unbounded">
+				<xs:annotation>
+					<xs:documentation>The Environment_Variable field is used for representing environment variables using a name/value pair.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+		</xs:sequence>
+	</xs:complexType>
+	<xs:complexType name="EnvironmentVariableType">
+		<xs:annotation>
+			<xs:documentation>The EnvironmentVariableType type is used for representing environment variables using a name/value pair.</xs:documentation>
+		</xs:annotation>
+		<xs:sequence>
+			<xs:element name="Name" type="cyboxCommon:StringObjectPropertyType">
+				<xs:annotation>
+					<xs:documentation>The Name field specifies the name of the environment variable.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="Value" type="cyboxCommon:StringObjectPropertyType" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>The Value field specifies the value of the environment variable.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+		</xs:sequence>
+	</xs:complexType>
+	<!---->
+	<xs:complexType name="DigitalSignaturesType">
+		<xs:annotation>
+			<xs:documentation>The DigitalSignaturesType is used for representing a list of digital signatures.</xs:documentation>
+		</xs:annotation>
+		<xs:sequence>
+			<xs:element name="Digital_Signature" type="cyboxCommon:DigitalSignatureInfoType" minOccurs="0" maxOccurs="unbounded">
+				<xs:annotation>
+					<xs:documentation>The Digital_Signature field is optional and captures a single digital signature for this Object.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+		</xs:sequence>
+	</xs:complexType>
+	<xs:complexType name="DigitalSignatureInfoType">
+		<xs:annotation>
+			<xs:documentation>The DigitalSignatureInfoType type is used as a way to represent some of the basic information about a digital signature.</xs:documentation>
+		</xs:annotation>
+		<xs:sequence>
+			<xs:element name="Certificate_Issuer" type="cyboxCommon:StringObjectPropertyType" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>The certificate issuer of the digital signature.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="Certificate_Subject" type="cyboxCommon:StringObjectPropertyType" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>The certificate subject of the digital signature.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="Signature_Description" type="cyboxCommon:StringObjectPropertyType" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>A description of the digital signature.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+		</xs:sequence>
+		<xs:attribute name="signature_exists" type="xs:boolean">
+			<xs:annotation>
+				<xs:documentation>Specifies whether the digital signature exists.</xs:documentation>
+			</xs:annotation>
+		</xs:attribute>
+		<xs:attribute name="signature_verified" type="xs:boolean">
+			<xs:annotation>
+				<xs:documentation>Specifies if the digital signature is verified.</xs:documentation>
+			</xs:annotation>
+		</xs:attribute>
+	</xs:complexType>
+	<!---->
+	<xs:complexType name="PatternableFieldType">
+		<xs:annotation>
+			<xs:documentation>The PatternableFieldType is a grouping of attributes applicable to defining patterns on a specific field.</xs:documentation>
+		</xs:annotation>
+		<xs:simpleContent>
+			<xs:extension base="xs:anySimpleType">
+				<xs:attributeGroup ref="cyboxCommon:PatternFieldGroup"/>
+			</xs:extension>
+		</xs:simpleContent>
+	</xs:complexType>
+	<!---->
+	<xs:complexType name="ControlledVocabularyStringType">
+		<xs:annotation>
+			<xs:documentation>The ControlledVocabularyStringType is used as the basis for defining controlled vocabularies.</xs:documentation>
+		</xs:annotation>
+		<xs:simpleContent>
+			<xs:extension base="cyboxCommon:PatternableFieldType">
+				<xs:attribute name="vocab_name" type="xs:string" use="optional">
+					<xs:annotation>
+						<xs:documentation>The vocab_name field specifies the name of the controlled vocabulary.</xs:documentation>
+					</xs:annotation>
+				</xs:attribute>
+				<xs:attribute name="vocab_reference" type="xs:anyURI" use="optional">
+					<xs:annotation>
+						<xs:documentation>The vocab_reference field specifies the URI to the location of where the controlled vocabulary is defined, e.g., in an externally located XML schema file.</xs:documentation>
+					</xs:annotation>
+				</xs:attribute>
+			</xs:extension>
+		</xs:simpleContent>
+	</xs:complexType>
+	<!---->
+	<xs:complexType name="SIDType">
+		<xs:annotation>
+			<xs:documentation>SIDType specifies Windows Security ID (SID) types via a union of the SIDTypeEnum type and the atomic xs:string type. Its base type is the CybOX Core BaseObjectPropertyType, for permitting complex (i.e. regular-expression based) specifications.</xs:documentation>
+			<xs:documentation>Properties that use this type can express multiple values by providing them using a comma separated list. As such, a comma is a reserved character in all uses of this type. Commas in values should be expressed as &amp;comma; (that is, ampersand-"comma"-semicolon). Such expressions should be converted back to a comma before displaying to users or handing off values to tools for processing. Note that whitespace is preserved and so, when specifying a list of values, do not include a space following a comma in a list unless the first character of the next list item should, in fact, be a space.</xs:documentation>
+		</xs:annotation>
+		<xs:simpleContent>
+			<xs:restriction base="cyboxCommon:BaseObjectPropertyType">
+				<xs:simpleType>
+					<xs:union memberTypes="cyboxCommon:SIDTypeEnum xs:string"/>
+				</xs:simpleType>
+				<xs:attribute name="datatype" type="cyboxCommon:DatatypeEnum" use="optional" fixed="string">
+					<xs:annotation>
+						<xs:documentation>This attribute is optional and specifies the expected type for the value of the specified property.</xs:documentation>
+					</xs:annotation>
+				</xs:attribute>
+			</xs:restriction>
+		</xs:simpleContent>
+	</xs:complexType>
+	<xs:simpleType name="SIDTypeEnum">
+		<xs:annotation>
+			<xs:documentation>The SIDTypeEnum type is an enumeration of Windows Security ID (SID) types. These correspond to the values specified by the SID_NAME_USE enumeration--see http://msdn.microsoft.com/en-us/library/windows/desktop/aa379601(v=vs.85).aspx for more information.</xs:documentation>
+		</xs:annotation>
+		<xs:restriction base="xs:string">
+			<xs:enumeration value="SidTypeUser">
+				<xs:annotation>
+					<xs:documentation>Indicates a SID of type User.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="SidTypeGroup">
+				<xs:annotation>
+					<xs:documentation>Indicates a SID of type Group.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="SidTypeDomain">
+				<xs:annotation>
+					<xs:documentation>Indicates a SID of type Domain.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="SidTypeAlias">
+				<xs:annotation>
+					<xs:documentation>Indicates a SID of type Alias.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="SidTypeWellKnownGroup">
+				<xs:annotation>
+					<xs:documentation>Indicates a SID for a well-known group.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="SidTypeDeletedAccount">
+				<xs:annotation>
+					<xs:documentation>Indicates a SID for a deleted account.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="SidTypeInvalid">
+				<xs:annotation>
+					<xs:documentation>Indicates an invalid SID.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="SidTypeUnknown">
+				<xs:annotation>
+					<xs:documentation>Indicates a SID of unknown type.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="SidTypeComputer">
+				<xs:annotation>
+					<xs:documentation>Indicates a SID for a computer.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="SidTypeLabel">
+				<xs:annotation>
+					<xs:documentation>Indicates a mandatory integrity label SID.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+		</xs:restriction>
+	</xs:simpleType>
+</xs:schema>
diff --git a/stix_validator/schema/cybox/cybox_core.xsd b/stix_validator/schema/cybox/cybox_core.xsd
new file mode 100755
index 0000000..3328acf
--- /dev/null
+++ b/stix_validator/schema/cybox/cybox_core.xsd
@@ -0,0 +1,1090 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<xs:schema xmlns:xs="http://www.w3.org/2001/XMLSchema" xmlns:cybox="http://cybox.mitre.org/cybox-2" xmlns:cyboxCommon="http://cybox.mitre.org/common-2" targetNamespace="http://cybox.mitre.org/cybox-2" elementFormDefault="qualified" attributeFormDefault="unqualified" version="2.0">
+	<xs:annotation>
+		<xs:documentation>This schema was originally developed by The MITRE Corporation. The CybOX XML Schema implementation is maintained by The MITRE Corporation and developed by the open CybOX Community. For more information, including how to get involved in the effort and how to submit change requests, please visit the CybOX website at http://cybox.mitre.org. </xs:documentation>
+		<xs:appinfo>
+			<schema>CybOX Core</schema>
+			<version>2.0</version>
+			<date>04/08/2013 9:00:00 AM</date>
+			<short_description>The following specifies the fields and types that compose this defined CybOX Core.</short_description>
+			<terms_of_use>Copyright (c) 2012-2013, The MITRE Corporation. All rights reserved. The contents of this file are subject to the terms of the CybOX License located at http://cybox.mitre.org/about/termsofuse.html. See the CybOX License for the specific language governing permissions and limitations for use of this schema. When distributing copies of the CybOX Schema, this license header must be included. </terms_of_use>
+		</xs:appinfo>
+	</xs:annotation>
+	<xs:import namespace="http://cybox.mitre.org/common-2" schemaLocation="cybox_common.xsd"/>
+	<xs:element name="Observables" type="cybox:ObservablesType">
+		<xs:annotation>
+			<xs:documentation>The Observables construct represents a collection of cyber observables.</xs:documentation>
+		</xs:annotation>
+	</xs:element>
+	<xs:complexType name="ObservablesType">
+		<xs:annotation>
+			<xs:documentation>The ObservablesType is a type representing a collection of cyber observables.</xs:documentation>
+		</xs:annotation>
+		<xs:sequence>
+			<xs:element name="Observable_Package_Source" type="cyboxCommon:MeasureSourceType" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>The Observable_Package_Source field is optional and enables descriptive specification of how this package of Observables was identified and specified. </xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element ref="cybox:Observable" maxOccurs="unbounded"/>
+			<xs:element name="Pools" type="cybox:PoolsType" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>The Pools construct enables the description of Events, Actions, Objects and Properties in a space-efficient pooled manner with the actual Observable structures defined in the CybOX schema containing references to the pooled elements. This reduces redundancy caused when identical observable elements occur multiple times within a set of defined Observables.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+		</xs:sequence>
+		<xs:attribute name="cybox_major_version" type="xs:string" use="required">
+			<xs:annotation>
+				<xs:documentation>The major_version field specifies the major version of the CybOX language utlized for this set of Observables.</xs:documentation>
+			</xs:annotation>
+		</xs:attribute>
+		<xs:attribute name="cybox_minor_version" type="xs:string" use="required">
+			<xs:annotation>
+				<xs:documentation>The minor_version field specifies the minor version of the CybOX language utlized for this set of Observables.</xs:documentation>
+			</xs:annotation>
+		</xs:attribute>
+	</xs:complexType>
+	<xs:element name="Observable" type="cybox:ObservableType">
+		<xs:annotation>
+			<xs:documentation>The Observable construct represents a description of a single cyber observable.</xs:documentation>
+		</xs:annotation>
+	</xs:element>
+	<xs:complexType name="ObservableType">
+		<xs:annotation>
+			<xs:documentation>The ObservableType is a type representing a description of a single cyber observable.</xs:documentation>
+		</xs:annotation>
+		<xs:sequence>
+			<xs:element name="Title" type="xs:string" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>The Title field provides a mechanism to specify a short title or description for this Observable</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="Description" type="cyboxCommon:StructuredTextType" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>The Description field provides a mechanism to specify a structured text description of this Observable. </xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="Keywords" type="cybox:KeywordsType" minOccurs="0" maxOccurs="1">
+				<xs:annotation>
+					<xs:documentation>Keywords enables capture of relevant keywords for this cyber observable.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="Observable_Source" type="cyboxCommon:MeasureSourceType" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>The Observable_Source field is optional and enables descriptive specification of how this Observable was identified and specified. </xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:choice minOccurs="0">
+				<xs:element ref="cybox:Object" minOccurs="0">
+					<xs:annotation>
+						<xs:documentation>The Object construct identifies and specificies the characteristics of a specific cyber-relevant object (e.g. a file, a registry key or a process). </xs:documentation>
+					</xs:annotation>
+				</xs:element>
+				<xs:element ref="cybox:Event" minOccurs="0">
+					<xs:annotation>
+						<xs:documentation>The Event construct enables specification of a cyber observable event that is dynamic in nature with specific action(s) taken against specific cyber relevant objects (e.g. a file is deleted, a registry key is created or an HTTP Get Request is received).</xs:documentation>
+					</xs:annotation>
+				</xs:element>
+				<xs:element name="Observable_Composition" type="cybox:ObservableCompositionType" minOccurs="0">
+					<xs:annotation>
+						<xs:documentation>The Observable_Composition construct enables specification of composite observables made up of logical constructions of atomic observables or other composite observables (e.g. Obs5 = (Obs1 OR Obs2) AND (Obs3 OR Obs4)).</xs:documentation>
+					</xs:annotation>
+				</xs:element>
+			</xs:choice>
+			<xs:element name="Pattern_Fidelity" type="cybox:PatternFidelityType" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>Pattern_Fidelity contains elements that enable the characterization of the fidelity of this pattern to its purpose.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+		</xs:sequence>
+		<xs:attribute name="id" type="xs:QName">
+			<xs:annotation>
+				<xs:documentation>The id field specifies a unique id for this Observable.</xs:documentation>
+			</xs:annotation>
+		</xs:attribute>
+		<xs:attribute name="idref" type="xs:QName">
+			<xs:annotation>
+				<xs:documentation>The idref field specifies a unique id reference to an Observable defined elsewhere.</xs:documentation>
+			</xs:annotation>
+		</xs:attribute>
+		<xs:attribute name="negate" type="xs:boolean" default="false">
+			<xs:annotation>
+				<xs:documentation>The negate field, when set to true, indicates the absence (rather than the presence) of the given Observable in a CybOX pattern.</xs:documentation>
+			</xs:annotation>
+		</xs:attribute>
+	</xs:complexType>
+	<!---->
+	<xs:simpleType name="TrendEnum">
+		<xs:annotation>
+			<xs:documentation>TrendEnum is a (non-exhaustive) enumeration of trend types.</xs:documentation>
+		</xs:annotation>
+		<xs:restriction base="xs:string">
+			<xs:enumeration value="Increasing">
+				<xs:annotation>
+					<xs:documentation>Specifies an increasing trend.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Decreasing">
+				<xs:annotation>
+					<xs:documentation>Specifies a decreasing trend.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+		</xs:restriction>
+	</xs:simpleType>
+	<!---->
+	<xs:element name="Event" type="cybox:EventType">
+		<xs:annotation>
+			<xs:documentation>The Event construct enables specification of a cyber observable event that is dynamic in nature with specific action(s) taken against specific cyber relevant objects (e.g. a file is deleted, a registry key is created or an HTTP Get Request is received).</xs:documentation>
+		</xs:annotation>
+	</xs:element>
+	<xs:complexType name="EventType">
+		<xs:annotation>
+			<xs:documentation>The EventType is a complex type representing a cyber observable event that is dynamic in nature with specific action(s) taken against specific cyber relevant objects (e.g. a file is deleted, a registry key is created or an HTTP Get Request is received).</xs:documentation>
+		</xs:annotation>
+		<xs:choice>
+			<xs:sequence>
+				<xs:element name="Type" type="cyboxCommon:ControlledVocabularyStringType" minOccurs="0">
+					<xs:annotation>
+						<xs:documentation>The Type field uses a standardized controlled vocabulary to capture what type of Event this is.</xs:documentation>
+						<xs:documentation>This field is implemented through the xsi:type controlled vocabulary extension mechanism. The default vocabulary type is EventTypeVocab in the http://cybox.mitre.org/default_vocabularies-2 namespace. This type is defined in the cybox_default_vocabularies.xsd file or at the URL http://cybox.mitre.org/XMLSchema/default_vocabularies/2.0/cybox_default_vocabularies.xsd.
+							Users may also define their own vocabulary using the type extension mechanism (by specifying a vocabulary name and/or reference using the vocab_name and vocab_reference attributes, respectively) or simply use this as a string field. </xs:documentation>
+					</xs:annotation>
+				</xs:element>
+				<xs:element name="Description" type="cyboxCommon:StructuredTextType" minOccurs="0">
+					<xs:annotation>
+						<xs:documentation>The Description field provides a mechanism to specify a structured text description of this Event. </xs:documentation>
+					</xs:annotation>
+				</xs:element>
+				<xs:element name="Observation_Method" type="cyboxCommon:MeasureSourceType" minOccurs="0">
+					<xs:annotation>
+						<xs:documentation>The Observation_Method field is optional and enables descriptive specification of how this Event was observed (in the case of a Cyber Observable Event instance) or could potentially be observed (in the case of a Cyber Observable Event pattern). </xs:documentation>
+					</xs:annotation>
+				</xs:element>
+				<xs:element name="Actions" type="cybox:ActionsType" minOccurs="0">
+					<xs:annotation>
+						<xs:documentation>The Actions construct enables description/specification of one or more cyber observable actions. </xs:documentation>
+					</xs:annotation>
+				</xs:element>
+				<xs:element name="Frequency" type="cybox:FrequencyType" minOccurs="0">
+					<xs:annotation>
+						<xs:documentation>The Frequency field conveys a targeted observation pattern of the frequency of the associated event or action.</xs:documentation>
+					</xs:annotation>
+				</xs:element>
+			</xs:sequence>
+			<xs:sequence maxOccurs="unbounded">
+				<xs:element name="Event" type="cybox:EventType">
+					<xs:annotation>
+						<xs:documentation>This Event construct is included recursively to enable description/specification of composite Events.</xs:documentation>
+					</xs:annotation>
+				</xs:element>
+			</xs:sequence>
+		</xs:choice>
+		<xs:attribute name="id" type="xs:QName">
+			<xs:annotation>
+				<xs:documentation>The id field specifies a unique id for this Event.</xs:documentation>
+			</xs:annotation>
+		</xs:attribute>
+		<xs:attribute name="idref" type="xs:QName">
+			<xs:annotation>
+				<xs:documentation>The idref field specifies a unique id reference to an Event defined elsewhere.</xs:documentation>
+			</xs:annotation>
+		</xs:attribute>
+	</xs:complexType>
+	<xs:complexType name="FrequencyType">
+		<xs:annotation>
+			<xs:documentation>The FrequencyType is a type representing the specification of a frequency for a given action or event.</xs:documentation>
+		</xs:annotation>
+		<xs:attribute name="rate" type="xs:float" use="required">
+			<xs:annotation>
+				<xs:documentation>This field specifies the rate for this defined frequency.</xs:documentation>
+			</xs:annotation>
+		</xs:attribute>
+		<xs:attribute name="units" type="xs:string" use="required">
+			<xs:annotation>
+				<xs:documentation>This field specifies the units for this defined frequency.</xs:documentation>
+			</xs:annotation>
+		</xs:attribute>
+		<xs:attribute name="scale" type="xs:string" use="required">
+			<xs:annotation>
+				<xs:documentation>This field specifies the time scale for this defined frequency.</xs:documentation>
+			</xs:annotation>
+		</xs:attribute>
+		<xs:attribute name="trend" type="cybox:TrendEnum">
+			<xs:annotation>
+				<xs:documentation>This field is optional and conveys a targeted observation pattern of the nature of any trend in the frequency of the associated event or action. This field would be leveraged within an event or action pattern observable triggering on the matching of a specified trend in the frequency of an event or action.</xs:documentation>
+			</xs:annotation>
+		</xs:attribute>
+	</xs:complexType>
+	<!---->
+	<xs:element name="Action" type="cybox:ActionType">
+		<xs:annotation>
+			<xs:documentation>The Action construct enables description/specification of a single cyber observable action. </xs:documentation>
+		</xs:annotation>
+	</xs:element>
+	<xs:complexType name="ActionsType">
+		<xs:annotation>
+			<xs:documentation>The ActionsType is a complex type representing a set of cyber observable actions.</xs:documentation>
+		</xs:annotation>
+		<xs:sequence>
+			<xs:element ref="cybox:Action" maxOccurs="unbounded">
+				<xs:annotation>
+					<xs:documentation>The Action construct enables description/specification of a single cyber observable action. </xs:documentation>
+				</xs:annotation>
+			</xs:element>
+		</xs:sequence>
+	</xs:complexType>
+	<xs:complexType name="ActionType">
+		<xs:annotation>
+			<xs:documentation>The ActionType is a complex type representing a single cyber observable action.</xs:documentation>
+		</xs:annotation>
+		<xs:sequence>
+			<xs:element name="Type" type="cyboxCommon:ControlledVocabularyStringType" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>The Type field is optional and utilizes a standardized controlled vocabulary to specify the basic type of the action that was performed.</xs:documentation>
+					<xs:documentation>This field is implemented through the xsi:type controlled vocabulary extension mechanism. The default vocabulary type is ActionTypeVocab in the http://cybox.mitre.org/default_vocabularies-2 namespace. This type is defined in the cybox_default_vocabularies.xsd file or at the URL http://cybox.mitre.org/XMLSchema/default_vocabularies/2.0/cybox_default_vocabularies.xsd.
+						Users may also define their own vocabulary using the type extension mechanism (by specifying a vocabulary name and/or reference using the vocab_name and vocab_reference attributes, respectively) or simply use this as a string field.
+					</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="Name" type="cyboxCommon:ControlledVocabularyStringType" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>The Name field is optional and utilizes a standardized controlled vocabulary to identify/characterize the specific name of the action that was performed.</xs:documentation>
+					<xs:documentation>This field is implemented through the xsi:type controlled vocabulary extension mechanism. The default vocabulary type is ActionNameVocab in the http://cybox.mitre.org/default_vocabularies-2 namespace. This type is defined in the cybox_default_vocabularies.xsd file or at the URL http://cybox.mitre.org/XMLSchema/default_vocabularies/2.0/cybox_default_vocabularies.xsd.
+						Users may also define their own vocabulary using the type extension mechanism (by specifying a vocabulary name and/or reference using the vocab_name and vocab_reference attributes, respectively) or simply use this as a string field.
+					</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="Description" type="cyboxCommon:StructuredTextType" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>The Description field contains a textual description of the action.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="Action_Aliases" type="cybox:ActionAliasesType" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>The Action_Aliases field is optional and enables identification of other potentially used names for this Action.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="Action_Arguments" type="cybox:ActionArgumentsType" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>The Action_Arguments field is optional and enables the specification of relevant arguments/parameters for this Action.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="Discovery_Method" type="cyboxCommon:MeasureSourceType" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>The Discovery_Method field is optional and enables descriptive specification of how this Action was observed (in the case of a Cyber Observable Action instance) or could potentially be observed (in the case of a Cyber Observable Action pattern). </xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="Associated_Objects" type="cybox:AssociatedObjectsType" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>The Associated_Objects construct is optional and enables the description/specification of cyber Objects relevant (either initiating or affected by) this Action.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="Relationships" type="cybox:RelationshipsType" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>The Relationships construct is optional and enables description of other cyber observable actions that are related to this Action.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="Frequency" type="cybox:FrequencyType" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>The Frequency field conveys a targeted observation pattern of the frequency of the associated event or action.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+		</xs:sequence>
+		<xs:attribute name="id" type="xs:QName">
+			<xs:annotation>
+				<xs:documentation>The id field specifies a unique id for this Action.</xs:documentation>
+			</xs:annotation>
+		</xs:attribute>
+		<xs:attribute name="idref" type="xs:QName">
+			<xs:annotation>
+				<xs:documentation>The idref field specifies a unique id reference to an Action defined elsewhere.</xs:documentation>
+			</xs:annotation>
+		</xs:attribute>
+		<xs:attribute name="ordinal_position" type="xs:positiveInteger">
+			<xs:annotation>
+				<xs:documentation>The ordinal_position field is intended to reference the ordinal position of the action with within a series of actions.</xs:documentation>
+			</xs:annotation>
+		</xs:attribute>
+		<xs:attribute name="action_status" type="cybox:ActionStatusTypeEnum">
+			<xs:annotation>
+				<xs:documentation>The action_status field enables description of the status of the action being described.</xs:documentation>
+			</xs:annotation>
+		</xs:attribute>
+		<xs:attribute name="context" type="cybox:ActionContextTypeEnum">
+			<xs:annotation>
+				<xs:documentation>The context field is optional and enables simple characterization of the broad operational context in which the Action is relevant</xs:documentation>
+			</xs:annotation>
+		</xs:attribute>
+		<xs:attribute name="timestamp" type="xs:dateTime">
+			<xs:annotation>
+				<xs:documentation>The timestamp field represents the local or relative time at which the action occurred or was observed. </xs:documentation>
+			</xs:annotation>
+		</xs:attribute>
+	</xs:complexType>
+	<xs:simpleType name="ActionStatusTypeEnum">
+		<xs:annotation>
+			<xs:documentation>ActionStatusTypeEnum is a (non-exhaustive) enumeration of cyber observable action status types.</xs:documentation>
+		</xs:annotation>
+		<xs:restriction base="xs:string">
+			<xs:enumeration value="Success">
+				<xs:annotation>
+					<xs:documentation>Specifies a cyber observable action that was successful.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Fail">
+				<xs:annotation>
+					<xs:documentation>Specifies a cyber observable action that failed.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Error">
+				<xs:annotation>
+					<xs:documentation>Specifies a cyber observable action that resulted in an error.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Complete/Finish">
+				<xs:annotation>
+					<xs:documentation>Specifies a cyber observable action that completed or finished. This action status does not specify the result of the action (e.g., Success/Error).</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Pending">
+				<xs:annotation>
+					<xs:documentation>Specifies a cyber observable action is pending.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Ongoing">
+				<xs:annotation>
+					<xs:documentation>Specifies a cyber observable action that is ongoing.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Unknown">
+				<xs:annotation>
+					<xs:documentation>Specifies a cyber observable action with an unknown status.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+		</xs:restriction>
+	</xs:simpleType>
+	<xs:simpleType name="ActionContextTypeEnum">
+		<xs:annotation>
+			<xs:documentation>ActionContextTypeEnum is a (non-exhaustive) enumeration of cyber observable action contexts.</xs:documentation>
+		</xs:annotation>
+		<xs:restriction base="xs:string">
+			<xs:enumeration value="Host">
+				<xs:annotation>
+					<xs:documentation>Specifies that the cyber observable action occurred on a host.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Network">
+				<xs:annotation>
+					<xs:documentation>Specifies that the cyber observable action occurred on a network.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+		</xs:restriction>
+	</xs:simpleType>
+	<xs:complexType name="ActionAliasesType">
+		<xs:annotation>
+			<xs:documentation>The ActionAliasesType enables identification of other potentially used names for this Action.</xs:documentation>
+		</xs:annotation>
+		<xs:sequence>
+			<xs:element name="Action_Alias" type="xs:string" maxOccurs="unbounded">
+				<xs:annotation>
+					<xs:documentation>The Action_Alias field is optional and enables identification of a single other potentially used name for this Action.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+		</xs:sequence>
+	</xs:complexType>
+	<xs:complexType name="ActionArgumentsType">
+		<xs:annotation>
+			<xs:documentation>The ActionArgumentsType enables the specification of relevant arguments/parameters for this Action.</xs:documentation>
+		</xs:annotation>
+		<xs:sequence>
+			<xs:element name="Action_Argument" type="cybox:ActionArgumentType" maxOccurs="unbounded">
+				<xs:annotation>
+					<xs:documentation>The Action_Argument construct is optional and enables the specification of a single relevant argument/parameter for this Action.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+		</xs:sequence>
+	</xs:complexType>
+	<xs:complexType name="ActionArgumentType">
+		<xs:annotation>
+			<xs:documentation>The ActionArgumentType enables the specification of a single relevant argument/parameter for this Action.</xs:documentation>
+		</xs:annotation>
+		<xs:sequence>
+			<xs:element name="Argument_Name" type="cyboxCommon:ControlledVocabularyStringType" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>The Defined_Argument_Name field is optional and utilizes a standardized controlled vocabulary to identify/characterize the specific action argument utilized.</xs:documentation>
+					<xs:documentation>This field is implemented through the xsi:type controlled vocabulary extension mechanism. The default vocabulary type is ActionArgumentNameVocab in the http://cybox.mitre.org/default_vocabularies-2 namespace. This type is defined in the cybox_default_vocabularies.xsd file or at the URL http://cybox.mitre.org/XMLSchema/default_vocabularies/2.0/cybox_default_vocabularies.xsd.
+						Users may also define their own vocabulary using the type extension mechanism (by specifying a vocabulary name and/or reference using the vocab_name and vocab_reference attributes, respectively) or simply use this as a string field.
+					</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="Argument_Value" type="xs:string" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>The Argument_Value field specifies the value for this action argument/parameter.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+		</xs:sequence>
+	</xs:complexType>
+	<xs:complexType name="AssociatedObjectsType">
+		<xs:annotation>
+			<xs:documentation>The AssociatedObjectsType enables the description/specification of cyber Objects relevant to an Action.</xs:documentation>
+		</xs:annotation>
+		<xs:sequence>
+			<xs:element name="Associated_Object" type="cybox:AssociatedObjectType" maxOccurs="unbounded">
+				<xs:annotation>
+					<xs:documentation>The Associated_Object construct enables the description of cyber Objects associated with this Action. This could include Objects that initiated the action, are the target Objects affected by the Action, are utilized by the Action or are the returned result of the Action.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+		</xs:sequence>
+	</xs:complexType>
+	<xs:complexType name="AssociatedObjectType">
+		<xs:annotation>
+			<xs:documentation>The AssociatedObjectType is a complex type representing the characterization of a cyber observable Object associated with a given cyber observable Action.</xs:documentation>
+		</xs:annotation>
+		<xs:complexContent>
+			<xs:extension base="cybox:ObjectType">
+				<xs:sequence>
+					<xs:element name="Association_Type" type="cyboxCommon:ControlledVocabularyStringType" minOccurs="0">
+						<xs:annotation>
+							<xs:documentation>The Association_Type field utilizes a standardized controlled vocabulary to specify the kind of association this Object holds for this Action.</xs:documentation>
+							<xs:documentation>This field is implemented through the xsi:type controlled vocabulary extension mechanism. The default vocabulary type is ActionObjectAssociationTypeVocab in the http://cybox.mitre.org/default_vocabularies-2 namespace. This type is defined in the cybox_default_vocabularies.xsd file or at the URL http://cybox.mitre.org/XMLSchema/default_vocabularies/2.0/cybox_default_vocabularies.xsd.
+								Users may also define their own vocabulary using the type extension mechanism (by specifying a vocabulary name and/or reference using the vocab_name and vocab_reference attributes, respectively) or simply use this as a string field.
+							</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+					<xs:element name="Action_Pertinent_Object_Properties" type="cybox:ActionPertinentObjectPropertiesType" minOccurs="0">
+						<xs:annotation>
+							<xs:documentation>The Action_Pertinent_Object_Properties construct is optional and identifies which of the Properties of this Object are specifically pertinent to this Action.</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+				</xs:sequence>
+			</xs:extension>
+		</xs:complexContent>
+	</xs:complexType>
+	<xs:complexType name="ActionPertinentObjectPropertiesType">
+		<xs:annotation>
+			<xs:documentation>The ActionPertinentObjectPropertiesType identifies which of the Properties of this Object are specifically pertinent to this Action.</xs:documentation>
+		</xs:annotation>
+		<xs:sequence>
+			<xs:element name="Property" type="cybox:ActionPertinentObjectPropertyType" maxOccurs="unbounded">
+				<xs:annotation>
+					<xs:documentation>The Property construct identifies a single Object Property that is specifically pertinent to this Action.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+		</xs:sequence>
+	</xs:complexType>
+	<xs:complexType name="ActionPertinentObjectPropertyType">
+		<xs:annotation>
+			<xs:documentation>The ActionPertinentObjectPropertyType identifies one of the Properties of an Object that specifically pertinent to an Action.</xs:documentation>
+		</xs:annotation>
+		<xs:attribute name="name" type="xs:string">
+			<xs:annotation>
+				<xs:documentation>The name field specifies the field name for the pertinent Object Property.</xs:documentation>
+			</xs:annotation>
+		</xs:attribute>
+		<xs:attribute name="xpath" type="xs:string">
+			<xs:annotation>
+				<xs:documentation>The xpath field specifies the XPath 1.0 expression identifying the pertinent property within the Properties schema for this object type.</xs:documentation>
+			</xs:annotation>
+		</xs:attribute>
+	</xs:complexType>
+	<xs:complexType name="RelationshipsType">
+		<xs:annotation>
+			<xs:documentation>The RelationshipsType enables description of other cyber observable actions that are related to this Action.</xs:documentation>
+		</xs:annotation>
+		<xs:sequence>
+			<xs:element name="Relationship" type="cybox:ActionRelationshipType" maxOccurs="unbounded">
+				<xs:annotation>
+					<xs:documentation>The Relationship construct is optional and enables description of a single other cyber observable action that is related to this Action.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+		</xs:sequence>
+	</xs:complexType>
+	<xs:complexType name="ActionRelationshipType">
+		<xs:annotation>
+			<xs:documentation>The ActionRelationshipType characterizes a relationship between a specified cyber observable action and another cyber observable action.</xs:documentation>
+		</xs:annotation>
+		<xs:sequence>
+			<xs:element name="Type" type="cyboxCommon:ControlledVocabularyStringType" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>The Type field utilizes a standardized controlled vocabulary to describe the nature of the relationship between this Action and the related Action.</xs:documentation>
+					<xs:documentation>This field is implemented through the xsi:type controlled vocabulary extension mechanism. The default vocabulary type is ActionRelationshipTypeVocab in the http://cybox.mitre.org/default_vocabularies-2 namespace. This type is defined in the cybox_default_vocabularies.xsd file or at the URL http://cybox.mitre.org/XMLSchema/default_vocabularies/2.0/cybox_default_vocabularies.xsd.
+						Users may also define their own vocabulary using the type extension mechanism (by specifying a vocabulary name and/or reference using the vocab_name and vocab_reference attributes, respectively) or simply use this as a string field. </xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="Action_Reference" type="cybox:ActionReferenceType" maxOccurs="unbounded">
+				<xs:annotation>
+					<xs:documentation>The Action_Reference construct captures references to other Actions.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+		</xs:sequence>
+	</xs:complexType>
+	<xs:complexType name="ActionReferenceType">
+		<xs:annotation>
+			<xs:documentation>ActionReferenceType is intended to serve as a method for linking to actions.</xs:documentation>
+		</xs:annotation>
+		<xs:attribute name="action_id" type="xs:QName" use="required">
+			<xs:annotation>
+				<xs:documentation>The action_id field refers to the id of the action being referenced.</xs:documentation>
+			</xs:annotation>
+		</xs:attribute>
+	</xs:complexType>
+	<!---->
+	<xs:element name="Object" type="cybox:ObjectType">
+		<xs:annotation>
+			<xs:documentation>The Object construct identifies and specificies the characteristics of a specific cyber-relevant object (e.g. a file, a registry key or a process). </xs:documentation>
+		</xs:annotation>
+	</xs:element>
+	<xs:complexType name="ObjectType">
+		<xs:annotation>
+			<xs:documentation>The ObjectType is a complex type representing the characteristics of a specific cyber-relevant object (e.g. a file, a registry key or a process). </xs:documentation>
+		</xs:annotation>
+		<xs:sequence>
+			<xs:element name="State" type="cyboxCommon:ControlledVocabularyStringType" minOccurs="0" maxOccurs="1">
+				<xs:annotation>
+					<xs:documentation>The State field enables the description of the current state of the object, through a standardized controlled vocabulary.</xs:documentation>
+					<xs:documentation>This field is implemented through the xsi:type controlled vocabulary extension mechanism. The default vocabulary type is ObjectStateVocab in the http://cybox.mitre.org/default_vocabularies-2 namespace. This type is defined in the cybox_default_vocabularies.xsd file or at the URL http://cybox.mitre.org/XMLSchema/default_vocabularies/2.0/cybox_default_vocabularies.xsd.
+						Users may also define their own vocabulary using the type extension mechanism (by specifying a vocabulary name and/or reference using the vocab_name and vocab_reference attributes, respectively) or simply use this as a string field. </xs:documentation>					
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="Description" type="cyboxCommon:StructuredTextType" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>The Description field provides a mechanism to specify a structured text description of this Object. </xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="Properties" type="cyboxCommon:ObjectPropertiesType" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>The Properties construct is an abstract placeholder for various predefined Object type schemas (e.g. File, Process or System) that can be instantiated in its place through extension of the ObjectPropertiesType. This mechanism enables the specification of a broad range of Object types with consistent Object Property naming and structure. The set of Properties schemas are maintained independent of the core CybOX schema.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="Domain_Specific_Object_Properties" type="cybox:DomainSpecificObjectPropertiesType" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>The Domain_Specific_Object_Properties construct is of an Abstract type placeholder within the CybOX schema enabling the inclusion of domain-specific metadata for an object through the use of a custom type defined as an extension of this base Abstract type. This enables domains utilizing CybOX such as malware analysis or forensics to incorporate non-generalized object metadata from their domains into CybOX objects.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="Related_Objects" type="cybox:RelatedObjectsType" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>The Related_Objects construct is optional and enables the identification and/or specification of Objects with relevant relationships with this Object.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="Defined_Effect" type="cybox:DefinedEffectType" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>The Defined_Effect construct is an abstract placeholder for various predefined Object Effect types (e.g. DataReadEffect, ValuesEnumeratedEffect or StateChangeEffect) that can be instantiated in its place through extension of the DefinedEffectType. This mechanism enables the specification of a broad range of types of potential complex action effects on Objects. The set of Defined_Effect types (extending the DefeinedEffectType) are maintained as part of the core CybOX schema.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="Discovery_Method" type="cyboxCommon:MeasureSourceType" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>The Discovery_Method field is optional and enables descriptive specification of how this Object was observed (in the case of a Cyber Observable Object instance) or could potentially be observed (in the case of a Cyber Observable Object pattern). </xs:documentation>
+				</xs:annotation>
+			</xs:element>
+		</xs:sequence>
+		<xs:attribute name="id" type="xs:QName">
+			<xs:annotation>
+				<xs:documentation>The id field specifies a unique id for this Object.</xs:documentation>
+			</xs:annotation>
+		</xs:attribute>
+		<xs:attribute name="idref" type="xs:QName">
+			<xs:annotation>
+				<xs:documentation>The idref field specifies a unique id reference to an Object defined elsewhere.</xs:documentation>
+			</xs:annotation>
+		</xs:attribute>
+		<xs:attribute name="has_changed" type="xs:boolean">
+			<xs:annotation>
+				<xs:documentation>The has_changed field is optional and conveys a targeted observation pattern of whether the associated object specified has changed. This field would be leveraged within a pattern observable triggering on whether the value of an object specification has changed.</xs:documentation>
+			</xs:annotation>
+		</xs:attribute>
+	</xs:complexType>
+	<xs:complexType name="DomainSpecificObjectPropertiesType" abstract="true">
+		<xs:annotation>
+			<xs:documentation>The DomainSpecificObjectPropertiesType is an abstract type placeholder within the CybOX schema enabling the inclusion of domain-specific metadata for an object through the use of a custom type defined as an extension of this base Abstract type. This enables domains utilizing CybOX such as malware analysis or forensics to incorporate non-generalized object metadata from their domains into CybOX objects.</xs:documentation>
+		</xs:annotation>
+	</xs:complexType>
+	<xs:complexType name="RelatedObjectsType">
+		<xs:annotation>
+			<xs:documentation>The RelatedObjectsType enables the identification and/or specification of Objects with relevant relationships with this Object.</xs:documentation>
+		</xs:annotation>
+		<xs:sequence>
+			<xs:element name="Related_Object" type="cybox:RelatedObjectType" maxOccurs="unbounded">
+				<xs:annotation>
+					<xs:documentation>The Related_Object construct is optional and enables the identification and/or specification of a single Objects with relevant relationships with this Object.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+		</xs:sequence>
+	</xs:complexType>
+	<xs:complexType name="RelatedObjectType">
+		<xs:annotation>
+			<xs:documentation>The RelatedObjectType enables the identification and/or specification of an Object with a relevant relationship with this Object.</xs:documentation>
+		</xs:annotation>
+		<xs:complexContent>
+			<xs:extension base="cybox:ObjectType">
+				<xs:sequence>
+					<xs:element name="Relationship" type="cyboxCommon:ControlledVocabularyStringType" minOccurs="0">
+						<xs:annotation>
+							<xs:documentation>The Relationship field uses a standardized controlled vocabulary to capture the nature of the relationship between this Object and the Related_Object.</xs:documentation>
+							<xs:documentation>This field is implemented through the xsi:type controlled vocabulary extension mechanism. The default vocabulary type is ObjectRelationshipVocab in the http://cybox.mitre.org/default_vocabularies-2 namespace. This type is defined in the cybox_default_vocabularies.xsd file or at the URL http://cybox.mitre.org/XMLSchema/default_vocabularies/2.0/cybox_default_vocabularies.xsd.
+								Users may also define their own vocabulary using the type extension mechanism (by specifying a vocabulary name and/or reference using the vocab_name and vocab_reference attributes, respectively) or simply use this as a string field. </xs:documentation>
+						</xs:annotation>
+					</xs:element>
+				</xs:sequence>
+			</xs:extension>
+		</xs:complexContent>
+	</xs:complexType>
+	<xs:complexType name="DefinedEffectType" abstract="true">
+		<xs:annotation>
+			<xs:documentation>The DefinedEffectType is an abstract placeholder for various predefined Object Effect types (e.g. DataReadEffect, ValuesEnumeratedEffect or StateChangeEffect) that can be instantiated in its place through extension of the DefinedEffectType. This mechanism enables the specification of a broad range of types of potential complex action effects on Objects. The set of Defined_Effect types (extending the DefinedEffectType) are maintained as part of the core CybOX schema.</xs:documentation>
+		</xs:annotation>
+		<xs:attribute name="effect_type" type="cybox:EffectTypeEnum">
+			<xs:annotation>
+				<xs:documentation>The effect_type field specifies the nature of the Defined Effect instantiated in the place of the Defined_Effect element. </xs:documentation>
+			</xs:annotation>
+		</xs:attribute>
+	</xs:complexType>
+	<xs:simpleType name="EffectTypeEnum">
+		<xs:annotation>
+			<xs:documentation>EffectTypeEnum is a (non-exhaustive) enumeration of effect types.</xs:documentation>
+		</xs:annotation>
+		<xs:restriction base="xs:string">
+			<xs:enumeration value="State_Changed">
+				<xs:annotation>
+					<xs:documentation>Specifies that the associated Action had an effect on the Object of changing its state.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Data_Read">
+				<xs:annotation>
+					<xs:documentation>Specifies that the associated Action had an effect on the Object of reading data from it.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Data_Written">
+				<xs:annotation>
+					<xs:documentation>Specifies that the associated Action had an effect on the Object of writing data to it.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Data_Sent">
+				<xs:annotation>
+					<xs:documentation>Specifies that the associated Action had an effect on the Object of sending data to it.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Data_Received">
+				<xs:annotation>
+					<xs:documentation>Specifies that the associated Action had an effect on the Object of receiving data from it.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Properties_Read">
+				<xs:annotation>
+					<xs:documentation>Specifies that the associated Action had an effect on the Object of reading properties from it.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Properties_Enumerated">
+				<xs:annotation>
+					<xs:documentation>Specifies that the associated Action had an effect on the Object of enumeraring properies from it.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Values_Enumerated">
+				<xs:annotation>
+					<xs:documentation>Specifies that the associated Action had an effect on the Object of enumerating values from it.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="ControlCode_Sent">
+				<xs:annotation>
+					<xs:documentation>Specifies that the associated Action had an effect on the Object of having a control code sent to it.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+		</xs:restriction>
+	</xs:simpleType>
+	<xs:complexType name="StateChangeEffectType">
+		<xs:annotation>
+			<xs:documentation>The StateChangeEffectType is intended as a generic way of characterizing the effects of actions upon objects where the some state of the object is changed. </xs:documentation>
+		</xs:annotation>
+		<xs:complexContent>
+			<xs:extension base="cybox:DefinedEffectType">
+				<xs:sequence>
+					<xs:element name="Old_Object" type="cybox:ObjectType" minOccurs="0">
+						<xs:annotation>
+							<xs:documentation>The Old_Object construct specifies the object and its properties as they were before the state change effect occurred.</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+					<xs:element name="New_Object" type="cybox:ObjectType">
+						<xs:annotation>
+							<xs:documentation>The New_Object construct specifies the object and its properties as they are after the state change effect occurred.</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+				</xs:sequence>
+			</xs:extension>
+		</xs:complexContent>
+	</xs:complexType>
+	<xs:complexType name="DataReadEffectType">
+		<xs:annotation>
+			<xs:documentation>The DataReadEffectType type is intended to characterize the effects of actions upon objects where some data is read, such as from a file or a pipe.</xs:documentation>
+		</xs:annotation>
+		<xs:complexContent>
+			<xs:extension base="cybox:DefinedEffectType">
+				<xs:sequence>
+					<xs:element name="Data" type="cyboxCommon:DataSegmentType">
+						<xs:annotation>
+							<xs:documentation>The Data field specifies the data that was read from the object by the action.</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+				</xs:sequence>
+			</xs:extension>
+		</xs:complexContent>
+	</xs:complexType>
+	<xs:complexType name="DataWrittenEffectType">
+		<xs:annotation>
+			<xs:documentation>The DataWrittenEffectType type is intended to characterize the effects of actions upon objects where some data is written, such as to a file or a pipe.</xs:documentation>
+		</xs:annotation>
+		<xs:complexContent>
+			<xs:extension base="cybox:DefinedEffectType">
+				<xs:sequence>
+					<xs:element name="Data" type="cyboxCommon:DataSegmentType">
+						<xs:annotation>
+							<xs:documentation>The Data field specifies the data that was written to the object by the action.</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+				</xs:sequence>
+			</xs:extension>
+		</xs:complexContent>
+	</xs:complexType>
+	<xs:complexType name="DataSentEffectType">
+		<xs:annotation>
+			<xs:documentation>The DataSentEffectType type is intended to characterize the effects of actions upon objects where some data is sent, such as a byte sequence on a socket.</xs:documentation>
+		</xs:annotation>
+		<xs:complexContent>
+			<xs:extension base="cybox:DefinedEffectType">
+				<xs:sequence>
+					<xs:element name="Data" type="cyboxCommon:DataSegmentType">
+						<xs:annotation>
+							<xs:documentation>The Data field specifies the data that was sent on the object, or from the object, by the action.</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+				</xs:sequence>
+			</xs:extension>
+		</xs:complexContent>
+	</xs:complexType>
+	<xs:complexType name="DataReceivedEffectType">
+		<xs:annotation>
+			<xs:documentation>The DataReceivedEffectType type is intended to characterize the effects of actions upon objects where some data is received, such as a byte sequence on a socket.</xs:documentation>
+		</xs:annotation>
+		<xs:complexContent>
+			<xs:extension base="cybox:DefinedEffectType">
+				<xs:sequence>
+					<xs:element name="Data" type="cyboxCommon:DataSegmentType">
+						<xs:annotation>
+							<xs:documentation>The Data field specifies the data that was received on the object, or from the object, by the action.</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+				</xs:sequence>
+			</xs:extension>
+		</xs:complexContent>
+	</xs:complexType>
+	<xs:complexType name="PropertyReadEffectType">
+		<xs:annotation>
+			<xs:documentation>The PropertyReadEffectType type is intended to characterize the effects of actions upon objects where some specific property is read from an object, such as the current running state of a process.</xs:documentation>
+		</xs:annotation>
+		<xs:complexContent>
+			<xs:extension base="cybox:DefinedEffectType">
+				<xs:sequence>
+					<xs:element name="Name" type="xs:string" minOccurs="0">
+						<xs:annotation>
+							<xs:documentation>The Name field specifies the Name of the property being read.</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+					<xs:element name="Value" type="xs:string" minOccurs="0">
+						<xs:annotation>
+							<xs:documentation>The Value field specifies the value of the property being read.</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+				</xs:sequence>
+			</xs:extension>
+		</xs:complexContent>
+	</xs:complexType>
+	<xs:complexType name="PropertiesEnumeratedEffectType">
+		<xs:annotation>
+			<xs:documentation>The PropertiesEnumeratedEffectType type is intended to characterize the effects of actions upon objects where some properties of the object are enumerated, such as the startup parameters for a process.</xs:documentation>
+		</xs:annotation>
+		<xs:complexContent>
+			<xs:extension base="cybox:DefinedEffectType">
+				<xs:sequence>
+					<xs:element name="Properties" type="cybox:PropertiesType">
+						<xs:annotation>
+							<xs:documentation>The Properties field specifies the properties that were enumerated as a result of the action on the object.</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+				</xs:sequence>
+			</xs:extension>
+		</xs:complexContent>
+	</xs:complexType>
+	<xs:complexType name="PropertiesType">
+		<xs:annotation>
+			<xs:documentation>The PropertiesType specifies the properties that were enumerated as a result of the action on the object.</xs:documentation>
+		</xs:annotation>
+		<xs:sequence>
+			<xs:element name="Property" type="xs:string" maxOccurs="unbounded">
+				<xs:annotation>
+					<xs:documentation>The Property elemet specifies a single property that was enumerated as a result of the action on the object.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+		</xs:sequence>
+	</xs:complexType>
+	<xs:complexType name="ValuesEnumeratedEffectType">
+		<xs:annotation>
+			<xs:documentation>The ValuesEnumeratedEffectType type is intended to characterize the effects of actions upon objects where some values of the object are enumerated, such as the values of a registry key.</xs:documentation>
+		</xs:annotation>
+		<xs:complexContent>
+			<xs:extension base="cybox:DefinedEffectType">
+				<xs:sequence>
+					<xs:element name="Values" type="cybox:ValuesType">
+						<xs:annotation>
+							<xs:documentation>The Values field specifies the values that were enumerated as a result of the action on the object.</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+				</xs:sequence>
+			</xs:extension>
+		</xs:complexContent>
+	</xs:complexType>
+	<xs:complexType name="ValuesType">
+		<xs:annotation>
+			<xs:documentation>The ValuesType specifies the values that were enumerated as a result of the action on the object.</xs:documentation>
+		</xs:annotation>
+		<xs:sequence>
+			<xs:element name="Value" type="xs:string" maxOccurs="unbounded">
+				<xs:annotation>
+					<xs:documentation>The Value field specifies a single value that was enumerated as a result of the action on the object.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+		</xs:sequence>
+	</xs:complexType>
+	<xs:complexType name="SendControlCodeEffectType">
+		<xs:annotation>
+			<xs:documentation>The SendControlCodeEffectType is intended to characterize the effects of actions upon objects where some control code, or other control-oriented communication signal, is sent to the object. For example, an action may send a control code to change the running state of a process.</xs:documentation>
+		</xs:annotation>
+		<xs:complexContent>
+			<xs:extension base="cybox:DefinedEffectType">
+				<xs:sequence>
+					<xs:element name="Control_Code" type="xs:string">
+						<xs:annotation>
+							<xs:documentation>The Control_Code field specifies the actual control code that was sent to the object.</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+				</xs:sequence>
+			</xs:extension>
+		</xs:complexContent>
+	</xs:complexType>
+	<!---->
+	<xs:element name="Property" type="cyboxCommon:PropertyType">
+		<xs:annotation>
+			<xs:documentation>The Property element represents the specification of a single Object Property</xs:documentation>
+		</xs:annotation>
+	</xs:element>
+	<!---->
+	<xs:complexType name="ObservableCompositionType">
+		<xs:annotation>
+			<xs:documentation>The ObservablesCompositionType enables the specification of higher-order composite observables composed of logical combinations of other observables.</xs:documentation>
+		</xs:annotation>
+		<xs:sequence minOccurs="0">
+			<xs:element name="Observable" type="cybox:ObservableType" minOccurs="0" maxOccurs="unbounded">
+				<xs:annotation>
+					<xs:documentation>The Observable construct represents a description of a single cyber observable.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+		</xs:sequence>
+		<xs:attribute name="operator" type="cybox:OperatorTypeEnum" use="required">
+			<xs:annotation>
+				<xs:documentation>The operator field enables the specification of complex compositional cyber observables by providing logical operators for defining interrelationships between constituent cyber observables defined utilizing the recursive Observable element.</xs:documentation>
+			</xs:annotation>
+		</xs:attribute>
+	</xs:complexType>
+	<xs:simpleType name="OperatorTypeEnum">
+		<xs:annotation>
+			<xs:documentation>OperatorTypeEnum is a (non-exhaustive) enumeration of operators.</xs:documentation>
+		</xs:annotation>
+		<xs:restriction base="xs:string">
+			<xs:enumeration value="AND">
+				<xs:annotation>
+					<xs:documentation>Specifies the AND logical composition operation.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="OR">
+				<xs:annotation>
+					<xs:documentation>Specifies the OR logical composition operation.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+		</xs:restriction>
+	</xs:simpleType>
+	<!---->
+	<xs:complexType name="PoolsType">
+		<xs:annotation>
+			<xs:documentation>The PoolsType enables the description of Events, Actions, Objects and Properties in a space-efficient pooled manner with the actual Observable structures defined in the CybOX schema containing references to the pooled elements. This reduces redundancy caused when identical observable elements occur multiple times within a set of defined Observables.</xs:documentation>
+		</xs:annotation>
+		<xs:sequence>
+			<xs:element name="Event_Pool" type="cybox:EventPoolType" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>The Event_Pool construct enables the description of CybOX Events in a space-efficient pooled manner with the actual Observable structures defined in the CybOX schema containing references to the pooled Event elements. This reduces redundancy caused when identical Events occur multiple times within a set of defined Observables.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="Action_Pool" type="cybox:ActionPoolType" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>The Action_Pool construct enables the description of CybOX Actions in a space-efficient pooled manner with the actual Observable structures defined in the CybOX schema containing references to the pooled Action elements. This reduces redundancy caused when identical Actions occur multiple times within a set of defined Observables.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="Object_Pool" type="cybox:ObjectPoolType" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>The Object_Pool construct enables the description of CybOX Objects in a space-efficient pooled manner with the actual Observable structures defined in the CybOX schema containing references to the pooled Object elements. This reduces redundancy caused when identical Objects occur multiple times within a set of defined Observables.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="Property_Pool" type="cybox:PropertyPoolType" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>The Property_Pool construct enables the description of CybOX Properties in a space-efficient pooled manner with the actual Observable structures defined in the CybOX schema containing references to the pooled Properties elements. This reduces redundancy caused when identical Properties occur multiple times within a set of defined Observables.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+		</xs:sequence>
+	</xs:complexType>
+	<xs:complexType name="EventPoolType">
+		<xs:annotation>
+			<xs:documentation>The EventPoolType enables the description of CybOX Events in a space-efficient pooled manner with the actual Observable structures defined in the CybOX schema containing references to the pooled Event elements. This reduces redundancy caused when identical Events occur multiple times within a set of defined Observables.</xs:documentation>
+		</xs:annotation>
+		<xs:sequence>
+			<xs:element name="Event" type="cybox:EventType" maxOccurs="unbounded">
+				<xs:annotation>
+					<xs:documentation>The Event construct enables specification of a cyber observable event that is dynamic in nature with specific action(s) taken against specific cyber relevant objects (e.g. a file is deleted, a registry key is created or an HTTP Get Request is received).</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+		</xs:sequence>
+	</xs:complexType>
+	<xs:complexType name="ActionPoolType">
+		<xs:annotation>
+			<xs:documentation>The ActionPoolType enables the description of CybOX Actions in a space-efficient pooled manner with the actual Observable structures defined in the CybOX schema containing references to the pooled Action elements. This reduces redundancy caused when identical Actions occur multiple times within a set of defined Observables.</xs:documentation>
+		</xs:annotation>
+		<xs:sequence>
+			<xs:element name="Action" type="cybox:ActionType" maxOccurs="unbounded">
+				<xs:annotation>
+					<xs:documentation>The Action construct enables description/specification of a single cyber observable action. </xs:documentation>
+				</xs:annotation>
+			</xs:element>
+		</xs:sequence>
+	</xs:complexType>
+	<xs:complexType name="ObjectPoolType">
+		<xs:annotation>
+			<xs:documentation>The ObjectPoolType enables the description of CybOX Objects in a space-efficient pooled manner with the actual Observable structures defined in the CybOX schema containing references to the pooled Object elements. This reduces redundancy caused when identical Objects occur multiple times within a set of defined Observables.</xs:documentation>
+		</xs:annotation>
+		<xs:sequence>
+			<xs:element name="Object" type="cybox:ObjectType" maxOccurs="unbounded">
+				<xs:annotation>
+					<xs:documentation>The Object construct identifies and specificies the characteristics of a specific cyber-relevant object (e.g. a file, a registry key or a process). </xs:documentation>
+				</xs:annotation>
+			</xs:element>
+		</xs:sequence>
+	</xs:complexType>
+	<xs:complexType name="PropertyPoolType">
+		<xs:annotation>
+			<xs:documentation>The PropertyPoolType enables the description of CybOX Properties in a space-efficient pooled manner with the actual Observable structures defined in the CybOX schema containing references to the pooled Properties elements. This reduces redundancy caused when identical Properties occur multiple times within a set of defined Observables.</xs:documentation>
+		</xs:annotation>
+		<xs:sequence>
+			<xs:element name="Property" type="cyboxCommon:PropertyType" maxOccurs="unbounded">
+				<xs:annotation>
+					<xs:documentation>The Property construct enables the specification of a single Object Property.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+		</xs:sequence>
+	</xs:complexType>
+	<!---->
+	<xs:simpleType name="NoisinessEnum">
+		<xs:annotation>
+			<xs:documentation>NoisinessEnum is a (non-exhaustive) enumeration of potential levels of noisiness for a given observable pattern.</xs:documentation>
+		</xs:annotation>
+		<xs:restriction base="xs:string">
+			<xs:enumeration value="High">
+				<xs:annotation>
+					<xs:documentation>Specifies that this observable has a high level of noisiness meaning a potentially high level of false positives.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Medium">
+				<xs:annotation>
+					<xs:documentation>Specifies that this observable has a medium level of noisiness meaning a potentially medium level of false positives.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Low">
+				<xs:annotation>
+					<xs:documentation>Specifies that this observable has a low level of noisiness meaning a potentially low level of false positives.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+		</xs:restriction>
+	</xs:simpleType>
+	<xs:complexType name="ObfuscationTechniquesType">
+		<xs:annotation>
+			<xs:documentation>The ObfuscationTechniquesType enables the description of a set of potential techniques an attacker could leverage to obfuscate the observability of this Observable. </xs:documentation>
+		</xs:annotation>
+		<xs:sequence>
+			<xs:element name="Obfuscation_Technique" type="cybox:ObfuscationTechniqueType" maxOccurs="unbounded">
+				<xs:annotation>
+					<xs:documentation>The Obfuscation_Technique field is optional and enables the description of a single potential technique an attacker could leverage to obfuscate the observability of this Observable. </xs:documentation>
+				</xs:annotation>
+			</xs:element>
+		</xs:sequence>
+	</xs:complexType>
+	<xs:complexType name="ObfuscationTechniqueType">
+		<xs:annotation>
+			<xs:documentation>The ObfuscationTechniqueType enables the description of a single potential technique an attacker could leverage to obfuscate the observability of this Observable. </xs:documentation>
+		</xs:annotation>
+		<xs:sequence>
+			<xs:element name="Description" type="cyboxCommon:StructuredTextType">
+				<xs:annotation>
+					<xs:documentation>The Description field captures a structured text description of the obfuscation technique.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="Observables" type="cybox:ObservablesType" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>The Observables construct is optional and enables description of potential cyber observables that could indicate the use of this particular obfuscation technique.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+		</xs:sequence>
+	</xs:complexType>
+	<xs:simpleType name="EaseOfObfuscationEnum">
+		<xs:annotation>
+			<xs:documentation>The EaseOfObfuscationEnum is a (non-exhaustive) enumeration of simple characterizations of how easy it would be for an attacker to obfuscate the observability of this Observable.</xs:documentation>
+		</xs:annotation>
+		<xs:restriction base="xs:string">
+			<xs:enumeration value="High">
+				<xs:annotation>
+					<xs:documentation>Specifies that this observable is very easy to obfuscate and hide.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Medium">
+				<xs:annotation>
+					<xs:documentation>Specifies that this observable is somewhat easy to obfuscate and hide.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Low">
+				<xs:annotation>
+					<xs:documentation>Specifies that this observable is not very easy to obfuscate and hide.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+		</xs:restriction>
+	</xs:simpleType>
+	<xs:complexType name="KeywordsType">
+		<xs:sequence>
+			<xs:element name="Keyword" type="xs:string" minOccurs="1" maxOccurs="unbounded">
+				<xs:annotation>
+					<xs:documentation>Each keyword element contains one keyword.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+		</xs:sequence>
+	</xs:complexType>
+	<xs:complexType name="PatternFidelityType">
+		<xs:sequence>
+			<xs:element name="Noisiness" type="cybox:NoisinessEnum" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>The Noisiness field is optional and enables simple characterization of how noisy this Observable typically could be. In other words, how likely is it to generate false positives.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="Ease_of_Evasion" type="cybox:EaseOfObfuscationEnum" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>The Ease_of_Obfuscation field is optional and enables simple characterization of how easy it would be for an attacker to obfuscate the observability of this Observable.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="Evasion_Techniques" type="cybox:ObfuscationTechniquesType" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>The Obfuscation_Techniques field is optional and enables the description of potential techniques an attacker could leverage to obfuscate the observability of this Observable. </xs:documentation>
+				</xs:annotation>
+			</xs:element>
+		</xs:sequence>
+	</xs:complexType>
+</xs:schema>
diff --git a/stix_validator/schema/cybox/cybox_default_vocabularies.xsd b/stix_validator/schema/cybox/cybox_default_vocabularies.xsd
new file mode 100755
index 0000000..27bef93
--- /dev/null
+++ b/stix_validator/schema/cybox/cybox_default_vocabularies.xsd
@@ -0,0 +1,3106 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<xs:schema xmlns:xs="http://www.w3.org/2001/XMLSchema" xmlns:cyboxCommon="http://cybox.mitre.org/common-2" xmlns:cyboxVocabs="http://cybox.mitre.org/default_vocabularies-2" targetNamespace="http://cybox.mitre.org/default_vocabularies-2" elementFormDefault="qualified" version="2.0.0">
+	<xs:annotation>
+		<xs:documentation>This schema was originally developed by The MITRE Corporation. The CybOX XML Schema implementation is maintained by The MITRE Corporation and developed by the open CybOX Community. For more information, including how to get involved in the effort and how to submit change requests, please visit the CybOX website at http://cybox.mitre.org. </xs:documentation>
+		<xs:appinfo>
+			<schema>cybox_default_vocabularies</schema>
+			<version>2.0.0</version>
+			<date>04/05/2013 9:00:00 AM</date>
+			<short_description>The following defines types for default controlled vocabularies used within CybOX. An individual vocabulary may be revised at any time. Revisions to vocabularies will result in the creation of new types with the new version number embedded in the name of those types. Vocabularies can be reference from CybOX elements through the use of xsi:Type. The individual elements where this may be done indicate the expected default vocabulary.</short_description>
+			<terms_of_use>Copyright (c) 2012-2013, The MITRE Corporation. All rights reserved. The contents of this file are subject to the terms of the CybOX License located at http://cybox.mitre.org/about/termsofuse.html. See the CybOX License for the specific language governing permissions and limitations for use of this schema. When distributing copies of the CybOX Schema, this license header must be included. </terms_of_use>
+		</xs:appinfo>
+	</xs:annotation>
+	<xs:import namespace="http://cybox.mitre.org/common-2" schemaLocation="cybox_common.xsd"/>
+	<xs:complexType name="ActionTypeVocab-1.0">
+		<xs:annotation>
+			<xs:documentation>The ActionTypeVocab is the default CybOX vocabulary for Action Types, captured via the ActionType/Type element in CybOX Core.</xs:documentation>
+		</xs:annotation>
+		<xs:simpleContent>
+			<xs:restriction base="cyboxCommon:ControlledVocabularyStringType">
+				<xs:simpleType>
+					<xs:union memberTypes="cyboxVocabs:ActionTypeEnum-1.0"/>
+				</xs:simpleType>
+				<xs:attribute name="vocab_name" type="xs:string" use="optional" fixed="CybOX Default Action Types"/>
+				<xs:attribute name="vocab_reference" type="xs:anyURI" use="optional" fixed="http://cybox.mitre.org/XMLSchema/default_vocabularies/2.0/cybox_default_vocabularies.xsd#ActionTypeVocab-1.0"/>
+			</xs:restriction>
+		</xs:simpleContent>
+	</xs:complexType>
+	<xs:simpleType name="ActionTypeEnum-1.0">
+		<xs:annotation>
+			<xs:documentation>ActionTypeEnum is a (non-exhaustive) enumeration of cyber observable action types.</xs:documentation>
+		</xs:annotation>
+		<xs:restriction base="xs:string">
+			<xs:enumeration value="Accept">
+				<xs:annotation>
+					<xs:documentation>Specifies the atomic action of accepting an object or value.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Access">
+				<xs:annotation>
+					<xs:documentation>Specifies the atomic action of accessing an object.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Add">
+				<xs:annotation>
+					<xs:documentation>Specifies the atomic action of adding an object.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Alert">
+				<xs:annotation>
+					<xs:documentation>Specifies the atomic action of issuing an alert.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Allocate">
+				<xs:annotation>
+					<xs:documentation>Specifies the atomic action of allocating an object.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Archive">
+				<xs:annotation>
+					<xs:documentation>Specifies the atomic action of archiving an object or data.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Assign">
+				<xs:annotation>
+					<xs:documentation>Specifies the atomic action of assigning a value to an object.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Audit">
+				<xs:annotation>
+					<xs:documentation>Specifies the atomic action of auditing an object or data.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Backup">
+				<xs:annotation>
+					<xs:documentation>Specifies the atomic action of backing up an object or data.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Bind">
+				<xs:annotation>
+					<xs:documentation>Specifies the atomic action of binding two objects.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Block">
+				<xs:annotation>
+					<xs:documentation>Specifies the atomic action of blocking access to an object or resource.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Call">
+				<xs:annotation>
+					<xs:documentation>Specifies the atomic action of calling an object or resource.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Change">
+				<xs:annotation>
+					<xs:documentation>Specifies the atomic action of changing an object.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Check">
+				<xs:annotation>
+					<xs:documentation>Specifies the atomic action of checking an object.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Clean">
+				<xs:annotation>
+					<xs:documentation>Specifies the atomic action of cleaning an object, such as a file system.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Click">
+				<xs:annotation>
+					<xs:documentation>Specifies the atomic action of clicking an object, as with a mouse.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Close">
+				<xs:annotation>
+					<xs:documentation>Specifies the atomic action of closing an object, such as a window handle.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Compare">
+				<xs:annotation>
+					<xs:documentation>Specifies the atomic action of comparing two objects.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Compress">
+				<xs:annotation>
+					<xs:documentation>Specifies the atomic action of compressing an object.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Configure">
+				<xs:annotation>
+					<xs:documentation>Specifies the atomic action of configuring a resource.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Connect">
+				<xs:annotation>
+					<xs:documentation>Specifies the atomic action of connecting to an object, such as a service or resource.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Control">
+				<xs:annotation>
+					<xs:documentation>Specifies the atomic action of controlling an object or data.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Copy/Duplicate">
+				<xs:annotation>
+					<xs:documentation>Specifies the atomic action of copying or duplicating an object or data EXCEPT in cases where the object is considered a thread or process as a whole.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Create">
+				<xs:annotation>
+					<xs:documentation>Specifies the atomic action of creating an object or data.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Decode">
+				<xs:annotation>
+					<xs:documentation>Specifies the atomic action of decoding an object or data.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Decompress">
+				<xs:annotation>
+					<xs:documentation>Specifies the atomic action of decompressing an object, such as an archive.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Decrypt">
+				<xs:annotation>
+					<xs:documentation>Specifies the atomic action of decrypting an object.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Deny">
+				<xs:annotation>
+					<xs:documentation>Specifies the atomic action of denying access to a object or resource.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Depress">
+				<xs:annotation>
+					<xs:documentation>Specifies the atomic action of depressing an object that has been pressed, such a button.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Detect">
+				<xs:annotation>
+					<xs:documentation>Specifies the atomic action of detecting an object.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Disconnect">
+				<xs:annotation>
+					<xs:documentation>Specifies the atomic action of disconnecting from a service or resource.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Download">
+				<xs:annotation>
+					<xs:documentation>Specifies the atomic action of downloading an object or data.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Draw">
+				<xs:annotation>
+					<xs:documentation>Specifies the atomic action of drawing an object.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Drop">
+				<xs:annotation>
+					<xs:documentation>Specifies the atomic action of dropping an object, such as a connection.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Encode">
+				<xs:annotation>
+					<xs:documentation>Specifies the atomic action of encoding an object or data.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Encrypt">
+				<xs:annotation>
+					<xs:documentation>Specifies the atomic action of encrypting an object or data.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Enumerate">
+				<xs:annotation>
+					<xs:documentation>Specifies the atomic action of enumerating a list of objects.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Execute">
+				<xs:annotation>
+					<xs:documentation>Specifies the atomic action of executing an object, such as an executable file.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Extract">
+				<xs:annotation>
+					<xs:documentation>Specifies the atomic action of extracting an object.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Filter">
+				<xs:annotation>
+					<xs:documentation>Specifies the atomic action of filtering an object or data.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Find">
+				<xs:annotation>
+					<xs:documentation>Specifies the atomic action of finding an object or data.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Flush">
+				<xs:annotation>
+					<xs:documentation>Specifies the atomic action of flushing an object or data, such as a cache.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Fork">
+				<xs:annotation>
+					<xs:documentation>Specifies the atomic action of forking, as with a process. Because this is usually associated with processes and threads and does not generalize to objects, it is DIFFERENT from Copy/Duplicate.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Free">
+				<xs:annotation>
+					<xs:documentation>Specifies the atomic action of freeing an object.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Get">
+				<xs:annotation>
+					<xs:documentation>Specifies the atomic action of getting a value from an object.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Hook">
+				<xs:annotation>
+					<xs:documentation>Specifies the atomic action of hooking an object to another object.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Hide">
+				<xs:annotation>
+					<xs:documentation>Specifies the atomic action of hiding an object.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Impersonate">
+				<xs:annotation>
+					<xs:documentation>Specifies the atomic action of impersonation, in which an object performs actions that assume the character or appearance of another object.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Initialize">
+				<xs:annotation>
+					<xs:documentation>Specifies the atomic action of initializing an object.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Inject">
+				<xs:annotation>
+					<xs:documentation>Specifies the atomic action of injecting an object.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Install">
+				<xs:annotation>
+					<xs:documentation>Specifies the atomic action of installing an object, such as an application, program, patch, or other resource.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Interleave">
+				<xs:annotation>
+					<xs:documentation>Specifies the atomic action of interleaving an object, i.e. the action of arranging data in a non-contiguous way to increase performance.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Join">
+				<xs:annotation>
+					<xs:documentation>Specifies the atomic action of joining one object to another object. </xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Kill">
+				<xs:annotation>
+					<xs:documentation>Specifies the atomic action of killing an object, as with a thread or program.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Listen">
+				<xs:annotation>
+					<xs:documentation>Specifies the atomic action of listening to an object, such as to a port on a network connection.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Load">
+				<xs:annotation>
+					<xs:documentation>Specifies the atomic action of loading an object. </xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Lock">
+				<xs:annotation>
+					<xs:documentation>Specifies the atomic action of locking an object. </xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Login/Logon">
+				<xs:annotation>
+					<xs:documentation>Specifies the atomic action of logging into an object, such as into a system or application. </xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Logout/Logoff">
+				<xs:annotation>
+					<xs:documentation>Specifies the atomic action of logging out of an object, such as a system or application. </xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Map">
+				<xs:annotation>
+					<xs:documentation>Specifies the atomic action of mapping an object to another object or data. </xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Merge">
+				<xs:annotation>
+					<xs:documentation>Specifies the atomic action of merging one object to another object. </xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Modify">
+				<xs:annotation>
+					<xs:documentation>Specifies the atomic action of modifying an object. </xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Monitor">
+				<xs:annotation>
+					<xs:documentation>Specifies the atomic action of monitoring the state of an object.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Move">
+				<xs:annotation>
+					<xs:documentation>Specifies the atomic action of moving an object.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Open">
+				<xs:annotation>
+					<xs:documentation>Specifies the atomic action of opening an object.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Pack">
+				<xs:annotation>
+					<xs:documentation>Specifies the atomic action of packing an object.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Pause">
+				<xs:annotation>
+					<xs:documentation>Specifies the atomic action of pausing an object, such as a thread or process.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Press">
+				<xs:annotation>
+					<xs:documentation>Specifies the atomic action of pressing an object, such as a button.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Protect">
+				<xs:annotation>
+					<xs:documentation>Specifies the atomic action of protecting an object.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Quarantine">
+				<xs:annotation>
+					<xs:documentation>Specifies the atomic action of placing an object in quarantine, that is, to store the object in an isolated area away from other objects it can operate on.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Query">
+				<xs:annotation>
+					<xs:documentation>Specifies the atomic action of querying an object.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Queue">
+				<xs:annotation>
+					<xs:documentation>Specifies the atomic action of queueing an object.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Raise">
+				<xs:annotation>
+					<xs:documentation>Specifies the atomic action of raising an object.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Read">
+				<xs:annotation>
+					<xs:documentation>Specifies the atomic action of reading an object.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Receive">
+				<xs:annotation>
+					<xs:documentation>Specifies the atomic action of receiving an object.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Release">
+				<xs:annotation>
+					<xs:documentation>Specifies the atomic action of releasing an object.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Rename">
+				<xs:annotation>
+					<xs:documentation>Specifies the atomic action of renaming an object.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Remove/Delete">
+				<xs:annotation>
+					<xs:documentation>Specifies the atomic action of removing or deleting an object.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Replicate">
+				<xs:annotation>
+					<xs:documentation>Specifies the atomic action of replicating an object.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Restore">
+				<xs:annotation>
+					<xs:documentation>Specifies the atomic action of restoring an object.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Resume">
+				<xs:annotation>
+					<xs:documentation>Specifies the atomic action of resuming an object, as with a process or thread.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Revert">
+				<xs:annotation>
+					<xs:documentation>Specifies the atomic action of reverting an object.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Run">
+				<xs:annotation>
+					<xs:documentation>Specifies the atomic action of running an object, such as an application.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Save">
+				<xs:annotation>
+					<xs:documentation>Specifies the atomic action of saving an object.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Scan">
+				<xs:annotation>
+					<xs:documentation>Specifies the atomic action of scanning for an object or data.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Schedule">
+				<xs:annotation>
+					<xs:documentation>Specifies the atomic action of scheduling an object, such as an event.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Search">
+				<xs:annotation>
+					<xs:documentation>Specifies the atomic action of searching for an object.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Send">
+				<xs:annotation>
+					<xs:documentation>Specifies the atomic action of sending an object.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Set">
+				<xs:annotation>
+					<xs:documentation>Specifies the atomic action of setting an object to a value.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Shutdown">
+				<xs:annotation>
+					<xs:documentation>Specifies the atomic action of shutting down an object.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Sleep">
+				<xs:annotation>
+					<xs:documentation>Specifies the atomic action of putting to sleep an object.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Snapshot">
+				<xs:annotation>
+					<xs:documentation>Specifies the atomic action taking a snapshot of an object.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Start">
+				<xs:annotation>
+					<xs:documentation>Specifies the atomic action of starting an object, such as a thread or process.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Stop">
+				<xs:annotation>
+					<xs:documentation>Specifies the atomic action of stopping an object, such as a thread or process.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Suspend">
+				<xs:annotation>
+					<xs:documentation>Specifies the atomic action of suspending an object, such an account or privileges for an account.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Synchronize">
+				<xs:annotation>
+					<xs:documentation>Specifies the atomic action of synchronizing an object.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Throw">
+				<xs:annotation>
+					<xs:documentation>Specifies the atomic action of throwing an object, such as an exception in a programming language.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Transmit">
+				<xs:annotation>
+					<xs:documentation>Specifies the atomic action of transmitting an object.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Unblock">
+				<xs:annotation>
+					<xs:documentation>Specifies the atomic action of unblocking an object.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Unhide">
+				<xs:annotation>
+					<xs:documentation>Specifies the atomic action of unhiding an object.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Unhook">
+				<xs:annotation>
+					<xs:documentation>Specifies the atomic action of unhooking an object from another object, that is, to detach.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Uninstall">
+				<xs:annotation>
+					<xs:documentation>Specifies the atomic action of uninstalling an object.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Unload">
+				<xs:annotation>
+					<xs:documentation>Specifies the atomic action of unloading an object.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Unlock">
+				<xs:annotation>
+					<xs:documentation>Specifies the atomic action of unlocking an object.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Unmap">
+				<xs:annotation>
+					<xs:documentation>Specifies the atomic action of unmapping an object from another object or data.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Unpack">
+				<xs:annotation>
+					<xs:documentation>Specifies the atomic action of unpacking an object, such as an archive.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Update">
+				<xs:annotation>
+					<xs:documentation>Specifies the atomic action of updating an object.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Upgrade">
+				<xs:annotation>
+					<xs:documentation>Specifies the atomic action of upgrading an object.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Upload">
+				<xs:annotation>
+					<xs:documentation>Specifies the atomic action of uploading an object.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Wipe/Destroy/Purge">
+				<xs:annotation>
+					<xs:documentation>Specifies the atomic action of wiping, destroying, or purging an object.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Write">
+				<xs:annotation>
+					<xs:documentation>Specifies the atomic action of writing an object.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+		</xs:restriction>
+	</xs:simpleType>
+	<xs:complexType name="ActionNameVocab-1.0">
+		<xs:annotation>
+			<xs:documentation>The ActionNameVocab is the default CybOX vocabulary for Action Types, captured via the ActionType/Name element in CybOX Core.</xs:documentation>
+		</xs:annotation>
+		<xs:simpleContent>
+			<xs:restriction base="cyboxCommon:ControlledVocabularyStringType">
+				<xs:simpleType>
+					<xs:union memberTypes="cyboxVocabs:ActionNameEnum-1.0"/>
+				</xs:simpleType>
+				<xs:attribute name="vocab_name" type="xs:string" use="optional" fixed="CybOX Default Action Names"/>
+				<xs:attribute name="vocab_reference" type="xs:anyURI" use="optional" fixed="http://cybox.mitre.org/XMLSchema/default_vocabularies/2.0/cybox_default_vocabularies.xsd#DefinedActionNameVocab-1.0"/>
+			</xs:restriction>
+		</xs:simpleContent>
+	</xs:complexType>
+	<xs:simpleType name="ActionNameEnum-1.0">
+		<xs:annotation>
+			<xs:documentation>The ActionNameEnum type is an enumeration of defined action names.</xs:documentation>
+		</xs:annotation>
+		<xs:restriction base="xs:string">
+			<xs:enumeration value="Accept Socket Connection">
+				<xs:annotation>
+					<xs:documentation>Specifies the defined action of accepting a socket connection.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Add Connection to Network Share">
+				<xs:annotation>
+					<xs:documentation>Specifies the defined action of adding a connection to an existing network share.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Add Network Share">
+				<xs:annotation>
+					<xs:documentation>Specifies the defined action of adding a new network share.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Add System Call Hook">
+				<xs:annotation>
+					<xs:documentation>Specifies the defined action of adding a new system call hook.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Add User">
+				<xs:annotation>
+					<xs:documentation>Specifies the defined action of adding a new user.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Add Windows Hook">
+				<xs:annotation>
+					<xs:documentation>Specifies the defined action of adding a new Windows hook.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Add Scheduled Task">
+				<xs:annotation>
+					<xs:documentation>Specifies the defined action of adding a scheduled task.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Allocate Virtual Memory in Process">
+				<xs:annotation>
+					<xs:documentation>Specifies the defined action of allocating virtual memory in a process.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Bind Address to Socket">
+				<xs:annotation>
+					<xs:documentation>Specifies the defined action of binding an address to a socket.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Change Service Configuration">
+				<xs:annotation>
+					<xs:documentation>Specifies the defined action of changing the service configuration.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Check for Remote Debugger">
+				<xs:annotation>
+					<xs:documentation>Specifies the defined action of checking for a remote debugger.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Close Port">
+				<xs:annotation>
+					<xs:documentation>Specifies the defined action of closing a port.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Close Registry Key">
+				<xs:annotation>
+					<xs:documentation>Specifies the defined action of closing a registry key.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Close Socket">
+				<xs:annotation>
+					<xs:documentation>Specifies the defined action of closing a socket.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Configure Service">
+				<xs:annotation>
+					<xs:documentation>Specifies the defined action of configuring a service.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Connect to IP">
+				<xs:annotation>
+					<xs:documentation>Specifies the defined action of connecting to an IP address.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Connect to Named Pipe">
+				<xs:annotation>
+					<xs:documentation>Specifies the defined action of connecting to a named pipe.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Connect to Network Share">
+				<xs:annotation>
+					<xs:documentation>Specifies the defined action of connecting to a network share.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Connect to Socket">
+				<xs:annotation>
+					<xs:documentation>Specifies the defined action of connecting to a socket.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Connect to URL">
+				<xs:annotation>
+					<xs:documentation>Specifies the defined action of connecting to a URL.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Control Driver">
+				<xs:annotation>
+					<xs:documentation>Specifies the defined action of controlling a driver.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Control Service">
+				<xs:annotation>
+					<xs:documentation>Specifies the defined action of controlling a service.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Copy File">
+				<xs:annotation>
+					<xs:documentation>Specifies the defined action of copying a file.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Create Dialog Box">
+				<xs:annotation>
+					<xs:documentation>Specifies the defined action of creating a dialog box.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Create Directory">
+				<xs:annotation>
+					<xs:documentation>Specifies the defined action of creating a new directory.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Create Event">
+				<xs:annotation>
+					<xs:documentation>Specifies the defined action of creating an event.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Create File">
+				<xs:annotation>
+					<xs:documentation>Specifies the defined action of creating a file.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Create File Alternate Data Stream">
+				<xs:annotation>
+					<xs:documentation>Specifies the defined action of creating an alternate data stream in a file.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Create File Mapping">
+				<xs:annotation>
+					<xs:documentation>Specifies the defined action of creating a new file mapping.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Create File Symbolic Link">
+				<xs:annotation>
+					<xs:documentation>Specifies the defined action of creating a file symbolic link.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Create Hidden File">
+				<xs:annotation>
+					<xs:documentation>Specifies the defined action of creating a hidden file.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Create Mailslot">
+				<xs:annotation>
+					<xs:documentation>Specifies the defined action of creating a mailslot.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Create Module">
+				<xs:annotation>
+					<xs:documentation>Specifies the defined action of creating a module.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Create Mutex">
+				<xs:annotation>
+					<xs:documentation>Specifies the defined action of creating a mutex.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Create Named Pipe">
+				<xs:annotation>
+					<xs:documentation>Specifies the defined action of creating a named pipe.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Create Process">
+				<xs:annotation>
+					<xs:documentation>Specifies the defined action of creating a process.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Create Process as User">
+				<xs:annotation>
+					<xs:documentation>Specifies the defined action of creating a process as user.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Create Registry Key">
+				<xs:annotation>
+					<xs:documentation>Specifies the defined action of creating a registry key.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Create Registry Key Value">
+				<xs:annotation>
+					<xs:documentation>Specifies the defined action of creating a registry key value.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Create Remote Thread in Process">
+				<xs:annotation>
+					<xs:documentation>Specifies the defined action of creating a remote thread in a process.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Create Service">
+				<xs:annotation>
+					<xs:documentation>Specifies the defined action of creating a service.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Create Socket">
+				<xs:annotation>
+					<xs:documentation>Specifies the defined action of creating a socket.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Create Symbolic Link">
+				<xs:annotation>
+					<xs:documentation>Specifies the defined action of creating a symbolic link.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Create Thread">
+				<xs:annotation>
+					<xs:documentation>Specifies the defined action of creating a thread.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Create Window">
+				<xs:annotation>
+					<xs:documentation>Specifies the defined action of creating a window.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Delete Directory">
+				<xs:annotation>
+					<xs:documentation>Specifies the defined action of deleting a directory.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Delete File">
+				<xs:annotation>
+					<xs:documentation>Specifies the defined action of deleting a file.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Delete Named Pipe">
+				<xs:annotation>
+					<xs:documentation>Specifies the defined action of deleting a named pipe.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Delete Network Share">
+				<xs:annotation>
+					<xs:documentation>Specifies the defined action of deleting a network share.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Delete Registry Key">
+				<xs:annotation>
+					<xs:documentation>Specifies the defined action of deleting a registry key.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Delete Registry Key Value">
+				<xs:annotation>
+					<xs:documentation>Specifies the defined action of deleting a registry key value.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Delete Service">
+				<xs:annotation>
+					<xs:documentation>Specifies the defined action of deleting a service.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Delete User">
+				<xs:annotation>
+					<xs:documentation>Specifies the defined action of deleting a user.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Disconnect from Named Pipe">
+				<xs:annotation>
+					<xs:documentation>Specifies the defined action of disconnecting from a named pipe.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Disconnect from Network Share">
+				<xs:annotation>
+					<xs:documentation>Specifies the defined action of disconnecting from a network share.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Disconnect from Socket">
+				<xs:annotation>
+					<xs:documentation>Specifies the defined action of disconnecting from a socket.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Download File">
+				<xs:annotation>
+					<xs:documentation>Specifies the defined action of downloading a file.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Enumerate DLLs">
+				<xs:annotation>
+					<xs:documentation>Specifies the defined action of enumerating DLLs.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Enumerate Network Shares">
+				<xs:annotation>
+					<xs:documentation>Specifies the defined action of enumerating network shares.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Enumerate Protocols">
+				<xs:annotation>
+					<xs:documentation>Specifies the defined action of enumerating protocols.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Enumerate Registry Key Subkeys">
+				<xs:annotation>
+					<xs:documentation>Specifies the defined action of enumerating registry key subkeys.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Enumerate Registry Key Values">
+				<xs:annotation>
+					<xs:documentation>Specifies the defined action of enumerating registry key values.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Enumerate Threads in Process">
+				<xs:annotation>
+					<xs:documentation>Specifies the defined action of enumerating threads in a process.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Enumerate Processes">
+				<xs:annotation>
+					<xs:documentation>Specifies the defined action of enumerating processes.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Enumerate Services">
+				<xs:annotation>
+					<xs:documentation>Specifies the defined action of enumerating services.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Enumerate System Handles">
+				<xs:annotation>
+					<xs:documentation>Specifies the defined action of enumerating system handles.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Enumerate Threads">
+				<xs:annotation>
+					<xs:documentation>Specifies the defined action of enumerating threads.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Enumerate Users">
+				<xs:annotation>
+					<xs:documentation>Specifies the defined action of enumerating users.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Enumerate Windows">
+				<xs:annotation>
+					<xs:documentation>Specifies the defined action of enumerating windows.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Find File">
+				<xs:annotation>
+					<xs:documentation>Specifies the defined action of finding a file.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Find Window">
+				<xs:annotation>
+					<xs:documentation>Specifies the defined action of finding a window.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Flush Process Instruction Cache">
+				<xs:annotation>
+					<xs:documentation>Specifies the defined action of flushing the Process Instruction Cache.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Free Library">
+				<xs:annotation>
+					<xs:documentation>Specifies the defined action of freeing a library.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Free Process Virtual Memory">
+				<xs:annotation>
+					<xs:documentation>Specifies the defined action of freeing virtual memory from a process.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Get Disk Free Space">
+				<xs:annotation>
+					<xs:documentation>Specifies the defined action of getting the amount of free space available on a disk.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Get Disk Type">
+				<xs:annotation>
+					<xs:documentation>Specifies the defined action of getting the disk type.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Get Elapsed System Up Time">
+				<xs:annotation>
+					<xs:documentation>Specifies the defined action of getting the elapsed system up-time.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Get File Attributes">
+				<xs:annotation>
+					<xs:documentation>Specifies the defined action of getting file attributes.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Get Function Address">
+				<xs:annotation>
+					<xs:documentation>Specifies the defined action of getting the function address.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Get System Global Flags">
+				<xs:annotation>
+					<xs:documentation>Specifies the defined action of getting system global flags.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Get Host By Address">
+				<xs:annotation>
+					<xs:documentation>Specifies the defined action of getting host by address.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Get Host By Name">
+				<xs:annotation>
+					<xs:documentation>Specifies the defined action of getting host by name.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Get Host Name">
+				<xs:annotation>
+					<xs:documentation>Specifies the defined action of getting the host name.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Get Library File Name">
+				<xs:annotation>
+					<xs:documentation>Specifies the defined action of getting the library file name.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Get Library Handle">
+				<xs:annotation>
+					<xs:documentation>Specifies the defined action of getting the library handle.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Get NetBIOS Name">
+				<xs:annotation>
+					<xs:documentation>Specifies the defined action of getting the NetBIOS name.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Get Process Current Directory">
+				<xs:annotation>
+					<xs:documentation>Specifies the defined action of getting the process's current directory.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Get Process Environment Variable">
+				<xs:annotation>
+					<xs:documentation>Specifies the defined action of getting the process environment variable.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Get Process Startup Information">
+				<xs:annotation>
+					<xs:documentation>Specifies the defined action of getting the process startup information.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Get Processes Snapshot">
+				<xs:annotation>
+					<xs:documentation>Specifies the defined action of getting the processes snapshot.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Get Registry Key Attributes">
+				<xs:annotation>
+					<xs:documentation>Specifies the defined action of getting the attributes of a registry key.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Get Service Status">
+				<xs:annotation>
+					<xs:documentation>Specifies the defined action of getting the service status.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Get System Global Flags">
+				<xs:annotation>
+					<xs:documentation>Specifies the defined action of getting the system global flags.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Get System Local Time">
+				<xs:annotation>
+					<xs:documentation>Specifies the defined action of getting the local time on a system.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Get System Host Name">
+				<xs:annotation>
+					<xs:documentation>Specifies the defined action of getting the system host name.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Get System NetBIOS Name">
+				<xs:annotation>
+					<xs:documentation>Specifies the defined action of getting the NetBIOS name of a system.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Get System Network Parameters">
+				<xs:annotation>
+					<xs:documentation>Specifies the defined action of getting the system network parameters.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Get System Time">
+				<xs:annotation>
+					<xs:documentation>Specifies the defined action of getting the system time.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Get Thread Context">
+				<xs:annotation>
+					<xs:documentation>Specifies the defined action of getting the thread context.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Get Thread Username">
+				<xs:annotation>
+					<xs:documentation>Specifies the defined action of getting the thread username.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Get User Attributes">
+				<xs:annotation>
+					<xs:documentation>Specifies the defined action of getting the attributes of a user.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Get Username">
+				<xs:annotation>
+					<xs:documentation>Specifies the defined action of getting a username.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Get Windows Directory">
+				<xs:annotation>
+					<xs:documentation>Specifies the defined action of getting a windows directory.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Get Windows System Directory">
+				<xs:annotation>
+					<xs:documentation>Specifies the defined action of getting a windows System directory.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Get Windows Temporary Files Directory">
+				<xs:annotation>
+					<xs:documentation>Specifies the defined action of getting the Windows Temporary Files Directory.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Hide Window">
+				<xs:annotation>
+					<xs:documentation>Specifies the defined action of hiding a window.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Impersonate Process">
+				<xs:annotation>
+					<xs:documentation>Specifies the defined action of impersonating a process.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Impersonate Thread">
+				<xs:annotation>
+					<xs:documentation>Specifies the defined action of impersonating a thread.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Inject Memory Page">
+				<xs:annotation>
+					<xs:documentation>Specifies the defined action of injecting a memory page into a process.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Kill Process">
+				<xs:annotation>
+					<xs:documentation>Specifies the defined action of killing a process.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Kill Thread">
+				<xs:annotation>
+					<xs:documentation>Specifies the defined action of killing a thread.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Kill Window">
+				<xs:annotation>
+					<xs:documentation>Specifies the defined action of killing a window.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Listen on Port">
+				<xs:annotation>
+					<xs:documentation>Specifies the defined action of listening on a specific port.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Listen on Socket">
+				<xs:annotation>
+					<xs:documentation>Specifies the defined action of listening on a socket.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Load and Call Driver">
+				<xs:annotation>
+					<xs:documentation>Specifies the defined action of loading and calling a driver.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Load Driver">
+				<xs:annotation>
+					<xs:documentation>Specifies the defined action of loading a driver.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Load Library">
+				<xs:annotation>
+					<xs:documentation>Specifies the defined action of loading a library.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Load Module">
+				<xs:annotation>
+					<xs:documentation>Specifies the defined action of loading a module.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Lock File">
+				<xs:annotation>
+					<xs:documentation>Specifies the defined action of locking a file.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Logon as User">
+				<xs:annotation>
+					<xs:documentation>Specifies the defined action of logging on as a user.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Map File">
+				<xs:annotation>
+					<xs:documentation>Specifies the defined action of mapping a file.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Map Library">
+				<xs:annotation>
+					<xs:documentation>Specifies the defined action of mapping a library.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Map View of File">
+				<xs:annotation>
+					<xs:documentation>Specifies the defined action of mapping a view of a file.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Modify File">
+				<xs:annotation>
+					<xs:documentation>Specifies the defined action of modifying a file.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Modify Named Pipe">
+				<xs:annotation>
+					<xs:documentation>Specifies the defined action of modifying a named pipe.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Modify Process">
+				<xs:annotation>
+					<xs:documentation>Specifies the defined action of modifying a process.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Modify Service">
+				<xs:annotation>
+					<xs:documentation>Specifies the defined action of modifying a service.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Modify Registry Key">
+				<xs:annotation>
+					<xs:documentation>Specifies the defined action of modifying a registry key.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Modify Registry Key Value">
+				<xs:annotation>
+					<xs:documentation>Specifies the defined action of modifying a registry key value.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Monitor Registry Key">
+				<xs:annotation>
+					<xs:documentation>Specifies the defined action of monitoring a registry key.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Move File">
+				<xs:annotation>
+					<xs:documentation>Specifies the defined action of moving a file.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Open File">
+				<xs:annotation>
+					<xs:documentation>Specifies the defined action of opening a file.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Open File Mapping">
+				<xs:annotation>
+					<xs:documentation>Specifies the defined action of opening a file mapping.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Open Mutex">
+				<xs:annotation>
+					<xs:documentation>Specifies the defined action of opening a mutex.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Open Port">
+				<xs:annotation>
+					<xs:documentation>Specifies the defined action of opening a port.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Open Process">
+				<xs:annotation>
+					<xs:documentation>Specifies the defined action of opening a process.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Open Registry Key">
+				<xs:annotation>
+					<xs:documentation>Specifies the defined action of opening a registry key.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Open Service">
+				<xs:annotation>
+					<xs:documentation>Specifies the defined action of opening a service.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Open Service Control Manager">
+				<xs:annotation>
+					<xs:documentation>Specifies the defined action of opening a service control manager.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Protect Virtual Memory">
+				<xs:annotation>
+					<xs:documentation>Specifies the defined action of protecting virtual memory.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Query Disk Attributes">
+				<xs:annotation>
+					<xs:documentation>Specifies the defined action of querying disk attributes.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Query DNS">
+				<xs:annotation>
+					<xs:documentation>Specifies the defined action of querying DNS.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Query Process Virtual Memory">
+				<xs:annotation>
+					<xs:documentation>Specifies the defined action of querying process virtual memory.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Queue APC in Thread">
+				<xs:annotation>
+					<xs:documentation>Specifies the defined action of querying the Asynchronized Procedure Call (APC) in the context of a thread.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Read File">
+				<xs:annotation>
+					<xs:documentation>Specifies the defined action of reading a file.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Read From Named Pipe">
+				<xs:annotation>
+					<xs:documentation>Specifies the defined action of reading from a named pipe.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Read From Process Memory">
+				<xs:annotation>
+					<xs:documentation>Specifies the defined action of reading from process memory.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Read Registry Key Value">
+				<xs:annotation>
+					<xs:documentation>Specifies the defined action of reading a registry key value.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Receive Data on Socket">
+				<xs:annotation>
+					<xs:documentation>Specifies the defined action of receiving data on a socket.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Release Mutex">
+				<xs:annotation>
+					<xs:documentation>Specifies the defined action of releasing a mutex.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Rename File">
+				<xs:annotation>
+					<xs:documentation>Specifies the defined action of renaming a file.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Revert Thread to Self">
+				<xs:annotation>
+					<xs:documentation>Specifies the defined action of reverting a thread to its self.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Send Control Code to File">
+				<xs:annotation>
+					<xs:documentation>Specifies the defined action of sending a control code to a file.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Send Control Code to Pipe">
+				<xs:annotation>
+					<xs:documentation>Specifies the defined action of sending a control code to a pipe.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Send Control Code to Service">
+				<xs:annotation>
+					<xs:documentation>Specifies the defined action of sending control code to a service.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Send Data on Socket">
+				<xs:annotation>
+					<xs:documentation>Specifies the defined action of sending data on a socket.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Send Data to Address on Socket">
+				<xs:annotation>
+					<xs:documentation>Specifies the defined action of sending data to the address on a socket.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Send DNS Query">
+				<xs:annotation>
+					<xs:documentation>Specifies the defined action of sending a DNS query.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Send Email Message">
+				<xs:annotation>
+					<xs:documentation>Specifies the defined action of sending an email message.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Send ICMP Request">
+				<xs:annotation>
+					<xs:documentation>Specifies the defined action of sending an ICMP request.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Send Reverse DNS Query">
+				<xs:annotation>
+					<xs:documentation>Specifies the defined action of sending a reverse DNS query.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Set File Attributes">
+				<xs:annotation>
+					<xs:documentation>Specifies the defined action of setting file attributes.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Set NetBIOS Name">
+				<xs:annotation>
+					<xs:documentation>Specifies the defined action of setting the NetBIOS name.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Set Process Current Directory">
+				<xs:annotation>
+					<xs:documentation>Specifies the defined action of setting the process current directory.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Set Process Environment Variable">
+				<xs:annotation>
+					<xs:documentation>Specifies the defined action of setting the process environment variable.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Set System Global Flags">
+				<xs:annotation>
+					<xs:documentation>Specifies the defined action of setting system global flags.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Set System Host Name">
+				<xs:annotation>
+					<xs:documentation>Specifies the defined action of setting the system host name.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Set System Time">
+				<xs:annotation>
+					<xs:documentation>Specifies the defined action of setting the system time.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Set Thread Context">
+				<xs:annotation>
+					<xs:documentation>Specifies the defined action of setting the thread context.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Show Window">
+				<xs:annotation>
+					<xs:documentation>Specifies the defined action of showing a window.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Shutdown System">
+				<xs:annotation>
+					<xs:documentation>Specifies the defined action of shutting down a system.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Sleep Process">
+				<xs:annotation>
+					<xs:documentation>Specifies the defined action of sleeping a process.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Sleep System">
+				<xs:annotation>
+					<xs:documentation>Specifies the defined action of sleeping a system.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Start Service">
+				<xs:annotation>
+					<xs:documentation>Specifies the defined action of starting a service.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Unload Driver">
+				<xs:annotation>
+					<xs:documentation>Specifies the defined action of unloading a driver.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Unlock File">
+				<xs:annotation>
+					<xs:documentation>Specifies the defined action of unlocking a file.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Unmap File">
+				<xs:annotation>
+					<xs:documentation>Specifies the defined action of unmapping a file.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Unload Module">
+				<xs:annotation>
+					<xs:documentation>Specifies the defined action of unloading a module.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Upload File">
+				<xs:annotation>
+					<xs:documentation>Specifies the defined action of uploading a file.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Write to File">
+				<xs:annotation>
+					<xs:documentation>Specifies the defined action of writing to a file.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Write to Process Virtual Memory">
+				<xs:annotation>
+					<xs:documentation>Specifies the defined action of writing to process virtual memory.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+		</xs:restriction>
+	</xs:simpleType>
+	<xs:complexType name="ActionArgumentNameVocab-1.0">
+		<xs:annotation>
+			<xs:documentation>The ActionArgumentNameVocab is the default CybOX vocabulary for Action Argument Names, captured via the ActionArgumentType/Argument_Name element in CybOX Core.</xs:documentation>
+		</xs:annotation>
+		<xs:simpleContent>
+			<xs:restriction base="cyboxCommon:ControlledVocabularyStringType">
+				<xs:simpleType>
+					<xs:union memberTypes="cyboxVocabs:ActionArgumentNameEnum-1.0"/>
+				</xs:simpleType>
+				<xs:attribute name="vocab_name" type="xs:string" use="optional" fixed="CybOX Default Action Argument Names"/>
+				<xs:attribute name="vocab_reference" type="xs:anyURI" use="optional" fixed="http://cybox.mitre.org/XMLSchema/default_vocabularies/2.0/cybox_default_vocabularies.xsd#DefinedArgumentNameVocab-1.0"/>
+			</xs:restriction>
+		</xs:simpleContent>
+	</xs:complexType>
+	<xs:simpleType name="ActionArgumentNameEnum-1.0">
+		<xs:annotation>
+			<xs:documentation>The ActionArgumentNameEnum type is an enumeration of defined argument names.</xs:documentation>
+		</xs:annotation>
+		<xs:restriction base="xs:string">
+			<xs:enumeration value="API">
+				<xs:annotation>
+					<xs:documentation>Specifies an argument called API.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Creation Flags">
+				<xs:annotation>
+					<xs:documentation>Specifies an argument called Creation Flags.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Access Mode">
+				<xs:annotation>
+					<xs:documentation>Specifies an argument called Access Mode.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Share Mode">
+				<xs:annotation>
+					<xs:documentation>Specifies an argument called Share Mode.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Callback Address">
+				<xs:annotation>
+					<xs:documentation>Specifies an argument called Callback Address.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Source Address">
+				<xs:annotation>
+					<xs:documentation>Specifies an argument called Source Address.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Destination Address">
+				<xs:annotation>
+					<xs:documentation>Specifies an argument called Destination Address.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Starting Address">
+				<xs:annotation>
+					<xs:documentation>Specifies an argument called Starting Address.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Size (bytes)">
+				<xs:annotation>
+					<xs:documentation>Specifies an argument called Size (bytes).</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Control Parameter">
+				<xs:annotation>
+					<xs:documentation>Specifies an argument called Control Parameter.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Host Name">
+				<xs:annotation>
+					<xs:documentation>Specifies an argument called Host Name.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Function Name">
+				<xs:annotation>
+					<xs:documentation>Specifies an argument called Function Name.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Function Address">
+				<xs:annotation>
+					<xs:documentation>Specifies an argument called Function Address.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Options">
+				<xs:annotation>
+					<xs:documentation>Specifies an argument called Options.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Transfer Flags">
+				<xs:annotation>
+					<xs:documentation>Specifies an argument called Transfer Flags.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Control Code">
+				<xs:annotation>
+					<xs:documentation>Specifies an argument called Control Code.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="APC Mode">
+				<xs:annotation>
+					<xs:documentation>Specifies an argument called APC Mode.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="APC Address">
+				<xs:annotation>
+					<xs:documentation>Specifies an argument called APC Address.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Base Address">
+				<xs:annotation>
+					<xs:documentation>Specifies an argument called Base Address.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Protection">
+				<xs:annotation>
+					<xs:documentation>Specifies an argument called Protection.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Target PID">
+				<xs:annotation>
+					<xs:documentation>Specifies an argument called Target PID.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Mapping Offset">
+				<xs:annotation>
+					<xs:documentation>Specifies an argument called Mapping Offset.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="File Information Class">
+				<xs:annotation>
+					<xs:documentation>Specifies an argument called File Information Class.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Function Ordinal">
+				<xs:annotation>
+					<xs:documentation>Specifies an argument called Function Ordinal.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Function Name">
+				<xs:annotation>
+					<xs:documentation>Specifies an argument called Function Name.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Hook Type">
+				<xs:annotation>
+					<xs:documentation>Specifies an argument called Hook Type.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Request Size">
+				<xs:annotation>
+					<xs:documentation>Specifies an argument called Request Size.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Service Type">
+				<xs:annotation>
+					<xs:documentation>Specifies an argument called Service Type.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Service State">
+				<xs:annotation>
+					<xs:documentation>Specifies an argument called Service State.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Group Name">
+				<xs:annotation>
+					<xs:documentation>Specifies an argument called Group Name.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Hostname">
+				<xs:annotation>
+					<xs:documentation>Specifies an argument called Hostname.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Shutdown Flag">
+				<xs:annotation>
+					<xs:documentation>Specifies an argument called Shutdown Flag.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Sleep Time (ms)">
+				<xs:annotation>
+					<xs:documentation>Specifies an argument called Sleep Time (ms).</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Code Address">
+				<xs:annotation>
+					<xs:documentation>Specifies an argument called Code Address.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Parameter Address">
+				<xs:annotation>
+					<xs:documentation>Specifies an argument called Parameter Address.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Server">
+				<xs:annotation>
+					<xs:documentation>Specifies an argument called Server.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+		</xs:restriction>
+	</xs:simpleType>
+	<xs:complexType name="ActionObjectAssociationTypeVocab-1.0">
+		<xs:annotation>
+			<xs:documentation>The ActionObjectAssocationVocab is the default CybOX vocabulary for Action-Object association types, captured via the AssociatedObjectType/Association_Type element in CybOX Core.</xs:documentation>
+		</xs:annotation>
+		<xs:simpleContent>
+			<xs:restriction base="cyboxCommon:ControlledVocabularyStringType">
+				<xs:simpleType>
+					<xs:union memberTypes="cyboxVocabs:ActionObjectAssociationTypeEnum-1.0"/>
+				</xs:simpleType>
+				<xs:attribute name="vocab_name" type="xs:string" use="optional" fixed="CybOX Default Action-Object Association Names"/>
+				<xs:attribute name="vocab_reference" type="xs:anyURI" use="optional" fixed="http://cybox.mitre.org/XMLSchema/default_vocabularies/2.0/cybox_default_vocabularies.xsd#ActionObjectAssociationTypeVocab-1.0"/>
+			</xs:restriction>
+		</xs:simpleContent>
+	</xs:complexType>
+	<xs:simpleType name="ActionObjectAssociationTypeEnum-1.0">
+		<xs:annotation>
+			<xs:documentation>ActionObjectAssociationTypeEnum is a (non-exhaustive) enumeration of types of action-object associations.</xs:documentation>
+		</xs:annotation>
+		<xs:restriction base="xs:string">
+			<xs:enumeration value="Initiating">
+				<xs:annotation>
+					<xs:documentation>Specifies that the associated object initiated the action.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Affected">
+				<xs:annotation>
+					<xs:documentation>Specifies that the associated object was affected by the action.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Utilized">
+				<xs:annotation>
+					<xs:documentation>Specifies that the associated object was utilized by the action.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Returned">
+				<xs:annotation>
+					<xs:documentation>Specifies that the associated object was the result of the action.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+		</xs:restriction>
+	</xs:simpleType>
+	<xs:complexType name="ActionRelationshipTypeVocab-1.0">
+		<xs:annotation>
+			<xs:documentation>The ActionObjectAssocationVocab is the default CybOX vocabulary for Action-Action relationships, captured via the ActionRelationshipType/Type element in the CybOX Core.</xs:documentation>
+		</xs:annotation>
+		<xs:simpleContent>
+			<xs:restriction base="cyboxCommon:ControlledVocabularyStringType">
+				<xs:simpleType>
+					<xs:union memberTypes="cyboxVocabs:ActionRelationshipTypeEnum-1.0"/>
+				</xs:simpleType>
+				<xs:attribute name="vocab_name" type="xs:string" use="optional" fixed="CybOX Default Action-Action Relationships"/>
+				<xs:attribute name="vocab_reference" type="xs:anyURI" use="optional" fixed="http://cybox.mitre.org/XMLSchema/default_vocabularies/2.0/cybox_default_vocabularies.xsd#ActionRelationshipTypeVocab-1.0"/>
+			</xs:restriction>
+		</xs:simpleContent>
+	</xs:complexType>
+	<xs:simpleType name="ActionRelationshipTypeEnum-1.0">
+		<xs:annotation>
+			<xs:documentation>The ActionRelationshipTypeEnum is an enumeration of types of relationships between actions.</xs:documentation>
+		</xs:annotation>
+		<xs:restriction base="xs:string">
+			<xs:enumeration value="Preceded_By">
+				<xs:annotation>
+					<xs:documentation>Specifies that this action is preceded by the related action.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Followed_By">
+				<xs:annotation>
+					<xs:documentation>Specifies that this action is followed by the related action.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Equivalent_To">
+				<xs:annotation>
+					<xs:documentation>Specifies that this entity (e.g. Action) is equivalent to the associated entity.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Related_To">
+				<xs:annotation>
+					<xs:documentation>Specifies that this action is simply related to the related action in some way.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Dependent_On">
+				<xs:annotation>
+					<xs:documentation>Specifies that this action is dependent on the related action.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Initiated_By">
+				<xs:annotation>
+					<xs:documentation>Specifies that this action was initiated by the related action.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Initiated">
+				<xs:annotation>
+					<xs:documentation>Specifies that this action initiated the related action.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+		</xs:restriction>
+	</xs:simpleType>
+	<xs:complexType name="EventTypeVocab-1.0">
+		<xs:annotation>
+			<xs:documentation>The EventTypeVocab is the default CybOX vocabulary for Event types, captured via the EventType/Type element in the CybOX Core.</xs:documentation>
+		</xs:annotation>
+		<xs:simpleContent>
+			<xs:restriction base="cyboxCommon:ControlledVocabularyStringType">
+				<xs:simpleType>
+					<xs:union memberTypes="cyboxVocabs:EventTypeEnum-1.0"/>
+				</xs:simpleType>
+				<xs:attribute name="vocab_name" type="xs:string" use="optional" fixed="CybOX Default Event Types"/>
+				<xs:attribute name="vocab_reference" type="xs:anyURI" use="optional" fixed="http://cybox.mitre.org/XMLSchema/default_vocabularies/2.0/cybox_default_vocabularies.xsd#EventTypeVocab-1.0"/>
+			</xs:restriction>
+		</xs:simpleContent>
+	</xs:complexType>
+	<xs:simpleType name="EventTypeEnum-1.0">
+		<xs:annotation>
+			<xs:documentation>EventTypeEnum is a (non-exhaustive) enumeration of cyber observable event types.</xs:documentation>
+		</xs:annotation>
+		<xs:restriction base="xs:string">
+			<xs:enumeration value="File Ops (CRUD)">
+				<xs:annotation>
+					<xs:documentation>Specifies the class of events dealing with file operations.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Registry Ops">
+				<xs:annotation>
+					<xs:documentation>Specifies the class of events dealing with registry operations.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Memory Ops">
+				<xs:annotation>
+					<xs:documentation>Specifies the class of events dealing with memory operations.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Process Mgt">
+				<xs:annotation>
+					<xs:documentation>Specifies the class of events dealing with process management.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Thread Mgt">
+				<xs:annotation>
+					<xs:documentation>Specifies the class of events dealing with thread management.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Service Mgt">
+				<xs:annotation>
+					<xs:documentation>Specifies the class of events dealing with service management.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Session Mgt">
+				<xs:annotation>
+					<xs:documentation>Specifies the class of events dealing with session management.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="API Calls">
+				<xs:annotation>
+					<xs:documentation>Specifies the class of events dealing with API calls.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Port Scan">
+				<xs:annotation>
+					<xs:documentation>Specifies the class of events dealing with port scanning.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="IP Ops">
+				<xs:annotation>
+					<xs:documentation>Specifies the class of events dealing with IP Operations.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="DNS Lookup Ops">
+				<xs:annotation>
+					<xs:documentation>Specifies the class of events dealing with DNS Lookup operations.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Socket Ops">
+				<xs:annotation>
+					<xs:documentation>Specifies the class of events dealing with thread management.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="IPC">
+				<xs:annotation>
+					<xs:documentation>Specifies the class of events dealing with thread management.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Configuration Management">
+				<xs:annotation>
+					<xs:documentation>Specifies the class of events dealing with configuration management.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="User/Password Mgt">
+				<xs:annotation>
+					<xs:documentation>Specifies the class of events dealing with user/password management.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Account Ops (App Layer)">
+				<xs:annotation>
+					<xs:documentation>Specifies the class of events dealing with account operations at the application layer.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="HTTP Traffic">
+				<xs:annotation>
+					<xs:documentation>Specifies the class of events dealing with HTTP traffic.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="App Layer Traffic">
+				<xs:annotation>
+					<xs:documentation>Specifies the class of events dealing with Application Layer traffic.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Packet Traffic">
+				<xs:annotation>
+					<xs:documentation>Specifies the class of events dealing with packet traffic.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Data Flow">
+				<xs:annotation>
+					<xs:documentation>Specifies the class of events dealing with data flow.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Anomoly Events">
+				<xs:annotation>
+					<xs:documentation>Specifies the class of events dealing with anomoly events.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Technical Compliance">
+				<xs:annotation>
+					<xs:documentation>Specifies the class of events dealing with Technical compliance.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Procedural Compliance">
+				<xs:annotation>
+					<xs:documentation>Specifies the class of events dealing with procedural compliance.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="GUI/KVM">
+				<xs:annotation>
+					<xs:documentation>Specifies the class of events dealing with the GUI/Kernel-based Virtual Machine (KVM).</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Autorun">
+				<xs:annotation>
+					<xs:documentation>Specifies the class of events dealing with Autorun.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="USB/Media Detection">
+				<xs:annotation>
+					<xs:documentation>Specifies the class of events dealing with USB and/or Media detection.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="SQL">
+				<xs:annotation>
+					<xs:documentation>Specifies the class of events dealing with the SQL language.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="DHCP">
+				<xs:annotation>
+					<xs:documentation>Specifies the class of events dealing with the Dynamic Host Configuration Protocol (DHCP).</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Redirection">
+				<xs:annotation>
+					<xs:documentation>Specifies the class of events dealing with redirection.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Authentication Ops">
+				<xs:annotation>
+					<xs:documentation>Specifies the class of events dealing with authentication operations.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Authorization (ACL)">
+				<xs:annotation>
+					<xs:documentation>Specifies the class of events dealing with authorization via Access Control Lists (ACL).</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Privilege Ops">
+				<xs:annotation>
+					<xs:documentation>Specifies the class of events dealing with privilege operations.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Basic System Ops">
+				<xs:annotation>
+					<xs:documentation>Specifies the class of events dealing with basic system operations.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Signature Detection">
+				<xs:annotation>
+					<xs:documentation>Specifies the class of events dealing with signature detection.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Auto-update Ops">
+				<xs:annotation>
+					<xs:documentation>Specifies the class of events dealing with auto-update operations.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Application Logic">
+				<xs:annotation>
+					<xs:documentation>Specifies the class of events dealing with application logic.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Email Ops">
+				<xs:annotation>
+					<xs:documentation>Specifies the class of events dealing with e-mail operations.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+		</xs:restriction>
+	</xs:simpleType>
+	<xs:complexType name="ObjectRelationshipVocab-1.0">
+		<xs:annotation>
+			<xs:documentation>The ObjectRelationshipVocab is the default CybOX vocabulary for Object-Object relationships, captured via the RelatedObjectType/Relationship element in CybOX Core.</xs:documentation>
+		</xs:annotation>
+		<xs:simpleContent>
+			<xs:restriction base="cyboxCommon:ControlledVocabularyStringType">
+				<xs:simpleType>
+					<xs:union memberTypes="cyboxVocabs:ObjectRelationshipEnum-1.0"/>
+				</xs:simpleType>
+				<xs:attribute name="vocab_name" type="xs:string" use="optional" fixed="CybOX Default Object-Object Relationships"/>
+				<xs:attribute name="vocab_reference" type="xs:anyURI" use="optional" fixed="http://cybox.mitre.org/XMLSchema/default_vocabularies/2.0/cybox_default_vocabularies.xsd#ObjectRelationshipVocab-1.0"/>
+			</xs:restriction>
+		</xs:simpleContent>
+	</xs:complexType>
+	<xs:simpleType name="ObjectRelationshipEnum-1.0">
+		<xs:annotation>
+			<xs:documentation>ObjectRelationshipEnum is a (non-exhaustive) enumeration of interobject relationships.</xs:documentation>
+		</xs:annotation>
+		<xs:restriction base="xs:string">
+			<xs:enumeration value="Created">
+				<xs:annotation>
+					<xs:documentation>Specifies that this object created the related object.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Created_By">
+				<xs:annotation>
+					<xs:documentation>Specifies that this object was created by the related object.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Deleted">
+				<xs:annotation>
+					<xs:documentation>Specifies that this object deleted the related object.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Deleted_By">
+				<xs:annotation>
+					<xs:documentation>Specifies that this object was deleted by the related object.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Modified_Properties_Of">
+				<xs:annotation>
+					<xs:documentation>Specifies that this object modified the properties of the related object.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Properties_Modified_By">
+				<xs:annotation>
+					<xs:documentation>Specifies that the properties of this object were modified by the related object.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Read_From">
+				<xs:annotation>
+					<xs:documentation>Specifies that this object was read from the related object.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Read_From_By">
+				<xs:annotation>
+					<xs:documentation>Specifies that this object was read from by the related object.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Wrote_To">
+				<xs:annotation>
+					<xs:documentation>Specifies that this object wrote to the related object.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Written_To_By">
+				<xs:annotation>
+					<xs:documentation>Specifies that this object was written to by the related object.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Downloaded_From">
+				<xs:annotation>
+					<xs:documentation>Specifies that this object was downloaded from the related object.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Downloaded_To">
+				<xs:annotation>
+					<xs:documentation>Specifies that this object downloaded the related object.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Downloaded">
+				<xs:annotation>
+					<xs:documentation>Specifies that this object downloaded the related object.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Downloaded_By">
+				<xs:annotation>
+					<xs:documentation>Specifies that this object was downloaded by the related object.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Uploaded">
+				<xs:annotation>
+					<xs:documentation>Specifies that this object uploaded the related object.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Uploaded_By">
+				<xs:annotation>
+					<xs:documentation>Specifies that this object was uploaded by the related object.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Uploaded_To">
+				<xs:annotation>
+					<xs:documentation>Specifies that this object was uploaded to the related object.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Received_Via_Upload">
+				<xs:annotation>
+					<xs:documentation>Specifies that this object received the related object via upload.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Uploaded_From">
+				<xs:annotation>
+					<xs:documentation>Specifies that this object was uploaded from the related object.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Sent_Via_Upload">
+				<xs:annotation>
+					<xs:documentation>Specifies that this object sent the related object via upload.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Suspended">
+				<xs:annotation>
+					<xs:documentation>Specifies that this object suspended the related object.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Suspended_By">
+				<xs:annotation>
+					<xs:documentation>Specifies that this object was suspended by the related object.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Paused">
+				<xs:annotation>
+					<xs:documentation>Specifies that this object paused the related object.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Paused_By">
+				<xs:annotation>
+					<xs:documentation>Specifies that this object was paused by the related object.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Resumed">
+				<xs:annotation>
+					<xs:documentation>Specifies that this object resumed the related object.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Resumed_By">
+				<xs:annotation>
+					<xs:documentation>Specifies that this object was resumed by the related object.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Opened">
+				<xs:annotation>
+					<xs:documentation>Specifies that this object opened the related object.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Opened_By">
+				<xs:annotation>
+					<xs:documentation>Specifies that this object was opened by the related object.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Closed">
+				<xs:annotation>
+					<xs:documentation>Specifies that this object closed the related object.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Closed_By">
+				<xs:annotation>
+					<xs:documentation>Specifies that this object was closed by the related object.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Copied_From">
+				<xs:annotation>
+					<xs:documentation>Specifies that this object was copied from the related object.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Copied_To">
+				<xs:annotation>
+					<xs:documentation>Specifies that this object was copied to the related object.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Copied">
+				<xs:annotation>
+					<xs:documentation>Specifies that this object copied the related object.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Copied_By">
+				<xs:annotation>
+					<xs:documentation>Specifies that this object was copied by the related object.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Moved_From">
+				<xs:annotation>
+					<xs:documentation>Specifies that this object was moved from the related object.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Moved_To">
+				<xs:annotation>
+					<xs:documentation>Specifies that this object was moved to the related object.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Moved">
+				<xs:annotation>
+					<xs:documentation>Specifies that this object moved the related object.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Moved_By">
+				<xs:annotation>
+					<xs:documentation>Specifies that this object was moved by the related object.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Searched_For">
+				<xs:annotation>
+					<xs:documentation>Specifies that this object searched for the related object.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Searched_For_By">
+				<xs:annotation>
+					<xs:documentation>Specifies that this object was searched for by the related object.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Allocated">
+				<xs:annotation>
+					<xs:documentation>Specifies that this object allocated the related object.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Allocated_By">
+				<xs:annotation>
+					<xs:documentation>Specifies that this object was allocated by the related object.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Initialized_To">
+				<xs:annotation>
+					<xs:documentation>Specifies that this object was initialized to the related object.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Initialized_By">
+				<xs:annotation>
+					<xs:documentation>Specifies that this object was initialized by the related object.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Sent">
+				<xs:annotation>
+					<xs:documentation>Specifies that this object sent the related object.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Sent_By">
+				<xs:annotation>
+					<xs:documentation>Specifies that this object was sent by the related object.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Sent_To">
+				<xs:annotation>
+					<xs:documentation>Specifies that this object was sent to the related object.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Received_From">
+				<xs:annotation>
+					<xs:documentation>Specifies that this object was received from the related object.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Received">
+				<xs:annotation>
+					<xs:documentation>Specifies that this object received the related object.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Received_By">
+				<xs:annotation>
+					<xs:documentation>Specifies that this object was received by the related object.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Mapped_Into">
+				<xs:annotation>
+					<xs:documentation>Specifies that this object was mapped into the related object.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Mapped_By">
+				<xs:annotation>
+					<xs:documentation>Specifies that this object was mapped by the related object.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Properties_Queried">
+				<xs:annotation>
+					<xs:documentation>Specifies that the object queried properties of the related object.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Properties_Queried_By">
+				<xs:annotation>
+					<xs:documentation>Specifies that the properties of this object were queried by the related object.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Values_Enumerated">
+				<xs:annotation>
+					<xs:documentation>Specifies that the object enumerated values of the related object.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Values_Enumerated_By">
+				<xs:annotation>
+					<xs:documentation>Specifies that the values of the object were enumerated by the related object.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Bound">
+				<xs:annotation>
+					<xs:documentation>Specifies that this object bound the related object.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Bound_By">
+				<xs:annotation>
+					<xs:documentation>Specifies that this object was bound by the related object.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Freed">
+				<xs:annotation>
+					<xs:documentation>Specifies that this object freed the related object.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Freed_By">
+				<xs:annotation>
+					<xs:documentation>Specifies that this object was freed by the related object.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Killed">
+				<xs:annotation>
+					<xs:documentation>Specifies that this object killed the related object.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Killed_By">
+				<xs:annotation>
+					<xs:documentation>Specifies that this object was killed by the related object.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Encrypted">
+				<xs:annotation>
+					<xs:documentation>Specifies that this object encrypted the related object.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Encrypted_By">
+				<xs:annotation>
+					<xs:documentation>Specifies that this object was encrypted by the related object.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Encrypted_To">
+				<xs:annotation>
+					<xs:documentation>Specifies that this object was encrypted to the related object.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Encrypted_From">
+				<xs:annotation>
+					<xs:documentation>Specifies that this object was encrypted from the related object.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Decrypted">
+				<xs:annotation>
+					<xs:documentation>Specifies that this object decrypted the related object.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Decrypted_By">
+				<xs:annotation>
+					<xs:documentation>Specifies that this object was decrypted by the related object.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Packed">
+				<xs:annotation>
+					<xs:documentation>Specifies that this object packed the related object.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Packed_By">
+				<xs:annotation>
+					<xs:documentation>Specifies that this object was packed by the related object.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Unpacked">
+				<xs:annotation>
+					<xs:documentation>Specifies that this object unpacked the related object.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Unpacked_By">
+				<xs:annotation>
+					<xs:documentation>Specifies that this object was unpacked by the related object.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Packed_From">
+				<xs:annotation>
+					<xs:documentation>Specifies that this object was packed from the related object.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Packed_Into">
+				<xs:annotation>
+					<xs:documentation>Specifies that this object was packed into the related object.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Encoded">
+				<xs:annotation>
+					<xs:documentation>Specifies that this object encoded the related object.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Encoded_By">
+				<xs:annotation>
+					<xs:documentation>Specifies that this object was encoded by the related object.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Decoded">
+				<xs:annotation>
+					<xs:documentation>Specifies that this object decoded the related object.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Decoded_By">
+				<xs:annotation>
+					<xs:documentation>Specifies that this object was decoded by the related object.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Compressed_From">
+				<xs:annotation>
+					<xs:documentation>Specifies that this object was compressed from the related object.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Compressed_Into">
+				<xs:annotation>
+					<xs:documentation>Specifies that this object was compressed into the related object.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Compressed">
+				<xs:annotation>
+					<xs:documentation>Specifies that this object compressed the related object.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Compressed_By">
+				<xs:annotation>
+					<xs:documentation>Specifies that this object was compressed by the related object.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Decompressed">
+				<xs:annotation>
+					<xs:documentation>Specifies that this object decompressed the related object.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Decompressed_By">
+				<xs:annotation>
+					<xs:documentation>Specifies that this object was decompressed by the related object.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Joined">
+				<xs:annotation>
+					<xs:documentation>Specifies that this object joined the related object.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Joined_By">
+				<xs:annotation>
+					<xs:documentation>Specifies that this object was joined by the related object.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Merged">
+				<xs:annotation>
+					<xs:documentation>Specifies that this object merged the related object.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Merged_By">
+				<xs:annotation>
+					<xs:documentation>Specifies that this object was merged by the related object.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Locked">
+				<xs:annotation>
+					<xs:documentation>Specifies that this object locked the related object.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Locked_By">
+				<xs:annotation>
+					<xs:documentation>Specifies that this object was locked by the related object.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Unlocked">
+				<xs:annotation>
+					<xs:documentation>Specifies that this object unlocked the related object.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Unlocked_By">
+				<xs:annotation>
+					<xs:documentation>Specifies that this object was unlocked by the related object.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Hooked">
+				<xs:annotation>
+					<xs:documentation>Specifies that this object hooked the related object.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Hooked_By">
+				<xs:annotation>
+					<xs:documentation>Specifies that this object was hooked by the related object.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Unhooked">
+				<xs:annotation>
+					<xs:documentation>Specifies that this object unhooked the related object.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Unhooked_By">
+				<xs:annotation>
+					<xs:documentation>Specifies that this object was unhooked by the related object.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Monitored">
+				<xs:annotation>
+					<xs:documentation>Specifies that this object monitored the related object.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Monitored_By">
+				<xs:annotation>
+					<xs:documentation>Specifies that this object was monitored by the related object.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Listened_On">
+				<xs:annotation>
+					<xs:documentation>Specifies that this object listened on the related object.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Listened_On_By">
+				<xs:annotation>
+					<xs:documentation>Specifies that this object was listened on by the related object.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Renamed_From">
+				<xs:annotation>
+					<xs:documentation>Specifies that this object was renamed from the related object.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Renamed_To">
+				<xs:annotation>
+					<xs:documentation>Specifies that this object was renamed to the related object.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Renamed">
+				<xs:annotation>
+					<xs:documentation>Specifies that this object renamed the related object.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Renamed_By">
+				<xs:annotation>
+					<xs:documentation>Specifies that this object was renamed by the related object.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Injected_Into">
+				<xs:annotation>
+					<xs:documentation>Specifies that this object injected into the related object.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Injected_As">
+				<xs:annotation>
+					<xs:documentation>Specifies that this object injected as the related object.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Injected">
+				<xs:annotation>
+					<xs:documentation>Specifies that this object injected the related object.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Injected_By">
+				<xs:annotation>
+					<xs:documentation>Specifies that this object was injected by the related object.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Deleted_From">
+				<xs:annotation>
+					<xs:documentation>Specifies that this object was deleted from the related object.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Previously_Contained">
+				<xs:annotation>
+					<xs:documentation>Specifies that this object previously contained the related object.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Loaded_Into">
+				<xs:annotation>
+					<xs:documentation>Specifies that this object loaded into the related object.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Loaded_From">
+				<xs:annotation>
+					<xs:documentation>Specifies that this object was loaded from the related object.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Set_To">
+				<xs:annotation>
+					<xs:documentation>Specifies that this object was set to the related object.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Set_From">
+				<xs:annotation>
+					<xs:documentation>Specifies that this object was set from the related object.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Resolved_To">
+				<xs:annotation>
+					<xs:documentation>Specifies that this object was resolved to the related object.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Related_To">
+				<xs:annotation>
+					<xs:documentation>Specifies that this object is related to the related object.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Dropped">
+				<xs:annotation>
+					<xs:documentation>Specifies that this object dropped the related object.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Dropped_By">
+				<xs:annotation>
+					<xs:documentation>Specifies that this object was dropped by the related object.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Contains">
+				<xs:annotation>
+					<xs:documentation>Specifies that this object contains the related object.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Contained_Within">
+				<xs:annotation>
+					<xs:documentation>Specifies that this object is contained within the related object.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Extracted_From">
+				<xs:annotation>
+					<xs:documentation>Specifies that this object was extracted from the related object.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Installed">
+				<xs:annotation>
+					<xs:documentation>Specifies that this object installed the related object.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Installed_By">
+				<xs:annotation>
+					<xs:documentation>Specifies that this object was installed by the related object.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Connected_To">
+				<xs:annotation>
+					<xs:documentation>Specifies that this object connected to the related object.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Connected_From">
+				<xs:annotation>
+					<xs:documentation>Specifies that this object was connected to from the related object.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Sub-domain_Of">
+				<xs:annotation>
+					<xs:documentation>Specifies that this object is a sub-domain of the related object.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Supra-domain_Of">
+				<xs:annotation>
+					<xs:documentation>Specifies that this object is a supra-domain of the related object.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Root_Domain_Of">
+				<xs:annotation>
+					<xs:documentation>Specifies that this object is the root domain of the related object.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="FQDN_Of">
+				<xs:annotation>
+					<xs:documentation>Specifies that this object is an FQDN of the related object.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Parent_Of">
+				<xs:annotation>
+					<xs:documentation>Specifies that this object is a parent of the related object.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Child_Of">
+				<xs:annotation>
+					<xs:documentation>Specifies that this object is a child of the related object.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Characterizes">
+				<xs:annotation>
+					<xs:documentation>Specifies that this object describes the properties of the related object. This is most applicable in cases where the related object is an Artifact Object and this object is a non-Artifact Object.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Characterized_By">
+				<xs:annotation>
+					<xs:documentation>Specifies that the related object describes the properties of this object. This is most applicable in cases where the related object is a non-Artifact Object and this object is an Artifact Object.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+		</xs:restriction>
+	</xs:simpleType>
+	<xs:complexType name="ObjectStateVocab-1.0">
+		<xs:annotation>
+			<xs:documentation>The ObjectStateVocab is the default CybOX vocabulary for Object states, captured via the ObjectType/State element in CybOX Core.</xs:documentation>
+		</xs:annotation>
+		<xs:simpleContent>
+			<xs:restriction base="cyboxCommon:ControlledVocabularyStringType">
+				<xs:simpleType>
+					<xs:union memberTypes="cyboxVocabs:ObjectStateEnum-1.0"/>
+				</xs:simpleType>
+				<xs:attribute name="vocab_name" type="xs:string" use="optional" fixed="CybOX Default Object States"/>
+				<xs:attribute name="vocab_reference" type="xs:anyURI" use="optional" fixed="http://cybox.mitre.org/XMLSchema/default_vocabularies/2.0/cybox_default_vocabularies.xsd#ObjectStateVocab-1.0"/>
+			</xs:restriction>
+		</xs:simpleContent>
+	</xs:complexType>
+	<xs:simpleType name="ObjectStateEnum-1.0">
+		<xs:annotation>
+			<xs:documentation>ObjectStateEnum is a (non-exhaustive) enumeration of cyber observable object states.</xs:documentation>
+		</xs:annotation>
+		<xs:restriction base="xs:string">
+			<xs:enumeration value="Exists">
+				<xs:annotation>
+					<xs:documentation>Specifies that the object exists.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Does Not Exist">
+				<xs:annotation>
+					<xs:documentation>Specifies that the object does not exist.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Open">
+				<xs:annotation>
+					<xs:documentation>Specifies that the object is open.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Closed">
+				<xs:annotation>
+					<xs:documentation>Specifies that the object is closed.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Active">
+				<xs:annotation>
+					<xs:documentation>Specifies that the object is active.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Inactive">
+				<xs:annotation>
+					<xs:documentation>Specifies that the object is inactive.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Locked">
+				<xs:annotation>
+					<xs:documentation>Specifies that the object is locked.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Unlocked">
+				<xs:annotation>
+					<xs:documentation>Specifies that the object is unlocked.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Started">
+				<xs:annotation>
+					<xs:documentation>Specifies that the object has started.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Stopped">
+				<xs:annotation>
+					<xs:documentation>Specifies that the object has stopped.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+		</xs:restriction>
+	</xs:simpleType>
+	<xs:complexType name="CharacterEncodingVocab-1.0">
+		<xs:annotation>
+			<xs:documentation>The CharacterEncodingVocab is the default CybOX vocabulary for character encoding, used in the ExtractedStringType/Encoding element in CybOX Common.</xs:documentation>
+		</xs:annotation>
+		<xs:simpleContent>
+			<xs:restriction base="cyboxCommon:ControlledVocabularyStringType">
+				<xs:simpleType>
+					<xs:union memberTypes="cyboxVocabs:CharacterEncodingEnum-1.0"/>
+				</xs:simpleType>
+				<xs:attribute name="vocab_name" type="xs:string" use="optional" fixed="CybOX Default Character Encodings"/>
+				<xs:attribute name="vocab_reference" type="xs:anyURI" use="optional" fixed="http://cybox.mitre.org/XMLSchema/default_vocabularies/2.0/cybox_default_vocabularies.xsd#CharacterEncodingVocab-1.0"/>
+			</xs:restriction>
+		</xs:simpleContent>
+	</xs:complexType>
+	<xs:simpleType name="CharacterEncodingEnum-1.0">
+		<xs:annotation>
+			<xs:documentation>CharacterEncodingEnum is a (non-exhaustive) enumeration of character encodings.</xs:documentation>
+		</xs:annotation>
+		<xs:restriction base="xs:string">
+			<xs:enumeration value="ASCII">
+				<xs:annotation>
+					<xs:documentation>Specifies the American Standard Code for Information Interchange (ASCII) character encoding scheme.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="UTF-8">
+				<xs:annotation>
+					<xs:documentation>Specifies the UCS Transformation Format-8 bit (UTF-8) character encoding scheme.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="UTF-16">
+				<xs:annotation>
+					<xs:documentation>Specifies the UCS Transformation Format-16 bit (UTF-16) character encoding scheme.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="UTF-32">
+				<xs:annotation>
+					<xs:documentation>Specifies the UCS Transformation Format-32 bit (UTF-32) character encoding scheme.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Windows-1250">
+				<xs:annotation>
+					<xs:documentation>Specifies the Windows-1250 character encoding scheme, for Central European languages.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Windows-1251">
+				<xs:annotation>
+					<xs:documentation>Specifies the Windows-1251 character encoding scheme, for Cyrillic alphabets.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Windows-1252">
+				<xs:annotation>
+					<xs:documentation>Specifies the Windows-1252 character encoding scheme, for Western languages.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Windows-1253">
+				<xs:annotation>
+					<xs:documentation>Specifies the Windows-1253 character encoding scheme, for Greek.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Windows-1254">
+				<xs:annotation>
+					<xs:documentation>Specifies the Windows-1254 character encoding scheme, for Turkish.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Windows-1255">
+				<xs:annotation>
+					<xs:documentation>Specifies the Windows-1255 character encoding scheme, for Hebrew.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Windows-1256">
+				<xs:annotation>
+					<xs:documentation>Specifies the Windows-1256 character encoding scheme, for Arabic.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Windows-1257">
+				<xs:annotation>
+					<xs:documentation>Specifies the Windows-1257 character encoding scheme, for Baltic languages.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Windows-1258">
+				<xs:annotation>
+					<xs:documentation>Specifies the Windows-1258 character encoding scheme, for Vietnamese.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+		</xs:restriction>
+	</xs:simpleType>
+	<xs:complexType name="InformationSourceTypeVocab-1.0">
+		<xs:annotation>
+			<xs:documentation>The InformationSourceTypeVocab is the default CybOX vocabulary for information source types, used in the MeasureSourceType/Information_Source_Type element in CybOX Common.</xs:documentation>
+		</xs:annotation>
+		<xs:simpleContent>
+			<xs:restriction base="cyboxCommon:ControlledVocabularyStringType">
+				<xs:simpleType>
+					<xs:union memberTypes="cyboxVocabs:InformationSourceTypeEnum-1.0"/>
+				</xs:simpleType>
+				<xs:attribute name="vocab_name" type="xs:string" use="optional" fixed="CybOX Default Information Source Types"/>
+				<xs:attribute name="vocab_reference" type="xs:anyURI" use="optional" fixed="http://cybox.mitre.org/XMLSchema/default_vocabularies/2.0/cybox_default_vocabularies.xsd#InformationSourceTypeVocab-1.0"/>
+			</xs:restriction>
+		</xs:simpleContent>
+	</xs:complexType>
+	<xs:simpleType name="InformationSourceTypeEnum-1.0">
+		<xs:annotation>
+			<xs:documentation>The InformationSourceTypeEnum is a (non-exhaustive) enumeration of cyber observation information source types.</xs:documentation>
+		</xs:annotation>
+		<xs:restriction base="xs:string">
+			<xs:enumeration value="Comm Logs">
+				<xs:annotation>
+					<xs:documentation>The Comm Logs value specifies a cyber observation coming from communications logs.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Application Logs">
+				<xs:annotation>
+					<xs:documentation>The Application Logs value specifies a cyber observation coming from application logs.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Web Logs">
+				<xs:annotation>
+					<xs:documentation>The Web Logs value specifies a cyber observation coming from web logs.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="DBMS Log">
+				<xs:annotation>
+					<xs:documentation>The DBMS Log value specifies a cyber observation coming from the Database Management System log.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="OS/Device Driver APIs">
+				<xs:annotation>
+					<xs:documentation>The OS/Device Driver APIs value specifies a cyber observation coming from OS/Device Driver APIs.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Frameworks">
+				<xs:annotation>
+					<xs:documentation>The Frameworks value specifies a cyber observation coming from Frameworks.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="VM Hypervisor">
+				<xs:annotation>
+					<xs:documentation>The VM Hypervisor value specifies a cyber observation coming from the VM hypervisor data.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="TPM">
+				<xs:annotation>
+					<xs:documentation>The TPM value specifies a cyber observation made using TPM output data.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Application Framework">
+				<xs:annotation>
+					<xs:documentation>The Application Framework value specifies a cyber observation coming from an application framework.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Help Desk">
+				<xs:annotation>
+					<xs:documentation>The Help Desk value specifies a cyber observation coming from an human or automated help desk.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Incident Management">
+				<xs:annotation>
+					<xs:documentation>The Incident Management value specifies a cyber observation made using information provided by Incident Management services.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="IAVM">
+				<xs:annotation>
+					<xs:documentation>The IAVM value specifies a cyber observation made using information provided by Information Assurance Vulnerability Management mechanisms.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+		</xs:restriction>
+	</xs:simpleType>
+	<xs:complexType name="HashNameVocab-1.0">
+		<xs:annotation>
+			<xs:documentation>The HashNameVocab is the default CybOX vocabulary for hashing algorithm names, used in the HashType/Type element in CybOX Common.</xs:documentation>
+		</xs:annotation>
+		<xs:simpleContent>
+			<xs:restriction base="cyboxCommon:ControlledVocabularyStringType">
+				<xs:simpleType>
+					<xs:union memberTypes="cyboxVocabs:HashNameEnum-1.0"/>
+				</xs:simpleType>
+				<xs:attribute name="vocab_name" type="xs:string" use="optional" fixed="CybOX Default Hashing Algorithm Names"/>
+				<xs:attribute name="vocab_reference" type="xs:anyURI" use="optional" fixed="http://cybox.mitre.org/XMLSchema/default_vocabularies/2.0/cybox_default_vocabularies.xsd#HashNameVocab-1.0"/>
+			</xs:restriction>
+		</xs:simpleContent>
+	</xs:complexType>
+	<xs:simpleType name="HashNameEnum-1.0">
+		<xs:annotation>
+			<xs:documentation>HashNameEnum is a (non-exhaustive) enumeration of hashing algorithm names.</xs:documentation>
+		</xs:annotation>
+		<xs:restriction base="xs:string">
+			<xs:enumeration value="MD5">
+				<xs:annotation>
+					<xs:documentation>The MD5 value specifies the MD5 hashing algorithm.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="MD6">
+				<xs:annotation>
+					<xs:documentation>The MD6 value specifies the MD6 hashing algorithm.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="SHA1">
+				<xs:annotation>
+					<xs:documentation>The SHA1 value specifies the SHA1 hashing algorithm.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="SHA224">
+				<xs:annotation>
+					<xs:documentation>The SHA24 value specifies the SHA224 hashing algorithm.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="SHA256">
+				<xs:annotation>
+					<xs:documentation>The SHA256 value specifies the SHA256 hashing algorithm.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="SHA384">
+				<xs:annotation>
+					<xs:documentation>The SHA384 value specifies the SHA384 hashing algorithm.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="SHA512">
+				<xs:annotation>
+					<xs:documentation>The SHA512 value specifies the SHA512 hashing algorithm.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="SSDEEP">
+				<xs:annotation>
+					<xs:documentation>The SSDEEP value specifies the SSDEEP hashing algorithm.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+		</xs:restriction>
+	</xs:simpleType>
+	<xs:complexType name="ToolTypeVocab-1.0">
+		<xs:annotation>
+			<xs:documentation>The ToolTypeVocab is the default CybOX vocabulary for tool types, used in the MeasureSourceType/Tool_Type element in CybOX Common.</xs:documentation>
+		</xs:annotation>
+		<xs:simpleContent>
+			<xs:restriction base="cyboxCommon:ControlledVocabularyStringType">
+				<xs:simpleType>
+					<xs:union memberTypes="cyboxVocabs:ToolTypeEnum-1.0"/>
+				</xs:simpleType>
+				<xs:attribute name="vocab_name" type="xs:string" use="optional" fixed="CybOX Default Tool Types"/>
+				<xs:attribute name="vocab_reference" type="xs:anyURI" use="optional" fixed="http://cybox.mitre.org/XMLSchema/default_vocabularies/2.0/cybox_default_vocabularies.xsd#ToolTypeVocab-1.0"/>
+			</xs:restriction>
+		</xs:simpleContent>
+	</xs:complexType>
+	<xs:simpleType name="ToolTypeEnum-1.0">
+		<xs:annotation>
+			<xs:documentation>The ToolTypeEnum is a (non-exhaustive) enumeration of cyber observation source tool types.</xs:documentation>
+		</xs:annotation>
+		<xs:restriction base="xs:string">
+			<xs:enumeration value="NIDS">
+				<xs:annotation>
+					<xs:documentation>The NIDS value specifies the Network Intrusion Detection System tool.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="NIPS">
+				<xs:annotation>
+					<xs:documentation>The NIPS value specifies the Network Intrusion Protection System tool.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="HIDS">
+				<xs:annotation>
+					<xs:documentation>The HIDS value specifies the Host-based Intrusion Detection System tool.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="HIPS">
+				<xs:annotation>
+					<xs:documentation>The HIPS value specifies the Host-based Intrusion Protection System tool.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Firewall">
+				<xs:annotation>
+					<xs:documentation>The Firewall value specifies a cyber observation made using a firewall.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Router">
+				<xs:annotation>
+					<xs:documentation>The Router value specifies a cyber observation made using a router.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Proxy">
+				<xs:annotation>
+					<xs:documentation>The Proxy value specifies a cyber observation made using a network proxy.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Gateway">
+				<xs:annotation>
+					<xs:documentation>The Gateway value specifies a cyber observation made using a network gateway.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="SNMP/MIBs">
+				<xs:annotation>
+					<xs:documentation>The SNMP/MIBs value specifies a cyber observation made using the Simple Network Management Protocol or via the Management Information Bases.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="A/V">
+				<xs:annotation>
+					<xs:documentation>The A/V value specifies a cyber observation made using Anti-Virus tools and/or software.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="DBMS Monitor">
+				<xs:annotation>
+					<xs:documentation>The DBMS value specifies a cyber observation made using a Database Management System monitor.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Vulnerability Scanner">
+				<xs:annotation>
+					<xs:documentation>The Vulnerability Scanner value specifies a cyber observation made using a vulnerability scanner.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Configuration Scanner">
+				<xs:annotation>
+					<xs:documentation>The Configuration Scanner value specifies a cyber observation made using a configuration scanner.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Asset Scanner">
+				<xs:annotation>
+					<xs:documentation>The Asset Scanner value specifies a cyber observation made using an asset scanner.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="SIM">
+				<xs:annotation>
+					<xs:documentation>The SIM value specifies a cyber observation made using Security Information Management tools.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="SEM">
+				<xs:annotation>
+					<xs:documentation>The SEM value specifies a cyber observation made using Security Event Management tools.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+		</xs:restriction>
+	</xs:simpleType>
+</xs:schema>
diff --git a/stix_validator/schema/cybox/extensions/platform/README.txt b/stix_validator/schema/cybox/extensions/platform/README.txt
new file mode 100755
index 0000000..aea589c
--- /dev/null
+++ b/stix_validator/schema/cybox/extensions/platform/README.txt
@@ -0,0 +1 @@
+The PlatformSpecificationType, defined in the CybOX common schema, provides a way to provide a prose description of a platform as well as any number of platform identification values. If one wishes to provide a more structured description of a platform, they can define types that extend PlatformSpecificationType. These types would be indicated using an xsi:Type attribute in the relevant element in CybOX content. This directory provides CybOX default extensions to PlatformSpecificationType to support structured description of platforms.
\ No newline at end of file
diff --git a/stix_validator/schema/cybox/extensions/platform/cpe2.3.xsd b/stix_validator/schema/cybox/extensions/platform/cpe2.3.xsd
new file mode 100755
index 0000000..ed86477
--- /dev/null
+++ b/stix_validator/schema/cybox/extensions/platform/cpe2.3.xsd
@@ -0,0 +1,40 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<xs:schema xmlns:xs="http://www.w3.org/2001/XMLSchema"
+    xmlns="http://cybox.mitre.org/extensions/platform#CPE2.3-1"
+    xmlns:cpe23="http://cpe.mitre.org/language/2.0"
+    xmlns:cyboxCommon="http://cybox.mitre.org/common-2"
+    targetNamespace="http://cybox.mitre.org/extensions/platform#CPE2.3-1"
+    elementFormDefault="qualified" version="1.0">
+    <xs:annotation>
+        <xs:documentation>This schema was originally developed by The MITRE Corporation. The CybOX XML Schema implementation is maintained by The MITRE Corporation and developed by the open CybOX Community. For more information, including how to get involved in the effort and how to submit change requests, please visit the CybOX website at http://cybox.mitre.org. </xs:documentation>
+        <xs:appinfo>
+            <schema>CPE2.3</schema>
+            <version>1.0</version>
+            <date>04/03/2013 9:00:00 AM</date>
+            <short_description>Cyber Observable eXpression (CybOX) Extension - CPE 2.3 Platform Instance - Schematic implementation for using the CPE 2.3 Applicablity Language to describe a Platform within the CybOX observable expression language. It extends the PlatformSpecificationType defined in the CybOX common schema. (cybox_common.xsd) For more information on this extension mechanism, please see the CybOX Specification. This document is intended for developers and assumes some familiarity with XML.</short_description>
+            <terms_of_use>Copyright (c) 2012-2013, The MITRE Corporation. All rights reserved. The contents of this file are subject to the terms of the CybOX License located at http://cybox.mitre.org/about/termsofuse.html. See the CybOX License for the specific language governing permissions and limitations for use of this schema. When distributing copies of the CybOX Schema, this license header must be included. </terms_of_use>
+            <reference>http://scap.nist.gov/specifications/cpe/</reference>
+        </xs:appinfo>
+    </xs:annotation>
+    
+    <xs:import namespace="http://cpe.mitre.org/language/2.0"
+        schemaLocation="http://scap.nist.gov/schema/cpe/2.3/cpe-language_2.3.xsd"/>
+    <xs:import namespace="http://cybox.mitre.org/common-2" schemaLocation="../../cybox_common.xsd"/>
+    
+    <xs:complexType name="CPE23PlatformSpecificationType">
+        <xs:annotation>
+            <xs:documentation>The CPE23PlatformSpecificationType provides an extension of the PlatformSpecificationType that imports and leverages the CPE 2.3 applicability language schema for structured characterization of a platform or platform combination.</xs:documentation>
+        </xs:annotation>
+        <xs:complexContent> 
+            <xs:extension base="cyboxCommon:PlatformSpecificationType"> 
+                <xs:sequence> 
+                    <xs:element ref="cpe23:platform-specification" >
+                        <xs:annotation>
+                            <xs:documentation>The platform-specification element, defined in the CPE 2.3 Applicability Language schema, supports a structured characterization of a platform or combination of platforms.</xs:documentation>
+                        </xs:annotation>
+                    </xs:element> 
+                </xs:sequence> 
+            </xs:extension> 
+        </xs:complexContent> 
+    </xs:complexType>
+</xs:schema>
diff --git a/stix_validator/schema/cybox/objects/API_Object.xsd b/stix_validator/schema/cybox/objects/API_Object.xsd
new file mode 100755
index 0000000..51df15c
--- /dev/null
+++ b/stix_validator/schema/cybox/objects/API_Object.xsd
@@ -0,0 +1,55 @@
+<?xml version="1.0" encoding="utf-8"?>
+<xs:schema xmlns:xs="http://www.w3.org/2001/XMLSchema" xmlns:APIObj="http://cybox.mitre.org/objects#APIObject-2" xmlns:cyboxCommon="http://cybox.mitre.org/common-2" targetNamespace="http://cybox.mitre.org/objects#APIObject-2" elementFormDefault="qualified" attributeFormDefault="unqualified" version="2.0">
+	<xs:annotation>
+		<xs:documentation>This schema was originally developed by The MITRE Corporation. The CybOX XML Schema implementation is maintained by The MITRE Corporation and developed by the open CybOX Community. For more information, including how to get involved in the effort and how to submit change requests, please visit the CybOX website at http://cybox.mitre.org. </xs:documentation>
+		<xs:appinfo>
+			<schema>API_Object</schema>
+			<version>2.0</version>
+			<date>02/11/2013 9:00:00 AM</date>
+			<short_description>The following specifies the fields and types that compose this defined CybOX Object type. Each defined object is an extension of the abstract ObjectPropertiesType, defined in CybOX Common. For more information on this extension mechanism, please see the CybOX Specification. This document is intended for developers and assumes some familiarity with XML. </short_description>
+			<terms_of_use>Copyright (c) 2012-2013, The MITRE Corporation. All rights reserved. The contents of this file are subject to the terms of the CybOX License located at http://cybox.mitre.org/about/termsofuse.html. See the CybOX License for the specific language governing permissions and limitations for use of this schema. When distributing copies of the CybOX Schema, this license header must be included. </terms_of_use>
+		</xs:appinfo>
+	</xs:annotation>
+	<xs:import namespace="http://cybox.mitre.org/common-2" schemaLocation="../cybox_common.xsd"/>
+	<xs:element name="API" type="APIObj:APIObjectType">
+		<xs:annotation>
+			<xs:documentation>The API element is intended to characterize a single Application Programming Interface.</xs:documentation>
+		</xs:annotation>
+	</xs:element>
+	<xs:complexType name="APIObjectType">
+		<xs:annotation>
+			<xs:documentation>The APIObjectType type is intended to characterize a specific Application Programming Interface.</xs:documentation>
+		</xs:annotation>
+		<xs:complexContent>
+			<xs:extension base="cyboxCommon:ObjectPropertiesType">
+				<xs:sequence>
+					<xs:element name="Description" type="cyboxCommon:StructuredTextType" minOccurs="0">
+						<xs:annotation>
+							<xs:documentation>The Description property is intended for use in providing a brief description of the API.</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+					<xs:element name="Function_Name" type="cyboxCommon:StringObjectPropertyType" minOccurs="0">
+						<xs:annotation>
+							<xs:documentation>The function_name property contains the exact name of the API function called, e.g. CreateFileEx.</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+					<xs:element name="Normalized_Function_Name" type="cyboxCommon:StringObjectPropertyType" minOccurs="0">
+						<xs:annotation>
+							<xs:documentation>The normalized_function_name property contains the normalized name of the API function called, e.g. CreateFile.</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+					<xs:element name="Platform" type="cyboxCommon:PlatformSpecificationType" minOccurs="0">
+						<xs:annotation>
+							<xs:documentation>The Platform property specifies the relevant platform for this API.</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+					<xs:element name="Address" type="cyboxCommon:HexBinaryObjectPropertyType" minOccurs="0">
+						<xs:annotation>
+							<xs:documentation>The Address property contains the address of the API call in the binary.</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+				</xs:sequence>
+			</xs:extension>
+		</xs:complexContent>
+	</xs:complexType>
+</xs:schema>
\ No newline at end of file
diff --git a/stix_validator/schema/cybox/objects/Account_Object.xsd b/stix_validator/schema/cybox/objects/Account_Object.xsd
new file mode 100755
index 0000000..4995fa2
--- /dev/null
+++ b/stix_validator/schema/cybox/objects/Account_Object.xsd
@@ -0,0 +1,50 @@
+<?xml version="1.0" encoding="utf-8"?>
+<xs:schema xmlns:xs="http://www.w3.org/2001/XMLSchema" xmlns:AccountObj="http://cybox.mitre.org/objects#AccountObject-2" xmlns:cyboxCommon="http://cybox.mitre.org/common-2" targetNamespace="http://cybox.mitre.org/objects#AccountObject-2" elementFormDefault="qualified" attributeFormDefault="unqualified" version="2.0">
+	<xs:annotation>
+		<xs:documentation>This schema was originally developed by The MITRE Corporation. The CybOX XML Schema implementation is maintained by The MITRE Corporation and developed by the open CybOX Community. For more information, including how to get involved in the effort and how to submit change requests, please visit the CybOX website at http://cybox.mitre.org. </xs:documentation>
+		<xs:appinfo>
+			<schema>Account_Object</schema>
+			<version>2.0</version>
+			<date>02/11/2013 9:00:00 AM</date>
+			<short_description>The following specifies the fields and types that compose this defined CybOX Object type. Each defined object is an extension of the abstract ObjectPropertiesType, defined in CybOX Common. For more information on this extension mechanism, please see the CybOX Specification. This document is intended for developers and assumes some familiarity with XML. </short_description>
+			<terms_of_use>Copyright (c) 2012-2013, The MITRE Corporation. All rights reserved. The contents of this file are subject to the terms of the CybOX License located at http://cybox.mitre.org/about/termsofuse.html. See the CybOX License for the specific language governing permissions and limitations for use of this schema. When distributing copies of the CybOX Schema, this license header must be included. </terms_of_use>
+		</xs:appinfo>
+	</xs:annotation>
+	<xs:import namespace="http://cybox.mitre.org/common-2" schemaLocation="../cybox_common.xsd"/>
+	<xs:element name="Account" type="AccountObj:AccountObjectType" nillable="true">
+		<xs:annotation>
+			<xs:documentation>The Account object is intended to characterize generic accounts.</xs:documentation>
+		</xs:annotation>
+	</xs:element>
+	<xs:complexType name="AccountObjectType" mixed="false">
+		<xs:annotation>
+			<xs:documentation>The AccountObjectType type is intended to characterize generic accounts.</xs:documentation>
+		</xs:annotation>
+		<xs:complexContent>
+			<xs:extension base="cyboxCommon:ObjectPropertiesType">
+				<xs:sequence>
+					<xs:element name="Description" type="cyboxCommon:StringObjectPropertyType" minOccurs="0" maxOccurs="1">
+						<xs:annotation>
+							<xs:documentation>The Description property is used for providing a description of the account, if applicable.</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+					<xs:element name="Domain" type="cyboxCommon:StringObjectPropertyType" minOccurs="0">
+						<xs:annotation>
+							<xs:documentation>The Domain property is used for specifying the domain that the account belongs to.</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+				</xs:sequence>
+				<xs:attribute name="disabled" type="xs:boolean">
+					<xs:annotation>
+						<xs:documentation>The disabled field specifies whether or not the account is disabled.</xs:documentation>
+					</xs:annotation>
+				</xs:attribute>
+				<xs:attribute name="locked_out" type="xs:boolean">
+					<xs:annotation>
+						<xs:documentation>The locked_out field specifies whether or not the account is locked out.</xs:documentation>
+					</xs:annotation>
+				</xs:attribute>
+			</xs:extension>
+		</xs:complexContent>
+	</xs:complexType>
+</xs:schema>
diff --git a/stix_validator/schema/cybox/objects/Address_Object.xsd b/stix_validator/schema/cybox/objects/Address_Object.xsd
new file mode 100755
index 0000000..e432139
--- /dev/null
+++ b/stix_validator/schema/cybox/objects/Address_Object.xsd
@@ -0,0 +1,122 @@
+<?xml version="1.0" encoding="utf-8"?>
+<xs:schema xmlns:xs="http://www.w3.org/2001/XMLSchema" xmlns:AddressObj="http://cybox.mitre.org/objects#AddressObject-2" xmlns:cyboxCommon="http://cybox.mitre.org/common-2" targetNamespace="http://cybox.mitre.org/objects#AddressObject-2" elementFormDefault="qualified" attributeFormDefault="unqualified" version="2.0">
+	<xs:annotation>
+		<xs:documentation>This schema was originally developed by The MITRE Corporation. The CybOX XML Schema implementation is maintained by The MITRE Corporation and developed by the open CybOX Community. For more information, including how to get involved in the effort and how to submit change requests, please visit the CybOX website at http://cybox.mitre.org. </xs:documentation>
+		<xs:appinfo>
+			<schema>Address_Object</schema>
+			<version>2.0</version>
+			<date>02/11/2013 9:00:00 AM</date>
+			<short_description>The following specifies the fields and types that compose this defined CybOX Object type. Each defined object is an extension of the abstract ObjectPropertiesType, defined in CybOX Common. For more information on this extension mechanism, please see the CybOX Specification. This document is intended for developers and assumes some familiarity with XML. </short_description>
+			<terms_of_use>Copyright (c) 2012-2013, The MITRE Corporation. All rights reserved. The contents of this file are subject to the terms of the CybOX License located at http://cybox.mitre.org/about/termsofuse.html. See the CybOX License for the specific language governing permissions and limitations for use of this schema. When distributing copies of the CybOX Schema, this license header must be included. </terms_of_use>
+		</xs:appinfo>
+	</xs:annotation>
+	<xs:import namespace="http://cybox.mitre.org/common-2" schemaLocation="../cybox_common.xsd"/>
+	<xs:element name="Address" type="AddressObj:AddressObjectType">
+		<xs:annotation>
+			<xs:documentation>The Address object is intended to specify a cyber address.</xs:documentation>
+		</xs:annotation>
+	</xs:element>
+	<xs:complexType name="AddressObjectType">
+		<xs:annotation>
+			<xs:documentation>The AddressObjectType is intended to characterize cyber addresses.</xs:documentation>
+		</xs:annotation>
+		<xs:complexContent>
+			<xs:extension base="cyboxCommon:ObjectPropertiesType">
+				<xs:sequence>
+					<xs:element name="Address_Value" type="cyboxCommon:StringObjectPropertyType" minOccurs="0">
+						<xs:annotation>
+							<xs:documentation>The required Address_Value construct specifies the actual value of the address.</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+					<xs:element name="VLAN_Name" type="cyboxCommon:StringObjectPropertyType" minOccurs="0">
+						<xs:annotation>
+							<xs:documentation>The VLAN_Name property specifies the name of the Virtual LAN to which the address belongs.</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+					<xs:element name="VLAN_Num" type="cyboxCommon:IntegerObjectPropertyType" minOccurs="0">
+						<xs:annotation>
+							<xs:documentation>The VLAN_Num property specifies the number of the Virtual LAN to which the address belongs.</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+				</xs:sequence>
+				<xs:attribute name="category" type="AddressObj:CategoryTypeEnum" default="ipv4-addr">
+					<xs:annotation>
+						<xs:documentation>The category field specifies the address category that is being defined. </xs:documentation>
+					</xs:annotation>
+				</xs:attribute>
+				<xs:attribute name="is_source" type="xs:boolean">
+					<xs:annotation>
+						<xs:documentation>The is_source field specifies if this is a "Source" address</xs:documentation>
+					</xs:annotation>
+				</xs:attribute>
+				<xs:attribute name="is_destination" type="xs:boolean">
+					<xs:annotation>
+						<xs:documentation>The is_destination field specifies if this is a "Destination" address</xs:documentation>
+					</xs:annotation>
+				</xs:attribute>
+			</xs:extension>
+		</xs:complexContent>
+	</xs:complexType>
+	<xs:simpleType name="CategoryTypeEnum">
+		<xs:annotation>
+			<xs:documentation>The CategoryTypeEnum type is an enumeration of address types.</xs:documentation>
+		</xs:annotation>
+		<xs:restriction base="xs:NMTOKEN">
+			<xs:enumeration value="asn">
+				<xs:annotation>
+					<xs:documentation>The asn value specifies an identifier for an Autonomous System Number.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="atm">
+				<xs:annotation>
+					<xs:documentation>The atm value specifies an Asynchronous Transfer Mode address.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="cidr">
+				<xs:annotation>
+					<xs:documentation>The CIDR value specifies an address in Classless Interdomain Routing notation (the IP address and its associated routing prefix).</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="e-mail">
+				<xs:annotation>
+					<xs:documentation>The e-mail value specifies an e-mail address.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="mac">
+				<xs:annotation>
+					<xs:documentation>The mac value specifies a system's MAC address.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="ipv4-addr">
+				<xs:annotation>
+					<xs:documentation>The IPV4-addr value specifies an IPV4 address.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="ipv4-net">
+				<xs:annotation>
+					<xs:documentation/>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="ipv4-net-mask">
+				<xs:annotation>
+					<xs:documentation>The IPV4-net-mask value specifies an IPV4 bitwise netmask.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="ipv6-addr">
+				<xs:annotation>
+					<xs:documentation>The IPV4-addr value specifies an IPV6 address.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="ipv6-net">
+				<xs:annotation>
+					<xs:documentation/>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="ipv6-net-mask">
+				<xs:annotation>
+					<xs:documentation>The IPV6-net-mask value specifies an IPV6 bitwise netmask.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+		</xs:restriction>
+	</xs:simpleType>
+</xs:schema>
diff --git a/stix_validator/schema/cybox/objects/Artifact_Object.xsd b/stix_validator/schema/cybox/objects/Artifact_Object.xsd
new file mode 100755
index 0000000..0dd39e5
--- /dev/null
+++ b/stix_validator/schema/cybox/objects/Artifact_Object.xsd
@@ -0,0 +1,206 @@
+<?xml version="1.0" encoding="utf-8"?>
+<xs:schema xmlns:xs="http://www.w3.org/2001/XMLSchema" xmlns:ArtifactObj="http://cybox.mitre.org/objects#ArtifactObject-2" xmlns:cyboxCommon="http://cybox.mitre.org/common-2" targetNamespace="http://cybox.mitre.org/objects#ArtifactObject-2" elementFormDefault="qualified" attributeFormDefault="unqualified" version="2.0">
+	<xs:annotation>
+		<xs:documentation>This schema was originally developed by The MITRE Corporation. The CybOX XML Schema implementation is maintained by The MITRE Corporation and developed by the open CybOX Community. For more information, including how to get involved in the effort and how to submit change requests, please visit the CybOX website at http://cybox.mitre.org. </xs:documentation>
+		<xs:appinfo>
+			<schema>Artifact_Object</schema>
+			<version>2.0</version>
+			<date>02/11/2013 9:00:00 AM</date>
+			<short_description>The following specifies the fields and types that compose this defined CybOX Object type. Each defined object is an extension of the abstract ObjectPropertiesType, defined in CybOX Common. For more information on this extension mechanism, please see the CybOX Specification. This document is intended for developers and assumes some familiarity with XML. </short_description>
+			<terms_of_use>Copyright (c) 2012-2013, The MITRE Corporation. All rights reserved. The contents of this file are subject to the terms of the CybOX License located at http://cybox.mitre.org/about/termsofuse.html. See the CybOX License for the specific language governing permissions and limitations for use of this schema. When distributing copies of the CybOX Schema, this license header must be included. </terms_of_use>
+		</xs:appinfo>
+	</xs:annotation>
+	<xs:import namespace="http://cybox.mitre.org/common-2" schemaLocation="../cybox_common.xsd"/>
+	<xs:element name="Artifact" type="ArtifactObj:ArtifactObjectType">
+		<xs:annotation>
+			<xs:documentation>The Artifact object is intended to encapsulate and convey the content of a Raw Artifact.</xs:documentation>
+		</xs:annotation>
+	</xs:element>
+	<xs:complexType name="ArtifactObjectType">
+		<xs:annotation>
+			<xs:documentation>The ArtifactObjectType type is intended to encapsulate and convey the content of a Raw Artifact.</xs:documentation>
+		</xs:annotation>
+		<xs:complexContent>
+			<xs:extension base="cyboxCommon:ObjectPropertiesType">
+				<xs:sequence>
+					<xs:element name="Hashes" type="cyboxCommon:HashListType" minOccurs="0">
+						<xs:annotation>
+							<xs:documentation>The Hashes field is optional and specifies hashes for the Raw_Artifact content.</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+					<xs:element name="Packaging" type="ArtifactObj:PackagingType" minOccurs="0">
+						<xs:annotation>
+							<xs:documentation>The Packaging field is optional and characterizes packaging layers (e.g. compression, encryption, encoding) applied to the original content to generate the content of the Raw_Artifact field of this Object. The ordering of entries in this sequence implicitly denotes the ordering of packaging layer operations applied.</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+					<xs:choice>
+						<xs:element name="Raw_Artifact" type="ArtifactObj:RawArtifactType" minOccurs="0">
+							<xs:annotation>
+								<xs:documentation>The Raw_Artifact field contains the raw content of a cyber artifact (rather than simply analysis of that artifact). It is conveyed within a string-based field and should be further enclosed in a CDATA section within the string-based field.</xs:documentation>
+							</xs:annotation>
+						</xs:element>
+						<xs:element name="Raw_Artifact_Reference" type="xs:anyURI" minOccurs="0">
+							<xs:annotation>
+								<xs:documentation>The Raw_Artifact_Reference field contains a reference to an external instance of the raw content of a cyber artifact (rather than simply analysis of that artifact).</xs:documentation>
+							</xs:annotation>
+						</xs:element>
+					</xs:choice>
+				</xs:sequence>
+				<xs:attribute name="type" type="ArtifactObj:ArtifactTypeEnum">
+					<xs:annotation>
+						<xs:documentation>The type field specifies the general type of the artifact contained in this Defined Object.</xs:documentation>
+					</xs:annotation>
+				</xs:attribute>
+				<xs:attribute name="content_type" type="xs:string">
+					<xs:annotation>
+						<xs:documentation>The content_type field is optional and specifies the Internet Media Type of the artifact contained in this Defined Object.</xs:documentation>
+					</xs:annotation>
+				</xs:attribute>
+				<xs:attribute name="content_type_version" type="xs:string">
+					<xs:annotation>
+						<xs:documentation>The content_type_version field is optional and specifies the content type version of the artifact contained in this Defined Object.</xs:documentation>
+					</xs:annotation>
+				</xs:attribute>
+				<xs:attribute name="suspected_malicious" type="xs:boolean">
+					<xs:annotation>
+						<xs:documentation>The suspected_malicious field is optional and conveys whether the content of the Raw_Artifact is believed to be malicoius.</xs:documentation>
+					</xs:annotation>
+				</xs:attribute>
+			</xs:extension>
+		</xs:complexContent>
+	</xs:complexType>
+	<xs:complexType name="RawArtifactType">
+		<xs:annotation>
+			<xs:documentation>The RawArtifactType is intended to convey, with minimal characterization, the content of the Raw Artifact itself.</xs:documentation>
+		</xs:annotation>
+		<xs:complexContent>
+			<xs:extension base="cyboxCommon:StringObjectPropertyType"/>
+		</xs:complexContent>
+	</xs:complexType>
+	<xs:complexType name="PackagingType">
+		<xs:annotation>
+			<xs:documentation>The PackagingType captures any packaging layers applied to an artifact.</xs:documentation>
+		</xs:annotation>
+		<xs:sequence>
+			<xs:choice maxOccurs="unbounded">
+				<xs:element name="Compression" type="ArtifactObj:CompressionType" minOccurs="0">
+					<xs:annotation>
+						<xs:documentation>The Compression field is optional and specifies details for a compression layer applied to the content of the Raw_Artifact.</xs:documentation>
+					</xs:annotation>
+				</xs:element>
+				<xs:element name="Encryption" type="ArtifactObj:EncryptionType" minOccurs="0">
+					<xs:annotation>
+						<xs:documentation>The Encryption field is optional and specifies details for an encryption layer applied to the content of the Raw_Artifact.</xs:documentation>
+					</xs:annotation>
+				</xs:element>
+				<xs:element name="Encoding" type="ArtifactObj:EncodingType" minOccurs="0">
+					<xs:annotation>
+						<xs:documentation>The Encoding field is optional and specifies details for an encoding layer applied to the content of the Raw_Artifact.</xs:documentation>
+					</xs:annotation>
+				</xs:element>
+			</xs:choice>
+		</xs:sequence>
+		<xs:attribute name="is_encrypted" type="xs:boolean">
+			<xs:annotation>
+				<xs:documentation>The is_encrypted field is optional and specifies whether the Raw_Artifact content is protected/encrypted.</xs:documentation>
+			</xs:annotation>
+		</xs:attribute>
+		<xs:attribute name="is_compressed" type="xs:boolean">
+			<xs:annotation>
+				<xs:documentation>The is_compressed field is optional and specifies whether the Raw_Artifact content is compressed.</xs:documentation>
+			</xs:annotation>
+		</xs:attribute>
+	</xs:complexType>
+	<xs:complexType name="CompressionType">
+		<xs:annotation>
+			<xs:documentation>The CompressionType captures any compression packaging details for an artifact.</xs:documentation>
+		</xs:annotation>
+		<xs:attribute name="compression_mechanism" type="xs:string">
+			<xs:annotation>
+				<xs:documentation>The compression_mechanism field is optional and specifies the compression algorithm utilized to protect the Raw_Artifact content.</xs:documentation>
+			</xs:annotation>
+		</xs:attribute>
+		<xs:attribute name="compression_mechanism_ref" type="xs:anyURI">
+			<xs:annotation>
+				<xs:documentation>The compression_mechanism_ref field is optional and conveys a reference to a description of the compression algorithm utilized to protect the Raw_Artifact content.</xs:documentation>
+			</xs:annotation>
+		</xs:attribute>
+	</xs:complexType>
+	<xs:complexType name="EncryptionType">
+		<xs:annotation>
+			<xs:documentation>The EncryptionType captures any encryption packaging details for an artifact.</xs:documentation>
+		</xs:annotation>
+		<xs:attribute name="encryption_mechanism" type="xs:string">
+			<xs:annotation>
+				<xs:documentation>The encryption_mechanism field is optional and specifies the protection/encryption algorithm utilized to protect the Raw_Artifact content.</xs:documentation>
+			</xs:annotation>
+		</xs:attribute>
+		<xs:attribute name="encryption_mechanism_ref" type="xs:anyURI">
+			<xs:annotation>
+				<xs:documentation>The encryption_mechanism_ref field is optional and conveys a reference to a description of the protection/encryption algorithm utilized to protect the Raw_Artifact content.</xs:documentation>
+			</xs:annotation>
+		</xs:attribute>
+		<xs:attribute name="encryption_key" type="xs:string">
+			<xs:annotation>
+				<xs:documentation>The encryption_key field is optional and locally specifies the password for unprotecting/decrypting the Raw_Artifact content. </xs:documentation>
+			</xs:annotation>
+		</xs:attribute>
+		<xs:attribute name="encryption_key_ref" type="xs:anyURI">
+			<xs:annotation>
+				<xs:documentation>The encryption_key_ref field is optional and specifies a reference to a remote specification of the password for unprotecting/decrypting the Raw_Artifact content. </xs:documentation>
+			</xs:annotation>
+		</xs:attribute>
+	</xs:complexType>
+	<xs:complexType name="EncodingType">
+		<xs:annotation>
+			<xs:documentation>The EncodingType captures any encoding packaging details for an artifact.</xs:documentation>
+		</xs:annotation>
+		<xs:attribute name="algorithm" type="xs:string" default="Base64">
+			<xs:annotation>
+				<xs:documentation>The algorithm field is optional and specifies the encoding algorithm utilized to encode the Raw_Artifact.</xs:documentation>
+			</xs:annotation>
+		</xs:attribute>
+		<xs:attribute name="character_set" type="xs:string">
+			<xs:annotation>
+				<xs:documentation>The character_set field is optional and specifies the character set utilized in the Raw_Artifact content encoding.</xs:documentation>
+			</xs:annotation>
+		</xs:attribute>
+		<xs:attribute name="custom_character_set_ref" type="xs:anyURI">
+			<xs:annotation>
+				<xs:documentation>The custom_character_set_ref field is optional and conveys a reference to a specification of the custom character set used to encode the Raw_Artifact.</xs:documentation>
+			</xs:annotation>
+		</xs:attribute>
+	</xs:complexType>
+	<xs:simpleType name="ArtifactTypeEnum">
+		<xs:annotation>
+			<xs:documentation>The ArtifactTypeEnum is a (non-exhaustive) enumeration of cyber raw artifact types.</xs:documentation>
+		</xs:annotation>
+		<xs:restriction base="xs:string">
+			<xs:enumeration value="File">
+				<xs:annotation>
+					<xs:documentation>The File value specifies that the artifact is a file.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Memory Region">
+				<xs:annotation>
+					<xs:documentation>The Memory Region value specifies that the artifact is a block of data from a region of memory.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="File System Fragment">
+				<xs:annotation>
+					<xs:documentation>The File System Fragment value specifies that the artifact is a block of data from a file system.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Network Traffic">
+				<xs:annotation>
+					<xs:documentation>The Network Traffic value specifies that the artifact is a block of network traffic data such as PCAP.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Generic Data Region">
+				<xs:annotation>
+					<xs:documentation>The Generic Data Region value specifies that the artifact is a block of data from an unknown source.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+		</xs:restriction>
+	</xs:simpleType>
+</xs:schema>
\ No newline at end of file
diff --git a/stix_validator/schema/cybox/objects/Code_Object.xsd b/stix_validator/schema/cybox/objects/Code_Object.xsd
new file mode 100755
index 0000000..e174d49
--- /dev/null
+++ b/stix_validator/schema/cybox/objects/Code_Object.xsd
@@ -0,0 +1,417 @@
+<?xml version="1.0" encoding="utf-8"?>
+<xs:schema xmlns:xs="http://www.w3.org/2001/XMLSchema" xmlns:CodeObj="http://cybox.mitre.org/objects#CodeObject-2" xmlns:cyboxCommon="http://cybox.mitre.org/common-2" targetNamespace="http://cybox.mitre.org/objects#CodeObject-2" elementFormDefault="qualified" attributeFormDefault="unqualified" version="2.0">
+	<xs:annotation>
+		<xs:documentation>This schema was originally developed by The MITRE Corporation. The CybOX XML Schema implementation is maintained by The MITRE Corporation and developed by the open CybOX Community. For more information, including how to get involved in the effort and how to submit change requests, please visit the CybOX website at http://cybox.mitre.org. </xs:documentation>
+		<xs:appinfo>
+			<schema>Code_Object</schema>
+			<version>2.0</version>
+			<date>02/11/2013 9:00:00 AM</date>
+			<short_description>The following specifies the fields and types that compose this defined CybOX Object type. Each defined object is an extension of the abstract ObjectPropertiesType, defined in CybOX Common. For more information on this extension mechanism, please see the CybOX Specification. This document is intended for developers and assumes some familiarity with XML. </short_description>
+			<terms_of_use>Copyright (c) 2012-2013, The MITRE Corporation. All rights reserved. The contents of this file are subject to the terms of the CybOX License located at http://cybox.mitre.org/about/termsofuse.html. See the CybOX License for the specific language governing permissions and limitations for use of this schema. When distributing copies of the CybOX Schema, this license header must be included. </terms_of_use>
+		</xs:appinfo>
+	</xs:annotation>
+	<xs:import namespace="http://cybox.mitre.org/common-2" schemaLocation="../cybox_common.xsd"/>
+	<xs:element name="Code_Object" type="CodeObj:CodeObjectType">
+		<xs:annotation>
+			<xs:documentation>The Code object is intended to characterize a body of computer code.</xs:documentation>
+		</xs:annotation>
+	</xs:element>
+	<xs:complexType name="CodeObjectType">
+		<xs:annotation>
+			<xs:documentation>The CodeObjectType type is intended to characterize a body of computer code.</xs:documentation>
+		</xs:annotation>
+		<xs:complexContent>
+			<xs:extension base="cyboxCommon:ObjectPropertiesType">
+				<xs:sequence>
+					<xs:element name="Description" type="cyboxCommon:StructuredTextType" minOccurs="0">
+						<xs:annotation>
+							<xs:documentation>The Description field is intended for use in providing a brief description of the code that is encapsulated in this field.</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+					<xs:element name="Type" type="CodeObj:CodeTypeType" minOccurs="0">
+						<xs:annotation>
+							<xs:documentation>The type field is intended to provide a way of specifying the type of code being characterized.</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+					<xs:element name="Purpose" type="CodeObj:CodePurposeType" minOccurs="0">
+						<xs:annotation>
+							<xs:documentation>The type field is intended to provide a way of specifying the purpose or flavor of code being characterized.</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+					<xs:element name="Code_Language" type="CodeObj:CodeLanguageType" minOccurs="0">
+						<xs:annotation>
+							<xs:documentation>The code_language field refers to the code language used in the code characterized in this field.</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+					<xs:element name="Targeted_Platforms" type="CodeObj:TargetedPlatformsType" minOccurs="0">
+						<xs:annotation>
+							<xs:documentation>The Targeted_Platforms field specifies a list platforms that this code is targeted for.</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+					<xs:element name="Processor_Family" type="CodeObj:ProcessorTypeType" minOccurs="0">
+						<xs:annotation>
+							<xs:documentation>The processor_family field specifies the class of processor that the code snippet is targeting. Possible values: x86-32, x86-64, IA-64, PowerPC, ARM, Alpha, SPARC, z/Architecture, eSi-RISC, MIPS, Motorola 68k, Other.</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+					<xs:element name="Discovery_Method" type="cyboxCommon:MeasureSourceType" minOccurs="0">
+						<xs:annotation>
+							<xs:documentation>The Discovery_Method field is intended to characterize the method and/or tool used to discover the code.</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+					<xs:element name="Start_Address" type="cyboxCommon:HexBinaryObjectPropertyType" minOccurs="0">
+						<xs:annotation>
+							<xs:documentation>The start_address field can be used to reference the start address of the code, if it was discovered inside a binary.</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+					<xs:element name="Code_Segment" type="cyboxCommon:StringObjectPropertyType" minOccurs="0">
+						<xs:annotation>
+							<xs:documentation>The Code_Segment field encompasses any arbitrary code segment in un-encoded (plaintext or binary) format. Code would typically be included here within a CDATA section.</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+					<xs:element name="Code_Segment_XOR" type="CodeObj:CodeSegmentXORType" form="qualified" minOccurs="0">
+						<xs:annotation>
+							<xs:documentation>The Code_Segment_XOR field encompasses any arbitrary code segment. Its contents should contain the actual code segment XORed with the pattern defined in the xorpattern property. This is so that the code contained in the pattern does not trigger IDS, AV, or other signature-based scanners. XOR'd Code would typically be included here within a CDATA section.</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+					<xs:element name="Digital_Signatures" type="cyboxCommon:DigitalSignaturesType" minOccurs="0">
+						<xs:annotation>
+							<xs:documentation>The Digital_Signatures field is optional and captures one or more digital signatures for the code.</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+					<xs:element name="Extracted_Features" type="cyboxCommon:ExtractedFeaturesType" minOccurs="0">
+						<xs:annotation>
+							<xs:documentation>A description of features extracted from this code segment.</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+				</xs:sequence>
+			</xs:extension>
+		</xs:complexContent>
+	</xs:complexType>
+	<xs:complexType name="CodeTypeType">
+		<xs:annotation>
+			<xs:documentation>CodeTypeType specifies types of code, via a union of the CodeTypeEnum type and the atomic xs:string type. Its base type is the CybOX Core BaseObjectPropertyType, for permitting complex (i.e. regular-expression based) specifications.</xs:documentation>
+		</xs:annotation>
+		<xs:simpleContent>
+			<xs:restriction base="cyboxCommon:BaseObjectPropertyType">
+				<xs:simpleType>
+					<xs:union memberTypes="CodeObj:CodeTypeEnum xs:string"/>
+				</xs:simpleType>
+				<xs:attribute name="datatype" type="cyboxCommon:DatatypeEnum" fixed="string">
+					<xs:annotation>
+						<xs:documentation>This field is optional and specifies the expected type for the value of the specified field.</xs:documentation>
+					</xs:annotation>
+				</xs:attribute>
+			</xs:restriction>
+		</xs:simpleContent>
+	</xs:complexType>
+	<xs:complexType name="CodeSegmentXORType">
+		<xs:annotation>
+			<xs:documentation>Used to encapsulate a segment of code that has been XORed with a pattern in order to avoid tripping anti-virus detection.</xs:documentation>
+		</xs:annotation>
+		<xs:simpleContent>
+			<xs:extension base="cyboxCommon:StringObjectPropertyType">
+				<xs:attribute name="xor_pattern" type="xs:hexBinary" default="55AA55AA55AA55BB" use="optional">
+					<xs:annotation>
+						<xs:documentation>The xor_pattern field contains a 16-hexadecimal-character hex string, which represents the pattern that the Code_Segment_XOR field should be XORed with in order to recover the actual code. The default value is 55AA55AA55AA55BB, as specified by IETF RFC 5901.</xs:documentation>
+					</xs:annotation>
+				</xs:attribute>
+			</xs:extension>
+		</xs:simpleContent>
+	</xs:complexType>
+	<xs:simpleType name="CodeTypeEnum">
+		<xs:annotation>
+			<xs:documentation>CodeTypeEnum is a (non-exhaustive) enumeration of code types.</xs:documentation>
+		</xs:annotation>
+		<xs:restriction base="xs:string">
+			<xs:enumeration value="Source_Code">
+				<xs:annotation>
+					<xs:documentation>The code represented is in the form of Source Code</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Byte_Code">
+				<xs:annotation>
+					<xs:documentation>The code represented is in the form of Byte Code</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Binary_Code">
+				<xs:annotation>
+					<xs:documentation>The code represented is in the form of Binar Code</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+		</xs:restriction>
+	</xs:simpleType>
+	<xs:complexType name="CodePurposeType">
+		<xs:annotation>
+			<xs:documentation>CodePurposeType specifies intended purposes of code, via a union of the CodePurposeEnum type and the atomic xs:string type. Its base type is the CybOX Core BaseObjectPropertyType, for permitting complex (i.e. regular-expression based) specifications.</xs:documentation>
+		</xs:annotation>
+		<xs:simpleContent>
+			<xs:restriction base="cyboxCommon:BaseObjectPropertyType">
+				<xs:simpleType>
+					<xs:union memberTypes="CodeObj:CodePurposeEnum xs:string"/>
+				</xs:simpleType>
+				<xs:attribute name="datatype" type="cyboxCommon:DatatypeEnum" fixed="string">
+					<xs:annotation>
+						<xs:documentation>This field is optional and specifies the expected type for the value of the specified field.</xs:documentation>
+					</xs:annotation>
+				</xs:attribute>
+			</xs:restriction>
+		</xs:simpleContent>
+	</xs:complexType>
+	<xs:simpleType name="CodePurposeEnum">
+		<xs:annotation>
+			<xs:documentation>CodePurposeEnum is a (non-exhaustive) enumeration of classes of code intended purposes.</xs:documentation>
+		</xs:annotation>
+		<xs:restriction base="xs:string">
+			<xs:enumeration value="Application_Code">
+				<xs:annotation>
+					<xs:documentation>The code represented is intended as application code.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Library_Code">
+				<xs:annotation>
+					<xs:documentation>The code represented is intended as library code.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Shellcode">
+				<xs:annotation>
+					<xs:documentation>The code represented is intended as shell code.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Exploit_Code">
+				<xs:annotation>
+					<xs:documentation>The code represented is intended as exploit code.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Unknown">
+				<xs:annotation>
+					<xs:documentation>The code represented is intended for unknown purposes.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Other">
+				<xs:annotation>
+					<xs:documentation>The code represented is intended for a purpose other than thos listed in this enumeration.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+		</xs:restriction>
+	</xs:simpleType>
+	<xs:complexType name="CodeLanguageType">
+		<xs:annotation>
+			<xs:documentation>CodeLanguageType specifies languages of code, via a union of the CodeLanguageEnum type and the atomic xs:string type. Its base type is the CybOX Core BaseObjectPropertyType, for permitting complex (i.e. regular-expression based) specifications.</xs:documentation>
+		</xs:annotation>
+		<xs:simpleContent>
+			<xs:restriction base="cyboxCommon:BaseObjectPropertyType">
+				<xs:simpleType>
+					<xs:union memberTypes="CodeObj:CodeLanguageEnum xs:string"/>
+				</xs:simpleType>
+				<xs:attribute name="datatype" type="cyboxCommon:DatatypeEnum" fixed="string">
+					<xs:annotation>
+						<xs:documentation>This field is optional and specifies the expected type for the value of the specified field.</xs:documentation>
+					</xs:annotation>
+				</xs:attribute>
+			</xs:restriction>
+		</xs:simpleContent>
+	</xs:complexType>
+	<xs:simpleType name="CodeLanguageEnum">
+		<xs:annotation>
+			<xs:documentation>The CodeLanguageEnum simple type is an (non-exhaustive) enumeration of computer code languages.</xs:documentation>
+		</xs:annotation>
+		<xs:restriction base="xs:string">
+			<xs:enumeration value="C">
+				<xs:annotation>
+					<xs:documentation>Indicates the code is written in the C programming language</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="C++">
+				<xs:annotation>
+					<xs:documentation>Indicates the code is written in the C++ programming language</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="C#">
+				<xs:annotation>
+					<xs:documentation>Indicates the code is written in the C# programming language</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Java">
+				<xs:annotation>
+					<xs:documentation>Indicates the code is written in the Java programming language</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="JSP">
+				<xs:annotation>
+					<xs:documentation>Indicates the code is written in the JSP (Java Server Pages) language</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Javascript">
+				<xs:annotation>
+					<xs:documentation>Indicates the code is written in the Javascript programming language</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="ASP.NET">
+				<xs:annotation>
+					<xs:documentation>Indicates the code is written in the ASP.NET programming language</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="SQL">
+				<xs:annotation>
+					<xs:documentation>Indicates the code is written in SQL (Standard Query Language)</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Python">
+				<xs:annotation>
+					<xs:documentation>Indicates the code is written in the Python programming language</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Perl">
+				<xs:annotation>
+					<xs:documentation>Indicates the code is written in the Perl programming language</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="PHP">
+				<xs:annotation>
+					<xs:documentation>Indicates the code is written in the PHP programming language</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="SOAP">
+				<xs:annotation>
+					<xs:documentation>Indicates the code is written as a SOAP message</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Ruby">
+				<xs:annotation>
+					<xs:documentation>Indicates the code is written in the Ruby programming language</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Shell">
+				<xs:annotation>
+					<xs:documentation>Indicates the code is written as a Shell script</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="PseudoCode">
+				<xs:annotation>
+					<xs:documentation>Indicates the code is written as psuedo code</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value=".NET">
+				<xs:annotation>
+					<xs:documentation>Indicates the code utilizes the .NET framework</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Assembly">
+				<xs:annotation>
+					<xs:documentation>Indicates the code is written in an assembly language</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="XML">
+				<xs:annotation>
+					<xs:documentation>Indicates the code is written in XML (eXtensible Markup Language)</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="HTML">
+				<xs:annotation>
+					<xs:documentation>Indicates the code is written in HTML (HyperText Markup Language)</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Other">
+				<xs:annotation>
+					<xs:documentation>Indicates the code is written in a language not found in this enumeration</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+		</xs:restriction>
+	</xs:simpleType>
+	<xs:complexType name="ProcessorTypeType">
+		<xs:annotation>
+			<xs:documentation>ProcessorTypeType specifies relevant processor families, via a union of the ProcessorTypeEnum type and the atomic xs:string type. Its base type is the CybOX Core BaseObjectPropertyType, for permitting complex (i.e. regular-expression based) specifications.</xs:documentation>
+		</xs:annotation>
+		<xs:simpleContent>
+			<xs:restriction base="cyboxCommon:BaseObjectPropertyType">
+				<xs:simpleType>
+					<xs:union memberTypes="CodeObj:ProcessorTypeEnum xs:string"/>
+				</xs:simpleType>
+				<xs:attribute name="datatype" type="cyboxCommon:DatatypeEnum" fixed="string">
+					<xs:annotation>
+						<xs:documentation>This attribute is optional and specifies the expected type for the value of the specified property.</xs:documentation>
+					</xs:annotation>
+				</xs:attribute>
+			</xs:restriction>
+		</xs:simpleContent>
+	</xs:complexType>
+	<xs:simpleType name="ProcessorTypeEnum">
+		<xs:annotation>
+			<xs:documentation>The ProcessorTypeEnum simple type is an (non-exhaustive) enumeration of computer processor architectures.</xs:documentation>
+		</xs:annotation>
+		<xs:restriction base="xs:string">
+			<xs:enumeration value="x86-32">
+				<xs:annotation>
+					<xs:documentation>Indicates a x86 32bit processor</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="x86-64">
+				<xs:annotation>
+					<xs:documentation>Indicates a x86 64bit processor</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="IA-64">
+				<xs:annotation>
+					<xs:documentation>Indicates an IA (Intel Itanium) 64bit processor</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="PowerPC">
+				<xs:annotation>
+					<xs:documentation>Indicates a PowerPC processor</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="ARM">
+				<xs:annotation>
+					<xs:documentation>Indicates an ARM processor</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Alpha">
+				<xs:annotation>
+					<xs:documentation>Indicates an Alpha processor</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="SPARC">
+				<xs:annotation>
+					<xs:documentation>Indicates a SPARC processor</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="z/Architecture">
+				<xs:annotation>
+					<xs:documentation>Indicates a z/Architecture (IBM) processor</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="eSi-RISC">
+				<xs:annotation>
+					<xs:documentation>Indicates an eSi-RISC processor</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="MIPS">
+				<xs:annotation>
+					<xs:documentation>Indicates a MIPS processor</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Motorola 68k">
+				<xs:annotation>
+					<xs:documentation>Indicates a Motorola 68k processor</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Other">
+				<xs:annotation>
+					<xs:documentation>Indicates a processor outside of this enumeration</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+		</xs:restriction>
+	</xs:simpleType>
+	<xs:complexType name="TargetedPlatformsType">
+		<xs:annotation>
+			<xs:documentation>A list of targeted platforms</xs:documentation>
+		</xs:annotation>
+		<xs:sequence>
+			<xs:element name="Targeted_Platform" type="cyboxCommon:PlatformSpecificationType" maxOccurs="unbounded">
+				<xs:annotation>
+					<xs:documentation>The Targeted_Platform field specifies a particular platform that this code is targeted for.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+		</xs:sequence>
+	</xs:complexType>
+</xs:schema>
diff --git a/stix_validator/schema/cybox/objects/Custom_Object.xsd b/stix_validator/schema/cybox/objects/Custom_Object.xsd
new file mode 100755
index 0000000..a8838bf
--- /dev/null
+++ b/stix_validator/schema/cybox/objects/Custom_Object.xsd
@@ -0,0 +1,43 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<xs:schema xmlns:xs="http://www.w3.org/2001/XMLSchema" xmlns:CustomObj="http://cybox.mitre.org/objects#CustomObject-1" xmlns:cyboxCommon="http://cybox.mitre.org/common-2" targetNamespace="http://cybox.mitre.org/objects#CustomObject-1" elementFormDefault="qualified" version="1.0">
+    <xs:annotation>
+
+        <xs:documentation>This schema was originally developed by The MITRE Corporation. The CybOX XML Schema implementation is maintained by The MITRE Corporation and developed by the open CybOX Community. For more information, including how to get involved in the effort and how to submit change requests, please visit the CybOX website at http://cybox.mitre.org. </xs:documentation>
+        <xs:appinfo>
+            <schema>Custom_Object</schema>
+            <version>1.0</version>
+            <date>04/01/2013 9:00:00 AM</date>
+            <short_description>The following specifies the fields and types that compose this defined CybOX Object type. Each defined object is an extension of the abstract ObjectPropertiesType, defined in CybOX Common. For more information on this extension mechanism, please see the CybOX Specification. This document is intended for developers and assumes some familiarity with XML. </short_description>
+            <terms_of_use>Copyright (c) 2012-2013, The MITRE Corporation. All rights reserved. The contents of this file are subject to the terms of the CybOX License located at http://cybox.mitre.org/about/termsofuse.html. See the CybOX License for the specific language governing permissions and limitations for use of this schema. When distributing copies of the CybOX Schema, this license header must be included. </terms_of_use>
+        </xs:appinfo>
+    </xs:annotation>
+    <xs:import namespace="http://cybox.mitre.org/common-2" schemaLocation="../cybox_common.xsd"/>
+
+    <xs:element name="Custom" type="CustomObj:CustomObjectType" nillable="true">
+        <xs:annotation>
+            <xs:documentation>The Custom object is intended to characterize objects that are not described by other defined CybOX Object schemas. Objects of this type have no pre-defined properties but instead all properties are provided by the author..</xs:documentation>
+        </xs:annotation>
+    </xs:element>
+
+    <xs:complexType name="CustomObjectType" mixed="false">
+        <xs:annotation>
+            <xs:documentation>The CustomObjectType is intended to characterize objects that are not described by other defined CybOX Object schemas. Objects of this type have no pre-defined properties but instead all properties are provided by the author using the inherited Custom_Properties field.</xs:documentation>
+        </xs:annotation>
+        <xs:complexContent>
+            <xs:extension base="cyboxCommon:ObjectPropertiesType">
+                <xs:sequence>
+                    <xs:element name="Description" type="xs:string" minOccurs="0">
+                        <xs:annotation>
+                            <xs:documentation>A description of the intent of this Custom object.</xs:documentation>
+                        </xs:annotation>
+                    </xs:element>
+                </xs:sequence>
+                <xs:attribute name="custom_name" type="xs:QName">
+                    <xs:annotation>
+                        <xs:documentation>The custom_name field specifies a name for this for this type of Custom Object. The custom_name field should use the same namespace as used in the Object and Observable id fields for this author. Two Objects should only have the same custom_name value if they are written by the same author (i.e., their namespace is the same) and they are characterizing the same type of Object. Note that this does not necessarily mean that that two such Object instances will both have identical properties in every case.</xs:documentation>
+                    </xs:annotation>
+                </xs:attribute>
+            </xs:extension>
+        </xs:complexContent>
+    </xs:complexType>
+</xs:schema>
diff --git a/stix_validator/schema/cybox/objects/DNS_Cache_Object.xsd b/stix_validator/schema/cybox/objects/DNS_Cache_Object.xsd
new file mode 100755
index 0000000..b2ad4ec
--- /dev/null
+++ b/stix_validator/schema/cybox/objects/DNS_Cache_Object.xsd
@@ -0,0 +1,53 @@
+<?xml version="1.0" encoding="utf-8"?>
+<xs:schema xmlns:xs="http://www.w3.org/2001/XMLSchema" xmlns:DNSCacheObj="http://cybox.mitre.org/objects#DNSCacheObject-2" xmlns:DNSRecordObj="http://cybox.mitre.org/objects#DNSRecordObject-2" xmlns:cyboxCommon="http://cybox.mitre.org/common-2" targetNamespace="http://cybox.mitre.org/objects#DNSCacheObject-2" elementFormDefault="qualified" attributeFormDefault="unqualified" version="2.0">
+	<xs:annotation>
+		<xs:documentation>This schema was originally developed by The MITRE Corporation. The CybOX XML Schema implementation is maintained by The MITRE Corporation and developed by the open CybOX Community. For more information, including how to get involved in the effort and how to submit change requests, please visit the CybOX website at http://cybox.mitre.org. </xs:documentation>
+		<xs:appinfo>
+			<schema>DNS_Cache_Object</schema>
+			<version>2.0</version>
+			<date>02/11/2013 9:00:00 AM</date>
+			<short_description>The following specifies the fields and types that compose this defined CybOX Object type. Each defined object is an extension of the abstract ObjectPropertiesType, defined in CybOX Common. For more information on this extension mechanism, please see the CybOX Specification. This document is intended for developers and assumes some familiarity with XML. </short_description>
+			<terms_of_use>Copyright (c) 2012-2013, The MITRE Corporation. All rights reserved. The contents of this file are subject to the terms of the CybOX License located at http://cybox.mitre.org/about/termsofuse.html. See the CybOX License for the specific language governing permissions and limitations for use of this schema. When distributing copies of the CybOX Schema, this license header must be included. </terms_of_use>
+		</xs:appinfo>
+	</xs:annotation>
+	<xs:import namespace="http://cybox.mitre.org/common-2" schemaLocation="../cybox_common.xsd"/>
+	<xs:import namespace="http://cybox.mitre.org/objects#DNSRecordObject-2" schemaLocation="DNS_Record_Object.xsd"/>
+	<xs:element name="DNS_Cache" type="DNSCacheObj:DNSCacheObjectType">
+		<xs:annotation>
+			<xs:documentation>The DNS_Cache object is intended to characterize a domain name system cache.</xs:documentation>
+		</xs:annotation>
+	</xs:element>
+	<xs:complexType name="DNSCacheObjectType" mixed="false">
+		<xs:annotation>
+			<xs:documentation>The DNSCacheObjectType type is intended to characterize entries in a system's DNS cache.</xs:documentation>
+		</xs:annotation>
+		<xs:complexContent>
+			<xs:extension base="cyboxCommon:ObjectPropertiesType">
+				<xs:sequence>
+					<xs:element name="DNS_Cache_Entry" type="DNSCacheObj:DNSCacheEntryType" maxOccurs="unbounded">
+						<xs:annotation>
+							<xs:documentation>The DNS_Cache_Entry field is intended to characterize a single domain name system cache entry.</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+				</xs:sequence>
+			</xs:extension>
+		</xs:complexContent>
+	</xs:complexType>
+	<xs:complexType name="DNSCacheEntryType">
+		<xs:annotation>
+			<xs:documentation>The DNSCacheEntryType type is intended to characterize a single entry in a system's DNS cache.</xs:documentation>
+		</xs:annotation>
+		<xs:sequence>
+			<xs:element name="DNS_Entry" type="DNSRecordObj:DNSRecordObjectType">
+				<xs:annotation>
+					<xs:documentation>The DNS_Entry field specifies the relevant DNS entry (including Domain Name and IP Address) for this DNS Cache Entry.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="TTL" type="cyboxCommon:PositiveIntegerObjectPropertyType" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>The TTL field specifies the time-to-live value for the DNS cache entry, or in other words the number of seconds before the entry expires.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+		</xs:sequence>
+	</xs:complexType>
+</xs:schema>
\ No newline at end of file
diff --git a/stix_validator/schema/cybox/objects/DNS_Query_Object.xsd b/stix_validator/schema/cybox/objects/DNS_Query_Object.xsd
new file mode 100755
index 0000000..551cee1
--- /dev/null
+++ b/stix_validator/schema/cybox/objects/DNS_Query_Object.xsd
@@ -0,0 +1,159 @@
+<?xml version="1.0" encoding="utf-8"?>
+<xs:schema xmlns:xs="http://www.w3.org/2001/XMLSchema" xmlns:DNSQueryObj="http://cybox.mitre.org/objects#DNSQueryObject-2" xmlns:URIObj="http://cybox.mitre.org/objects#URIObject-2" xmlns:DNSRecordObj="http://cybox.mitre.org/objects#DNSRecordObject-2" xmlns:cyboxCommon="http://cybox.mitre.org/common-2" targetNamespace="http://cybox.mitre.org/objects#DNSQueryObject-2" elementFormDefault="qualified" attributeFormDefault="unqualified" version="2.0">
+	<xs:annotation>
+		<xs:documentation>This schema was originally developed by The MITRE Corporation. The CybOX XML Schema implementation is maintained by The MITRE Corporation and developed by the open CybOX Community. For more information, including how to get involved in the effort and how to submit change requests, please visit the CybOX website at http://cybox.mitre.org. </xs:documentation>
+		<xs:appinfo>
+			<schema>DNS_Query_Object</schema>
+			<version>2.0</version>
+			<date>02/11/2013 9:00:00 AM</date>
+			<short_description>The following specifies the fields and types that compose this defined CybOX Object type. Each defined object is an extension of the abstract ObjectPropertiesType, defined in CybOX Common. For more information on this extension mechanism, please see the CybOX Specification. This document is intended for developers and assumes some familiarity with XML. </short_description>
+			<terms_of_use>Copyright (c) 2012-2013, The MITRE Corporation. All rights reserved. The contents of this file are subject to the terms of the CybOX License located at http://cybox.mitre.org/about/termsofuse.html. See the CybOX License for the specific language governing permissions and limitations for use of this schema. When distributing copies of the CybOX Schema, this license header must be included. </terms_of_use>
+		</xs:appinfo>
+	</xs:annotation>
+	<xs:import namespace="http://cybox.mitre.org/common-2" schemaLocation="../cybox_common.xsd"/>
+	<xs:import namespace="http://cybox.mitre.org/objects#DNSRecordObject-2" schemaLocation="DNS_Record_Object.xsd"/>
+	<xs:import namespace="http://cybox.mitre.org/objects#URIObject-2" schemaLocation="URI_Object.xsd"/>
+	<xs:element name="DNS_Query" type="DNSQueryObj:DNSQueryObjectType">
+		<xs:annotation>
+			<xs:documentation>The DNS_Query object is intended to represent a single DNS query.</xs:documentation>
+		</xs:annotation>
+	</xs:element>
+	<xs:complexType name="DNSQueryObjectType">
+		<xs:annotation>
+			<xs:documentation>The DNSQueryType is intended to characterize a single DNS query and its components.</xs:documentation>
+		</xs:annotation>
+		<xs:complexContent>
+			<xs:extension base="cyboxCommon:ObjectPropertiesType">
+				<xs:sequence>
+					<xs:element name="Question" type="DNSQueryObj:DNSQuestionType" minOccurs="0">
+						<xs:annotation>
+							<xs:documentation>The Question field specifies the DNS question component of the DNS query.</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+					<xs:element name="Answer_Resource_Records" minOccurs="0" type="DNSQueryObj:DNSResourceRecordsType">
+						<xs:annotation>
+							<xs:documentation>The Answers field specifies any Answers resource records that were returned for the DNS query.</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+					<xs:element minOccurs="0" name="Authority_Resource_Records" type="DNSQueryObj:DNSResourceRecordsType">
+						<xs:annotation>
+							<xs:documentation>The Authority_Resource_Records field specifies any Authority resource records that were returned for the DNS query.</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+					<xs:element name="Additional_Records" minOccurs="0" type="DNSQueryObj:DNSResourceRecordsType">
+						<xs:annotation>
+							<xs:documentation>The Authority_Resource_Records field specifies any Additional resource records that were returned for the DNS query.</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+					<xs:element minOccurs="0" name="Date_Ran" type="cyboxCommon:DateTimeObjectPropertyType">
+						<xs:annotation>
+							<xs:documentation>The Date_Ran field specifies the date and time that the DNS query was run.</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+					<xs:element minOccurs="0" name="Service_Used" type="cyboxCommon:StringObjectPropertyType">
+						<xs:annotation>
+							<xs:documentation>The Service_Used field specifies the service used to run the DNS Query.</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+				</xs:sequence>
+				<xs:attribute name="successful" type="xs:boolean">
+					<xs:annotation>
+						<xs:documentation>The successful field specifies whether or not the DNS Query was successful.</xs:documentation>
+					</xs:annotation>
+				</xs:attribute>
+			</xs:extension>
+		</xs:complexContent>
+	</xs:complexType>
+	<xs:complexType name="DNSQuestionType">
+		<xs:annotation>
+			<xs:documentation>The DNSQuestionType specifies the components of a DNS Question, including the domain name queried, type, and class.</xs:documentation>
+		</xs:annotation>
+		<xs:sequence>
+			<xs:element name="QName" type="URIObj:URIObjectType">
+				<xs:annotation>
+					<xs:documentation>The QName field specifies the domain name being queried.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element minOccurs="0" name="QType" type="DNSQueryObj:DNSRecordType">
+				<xs:annotation>
+					<xs:documentation>The QType specifies the type of DNS query performed, in terms of the requested DNS record type.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element minOccurs="0" name="QClass" type="cyboxCommon:StringObjectPropertyType">
+				<xs:annotation>
+					<xs:documentation>The QClass field specifies the class of resource records being requested.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+		</xs:sequence>
+	</xs:complexType>
+	<xs:complexType name="DNSResourceRecordsType">
+		<xs:annotation>
+			<xs:documentation>The DNSAnswersType encompasses one or more resource records returned for a DNS query.</xs:documentation>
+		</xs:annotation>
+		<xs:sequence>
+			<xs:element name="Resource_Record" type="DNSRecordObj:DNSRecordObjectType" maxOccurs="unbounded">
+				<xs:annotation>
+					<xs:documentation>The Answer field specifies a single DNS resource record returned as part of a DNS query.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+		</xs:sequence>
+	</xs:complexType>
+	<xs:complexType name="DNSRecordType">
+		<xs:annotation>
+			<xs:documentation>DNSRecordType specifies DNS record types, via a union of the DNSRecordTypeEnum type and the atomic xs:string type. Its base type is the CybOX Core BaseObjectPropertyType, for permitting complex (i.e. regular-expression based) specifications.</xs:documentation>
+		</xs:annotation>
+		<xs:simpleContent>
+			<xs:restriction base="cyboxCommon:BaseObjectPropertyType">
+				<xs:simpleType>
+					<xs:union memberTypes="DNSQueryObj:DNSRecordTypeEnum xs:string"/>
+				</xs:simpleType>
+				<xs:attribute fixed="string" name="datatype" type="cyboxCommon:DatatypeEnum" use="optional">
+					<xs:annotation>
+						<xs:documentation>This attribute is optional and specifies the expected type for the value of the specified property.</xs:documentation>
+					</xs:annotation>
+				</xs:attribute>
+			</xs:restriction>
+		</xs:simpleContent>
+	</xs:complexType>
+	<xs:simpleType name="DNSRecordTypeEnum">
+		<xs:annotation>
+			<xs:documentation>The DNSRecordTypeEnum is a non-exhaustive enumeration of DNS Record Type names.</xs:documentation>
+		</xs:annotation>
+		<xs:restriction base="xs:string">
+			<xs:enumeration value="A"/>
+			<xs:enumeration value="AAAA"/>
+			<xs:enumeration value="AFSDB"/>
+			<xs:enumeration value="APL"/>
+			<xs:enumeration value="CERT"/>
+			<xs:enumeration value="CNAME"/>
+			<xs:enumeration value="DHCID"/>
+			<xs:enumeration value="DLV"/>
+			<xs:enumeration value="DNAME"/>
+			<xs:enumeration value="DNSKEY"/>
+			<xs:enumeration value="DS"/>
+			<xs:enumeration value="HIP"/>
+			<xs:enumeration value="IPSECKEY"/>
+			<xs:enumeration value="KEY"/>
+			<xs:enumeration value="KX"/>
+			<xs:enumeration value="LOC"/>
+			<xs:enumeration value="MX"/>
+			<xs:enumeration value="NAPTR"/>
+			<xs:enumeration value="NS"/>
+			<xs:enumeration value="NSEC"/>
+			<xs:enumeration value="NSEC3"/>
+			<xs:enumeration value="NSEC3PARAM"/>
+			<xs:enumeration value="PTR"/>
+			<xs:enumeration value="RRSIG"/>
+			<xs:enumeration value="RP"/>
+			<xs:enumeration value="SIG"/>
+			<xs:enumeration value="SOA"/>
+			<xs:enumeration value="SPF"/>
+			<xs:enumeration value="SRV"/>
+			<xs:enumeration value="SSHFP"/>
+			<xs:enumeration value="TA"/>
+			<xs:enumeration value="TKEY"/>
+			<xs:enumeration value="TSIG"/>
+			<xs:enumeration value="TXT"/>
+		</xs:restriction>
+	</xs:simpleType>
+</xs:schema>
diff --git a/stix_validator/schema/cybox/objects/DNS_Record_Object.xsd b/stix_validator/schema/cybox/objects/DNS_Record_Object.xsd
new file mode 100755
index 0000000..24829ac
--- /dev/null
+++ b/stix_validator/schema/cybox/objects/DNS_Record_Object.xsd
@@ -0,0 +1,87 @@
+<?xml version="1.0" encoding="utf-8"?>
+<xs:schema xmlns:xs="http://www.w3.org/2001/XMLSchema" xmlns:DNSRecordObj="http://cybox.mitre.org/objects#DNSRecordObject-2" xmlns:AddressObj="http://cybox.mitre.org/objects#AddressObject-2" xmlns:URIObj="http://cybox.mitre.org/objects#URIObject-2" xmlns:cyboxCommon="http://cybox.mitre.org/common-2" targetNamespace="http://cybox.mitre.org/objects#DNSRecordObject-2" elementFormDefault="qualified" attributeFormDefault="unqualified" version="2.0">
+	<xs:annotation>
+		<xs:documentation>This schema was originally developed by The MITRE Corporation. The CybOX XML Schema implementation is maintained by The MITRE Corporation and developed by the open CybOX Community. For more information, including how to get involved in the effort and how to submit change requests, please visit the CybOX website at http://cybox.mitre.org. </xs:documentation>
+		<xs:appinfo>
+			<schema>DNS_Record_Object</schema>
+			<version>2.0</version>
+			<date>02/11/2013 9:00:00 AM</date>
+			<short_description>The following specifies the fields and types that compose this defined CybOX Object type. Each defined object is an extension of the abstract ObjectPropertiesType, defined in CybOX Common. For more information on this extension mechanism, please see the CybOX Specification. This document is intended for developers and assumes some familiarity with XML. </short_description>
+			<terms_of_use>Copyright (c) 2012-2013, The MITRE Corporation. All rights reserved. The contents of this file are subject to the terms of the CybOX License located at http://cybox.mitre.org/about/termsofuse.html. See the CybOX License for the specific language governing permissions and limitations for use of this schema. When distributing copies of the CybOX Schema, this license header must be included. </terms_of_use>
+		</xs:appinfo>
+	</xs:annotation>
+	<xs:import namespace="http://cybox.mitre.org/common-2" schemaLocation="../cybox_common.xsd"/>
+	<xs:import namespace="http://cybox.mitre.org/objects#URIObject-2" schemaLocation="URI_Object.xsd"/>
+	<xs:import namespace="http://cybox.mitre.org/objects#AddressObject-2" schemaLocation="Address_Object.xsd"/>
+	<xs:element name="DNS_Record" type="DNSRecordObj:DNSRecordObjectType">
+		<xs:annotation>
+			<xs:documentation>The DNS object is intended to characterize an individual DNS record.</xs:documentation>
+		</xs:annotation>
+	</xs:element>
+	<xs:complexType name="DNSRecordObjectType" mixed="false">
+		<xs:annotation>
+			<xs:documentation>The DNSRecordObjectType type is intended to characterize an individual DNS record.</xs:documentation>
+		</xs:annotation>
+		<xs:complexContent>
+			<xs:extension base="cyboxCommon:ObjectPropertiesType">
+				<xs:sequence>
+					<xs:element name="Description" type="cyboxCommon:StructuredTextType" minOccurs="0">
+						<xs:annotation>
+							<xs:documentation>The Description field provides a mechanism to specify a structured text description of this DNS_Entry.</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+					<xs:element name="Domain_Name" type="URIObj:URIObjectType" minOccurs="0">
+						<xs:annotation>
+							<xs:documentation>The Domain_Name field specifies the name of the domain to which the DNS cache entry points.</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+					<xs:element name="IP_Address" type="AddressObj:AddressObjectType" minOccurs="0">
+						<xs:annotation>
+							<xs:documentation>The IP_Address field specifies the IP address to which the domain name in the DNS cache entry resolves to. </xs:documentation>
+						</xs:annotation>
+					</xs:element>
+					<xs:element name="Address_Class" type="cyboxCommon:StringObjectPropertyType" minOccurs="0">
+						<xs:annotation>
+							<xs:documentation>The Address_Class field specifies the address class (e.g. IN, TXT, ANY, etc.) for the DNS record </xs:documentation>
+						</xs:annotation>
+					</xs:element>
+					<xs:element name="Entry_Type" type="cyboxCommon:StringObjectPropertyType" minOccurs="0">
+						<xs:annotation>
+							<xs:documentation>The Entry_Type field specifies the resource record type (e.g. SOA or A) for the DNS record.</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+					<xs:element name="Record_Name" type="cyboxCommon:StringObjectPropertyType" minOccurs="0">
+						<xs:annotation>
+							<xs:documentation>The Record_Name field is optional and specifies the name for the DNS record.</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+					<xs:element name="Record_Type" type="cyboxCommon:StringObjectPropertyType" minOccurs="0">
+						<xs:annotation>
+							<xs:documentation>The Record_Type field is optional and specifies the type of the DNS record.</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+					<xs:element name="TTL" type="cyboxCommon:IntegerObjectPropertyType" minOccurs="0" maxOccurs="1">
+						<xs:annotation>
+							<xs:documentation>The TTL field is optional and specifies the time-to-live for the DNS record.</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+					<xs:element name="Flags" type="cyboxCommon:HexBinaryObjectPropertyType" minOccurs="0">
+						<xs:annotation>
+							<xs:documentation>The Flags field is optional and specifies the relevant flags for the DNS record.</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+					<xs:element name="Data_Length" type="cyboxCommon:IntegerObjectPropertyType" minOccurs="0">
+						<xs:annotation>
+							<xs:documentation>The Data_Length field is optional and specifies the length of raw data to be captured in the Record_Data field. </xs:documentation>
+						</xs:annotation>
+					</xs:element>
+					<xs:element name="Record_Data" type="xs:anyType" minOccurs="0">
+						<xs:annotation>
+							<xs:documentation>The Record_Data field is optional and enables capture and expression of the raw record data.</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+				</xs:sequence>
+			</xs:extension>
+		</xs:complexContent>
+	</xs:complexType>
+</xs:schema>
\ No newline at end of file
diff --git a/stix_validator/schema/cybox/objects/Device_Object.xsd b/stix_validator/schema/cybox/objects/Device_Object.xsd
new file mode 100755
index 0000000..bddb4b3
--- /dev/null
+++ b/stix_validator/schema/cybox/objects/Device_Object.xsd
@@ -0,0 +1,55 @@
+<?xml version="1.0" encoding="utf-8"?>
+<xs:schema xmlns:xs="http://www.w3.org/2001/XMLSchema" xmlns:DeviceObj="http://cybox.mitre.org/objects#DeviceObject-2" xmlns:cyboxCommon="http://cybox.mitre.org/common-2" targetNamespace="http://cybox.mitre.org/objects#DeviceObject-2" elementFormDefault="qualified" attributeFormDefault="unqualified" version="2.0">
+	<xs:annotation>
+		<xs:documentation>This schema was originally developed by The MITRE Corporation. The CybOX XML Schema implementation is maintained by The MITRE Corporation and developed by the open CybOX Community. For more information, including how to get involved in the effort and how to submit change requests, please visit the CybOX website at http://cybox.mitre.org. </xs:documentation>
+		<xs:appinfo>
+			<schema>Device_Object</schema>
+			<version>2.0</version>
+			<date>02/11/2013 9:00:00 AM</date>
+			<short_description>The following specifies the fields and types that compose this defined CybOX Object type. Each defined object is an extension of the abstract ObjectPropertiesType, defined in CybOX Common. For more information on this extension mechanism, please see the CybOX Specification. This document is intended for developers and assumes some familiarity with XML. </short_description>
+			<terms_of_use>Copyright (c) 2012-2013, The MITRE Corporation. All rights reserved. The contents of this file are subject to the terms of the CybOX License located at http://cybox.mitre.org/about/termsofuse.html. See the CybOX License for the specific language governing permissions and limitations for use of this schema. When distributing copies of the CybOX Schema, this license header must be included. </terms_of_use>
+		</xs:appinfo>
+	</xs:annotation>
+	<xs:import namespace="http://cybox.mitre.org/common-2" schemaLocation="../cybox_common.xsd"/>
+	<xs:element name="Device" type="DeviceObj:DeviceObjectType">
+		<xs:annotation>
+			<xs:documentation>The Device_Object object is intended to characterize a specific Device.</xs:documentation>
+		</xs:annotation>
+	</xs:element>
+	<xs:complexType name="DeviceObjectType">
+		<xs:annotation>
+			<xs:documentation>The DeviceObjectType type is intended to characterize a specific Device.</xs:documentation>
+		</xs:annotation>
+		<xs:complexContent>
+			<xs:extension base="cyboxCommon:ObjectPropertiesType">
+				<xs:sequence>
+					<xs:element name="Description" type="cyboxCommon:StructuredTextType" minOccurs="0">
+						<xs:annotation>
+							<xs:documentation>The Description field is intended for use in providing a brief description of the Device.</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+					<xs:element name="Device_Type" type="cyboxCommon:StringObjectPropertyType" minOccurs="0">
+						<xs:annotation>
+							<xs:documentation>The Device_Type field specifies the type of the device.</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+					<xs:element name="Manufacturer" type="cyboxCommon:StringObjectPropertyType" minOccurs="0">
+						<xs:annotation>
+							<xs:documentation>The Manufacturer field specifies the manufacturer of the device.</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+					<xs:element name="Model" type="cyboxCommon:StringObjectPropertyType" minOccurs="0">
+						<xs:annotation>
+							<xs:documentation>The Model field specifies the model identifier of the device.</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+					<xs:element name="Serial_Number" type="cyboxCommon:StringObjectPropertyType" minOccurs="0">
+						<xs:annotation>
+							<xs:documentation>The Serial_Number field specifies the serial number of the Device.</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+				</xs:sequence>
+			</xs:extension>
+		</xs:complexContent>
+	</xs:complexType>
+</xs:schema>
\ No newline at end of file
diff --git a/stix_validator/schema/cybox/objects/Disk_Object.xsd b/stix_validator/schema/cybox/objects/Disk_Object.xsd
new file mode 100755
index 0000000..d119930
--- /dev/null
+++ b/stix_validator/schema/cybox/objects/Disk_Object.xsd
@@ -0,0 +1,117 @@
+<?xml version="1.0" encoding="utf-8"?>
+<xs:schema xmlns:xs="http://www.w3.org/2001/XMLSchema" xmlns:DiskObj="http://cybox.mitre.org/objects#DiskObject-2" xmlns:cyboxCommon="http://cybox.mitre.org/common-2" xmlns:DiskPartitionObj="http://cybox.mitre.org/objects#DiskPartitionObject-2" targetNamespace="http://cybox.mitre.org/objects#DiskObject-2" elementFormDefault="qualified" attributeFormDefault="unqualified" version="2.0">
+	<xs:annotation>
+		<xs:documentation>This schema was originally developed by The MITRE Corporation. The CybOX XML Schema implementation is maintained by The MITRE Corporation and developed by the open CybOX Community. For more information, including how to get involved in the effort and how to submit change requests, please visit the CybOX website at http://cybox.mitre.org. </xs:documentation>
+		<xs:appinfo>
+			<schema>Disk_Object</schema>
+			<version>2.0</version>
+			<date>02/11/2013 9:00:00 AM</date>
+			<short_description>The following specifies the fields and types that compose this defined CybOX Object type. Each defined object is an extension of the abstract ObjectPropertiesType, defined in CybOX Common. For more information on this extension mechanism, please see the CybOX Specification. This document is intended for developers and assumes some familiarity with XML. </short_description>
+			<terms_of_use>Copyright (c) 2012-2013, The MITRE Corporation. All rights reserved. The contents of this file are subject to the terms of the CybOX License located at http://cybox.mitre.org/about/termsofuse.html. See the CybOX License for the specific language governing permissions and limitations for use of this schema. When distributing copies of the CybOX Schema, this license header must be included. </terms_of_use>
+		</xs:appinfo>
+	</xs:annotation>
+	<xs:import namespace="http://cybox.mitre.org/common-2" schemaLocation="../cybox_common.xsd"/>
+	<xs:import namespace="http://cybox.mitre.org/objects#DiskPartitionObject-2" schemaLocation="Disk_Partition_Object.xsd"/>
+	<xs:element name="Disk" type="DiskObj:DiskObjectType" nillable="true">
+		<xs:annotation>
+			<xs:documentation>The Disk object is intended to characterize a disk drive.</xs:documentation>
+		</xs:annotation>
+	</xs:element>
+	<xs:complexType name="DiskObjectType" mixed="false">
+		<xs:annotation>
+			<xs:documentation>The DiskObjectType type is intended to characterize disk drives.</xs:documentation>
+		</xs:annotation>
+		<xs:complexContent>
+			<xs:extension base="cyboxCommon:ObjectPropertiesType">
+				<xs:sequence>
+					<xs:element name="Disk_Name" type="cyboxCommon:StringObjectPropertyType" minOccurs="0" maxOccurs="1">
+						<xs:annotation>
+							<xs:documentation>The Disk_Name field specifies the name of the disk.</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+					<xs:element name="Disk_Size" type="cyboxCommon:UnsignedLongObjectPropertyType" nillable="true" minOccurs="0" maxOccurs="1">
+						<xs:annotation>
+							<xs:documentation>The Disk_Size field specifies the size of the disk, in bytes.</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+					<xs:element name="Free_Space" type="cyboxCommon:UnsignedLongObjectPropertyType" minOccurs="0">
+						<xs:annotation>
+							<xs:documentation>The Free_Space field specifies the amount of free space on the disk, in bytes.</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+					<xs:element name="Partition_List" type="DiskObj:PartitionListType" minOccurs="0" maxOccurs="1">
+						<xs:annotation>
+							<xs:documentation>The Partition_List field specifies the partitions that reside on the disk.</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+					<xs:element name="Type" type="DiskObj:DiskType" minOccurs="0">
+						<xs:annotation>
+							<xs:documentation>The Type field specifies the type of disk being characterized, e.g. removable.</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+				</xs:sequence>
+			</xs:extension>
+		</xs:complexContent>
+	</xs:complexType>
+	<xs:complexType name="PartitionListType">
+		<xs:annotation>
+			<xs:documentation>The PartionListType type specifies a list of partitions.</xs:documentation>
+		</xs:annotation>
+		<xs:sequence>
+			<xs:element name="Partition" type="DiskPartitionObj:DiskPartitionObjectType" nillable="true" minOccurs="1" maxOccurs="unbounded">
+				<xs:annotation>
+					<xs:documentation>The Partition field specifies a single partition that resides on the disk.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+		</xs:sequence>
+	</xs:complexType>
+	<xs:complexType name="DiskType">
+		<xs:annotation>
+			<xs:documentation>DiskType specifies disk types, via a union of the DiskTypeEnum type and the atomic xs:string type. Its base type is the CybOX Core BaseObjectPropertyType, for permitting complex (i.e. regular-expression based) specifications.</xs:documentation>
+		</xs:annotation>
+		<xs:simpleContent>
+			<xs:restriction base="cyboxCommon:BaseObjectPropertyType">
+				<xs:simpleType>
+					<xs:union memberTypes="DiskObj:DiskTypeEnum xs:string"/>
+				</xs:simpleType>
+				<xs:attribute name="datatype" type="cyboxCommon:DatatypeEnum" fixed="string">
+					<xs:annotation>
+						<xs:documentation>This attribute is optional and specifies the expected type for the value of the specified property.</xs:documentation>
+					</xs:annotation>
+				</xs:attribute>
+			</xs:restriction>
+		</xs:simpleContent>
+	</xs:complexType>
+	<xs:simpleType name="DiskTypeEnum">
+		<xs:annotation>
+			<xs:documentation>The DiskTypeEnum type contains a non-exhaustive enumeration of disk types.</xs:documentation>
+		</xs:annotation>
+		<xs:restriction base="xs:string">
+			<xs:enumeration value="Removable">
+				<xs:annotation>
+					<xs:documentation>Indicates the removable disk type.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Fixed">
+				<xs:annotation>
+					<xs:documentation>Indicates the fixed disk type.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Remote">
+				<xs:annotation>
+					<xs:documentation>Indicates the remote disk type.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="CDRom">
+				<xs:annotation>
+					<xs:documentation>Indicates the CDRom disk type.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="RAMDisk">
+				<xs:annotation>
+					<xs:documentation>Indicates the RAMDisk disk type.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+		</xs:restriction>
+	</xs:simpleType>
+</xs:schema>
\ No newline at end of file
diff --git a/stix_validator/schema/cybox/objects/Disk_Partition_Object.xsd b/stix_validator/schema/cybox/objects/Disk_Partition_Object.xsd
new file mode 100755
index 0000000..0022cad
--- /dev/null
+++ b/stix_validator/schema/cybox/objects/Disk_Partition_Object.xsd
@@ -0,0 +1,199 @@
+<?xml version="1.0" encoding="utf-8"?>
+<xs:schema xmlns:xs="http://www.w3.org/2001/XMLSchema" xmlns:DiskPartitionObj="http://cybox.mitre.org/objects#DiskPartitionObject-2" xmlns:cyboxCommon="http://cybox.mitre.org/common-2" targetNamespace="http://cybox.mitre.org/objects#DiskPartitionObject-2" elementFormDefault="qualified" attributeFormDefault="unqualified" version="2.0">
+	<xs:annotation>
+		<xs:documentation>This schema was originally developed by The MITRE Corporation. The CybOX XML Schema implementation is maintained by The MITRE Corporation and developed by the open CybOX Community. For more information, including how to get involved in the effort and how to submit change requests, please visit the CybOX website at http://cybox.mitre.org. </xs:documentation>
+		<xs:appinfo>
+			<schema>Disk_Partition_Object</schema>
+			<version>2.0</version>
+			<date>02/11/2013 9:00:00 AM</date>
+			<short_description>The following specifies the fields and types that compose this defined CybOX Object type. Each defined object is an extension of the abstract ObjectPropertiesType, defined in CybOX Common. For more information on this extension mechanism, please see the CybOX Specification. This document is intended for developers and assumes some familiarity with XML. </short_description>
+			<terms_of_use>Copyright (c) 2012-2013, The MITRE Corporation. All rights reserved. The contents of this file are subject to the terms of the CybOX License located at http://cybox.mitre.org/about/termsofuse.html. See the CybOX License for the specific language governing permissions and limitations for use of this schema. When distributing copies of the CybOX Schema, this license header must be included. </terms_of_use>
+		</xs:appinfo>
+	</xs:annotation>
+	<xs:import namespace="http://cybox.mitre.org/common-2" schemaLocation="../cybox_common.xsd"/>
+	<xs:element name="Disk_Partition" type="DiskPartitionObj:DiskPartitionObjectType" nillable="true">
+		<xs:annotation>
+			<xs:documentation>The Disk_Partition object is intended to characterize a single partition of a disk drive.</xs:documentation>
+		</xs:annotation>
+	</xs:element>
+	<xs:complexType name="DiskPartitionObjectType" mixed="false">
+		<xs:annotation>
+			<xs:documentation>The DiskPartitionType type is intended to characterize partitions of disk drives.</xs:documentation>
+		</xs:annotation>
+		<xs:complexContent>
+			<xs:extension base="cyboxCommon:ObjectPropertiesType">
+				<xs:sequence>
+					<xs:element name="Created" type="cyboxCommon:DateTimeObjectPropertyType" minOccurs="0">
+						<xs:annotation>
+							<xs:documentation>The Created field specifies the date/time the partition was created.</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+					<xs:element name="Device_Name" type="cyboxCommon:NameObjectPropertyType" minOccurs="0">
+						<xs:annotation>
+							<xs:documentation>The Device_Name field specifies the name of the device on which the partition resides.</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+					<xs:element name="Mount_Point" type="cyboxCommon:StringObjectPropertyType" minOccurs="0">
+						<xs:annotation>
+							<xs:documentation>The Mount_Point field specifies the mount point of the partition.</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+					<xs:element name="Partition_ID" type="cyboxCommon:IntegerObjectPropertyType">
+						<xs:annotation>
+							<xs:documentation>The Partition_ID field specifies the numerical identifier of the partition.</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+					<xs:element name="Partition_Length" type="cyboxCommon:UnsignedLongObjectPropertyType" nillable="true" minOccurs="0">
+						<xs:annotation>
+							<xs:documentation>The Partition_Length field specifies the length of the partition, in bytes.</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+					<xs:element name="Partition_Offset" type="cyboxCommon:UnsignedLongObjectPropertyType" nillable="true" minOccurs="0">
+						<xs:annotation>
+							<xs:documentation>The Partition_Offset field specifies the starting offset of the partition, in bytes.</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+					<xs:element name="Space_Left" type="cyboxCommon:UnsignedLongObjectPropertyType" minOccurs="0">
+						<xs:annotation>
+							<xs:documentation>The Space_Left field specifies the amount of space left on the partition, in bytes.</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+					<xs:element name="Space_Used" type="cyboxCommon:UnsignedLongObjectPropertyType" minOccurs="0">
+						<xs:annotation>
+							<xs:documentation>The Space_Used field specifies the amount of space used on the partition, in bytes.</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+					<xs:element name="Total_Space" type="cyboxCommon:UnsignedLongObjectPropertyType" minOccurs="0">
+						<xs:annotation>
+							<xs:documentation>The Total_Space field specifies the total amount of space available on the partition, in bytes.</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+					<xs:element name="Type" type="DiskPartitionObj:PartitionType" minOccurs="0">
+						<xs:annotation>
+							<xs:documentation>The Type field specifies the type of partition being characterized. </xs:documentation>
+						</xs:annotation>
+					</xs:element>
+				</xs:sequence>
+			</xs:extension>
+		</xs:complexContent>
+	</xs:complexType>
+	<xs:complexType name="PartitionType">
+		<xs:annotation>
+			<xs:documentation>PartitionType specifies partition types, via a union of the PartitionTypeEnum type and the atomic xs:string type. Its base type is the CybOX Core BaseObjectPropertyType, for permitting complex (i.e. regular-expression based) specifications.</xs:documentation>
+		</xs:annotation>
+		<xs:simpleContent>
+			<xs:restriction base="cyboxCommon:BaseObjectPropertyType">
+				<xs:simpleType>
+					<xs:union memberTypes="DiskPartitionObj:PartitionTypeEnum xs:string"/>
+				</xs:simpleType>
+				<xs:attribute name="datatype" type="cyboxCommon:DatatypeEnum" fixed="string">
+					<xs:annotation>
+						<xs:documentation>This attribute is optional and specifies the expected type for the value of the specified property.</xs:documentation>
+					</xs:annotation>
+				</xs:attribute>
+			</xs:restriction>
+		</xs:simpleContent>
+	</xs:complexType>
+	<xs:simpleType name="PartitionTypeEnum">
+		<xs:annotation>
+			<xs:documentation>The PartitionTypeEnum type is a non-exhaustive enumeration of partition types. See http://www.win.tue.nl/~aeb/partitions/partition_types-1.html for more information about the various partition types.</xs:documentation>
+		</xs:annotation>
+		<xs:restriction base="xs:string">
+			<xs:enumeration value="PARTITION_ENTRY_UNUSED">
+				<xs:annotation>
+					<xs:documentation>Indicates an unused partition entry.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="PARTITION_FAT_12">
+				<xs:annotation>
+					<xs:documentation>Indicates a FAT 12 partition.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="PARTITION_XENIX_1">
+				<xs:annotation>
+					<xs:documentation>Indicates a XENIX type 1 partition.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="PARTITION_XENIX_2">
+				<xs:annotation>
+					<xs:documentation>Indicates a XENIX type 2 partition.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="PARTITION_FAT_16">
+				<xs:annotation>
+					<xs:documentation>Indicates a XENIX FAT 16 partition.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="PARTITION_EXTENDED">
+				<xs:annotation>
+					<xs:documentation>Indicates a XENIX extended partition.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="PARTITION_HUGE">
+				<xs:annotation>
+					<xs:documentation>Specifies an MS-DOS V4 huge partition. This value indicates that there is no Microsoft file system on the partition. Use this value when creating a logical volume.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="PARTITION_IFS">
+				<xs:annotation>
+					<xs:documentation>Indicates an IFS partition.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="PARTITION_OS2BOOTMGR">
+				<xs:annotation>
+					<xs:documentation>Indicates an OS/2 boot manager partition.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="PARTITION_FAT32">
+				<xs:annotation>
+					<xs:documentation>Indicates a FAT32 partition.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="PARTITION_FAT32_XINT13">
+				<xs:annotation>
+					<xs:documentation>Indicates a FAT32 Extended-INT13 equivalent partition to the FAT32 partition.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="PARTITION_XINT13">
+				<xs:annotation>
+					<xs:documentation>Indicates an XINT13 partition.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="PARTITION_XINT13_EXTENDED">
+				<xs:annotation>
+					<xs:documentation>Indicates an extended XINT13 partition.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="PARTITION_PREP">
+				<xs:annotation>
+					<xs:documentation>Indicates a PReP (Power PC Reference Platform) partition.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="PARTITION_LDM">
+				<xs:annotation>
+					<xs:documentation>Indicates an LDM partition.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="PARTITION_UNIX">
+				<xs:annotation>
+					<xs:documentation>Indicates a UNIX partition.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="VALID_NTFT">
+				<xs:annotation>
+					<xs:documentation>Specifies a valid NTFT partition. The high bit of a partition type code indicates that a partition is part of an NTFT mirror or striped array.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="PARTITION_NTFT">
+				<xs:annotation>
+					<xs:documentation>Specifies an NTFT partition.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="UNKNOWN">
+				<xs:annotation>
+					<xs:documentation>Refers to an unknown partition or a partition other than those listed.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+		</xs:restriction>
+	</xs:simpleType>
+</xs:schema>
\ No newline at end of file
diff --git a/stix_validator/schema/cybox/objects/Email_Message_Object.xsd b/stix_validator/schema/cybox/objects/Email_Message_Object.xsd
new file mode 100755
index 0000000..a6dd7b8
--- /dev/null
+++ b/stix_validator/schema/cybox/objects/Email_Message_Object.xsd
@@ -0,0 +1,273 @@
+<?xml version="1.0" encoding="utf-8"?>
+<xs:schema xmlns:xs="http://www.w3.org/2001/XMLSchema" xmlns:EmailMessageObj="http://cybox.mitre.org/objects#EmailMessageObject-2" xmlns:cyboxCommon="http://cybox.mitre.org/common-2" xmlns:AddressObj="http://cybox.mitre.org/objects#AddressObject-2" targetNamespace="http://cybox.mitre.org/objects#EmailMessageObject-2" elementFormDefault="qualified" attributeFormDefault="unqualified" version="2.0">
+	<xs:annotation>
+		<xs:documentation>This schema was originally developed by The MITRE Corporation. The CybOX XML Schema implementation is maintained by The MITRE Corporation and developed by the open CybOX Community. For more information, including how to get involved in the effort and how to submit change requests, please visit the CybOX website at http://cybox.mitre.org. </xs:documentation>
+		<xs:appinfo>
+			<schema>Email_Message_Object</schema>
+			<version>2.0</version>
+			<date>02/11/2013 9:00:00 AM</date>
+			<short_description>The following specifies the fields and types that compose this defined CybOX Object type. Each defined object is an extension of the abstract ObjectPropertiesType, defined in CybOX Common. For more information on this extension mechanism, please see the CybOX Specification. This document is intended for developers and assumes some familiarity with XML. </short_description>
+			<terms_of_use>Copyright (c) 2012-2013, The MITRE Corporation. All rights reserved. The contents of this file are subject to the terms of the CybOX License located at http://cybox.mitre.org/about/termsofuse.html. See the CybOX License for the specific language governing permissions and limitations for use of this schema. When distributing copies of the CybOX Schema, this license header must be included. </terms_of_use>
+		</xs:appinfo>
+	</xs:annotation>
+	<xs:import namespace="http://cybox.mitre.org/common-2" schemaLocation="../cybox_common.xsd"/>
+	<xs:import namespace="http://cybox.mitre.org/objects#AddressObject-2" schemaLocation="Address_Object.xsd"/>
+	<xs:element name="Email_Message" type="EmailMessageObj:EmailMessageObjectType">
+		<xs:annotation>
+			<xs:documentation>The Email_Message object is intended to characterize an individual email message.</xs:documentation>
+		</xs:annotation>
+	</xs:element>
+	<xs:complexType name="EmailMessageObjectType" mixed="false">
+		<xs:annotation>
+			<xs:documentation>The EmailMessageObjectType type is intended to characterize an individual email message.</xs:documentation>
+		</xs:annotation>
+		<xs:complexContent>
+			<xs:extension base="cyboxCommon:ObjectPropertiesType">
+				<xs:sequence>
+					<xs:element name="Header" type="EmailMessageObj:EmailHeaderType" minOccurs="0" maxOccurs="1">
+						<xs:annotation>
+							<xs:documentation>The Header field specifies a variety of common headers that may be included in the email message.</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+					<xs:element name="Email_Server" type="cyboxCommon:StringObjectPropertyType" minOccurs="0">
+						<xs:annotation>
+							<xs:documentation>The Email_Server field is optional and specifies the relevant email server.</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+					<xs:element name="Raw_Body" type="cyboxCommon:StringObjectPropertyType" minOccurs="0">
+						<xs:annotation>
+							<xs:documentation>The Raw_Body field specifies the complete (raw) body of the email message.</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+					<xs:element name="Raw_Header" type="cyboxCommon:StringObjectPropertyType" minOccurs="0">
+						<xs:annotation>
+							<xs:documentation>The Raw_Header field specifies the complete (raw) headers of the email message.</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+					<xs:element name="Attachments" type="EmailMessageObj:AttachmentsType" minOccurs="0">
+						<xs:annotation>
+							<xs:documentation>The Attachments field specifies any files that were attached to the email message. It imports and uses the CybOX FileObjectType from the File_Object to do so.</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+					<xs:element name="Links" minOccurs="0" type="EmailMessageObj:LinksType">
+						<xs:annotation>
+							<xs:documentation>The Links field specifies any URL links contained within the email message. It imports and uses the CybOX URIObjectType from the URI_Object to do so.</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+				</xs:sequence>
+			</xs:extension>
+		</xs:complexContent>
+	</xs:complexType>
+	<xs:complexType name="AttachmentsType">
+		<xs:annotation>
+			<xs:documentation>The AttachmenstType captures a list of attachments for an email message.</xs:documentation>
+		</xs:annotation>
+		<xs:sequence>
+			<xs:element name="File" type="EmailMessageObj:AttachmentReferenceType" maxOccurs="unbounded">
+				<xs:annotation>
+					<xs:documentation>The File field specifies a file that was attached to the email message, via a reference to an Object included elsewhere in the document.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+		</xs:sequence>
+	</xs:complexType>
+	<xs:complexType name="EmailHeaderType">
+		<xs:annotation>
+			<xs:documentation>The EmailHeaderType captures a representation of a standard email header.</xs:documentation>
+		</xs:annotation>
+		<xs:sequence>
+			<xs:element minOccurs="0" name="Received_Lines" type="EmailMessageObj:EmailReceivedLineListType">
+				<xs:annotation>
+					<xs:documentation>The Received_Lines field specifies one or more 'Received' lines that may be included in the email header.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="To" type="EmailMessageObj:EmailRecipientsType" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>The To field specifies the email addresses of the recipients of the email message.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="CC" type="EmailMessageObj:EmailRecipientsType" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>The CC field specifies the email addresses of any recipients that were included in the carbon copy header of the email message.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="BCC" type="EmailMessageObj:EmailRecipientsType" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>The BCC field specifies the email addresses of any recipients that were included in the blind carbon copy header of the email message.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="From" type="AddressObj:AddressObjectType" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>The From field specifies the email address of the sender of the email message.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="Subject" type="cyboxCommon:StringObjectPropertyType" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>The Subject field specifies the subject (a brief summary of the message topic) of the email message.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="In_Reply_To" type="cyboxCommon:StringObjectPropertyType" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>The In_Reply_To field specifies the message ID of the message that this email is a reply to.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="Date" type="cyboxCommon:DateTimeObjectPropertyType" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>The Date field specifies the date/time that the email message was sent.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="Message_ID" type="cyboxCommon:StringObjectPropertyType" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>The Message_ID field specifies the automatically generated ID of the email message.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="Sender" type="AddressObj:AddressObjectType" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>The Sender field specifies the email address of the sender who is acting on behalf of the author listed in the From: field.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="Reply_To" type="AddressObj:AddressObjectType" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>The Reply_To field specifies the email address that should be used when replying to the email message.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="Errors_To" type="cyboxCommon:StringObjectPropertyType" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>The Errors_To field specifies the entry in the (deprecated) errors_to header of the email message.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="Boundary" type="cyboxCommon:StringObjectPropertyType" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>The Boundary field specifies a boundary tag that may be included in a MIME multipart message. This boundary tag is used to indicate the parts of a multipart message.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="Content_Type" type="cyboxCommon:StringObjectPropertyType" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>The Content-Type field specifies the internet media, or MIME, type of the email message content. </xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="MIME_Version" type="cyboxCommon:StringObjectPropertyType" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>The MIME-Version field specifies the version of the MIME formatting used in the email message.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="Precedence" type="cyboxCommon:StringObjectPropertyType" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>The Precedence field specifies the (non-standard) priority value of the message, which can influence transmission speed and delivery. Use of this field is typically discouraged, as per IETF RFC2076 (http://www.faqs.org/rfcs/rfc2076.html). </xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element minOccurs="0" name="User_Agent" type="cyboxCommon:StringObjectPropertyType">
+				<xs:annotation>
+					<xs:documentation>The User-Agent field specifies the identity of the email user agent software that may have been used to send the email message.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="X_Mailer" type="cyboxCommon:StringObjectPropertyType" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>The X-Mailer field specifies the software used to send the email message. This field is non-standard.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="X_Originating_IP" type="AddressObj:AddressObjectType" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>The X-Originating-IP field specifies the originating IP Address of the email sender, in terms of their connection to the mail server used to send the email message. This field is non-standard.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="X_Priority" type="cyboxCommon:PositiveIntegerObjectPropertyType" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>The X-Priority field specifies the numerical priority of the email message. This is a non-standard field, but typically a value of '1' is considered the highest priority, '3' is normal, and '5' is the lowest priority.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+		</xs:sequence>
+	</xs:complexType>
+	<xs:complexType name="EmailRecipientsType">
+		<xs:annotation>
+			<xs:documentation>The EmailRecipientsType captures a list of recipients for an email message.</xs:documentation>
+		</xs:annotation>
+		<xs:sequence>
+			<xs:element name="Recipient" type="AddressObj:AddressObjectType" maxOccurs="unbounded">
+				<xs:annotation>
+					<xs:documentation>The Recipient field represents a single recipient for an email message.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+		</xs:sequence>
+	</xs:complexType>
+	<xs:complexType name="LinksType">
+		<xs:annotation>
+			<xs:documentation>The LinksType captures a list of URIs, representing the links contained in the message.</xs:documentation>
+		</xs:annotation>
+		<xs:sequence>
+			<xs:element name="Link" type="EmailMessageObj:LinkReferenceType" maxOccurs="unbounded">
+				<xs:annotation>
+					<xs:documentation>The Link field specifies a single URL link contained within the email message, via a reference to an Object included elsewhere in the document.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+		</xs:sequence>
+	</xs:complexType>
+	<xs:complexType name="EmailReceivedLineType">
+		<xs:annotation>
+			<xs:documentation>The EmailReceivedLineType captures a single 'Received' line in an email message header.</xs:documentation>
+		</xs:annotation>
+		<xs:sequence>
+			<xs:element minOccurs="0" name="From" type="cyboxCommon:StringObjectPropertyType">
+				<xs:annotation>
+					<xs:documentation>The From field captures the 'from' portion of the Received line, if applicable.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element minOccurs="0" name="By" type="cyboxCommon:StringObjectPropertyType">
+				<xs:annotation>
+					<xs:documentation>The By field captures the 'by' portion of the Received line, if applicable.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element minOccurs="0" name="With" type="cyboxCommon:StringObjectPropertyType">
+				<xs:annotation>
+					<xs:documentation>The With field captures the 'with' portion of the Received line, if applicable.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element minOccurs="0" name="For" type="cyboxCommon:StringObjectPropertyType">
+				<xs:annotation>
+					<xs:documentation>The For field captures the 'for' portion of the Received line, if applicable.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element minOccurs="0" name="ID" type="cyboxCommon:StringObjectPropertyType">
+				<xs:annotation>
+					<xs:documentation>The ID field captures the 'id' portion of the Received line, if applicable.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element minOccurs="0" name="Timestamp" type="cyboxCommon:DateTimeObjectPropertyType">
+				<xs:annotation>
+					<xs:documentation>The Timestamp field captures the timestamp portion of the Received line, if applicable.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+		</xs:sequence>
+	</xs:complexType>
+	<xs:complexType name="EmailReceivedLineListType">
+		<xs:annotation>
+			<xs:documentation>The EmailReceivedLineListType captures a list of 'Received' lines in an email message header.</xs:documentation>
+		</xs:annotation>
+		<xs:sequence>
+			<xs:element maxOccurs="unbounded" name="Received" type="EmailMessageObj:EmailReceivedLineType">
+				<xs:annotation>
+					<xs:documentation>The Received field captures a single Received line in the list.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+		</xs:sequence>
+	</xs:complexType>
+	<xs:complexType name="AttachmentReferenceType">
+		<xs:annotation>
+			<xs:documentation>The AttachmentReferenceType specifies a reference to an Object defined elsewhere in the document which characterizes an attachment included in the email message.</xs:documentation>
+		</xs:annotation>
+		<xs:attribute name="object_reference" type="xs:QName">
+			<xs:annotation>
+				<xs:documentation>The object_reference field specifies a reference to an file-oriented (i.e., the File Object or one its derivations such as the Windows File Object) Object defined elsewhere in the document, via its id. </xs:documentation>
+			</xs:annotation>
+		</xs:attribute>
+	</xs:complexType>
+	<xs:complexType name="LinkReferenceType">
+		<xs:annotation>
+			<xs:documentation>The LinkReferenceType specifies a reference to a URI Object defined elsewhere in the document which characterizes a hyperlink embedded in the body of the email message.</xs:documentation>
+		</xs:annotation>
+		<xs:attribute name="object_reference" type="xs:QName">
+			<xs:annotation>
+				<xs:documentation>The object_reference field specifies a reference to a URI Object defined elsewhere in the document, via its id.</xs:documentation>
+			</xs:annotation>
+		</xs:attribute>
+	</xs:complexType>
+</xs:schema>
\ No newline at end of file
diff --git a/stix_validator/schema/cybox/objects/File_Object.xsd b/stix_validator/schema/cybox/objects/File_Object.xsd
new file mode 100755
index 0000000..1389513
--- /dev/null
+++ b/stix_validator/schema/cybox/objects/File_Object.xsd
@@ -0,0 +1,359 @@
+<?xml version="1.0" encoding="utf-8"?>
+<xs:schema xmlns:xs="http://www.w3.org/2001/XMLSchema" xmlns:FileObj="http://cybox.mitre.org/objects#FileObject-2" xmlns:cyboxCommon="http://cybox.mitre.org/common-2" targetNamespace="http://cybox.mitre.org/objects#FileObject-2" elementFormDefault="qualified" attributeFormDefault="unqualified" version="2.0">
+	<xs:annotation>
+		<xs:documentation>This schema was originally developed by The MITRE Corporation. The CybOX XML Schema implementation is maintained by The MITRE Corporation and developed by the open CybOX Community. For more information, including how to get involved in the effort and how to submit change requests, please visit the CybOX website at http://cybox.mitre.org. </xs:documentation>
+		<xs:appinfo>
+			<schema>File_Object</schema>
+			<version>2.0</version>
+			<date>02/11/2013 9:00:00 AM</date>
+			<short_description>The following specifies the fields and types that compose this defined CybOX Object type. Each defined object is an extension of the abstract ObjectPropertiesType, defined in CybOX Common. For more information on this extension mechanism, please see the CybOX Specification. This document is intended for developers and assumes some familiarity with XML. </short_description>
+			<terms_of_use>Copyright (c) 2012-2013, The MITRE Corporation. All rights reserved. The contents of this file are subject to the terms of the CybOX License located at http://cybox.mitre.org/about/termsofuse.html. See the CybOX License for the specific language governing permissions and limitations for use of this schema. When distributing copies of the CybOX Schema, this license header must be included. </terms_of_use>
+		</xs:appinfo>
+	</xs:annotation>
+	<xs:import namespace="http://cybox.mitre.org/common-2" schemaLocation="../cybox_common.xsd"/>
+	<xs:element name="File" type="FileObj:FileObjectType" nillable="true">
+		<xs:annotation>
+			<xs:documentation>The File object is intended to characterize a generic file.</xs:documentation>
+		</xs:annotation>
+	</xs:element>
+	<xs:complexType name="FileObjectType" mixed="false">
+		<xs:annotation>
+			<xs:documentation>The File_ObjectType type is intended to characterize generic files.</xs:documentation>
+		</xs:annotation>
+		<xs:complexContent>
+			<xs:extension base="cyboxCommon:ObjectPropertiesType">
+				<xs:sequence minOccurs="1">
+					<xs:element name="File_Name" type="cyboxCommon:StringObjectPropertyType" minOccurs="0">
+						<xs:annotation>
+							<xs:documentation>The File_Name field specifies the name of the file.</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+					<xs:element name="File_Path" type="FileObj:FilePathType" minOccurs="0">
+						<xs:annotation>
+							<xs:documentation>The File_Path field specifies the path to the file, not including the device. Whether the path is relative or fully-qualified can be specified via the 'fully_qualified' attribute of this property.</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+					<xs:element name="Device_Path" type="cyboxCommon:StringObjectPropertyType" minOccurs="0" maxOccurs="1">
+						<xs:annotation>
+							<xs:documentation>The Device_Path field specifies the path to the device on which the file resides. </xs:documentation>
+						</xs:annotation>
+					</xs:element>
+					<xs:element name="Full_Path" type="cyboxCommon:StringObjectPropertyType" minOccurs="0">
+						<xs:annotation>
+							<xs:documentation>The Full_Path field specifies the complete path to the file, including the device path.</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+					<xs:element name="File_Extension" type="cyboxCommon:StringObjectPropertyType" minOccurs="0">
+						<xs:annotation>
+							<xs:documentation>The File_Extension field specifies the file extension of the file.</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+					<xs:element name="Size_In_Bytes" type="cyboxCommon:UnsignedLongObjectPropertyType" nillable="true" minOccurs="0">
+						<xs:annotation>
+							<xs:documentation>The Size_In_Bytes field specifies the size of the file, in bytes.</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+					<xs:element minOccurs="0" name="Magic_Number" type="cyboxCommon:HexBinaryObjectPropertyType">
+						<xs:annotation>
+							<xs:documentation>The Magic_Number specifies the particular magic number (typically a hexadecimal constant used to identify a file format) corresponding to the file, if applicable.</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+					<xs:element minOccurs="0" name="File_Format" type="cyboxCommon:StringObjectPropertyType">
+						<xs:annotation>
+							<xs:documentation>The File_Format field specifies the particular file format of the file, most typically specified by a tool such as the UNIX file command.</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+					<xs:element name="Hashes" type="cyboxCommon:HashListType" minOccurs="0">
+						<xs:annotation>
+							<xs:documentation>The Hashes field specifies any hashes of the file.</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+					<xs:element name="Digital_Signatures" type="cyboxCommon:DigitalSignaturesType" minOccurs="0">
+						<xs:annotation>
+							<xs:documentation>The Digital_Signatures field is optional and captures one or more digital signatures for the file.</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+					<xs:element name="Modified_Time" type="cyboxCommon:StringObjectPropertyType" minOccurs="0">
+						<xs:annotation>
+							<xs:documentation>The Modified_Time field specifies the date/time the file was last modified.</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+					<xs:element name="Accessed_Time" type="cyboxCommon:StringObjectPropertyType" minOccurs="0">
+						<xs:annotation>
+							<xs:documentation>The Accessed_Time field specifies the date/time the file was last accessed.</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+					<xs:element name="Created_Time" type="cyboxCommon:DateTimeObjectPropertyType" minOccurs="0">
+						<xs:annotation>
+							<xs:documentation>The Created_Time field specifies the date/time the file was created.</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+					<xs:element name="File_Attributes_List" type="FileObj:FileAttributeType" nillable="true" minOccurs="0">
+						<xs:annotation>
+							<xs:documentation>The File_Attributes_List field specifies the particular special attributes set for the file. Since this is a platform-specific Object property, it is defined here as an abstract type and then implemented in any platform specific derived file objects.</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+					<xs:element name="Permissions" type="FileObj:FilePermissionsType" minOccurs="0">
+						<xs:annotation>
+							<xs:documentation>The Permissions field specifies that particular permissions that a file may have. Since this is a platform-specific Object property, it is defined here as an abstract type and then implemented in any platform specific derived file objects.</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+					<xs:element name="User_Owner" type="cyboxCommon:StringObjectPropertyType" minOccurs="0">
+						<xs:annotation>
+							<xs:documentation>The User_Owner field specifies the name of the user that owns the file.</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+					<xs:element name="Packer_List" type="FileObj:PackerListType" minOccurs="0">
+						<xs:annotation>
+							<xs:documentation>The Packer_List field specifies any packers that the file may be packed with. The term 'packer' here refers to packers, as well as things like archivers and installers.</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+					<xs:element name="Peak_Entropy" type="cyboxCommon:DoubleObjectPropertyType" minOccurs="0" maxOccurs="1">
+						<xs:annotation>
+							<xs:documentation>The Peak_Entropy field specifies the calculated peak entropy of the file.</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+					<xs:element name="Sym_Links" type="FileObj:SymLinksListType" minOccurs="0">
+						<xs:annotation>
+							<xs:documentation>The Sym_Links field specifies any symbolic links that may exist for the file.</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+					<xs:element name="Byte_Runs" type="cyboxCommon:ByteRunsType" minOccurs="0">
+						<xs:annotation>
+							<xs:documentation>The Byte_Runs field contains a list of byte runs from the raw file or its storage medium.</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+					<xs:element name="Extracted_Features" type="cyboxCommon:ExtractedFeaturesType" minOccurs="0">
+						<xs:annotation>
+							<xs:documentation>A description of features extracted from this file.</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+				</xs:sequence>
+				<xs:attribute name="is_packed" type="xs:boolean">
+					<xs:annotation>
+						<xs:documentation>The ispacked field is used to indicate whether the file is packed or not.</xs:documentation>
+					</xs:annotation>
+				</xs:attribute>
+			</xs:extension>
+		</xs:complexContent>
+	</xs:complexType>
+	<xs:complexType name="FilePathType">
+		<xs:annotation>
+			<xs:documentation>The FilePathType type specifies the path to the file, not including the device. Whether the path is relative or fully-qualified can be specified via the 'fully_qualified' attribute.</xs:documentation>
+		</xs:annotation>
+		<xs:complexContent>
+			<xs:extension base="cyboxCommon:StringObjectPropertyType">
+				<xs:attribute name="fully_qualified" type="xs:boolean">
+					<xs:annotation>
+						<xs:documentation>The fully_qualified field specifies whether the path is fully qualified.</xs:documentation>
+					</xs:annotation>
+				</xs:attribute>
+			</xs:extension>
+		</xs:complexContent>
+	</xs:complexType>
+	<xs:complexType name="FileAttributeType" abstract="true">
+		<xs:annotation>
+			<xs:documentation>The FileAttributeType type specifies attribute(s) of a file. Since this Object property(ies) is platform-specific, it is defined here as an abstract type.</xs:documentation>
+		</xs:annotation>
+	</xs:complexType>
+	<xs:complexType name="FilePermissionsType" abstract="true">
+		<xs:annotation>
+			<xs:documentation>The FilePermissionsType type specifies a permission of a file. Since this is a platform-specific Object property, it is defined here as an abstract type and then implemented in any platform specific derived file objects.</xs:documentation>
+		</xs:annotation>
+	</xs:complexType>
+	<xs:complexType name="PackerListType">
+		<xs:annotation>
+			<xs:documentation>The PackerListType type specifies a list of file packers.</xs:documentation>
+		</xs:annotation>
+		<xs:sequence>
+			<xs:element name="Packer" type="FileObj:PackerType" maxOccurs="unbounded">
+				<xs:annotation>
+					<xs:documentation>The Packer field specifies a single file packer.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+		</xs:sequence>
+	</xs:complexType>
+	<xs:complexType name="PackerType">
+		<xs:annotation>
+			<xs:documentation>The PackerType specifies the fields that characterize a particular file packer, such as name and version.</xs:documentation>
+		</xs:annotation>
+		<xs:sequence>
+			<xs:element name="Name" type="cyboxCommon:StringObjectPropertyType" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>The Name field specifies the name of the packer.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="Version" type="cyboxCommon:StringObjectPropertyType" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>The Version field specifies the version of the packer.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element minOccurs="0" name="Entry_Point" type="cyboxCommon:HexBinaryObjectPropertyType">
+				<xs:annotation>
+					<xs:documentation>The Entry_Point field specifies the entry point address of the packer, if applicable.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="Signature" type="cyboxCommon:StringObjectPropertyType" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>The Signature field specifies the matching signature detected for the packer, if applicable.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="Type" type="FileObj:PackerClassType" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>The Type field specifies the type of packer being characterized.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element maxOccurs="1" minOccurs="0" name="Detected_Entrypoint_Signatures" type="FileObj:EntryPointSignatureListType">
+				<xs:annotation>
+					<xs:documentation>The Detected_Entrypoint_Signatures field specifies the entrypoint signatures that were detected for the packer.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element maxOccurs="1" minOccurs="0" name="EP_Jump_Codes" type="FileObj:EPJumpCodeType">
+				<xs:annotation>
+					<xs:documentation>The EP_Jump_Codes field characterizes the entry point jump codes of the packer.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+		</xs:sequence>
+	</xs:complexType>
+	<xs:complexType name="PackerClassType">
+		<xs:annotation>
+			<xs:documentation>PackerCassType specifies packer classes, via a union of the PackerTypeEnum type and the atomic xs:string type. Its base type is the CybOX Core BaseObjectPropertyType, for permitting complex (i.e. regular-expression based) specifications.</xs:documentation>
+		</xs:annotation>
+		<xs:simpleContent>
+			<xs:restriction base="cyboxCommon:BaseObjectPropertyType">
+				<xs:simpleType>
+					<xs:union memberTypes="FileObj:PackerClassEnum xs:string"/>
+				</xs:simpleType>
+				<xs:attribute name="datatype" type="cyboxCommon:DatatypeEnum" fixed="string">
+					<xs:annotation>
+						<xs:documentation>This field is optional and specifies the expected type for the value of the specified field.</xs:documentation>
+					</xs:annotation>
+				</xs:attribute>
+			</xs:restriction>
+		</xs:simpleContent>
+	</xs:complexType>
+	<xs:complexType name="EPJumpCodeType">
+		<xs:annotation>
+			<xs:documentation>Specifies an entry-point jump code used by a packer.</xs:documentation>
+		</xs:annotation>
+		<xs:sequence>
+			<xs:element maxOccurs="1" minOccurs="1" name="Depth" type="cyboxCommon:IntegerObjectPropertyType"/>
+			<xs:element maxOccurs="1" minOccurs="0" name="Opcodes" type="cyboxCommon:StringObjectPropertyType"/>
+		</xs:sequence>
+	</xs:complexType>
+	<xs:complexType name="EntryPointSignatureType">
+		<xs:annotation>
+			<xs:documentation>Specifies an entry point signature for a packer.</xs:documentation>
+		</xs:annotation>
+		<xs:sequence>
+			<xs:element maxOccurs="1" minOccurs="0" name="Name" type="cyboxCommon:StringObjectPropertyType">
+				<xs:annotation>
+					<xs:documentation>Specifies the signature name.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element maxOccurs="1" minOccurs="0" name="Type" type="FileObj:DetectedTypeEnum">
+				<xs:annotation>
+					<xs:documentation>Specifies the type of entry point detected (e.g., packer, compiled file).</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+		</xs:sequence>
+	</xs:complexType>
+	<xs:simpleType name="DetectedTypeEnum">
+		<xs:annotation>
+			<xs:documentation>The DetectedTypeEnum is an enumeration of entry point signature detection types.</xs:documentation>
+		</xs:annotation>
+		<xs:restriction base="xs:string">
+			<xs:enumeration value="None">
+				<xs:annotation>
+					<xs:documentation>Specifies a type other than those listed.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Compiler">
+				<xs:annotation>
+					<xs:documentation>Specifies an executable that acts as a compiler.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Packer">
+				<xs:annotation>
+					<xs:documentation>Specifies an executable that acts as a packer.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Installer">
+				<xs:annotation>
+					<xs:documentation>Specifies an executable that acts as an installer.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+		</xs:restriction>
+	</xs:simpleType>
+	<xs:complexType name="EntryPointSignatureListType">
+		<xs:annotation>
+			<xs:documentation>Species a list of entry point signatures for a packer.</xs:documentation>
+		</xs:annotation>
+		<xs:sequence>
+			<xs:element maxOccurs="unbounded" name="Entry_Point_Signature" type="FileObj:EntryPointSignatureType">
+				<xs:annotation>
+					<xs:documentation>Specifies a single field in a list of entry point signatures.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+		</xs:sequence>
+	</xs:complexType>
+	<xs:simpleType name="PackerClassEnum">
+		<xs:annotation>
+			<xs:documentation>The PackerTypeEnum type is a (non-exhaustive) enumeration of packer classes.</xs:documentation>
+		</xs:annotation>
+		<xs:restriction base="xs:string">
+			<xs:enumeration value="Archiver">
+				<xs:annotation>
+					<xs:documentation>Indicates that the packer is an archiver.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Installer">
+				<xs:annotation>
+					<xs:documentation>Indicates that the packer is an installer.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Self-Extracting Archiver">
+				<xs:annotation>
+					<xs:documentation>Indicates that the packer is a self-extracting archiver.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Crypter">
+				<xs:annotation>
+					<xs:documentation>Indicates that the packer is a crypter.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Packer">
+				<xs:annotation>
+					<xs:documentation>Indicates a packer.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Protector">
+				<xs:annotation>
+					<xs:documentation>Indicates that the packer is a protector.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Bundler">
+				<xs:annotation>
+					<xs:documentation>Indicates that the packer is a bundler.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Other">
+				<xs:annotation>
+					<xs:documentation>Indicates a different type of packer from the ones listed.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+		</xs:restriction>
+	</xs:simpleType>
+	<xs:complexType name="SymLinksListType">
+		<xs:annotation>
+			<xs:documentation>The SymLinksListType specifies a list of symbolic links.</xs:documentation>
+		</xs:annotation>
+		<xs:sequence>
+			<xs:element name="Sym_Link" type="cyboxCommon:StringObjectPropertyType" maxOccurs="unbounded">
+				<xs:annotation>
+					<xs:documentation>The Sym_Link element specifies a single symbolic link.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+		</xs:sequence>
+	</xs:complexType>
+</xs:schema>
diff --git a/stix_validator/schema/cybox/objects/GUI_Dialogbox_Object.xsd b/stix_validator/schema/cybox/objects/GUI_Dialogbox_Object.xsd
new file mode 100755
index 0000000..b3ace6f
--- /dev/null
+++ b/stix_validator/schema/cybox/objects/GUI_Dialogbox_Object.xsd
@@ -0,0 +1,41 @@
+<?xml version="1.0" encoding="utf-8"?>
+<xs:schema xmlns:xs="http://www.w3.org/2001/XMLSchema" xmlns:cyboxCommon="http://cybox.mitre.org/common-2" xmlns:GUIObj="http://cybox.mitre.org/objects#GUIObject-2" xmlns:GUIDialogBoxObj="http://cybox.mitre.org/objects#GUIDialogboxObject-2" targetNamespace="http://cybox.mitre.org/objects#GUIDialogboxObject-2" elementFormDefault="qualified" attributeFormDefault="unqualified" version="2.0">
+	<xs:annotation>
+		<xs:documentation>This schema was originally developed by The MITRE Corporation. The CybOX XML Schema implementation is maintained by The MITRE Corporation and developed by the open CybOX Community. For more information, including how to get involved in the effort and how to submit change requests, please visit the CybOX website at http://cybox.mitre.org. </xs:documentation>
+		<xs:appinfo>
+			<schema>GUI_Dialogbox_Object</schema>
+			<version>2.0</version>
+			<date>02/11/2013 9:00:00 AM</date>
+			<short_description>The following specifies the fields and types that compose this defined CybOX Object type. Each defined object is an extension of the abstract ObjectPropertiesType, defined in CybOX Common. For more information on this extension mechanism, please see the CybOX Specification. This document is intended for developers and assumes some familiarity with XML. </short_description>
+			<terms_of_use>Copyright (c) 2012-2013, The MITRE Corporation. All rights reserved. The contents of this file are subject to the terms of the CybOX License located at http://cybox.mitre.org/about/termsofuse.html. See the CybOX License for the specific language governing permissions and limitations for use of this schema. When distributing copies of the CybOX Schema, this license header must be included. </terms_of_use>
+		</xs:appinfo>
+	</xs:annotation>
+	<xs:import namespace="http://cybox.mitre.org/objects#GUIObject-2" schemaLocation="GUI_Object.xsd"/>
+	<xs:import namespace="http://cybox.mitre.org/common-2" schemaLocation="../cybox_common.xsd"/>
+	<xs:element name="GUI_Dialogbox" type="GUIDialogBoxObj:GUIDialogboxObjectType" nillable="true">
+		<xs:annotation>
+			<xs:documentation>The GUI_Dialogbox object is intended to characterize GUI dialog boxes.</xs:documentation>
+		</xs:annotation>
+	</xs:element>
+	<xs:complexType name="GUIDialogboxObjectType" mixed="false">
+		<xs:annotation>
+			<xs:documentation>The GUIDialogboxObjectType type is intended to characterize GUI dialog boxes.</xs:documentation>
+		</xs:annotation>
+		<xs:complexContent>
+			<xs:extension base="GUIObj:GUIObjectType">
+				<xs:sequence>
+					<xs:element name="Box_Caption" type="cyboxCommon:StringObjectPropertyType" minOccurs="0">
+						<xs:annotation>
+							<xs:documentation>The Box_Caption field specifies the caption associated with the dialog box.</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+					<xs:element name="Box_Text" type="cyboxCommon:StringObjectPropertyType" minOccurs="0">
+						<xs:annotation>
+							<xs:documentation>The Box_Text field specifies the text contained inside the dialog box.</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+				</xs:sequence>
+			</xs:extension>
+		</xs:complexContent>
+	</xs:complexType>
+</xs:schema>
diff --git a/stix_validator/schema/cybox/objects/GUI_Object.xsd b/stix_validator/schema/cybox/objects/GUI_Object.xsd
new file mode 100755
index 0000000..4892070
--- /dev/null
+++ b/stix_validator/schema/cybox/objects/GUI_Object.xsd
@@ -0,0 +1,40 @@
+<?xml version="1.0" encoding="utf-8"?>
+<xs:schema xmlns:xs="http://www.w3.org/2001/XMLSchema" xmlns:GUIObj="http://cybox.mitre.org/objects#GUIObject-2" xmlns:cyboxCommon="http://cybox.mitre.org/common-2" targetNamespace="http://cybox.mitre.org/objects#GUIObject-2" elementFormDefault="qualified" attributeFormDefault="unqualified" version="2.0">
+	<xs:annotation>
+		<xs:documentation>This schema was originally developed by The MITRE Corporation. The CybOX XML Schema implementation is maintained by The MITRE Corporation and developed by the open CybOX Community. For more information, including how to get involved in the effort and how to submit change requests, please visit the CybOX website at http://cybox.mitre.org. </xs:documentation>
+		<xs:appinfo>
+			<schema>GUI_Object</schema>
+			<version>2.0</version>
+			<date>02/11/2013 9:00:00 AM</date>
+			<short_description>The following specifies the fields and types that compose this defined CybOX Object type. Each defined object is an extension of the abstract ObjectPropertiesType, defined in CybOX Common. For more information on this extension mechanism, please see the CybOX Specification. This document is intended for developers and assumes some familiarity with XML. </short_description>
+			<terms_of_use>Copyright (c) 2012-2013, The MITRE Corporation. All rights reserved. The contents of this file are subject to the terms of the CybOX License located at http://cybox.mitre.org/about/termsofuse.html. See the CybOX License for the specific language governing permissions and limitations for use of this schema. When distributing copies of the CybOX Schema, this license header must be included. </terms_of_use>
+		</xs:appinfo>
+	</xs:annotation>
+	<xs:import namespace="http://cybox.mitre.org/common-2" schemaLocation="../cybox_common.xsd"/>
+	<xs:element name="GUI_Object" type="GUIObj:GUIObjectType" nillable="true">
+		<xs:annotation>
+			<xs:documentation>The GUI_Object object is intended to charaterize generic GUI objects.</xs:documentation>
+		</xs:annotation>
+	</xs:element>
+	<xs:complexType name="GUIObjectType" mixed="false">
+		<xs:annotation>
+			<xs:documentation>The GUIObjectType type is intended to characterize generic GUI objects.</xs:documentation>
+		</xs:annotation>
+		<xs:complexContent>
+			<xs:extension base="cyboxCommon:ObjectPropertiesType">
+				<xs:sequence>
+					<xs:element name="Height" type="cyboxCommon:IntegerObjectPropertyType" minOccurs="0">
+						<xs:annotation>
+							<xs:documentation>The Height field specifices the height of the GUI object.</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+					<xs:element name="Width" type="cyboxCommon:IntegerObjectPropertyType" minOccurs="0">
+						<xs:annotation>
+							<xs:documentation>The Width field specifies the width of the GUI object.</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+				</xs:sequence>
+			</xs:extension>
+		</xs:complexContent>
+	</xs:complexType>
+</xs:schema>
\ No newline at end of file
diff --git a/stix_validator/schema/cybox/objects/GUI_Window_Object.xsd b/stix_validator/schema/cybox/objects/GUI_Window_Object.xsd
new file mode 100755
index 0000000..539ae56
--- /dev/null
+++ b/stix_validator/schema/cybox/objects/GUI_Window_Object.xsd
@@ -0,0 +1,46 @@
+<?xml version="1.0" encoding="utf-8"?>
+<xs:schema xmlns:xs="http://www.w3.org/2001/XMLSchema" xmlns:GUIWindowObj="http://cybox.mitre.org/objects#GUIWindowObject-2" xmlns:cyboxCommon="http://cybox.mitre.org/common-2" xmlns:GUIObj="http://cybox.mitre.org/objects#GUIObject-2" targetNamespace="http://cybox.mitre.org/objects#GUIWindowObject-2" elementFormDefault="qualified" attributeFormDefault="unqualified" version="2.0">
+	<xs:annotation>
+		<xs:documentation>This schema was originally developed by The MITRE Corporation. The CybOX XML Schema implementation is maintained by The MITRE Corporation and developed by the open CybOX Community. For more information, including how to get involved in the effort and how to submit change requests, please visit the CybOX website at http://cybox.mitre.org. </xs:documentation>
+		<xs:appinfo>
+			<schema>GUI_Window_Object</schema>
+			<version>2.0</version>
+			<date>02/11/2013 9:00:00 AM</date>
+			<short_description>The following specifies the fields and types that compose this defined CybOX Object type. Each defined object is an extension of the abstract ObjectPropertiesType, defined in CybOX Common. For more information on this extension mechanism, please see the CybOX Specification. This document is intended for developers and assumes some familiarity with XML. </short_description>
+			<terms_of_use>Copyright (c) 2012-2013, The MITRE Corporation. All rights reserved. The contents of this file are subject to the terms of the CybOX License located at http://cybox.mitre.org/about/termsofuse.html. See the CybOX License for the specific language governing permissions and limitations for use of this schema. When distributing copies of the CybOX Schema, this license header must be included. </terms_of_use>
+		</xs:appinfo>
+	</xs:annotation>
+	<xs:import namespace="http://cybox.mitre.org/objects#GUIObject-2" schemaLocation="GUI_Object.xsd"/>
+	<xs:import namespace="http://cybox.mitre.org/common-2" schemaLocation="../cybox_common.xsd"/>
+	<xs:element name="GUI_Window" type="GUIWindowObj:GUIWindowObjectType" nillable="true">
+		<xs:annotation>
+			<xs:documentation>The GUI_Window object is intended to characterize GUI windows.</xs:documentation>
+		</xs:annotation>
+	</xs:element>
+	<xs:complexType name="GUIWindowObjectType" mixed="false">
+		<xs:annotation>
+			<xs:documentation>The GUIWindowObjectType is intended to characterize GUI windows.</xs:documentation>
+		</xs:annotation>
+		<xs:complexContent>
+			<xs:extension base="GUIObj:GUIObjectType">
+				<xs:sequence>
+					<xs:element name="Owner_Window" type="cyboxCommon:StringObjectPropertyType" minOccurs="0">
+						<xs:annotation>
+							<xs:documentation>The Owner_Window specifies the owner window of the window object.</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+					<xs:element name="Parent_Window" type="cyboxCommon:StringObjectPropertyType" minOccurs="0">
+						<xs:annotation>
+							<xs:documentation>The Parent_Window field contains the parent window of the window object.</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+					<xs:element name="Window_Display_Name" type="cyboxCommon:StringObjectPropertyType" minOccurs="0">
+						<xs:annotation>
+							<xs:documentation>The Window_Display_Name field specifies the display name or title bar text of the window object.</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+				</xs:sequence>
+			</xs:extension>
+		</xs:complexContent>
+	</xs:complexType>
+</xs:schema>
\ No newline at end of file
diff --git a/stix_validator/schema/cybox/objects/HTTP_Session_Object.xsd b/stix_validator/schema/cybox/objects/HTTP_Session_Object.xsd
new file mode 100755
index 0000000..2087464
--- /dev/null
+++ b/stix_validator/schema/cybox/objects/HTTP_Session_Object.xsd
@@ -0,0 +1,623 @@
+<?xml version="1.0" encoding="utf-8"?>
+<xs:schema xmlns:xs="http://www.w3.org/2001/XMLSchema" xmlns:HTTPSessionObj="http://cybox.mitre.org/objects#HTTPSessionObject-2" xmlns:PortObj="http://cybox.mitre.org/objects#PortObject-2" xmlns:AddressObj="http://cybox.mitre.org/objects#AddressObject-2" xmlns:URIObj="http://cybox.mitre.org/objects#URIObject-2" xmlns:cyboxCommon="http://cybox.mitre.org/common-2" targetNamespace="http://cybox.mitre.org/objects#HTTPSessionObject-2" elementFormDefault="qualified" attributeFormDefault="unqualified" version="2.0">
+	<xs:annotation>
+		<xs:documentation>This schema was originally developed by [NAME] at [COMPANY]. The CybOX XML Schema implementation is maintained by The MITRE Corporation and developed by the open CybOX Community. For more information, including how to get involved in the effort and how to submit change requests, please visit the CybOX website at http://cybox.mitre.org. </xs:documentation>
+		<xs:appinfo>
+			<schema>HTTP_Session_Object</schema>
+			<version>2.0</version>
+			<date>02/11/2013 9:00:00 AM</date>
+			<short_description>The following specifies the fields and types that compose this defined CybOX Object type. Each defined object is an extension of the abstract ObjectPropertiesType, defined in CybOX Common. For more information on this extension mechanism, please see the CybOX Specification. This document is intended for developers and assumes some familiarity with XML. </short_description>
+			<terms_of_use>Copyright (c) 2012-2013, The MITRE Corporation. All rights reserved. The contents of this file are subject to the terms of the CybOX License located at http://cybox.mitre.org/about/termsofuse.html. See the CybOX License for the specific language governing permissions and limitations for use of this schema. When distributing copies of the CybOX Schema, this license header must be included. </terms_of_use>
+		</xs:appinfo>
+	</xs:annotation>
+	<xs:import namespace="http://cybox.mitre.org/common-2" schemaLocation="../cybox_common.xsd"/>
+	<xs:import namespace="http://cybox.mitre.org/objects#AddressObject-2" schemaLocation="Address_Object.xsd"/>
+	<xs:import namespace="http://cybox.mitre.org/objects#PortObject-2" schemaLocation="Port_Object.xsd"/>
+	<xs:import namespace="http://cybox.mitre.org/objects#URIObject-2" schemaLocation="URI_Object.xsd"/>
+	<xs:element name="HTTP_Session" type="HTTPSessionObj:HTTPSessionObjectType">
+		<xs:annotation>
+			<xs:documentation>The HTTP_Session object is intended to capture the HTTP requests and responses made on a single HTTP session.</xs:documentation>
+		</xs:annotation>
+	</xs:element>
+	<xs:complexType name="HTTPSessionObjectType">
+		<xs:annotation>
+			<xs:documentation>The HTTPSessionObjectType is intended to capture the details of an HTTP session.</xs:documentation>
+		</xs:annotation>
+		<xs:complexContent>
+			<xs:extension base="cyboxCommon:ObjectPropertiesType">
+				<xs:sequence>
+					<xs:element name="HTTP_Request_Response" type="HTTPSessionObj:HTTPRequestResponseType" maxOccurs="unbounded">
+						<xs:annotation>
+							<xs:documentation>The HTTP_Request_Response field specifies a single HTTP Request/Response pair.</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+				</xs:sequence>
+			</xs:extension>
+		</xs:complexContent>
+	</xs:complexType>
+	<xs:complexType name="HTTPRequestResponseType">
+		<xs:annotation>
+			<xs:documentation>The HTTPRequestResponseType captures a single HTTP request/response pair.</xs:documentation>
+		</xs:annotation>
+		<xs:sequence>
+			<xs:element name="HTTP_Client_Request" type="HTTPSessionObj:HTTPClientRequestType" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>The HTTP_Client_Request field specifies the HTTP client request portion of a single HTTP request/response pair.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="HTTP_Server_Response" type="HTTPSessionObj:HTTPServerResponseType" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>The HTTP_Server_Response field specifies the HTTP server response portion of a single HTTP request/response pair.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+		</xs:sequence>
+	</xs:complexType>
+	<xs:complexType name="HTTPClientRequestType">
+		<xs:annotation>
+			<xs:documentation>The HTTPClientRequestType field captures the details of an HTTP client request.</xs:documentation>
+		</xs:annotation>
+		<xs:sequence>
+			<xs:element name="HTTP_Request_Line" minOccurs="0" type="HTTPSessionObj:HTTPRequestLineType">
+				<xs:annotation>
+					<xs:documentation>The HTTP_Request_Line field specifies the HTTP request line of the HTTP client request.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="HTTP_Request_Header" minOccurs="0" type="HTTPSessionObj:HTTPRequestHeaderType">
+				<xs:annotation>
+					<xs:documentation>The HTTP_Request_Header field specifies all of the HTTP header fields that may be found in the HTTP client request.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="HTTP_Message_Body" minOccurs="0" type="HTTPSessionObj:HTTPMessageType">
+				<xs:annotation>
+					<xs:documentation>The HTTP_Message_Body field specifies the optional message body that may be included in the HTTP client request.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+		</xs:sequence>
+	</xs:complexType>
+	<xs:complexType name="HTTPServerResponseType">
+		<xs:annotation>
+			<xs:documentation>The HTTPServerResponseType captures the details of an HTTP server response.</xs:documentation>
+		</xs:annotation>
+		<xs:sequence>
+			<xs:element name="HTTP_Status_Line" minOccurs="0" type="HTTPSessionObj:HTTPStatusLineType">
+				<xs:annotation>
+					<xs:documentation>The HTTP_Status_Line field captures the status line returned as part of the HTTP server response.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="HTTP_Response_Header" minOccurs="0" type="HTTPSessionObj:HTTPResponseHeaderType">
+				<xs:annotation>
+					<xs:documentation>The HTTP_Response_Header field captures the details of the HTTP Header returned as part of the HTTP server response.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="HTTP_Message_Body" minOccurs="0" type="HTTPSessionObj:HTTPMessageType">
+				<xs:annotation>
+					<xs:documentation>The HTTP_Message_Body field captures the HTTP message body returned as part of the HTTP server response.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+		</xs:sequence>
+	</xs:complexType>
+	<xs:complexType name="HTTPRequestLineType">
+		<xs:annotation>
+			<xs:documentation>The HTTPRequestLineType captures a single HTTP request line.</xs:documentation>
+		</xs:annotation>
+		<xs:sequence>
+			<xs:element minOccurs="0" name="HTTP_Method" type="HTTPSessionObj:HTTPMethodType">
+				<xs:annotation>
+					<xs:documentation>The HTTP_Method field captures the HTTP method portion of the HTTP request line.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element minOccurs="0" name="Value" type="cyboxCommon:StringObjectPropertyType">
+				<xs:annotation>
+					<xs:documentation>The Value field captures the value (typically a resource path) portion of the HTTP request line.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element minOccurs="0" name="Version" type="cyboxCommon:StringObjectPropertyType">
+				<xs:annotation>
+					<xs:documentation>The Version field captures the HTTP version portion of the HTTP request line.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+		</xs:sequence>
+	</xs:complexType>
+	<xs:complexType name="HTTPRequestHeaderType">
+		<xs:annotation>
+			<xs:documentation>The HTTPRequestHeaderType captures the raw or parsed header of an HTTP request.</xs:documentation>
+		</xs:annotation>
+		<xs:sequence>
+			<xs:element minOccurs="0" name="Raw_Header" type="cyboxCommon:StringObjectPropertyType">
+				<xs:annotation>
+					<xs:documentation>The Raw_Header field captures the HTTP request header as a raw, un-parsed string.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element minOccurs="0" name="Parsed_Header" type="HTTPSessionObj:HTTPRequestHeaderFieldsType">
+				<xs:annotation>
+					<xs:documentation>The Parsed_Header field captures the HTTP request header as a set of parsed HTTP header fields.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+		</xs:sequence>
+	</xs:complexType>
+	<xs:complexType name="HTTPRequestHeaderFieldsType">
+		<xs:annotation>
+			<xs:documentation>The HTTPRequestHeaderFieldsType captures parsed HTTP request header fields.</xs:documentation>
+		</xs:annotation>
+		<xs:sequence>
+			<xs:element minOccurs="0" name="Accept" type="cyboxCommon:StringObjectPropertyType">
+				<xs:annotation>
+					<xs:documentation>The Accept field specifies the HTTP Request Accept header field, which defines the Content-Types that are acceptable.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element minOccurs="0" name="Accept_Charset" type="cyboxCommon:StringObjectPropertyType">
+				<xs:annotation>
+					<xs:documentation>The Accept-Charset field specifies the HTTP Request Accept-Charset header field, which defines the character sets that are acceptable.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element minOccurs="0" name="Accept_Language" type="cyboxCommon:StringObjectPropertyType">
+				<xs:annotation>
+					<xs:documentation>The Accept-Language field specifies the HTTP Request Accept-Language header field, which defines the acceptable languages for response.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element minOccurs="0" name="Accept_Datetime" type="cyboxCommon:StringObjectPropertyType">
+				<xs:annotation>
+					<xs:documentation>The Accept-Datetime field specifies the HTTP Request Accept-Datetime header field, which defines the acceptable version time.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element minOccurs="0" name="Accept_Encoding" type="cyboxCommon:StringObjectPropertyType">
+				<xs:annotation>
+					<xs:documentation>The Accept-Encoding field specifies the HTTP Request Accept-Encoding header field, which defines the acceptable encodings.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element minOccurs="0" name="Authorization" type="cyboxCommon:StringObjectPropertyType">
+				<xs:annotation>
+					<xs:documentation>The Authorization field specifies the HTTP Request Authorization header field, which defines the authentication credentials for use in HTTP authentication.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element minOccurs="0" name="Cache_Control" type="cyboxCommon:StringObjectPropertyType">
+				<xs:annotation>
+					<xs:documentation>The Cache-Control field specifies the HTTP Request Cache-Control header field, which defines the directives that MUST be obeyed by all caching mechanisms along the request/response chain.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element minOccurs="0" name="Connection" type="cyboxCommon:StringObjectPropertyType">
+				<xs:annotation>
+					<xs:documentation>The Connection field specifies the HTTP Request Connection header field, which defines the type of connection that the user-agent would prefer.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element minOccurs="0" name="Cookie" type="cyboxCommon:StringObjectPropertyType">
+				<xs:annotation>
+					<xs:documentation>The Cookie field specifies the HTTP Request Cookie header field, which defines the HTTP cookie previously sent by the server.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element minOccurs="0" name="Content_Length" type="cyboxCommon:IntegerObjectPropertyType">
+				<xs:annotation>
+					<xs:documentation>The Content-Length field specifies the HTTP Request Content-Length header field, which defines the length of the request body in octets.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element minOccurs="0" name="Content_MD5" type="cyboxCommon:StringObjectPropertyType">
+				<xs:annotation>
+					<xs:documentation>The Content-MD5 field specifies the HTTP Request Content-MD5 header field, which defines a Base64 encoded binary MD5 sum of the content of the request body.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element minOccurs="0" name="Content_Type" type="cyboxCommon:StringObjectPropertyType">
+				<xs:annotation>
+					<xs:documentation>The Content-Type field specifies the HTTP Request Content-Type header field, which defines a the MIME type of the body of the request (used with POST and PUT requests).</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element minOccurs="0" name="Date" type="cyboxCommon:DateTimeObjectPropertyType">
+				<xs:annotation>
+					<xs:documentation>The Date field specifies the HTTP Request Date header field, which defines the date and time that the message was sent.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element minOccurs="0" name="Expect" type="cyboxCommon:StringObjectPropertyType">
+				<xs:annotation>
+					<xs:documentation>The Expect field specifies the HTTP Request Expect header field, which defines the particular server behaviors that are required by the client.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element minOccurs="0" name="From" type="AddressObj:AddressObjectType">
+				<xs:annotation>
+					<xs:documentation>The From field specifies the HTTP Request From header field, which defines the email address of the user making the request.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element minOccurs="0" name="Host" type="HTTPSessionObj:HostFieldType">
+				<xs:annotation>
+					<xs:documentation>The Host field specifies the HTTP Request Host header field, which the domain name of the server and the TCP port number on which the server is listening.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element minOccurs="0" name="If_Match" type="cyboxCommon:StringObjectPropertyType">
+				<xs:annotation>
+					<xs:documentation>The If-Match field specifies the HTTP Request If-Match header field, which allows the action to be performed if the client supplied entity matches the same entity on the server.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element minOccurs="0" name="If_Modified_Since" type="cyboxCommon:DateTimeObjectPropertyType">
+				<xs:annotation>
+					<xs:documentation>The If-Modified-Since field specifies the HTTP Request If-Modified-Since header field, which allows a 304 Not Modified response to be returned if content is unchanged since the input date/time.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element minOccurs="0" name="If_None_Match" type="cyboxCommon:StringObjectPropertyType">
+				<xs:annotation>
+					<xs:documentation>The If-Modified-Since field specifies the HTTP Request If-Modified-Since header field, which allows the action to be performed only if the client supplied entity does not match the same entity on the server.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element minOccurs="0" name="If_Range" type="cyboxCommon:StringObjectPropertyType">
+				<xs:annotation>
+					<xs:documentation>The If-Range field specifies the HTTP Request If-Range header field, which allows the client to request the part(s) of the entity that they are missing, or otherwise the new entity.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element minOccurs="0" name="If_Unmodified_Since" type="cyboxCommon:DateTimeObjectPropertyType">
+				<xs:annotation>
+					<xs:documentation>The If-Unmodified-Since field specifies the HTTP Request If-Unmodified-Since header field, which allows a response to be sent only if the entity has not been modified since a specific date/time.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element minOccurs="0" name="Max_Forwards" type="cyboxCommon:IntegerObjectPropertyType">
+				<xs:annotation>
+					<xs:documentation>The Max-Forwards field specifies the HTTP Request Max-Forwards header field, which defines the maximum number of times the message can be forwarded through proxies or gateways.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element minOccurs="0" name="Pragma" type="cyboxCommon:StringObjectPropertyType">
+				<xs:annotation>
+					<xs:documentation>The Pragma field specifies the HTTP Request Pragma header field, which defines any implementation-specific values that may have various anywhere along the request-response chain.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element minOccurs="0" name="Proxy_Authorization" type="cyboxCommon:StringObjectPropertyType">
+				<xs:annotation>
+					<xs:documentation>The Proxy-Authorization field specifies the HTTP Request Proxy-Authorization header field, which defines the authorization credentials for connecting to a proxy.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element minOccurs="0" name="Range" type="cyboxCommon:StringObjectPropertyType">
+				<xs:annotation>
+					<xs:documentation>The Range field specifies the HTTP Request Range header field, which defines the range, in bytes, for requesting only part of an entity (bytes are numbered from 0).</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element minOccurs="0" name="Referer" type="URIObj:URIObjectType">
+				<xs:annotation>
+					<xs:documentation>The Referer field specifies the HTTP Request Range Referer field, which defines the address of the previous web page from which a link to the currently requested page was followed.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element minOccurs="0" name="TE" type="cyboxCommon:StringObjectPropertyType">
+				<xs:annotation>
+					<xs:documentation>The TE field specifies the HTTP Request TE field, which defines the transfer encodings the user agent is willing to accept.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element minOccurs="0" name="User_Agent" type="cyboxCommon:StringObjectPropertyType">
+				<xs:annotation>
+					<xs:documentation>The User-Agent field specifies the HTTP Request User-Agent field, which defines the user agent string of the user agent.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element minOccurs="0" name="Via" type="cyboxCommon:StringObjectPropertyType">
+				<xs:annotation>
+					<xs:documentation>The Via field specifies the HTTP Request Via field, which defines any proxies through which the request was sent.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element minOccurs="0" name="Warning" type="cyboxCommon:StringObjectPropertyType">
+				<xs:annotation>
+					<xs:documentation>The Warning field specifies the HTTP Request Warning field, which defines any general warnings about possible problems with the entity body.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element minOccurs="0" name="DNT" type="URIObj:URIObjectType">
+				<xs:annotation>
+					<xs:documentation>The DNT field specifies the non-standard HTTP Request DNT field, which is typically used to request that a web application disable their tracking of a user.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element minOccurs="0" name="X_Requested_With" type="cyboxCommon:StringObjectPropertyType">
+				<xs:annotation>
+					<xs:documentation>The X-Requested-With field specifies the non-standard HTTP Request X-Requested-With field, which is typically used to identify Ajax requests.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element minOccurs="0" name="X_Requested_For" type="cyboxCommon:StringObjectPropertyType">
+				<xs:annotation>
+					<xs:documentation>The X-Forwarded-For field specifies the non-standard HTTP Request X-Forwarded-For field, which is typically used to identify the originating IP address of a client connecting to a web server through an HTTP proxy or load balancer.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element minOccurs="0" name="X_ATT_DeviceId" type="cyboxCommon:StringObjectPropertyType">
+				<xs:annotation>
+					<xs:documentation>The X-ATT-DeviceId field specifies the non-standard HTTP Request X-ATT-DeviceId field, which is typically used to identify the make, model, and firmware of AT&amp;T devices.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element minOccurs="0" name="X_Wap_Profile" type="URIObj:URIObjectType">
+				<xs:annotation>
+					<xs:documentation>The X-Wap-Profile field specifies the non-standard HTTP Request X-Wap-Profile field, which is typically used to link to an XML file on the Internet with a full description and details about the device currently connecting.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+		</xs:sequence>
+	</xs:complexType>
+	<xs:complexType name="HTTPResponseHeaderType">
+		<xs:annotation>
+			<xs:documentation>The HTTPResponseHeaderType captures the raw or parsed header of an HTTP response.</xs:documentation>
+		</xs:annotation>
+		<xs:sequence>
+			<xs:element minOccurs="0" name="Raw_Header" type="cyboxCommon:StringObjectPropertyType">
+				<xs:annotation>
+					<xs:documentation>The Raw_Header field captures the HTTP response header as a raw, un-parsed string.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element minOccurs="0" name="Parsed_Header" type="HTTPSessionObj:HTTPResponseHeaderFieldsType">
+				<xs:annotation>
+					<xs:documentation>The Parsed_Header field captures the HTTP response header as a set of parsed HTTP header fields.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+		</xs:sequence>
+	</xs:complexType>
+	<xs:complexType name="HTTPResponseHeaderFieldsType">
+		<xs:annotation>
+			<xs:documentation>The HTTPRequestHeaderFieldsType captures parsed HTTP request header fields.</xs:documentation>
+		</xs:annotation>
+		<xs:sequence>
+			<xs:element minOccurs="0" name="Access_Control_Allow_Origin" type="cyboxCommon:StringObjectPropertyType">
+				<xs:annotation>
+					<xs:documentation>The Access-Control-Allow-Origin field specifies the HTTP Response Access-Control-Allow-Origin header field, which defines which web sites can participate in cross-origin resource sharing.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element minOccurs="0" name="Accept_Ranges" type="cyboxCommon:StringObjectPropertyType">
+				<xs:annotation>
+					<xs:documentation>The Accept-Ranges field specifies the HTTP Response Accept-Ranges header field, which defines the partial content range types this server supports.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element minOccurs="0" name="Age" type="cyboxCommon:IntegerObjectPropertyType">
+				<xs:annotation>
+					<xs:documentation>The Age field specifies the HTTP Response Authorization header field, which defines the age the object has been in a proxy cache, in seconds.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element minOccurs="0" name="Cache_Control" type="cyboxCommon:StringObjectPropertyType">
+				<xs:annotation>
+					<xs:documentation>The Cache-Control field specifies the HTTP Response Cache-Control header field, which tells all caching mechanisms from server to client whether they may cache this object.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element minOccurs="0" name="Connection" type="cyboxCommon:StringObjectPropertyType">
+				<xs:annotation>
+					<xs:documentation>The Connection field specifies the HTTP Response Connection header field, which specifies the options that are desired for the connection.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element minOccurs="0" name="Content_Encoding" type="cyboxCommon:StringObjectPropertyType">
+				<xs:annotation>
+					<xs:documentation>The Content-Encoding field specifies the HTTP Response Content-Encoding header field, which defines the type of encoding used on the data.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element minOccurs="0" name="Content_Language" type="cyboxCommon:StringObjectPropertyType">
+				<xs:annotation>
+					<xs:documentation>The Content-Language field specifies the HTTP Response Content-Language header field, which defines the language the content is in.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element minOccurs="0" name="Content_Length" type="cyboxCommon:IntegerObjectPropertyType">
+				<xs:annotation>
+					<xs:documentation>The Content-Length field specifies the HTTP Response Content-Length header field, which defines the length of the request body in octets.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element minOccurs="0" name="Content_Location" type="cyboxCommon:StringObjectPropertyType">
+				<xs:annotation>
+					<xs:documentation>The Content-Location field specifies the HTTP Response Content-Location header field, which defines an alternate location for the returned data.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element minOccurs="0" name="Content_MD5" type="cyboxCommon:StringObjectPropertyType">
+				<xs:annotation>
+					<xs:documentation>The Content-MD5 field specifies the HTTP Response Content-MD5 header field, which defines the base64-encoded binary MD5 sum of the content of the response.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element minOccurs="0" name="Content_Disposition" type="cyboxCommon:StringObjectPropertyType">
+				<xs:annotation>
+					<xs:documentation>The Content-Disposition field specifies the HTTP Response Content-Disposition header field, which provides a means for the origin server to suggest a default filename if the user requests that the content is saved to a file.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element minOccurs="0" name="Content_Range" type="cyboxCommon:StringObjectPropertyType">
+				<xs:annotation>
+					<xs:documentation>The Content-Range field specifies the HTTP Response Content-Range header field, which defines where in a full body message the partial message belongs.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element minOccurs="0" name="Content_Type" type="cyboxCommon:StringObjectPropertyType">
+				<xs:annotation>
+					<xs:documentation>The Content-Type field specifies the HTTP Response Content-Type header field, which defines the MIME type of the content.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element minOccurs="0" name="Date" type="cyboxCommon:DateTimeObjectPropertyType">
+				<xs:annotation>
+					<xs:documentation>The Date field specifies the HTTP Request Date header field, which defines the date and time that the message was sent.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element minOccurs="0" name="ETag" type="cyboxCommon:StringObjectPropertyType">
+				<xs:annotation>
+					<xs:documentation>The ETag field specifies the HTTP Response ETag header field, which defines an identifier for a specific version of a resource, often a message digest.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element minOccurs="0" name="Expires" type="cyboxCommon:DateTimeObjectPropertyType">
+				<xs:annotation>
+					<xs:documentation>The Expires field specifies the HTTP Response Expires header field, which defines the date/time after which the response is considered stale.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element minOccurs="0" name="Last_Modified" type="cyboxCommon:DateTimeObjectPropertyType">
+				<xs:annotation>
+					<xs:documentation>The Last-Modified field specifies the HTTP Response Last-Modified header field, which defines the date/time for the requested object, in RFC 2822 format.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element minOccurs="0" name="Link" type="cyboxCommon:StringObjectPropertyType">
+				<xs:annotation>
+					<xs:documentation>The Link field specifies the HTTP Response Link header field, which defines a typed relationship with another resource, where the relation type is defined by RFC 5988.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element minOccurs="0" name="Location" type="URIObj:URIObjectType">
+				<xs:annotation>
+					<xs:documentation>The Location field specifies the HTTP Response Location header field, which defines the location used in redirection, or when a new resource has been created.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element minOccurs="0" name="P3P" type="cyboxCommon:StringObjectPropertyType">
+				<xs:annotation>
+					<xs:documentation>The P3P field specifies the HTTP Response P3P header field, which sets P3P policy to be used by the browser.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element minOccurs="0" name="Pragma" type="cyboxCommon:StringObjectPropertyType">
+				<xs:annotation>
+					<xs:documentation>The Pragma field specifies the HTTP Response Pragma header field, which defines any implementation-specific values that may have various anywhere along the request-response chain.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element minOccurs="0" name="Proxy_Authenticate" type="cyboxCommon:StringObjectPropertyType">
+				<xs:annotation>
+					<xs:documentation>The Proxy-Authenticate field specifies the HTTP Response Proxy-Authenticate header field, which defines the type of authentication necessary to access the proxy.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element minOccurs="0" name="Refresh" type="cyboxCommon:IntegerObjectPropertyType">
+				<xs:annotation>
+					<xs:documentation>The Refresh field specifies the HTTP Response Refresh header field, which specifies a given interval, in seconds, after which the current page should be refreshed.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element minOccurs="0" name="Retry_After" type="cyboxCommon:IntegerObjectPropertyType">
+				<xs:annotation>
+					<xs:documentation>The Retry-After field specifies the HTTP Response Retry-After header field, which defines the period, in seconds, after which the client should try again if an entity is temporarily unavailable. </xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element minOccurs="0" name="Server" type="cyboxCommon:StringObjectPropertyType">
+				<xs:annotation>
+					<xs:documentation>The Server field specifies the HTTP Response Server field, which defines a name for the responding server.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element minOccurs="0" name="Set_Cookie" type="cyboxCommon:StringObjectPropertyType">
+				<xs:annotation>
+					<xs:documentation>The Set-Cookie field specifies the HTTP Response Set-Cookie field, which defines an HTTP cookie.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element minOccurs="0" name="Strict_Transport_Security" type="cyboxCommon:StringObjectPropertyType">
+				<xs:annotation>
+					<xs:documentation>The Strict-Transport-Security field specifies the HTTP response Strict-Transport-Security field, which defines the HSTS Policy informing the HTTP client how long to cache the HTTPS only policy and whether this applies to subdomains.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element minOccurs="0" name="Trailer" type="cyboxCommon:StringObjectPropertyType">
+				<xs:annotation>
+					<xs:documentation>The Trailer field specifies the HTTP Response Trailer field, which indicates that the given set of header fields is present in the trailer of a message encoded with chunked transfer-coding.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element minOccurs="0" name="Transfer_Encoding" type="cyboxCommon:StringObjectPropertyType">
+				<xs:annotation>
+					<xs:documentation>The Transfer-Encoding field specifies the HTTP Response Transfer-Encoding field, which defines the form of encoding used to safely transfer the entity to the user.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element minOccurs="0" name="Vary" type="URIObj:URIObjectType">
+				<xs:annotation>
+					<xs:documentation>The Vary field specifies the HTTP Response Vary field, which informs downstream proxies on how to match future request headers to decide whether the cached respones can be used rather than requested a fresh one from the origin server.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element minOccurs="0" name="Via" type="cyboxCommon:StringObjectPropertyType">
+				<xs:annotation>
+					<xs:documentation>The Via field specifies the HTTP Response Via field, which informs the client of proxies through which the response was sent.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element minOccurs="0" name="Warning" type="cyboxCommon:StringObjectPropertyType">
+				<xs:annotation>
+					<xs:documentation>The Warning field specifies the HTTP Response Warning field, which defines any general warnings about possible problems with the entity body.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element minOccurs="0" name="WWW_Authenticate" type="cyboxCommon:StringObjectPropertyType">
+				<xs:annotation>
+					<xs:documentation>The WWW-Authenticate field specifies the HTTP Response WWW-Authenticate field, which defines the authentication scheme that should be used to access the requested entity.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element minOccurs="0" name="X_Frame_Options" type="cyboxCommon:StringObjectPropertyType">
+				<xs:annotation>
+					<xs:documentation>The X-Frame-Options field specifies the non-standard HTTP Response X-Frame-Options field, which is used as a form of clickjacking protection, supporting no rendering within a frame and no rendering if origin mismatch.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element minOccurs="0" name="X_XSS_Protection" type="cyboxCommon:StringObjectPropertyType">
+				<xs:annotation>
+					<xs:documentation>The X-XSS-Protection field specifies the non-standard HTTP Response X-XSS-Protection field, which is used as a cross-site scripting (XSS) filter.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element minOccurs="0" name="X_Content_Type_Options" type="cyboxCommon:StringObjectPropertyType">
+				<xs:annotation>
+					<xs:documentation>The X-Content-Type-Options field specifies the non-standard HTTP Response X-Content-Type-Options field, which supports the 'nosniff' parameter to prevent the MIME-sniffing of a response away from the declared content type.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element minOccurs="0" name="X_Forwarded_Proto" type="cyboxCommon:StringObjectPropertyType">
+				<xs:annotation>
+					<xs:documentation>The X-Forwarded-Proto field specifies the non-standard HTTP Response X-Forwarded-Proto field, which identifies the originating protocol of an HTTP request.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element minOccurs="0" name="X_Powered_By" type="cyboxCommon:StringObjectPropertyType">
+				<xs:annotation>
+					<xs:documentation>The X-Powered-By field specifies the non-standard HTTP Response X-Powered-By field, which specifies the technology supporting the web application running on the server.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element minOccurs="0" name="X_UA_Compatible" type="cyboxCommon:StringObjectPropertyType">
+				<xs:annotation>
+					<xs:documentation>The X-UA-Compatible field specifies the non-standard HTTP Response X-UA-Compatible field, which is used to recommend the preferred rendering engine to use to display the content.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+		</xs:sequence>
+	</xs:complexType>
+	<xs:complexType name="HTTPMessageType">
+		<xs:annotation>
+			<xs:documentation>The HTTPMessageType captures a single HTTP message body and its length.</xs:documentation>
+		</xs:annotation>
+		<xs:sequence>
+			<xs:element minOccurs="0" name="Length" type="cyboxCommon:PositiveIntegerObjectPropertyType">
+				<xs:annotation>
+					<xs:documentation>The Length field captures the length of the HTTP message body, in bytes. </xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="Message_Body" type="cyboxCommon:StringObjectPropertyType">
+				<xs:annotation>
+					<xs:documentation>The Message_Body field captures the data contained in the HTTP message body.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+		</xs:sequence>
+	</xs:complexType>
+	<xs:complexType name="HTTPStatusLineType">
+		<xs:annotation>
+			<xs:documentation>The HTTPStatusLineType captures a single HTTP response status line.</xs:documentation>
+		</xs:annotation>
+		<xs:sequence>
+			<xs:element minOccurs="0" name="Version" type="cyboxCommon:StringObjectPropertyType">
+				<xs:annotation>
+					<xs:documentation>The Version field captures the HTTP version portion of the HTTP status line.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element minOccurs="0" name="Status_Code" type="cyboxCommon:PositiveIntegerObjectPropertyType">
+				<xs:annotation>
+					<xs:documentation>The Status_Code field captures the HTTP status code portion of the HTTP status line.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element minOccurs="0" name="Reason_Phrase" type="cyboxCommon:StringObjectPropertyType">
+				<xs:annotation>
+					<xs:documentation>The Reason_Phrase field captures the HTTP reason phrase portion of the HTTP status line.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+		</xs:sequence>
+	</xs:complexType>
+	<xs:complexType name="HostFieldType">
+		<xs:annotation>
+			<xs:documentation>The HostFieldType captures the details of the HTTP request Host header field.</xs:documentation>
+		</xs:annotation>
+		<xs:sequence>
+			<xs:element minOccurs="1" name="Domain_Name" type="URIObj:URIObjectType">
+				<xs:annotation>
+					<xs:documentation>The Domain_Name field specifies the domain name of the server.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element minOccurs="0" name="Port" type="PortObj:PortObjectType">
+				<xs:annotation>
+					<xs:documentation>The Port field specifies the TCP port number on which the server is listening.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+		</xs:sequence>
+	</xs:complexType>
+	<xs:complexType name="HTTPMethodType">
+		<xs:annotation>
+			<xs:documentation>HTTPMethodType specifies HTTP method types, via a union of the HTTPMethodEnum type and the atomic xs:string type. Its base type is the CybOX Core BaseObjectPropertyType, for permitting complex (i.e. regular-expression based) specifications.</xs:documentation>
+		</xs:annotation>
+		<xs:simpleContent>
+			<xs:restriction base="cyboxCommon:BaseObjectPropertyType">
+				<xs:simpleType>
+					<xs:union memberTypes="HTTPSessionObj:HTTPMethodEnum xs:string"/>
+				</xs:simpleType>
+				<xs:attribute fixed="string" name="datatype" type="cyboxCommon:DatatypeEnum" use="required">
+					<xs:annotation>
+						<xs:documentation>This attribute is optional and specifies the expected type for the value of the specified property.</xs:documentation>
+					</xs:annotation>
+				</xs:attribute>
+			</xs:restriction>
+		</xs:simpleContent>
+	</xs:complexType>
+	<xs:simpleType name="HTTPMethodEnum">
+		<xs:annotation>
+			<xs:documentation>The HTTPMethodEnum is an enumeration of HTTP method types.</xs:documentation>
+		</xs:annotation>
+		<xs:restriction base="xs:string">
+			<xs:enumeration value="GET"/>
+			<xs:enumeration value="POST"/>
+			<xs:enumeration value="HEAD"/>
+			<xs:enumeration value="PUT"/>
+		</xs:restriction>
+	</xs:simpleType>
+</xs:schema>
diff --git a/stix_validator/schema/cybox/objects/Library_Object.xsd b/stix_validator/schema/cybox/objects/Library_Object.xsd
new file mode 100755
index 0000000..fc19a0f
--- /dev/null
+++ b/stix_validator/schema/cybox/objects/Library_Object.xsd
@@ -0,0 +1,114 @@
+<?xml version="1.0" encoding="utf-8"?>
+<xs:schema xmlns:xs="http://www.w3.org/2001/XMLSchema" xmlns:LibraryObj="http://cybox.mitre.org/objects#LibraryObject-2" xmlns:cyboxCommon="http://cybox.mitre.org/common-2" targetNamespace="http://cybox.mitre.org/objects#LibraryObject-2" elementFormDefault="qualified" attributeFormDefault="unqualified" version="2.0">
+	<xs:annotation>
+		<xs:documentation>This schema was originally developed by The MITRE Corporation. The CybOX XML Schema implementation is maintained by The MITRE Corporation and developed by the open CybOX Community. For more information, including how to get involved in the effort and how to submit change requests, please visit the CybOX website at http://cybox.mitre.org. </xs:documentation>
+		<xs:appinfo>
+			<schema>Library_Object</schema>
+			<version>2.0</version>
+			<date>02/11/2013 9:00:00 AM</date>
+			<short_description>The following specifies the fields and types that compose this defined CybOX Object type. Each defined object is an extension of the abstract ObjectPropertiesType, defined in CybOX Common. For more information on this extension mechanism, please see the CybOX Specification. This document is intended for developers and assumes some familiarity with XML. </short_description>
+			<terms_of_use>Copyright (c) 2012-2013, The MITRE Corporation. All rights reserved. The contents of this file are subject to the terms of the CybOX License located at http://cybox.mitre.org/about/termsofuse.html. See the CybOX License for the specific language governing permissions and limitations for use of this schema. When distributing copies of the CybOX Schema, this license header must be included. </terms_of_use>
+		</xs:appinfo>
+	</xs:annotation>
+	<xs:import namespace="http://cybox.mitre.org/common-2" schemaLocation="../cybox_common.xsd"/>
+	<xs:element name="Library" type="LibraryObj:LibraryObjectType" nillable="true">
+		<xs:annotation>
+			<xs:documentation>The Library object is intended to characterize software libraries.</xs:documentation>
+		</xs:annotation>
+	</xs:element>
+	<xs:complexType name="LibraryObjectType" mixed="false">
+		<xs:annotation>
+			<xs:documentation>The LibraryObjectType type is intended to characterize software libraries.</xs:documentation>
+		</xs:annotation>
+		<xs:complexContent>
+			<xs:extension base="cyboxCommon:ObjectPropertiesType">
+				<xs:sequence>
+					<xs:element name="Name" type="cyboxCommon:StringObjectPropertyType" minOccurs="0" maxOccurs="1">
+						<xs:annotation>
+							<xs:documentation>The Name field specifies the full file name of the library. Example: abcd.dll.</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+					<xs:element name="Path" type="cyboxCommon:StringObjectPropertyType" minOccurs="0" maxOccurs="1">
+						<xs:annotation>
+							<xs:documentation>The Path field specifies the fully-qualified path to the library.</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+					<xs:element name="Size" type="cyboxCommon:UnsignedLongObjectPropertyType" nillable="true" minOccurs="0" maxOccurs="1">
+						<xs:annotation>
+							<xs:documentation>The Size field specifies the size of the library, in bytes.</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+					<xs:element name="Type" type="LibraryObj:LibraryType" minOccurs="0">
+						<xs:annotation>
+							<xs:documentation>The Type field specifies the type of library being characterized.</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+					<xs:element name="Version" type="cyboxCommon:StringObjectPropertyType" minOccurs="0">
+						<xs:annotation>
+							<xs:documentation>The Version field specifies the library version.</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+					<xs:element name="Base_Address" type="cyboxCommon:HexBinaryObjectPropertyType" nillable="true" minOccurs="0">
+						<xs:annotation>
+							<xs:documentation>The Base_Address field specifies the default virtual address into which the library is loaded.</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+					<xs:element name="Extracted_Features" type="cyboxCommon:ExtractedFeaturesType" minOccurs="0">
+						<xs:annotation>
+							<xs:documentation>A description of features extracted from this file.</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+				</xs:sequence>
+			</xs:extension>
+		</xs:complexContent>
+	</xs:complexType>
+	<xs:complexType name="LibraryType">
+		<xs:annotation>
+			<xs:documentation>LibraryType specifies library types, via a union of the LibraryTypeEnum type and the atomic xs:string type. Its base type is the CybOX Core BaseObjectPropertyType, for permitting complex (i.e. regular-expression based) specifications.</xs:documentation>
+		</xs:annotation>
+		<xs:simpleContent>
+			<xs:restriction base="cyboxCommon:BaseObjectPropertyType">
+				<xs:simpleType>
+					<xs:union memberTypes="LibraryObj:LibraryTypeEnum xs:string"/>
+				</xs:simpleType>
+				<xs:attribute name="datatype" type="cyboxCommon:DatatypeEnum" fixed="string">
+					<xs:annotation>
+						<xs:documentation>This attribute is optional and specifies the expected type for the value of the specified property.</xs:documentation>
+					</xs:annotation>
+				</xs:attribute>
+			</xs:restriction>
+		</xs:simpleContent>
+	</xs:complexType>
+	<xs:simpleType name="LibraryTypeEnum">
+		<xs:annotation>
+			<xs:documentation>The LibraryTypeEnum type is an enumeration of library types.</xs:documentation>
+		</xs:annotation>
+		<xs:restriction base="xs:string">
+			<xs:enumeration value="Dynamic">
+				<xs:annotation>
+					<xs:documentation>Indicates a dynamic library.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Static">
+				<xs:annotation>
+					<xs:documentation>Indicates a static library.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Remote">
+				<xs:annotation>
+					<xs:documentation>Indicates a remote library.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Shared">
+				<xs:annotation>
+					<xs:documentation>Indicates a shared library.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Other">
+				<xs:annotation>
+					<xs:documentation>Indicates a different type of library than those listed above.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+		</xs:restriction>
+	</xs:simpleType>
+</xs:schema>
\ No newline at end of file
diff --git a/stix_validator/schema/cybox/objects/Link_Object.xsd b/stix_validator/schema/cybox/objects/Link_Object.xsd
new file mode 100755
index 0000000..3b9b9b9
--- /dev/null
+++ b/stix_validator/schema/cybox/objects/Link_Object.xsd
@@ -0,0 +1,24 @@
+<?xml version="1.0" encoding="utf-8"?>
+<xs:schema xmlns:xs="http://www.w3.org/2001/XMLSchema" xmlns:URIObj="http://cybox.mitre.org/objects#URIObject-2" targetNamespace="http://cybox.mitre.org/objects#LinkObject-1" elementFormDefault="qualified" attributeFormDefault="unqualified" version="1.0" xmlns:LinkObj="http://cybox.mitre.org/objects#LinkObject-1">
+    <xs:annotation>
+        <xs:documentation>This schema was originally developed by The MITRE Corporation. The CybOX XML Schema implementation is maintained by The MITRE Corporation and developed by the open CybOX Community. For more information, including how to get involved in the effort and how to submit change requests, please visit the CybOX website at http://cybox.mitre.org. </xs:documentation>
+        <xs:appinfo>
+            <schema>Link_Object</schema>
+            <version>1.0</version>
+            <date>03/27/2013 9:00:00 AM</date>
+            <short_description>The following specifies the fields and types that compose this defined CybOX Object type. Each defined object is an extension of the abstract ObjectPropertiesType, defined in CybOX Common. For more information on this extension mechanism, please see the CybOX Specification. This document is intended for developers and assumes some familiarity with XML. </short_description>
+            <terms_of_use>Copyright (c) 2012-2013, The MITRE Corporation. All rights reserved. The contents of this file are subject to the terms of the CybOX License located at http://cybox.mitre.org/about/termsofuse.html. See the CybOX License for the specific language governing permissions and limitations for use of this schema. When distributing copies of the CybOX Schema, this license header must be included. </terms_of_use>
+        </xs:appinfo>
+    </xs:annotation>
+    <xs:import namespace="http://cybox.mitre.org/objects#URIObject-2" schemaLocation="URI_Object.xsd"/>
+    <xs:element name="Link" type="LinkObj:LinkObjectType"/>
+    <xs:complexType name="LinkObjectType">
+        <xs:complexContent>
+            <xs:extension base="URIObj:URIObjectType">
+                <xs:sequence>
+                    <xs:element name="URL_Label" type="xs:string"/>
+                </xs:sequence>
+            </xs:extension>
+        </xs:complexContent>
+    </xs:complexType>
+</xs:schema>
diff --git a/stix_validator/schema/cybox/objects/Linux_Package_Object.xsd b/stix_validator/schema/cybox/objects/Linux_Package_Object.xsd
new file mode 100755
index 0000000..cfd4d5f
--- /dev/null
+++ b/stix_validator/schema/cybox/objects/Linux_Package_Object.xsd
@@ -0,0 +1,119 @@
+<?xml version="1.0" encoding="utf-8"?>
+<xs:schema xmlns:xs="http://www.w3.org/2001/XMLSchema" xmlns:LinuxPackageObj="http://cybox.mitre.org/objects#LinuxPackageObject-2" xmlns:cyboxCommon="http://cybox.mitre.org/common-2" targetNamespace="http://cybox.mitre.org/objects#LinuxPackageObject-2" elementFormDefault="qualified" attributeFormDefault="unqualified" version="2.0">
+	<xs:annotation>
+		<xs:documentation>This schema was originally developed by The MITRE Corporation. The CybOX XML Schema implementation is maintained by The MITRE Corporation and developed by the open CybOX Community. For more information, including how to get involved in the effort and how to submit change requests, please visit the CybOX website at http://cybox.mitre.org. </xs:documentation>
+		<xs:appinfo>
+			<schema>Linux_Package_Object</schema>
+			<version>2.0</version>
+			<date>02/11/2013 9:00:00 AM</date>
+			<short_description>The following specifies the fields and types that compose this defined CybOX Object type. Each defined object is an extension of the abstract ObjectPropertiesType, defined in CybOX Common. For more information on this extension mechanism, please see the CybOX Specification. This document is intended for developers and assumes some familiarity with XML. </short_description>
+			<terms_of_use>Copyright (c) 2012-2013, The MITRE Corporation. All rights reserved. The contents of this file are subject to the terms of the CybOX License located at http://cybox.mitre.org/about/termsofuse.html. See the CybOX License for the specific language governing permissions and limitations for use of this schema. When distributing copies of the CybOX Schema, this license header must be included. </terms_of_use>
+		</xs:appinfo>
+	</xs:annotation>
+	<xs:import namespace="http://cybox.mitre.org/common-2" schemaLocation="../cybox_common.xsd"/>
+	<xs:element name="Linux_Package" type="LinuxPackageObj:LinuxPackageObjectType">
+		<xs:annotation>
+			<xs:documentation>The Linux_Package object is intended to characterize a Linux package.</xs:documentation>
+		</xs:annotation>
+	</xs:element>
+	<xs:complexType name="LinuxPackageObjectType" mixed="false">
+		<xs:annotation>
+			<xs:documentation>The LinuxPackageObjectType type is intended to characterize Linux packages.</xs:documentation>
+		</xs:annotation>
+		<xs:complexContent>
+			<xs:extension base="cyboxCommon:ObjectPropertiesType">
+				<xs:sequence>
+					<xs:element name="Architecture" type="LinuxPackageObj:ArchitectureType" minOccurs="0">
+						<xs:annotation>
+							<xs:documentation>The Architecture field specifies the architecture for which the package was built.</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+					<xs:element name="Category" type="cyboxCommon:StringObjectPropertyType" minOccurs="0">
+						<xs:annotation>
+							<xs:documentation>The Category field specifies the categories under which a package may be displayed.</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+					<xs:element name="Description" type="cyboxCommon:StringObjectPropertyType" minOccurs="0">
+						<xs:annotation>
+							<xs:documentation>The Description field specifies an in-depth description of a package.</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+					<xs:element name="Epoch" type="cyboxCommon:StringObjectPropertyType" minOccurs="0">
+						<xs:annotation>
+							<xs:documentation>The Epoch field specifies the epoch number of the package.</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+					<xs:element name="EVR" type="cyboxCommon:StringObjectPropertyType" minOccurs="0">
+						<xs:annotation>
+							<xs:documentation>The EVR field specifies the epoch, version, and release fields of the package as a single version string.</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+					<xs:element name="Name" type="cyboxCommon:StringObjectPropertyType" minOccurs="1" maxOccurs="1">
+						<xs:annotation>
+							<xs:documentation>The Name field specifies the name of the package.</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+					<xs:element name="Release" type="cyboxCommon:StringObjectPropertyType" minOccurs="0">
+						<xs:annotation>
+							<xs:documentation>The Release field specifies the release number of the package build.</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+					<xs:element name="Vendor" type="cyboxCommon:StringObjectPropertyType" minOccurs="0">
+						<xs:annotation>
+							<xs:documentation>The Vendor field specifies the vendor that holds the software copyright of the package.</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+					<xs:element name="Version" type="cyboxCommon:StringObjectPropertyType" minOccurs="0">
+						<xs:annotation>
+							<xs:documentation>The Version field specifies the version number of the package build.</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+				</xs:sequence>
+			</xs:extension>
+		</xs:complexContent>
+	</xs:complexType>
+	<xs:complexType name="ArchitectureType">
+		<xs:annotation>
+			<xs:documentation>ArchitectureType specifies CPU architecture types, via a union of the ArchitectureTypeEnum type and the atomic xs:string type. Its base type is the CybOX Core BaseObjectPropertyType, for permitting complex (i.e. regular-expression based) specifications.</xs:documentation>
+		</xs:annotation>
+		<xs:simpleContent>
+			<xs:restriction base="cyboxCommon:BaseObjectPropertyType">
+				<xs:simpleType>
+					<xs:union memberTypes="LinuxPackageObj:ArchitectureTypeEnum xs:string"/>
+				</xs:simpleType>
+				<xs:attribute name="datatype" type="cyboxCommon:DatatypeEnum" fixed="string">
+					<xs:annotation>
+						<xs:documentation>This attribute is optional and specifies the expected type for the value of the specified property.</xs:documentation>
+					</xs:annotation>
+				</xs:attribute>
+			</xs:restriction>
+		</xs:simpleContent>
+	</xs:complexType>
+	<xs:simpleType name="ArchitectureTypeEnum">
+		<xs:annotation>
+			<xs:documentation>The ArchitectureTypeEnum type is a non-exhaustive enumeration of CPU architectures.</xs:documentation>
+		</xs:annotation>
+		<xs:restriction base="xs:string">
+			<xs:enumeration value="i386">
+				<xs:annotation>
+					<xs:documentation>Indicates an i386 architecture.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="PPC">
+				<xs:annotation>
+					<xs:documentation>Indicates an PPC architecture.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="SPARC">
+				<xs:annotation>
+					<xs:documentation>Indicates an SPARC architecture.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="noarch">
+				<xs:annotation>
+					<xs:documentation>Indicates no particular architecture.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+		</xs:restriction>
+	</xs:simpleType>
+</xs:schema>
\ No newline at end of file
diff --git a/stix_validator/schema/cybox/objects/Memory_Object.xsd b/stix_validator/schema/cybox/objects/Memory_Object.xsd
new file mode 100755
index 0000000..6f69e02
--- /dev/null
+++ b/stix_validator/schema/cybox/objects/Memory_Object.xsd
@@ -0,0 +1,70 @@
+<?xml version="1.0" encoding="utf-8"?>
+<xs:schema xmlns:xs="http://www.w3.org/2001/XMLSchema" xmlns:MemoryObj="http://cybox.mitre.org/objects#MemoryObject-2" xmlns:cyboxCommon="http://cybox.mitre.org/common-2" targetNamespace="http://cybox.mitre.org/objects#MemoryObject-2" elementFormDefault="qualified" attributeFormDefault="unqualified" version="2.0">
+	<xs:annotation>
+		<xs:documentation>This schema was originally developed by The MITRE Corporation. The CybOX XML Schema implementation is maintained by The MITRE Corporation and developed by the open CybOX Community. For more information, including how to get involved in the effort and how to submit change requests, please visit the CybOX website at http://cybox.mitre.org. </xs:documentation>
+		<xs:appinfo>
+			<schema>Memory_Object</schema>
+			<version>2.0</version>
+			<date>02/11/2013 9:00:00 AM</date>
+			<short_description>The following specifies the fields and types that compose this defined CybOX Object type. Each defined object is an extension of the abstract ObjectPropertiesType, defined in CybOX Common. For more information on this extension mechanism, please see the CybOX Specification. This document is intended for developers and assumes some familiarity with XML. </short_description>
+			<terms_of_use>Copyright (c) 2012-2013, The MITRE Corporation. All rights reserved. The contents of this file are subject to the terms of the CybOX License located at http://cybox.mitre.org/about/termsofuse.html. See the CybOX License for the specific language governing permissions and limitations for use of this schema. When distributing copies of the CybOX Schema, this license header must be included. </terms_of_use>
+		</xs:appinfo>
+	</xs:annotation>
+	<xs:import namespace="http://cybox.mitre.org/common-2" schemaLocation="../cybox_common.xsd"/>
+	<xs:element name="Memory_Region" type="MemoryObj:MemoryObjectType">
+		<xs:annotation>
+			<xs:documentation>The Memory_Region object is intended to characterize generic memory objects.</xs:documentation>
+		</xs:annotation>
+	</xs:element>
+	<xs:complexType name="MemoryObjectType" mixed="false">
+		<xs:annotation>
+			<xs:documentation>The MemoryObjectType type is intended to characterize generic memory objects.</xs:documentation>
+		</xs:annotation>
+		<xs:complexContent>
+			<xs:extension base="cyboxCommon:ObjectPropertiesType">
+				<xs:sequence>
+					<xs:element name="Hashes" type="cyboxCommon:HashListType" minOccurs="0">
+						<xs:annotation>
+							<xs:documentation>The Hashes field specifies any hashes of the particular memory object.</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+					<xs:element name="Name" type="cyboxCommon:StringObjectPropertyType" minOccurs="0" maxOccurs="1">
+						<xs:annotation>
+							<xs:documentation>The Name field specifies the name of the particular memory object, if applicable.</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+					<xs:element name="Region_Size" type="cyboxCommon:UnsignedLongObjectPropertyType" nillable="true" minOccurs="0" maxOccurs="1">
+						<xs:annotation>
+							<xs:documentation>The Region_Size field specifies the size of the particular memory region, in bytes.</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+					<xs:element name="Region_Start_Address" type="cyboxCommon:HexBinaryObjectPropertyType" nillable="true" minOccurs="0" maxOccurs="1">
+						<xs:annotation>
+							<xs:documentation>The Region_Start_Address field specifies the starting address of the particular memory region.</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+					<xs:element name="Extracted_Features" type="cyboxCommon:ExtractedFeaturesType" minOccurs="0">
+						<xs:annotation>
+							<xs:documentation>A description of features extracted from this memory region.</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+				</xs:sequence>
+				<xs:attribute name="is_injected" type="xs:boolean">
+					<xs:annotation>
+						<xs:documentation>The is_injected field specifies whether or not the particular memory object has had data/code injected into it by another process.</xs:documentation>
+					</xs:annotation>
+				</xs:attribute>
+				<xs:attribute name="is_mapped" type="xs:boolean">
+					<xs:annotation>
+						<xs:documentation>The is_mapped field specifies whether or not the particular memory object has been assigned a byte-for-byte correlation with some portion of a file or file-like resource.</xs:documentation>
+					</xs:annotation>
+				</xs:attribute>
+				<xs:attribute name="is_protected" type="xs:boolean">
+					<xs:annotation>
+						<xs:documentation>The is_protected field specifies whether or not the particular memory object is protected (read/write only from the process that allocated it).</xs:documentation>
+					</xs:annotation>
+				</xs:attribute>
+			</xs:extension>
+		</xs:complexContent>
+	</xs:complexType>
+</xs:schema>
\ No newline at end of file
diff --git a/stix_validator/schema/cybox/objects/Mutex_Object.xsd b/stix_validator/schema/cybox/objects/Mutex_Object.xsd
new file mode 100755
index 0000000..15aabac
--- /dev/null
+++ b/stix_validator/schema/cybox/objects/Mutex_Object.xsd
@@ -0,0 +1,40 @@
+<?xml version="1.0" encoding="utf-8"?>
+<xs:schema xmlns:xs="http://www.w3.org/2001/XMLSchema" xmlns:MutexObj="http://cybox.mitre.org/objects#MutexObject-2" xmlns:cyboxCommon="http://cybox.mitre.org/common-2" targetNamespace="http://cybox.mitre.org/objects#MutexObject-2" elementFormDefault="qualified" attributeFormDefault="unqualified" version="2.0">
+	<xs:annotation>
+		<xs:documentation>This schema was originally developed by The MITRE Corporation. The CybOX XML Schema implementation is maintained by The MITRE Corporation and developed by the open CybOX Community. For more information, including how to get involved in the effort and how to submit change requests, please visit the CybOX website at http://cybox.mitre.org. </xs:documentation>
+		<xs:appinfo>
+			<schema>Mutex_Object</schema>
+			<version>2.0</version>
+			<date>02/11/2013 9:00:00 AM</date>
+			<short_description>The following specifies the fields and types that compose this defined CybOX Object type. Each defined object is an extension of the abstract ObjectPropertiesType, defined in CybOX Common. For more information on this extension mechanism, please see the CybOX Specification. This document is intended for developers and assumes some familiarity with XML. </short_description>
+			<terms_of_use>Copyright (c) 2012-2013, The MITRE Corporation. All rights reserved. The contents of this file are subject to the terms of the CybOX License located at http://cybox.mitre.org/about/termsofuse.html. See the CybOX License for the specific language governing permissions and limitations for use of this schema. When distributing copies of the CybOX Schema, this license header must be included. </terms_of_use>
+		</xs:appinfo>
+	</xs:annotation>
+	<xs:import namespace="http://cybox.mitre.org/common-2" schemaLocation="../cybox_common.xsd"/>
+	<xs:element name="Mutex" type="MutexObj:MutexObjectType" nillable="true">
+		<xs:annotation>
+			<xs:documentation>The Mutex object is intended to characterize generic mutual exclusion (mutex) objects.</xs:documentation>
+		</xs:annotation>
+	</xs:element>
+	<xs:complexType name="MutexObjectType" mixed="false">
+		<xs:annotation>
+			<xs:documentation>The MutexObjectType type is intended to characterize generic mutual exclusion (mutex) objects.</xs:documentation>
+		</xs:annotation>
+		<xs:complexContent>
+			<xs:extension base="cyboxCommon:ObjectPropertiesType">
+				<xs:sequence>
+					<xs:element name="Name" type="cyboxCommon:StringObjectPropertyType" minOccurs="0">
+						<xs:annotation>
+							<xs:documentation>The Name field specifies the name for a named mutex object.</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+				</xs:sequence>
+				<xs:attribute name="named" type="xs:boolean">
+					<xs:annotation>
+						<xs:documentation>The named field specifies whether the Mutex is named.</xs:documentation>
+					</xs:annotation>
+				</xs:attribute>
+			</xs:extension>
+		</xs:complexContent>
+	</xs:complexType>
+</xs:schema>
\ No newline at end of file
diff --git a/stix_validator/schema/cybox/objects/Network_Connection_Object.xsd b/stix_validator/schema/cybox/objects/Network_Connection_Object.xsd
new file mode 100755
index 0000000..20a17cc
--- /dev/null
+++ b/stix_validator/schema/cybox/objects/Network_Connection_Object.xsd
@@ -0,0 +1,609 @@
+<?xml version="1.0" encoding="utf-8"?>
+<xs:schema xmlns:xs="http://www.w3.org/2001/XMLSchema" xmlns:SocketAddressObj="http://cybox.mitre.org/objects#SocketAddressObject-1" xmlns:NetworkConnectionObj="http://cybox.mitre.org/objects#NetworkConnectionObject-2" xmlns:DNSQueryObj="http://cybox.mitre.org/objects#DNSQueryObject-2" xmlns:HTTPSessionObj="http://cybox.mitre.org/objects#HTTPSessionObject-2" xmlns:cyboxCommon="http://cybox.mitre.org/common-2" targetNamespace="http://cybox.mitre.org/objects#NetworkConnectionObject-2" elementFormDefault="qualified" attributeFormDefault="unqualified" version="2.0">
+	<xs:annotation>
+		<xs:documentation>This schema was originally developed by The MITRE Corporation. The CybOX XML Schema implementation is maintained by The MITRE Corporation and developed by the open CybOX Community. For more information, including how to get involved in the effort and how to submit change requests, please visit the CybOX website at http://cybox.mitre.org. </xs:documentation>
+		<xs:appinfo>
+			<schema>Network_Connection_Object</schema>
+			<version>2.0</version>
+			<date>02/11/2013 9:00:00 AM</date>
+			<short_description>The following specifies the fields and types that compose this defined CybOX Object type. Each defined object is an extension of the abstract ObjectPropertiesType, defined in CybOX Common. For more information on this extension mechanism, please see the CybOX Specification. This document is intended for developers and assumes some familiarity with XML. </short_description>
+			<terms_of_use>Copyright (c) 2012-2013, The MITRE Corporation. All rights reserved. The contents of this file are subject to the terms of the CybOX License located at http://cybox.mitre.org/about/termsofuse.html. See the CybOX License for the specific language governing permissions and limitations for use of this schema. When distributing copies of the CybOX Schema, this license header must be included. </terms_of_use>
+		</xs:appinfo>
+	</xs:annotation>
+	<xs:import namespace="http://cybox.mitre.org/common-2" schemaLocation="../cybox_common.xsd"/>
+	<xs:import namespace="http://cybox.mitre.org/objects#HTTPSessionObject-2" schemaLocation="HTTP_Session_Object.xsd"/>
+	<xs:import namespace="http://cybox.mitre.org/objects#DNSQueryObject-2" schemaLocation="DNS_Query_Object.xsd"/>
+	<xs:import namespace="http://cybox.mitre.org/objects#SocketAddressObject-1" schemaLocation="Socket_Address_Object.xsd"/>
+	<xs:element name="Network_Connection" type="NetworkConnectionObj:NetworkConnectionObjectType">
+		<xs:annotation>
+			<xs:documentation>The Network_Connection object is intended to represent a single network connection.</xs:documentation>
+		</xs:annotation>
+	</xs:element>
+	<xs:complexType name="NetworkConnectionObjectType" mixed="false">
+		<xs:annotation>
+			<xs:documentation>The NetworkConnectionObjectType is intended as a way of characterizing local or remote (i.e. Internet) network connections.</xs:documentation>
+		</xs:annotation>
+		<xs:complexContent mixed="false">
+			<xs:extension base="cyboxCommon:ObjectPropertiesType">
+				<xs:sequence>
+					<xs:element minOccurs="0" name="Creation_Time" type="cyboxCommon:DateTimeObjectPropertyType">
+						<xs:annotation>
+							<xs:documentation>The Creation_Time field specifies the date/time the network connection was created.</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+					<xs:element minOccurs="0" name="Layer3_Protocol" type="NetworkConnectionObj:Layer3ProtocolType">
+						<xs:annotation>
+							<xs:documentation>The Layer3_Protocol field specifies the particular network (layer 3 in the OSI model) layer protocol used in the connection.</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+					<xs:element minOccurs="0" name="Layer4_Protocol" type="NetworkConnectionObj:Layer4ProtocolType">
+						<xs:annotation>
+							<xs:documentation>The Layer4_Protocol field specifies the particular transport (layer 4 in the OSI model) layer protocol used in the connection.</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+					<xs:element minOccurs="0" name="Layer7_Protocol" type="NetworkConnectionObj:Layer7ProtocolType">
+						<xs:annotation>
+							<xs:documentation>The Layer7_Protocol field specifies the particular application (layer 7 in the OSI model) layer protocol used in the connection.</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+					<xs:element minOccurs="0" name="Source_Socket_Address" type="SocketAddressObj:SocketAddressObjectType">
+						<xs:annotation>
+							<xs:documentation>The Source_Socket_Address field specifies the source socket address, consisting of an IP Address and port number, used in the connection.</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+					<xs:element maxOccurs="1" minOccurs="0" name="Source_TCP_State" type="NetworkConnectionObj:TCPStateEnum">
+						<xs:annotation>
+							<xs:documentation>The Source_TCP_State field specifies the current state of the TCP network connection at the source, if applicable.</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+					<xs:element minOccurs="0" name="Destination_Socket_Address" type="SocketAddressObj:SocketAddressObjectType">
+						<xs:annotation>
+							<xs:documentation>The Destination_Socket_Address field specifies the destination socket address, consisting of an IP Address and port number, used in the connection.</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+					<xs:element maxOccurs="1" minOccurs="0" name="Destination_TCP_State" type="NetworkConnectionObj:TCPStateEnum">
+						<xs:annotation>
+							<xs:documentation>The Destination_TCP_State field specifies the current state of the TCP network connection at the destination, if applicable.</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+					<xs:element name="Layer7_Connections" minOccurs="0" type="NetworkConnectionObj:Layer7ConnectionsType">
+						<xs:annotation>
+							<xs:documentation>The Layer7_Connections field allows for the characterization of any application (layer 7 in the OSI model) layer connections observed as part of the network connection.</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+				</xs:sequence>
+				<xs:attribute name="tls_used" type="xs:boolean">
+					<xs:annotation>
+						<xs:documentation>The tls_used field specifies whether or not Transport Layer Security (TLS) is used in the network connection.</xs:documentation>
+					</xs:annotation>
+				</xs:attribute>
+			</xs:extension>
+		</xs:complexContent>
+	</xs:complexType>
+	<xs:complexType name="Layer7ConnectionsType">
+		<xs:annotation>
+			<xs:documentation>The Layer7ConnectionsType specifies the different types of application (layer 7 in the OSI model) connections that may be initiated as part of the network connection.</xs:documentation>
+		</xs:annotation>
+		<xs:sequence>
+			<xs:element name="HTTP_Session" type="HTTPSessionObj:HTTPSessionObjectType" minOccurs="0" maxOccurs="1">
+				<xs:annotation>
+					<xs:documentation>The HTTP Session field specifies a single HTTP session initiated between source and destination IP addresses/ports, and includes 1-n HTTP Request/Response pairs.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="DNS_Query" type="DNSQueryObj:DNSQueryObjectType" minOccurs="0" maxOccurs="unbounded">
+				<xs:annotation>
+					<xs:documentation>The DNS_Query field specifies a single DNS query/answer pair initiated between source and destination IP addresses/ports.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+		</xs:sequence>
+	</xs:complexType>
+	<xs:complexType name="Layer3ProtocolType">
+		<xs:annotation>
+			<xs:documentation>Layer3ProtocolType specifies Layer 3 protocol types, via a union of the Layer3ProtocolEnum type and the atomic xs:string type. Its base type is the CybOX Core BaseObjectPropertyType, for permitting complex (i.e. regular-expression based) specifications.</xs:documentation>
+		</xs:annotation>
+		<xs:simpleContent>
+			<xs:restriction base="cyboxCommon:BaseObjectPropertyType">
+				<xs:simpleType>
+					<xs:union memberTypes="NetworkConnectionObj:Layer3ProtocolEnum xs:string"/>
+				</xs:simpleType>
+				<xs:attribute fixed="string" name="datatype" type="cyboxCommon:DatatypeEnum" use="required">
+					<xs:annotation>
+						<xs:documentation>This attribute is optional and specifies the expected type for the value of the specified property.</xs:documentation>
+					</xs:annotation>
+				</xs:attribute>
+			</xs:restriction>
+		</xs:simpleContent>
+	</xs:complexType>
+	<xs:complexType name="Layer4ProtocolType">
+		<xs:annotation>
+			<xs:documentation>Layer4ProtocolType specifies Layer 4 protocol types, via a union of the Layer4ProtocolEnum type and the atomic xs:string type. Its base type is the CybOX Core BaseObjectPropertyType, for permitting complex (i.e. regular-expression based) specifications.</xs:documentation>
+		</xs:annotation>
+		<xs:simpleContent>
+			<xs:restriction base="cyboxCommon:BaseObjectPropertyType">
+				<xs:simpleType>
+					<xs:union memberTypes="NetworkConnectionObj:Layer4ProtocolEnum xs:string"/>
+				</xs:simpleType>
+				<xs:attribute fixed="string" name="datatype" type="cyboxCommon:DatatypeEnum" use="required">
+					<xs:annotation>
+						<xs:documentation>This attribute is optional and specifies the expected type for the value of the specified property.</xs:documentation>
+					</xs:annotation>
+				</xs:attribute>
+			</xs:restriction>
+		</xs:simpleContent>
+	</xs:complexType>
+	<xs:complexType name="Layer7ProtocolType">
+		<xs:annotation>
+			<xs:documentation>Layer7ProtocolType specifies Layer 7 protocol types, via a union of the Layer7ProtocolEnum type and the atomic xs:string type. Its base type is the CybOX Core BaseObjectPropertyType, for permitting complex (i.e. regular-expression based) specifications.</xs:documentation>
+		</xs:annotation>
+		<xs:simpleContent>
+			<xs:restriction base="cyboxCommon:BaseObjectPropertyType">
+				<xs:simpleType>
+					<xs:union memberTypes="NetworkConnectionObj:Layer7ProtocolEnum xs:string"/>
+				</xs:simpleType>
+				<xs:attribute fixed="string" name="datatype" type="cyboxCommon:DatatypeEnum" use="required">
+					<xs:annotation>
+						<xs:documentation>This attribute is optional and specifies the expected type for the value of the specified property.</xs:documentation>
+					</xs:annotation>
+				</xs:attribute>
+			</xs:restriction>
+		</xs:simpleContent>
+	</xs:complexType>
+	<xs:simpleType name="TCPStateEnum">
+		<xs:annotation>
+			<xs:documentation>The ConnectionStateEnum type is an enumeration of TCP connection states.</xs:documentation>
+		</xs:annotation>
+		<xs:restriction base="xs:string">
+			<xs:enumeration value="UNKNOWN">
+				<xs:annotation>
+					<xs:documentation>Indicates an unknown TCP connection state.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="CLOSED">
+				<xs:annotation>
+					<xs:documentation>Indicates the closed TCP connection state--i.e. no connection state at all.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="LISTENING">
+				<xs:annotation>
+					<xs:documentation>Indicates the listening TCP connection state.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="SYN_SENT">
+				<xs:annotation>
+					<xs:documentation>Indicates the SYN sent TCP connection state--i.e. wait for a matching connection request after having sent a connection request.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="SYN_RECEIVED">
+				<xs:annotation>
+					<xs:documentation>Indicates the SYN received TCP connection state--i.e. waiting for a confirming connection request acknowledgment after having both received and sent a connection request.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="ESTABLISHED">
+				<xs:annotation>
+					<xs:documentation>Indicates the established TCP connection state--i.e. an open connection in which data received can be delivered to the user.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="FIN_WAIT_1">
+				<xs:annotation>
+					<xs:documentation>Indicates the FIN-WAIT-1 TCP connection state--i.e. waiting for a connection termination request from the remote TCP, or an acknowledgment of the connection termination request previously sent.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="FIN_WAIT_2">
+				<xs:annotation>
+					<xs:documentation>Indicates the FIN-WAIT-2 TCP connection state--i.e. waiting for a connection termination request from the remote TCP.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="CLOSE_WAIT">
+				<xs:annotation>
+					<xs:documentation>Indicates the CLOSE-WAIT TCP connection state--i.e. waiting for a connection termination request from the local user.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="CLOSING">
+				<xs:annotation>
+					<xs:documentation>Indicates the CLOSING TCP connection state--i.e. waiting for a connection termination request acknowledgment from the remote TCP.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="LAST_ACK">
+				<xs:annotation>
+					<xs:documentation>Indicates the LAST-ACK connection state--i.e. waiting for an acknowledgment of the connection termination request previously sent to the remote TCP (which includes an acknowledgment of its connection termination request).</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="TIME_WAIT">
+				<xs:annotation>
+					<xs:documentation>Indicates the TIME-WAIT connection state--i.e. waiting for for enough time to pass to be sure the remote TCP received the acknowledgment of its connection termination request.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="DELETING_TCB">
+				<xs:annotation>
+					<xs:documentation>Indicates the DELETE-TCB connection state--i.e. the Transmission Control Block (TCB) is being deleted.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+		</xs:restriction>
+	</xs:simpleType>
+	<xs:simpleType name="Layer3ProtocolEnum">
+		<xs:annotation>
+			<xs:documentation>Layer3ProtocolEnum is a non-exhaustive enumeration of Layer 3 (network) layer protocols.</xs:documentation>
+		</xs:annotation>
+		<xs:restriction base="xs:string">
+			<xs:enumeration value="IPv4">
+				<xs:annotation>
+					<xs:documentation>Specifies the Internet Protocol, version 4.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="IPv6">
+				<xs:annotation>
+					<xs:documentation>Specifies the Internet Protocol, version 6.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="ICMP">
+				<xs:annotation>
+					<xs:documentation>Specifies the Internet Control Message Protocol.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="IGMP">
+				<xs:annotation>
+					<xs:documentation>Specifies the Internet Group Management Protocol.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="IGRP">
+				<xs:annotation>
+					<xs:documentation>Specifies the Interior Gateway Routing Protocol.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="CLNP">
+				<xs:annotation>
+					<xs:documentation>Specifies the Connectionless Networking Protocol.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="EGP">
+				<xs:annotation>
+					<xs:documentation>Specifies the Exterior Gateway Protocol.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="EIGRP">
+				<xs:annotation>
+					<xs:documentation>Specifies the Enhanced Interior Gateway Routing Protocol.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="IPSec">
+				<xs:annotation>
+					<xs:documentation>Specifies the Internet Protocol Security suite.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="IPX">
+				<xs:annotation>
+					<xs:documentation>Specifies the Internetwork Packet Exchange protocol</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Routed-SMLT">
+				<xs:annotation>
+					<xs:documentation>Specifies the Routed Split Multi-Link Trunking protocol.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="SCCP">
+				<xs:annotation>
+					<xs:documentation>Specifies the Signalling Connection Control Part protocol.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+		</xs:restriction>
+	</xs:simpleType>
+	<xs:simpleType name="Layer4ProtocolEnum">
+		<xs:annotation>
+			<xs:documentation>Layer4ProtocolEnum is a non-exhaustive enumeration of Layer 4 (transport) layer protocols.</xs:documentation>
+		</xs:annotation>
+		<xs:restriction base="xs:string">
+			<xs:enumeration value="TCP">
+				<xs:annotation>
+					<xs:documentation>Specifies the Transmission Control Protocol.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="UDP">
+				<xs:annotation>
+					<xs:documentation>Specifies the User Datagram Protocol.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="AH">
+				<xs:annotation>
+					<xs:documentation>Specifies the Authentication Header protocol.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="ESP">
+				<xs:annotation>
+					<xs:documentation>Specifies the Encapsulating Security Payload protocol.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="GRE">
+				<xs:annotation>
+					<xs:documentation>Specifies the Generic Routing Encapsulation protocol.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="IL">
+				<xs:annotation>
+					<xs:documentation>Specifies the Internet Link protocol.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="SCTP">
+				<xs:annotation>
+					<xs:documentation>Specifies the Stream Control Transmission Protocol.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Sinec H1">
+				<xs:annotation>
+					<xs:documentation>Specifies the Siemens Sinec H1 protocol.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="SPX">
+				<xs:annotation>
+					<xs:documentation>Specifies the Sequenced Packet Exchange protocol.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="DCCP">
+				<xs:annotation>
+					<xs:documentation>Specifies the Datagram Congestion Control Protocol.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+		</xs:restriction>
+	</xs:simpleType>
+	<xs:simpleType name="Layer7ProtocolEnum">
+		<xs:annotation>
+			<xs:documentation>Layer7ProtocolEnum is a non-exhaustive enumeration of Layer 7 (application) layer protocols.</xs:documentation>
+		</xs:annotation>
+		<xs:restriction base="xs:string">
+			<xs:enumeration value="HTTP">
+				<xs:annotation>
+					<xs:documentation>Specifies the Hypertext Transfer Protocol.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="HTTPS">
+				<xs:annotation>
+					<xs:documentation>Specifies the Hypertext Transfer Protocol Secure.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="FTP">
+				<xs:annotation>
+					<xs:documentation>Specifies the File Transfer Protocol.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="SMTP">
+				<xs:annotation>
+					<xs:documentation>Specifies the Simple Mail Transfer Protocol.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="IRC">
+				<xs:annotation>
+					<xs:documentation>Specifies the Internet Relay Chat protocol.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="IDENT">
+				<xs:annotation>
+					<xs:documentation>Specifies the Identification Protocol, IDENT.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="DNS">
+				<xs:annotation>
+					<xs:documentation>Specifies the Domain Name System protocol.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="TELNET">
+				<xs:annotation>
+					<xs:documentation>Specifies the Telnet protocol.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="POP3">
+				<xs:annotation>
+					<xs:documentation>Specifies the Post Office Protocol, version 3.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="IMAP">
+				<xs:annotation>
+					<xs:documentation>Specifies the Internet Message Access Protocol.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="SSH">
+				<xs:annotation>
+					<xs:documentation>Specifies the Secure Shell protocol.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="SMB">
+				<xs:annotation>
+					<xs:documentation>Specifies the Microsoft Server Message Block protocol.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="ADC">
+				<xs:annotation>
+					<xs:documentation>Specifies the Advance Direct Connect protocol.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="AFP">
+				<xs:annotation>
+					<xs:documentation>Specifies the Apple Filing Protocol.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="BACNet">
+				<xs:annotation>
+					<xs:documentation>Specifies the Building Automation and Control Network protocol.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="BitTorrent">
+				<xs:annotation>
+					<xs:documentation>Specifies the BitTorrent protocol.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="BOOTP">
+				<xs:annotation>
+					<xs:documentation>Specifies the Bootstrap Protocol.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Diameter">
+				<xs:annotation>
+					<xs:documentation>Specifies the Diameter protocol.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="DICOM">
+				<xs:annotation>
+					<xs:documentation>Specifies the Digital Imaging and Communications in Medicine protocol.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="DICT">
+				<xs:annotation>
+					<xs:documentation>Specifies the Dictionary protocol.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="DSM-CC">
+				<xs:annotation>
+					<xs:documentation>Specifies the Digital Storage Media Command and Control protocol.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="DSNP">
+				<xs:annotation>
+					<xs:documentation>Specifies the Distributed Social Networking Protocol.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="DHCP">
+				<xs:annotation>
+					<xs:documentation>Specifies the Dynamic Host Configuration Protocol.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="ED2K">
+				<xs:annotation>
+					<xs:documentation>Specifies the EDonkey2000 protocol.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Finger">
+				<xs:annotation>
+					<xs:documentation>Specifies the Finger protocol.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Gnutella">
+				<xs:annotation>
+					<xs:documentation>Specifies the Gnutella protocol.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Gopher">
+				<xs:annotation>
+					<xs:documentation>Specifies the Gopher protocol.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="ISUP">
+				<xs:annotation>
+					<xs:documentation>Specifies the ISDN User Part protocol.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="LDAP">
+				<xs:annotation>
+					<xs:documentation>Specifies the Lightweight Directory Access Protocol.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="MIME">
+				<xs:annotation>
+					<xs:documentation>Specifies the Multipurpose Internet Mail Extensions protocol.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="MSNP">
+				<xs:annotation>
+					<xs:documentation>Specifies the Microsoft Notification Protocol.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="MAP">
+				<xs:annotation>
+					<xs:documentation>Specifies the Mobile Application Part protocol.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="NetBIOS">
+				<xs:annotation>
+					<xs:documentation>Specifies the Network Basic Input/Output System protocol.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="NNTP">
+				<xs:annotation>
+					<xs:documentation>Specifies the Network News Transfer Protocol.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="NTP">
+				<xs:annotation>
+					<xs:documentation>Specifies the Network Time Protocol.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="NTCIP">
+				<xs:annotation>
+					<xs:documentation>Specifies the National Transportation Communications for Intelligent Transportation System Protocol.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="RADIUS">
+				<xs:annotation>
+					<xs:documentation>Specifies the Remote Authentication Dial In User Service protocol.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="RDP">
+				<xs:annotation>
+					<xs:documentation>Specifies the Remote Desktop Protocol.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="rlogin">
+				<xs:annotation>
+					<xs:documentation>Specifies the rlogin protocol.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="rsync">
+				<xs:annotation>
+					<xs:documentation>Specifies the rsync otocol.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="RTP">
+				<xs:annotation>
+					<xs:documentation>Specifies the Real-time Transport Protocol.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="RTSP">
+				<xs:annotation>
+					<xs:documentation>Specifies the Real-time Transport Streaming Protocol.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="SISNAPI">
+				<xs:annotation>
+					<xs:documentation>Specifies the Siebel Internet Session Network API protocol.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="SIP">
+				<xs:annotation>
+					<xs:documentation>Specifies the Session Initiation Protocol.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="SNMP">
+				<xs:annotation>
+					<xs:documentation>Specifies the Simple Network Management Protocol.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="STUN">
+				<xs:annotation>
+					<xs:documentation>Specifies the Session Traversal Utilities for NAT protocol.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="TUP">
+				<xs:annotation>
+					<xs:documentation>Specifies the Telephonse User Part protocol.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="TCAP">
+				<xs:annotation>
+					<xs:documentation>Specifies the Transaction Capabilities Application Part protocol.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="TFTP">
+				<xs:annotation>
+					<xs:documentation>Specifies the Trivial File Transfer Protocol.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="WebDAV">
+				<xs:annotation>
+					<xs:documentation>Specifies the Web Distributed Authoring and Versioning protocol.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="XMPP">
+				<xs:annotation>
+					<xs:documentation>Specifies the Extensible Messaging and Presence Protocol.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+		</xs:restriction>
+	</xs:simpleType>
+</xs:schema>
diff --git a/stix_validator/schema/cybox/objects/Network_Flow_Object.xsd b/stix_validator/schema/cybox/objects/Network_Flow_Object.xsd
new file mode 100755
index 0000000..c1b69b5
--- /dev/null
+++ b/stix_validator/schema/cybox/objects/Network_Flow_Object.xsd
@@ -0,0 +1,1559 @@
+<?xml version="1.0" encoding="utf-8"?>
+<xs:schema xmlns:xs="http://www.w3.org/2001/XMLSchema" xmlns:SocketAddressObj="http://cybox.mitre.org/objects#SocketAddressObject-1" xmlns:NetFlowObj="http://cybox.mitre.org/objects#NetworkFlowObject-2" xmlns:PacketObj="http://cybox.mitre.org/objects#PacketObject-2" xmlns:AddressObj="http://cybox.mitre.org/objects#AddressObject-2" xmlns:cyboxCommon="http://cybox.mitre.org/common-2" targetNamespace="http://cybox.mitre.org/objects#NetworkFlowObject-2" elementFormDefault="qualified" version="2.0">
+	<xs:annotation>
+		<xs:documentation>This schema was originally developed by The MITRE Corporation. The CybOX XML Schema implementation is maintained by The MITRE Corporation and developed by the open CybOX Community. For more information, including how to get involved in the effort and how to submit change requests, please visit the CybOX website at http://cybox.mitre.org. </xs:documentation>
+		<xs:appinfo>
+			<schema>Network_Flow_Object</schema>
+			<version>2.0</version>
+			<date>03/27/2013 9:00:00 AM</date>
+			<short_description>The following specifies the fields and types that compose this defined CybOX Object type. Each defined object is an extension of the abstract ObjectPropertiesType, defined in CybOX Common. For more information on this extension mechanism, please see the CybOX Specification. This document is intended for developers and assumes some familiarity with XML. </short_description>
+			<terms_of_use>Copyright (c) 2012-2013, The MITRE Corporation. All rights reserved. The contents of this file are subject to the terms of the CybOX License located at http://cybox.mitre.org/about/termsofuse.html. See the CybOX License for the specific language governing permissions and limitations for use of this schema. When distributing copies of the CybOX Schema, this license header must be included. </terms_of_use>
+		</xs:appinfo>
+	</xs:annotation>
+	<xs:import namespace="http://cybox.mitre.org/objects#PacketObject-2" schemaLocation="Network_Packet_Object.xsd"/>
+	<xs:import namespace="http://cybox.mitre.org/objects#AddressObject-2" schemaLocation="Address_Object.xsd"/>
+	<xs:import namespace="http://cybox.mitre.org/common-2" schemaLocation="../cybox_common.xsd"/>
+	<xs:import namespace="http://cybox.mitre.org/objects#SocketAddressObject-1" schemaLocation="Socket_Address_Object.xsd"/>
+	<xs:element name="Network_Flow_Object" type="NetFlowObj:NetworkFlowObjectType">
+		<xs:annotation>
+			<xs:documentation>The Network_Flow_Object object provides a summary of network traffic, expressed as flows of multiple packets instead of individual packets, without the packet payload data (i.e. the actual data that was uploaded/downloaded to and from the Dest IP to Source IP as included in ppaacket monitoring tools, such as Wireshark).</xs:documentation>
+		</xs:annotation>
+	</xs:element>
+	<xs:complexType name="NetworkFlowObjectType">
+		<xs:annotation>
+			<xs:documentation>Defines the fields necessary to summarize network traffic, expressed as flows of multiple packets. Does not include the packet payload data (i.e. the actual data that was uploaded/downloaded to and from the Dest IP to Source IP as included in packet monitoring tools, such as Wireshark).</xs:documentation>
+		</xs:annotation>
+		<xs:complexContent>
+			<xs:extension base="cyboxCommon:ObjectPropertiesType">
+				<xs:sequence>
+					<xs:element name="Network_Flow_Label" type="NetFlowObj:NetworkFlowLabelType" minOccurs="0" maxOccurs="1">
+						<xs:annotation>
+							<xs:documentation>Represents elements common to all flow records formats - either expressed as a 5-tuple or an extended 7-tuple (actually an 8-tuple because for organizational reasons, we include the egress interface index). Because these fields are defined here, they are excluded from the fields associated directly with each different flow record format type.</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+					<xs:choice minOccurs="0" maxOccurs="1">
+						<xs:element name="Unidirectional_Flow_Record" type="NetFlowObj:UnidirectionalRecordType" minOccurs="0" maxOccurs="1">
+							<xs:annotation>
+								<xs:documentation>Represents flow-record formats that capture data in one direction only (e.g., Netflow v9).</xs:documentation>
+							</xs:annotation>
+						</xs:element>
+						<xs:element name="Bidirectional_Flow_Record" type="NetFlowObj:BidirectionalRecordType" minOccurs="0" maxOccurs="1">
+							<xs:annotation>
+								<xs:documentation>Represents flow-record formats that capture data in both directions (e.g., YAF).</xs:documentation>
+							</xs:annotation>
+						</xs:element>
+					</xs:choice>
+				</xs:sequence>
+			</xs:extension>
+		</xs:complexContent>
+	</xs:complexType>
+	<xs:complexType name="NetworkLayerInfoType">
+		<xs:annotation>
+			<xs:documentation>Network layer information (relative to the OSI network model) which is typically captured in all types of network flow records.</xs:documentation>
+		</xs:annotation>
+		<xs:sequence>
+			<xs:element name="Src_Socket_Address" type="SocketAddressObj:SocketAddressObjectType" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>Represents the source IP socket addres, consisting of an IP address and port number, for the network flow expressed. Note that not all flow protocols support IPv6 addresses.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="Dest_Socket_Address" type="SocketAddressObj:SocketAddressObjectType" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>Represents the destination IP socket addres, consisting of an IP address and port number, for the network flow expressed. Note that not all flow protocols support IPv6 addresses.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="IP_Protocol" type="PacketObj:IANAAssignedIPNumbersType" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>The IP Protocol of the network flow. This is usually TCP, UDP, or SCTP, but can include others as represented in NetFlow as an integer from 0 to 255. Please refer to http://www.iana.org/assignments/protocol-numbers/protocol-numbers.xml for reference.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+		</xs:sequence>
+	</xs:complexType>
+	<xs:complexType name="NetworkFlowLabelType">
+		<xs:annotation>
+			<xs:documentation>The NetworkFlowLabelType contains elements that are common to all flow record formats. It builds off of network layer information (a 5-tuple that commonly defines a flow) and includes ingress and egress interface indexes and IP protocol information (not present if all flow record formats). Egress information is usually not thought of as part of the extended 7-tuple, but we include it for organizational purposes. Because these fields are defined here, they are excluded from the fields associated directly with each different flow record format type.</xs:documentation>
+		</xs:annotation>
+		<xs:complexContent>
+			<xs:extension base="NetFlowObj:NetworkLayerInfoType">
+				<xs:sequence minOccurs="0" maxOccurs="1">
+					<xs:element name="Ingress_Interface_Index" type="cyboxCommon:IntegerObjectPropertyType" minOccurs="0" maxOccurs="1">
+						<xs:annotation>
+							<xs:documentation>Represents the index (in SNMP, by default) of the network interface card where the flows entered the router.</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+					<xs:element name="Egress_Interface_Index" type="cyboxCommon:IntegerObjectPropertyType" minOccurs="0" maxOccurs="1">
+						<xs:annotation>
+							<xs:documentation>Represents the index (in SNMP, by default) of the network interface card where the flows leave the router.</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+					<xs:element name="IP_Type_Of_Service" type="cyboxCommon:HexBinaryObjectPropertyType" minOccurs="0" maxOccurs="1">
+						<xs:annotation>
+							<xs:documentation>Type of service field from the IP header. Specifies the IP Type of Service (ToS). See RFC 1349 for more information.</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+				</xs:sequence>
+			</xs:extension>
+		</xs:complexContent>
+	</xs:complexType>
+	<xs:complexType name="UnidirectionalRecordType">
+		<xs:annotation>
+			<xs:documentation>Netflow record formats that capture traffic in one direction.</xs:documentation>
+		</xs:annotation>
+		<xs:choice minOccurs="0" maxOccurs="1">
+			<xs:element name="IPFIX_Message" type="NetFlowObj:IPFIXMessageType" minOccurs="0" maxOccurs="1">
+				<xs:annotation>
+					<xs:documentation>Represents an Internet Protocol Flow Information eXport (IPFIX) protocol. IPFIX is based on NetFlow v9. Has several extensions such as Enterprise-defined fields types and variable length fields. See RFC 5101 for more information.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="NetflowV9_Export_Packet" type="NetFlowObj:NetflowV9ExportPacketType" minOccurs="0" maxOccurs="1">
+				<xs:annotation>
+					<xs:documentation>Represents the Netflow V9 flow record format. See RFC 3954 (Netflow v9) for more information.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="NetflowV5_Packet" type="NetFlowObj:NetflowV5PacketType" minOccurs="0" maxOccurs="1">
+				<xs:annotation>
+					<xs:documentation>Represents the NetFlow v5 flow record format, which is commonly used to represent network flow data.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="SiLK_Record" type="NetFlowObj:SiLKRecordType" minOccurs="0" maxOccurs="1">
+				<xs:annotation>
+					<xs:documentation>Represents a network flow record in the System for Internet-Level Knowledge (SiLK) format, developed by CERT at Carnegie Mellon University (CMU)'s Software Engineering Institute (SEI) as part of the NetSA security suite. See http://tools.netsa.cert.org/silk/analysis-handbook.pdf for more information.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+		</xs:choice>
+	</xs:complexType>
+	<xs:complexType name="BidirectionalRecordType">
+		<xs:annotation>
+			<xs:documentation>Network record formats that capture traffic in both directions. Later, we plan to add Argus as a network flow format type. Argus supports bidirectional flows, and as such, is usually used as an alternative to NetFlow v5 analysis via SiLK (http://www.qosient.com/argus/).</xs:documentation>
+		</xs:annotation>
+		<xs:choice minOccurs="0" maxOccurs="1">
+			<xs:element name="YAF_Record" type="NetFlowObj:YAFRecordType" minOccurs="0" maxOccurs="1">
+				<xs:annotation>
+					<xs:documentation>Represents flow records generated via YAF (Yet Another Flowmeter), a bidirectional network flow meter. See http://www.usenix.org/event/lisa10/tech/full_papers/Inacio.pdf or http://tools.netsa.cert.org/yaf/index.html for more information.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+		</xs:choice>
+	</xs:complexType>
+	<xs:complexType name="IPFIXMessageType">
+		<xs:annotation>
+			<xs:documentation>The IPFIX protocol provides IP flow information. http://tools.ietf.org/html/rfc5101</xs:documentation>
+		</xs:annotation>
+		<xs:sequence>
+			<xs:element name="Message_Header" type="NetFlowObj:IPFIXMessageHeaderType" minOccurs="0" maxOccurs="1">
+				<xs:annotation>
+					<xs:documentation>The Message Header is the first part of an IPFIX Message, which provides basic information about the message, such as the IPFIX version, length of the message, message sequence number, etc. http://tools.ietf.org/html/rfc5101</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:sequence minOccurs="0" maxOccurs="1">
+				<xs:element name="Set" type="NetFlowObj:IPFIXSetType" minOccurs="0" maxOccurs="unbounded">
+					<xs:annotation>
+						<xs:documentation>Set is a generic term for a collection of records that have a similar structure. In an IPFIX Message, one or more Sets follow the Message Header. http://tools.ietf.org/html/rfc5101 </xs:documentation>
+					</xs:annotation>
+				</xs:element>
+			</xs:sequence>
+		</xs:sequence>
+	</xs:complexType>
+	<xs:complexType name="IPFIXMessageHeaderType">
+		<xs:annotation>
+			<xs:documentation>This type represents the message header for the IPFIX format. For more information about each of the fields, please refer to RFC 5101 (http://tools.ietf.org/html/rfc5101) under the heading, "Message Header Field Descriptions." Note that common elements are included in the Network_Flow_Label.</xs:documentation>
+		</xs:annotation>
+		<xs:sequence minOccurs="0">
+			<xs:element name="Version" type="cyboxCommon:HexBinaryObjectPropertyType" fixed="0a" minOccurs="0" maxOccurs="1">
+				<xs:annotation>
+					<xs:documentation>Indicates the version number of Flow Record format exported in this message. The value of this field is 0x000a for the current version, incrementing by one the version used in the NetFlow services export version 9 [see RFC3954].</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="Byte_Length" type="cyboxCommon:HexBinaryObjectPropertyType" minOccurs="0" maxOccurs="1">
+				<xs:annotation>
+					<xs:documentation>Indicates the total byte length of the IPFIX Message, measured in octets, including Message Header and Set(s).</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="Export_Timestamp" type="cyboxCommon:IntegerObjectPropertyType" minOccurs="0" maxOccurs="1">
+				<xs:annotation>
+					<xs:documentation>Indicates the time, in seconds, since 0000 UTC Jan 1, 1970, at which the IPFIX message header leaves the Exporter.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="Sequence_Number" type="cyboxCommon:IntegerObjectPropertyType" minOccurs="0" maxOccurs="1">
+				<xs:annotation>
+					<xs:documentation>Indicates the incremental sequence counter modulo 2^32 of all IPFIX Data Records sent on this PR-SCTP stream from the current Observation Domain by the Exporting Process. This value SHOULD be used by the Collecting Process to identify whether any IPFIX Data Records have been missed. Template and Options Template Records do not increase the Sequence Number.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="Observation_Domain_ID" type="cyboxCommon:IntegerObjectPropertyType" minOccurs="0" maxOccurs="1">
+				<xs:annotation>
+					<xs:documentation>Indicates a 32-bit identifier of the Observation Domain that is locally unique to the Exporting Process. See RFC 5101 under Observation Domain ID for more information.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+		</xs:sequence>
+	</xs:complexType>
+	<xs:complexType name="IPFIXSetType">
+		<xs:annotation>
+			<xs:documentation>Represents the possible sets of records that can be represented in an IPFIX message. See RFC 5101 and look for the terms "Template Set", "Options Template Set", and "Data Set", for more information.</xs:documentation>
+		</xs:annotation>
+		<xs:choice minOccurs="0" maxOccurs="unbounded">
+			<xs:element name="Template_Set" type="NetFlowObj:IPFIXTemplateSetType" minOccurs="0" maxOccurs="1">
+				<xs:annotation>
+					<xs:documentation>Indicates a collection of one or more Template Records that have been grouped together in an IPFIX message.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="Options_Template_Set" type="NetFlowObj:IPFIXOptionsTemplateSetType" minOccurs="0" maxOccurs="1">
+				<xs:annotation>
+					<xs:documentation>Indicates a collection of one or more Options Template Records that have been grouped together in an IPFIX message.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="Data_Set" type="NetFlowObj:IPFIXDataSetType" minOccurs="0" maxOccurs="1">
+				<xs:annotation>
+					<xs:documentation>Indicates one or more Data Records, of the same type, that have been grouped together in an IPFIX message. Each Data Record is previously defined by a Template Record or an Options Template Record.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+		</xs:choice>
+	</xs:complexType>
+	<xs:complexType name="IPFIXTemplateSetType">
+		<xs:annotation>
+			<xs:documentation>Specifies the regions of a Template Set, of which there are three: the Set Header, the collection of Template Records, and the optional padding at the end of the Template Set. See RFC 5101 under Set Format, which is section 3.3.1, for more information.</xs:documentation>
+		</xs:annotation>
+		<xs:sequence>
+			<xs:element name="Set_Header" type="NetFlowObj:IPFIXSetHeaderType" minOccurs="0" maxOccurs="1">
+				<xs:annotation>
+					<xs:documentation>Indicates the Set Header region, which is 32-bit region containing the 16-bit fields Set ID and Length.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="Template_Record" type="NetFlowObj:IPFIXTemplateRecordType" minOccurs="0" maxOccurs="unbounded">
+				<xs:annotation>
+					<xs:documentation>Indicates the region of Template Records. These are the same fields referenced in the IPFIXTemplateRecordType.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="Padding" type="cyboxCommon:HexBinaryObjectPropertyType" minOccurs="0" maxOccurs="1">
+				<xs:annotation>
+					<xs:documentation>Indicates the optional Padding at the end of a Template Set. As mentioned in RFC 5101, the Exporting Process MAY insert some padding octets, so that the subsequent Set starts at an aligned boundary. For security reasons, the padding octet(s) MUST be composed of zero (0) valued octets, and the padding length MUST be shorter than any allowable record in this Set. For more information see RFC 5101 under Padding.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+		</xs:sequence>
+	</xs:complexType>
+	<xs:complexType name="IPFIXOptionsTemplateSetType">
+		<xs:annotation>
+			<xs:documentation>Specifies the regions of an Options Template Set, of which there are three: the Set Header, the collection of Options Template Records, and the optional padding at the end of the Options Template Set. See RFC 5101 under Set Format, which is section 3.3.1, for more information.</xs:documentation>
+		</xs:annotation>
+		<xs:sequence>
+			<xs:element name="Set_Header" type="NetFlowObj:IPFIXSetHeaderType" minOccurs="0" maxOccurs="1">
+				<xs:annotation>
+					<xs:documentation>Indicates the Set Header region, which is 32-bit region containing the 16-bit fields Set ID and Length, in that order. These are the same fields referenced in the IPFIXSetHeaderType.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="Options_Template_Record" type="NetFlowObj:IPFIXOptionsTemplateRecordType" minOccurs="0" maxOccurs="unbounded">
+				<xs:annotation>
+					<xs:documentation>Indicates the region of Options Template Records. These are the same fields referenced in the IPFIXOptionsTemplateRecordType.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="Padding" type="cyboxCommon:HexBinaryObjectPropertyType" minOccurs="0" maxOccurs="1">
+				<xs:annotation>
+					<xs:documentation>Indicates the optional Padding at the end of an Options Template Set. As mentioned in RFC 5101, the Exporting Process MAY insert some padding octets, so that the subsequent Set starts at an aligned boundary. For security reasons, the padding octet(s) MUST be composed of zero (0) valued octets, and the padding length MUST be shorter than any allowable record in this Set. For more information see RFC 5101 under Padding.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+		</xs:sequence>
+	</xs:complexType>
+	<xs:complexType name="IPFIXDataSetType">
+		<xs:annotation>
+			<xs:documentation>Specifies the regions of a Data Set, of which there are three: the Set Header, the collection of Data Records, and the optional padding at the end of the Data Set. See RFC 5101 under Set Format, which is section 3.3.1, for more information.</xs:documentation>
+		</xs:annotation>
+		<xs:sequence>
+			<xs:element name="Set_Header" type="NetFlowObj:IPFIXSetHeaderType" minOccurs="0" maxOccurs="1">
+				<xs:annotation>
+					<xs:documentation>Indicates the Set Header region, which is 32-bit region containing the 16-bit fields Set ID and Length, appended in that order. These are the same fields referenced in the IPFIXSetHeaderType.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="Data_Record" type="NetFlowObj:IPFIXDataRecordType" minOccurs="0" maxOccurs="unbounded">
+				<xs:annotation>
+					<xs:documentation>Indicates the region of Data Records, which consist of a series of field values without a header, according to RFC 5101, section 3.4.3.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="Padding" type="cyboxCommon:HexBinaryObjectPropertyType" minOccurs="0" maxOccurs="1">
+				<xs:annotation>
+					<xs:documentation>Indicates the optional Padding at the end of a Data Set. As mentioned in RFC 5101, the Exporting Process MAY insert some padding octets, so that the subsequent Set starts at an aligned boundary. For security reasons, the padding octet(s) MUST be composed of zero (0) valued octets, and the padding length MUST be shorter than any allowable record in this Set. For more information see RFC 5101 under Padding.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+		</xs:sequence>
+	</xs:complexType>
+	<xs:complexType name="IPFIXSetHeaderType">
+		<xs:annotation>
+			<xs:documentation>Defines the elements of the IPFIX set header.</xs:documentation>
+		</xs:annotation>
+		<xs:sequence>
+			<xs:element name="Set_ID" type="cyboxCommon:IntegerObjectPropertyType" minOccurs="0" maxOccurs="1">
+				<xs:annotation>
+					<xs:documentation>Indicates a 16-bit value that identifies the set. The values of 0 and 1 are not used for historical reasons according to RFC 3954. Otherwise, a value of 2 is reserved for the Template Set and 3 is reserved for the Option Template Set. All other values from 4 to 255 are reserved for future use.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="Length" type="cyboxCommon:IntegerObjectPropertyType" minOccurs="0" maxOccurs="1">
+				<xs:annotation>
+					<xs:documentation>Total length of the set, in octets, including the set header, all records, and the optional padding. Because an individual Set MAY contain multiple records, the Length value MUST be used to determine the position of the next Set. http://tools.ietf.org/html/rfc5101</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+		</xs:sequence>
+	</xs:complexType>
+	<xs:complexType name="IPFIXTemplateRecordType">
+		<xs:annotation>
+			<xs:documentation>Specifies the regions of a Template Record, of which there are two: the Template Record Header, and the Field Specifiers. See RFC 5101 under Template Record Format, section 3.4.1, for more information.</xs:documentation>
+		</xs:annotation>
+		<xs:sequence>
+			<xs:element name="Template_Record_Header" type="NetFlowObj:IPFIXTemplateRecordHeaderType" minOccurs="0" maxOccurs="1">
+				<xs:annotation>
+					<xs:documentation>Indicates the Template Record Header region, which is a 32-bit region containing the 16-bit fields Template ID (&gt; 255) and Field Count, appended in that order. These are the same fields referenced in the IPFIXTemplateRecordHeaderType.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="Field_Specifier" type="NetFlowObj:IPFIXTemplateRecordFieldSpecifiersType" minOccurs="0" maxOccurs="unbounded">
+				<xs:annotation>
+					<xs:documentation>Indicates the region of Field Specifiers. These are the same fields referenced in the IPFIXTemplateRecordFieldSpecifiersType.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+		</xs:sequence>
+	</xs:complexType>
+	<xs:complexType name="IPFIXTemplateRecordHeaderType">
+		<xs:annotation>
+			<xs:documentation>Specifies the fields in a Template Record Header, Template_ID and Field_Count, as explained in RFC 5101, section 3.4.1.</xs:documentation>
+		</xs:annotation>
+		<xs:sequence>
+			<xs:element name="Template_ID" type="cyboxCommon:IntegerObjectPropertyType" minOccurs="0" maxOccurs="1">
+				<xs:annotation>
+					<xs:documentation>Specifies a unique Template ID which is numbered 256-65535 since IDs 0-255 are reserved for Template Sets, Options Template Sets, and other reserved Sets yet to be created.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="Field_Count" type="cyboxCommon:HexBinaryObjectPropertyType" minOccurs="0" maxOccurs="1">
+				<xs:annotation>
+					<xs:documentation>Specifies the number of fields in this Template Record.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+		</xs:sequence>
+	</xs:complexType>
+	<xs:complexType name="IPFIXTemplateRecordFieldSpecifiersType">
+		<xs:annotation>
+			<xs:documentation>Specifies the fields in a Template Record Field Specifier, as explained in RFC 5101, section 3.2.</xs:documentation>
+		</xs:annotation>
+		<xs:sequence>
+			<xs:element name="Enterprise_Bit" type="xs:boolean" minOccurs="0" maxOccurs="1">
+				<xs:annotation>
+					<xs:documentation>Specifies the Enterprise bit, either 0 or 1. If this bit is zero, the Information Element Identifier identifies an IETF-specified Information Element, and the four-octet Enterprise Number field SHOULD NOT be present. If this bit is one, the Information Element identifier identifies an enterprise-specific Information Element, and the Enterprise Number filed SHOULD be present. NOTE: While it is legal to use "true" and "false" here, this value SHOULD be set to 0 or 1 for consistency with RFC 5101.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="Information_Element_ID" type="cyboxCommon:StringObjectPropertyType" minOccurs="0" maxOccurs="1">
+				<xs:annotation>
+					<xs:documentation>Specifies the 15-bit (NOT 16-bit) Information Element ID referring to the type of Information Element, as shown in RFC 5102.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="Field_Length" type="cyboxCommon:StringObjectPropertyType" minOccurs="0" maxOccurs="1">
+				<xs:annotation>
+					<xs:documentation>Specifies the 16-bit Field Length, in octets, of the corresponding encoded Information Element as defined in RFC 5102. The field length may be smaller than the definition in RFC 5102 if the reduced size encoding is used (see Section 6.2 of RFC 5101). The value 65535 is reserved for variable length Information Elements.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="Enterprise_Number" type="cyboxCommon:StringObjectPropertyType" minOccurs="0" maxOccurs="1">
+				<xs:annotation>
+					<xs:documentation>Specifies the 32-bit IANA Enterprise Number of the authority defining the Information Element identifier in this Template Record. Information Element Identifiers 1.2 and 2.1 are defined by the IETF (Enterprise bit = 0) and, therefore, do not need an Enterprise Number to identify them.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+		</xs:sequence>
+	</xs:complexType>
+	<xs:complexType name="IPFIXOptionsTemplateRecordType">
+		<xs:annotation>
+			<xs:documentation>Specifies the regions of an Options Template Record, of which there are two: the Options Template Record Header, and the Field Specifiers. See RFC 5101 under Options Template Record Format, section 3.4.2.2, for more information.</xs:documentation>
+		</xs:annotation>
+		<xs:sequence>
+			<xs:element name="Options_Template_Record_Header" type="NetFlowObj:IPFIXOptionsTemplateRecordHeaderType" minOccurs="0" maxOccurs="1">
+				<xs:annotation>
+					<xs:documentation>Indicates the Options Template Record Header region, which is a 48-bit region containing the 16-bit fields Template ID, Field Count, and Scope Field Count, appended in that order. </xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="Field_Specifier" type="NetFlowObj:IPFIXOptionsTemplateRecordFieldSpecifiersType" minOccurs="0" maxOccurs="unbounded">
+				<xs:annotation>
+					<xs:documentation>Indicates the region of Field Specifiers. These are the same fields referenced in the IPFIXOptionsTemplateRecordFieldSpecifiersType.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+		</xs:sequence>
+	</xs:complexType>
+	<xs:complexType name="IPFIXOptionsTemplateRecordHeaderType">
+		<xs:annotation>
+			<xs:documentation>Defines the ehader of an options template record.</xs:documentation>
+		</xs:annotation>
+		<xs:sequence>
+			<xs:element name="Template_ID" type="cyboxCommon:IntegerObjectPropertyType" minOccurs="0" maxOccurs="1">
+				<xs:annotation>
+					<xs:documentation>Specifies a unique Template ID which is numbered 256-65535 since IDs 0-255 are reserved for Template Sets, Options Template Sets, and other reserved Sets yet to be created.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="Field_Count" type="cyboxCommon:HexBinaryObjectPropertyType" minOccurs="0" maxOccurs="1">
+				<xs:annotation>
+					<xs:documentation>Specifies the number of fields in this Options Template Record, INCLUDING the Scope Fields.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="Scope_Field_Count" type="cyboxCommon:PositiveIntegerObjectPropertyType" minOccurs="0" maxOccurs="1">
+				<xs:annotation>
+					<xs:documentation>Specifies the number of scope fields in this Options Template Record, which is NONZERO. The Scope Fields are normal Fields except that they are interpreted as scope at the Collector.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+		</xs:sequence>
+	</xs:complexType>
+	<xs:complexType name="IPFIXOptionsTemplateRecordFieldSpecifiersType">
+		<xs:annotation>
+			<xs:documentation>Specifies the fields in an Options Template Record Field Specifier, as explained in RFC 5101, sections 3.2 and 3.4.2.2. It consists of two sequences: Scope Fields and Option Fields, appended together.</xs:documentation>
+		</xs:annotation>
+		<xs:sequence>
+			<xs:sequence minOccurs="0" maxOccurs="unbounded">
+				<xs:element name="Scope_Enterprise_Bit" type="xs:boolean" minOccurs="0" maxOccurs="1">
+					<xs:annotation>
+						<xs:documentation>Specifies the Scope Enterprise bit, either 0 or 1. If this bit is zero, the Information Element Identifier identifies an IETF-specified Information Element, and the four-octet Enterprise Number field SHOULD NOT be present. If this bit is one, the Information Element identifier identifies an enterprise-specific Information Element, and the Enterprise Number filed SHOULD be present. NOTE: While it is legal to use "true" and "false" here, this value SHOULD be set to 0 or 1 for consistency with RFC 5101.</xs:documentation>
+					</xs:annotation>
+				</xs:element>
+				<xs:element name="Scope_Information_Element_ID" type="cyboxCommon:StringObjectPropertyType" minOccurs="0" maxOccurs="1">
+					<xs:annotation>
+						<xs:documentation>Specifies the 15-bit (NOT 16-bit) Scope Information Element ID referring to the type of Information Element, as shown in RFC 5102.</xs:documentation>
+					</xs:annotation>
+				</xs:element>
+				<xs:element name="Scope_Field_Length" type="cyboxCommon:IntegerObjectPropertyType" minOccurs="0" maxOccurs="1">
+					<xs:annotation>
+						<xs:documentation>Specifies the 16-bit Scope Field Length, in octets, of the corresponding encoded Information Element as defined in RFC 5102. The field length may be smaller than the definition in RFC 5102 if the reduced size encoding is used (see Section 6.2 of RFC 5101). The value 65535 is reserved for variable length Information Elements.</xs:documentation>
+					</xs:annotation>
+				</xs:element>
+				<xs:element name="Scope_Enterprise_Number" type="cyboxCommon:StringObjectPropertyType" minOccurs="0" maxOccurs="1">
+					<xs:annotation>
+						<xs:documentation>Specifies the 32-bit IANA Scope Enterprise Number of the authority defining the Information Element identifier in this Template Record. Information Element Identifiers 1.2 and 2.1 are defined by the IETF (Enterprise bit = 0) and, therefore, do not need an Enterprise Number to identify them.</xs:documentation>
+					</xs:annotation>
+				</xs:element>
+			</xs:sequence>
+			<xs:sequence minOccurs="0" maxOccurs="unbounded">
+				<xs:element name="Option_Enterprise_Bit" type="xs:boolean" minOccurs="0" maxOccurs="1">
+					<xs:annotation>
+						<xs:documentation>Specifies the Option Enterprise bit, either 0 or 1. If this bit is zero, the Information Element Identifier identifies an IETF-specified Information Element, and the four-octet Enterprise Number field SHOULD NOT be present. If this bit is one, the Information Element identifier identifies an enterprise-specific Information Element, and the Enterprise Number filed SHOULD be present. NOTE: While it is legal to use "true" and "false" here, this value SHOULD be set to 0 or 1 for consistency with RFC 5101.</xs:documentation>
+					</xs:annotation>
+				</xs:element>
+				<xs:element name="Option_Information_Element_ID" type="cyboxCommon:StringObjectPropertyType" minOccurs="0" maxOccurs="1">
+					<xs:annotation>
+						<xs:documentation>Specifies the 15-bit (NOT 16-bit) Option Information Element ID referring to the type of Information Element, as shown in RFC 5102.</xs:documentation>
+					</xs:annotation>
+				</xs:element>
+				<xs:element name="Option_Field_Length" type="cyboxCommon:IntegerObjectPropertyType" minOccurs="0" maxOccurs="1">
+					<xs:annotation>
+						<xs:documentation>Specifies the 16-bit Option Field Length, in octets, of the corresponding encoded Information Element as defined in RFC 5102. The field length may be smaller than the definition in RFC 5102 if the reduced size encoding is used (see Section 6.2 of RFC 5101). The value 65535 is reserved for variable length Information Elements.</xs:documentation>
+					</xs:annotation>
+				</xs:element>
+				<xs:element name="Option_Enterprise_Number" type="cyboxCommon:StringObjectPropertyType" minOccurs="0" maxOccurs="1">
+					<xs:annotation>
+						<xs:documentation>Specifies the 32-bit IANA Option Enterprise Number of the authority defining the Information Element identifier in this Template Record. Information Element Identifiers 1.2 and 2.1 are defined by the IETF (Enterprise bit = 0) and, therefore, do not need an Enterprise Number to identify them.</xs:documentation>
+					</xs:annotation>
+				</xs:element>
+			</xs:sequence>
+		</xs:sequence>
+	</xs:complexType>
+	<xs:complexType name="IPFIXDataRecordType">
+		<xs:annotation>
+			<xs:documentation>Data records are sent in data sets. A data record consists of only one more more Field values.</xs:documentation>
+		</xs:annotation>
+		<xs:sequence>
+			<xs:element name="Field_Value" type="cyboxCommon:StringObjectPropertyType" minOccurs="0" maxOccurs="unbounded">
+				<xs:annotation>
+					<xs:documentation>Indicates the individual Field Value, which need not be 16-bit. The Template ID to which the Field Values belong to is encoded in the Data Set Header field "Set ID", i.e. "Set ID" = "Template ID".</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+		</xs:sequence>
+	</xs:complexType>
+	<xs:complexType name="NetflowV9ExportPacketType">
+		<xs:annotation>
+			<xs:documentation>Netflow v9 was developed by Cisco and provides acess to IP flow information. http://www.ietf.org/rfc/rfc3954.txt</xs:documentation>
+		</xs:annotation>
+		<xs:sequence>
+			<xs:element name="Packet_Header" type="NetFlowObj:NetflowV9PacketHeaderType" minOccurs="0" maxOccurs="1">
+				<xs:annotation>
+					<xs:documentation>Specifies the Packet Header, which is the first part of an Export Packet. The Packet Header provides basic information about the packet such as the NetFlow version, number of records contained within the packet, and sequence numbering. See RFC 3954 for more information.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:sequence>
+				<xs:element name="Flow_Set" type="NetFlowObj:NetflowV9FlowSetType" minOccurs="0" maxOccurs="unbounded">
+					<xs:annotation>
+						<xs:documentation>Specifies a FlowSet, which is a collection of Flow Records that have similar structure. In an Export Packet, one or more FlowSets follow the Packet Header. There are three differnet types of FlowSets, as defined in RFC 3954: a Template FlowSet, Options Template FlowSet and Data FlowSet.</xs:documentation>
+					</xs:annotation>
+				</xs:element>
+			</xs:sequence>
+		</xs:sequence>
+	</xs:complexType>
+	<xs:complexType name="NetflowV9PacketHeaderType">
+		<xs:annotation>
+			<xs:documentation>Header fields defined for Netflow v9. Note that common elements are included in the Network_Flow_Label. http://www.ietf.org/rfc/rfc3954.txt</xs:documentation>
+		</xs:annotation>
+		<xs:sequence>
+			<xs:element name="Version" type="cyboxCommon:HexBinaryObjectPropertyType" fixed="09" minOccurs="0" maxOccurs="1">
+				<xs:annotation>
+					<xs:documentation>Specifies the version of flow record format exported in this packet. The value of this field is 9 for the Netflow v9.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="Record_Count" type="cyboxCommon:IntegerObjectPropertyType" minOccurs="0" maxOccurs="1">
+				<xs:annotation>
+					<xs:documentation>Specifies the total number of records in the Export Packet, which is the sum of Options FlowSet records, Template FlowSet records, and Data FlowSet records. http://www.ietf.org/rfc/rfc3954.txt</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="Sys_Up_Time" type="cyboxCommon:IntegerObjectPropertyType" minOccurs="0" maxOccurs="1">
+				<xs:annotation>
+					<xs:documentation>Specifies the time in milliseconds since this device was first booted.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="Unix_Secs" type="cyboxCommon:IntegerObjectPropertyType" minOccurs="0" maxOccurs="1">
+				<xs:annotation>
+					<xs:documentation>Specifies the time in seconds since 0000 UTC 1970 at which the Export Packet leaves the Exporter.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="Sequence_Number" type="cyboxCommon:IntegerObjectPropertyType" minOccurs="0" maxOccurs="1">
+				<xs:annotation>
+					<xs:documentation>Incremental sequence counter of all Export Packets sent from the current Observation Domain by the Exporter. This value MUST be cumulative, and SHOULD be used by the Collector toidentify whether any Export Packets have been missed. http://www.ietf.org/rfc/rfc3954.txt</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="Source_ID" type="cyboxCommon:HexBinaryObjectPropertyType" minOccurs="0" maxOccurs="1">
+				<xs:annotation>
+					<xs:documentation>Specifies a 32-bit value that identifies the Exporter Observation Domain. NetFlow Collectors SHOULD use the combination of the source IP address and the Source ID field to separate different export streams originating from the same Exporter.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+		</xs:sequence>
+	</xs:complexType>
+	<xs:complexType name="NetflowV9FlowSetType">
+		<xs:annotation>
+			<xs:documentation>In an Export Packet, one or more FlowSets follow the Packet Header. There are three differnet types of FlowSets, as defined in RFC 3954: a Template FlowSet, Options Template FlowSet and Data FlowSet.</xs:documentation>
+		</xs:annotation>
+		<xs:choice minOccurs="0" maxOccurs="unbounded">
+			<xs:element name="Template_Flow_Set" type="NetFlowObj:NetflowV9TemplateFlowSetType" minOccurs="0" maxOccurs="1">
+				<xs:annotation>
+					<xs:documentation>One of the essential elements in the NetFlow format is the Template FlowSet. Templates greatly enhance the flexibility of the Flow Record format because they allow the NetFlow Collector to process Flow Records without necessarily knowing the interpretation of all the data in the Flow Record. http://www.ietf.org/rfc/rfc3954.txt</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="Options_Template_Flow_Set" type="NetFlowObj:NetflowV9OptionsTemplateFlowSetType" minOccurs="0" maxOccurs="1">
+				<xs:annotation>
+					<xs:documentation>Specifies an Options Template FlowSet, which is one or more Options Template Records that have been grouped together in an Export Packet.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="Data_Flow_Set" type="NetFlowObj:NetflowV9DataFlowSetType" minOccurs="0" maxOccurs="1">
+				<xs:annotation>
+					<xs:documentation>Specifies a Data FlowSet, which is one or more records, of the same type, that are grouped together in an Export Packet. Each record is either a Flow Data Record or an Options Data Record previously defined by a Template Record or an Options Template Record.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+		</xs:choice>
+	</xs:complexType>
+	<xs:complexType name="NetflowV9TemplateFlowSetType">
+		<xs:annotation>
+			<xs:documentation>Provides the format of the Template FlowSet.</xs:documentation>
+		</xs:annotation>
+		<xs:sequence>
+			<xs:element name="Flow_Set_ID" type="cyboxCommon:HexBinaryObjectPropertyType" fixed="00" minOccurs="0" maxOccurs="1">
+				<xs:annotation>
+					<xs:documentation>Specifies the FlowSet ID, which is fixed to 0 for the Template FlowSet.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="Length" type="cyboxCommon:IntegerObjectPropertyType" minOccurs="0" maxOccurs="1">
+				<xs:annotation>
+					<xs:documentation>Length is the sum of the lengths of the FlowSet ID, the Length itself, and all Template Records within this FlowSet. </xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="Template_Record" type="NetFlowObj:NetflowV9TemplateRecordType" minOccurs="0" maxOccurs="unbounded">
+				<xs:annotation>
+					<xs:documentation>Specifies the Template Record region, which includes the template ID, field count, field type, and field length.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+		</xs:sequence>
+	</xs:complexType>
+	<xs:complexType name="NetflowV9TemplateRecordType">
+		<xs:annotation>
+			<xs:documentation>Specifies the Template Record region, which includes the template ID, field count, field type, and field length.</xs:documentation>
+		</xs:annotation>
+		<xs:sequence>
+			<xs:element name="Template_ID" type="cyboxCommon:IntegerObjectPropertyType" minOccurs="0" maxOccurs="1">
+				<xs:annotation>
+					<xs:documentation>Specifies a unique Template ID for the Template Record. IDs in the range 0-255 are reserved for Template FlowSets, Options FlowSets, and other reserved Sets yet to be created. http://www.ietf.org/rfc/rfc3954.txt</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="Field_Count" type="cyboxCommon:IntegerObjectPropertyType" minOccurs="0" maxOccurs="1">
+				<xs:annotation>
+					<xs:documentation>Specifies the number of fields in this Template Record.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:sequence minOccurs="0" maxOccurs="unbounded">
+				<xs:annotation>
+					<xs:documentation>Number of fields corresponds to Count field.</xs:documentation>
+				</xs:annotation>
+				<xs:element name="Field_Type" type="NetFlowObj:NetflowV9FieldType" minOccurs="0" maxOccurs="1">
+					<xs:annotation>
+						<xs:documentation>Specifies a numeric value that represents the type of the field. Refer to the "Field Type Definitions" section in RFC 3954 for descriptions of these types.</xs:documentation>
+					</xs:annotation>
+				</xs:element>
+				<xs:element name="Field_Length" type="cyboxCommon:HexBinaryObjectPropertyType" minOccurs="0" maxOccurs="1">
+					<xs:annotation>
+						<xs:documentation>Specifies the length of the corresponding field type, in bytes.</xs:documentation>
+					</xs:annotation>
+				</xs:element>
+			</xs:sequence>
+		</xs:sequence>
+	</xs:complexType>
+	<xs:complexType name="NetflowV9FieldType">
+		<xs:annotation>
+			<xs:documentation>NetflowV9FieldType specifies possible fields types for Netflow v9, via a union of the NetflowV9FieldTypeEnum type and the atomic xs:string type. Its base type is the CybOX Core BaseObjectPropertyType, for permitting complex (i.e. regular-expression based) specifications.</xs:documentation>
+		</xs:annotation>
+		<xs:simpleContent>
+			<xs:restriction base="cyboxCommon:BaseObjectPropertyType">
+				<xs:simpleType>
+					<xs:union memberTypes="NetFlowObj:NetflowV9FieldTypeEnum xs:string"/>
+				</xs:simpleType>
+				<xs:attribute name="datatype" type="cyboxCommon:DatatypeEnum" fixed="string">
+					<xs:annotation>
+						<xs:documentation>This attribute is optional and specifies the expected type for the value of the specified property.</xs:documentation>
+					</xs:annotation>
+				</xs:attribute>
+			</xs:restriction>
+		</xs:simpleContent>
+	</xs:complexType>
+	<xs:simpleType name="NetflowV9FieldTypeEnum">
+		<xs:annotation>
+			<xs:documentation>This enumeration describe the field types in NetFlow Version 9. Only the first 20 have been enumerated so far. Please see Section 8 in http://www.ietf.org/rfc/rfc3954.txt for the complete list (79 in total).</xs:documentation>
+		</xs:annotation>
+		<xs:restriction base="xs:string">
+			<xs:enumeration value="IN_BYTES(1)">
+				<xs:annotation>
+					<xs:documentation>The IN_BYTES(1) field represents the incoming counter with length N x 8 bits for number of bytes associated with an IP Flow.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="IN_PKTS(2)">
+				<xs:annotation>
+					<xs:documentation>The IN_PKTS(2) field represents the incoming counter with length N x 8 bits for the number of packets associated with an IP Flow.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="FLOWS(3)">
+				<xs:annotation>
+					<xs:documentation>The FLOWS(3) field represents the number of flows that were aggregated; default for N is 4.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="PROTOCOL(4)">
+				<xs:annotation>
+					<xs:documentation>The PROTOCOL(4) field represents the IP protocol byte.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="SRC_TOS(5)">
+				<xs:annotation>
+					<xs:documentation>The TOS(5) field represents the Type of Service byte setting when entering incoming interface.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="TCP_FLAGS(6)">
+				<xs:annotation>
+					<xs:documentation>The TCP_FLAGS(6) field is cumulative of all the TCP flags seen for this flow.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="L4_SRC_PORT(7)">
+				<xs:annotation>
+					<xs:documentation>The L4_SRC_PORT(7) field represents the TCP/UDP source port number i.e.: FTP, Telnet, or equivalent.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="IPV4_SRC_ADDR(8)">
+				<xs:annotation>
+					<xs:documentation>The IPV4_SRC_ADDR(8) field represents the IPv4 source address.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="SRC_MASK(9)">
+				<xs:annotation>
+					<xs:documentation>The SRC_MASK(9) field represents the number of contiguous bits in the source address subnet mask i.e.: the submask in slash notation.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="INPUT_SNMP(10)">
+				<xs:annotation>
+					<xs:documentation>The INPUT_SNMP(10) field represents the number of contiguous bits in the source address subnet mask i.e.: the submask in slash notation.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="L4_DST_PORT(11)">
+				<xs:annotation>
+					<xs:documentation>The LP_DST_PORT(11) field represents the TCP/UDP destination port number i.e.: FTP, Telnet, or equivalent.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="IPV4_DST_ADDR(12)">
+				<xs:annotation>
+					<xs:documentation>The IPV4_DST_ADDR(12) field represents the IPv4 destination address.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="DST_MASK(13)">
+				<xs:annotation>
+					<xs:documentation>The DST_MASK(13) field represents the number of contiguous bits in the destination address subnet mask i.e.: the submask in slash notation.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="OUTPUT_SNMP(14)">
+				<xs:annotation>
+					<xs:documentation>The OUTPUT_SNMP(14) field represents the output interface index; default for N is 2 but higher values could be used.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="IPV4_NEXT_HOP(15)">
+				<xs:annotation>
+					<xs:documentation>The IPV4_NEXT_HOP(15) field represents the IPv4 address of next-hop router.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="SRC_AS(16)">
+				<xs:annotation>
+					<xs:documentation>The SRC_AS(16) field represents the source BGP autonomous system number where N could be 2 or 4.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="DST_AS(17)">
+				<xs:annotation>
+					<xs:documentation>The DST_AS(17) field represents the destination BGP autonomous system number where N could be 2 or 4.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="BGP_IPV4_NEXT_HOP(18)">
+				<xs:annotation>
+					<xs:documentation>The BGP_IPV4_NEXT_HOP(18) field represents the next-hop router's IP in the BGP domain.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="MUL_DST_PKTS(19)">
+				<xs:annotation>
+					<xs:documentation>The MUL_DST_PKTS(19) field represents the IP multicast outgoing packet counter with length N x 8 bits for packets associated with the IP Flow.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="MUL_DST_BYTES(20)">
+				<xs:annotation>
+					<xs:documentation>The MUL_DST_BYTES(20) field represents the IP multicast outgoing byte counter with length N x 8 bits for bytes associated with the IP Flow.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+		</xs:restriction>
+	</xs:simpleType>
+	<xs:complexType name="NetflowV9OptionsTemplateFlowSetType">
+		<xs:annotation>
+			<xs:documentation>Specifies an Options Template FlowSet, which is one or more Options Template Records that have been grouped together in an Export Packet.</xs:documentation>
+		</xs:annotation>
+		<xs:sequence>
+			<xs:element name="Flow_Set_ID" type="cyboxCommon:HexBinaryObjectPropertyType" fixed="01" minOccurs="0" maxOccurs="1">
+				<xs:annotation>
+					<xs:documentation>Specifies the FlowSet ID, which is fixed to 1 for the Options Template FlowSet.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="Length" type="cyboxCommon:IntegerObjectPropertyType" minOccurs="0" maxOccurs="1">
+				<xs:annotation>
+					<xs:documentation>Specifies the total length of this FlowSet, in octets, including the set header, all records, and the optional padding.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="Options_Template_Record" type="NetFlowObj:NetflowV9OptionsTemplateRecordType" minOccurs="0" maxOccurs="unbounded">
+				<xs:annotation>
+					<xs:documentation>Specifies the Options Template Record region, which includes the Option Scope Length, Option Length, and fields specifying the Scope field type and Scope field length.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="Padding" type="cyboxCommon:HexBinaryObjectPropertyType" minOccurs="0" maxOccurs="1">
+				<xs:annotation>
+					<xs:documentation>Specifies the number of padding bytes to be inserted so that the subsequent FlowSet starts at a 4-byte aligned boundary. It is important to note that the Length field includes the padding bytes. Padding SHOULD be using zeros.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+		</xs:sequence>
+	</xs:complexType>
+	<xs:complexType name="NetflowV9OptionsTemplateRecordType">
+		<xs:annotation>
+			<xs:documentation>Specifies the Options Template Record region, which includes the Option Scope Length, Option Length, and fields specifying the Scope field type and Scope field length.</xs:documentation>
+		</xs:annotation>
+		<xs:sequence>
+			<xs:element name="Template_ID" type="cyboxCommon:IntegerObjectPropertyType" minOccurs="0" maxOccurs="1">
+				<xs:annotation>
+					<xs:documentation>Specifies the template ID of this Options Template, which must be greater than 255.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="Option_Scope_Length" type="cyboxCommon:HexBinaryObjectPropertyType" minOccurs="0" maxOccurs="1">
+				<xs:annotation>
+					<xs:documentation>Specifies the length of bytes of any Scope field definition contained in the Options Template Record.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="Option_Length" type="cyboxCommon:HexBinaryObjectPropertyType" minOccurs="0" maxOccurs="1">
+				<xs:annotation>
+					<xs:documentation>Specifies the length of bytes of any options field definitions contained in this Options Template Record.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:sequence minOccurs="0" maxOccurs="unbounded">
+				<xs:element name="Scope_Field_Type" type="NetFlowObj:NetflowV9ScopeFieldType" minOccurs="0" maxOccurs="1">
+					<xs:annotation>
+						<xs:documentation>Specifies the relevent portion of the Exporter/NetFlow process to which the Options Template Record refers. Currently defined values include 1 for System, 2 for Interface, 3 for Line Card, 4 for Cache, and 5 for Template. More information can be found in RFC 3954.</xs:documentation>
+					</xs:annotation>
+				</xs:element>
+				<xs:element name="Scope_Field_Length" type="cyboxCommon:HexBinaryObjectPropertyType" minOccurs="0" maxOccurs="1">
+					<xs:annotation>
+						<xs:documentation>Specifies the length (in bytes) of the Scope field as it would appear in an Options Data Record.</xs:documentation>
+					</xs:annotation>
+				</xs:element>
+			</xs:sequence>
+			<xs:sequence minOccurs="0" maxOccurs="unbounded">
+				<xs:element name="Option_Field_Type" type="NetFlowObj:NetflowV9FieldType" minOccurs="0" maxOccurs="1">
+					<xs:annotation>
+						<xs:documentation>Specifies the type of field that would appear in the Options Template Record. More information can be found in RFC 3954.</xs:documentation>
+					</xs:annotation>
+				</xs:element>
+				<xs:element name="Option_Field_Length" type="cyboxCommon:HexBinaryObjectPropertyType" minOccurs="0" maxOccurs="1">
+					<xs:annotation>
+						<xs:documentation>Specifies the length (in bytes) of the Option field.</xs:documentation>
+					</xs:annotation>
+				</xs:element>
+			</xs:sequence>
+		</xs:sequence>
+	</xs:complexType>
+	<xs:complexType name="NetflowV9ScopeFieldType">
+		<xs:annotation>
+			<xs:documentation>NetflowV9ScopeFieldType specifies scope field types for Netflow v9, via a union of the NetflowV9ScopeFieldTypeEnum type and the atomic xs:string type. Its base type is the CybOX Core BaseObjectPropertyType, for permitting complex (i.e. regular-expression based) specifications.</xs:documentation>
+		</xs:annotation>
+		<xs:simpleContent>
+			<xs:restriction base="cyboxCommon:BaseObjectPropertyType">
+				<xs:simpleType>
+					<xs:union memberTypes="NetFlowObj:NetflowV9ScopeFieldTypeEnum xs:string"/>
+				</xs:simpleType>
+				<xs:attribute name="datatype" type="cyboxCommon:DatatypeEnum" fixed="string">
+					<xs:annotation>
+						<xs:documentation>This attribute is optional and specifies the expected type for the value of the specified property.</xs:documentation>
+					</xs:annotation>
+				</xs:attribute>
+			</xs:restriction>
+		</xs:simpleContent>
+	</xs:complexType>
+	<xs:simpleType name="NetflowV9ScopeFieldTypeEnum">
+		<xs:annotation>
+			<xs:documentation>These describe the scope field types, found in the relevant portion of the NetFlow process to which the options record refers. http://www.ietf.org/rfc/rfc3954.txt</xs:documentation>
+		</xs:annotation>
+		<xs:restriction base="xs:string">
+			<xs:enumeration value="System(1)">
+				<xs:annotation>
+					<xs:documentation>Indicates the System scope field type.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Interface(2)">
+				<xs:annotation>
+					<xs:documentation>Indicates the Interface scope field type.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="LineCard(3)">
+				<xs:annotation>
+					<xs:documentation>Indicates the Line Card scope field type.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Cache(4)">
+				<xs:annotation>
+					<xs:documentation>Indicates the NetFlow Cache scope field type.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Template(5)">
+				<xs:annotation>
+					<xs:documentation>Describes the Template scope field type.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+		</xs:restriction>
+	</xs:simpleType>
+	<xs:complexType name="NetflowV9DataFlowSetType">
+		<xs:annotation>
+			<xs:documentation>Specifies a Data FlowSet, which is one or more records, of the same type, that are grouped together in an Export Packet. Each record is either a Flow Data Record or an Options Data Record previously defined by a Template Record or an Options Template Record. http://www.ietf.org/rfc/rfc3954.txt</xs:documentation>
+		</xs:annotation>
+		<xs:sequence>
+			<xs:element name="Flow_Set_ID_Template_ID" type="cyboxCommon:IntegerObjectPropertyType" minOccurs="0" maxOccurs="1">
+				<xs:annotation>
+					<xs:documentation>Specifies the FlowSet ID, which corresponds to the Template ID from a Template Flow Set or an Options Template Flow Set.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="Length" type="cyboxCommon:IntegerObjectPropertyType" minOccurs="0" maxOccurs="1">
+				<xs:annotation>
+					<xs:documentation>Specifies the length of this FlowSet.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="Data_Record" type="NetFlowObj:NetflowV9DataRecordType" minOccurs="0" maxOccurs="unbounded">
+				<xs:annotation>
+					<xs:documentation>The remainder of the Data FlowSet is a collection of Flow Data Record(s), each containing a set of field values. The Type and Length of the fields have been previously defined in the Template Record referenced by the FlowSet ID or Template ID. Specifies either a template flow set or an options template flow set. http://www.ietf.org/rfc/rfc3954.txt </xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="Padding" type="cyboxCommon:HexBinaryObjectPropertyType" minOccurs="0" maxOccurs="1">
+				<xs:annotation>
+					<xs:documentation>Specifies the padding bytes used so that the subsequent FlowSet starts at a 4-byte aligned boundary. It is important to note that the Length field includes the padding bytes. Padding SHOULD be using zeros.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+		</xs:sequence>
+	</xs:complexType>
+	<xs:complexType name="NetflowV9DataRecordType">
+		<xs:annotation>
+			<xs:documentation>A Data FlowSet is one or more records, of the same type, that are grouped together in an Export Packet. Each record is either a Flow Data Record or an Options Data Record previously defined by a Template Record or an Options Template Record. http://www.ietf.org/rfc/rfc3954.txt </xs:documentation>
+		</xs:annotation>
+		<xs:choice minOccurs="0" maxOccurs="1">
+			<xs:annotation>
+				<xs:documentation/>
+			</xs:annotation>
+			<xs:sequence>
+				<xs:element name="Flow_Data_Record" type="NetFlowObj:FlowDataRecordType" minOccurs="0" maxOccurs="unbounded">
+					<xs:annotation>
+						<xs:documentation>Specifies a Flow Data Record, which corresponds to a FieldType defined in the Template Record. Each one will have multiple values associated with it. </xs:documentation>
+					</xs:annotation>
+				</xs:element>
+			</xs:sequence>
+			<xs:sequence>
+				<xs:element name="Options_Data_Record" type="NetFlowObj:OptionsDataRecordType" minOccurs="0" maxOccurs="unbounded">
+					<xs:annotation>
+						<xs:documentation>Specifies an Options Data Record, which Corresponds to a previously defined Options Template Record.</xs:documentation>
+					</xs:annotation>
+				</xs:element>
+			</xs:sequence>
+		</xs:choice>
+	</xs:complexType>
+	<xs:complexType name="FlowDataRecordType">
+		<xs:annotation>
+			<xs:documentation>A Flow Data Record is a data record that contains values of the Flow parameters corresponding to a Template Record. </xs:documentation>
+		</xs:annotation>
+		<xs:sequence minOccurs="0" maxOccurs="1">
+			<xs:element name="Flow_Record_Collection_Element" type="NetFlowObj:FlowCollectionElementType" minOccurs="0" maxOccurs="unbounded">
+				<xs:annotation>
+					<xs:documentation>For each flow record, field values are listed.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+		</xs:sequence>
+	</xs:complexType>
+	<xs:complexType name="FlowCollectionElementType">
+		<xs:annotation>
+			<xs:documentation>Field values are associated with each record in the collection of a flow data record.</xs:documentation>
+		</xs:annotation>
+		<xs:sequence minOccurs="0">
+			<xs:element name="Flow_Record_Field_Value" type="cyboxCommon:StringObjectPropertyType" minOccurs="0" maxOccurs="unbounded">
+				<xs:annotation>
+					<xs:documentation>Set of fields values for a given Flow Data Record.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+		</xs:sequence>
+	</xs:complexType>
+	<xs:complexType name="OptionsDataRecordType">
+		<xs:annotation>
+			<xs:documentation>The data record that contains values and scope information of the Flow measurement parameters, corresponding to an Options Template Record. </xs:documentation>
+		</xs:annotation>
+		<xs:sequence minOccurs="0" maxOccurs="unbounded">
+			<xs:element name="Scope_Field_Value" type="cyboxCommon:StringObjectPropertyType" minOccurs="0" maxOccurs="1">
+				<xs:annotation>
+					<xs:documentation>Corresponds to a previously defined Options Template Record.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:sequence minOccurs="0" maxOccurs="1">
+				<xs:element name="Option_Record_Collection_Element" type="NetFlowObj:OptionCollectionElementType" minOccurs="0" maxOccurs="unbounded">
+					<xs:annotation>
+						<xs:documentation>For each option data record, field values are listed.</xs:documentation>
+					</xs:annotation>
+				</xs:element>
+			</xs:sequence>
+		</xs:sequence>
+	</xs:complexType>
+	<xs:complexType name="OptionCollectionElementType">
+		<xs:annotation>
+			<xs:documentation>Field values are associatedwith each option in the collection of an option data record.</xs:documentation>
+		</xs:annotation>
+		<xs:sequence minOccurs="0">
+			<xs:element name="Option_Record_Field_Value" type="cyboxCommon:StringObjectPropertyType" minOccurs="0" maxOccurs="unbounded">
+				<xs:annotation>
+					<xs:documentation>Set of field values for a given Options Data Record.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+		</xs:sequence>
+	</xs:complexType>
+	<xs:complexType name="NetflowV5PacketType">
+		<xs:annotation>
+			<xs:documentation>Defines the contents of a Netflow v5 packet. As of 2012, Netflow v5 is still the most commonly used network flow format. Netflow v5 was developed by Cisco. http://netflow.caligare.com/netflow_v5.htm</xs:documentation>
+		</xs:annotation>
+		<xs:sequence>
+			<xs:element name="Flow_Header" type="NetFlowObj:NetflowV5FlowHeaderType" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>Elements of a netflow v5 header.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:sequence minOccurs="0">
+				<xs:element name="Flow_Record" type="NetFlowObj:NetflowV5FlowRecordType" maxOccurs="30">
+					<xs:annotation>
+						<xs:documentation>See Network_Flow_Label for other common fields. Padding of 0-bytes is not captured. REF: http://netflow.caligare.com/netflow_v5.htm REF: http://tools.netsa.cert.org/silk/faq.html#ipfix-fields</xs:documentation>
+					</xs:annotation>
+				</xs:element>
+			</xs:sequence>
+		</xs:sequence>
+	</xs:complexType>
+	<xs:complexType name="NetflowV5FlowHeaderType">
+		<xs:annotation>
+			<xs:documentation>Defines elements of a netflow v5 header. http://netflow.caligare.com/netflow_v5.htm</xs:documentation>
+		</xs:annotation>
+		<xs:sequence>
+			<xs:element name="Version" type="cyboxCommon:HexBinaryObjectPropertyType" default="05" minOccurs="0" maxOccurs="1">
+				<xs:annotation>
+					<xs:documentation>Specifies the NetFlow export format version number, which defaults to 5 in this case.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="Count" type="cyboxCommon:IntegerObjectPropertyType" minOccurs="0" maxOccurs="1">
+				<xs:annotation>
+					<xs:documentation>Specifies the number of flows exported in the packet (1-30).</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="Sys_Up_Time" type="cyboxCommon:IntegerObjectPropertyType" minOccurs="0" maxOccurs="1">
+				<xs:annotation>
+					<xs:documentation>Specifies the current time in milliseconds since the export device booted.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="Unix_Secs" type="cyboxCommon:IntegerObjectPropertyType" minOccurs="0" maxOccurs="1">
+				<xs:annotation>
+					<xs:documentation>Specifies the current time in milliseconds since 0000 UTC 1970.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="Unix_Nsecs" type="cyboxCommon:IntegerObjectPropertyType" minOccurs="0" maxOccurs="1">
+				<xs:annotation>
+					<xs:documentation>Specifies the residual in nanoseconds since 0000 UTC 1970.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="Flow_Sequence" type="cyboxCommon:IntegerObjectPropertyType" minOccurs="0" maxOccurs="1">
+				<xs:annotation>
+					<xs:documentation>Specifies the sequence counter of total flows seen.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="Engine_Type" type="cyboxCommon:StringObjectPropertyType" minOccurs="0" maxOccurs="1">
+				<xs:annotation>
+					<xs:documentation>Specifies the type of flow-switching engine.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="Engine_ID" type="cyboxCommon:IntegerObjectPropertyType" minOccurs="0" maxOccurs="1">
+				<xs:annotation>
+					<xs:documentation>Specifies the slot number of the flow-switching engine.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="Sampling_Interval" type="cyboxCommon:HexBinaryObjectPropertyType" minOccurs="0" maxOccurs="1">
+				<xs:annotation>
+					<xs:documentation>Specifies the sampling interval field, which consists of the first two bits holding the sampling mode, with the remaining 14 bits holding the value of the sampling interval.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+		</xs:sequence>
+	</xs:complexType>
+	<xs:complexType name="NetflowV5FlowRecordType">
+		<xs:annotation>
+			<xs:documentation>Defines elements of a Netflow v5 flow record. Recall that the seven elements that define the flow itself (e.g., source IP address) are provided in NetworkFlowLabelType. https://bto.bluecoat.com/packetguide/8.6/info/netflow5-records.htm</xs:documentation>
+		</xs:annotation>
+		<xs:sequence>
+			<xs:element name="Nexthop_IPv4_Addr" type="AddressObj:AddressObjectType" minOccurs="0" maxOccurs="1">
+				<xs:annotation>
+					<xs:documentation>Represents the IP address of the next hop router.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="Packet_Count" type="cyboxCommon:IntegerObjectPropertyType" minOccurs="0" maxOccurs="1">
+				<xs:annotation>
+					<xs:documentation>Represents the number of packets in the flow.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="Byte_Count" type="cyboxCommon:IntegerObjectPropertyType" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>Represents the total number of bytes in the flow.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="SysUpTime_Start" type="cyboxCommon:IntegerObjectPropertyType" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>Represents the SysUpTime at start of flow: the total time in milliseconds starting from when the first packet in the flow was seen.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="SysUpTime_End" type="cyboxCommon:IntegerObjectPropertyType" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>Represents the SysUpTime at end of flow: when the last packet in the flow was seen.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="Padding1" type="cyboxCommon:HexBinaryObjectPropertyType" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>One byte of padding.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="TCP_Flags" type="cyboxCommon:HexBinaryObjectPropertyType" minOccurs="0" maxOccurs="1">
+				<xs:annotation>
+					<xs:documentation>Specifies the union of all TCP flags observed over the life of the flow.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="Src_Autonomous_System" type="cyboxCommon:IntegerObjectPropertyType" minOccurs="0" maxOccurs="1">
+				<xs:annotation>
+					<xs:documentation>Specifies the source autonomous system number, either origin or peer.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="Dest_Autonomous_System" type="cyboxCommon:IntegerObjectPropertyType" minOccurs="0" maxOccurs="1">
+				<xs:annotation>
+					<xs:documentation>Specifies the destination autonomous system number, either origin or peer.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="Src_IP_Mask_Bit_Count" type="cyboxCommon:StringObjectPropertyType" minOccurs="0" maxOccurs="1">
+				<xs:annotation>
+					<xs:documentation>Specifies the source address prefix mask bits.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="Dest_IP_Mask_Bit_Count" type="cyboxCommon:StringObjectPropertyType" minOccurs="0" maxOccurs="1">
+				<xs:annotation>
+					<xs:documentation>Specifies the destination address prefix mask bits.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="Padding2" type="cyboxCommon:HexBinaryObjectPropertyType" minOccurs="0" maxOccurs="1">
+				<xs:annotation>
+					<xs:documentation>Unused (zero) bytes, which is used for purposes of padding.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+		</xs:sequence>
+	</xs:complexType>
+	<xs:complexType name="SiLKRecordType">
+		<xs:annotation>
+			<xs:documentation>System for Internet-Level Knowledge (CMU/SEI). The fields are taken from a list shown in http://tools.netsa.cert.org/silk/rwcut.html. Fields common to all network flows are defined in NetworkFlowLabelType (e.g., source IP, SNMP ingress, etc.). For additional references, see http://tools.netsa.cert.org/silk/analysis-handbook.pdf, http://tools.netsa.cert.org/silk/faq.html#ipfix-fields.</xs:documentation>
+		</xs:annotation>
+		<xs:sequence>
+			<xs:element name="Packet_Count" type="cyboxCommon:IntegerObjectPropertyType" minOccurs="0" maxOccurs="1">
+				<xs:annotation>
+					<xs:documentation>Represents the number of packets in the flow.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="Byte_Count" type="cyboxCommon:IntegerObjectPropertyType" minOccurs="0" maxOccurs="1">
+				<xs:annotation>
+					<xs:documentation>Represents the number of Layer 3 bytes in the packets of the flow.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="TCP_Flags" type="cyboxCommon:HexBinaryObjectPropertyType" minOccurs="0" maxOccurs="1">
+				<xs:annotation>
+					<xs:documentation>Specifies the union of all TCP flags observed over the life of the flow.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="Start_Time" type="cyboxCommon:IntegerObjectPropertyType" minOccurs="0" maxOccurs="1">
+				<xs:annotation>
+					<xs:documentation>Represents the SysUpTime at start of flow, i.e. the total time in milliseconds starting from when the router booted. There is another element "Start_Time+msec" which is the starting time of flow including milliseconds, but milliseconds are the resolution of Start_Time unless the -legacy-timestamps switch is specified, so "Start_Time+msec" is not defined separately.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="Duration" type="cyboxCommon:IntegerObjectPropertyType" minOccurs="0" maxOccurs="1">
+				<xs:annotation>
+					<xs:documentation>Specifies the duration of the flow. There is another element "Duration+msec" which is the starting time of flow including milliseconds, but milliseconds are the resolution of Duration unless the -legacy-timestamps switch is specified, so "Duration+msec" is not defined separately.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="End_Time" type="cyboxCommon:IntegerObjectPropertyType" minOccurs="0" maxOccurs="1">
+				<xs:annotation>
+					<xs:documentation>Represents the SysUpTime at end of flow. There is another element "End_Time+msec" which is the starting time of flow including milliseconds, but milliseconds are the resolution of End_Time unless the -legacy-timestamps switch is specified, so "End_Time+msec" is not defined separately.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="Sensor_Info" type="NetFlowObj:SiLKSensorInfoType" minOccurs="0" maxOccurs="1">
+				<xs:annotation>
+					<xs:documentation>Defines the fields associated with the sensor at the collection point.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="ICMP_Type" type="cyboxCommon:IntegerObjectPropertyType" minOccurs="0" maxOccurs="1">
+				<xs:annotation>
+					<xs:documentation>ICMP type for ICMP flows. Empty for non-ICMP flows.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="ICMP_Code" type="cyboxCommon:IntegerObjectPropertyType" minOccurs="0" maxOccurs="1">
+				<xs:annotation>
+					<xs:documentation>ICMP code for ICMP flows. Empty for non-ICMP flows.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="Router_Next_Hop_IP" type="AddressObj:AddressObjectType" minOccurs="0" maxOccurs="1">
+				<xs:annotation>
+					<xs:documentation>Router next hop IP.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="Initial_TCP_Flags" type="PacketObj:TCPFlagsType" minOccurs="0" maxOccurs="1">
+				<xs:annotation>
+					<xs:documentation>TCP flags on first packet in the flow.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="Session_TCP_Flags" type="cyboxCommon:HexBinaryObjectPropertyType" minOccurs="0" maxOccurs="1">
+				<xs:annotation>
+					<xs:documentation>bit-wise OR of TCP flags over all packets except the first in the flow</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="Flow_Attributes" type="NetFlowObj:SiLKFlowAttributesType" minOccurs="0" maxOccurs="1">
+				<xs:annotation>
+					<xs:documentation>Flow attributes set by the flow generator.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="Flow_Application" type="PacketObj:IANAPortNumberRegistryType" minOccurs="0" maxOccurs="1">
+				<xs:annotation>
+					<xs:documentation>Based on an examination of payload contents, this value = the port number traditionally used for that type of traffic (21 for FTP traffic even if actually routed over port 80). Documentation (http://tools.netsa.cert.org/silk/rwcut.html) says this is a "guess as to the content of the flow".</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="Src_IP_Type" type="NetFlowObj:SiLKAddressType" minOccurs="0" maxOccurs="1">
+				<xs:annotation>
+					<xs:documentation>The type of the source IP in terms of whether the address is routable, external, etc.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="Dest_IP_Type" type="NetFlowObj:SiLKAddressType" minOccurs="0" maxOccurs="1">
+				<xs:annotation>
+					<xs:documentation>The type of the destination IP in terms of whether the address is routable, external, etc.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="Src_Country_Code" type="NetFlowObj:SiLKCountryCodeType" minOccurs="0" maxOccurs="1">
+				<xs:annotation>
+					<xs:documentation>A two-letter country code denoting the country of location of the source IP address.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="Dest_Country_Code" type="NetFlowObj:SiLKCountryCodeType" minOccurs="0" maxOccurs="1">
+				<xs:annotation>
+					<xs:documentation> A two-letter country code denoting the country of location of the destination IP address.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="Src_MAPNAME" type="cyboxCommon:StringObjectPropertyType" minOccurs="0" maxOccurs="1">
+				<xs:annotation>
+					<xs:documentation>User defined string for integrating external information into SiLK records. See documentation on SiLK pmap filter for details (defined in the prefix map associated with MAPNAME).</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="Dest_MAPNAME" type="cyboxCommon:StringObjectPropertyType" minOccurs="0" maxOccurs="1">
+				<xs:annotation>
+					<xs:documentation>User defined string for integrating external information into SiLK records. See documentation on SiLK pmap filter for details (defined in the prefix map associated with MAPNAME).</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+		</xs:sequence>
+	</xs:complexType>
+	<xs:complexType name="SiLKFlowAttributesType">
+		<xs:annotation>
+			<xs:documentation>SiLKFlowAttributesType specifies SiLK flow attributes, via a union of the SiLKFlowAttributesTypeEnum type and the atomic xs:string type. Its base type is the CybOX Core BaseObjectPropertyType, for permitting complex (i.e. regular-expression based) specifications.</xs:documentation>
+		</xs:annotation>
+		<xs:simpleContent>
+			<xs:restriction base="cyboxCommon:BaseObjectPropertyType">
+				<xs:simpleType>
+					<xs:union memberTypes="NetFlowObj:SiLKFlowAttributesTypeEnum xs:string"/>
+				</xs:simpleType>
+				<xs:attribute name="datatype" type="cyboxCommon:DatatypeEnum" fixed="string">
+					<xs:annotation>
+						<xs:documentation>This attribute is optional and specifies the expected type for the value of the specified property.</xs:documentation>
+					</xs:annotation>
+				</xs:attribute>
+			</xs:restriction>
+		</xs:simpleContent>
+	</xs:complexType>
+	<xs:simpleType name="SiLKFlowAttributesTypeEnum">
+		<xs:annotation>
+			<xs:documentation>The SiLKFlowAttributesTypeEnum specifies the flow attributes set by the flow generator. This is field 28 of the rwstats options. See http://tools.netsa.cert.org/silk/rwstats.html for more information.</xs:documentation>
+		</xs:annotation>
+		<xs:restriction base="xs:string">
+			<xs:enumeration value="F (FIN flag)">
+				<xs:annotation>
+					<xs:documentation>Indicates that the flow generator saw additional packets in this flow following a packet with a FIN flag (excluding ACK packets).</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="T (Timeout)">
+				<xs:annotation>
+					<xs:documentation>Indicates that the flow generator prematurely created a record for a long-running connection due to a timeout. (When the flow generator yaf(1) is run with the --silk switch, it will prematurely create a flow and mark it with T if the byte count of the flow cannot be stored in a 32-bit value.)</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="C (Continuation)">
+				<xs:annotation>
+					<xs:documentation>Indicates that the flow generator created this flow as a continuation of long-running connection, where the previous flow for this connection met a timeout (or a byte threshold in the case of yaf).</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+		</xs:restriction>
+	</xs:simpleType>
+	<xs:complexType name="SiLKAddressType">
+		<xs:annotation>
+			<xs:documentation>SiLKAddressType specifies SiLK address types, via a union of the SiLKAddressTypeEnum type and the atomic xs:string type. Its base type is the CybOX Core BaseObjectPropertyType, for permitting complex (i.e. regular-expression based) specifications.</xs:documentation>
+		</xs:annotation>
+		<xs:simpleContent>
+			<xs:restriction base="cyboxCommon:BaseObjectPropertyType">
+				<xs:simpleType>
+					<xs:union memberTypes="NetFlowObj:SiLKAddressTypeEnum xs:string"/>
+				</xs:simpleType>
+				<xs:attribute name="datatype" type="cyboxCommon:DatatypeEnum" fixed="string">
+					<xs:annotation>
+						<xs:documentation>This attribute is optional and specifies the expected type for the value of the specified property.</xs:documentation>
+					</xs:annotation>
+				</xs:attribute>
+			</xs:restriction>
+		</xs:simpleContent>
+	</xs:complexType>
+	<xs:simpleType name="SiLKAddressTypeEnum">
+		<xs:annotation>
+			<xs:documentation>Environment variable allows user to specify the address type mapping file. A partial, typical list is currently given--see http://tools.netsa.cert.org/silk/addrtype.html for more information.</xs:documentation>
+		</xs:annotation>
+		<xs:restriction base="xs:string">
+			<xs:enumeration value="non-routable (0)">
+				<xs:annotation>
+					<xs:documentation>Denotes a (non-routable) IP address.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="internal(1)">
+				<xs:annotation>
+					<xs:documentation>Denotes an IP address internal to the monitored network.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="routable_external(2)">
+				<xs:annotation>
+					<xs:documentation>Denotes an IP address external to the monitored network.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+		</xs:restriction>
+	</xs:simpleType>
+	<xs:complexType name="SiLKCountryCodeType">
+		<xs:annotation>
+			<xs:documentation>SiLKCountryCodeType specifies country codes used by SiLK, via a union of the SiLKCountryCodeTypeEnum type and the atomic xs:string type. Its base type is the CybOX Core BaseObjectPropertyType, for permitting complex (i.e. regular-expression based) specifications.</xs:documentation>
+		</xs:annotation>
+		<xs:simpleContent>
+			<xs:restriction base="cyboxCommon:BaseObjectPropertyType">
+				<xs:simpleType>
+					<xs:union memberTypes="NetFlowObj:SiLKCountryCodeTypeEnum xs:string"/>
+				</xs:simpleType>
+				<xs:attribute name="datatype" type="cyboxCommon:DatatypeEnum" fixed="string">
+					<xs:annotation>
+						<xs:documentation>This attribute is optional and specifies the expected type for the value of the specified property.</xs:documentation>
+					</xs:annotation>
+				</xs:attribute>
+			</xs:restriction>
+		</xs:simpleContent>
+	</xs:complexType>
+	<xs:simpleType name="SiLKCountryCodeTypeEnum">
+		<xs:annotation>
+			<xs:documentation>Environment variable allows user to specify a country code mapping file. No enumerations are currently defined.</xs:documentation>
+		</xs:annotation>
+		<xs:restriction base="xs:string"/>
+	</xs:simpleType>
+	<xs:complexType name="SiLKSensorInfoType">
+		<xs:annotation>
+			<xs:documentation>Defines elements associated with a SiLK sensor.</xs:documentation>
+		</xs:annotation>
+		<xs:sequence>
+			<xs:element name="Sensor_ID" type="cyboxCommon:StringObjectPropertyType" minOccurs="0" maxOccurs="1">
+				<xs:annotation>
+					<xs:documentation>Name or ID of sensor at the collection point.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="Class" type="NetFlowObj:SiLKSensorClassType" minOccurs="0" maxOccurs="1">
+				<xs:annotation>
+					<xs:documentation>By default, only one "all" class. Others can be configured.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="Type" type="NetFlowObj:SiLKDirectionType" minOccurs="0" maxOccurs="1">
+				<xs:annotation>
+					<xs:documentation>Specifies the direction of traffic, which is enumerated by SiLKDirectionType.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+		</xs:sequence>
+	</xs:complexType>
+	<xs:complexType name="SiLKDirectionType">
+		<xs:annotation>
+			<xs:documentation>SiLKType specifies direction of SiLK traffic, via a union of the SiLKDirectionTypeEnum type and the atomic xs:string type. Its base type is the CybOX Core BaseObjectPropertyType, for permitting complex (i.e. regular-expression based) specifications.</xs:documentation>
+		</xs:annotation>
+		<xs:simpleContent>
+			<xs:restriction base="cyboxCommon:BaseObjectPropertyType">
+				<xs:simpleType>
+					<xs:union memberTypes="NetFlowObj:SiLKDirectionTypeEnum xs:string"/>
+				</xs:simpleType>
+				<xs:attribute name="datatype" type="cyboxCommon:DatatypeEnum" fixed="string">
+					<xs:annotation>
+						<xs:documentation>This attribute is optional and specifies the expected type for the value of the specified property.</xs:documentation>
+					</xs:annotation>
+				</xs:attribute>
+			</xs:restriction>
+		</xs:simpleContent>
+	</xs:complexType>
+	<xs:simpleType name="SiLKDirectionTypeEnum">
+		<xs:annotation>
+			<xs:documentation>Enumerates direction of traffic. Not all are currently enumerated.</xs:documentation>
+		</xs:annotation>
+		<xs:restriction base="xs:string">
+			<xs:enumeration value="in">
+				<xs:annotation>
+					<xs:documentation>Denotes inbound traffic relative to a sensor.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="inweb">
+				<xs:annotation>
+					<xs:documentation>Denotes inbound web traffic relative to a sensor. SiLK categorizes a flow as web if the protocol is TCP and either the source port or destination port is one of 80, 443, or 8080.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="innull">
+				<xs:annotation>
+					<xs:documentation>Denotes null inbound traffic relative to a sensor.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="out">
+				<xs:annotation>
+					<xs:documentation>Denotes outbound traffic relative to a sensor.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="outweb">
+				<xs:annotation>
+					<xs:documentation>Denotes outbound web traffic relative to a sensor. SiLK categorizes a flow as web if the protocol is TCP and either the source port or destination port is one of 80, 443, or 8080.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="outnull">
+				<xs:annotation>
+					<xs:documentation>Denotes null outbound traffic relative to a sensor.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+		</xs:restriction>
+	</xs:simpleType>
+	<xs:complexType name="SiLKSensorClassType">
+		<xs:annotation>
+			<xs:documentation>SiLKSensorClassType specifies the sensor class, via a union of the SiLKSensorClassTypeEnum type and the atomic xs:string type. Its base type is the CybOX Core BaseObjectPropertyType, for permitting complex (i.e. regular-expression based) specifications.</xs:documentation>
+		</xs:annotation>
+		<xs:simpleContent>
+			<xs:restriction base="cyboxCommon:BaseObjectPropertyType">
+				<xs:simpleType>
+					<xs:union memberTypes="NetFlowObj:SiLKSensorClassTypeEnum xs:string"/>
+				</xs:simpleType>
+				<xs:attribute name="datatype" type="cyboxCommon:DatatypeEnum" fixed="string">
+					<xs:annotation>
+						<xs:documentation>This attribute is optional and specifies the expected type for the value of the specified property.</xs:documentation>
+					</xs:annotation>
+				</xs:attribute>
+			</xs:restriction>
+		</xs:simpleContent>
+	</xs:complexType>
+	<xs:simpleType name="SiLKSensorClassTypeEnum">
+		<xs:annotation>
+			<xs:documentation>Enumerates SiLK sensor classes. Currently just one class (all) is defined.</xs:documentation>
+		</xs:annotation>
+		<xs:restriction base="xs:string">
+			<xs:enumeration value="all">
+				<xs:annotation>
+					<xs:documentation>Defines sensor class "all".</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+		</xs:restriction>
+	</xs:simpleType>
+	<xs:complexType name="YAFRecordType">
+		<xs:annotation>
+			<xs:documentation>YAF (Yet Another Flowmeter) is bidirectional network flow meter. It processes packet data from pcap(3) dumpfiles as generated by tcpdump(1) or via live capture from an interface using pcap(3) into bidirectional flows, then exports those flows to IPFIX. (REF: http://www.usenix.org/event/lisa10/tech/full_papers/Inacio.pdf)</xs:documentation>
+		</xs:annotation>
+		<xs:sequence>
+			<xs:element name="Flow" type="NetFlowObj:YAFFlowType" minOccurs="0" maxOccurs="1">
+				<xs:annotation>
+					<xs:documentation>The elements in a YAF record have been separated based on flow direction. These elements are defined for the general forward flow.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="Reverse_Flow" type="NetFlowObj:YAFReverseFlowType" minOccurs="0" maxOccurs="1">
+				<xs:annotation>
+					<xs:documentation>Some elements in a YAF record correspond to the reverse flow. These elements are given here.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+		</xs:sequence>
+	</xs:complexType>
+	<xs:complexType name="YAFFlowType">
+		<xs:annotation>
+			<xs:documentation>These elements of a YAF record correspond to the flow generally or to the forward portion of the flow. Elements common to all network flow objects are defined in the NetworkFlowLabelType (src ip address, ingress/egress interface).</xs:documentation>
+		</xs:annotation>
+		<xs:sequence>
+			<xs:element name="Flow_Start_Milliseconds" type="cyboxCommon:IntegerObjectPropertyType" minOccurs="0" maxOccurs="1">
+				<xs:annotation>
+					<xs:documentation>Flow start time in milliseconds since 1970-01-01 00:00:00 UTC</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="Flow_End_Milliseconds" type="cyboxCommon:IntegerObjectPropertyType" minOccurs="0" maxOccurs="1">
+				<xs:annotation>
+					<xs:documentation>Flow end time in milliseconds since 1970-01-01 00:00:00 UTC</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="Octet_Total_Count" type="cyboxCommon:IntegerObjectPropertyType" minOccurs="0" maxOccurs="1">
+				<xs:annotation>
+					<xs:documentation>Number of octets in packets in forward direction of flow. May be encoded in 4 octets using IPFIX reduced-length encoding.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="Packet_Total_Count" type="cyboxCommon:IntegerObjectPropertyType" minOccurs="0" maxOccurs="1">
+				<xs:annotation>
+					<xs:documentation>Number of packets in forward direction of flow.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="Flow_End_Reason" type="cyboxCommon:HexBinaryObjectPropertyType" minOccurs="0" maxOccurs="1">
+				<xs:annotation>
+					<xs:documentation>The reason for Flow termination. It may contain SiLK-specific tags. The range of values may include the following: 0x01: idle timeout (the Flow was terminated because it was considered to be idle). 0x02: active timeout (the Flow was terminated for reporting purposes while it was still active, for example, after the maximum lifetime of unreported Flows was reached). 0x03: end of Flow detected (the Flow was terminated because the Metering Process detected signals indicating the end of the Flow, for example, the TCP FIN flag.) 0x04: forced end (the Flow was terminated because of some external event, for example, a shutdown of the Metering Process initiated by a network management application.) 0x05: lack of resources (the Flow was terminated because of lack of resources available to the Metering Process and/or the Exporting Process.) See http://www.iana.org/assignments/ipfix/ipfix.xml for more information. </xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="SiLK_App_Label" type="cyboxCommon:IntegerObjectPropertyType" minOccurs="0" maxOccurs="1">
+				<xs:annotation>
+					<xs:documentation>The SiLK_App_Label is the port number that is traditionally used for that type of traffic (see the /etc/services file on most UNIX systems). For example, traffic that the flow generator recognizes as FTP will have a value of 21, even if that traffic is being routed through the standard HTTP/web port (80).</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="Payload_Entropy" type="cyboxCommon:IntegerObjectPropertyType" minOccurs="0" maxOccurs="1">
+				<xs:annotation>
+					<xs:documentation>Shannon Entropy calculation of the forward payload data. The calculation generates a real number value between 0.0 and 8.0. That number is then converted into an 8-bit integer value between 0 and 255. Roughly, numbers above 230 are generally compressed (or encrypted) and numbers centered around approximately 140 are English text. Lower numbers carry even less information content.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="ML_App_Label" type="cyboxCommon:HexBinaryObjectPropertyType" minOccurs="0" maxOccurs="1">
+				<xs:annotation>
+					<xs:documentation>Machine-learning app label</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="TCP_Flow" type="NetFlowObj:YAFTCPFlowType" minOccurs="0" maxOccurs="1">
+				<xs:annotation>
+					<xs:documentation>Contains TCP-related information of the network flow.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="Vlan_ID_MAC_Addr" type="AddressObj:AddressObjectType" minOccurs="0" maxOccurs="1">
+				<xs:annotation>
+					<xs:documentation>The MAC adress.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="Passive_OS_Fingerprinting" type="cyboxCommon:PlatformSpecificationType" minOccurs="0" maxOccurs="1">
+				<xs:annotation>
+					<xs:documentation>OS name and version.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="First_Packet_Banner" type="cyboxCommon:HexBinaryObjectPropertyType" minOccurs="0" maxOccurs="1">
+				<xs:annotation>
+					<xs:documentation>First forward packet IP payload.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="Second_Packet_Banner" type="cyboxCommon:HexBinaryObjectPropertyType" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>Second forward packet IP payload.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="N_Bytes_Payload" type="cyboxCommon:HexBinaryObjectPropertyType" minOccurs="0" maxOccurs="1">
+				<xs:annotation>
+					<xs:documentation>Initial n bytes of forward direction of applications payload.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+		</xs:sequence>
+	</xs:complexType>
+	<xs:complexType name="YAFReverseFlowType">
+		<xs:annotation>
+			<xs:documentation>These elements correspond to the reverse flow captured by in YAF record.</xs:documentation>
+		</xs:annotation>
+		<xs:sequence>
+			<xs:element name="Reverse_Octet_Total_Count" type="cyboxCommon:IntegerObjectPropertyType" minOccurs="0" maxOccurs="1">
+				<xs:annotation>
+					<xs:documentation>Number of octets in packets in reverse direction of flow. May be encoded in 4 octets using IPFIX reduced-length encoding.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="Reverse_Packet_Total_Count" type="cyboxCommon:IntegerObjectPropertyType" minOccurs="0" maxOccurs="1">
+				<xs:annotation>
+					<xs:documentation>Number of packets in reverse direction of flow.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="Reverse_Payload_Entropy" type="cyboxCommon:IntegerObjectPropertyType" minOccurs="0" maxOccurs="1">
+				<xs:annotation>
+					<xs:documentation>Shannon Entropy calculation of the reverse payload data. The calculation generates a real number value between 0.0 and 8.0. That number is then converted into an 8-bit integer value between 0 and 255. Roughly, numbers above 230 are generally compressed (or encrypted) and numbers centered around approximately 140 are English text. Lower numbers carry even less information content.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="Reverse_Flow_Delta_Milliseconds" type="cyboxCommon:IntegerObjectPropertyType" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>RTT of initial handshake.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="TCP_Reverse_Flow" type="NetFlowObj:YAFTCPFlowType" minOccurs="0" maxOccurs="1">
+				<xs:annotation>
+					<xs:documentation>The associated elements relate to the reverse packets of the flow.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="Reverse_Vlan_ID_MAC_Addr" type="AddressObj:AddressObjectType" minOccurs="0" maxOccurs="1">
+				<xs:annotation>
+					<xs:documentation>Reverse MAC address.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="Reverse_Passive_OS_Fingerprinting" type="cyboxCommon:PlatformSpecificationType" minOccurs="0" maxOccurs="1">
+				<xs:annotation>
+					<xs:documentation>OS name and version of the reverse flow.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="Reverse_First_Packet" type="cyboxCommon:HexBinaryObjectPropertyType" minOccurs="0" maxOccurs="1">
+				<xs:annotation>
+					<xs:documentation>First reverse packet IP payload.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="Reverse_N_Bytes_Payload" type="cyboxCommon:HexBinaryObjectPropertyType" minOccurs="0" maxOccurs="1">
+				<xs:annotation>
+					<xs:documentation>Initial n bytes of reverse direction of flow payload</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+		</xs:sequence>
+	</xs:complexType>
+	<xs:complexType name="YAFTCPFlowType">
+		<xs:annotation>
+			<xs:documentation>Contains TCP-related information of the network flow.</xs:documentation>
+		</xs:annotation>
+		<xs:sequence>
+			<xs:element name="TCP_Sequence_Number" type="cyboxCommon:IntegerObjectPropertyType" minOccurs="0" maxOccurs="1">
+				<xs:annotation>
+					<xs:documentation>TCP sequence number.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="Initial_TCP_Flags" type="PacketObj:TCPFlagsType" minOccurs="0" maxOccurs="1">
+				<xs:annotation>
+					<xs:documentation>TCP flags of the first packet.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="Union_TCP_Flags" type="cyboxCommon:HexBinaryObjectPropertyType" minOccurs="0" maxOccurs="1">
+				<xs:annotation>
+					<xs:documentation>The union of the TCP flags of the 2...nth packet.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+		</xs:sequence>
+	</xs:complexType>
+</xs:schema>
diff --git a/stix_validator/schema/cybox/objects/Network_Packet_Object.xsd b/stix_validator/schema/cybox/objects/Network_Packet_Object.xsd
new file mode 100755
index 0000000..deb93f7
--- /dev/null
+++ b/stix_validator/schema/cybox/objects/Network_Packet_Object.xsd
@@ -0,0 +1,2948 @@
+<?xml version="1.0" encoding="utf-8"?>
+<xs:schema xmlns:xs="http://www.w3.org/2001/XMLSchema" xmlns:cyboxCommon="http://cybox.mitre.org/common-2" xmlns:PacketObj="http://cybox.mitre.org/objects#PacketObject-2" xmlns:AddressObj="http://cybox.mitre.org/objects#AddressObject-2" xmlns:PortObj="http://cybox.mitre.org/objects#PortObject-2" targetNamespace="http://cybox.mitre.org/objects#PacketObject-2" elementFormDefault="qualified" version="2.0">
+	<xs:annotation>
+		<xs:documentation>This schema was originally developed by The MITRE Corporation. The CybOX XML Schema implementation is maintained by The MITRE Corporation and developed by the open CybOX Community. For more information, including how to get involved in the effort and how to submit change requests, please visit the CybOX website at http://cybox.mitre.org. </xs:documentation>
+		<xs:appinfo>
+			<schema>Network_Packet_Object</schema>
+			<version>2.0</version>
+			<date>02/11/2013 9:00:00 AM</date>
+			<short_description>The following specifies the fields and types that compose this defined CybOX Object type. Each defined object is an extension of the abstract ObjectPropertiesType, defined in CybOX Common. For more information on this extension mechanism, please see the CybOX Specification. This document is intended for developers and assumes some familiarity with XML. </short_description>
+			<terms_of_use>Copyright (c) 2012-2013, The MITRE Corporation. All rights reserved. The contents of this file are subject to the terms of the CybOX License located at http://cybox.mitre.org/about/termsofuse.html. See the CybOX License for the specific language governing permissions and limitations for use of this schema. When distributing copies of the CybOX Schema, this license header must be included. </terms_of_use>
+		</xs:appinfo>
+	</xs:annotation>
+	<xs:import namespace="http://cybox.mitre.org/common-2" schemaLocation="../cybox_common.xsd"/>
+	<xs:import namespace="http://cybox.mitre.org/objects#AddressObject-2" schemaLocation="Address_Object.xsd"/>
+	<xs:import namespace="http://cybox.mitre.org/objects#PortObject-2" schemaLocation="Port_Object.xsd"/>
+	<xs:element name="Network_Packet" type="PacketObj:NetworkPacketObjectType">
+		<xs:annotation>
+			<xs:documentation>The Network_Packet object provides the definition of a network packet based on the TCP/IP model/Internet protocol suite. In the TCP/IP stack, "packet" is generally defined as IP header plus payload, but we also include the LinkLayer from the OSI model, which defines the physical network interfaces and routing protocols. The application layer has not yet been defined.</xs:documentation>
+		</xs:annotation>
+	</xs:element>
+	<xs:complexType name="NetworkPacketObjectType">
+		<xs:annotation>
+			<xs:documentation>The NetworkPacketObjectType's definition of a network packet is based on the TCP/IP model/Internet protocol suite. In the TCP/IP stack, "packet" is generally defined as IP header plus payload, but we also include the LinkLayer from the OSI model, which defines the physical network interfaces and routing protocols. Protocol fields are provided but requirements are not enforced/captured; all fields are optional.</xs:documentation>
+		</xs:annotation>
+		<xs:complexContent>
+			<xs:extension base="cyboxCommon:ObjectPropertiesType">
+				<xs:choice>
+					<xs:element name="Link_Layer" type="PacketObj:LinkLayerType" minOccurs="0">
+						<xs:annotation>
+							<xs:documentation>The Link Layer is the lowest layer of the TCP/IP network stack and is comprised of physical and logical protocols that operate between adjacent nodes of a network segment or a WAN connection.</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+					<xs:element name="Internet_Layer" type="PacketObj:InternetLayerType" minOccurs="0">
+						<xs:annotation>
+							<xs:documentation>Internet layer characterizes information about the network layer of this Network Packet. The network layer is one layer from the 7-layer OSI Model.</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+					<xs:element name="Transport_Layer" type="PacketObj:TransportLayerType" minOccurs="0">
+						<xs:annotation>
+							<xs:documentation>Transport layer characterizes information about the transport layer of this Network Packet. The transport layer is one layer from the 7-layer OSI Model.</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+				</xs:choice>
+			</xs:extension>
+		</xs:complexContent>
+	</xs:complexType>
+	<xs:complexType name="LinkLayerType">
+		<xs:annotation>
+			<xs:documentation>A link layer protocol is a hardware interface protocol, such as Ethernet, or a logical link routing protocol, such as ARP.</xs:documentation>
+		</xs:annotation>
+		<xs:choice>
+			<xs:element name="Physical_Interface" type="PacketObj:PhysicalInterfaceType" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>Physical Interface characterizes one hardware interface of a link layer connection.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="Logical_Protocols" type="PacketObj:LogicalProtocolType" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>Logical Protocols characterizes the logical protocol of a link layer connection. One example of a logical protocol is ARP.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+		</xs:choice>
+	</xs:complexType>
+	<xs:complexType name="PhysicalInterfaceType">
+		<xs:annotation>
+			<xs:documentation>Multiple interface types exist - only most common (Ethernet) included now. Others will be added later as needed.</xs:documentation>
+		</xs:annotation>
+		<xs:choice minOccurs="0">
+			<xs:element name="Ethernet" type="PacketObj:EthernetInterfaceType" minOccurs="0" maxOccurs="1">
+				<xs:annotation>
+					<xs:documentation>Ethernet sends network packets from the sending host to one or more receiving hosts. (REF: IEEE 802.3; http://wiki.wireshark.org/Ethernet)</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+		</xs:choice>
+	</xs:complexType>
+	<xs:complexType name="LogicalProtocolType">
+		<xs:annotation>
+			<xs:documentation>Logical Protocols characterizes the logical protocol of a link layer connection. One example of a logical protocol is ARP. </xs:documentation>
+		</xs:annotation>
+		<xs:choice minOccurs="0">
+			<xs:element name="ARP_RARP" type="PacketObj:ARPType" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>ARP is a logical protocol used for resolution of network layer addresses (e.g., IP addresses) into link layer addresses (e.g., MAC addresses). RARP is a logical protocol used by a host computer to request its network layer address when it has its link layer address.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="NDP" type="PacketObj:NDPType" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>Neighbor Discovery Protocol (NDP) is used with IPv6 to determine the link-layer addresses for neighbors. Corresponds to combination of IPv4 protocols: ARP, ICMP Router Discovery, and ICMP Redirect.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+		</xs:choice>
+	</xs:complexType>
+	<xs:complexType name="EthernetInterfaceType">
+		<xs:annotation>
+			<xs:documentation>Ethernet sends network packets from the sending host to one or more receiving hosts. (REF: IEEE 802.3; http://wiki.wireshark.org/Ethernet)</xs:documentation>
+		</xs:annotation>
+		<xs:sequence minOccurs="0">
+			<xs:element name="Ethernet_Header" type="PacketObj:EthernetHeaderType" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>The ethernet header includes information such as source MAC address, destination MAC address, and more.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+		</xs:sequence>
+	</xs:complexType>
+	<xs:complexType name="EthernetHeaderType">
+		<xs:annotation>
+			<xs:documentation>Ethernet header characterizes and ethernet header and includes information such as source MAC address, destination MAC address, and more.</xs:documentation>
+		</xs:annotation>
+		<xs:sequence>
+			<xs:element name="Destination_MAC_Addr" type="AddressObj:AddressObjectType" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>Destination MAC Addr characterizes the destination MAC Address of the ethernet frame.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="Source_MAC_Addr" type="AddressObj:AddressObjectType" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>Source MAC Addr characterizes the source MAC Address of the ethernet frame.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="Type_Or_Length" type="PacketObj:TypeLengthType" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>Type or Length characterizes either the length of the ethernet frame or the protocol type of the network layer.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="Checksum" type="cyboxCommon:HexBinaryObjectPropertyType" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>Checksum characterizes the Frame Check sequence of an ethernet frame.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+		</xs:sequence>
+	</xs:complexType>
+	<xs:complexType name="TypeLengthType">
+		<xs:annotation>
+			<xs:documentation>0-1500 then it is a length field. Otherwise, it defines the protocol type of the Internet layer.</xs:documentation>
+		</xs:annotation>
+		<xs:choice>
+			<xs:element name="Length" type="cyboxCommon:HexBinaryObjectPropertyType" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>Length characterizes the length of the ethernet frame.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="Internet_Layer_Type" type="PacketObj:IANAEtherType" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>two-octet field in an Ethernet frame. specifies protocol encapsulated in the payload of ethernet frame.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+		</xs:choice>
+	</xs:complexType>
+	<xs:complexType name="ARPType">
+		<xs:annotation>
+			<xs:documentation>The Address Resolution Protocol is a request and reply protocol that runs encapsulated by the line protocol. It is communicated within the boundaries of a single network, never routed across internetwork nodes. This property places ARP into the Link Layer. It is encapsulated. REF: http://www.comptechdoc.org/independent/networking/guide/netarp.html</xs:documentation>
+		</xs:annotation>
+		<xs:sequence minOccurs="0">
+			<xs:element name="Hardware_Addr_Type" type="PacketObj:IANAHardwareType" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>Characterizes the type of hardware address specified in an ARP message.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="Proto_Addr_Type" type="PacketObj:IANAEtherType" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>ProtoAddrType characterizes the type of protocol address being mapped. For IPv4 addresses, value = 0x0800.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="Hardware_Addr_Size" type="cyboxCommon:HexBinaryObjectPropertyType" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>Harware_Addr_Size represents the byte size of the hardware address. For Ethernet or other IEEE 802 MAC addresses, the value is 6.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="Protol_Addr_Size" type="cyboxCommon:HexBinaryObjectPropertyType" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>Proto_Addr_Size represents the byte size of the protocol address. IPv4 addresses = 4.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="Op_Type" type="PacketObj:ARPOpType" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>Op_Type characterizes the type of operation. 1 = ARP request, 2=ARP reply, 3=RARP request, 4=RARP reply.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="Sender_Hardware_Addr" type="AddressObj:AddressObjectType" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>Sender_Hardware_Addr characterizes the sender's hardware address (e.g., MAC address).</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="Sender_Protocol_Addr" type="AddressObj:AddressObjectType" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>Sender_Protocol_Addr characterizes the sender's IP address.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="Recip_Hardware_Addr" type="AddressObj:AddressObjectType" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>Recip_Sender_Hardware Addr characterizes the recipients's hardware address (e.g., MAC address).</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="Recip_Protocol_Addr" type="AddressObj:AddressObjectType" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>Recip Protocol Addr characterizes the recipient's IP address.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+		</xs:sequence>
+	</xs:complexType>
+	<xs:complexType name="ARPOpType">
+		<xs:annotation>
+			<xs:documentation>ARPOpType specifies types of ARP operations, via a union of the ARPOpTypeEnum type and the atomic xs:string type. Its base type is the BaseObjectPropertyType, for permitting complex (i.e. regular-expression based) specifications.</xs:documentation>
+		</xs:annotation>
+		<xs:simpleContent>
+			<xs:restriction base="cyboxCommon:BaseObjectPropertyType">
+				<xs:simpleType>
+					<xs:union memberTypes="PacketObj:ARPOpTypeEnum xs:string"/>
+				</xs:simpleType>
+				<xs:attribute name="datatype" type="cyboxCommon:DatatypeEnum" fixed="string">
+					<xs:annotation>
+						<xs:documentation>This attribute is optional and specifies the expected type for the value of the specified property.</xs:documentation>
+					</xs:annotation>
+				</xs:attribute>
+			</xs:restriction>
+		</xs:simpleContent>
+	</xs:complexType>
+	<xs:simpleType name="ARPOpTypeEnum">
+		<xs:annotation>
+			<xs:documentation>ARPOpTypeEnum contains the various ARP Operation Types.</xs:documentation>
+		</xs:annotation>
+		<xs:restriction base="xs:string">
+			<xs:enumeration value="ARP request(1)">
+				<xs:annotation>
+					<xs:documentation>Indicates the ARP request operation, or value 1 in the OPER field of an ARP packet.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="ARP reply(2)">
+				<xs:annotation>
+					<xs:documentation>Indicates the ARP reply operation, or value 2 in the OPER field of an ARP packet.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="RARP request(3)">
+				<xs:annotation>
+					<xs:documentation>Indicates the RARP request operation, or value 3 in the OPER field of an ARP packet.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="RARP reply(4)">
+				<xs:annotation>
+					<xs:documentation>Indicates the RARP reply operation, or value 4 in the OPER field of an ARP packet.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+		</xs:restriction>
+	</xs:simpleType>
+	<xs:complexType name="NDPType">
+		<xs:annotation>
+			<xs:documentation>NDP Type characterizes NDP (Neighbor Discover Protocol) IPv6 packets. NDP defines five ICMPv6 packet types. RFC 2461: http://tools.ietf.org/html/rfc4861</xs:documentation>
+		</xs:annotation>
+		<xs:sequence minOccurs="0">
+			<xs:annotation>
+				<xs:documentation/>
+			</xs:annotation>
+			<xs:element name="ICMPv6_Header" type="PacketObj:ICMPv6HeaderType" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>ICMPv6 Header characterizes an ICMPv6 header.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:choice minOccurs="0">
+				<xs:element name="Router_Solicitation" type="PacketObj:RouterSolicitationType" minOccurs="0">
+					<xs:annotation>
+						<xs:documentation>Hosts send Router Solicitations in order to prompt routers to generate Router Advertisements quickly (type=133; code=0).</xs:documentation>
+					</xs:annotation>
+				</xs:element>
+				<xs:element name="Router_Advertisement" type="PacketObj:RouterAdvertisementType" minOccurs="0">
+					<xs:annotation>
+						<xs:documentation>Routers send out Router Advertisement messages periodically, or in response to Router Solicitations (type=134; code=0).</xs:documentation>
+					</xs:annotation>
+				</xs:element>
+				<xs:element name="Neighbor_Solicitation" type="PacketObj:NeighborSolicitationType" minOccurs="0" maxOccurs="1">
+					<xs:annotation>
+						<xs:documentation>Nodes send Neighbor Solicitations to request the link-layer address of a target node while also providing their own link-layer address to the target. Neighbor Solicitations are multicast when the node needs to resolve an address and unicast when the node seeks to verify the reachability of a neighbor (type=135; code=0).</xs:documentation>
+					</xs:annotation>
+				</xs:element>
+				<xs:element name="Neighbor_Advertisement" type="PacketObj:NeighborAdvertisementType" minOccurs="0">
+					<xs:annotation>
+						<xs:documentation>A node sends Neighbor Advertisements in response to Neighbor Solicitations and sends unsolicited Neighbor Advertisements in order to (unreliably) propagate new information quickly (type=136; code=0).</xs:documentation>
+					</xs:annotation>
+				</xs:element>
+				<xs:element name="Redirect" type="PacketObj:RedirectType" minOccurs="0">
+					<xs:annotation>
+						<xs:documentation>Routers send Redirect packets to inform a host of a better first-hop node on the path to a destination. Hosts can be redirected to a better first-hop router but can also be informed by a redirect that the destination is in fact a neighbor. The latter is accomplished by setting the ICMP Target Address equal to the ICMP Destination Address (type=137; code=0).</xs:documentation>
+					</xs:annotation>
+				</xs:element>
+			</xs:choice>
+		</xs:sequence>
+	</xs:complexType>
+	<xs:complexType name="RouterSolicitationType">
+		<xs:annotation>
+			<xs:documentation>Hosts send Router Solicitations in order to prompt routers to generate Router Advertisements quickly.(type=133; code=0)</xs:documentation>
+		</xs:annotation>
+		<xs:sequence minOccurs="0">
+			<xs:element name="Options" type="PacketObj:RouterSolicitationOptionsType" minOccurs="0" maxOccurs="unbounded">
+				<xs:annotation>
+					<xs:documentation>Router Solicitation messages include zero or more options, some of which may appear multiple times in the same message.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+		</xs:sequence>
+	</xs:complexType>
+	<xs:complexType name="RouterSolicitationOptionsType">
+		<xs:annotation>
+			<xs:documentation>Neighbor Discovery messages include zero or more options, some of which may appear multiple times in the same message.</xs:documentation>
+		</xs:annotation>
+		<xs:choice minOccurs="0">
+			<xs:element name="Src_Link_Addr" type="PacketObj:NDPSrcLinkAddrType" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>Src Link Addr characterizes the Source Link-Layer Address option.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+		</xs:choice>
+	</xs:complexType>
+	<xs:complexType name="RouterAdvertisementType">
+		<xs:annotation>
+			<xs:documentation>Routers send out Router Advertisement messages periodically, or in response to Router Solicitations. (type=134; code=0)</xs:documentation>
+		</xs:annotation>
+		<xs:sequence minOccurs="0">
+			<xs:element name="Cur_Hop_Limit" type="cyboxCommon:IntegerObjectPropertyType" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>8-bit unsigned integer. The default value that should be placed in the Hop Count field of the IP header for outgoing IP packets. A value of zero means unspecified (by this router).</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="Router_Lifetime" type="cyboxCommon:IntegerObjectPropertyType" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>16-bit unsigned integer. The lifetime associated with the default router in units of seconds. The field can contain values up to 65535 and receivers should handle any value, while the sending rules in Section 6 limit the lifetime to 9000 seconds.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="Reachable_Time" type="cyboxCommon:IntegerObjectPropertyType" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>32-bit unsigned integer. The time, in milliseconds, between retransmitted Neighbor Solicitation messages. Used by address resolution and the Neighbor Unreachability Detection algorithm. A value of zero means unspecified (by this router).</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="Retrans_Timer" type="cyboxCommon:IntegerObjectPropertyType" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>32-bit unsigned integer. The time, in milliseconds, between retransmitted Neighbor Solicitation messages. Used by address resolution and the Neighbor Unreachability Detection algorithm. A value of zero means unspecified (by this router)</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="Options" type="PacketObj:RouterAdvertisementOptionsType" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>Neighbor Discovery messages include zero or more options, some of which may appear multiple times in the same message.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+		</xs:sequence>
+		<xs:attribute name="managed_address_config_flag" type="xs:boolean">
+			<xs:annotation>
+				<xs:documentation>1-bit "Managed address configuration" flag. When set, it indicates that addresses are available via Dynamic Host Configuration Protocol. If the M flag is set, the O flag is redundant and can be ignored because DHCPv6 will return all available configuration information.</xs:documentation>
+			</xs:annotation>
+		</xs:attribute>
+		<xs:attribute name="other_config_flag" type="xs:boolean">
+			<xs:annotation>
+				<xs:documentation>1-bit "Other configuration" flag. When set, it indicates that other configuration information is available via DHCPv6. Examples of such information are DNS-related information or information on other servers within the network.</xs:documentation>
+			</xs:annotation>
+		</xs:attribute>
+	</xs:complexType>
+	<xs:complexType name="RouterAdvertisementOptionsType">
+		<xs:annotation>
+			<xs:documentation>Router Advertisement messages include zero or more options, some of which may appear multiple times in the same message.</xs:documentation>
+		</xs:annotation>
+		<xs:choice minOccurs="0">
+			<xs:element name="Src_Link_Addr" type="PacketObj:NDPSrcLinkAddrType" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>Src Link Addr characterizes the Source Link-Layer Address option.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="MTU" type="PacketObj:NDPMTUType" minOccurs="0" maxOccurs="1">
+				<xs:annotation>
+					<xs:documentation>32-bit unsigned integer. The recommended MTU for the link.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="Prefix_Info" type="PacketObj:NDPPrefixInfoType" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>Prefix Info characterizes Prefix Information for Router Advertisement Options.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+		</xs:choice>
+	</xs:complexType>
+	<xs:complexType name="NeighborSolicitationType">
+		<xs:annotation>
+			<xs:documentation>Nodes send Neighbor Solicitations to request the link-layer address of a target node while also providing their own link-layer address to the target. Neighbor Solicitations are multicast when the node needs to resolve an address and unicast when the node seeks to verify the reachability of a neighbor. (type=135; code=0)</xs:documentation>
+		</xs:annotation>
+		<xs:sequence>
+			<xs:element name="Target_IPv6_Addr" type="AddressObj:AddressObjectType" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>The IP address of the target of the solicitation.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="Options" type="PacketObj:NeighborSolicitationOptionsType" minOccurs="0" maxOccurs="1">
+				<xs:annotation>
+					<xs:documentation>Neighbor Solicitation messages include zero or more options, some of which may appear multiple times in the same message.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+		</xs:sequence>
+	</xs:complexType>
+	<xs:complexType name="NeighborSolicitationOptionsType">
+		<xs:annotation>
+			<xs:documentation>Neighbor Solicitation messages include zero or more options, some of which may appear multiple times in the same message.</xs:documentation>
+		</xs:annotation>
+		<xs:choice minOccurs="0">
+			<xs:element name="Src_Link_Addr" type="PacketObj:NDPSrcLinkAddrType" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>Src Link Addr characterizes the Source Link-Layer Address option.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+		</xs:choice>
+	</xs:complexType>
+	<xs:complexType name="NeighborAdvertisementType">
+		<xs:annotation>
+			<xs:documentation>A node sends Neighbor Advertisements in response to Neighbor Solicitations and sends unsolicited Neighbor Advertisements in order to (unreliably) propagate new information quickly. (type=136; code=0)</xs:documentation>
+		</xs:annotation>
+		<xs:sequence minOccurs="0">
+			<xs:element name="Target_IPv6_Addr" type="AddressObj:AddressObjectType" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>The IP address of the target of the advertisement.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="Options" type="PacketObj:NeighborOptionsType" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>Neighbor Advertisement messages include zero or more options, some of which may appear multiple times in the same message.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+		</xs:sequence>
+		<xs:attribute name="router_flag" type="xs:boolean">
+			<xs:annotation>
+				<xs:documentation>Router flag. When set, the R-bit indicates that the sender is a router. The R-bit is used by Neighbor Unreachability Detection to detect a router that changes to a host.</xs:documentation>
+			</xs:annotation>
+		</xs:attribute>
+		<xs:attribute name="solicited_flag" type="xs:boolean">
+			<xs:annotation>
+				<xs:documentation>Solicited flag. When set, the S-bit indicates that the advertisement was sent in response to a Neighbor Solicitation from the Destination address. The S-bit is used as a reachability confirmation for Neighbor Unreachability Detection.</xs:documentation>
+			</xs:annotation>
+		</xs:attribute>
+		<xs:attribute name="override_flag" type="xs:boolean">
+			<xs:annotation>
+				<xs:documentation>Override flag. When set, the O-bit indicates that the advertisement should override an existing cache entry and update the cached link-layer address.</xs:documentation>
+			</xs:annotation>
+		</xs:attribute>
+	</xs:complexType>
+	<xs:complexType name="NeighborOptionsType">
+		<xs:annotation>
+			<xs:documentation>Neighbor Advertisement messages include zero or more options, some of which may appear multiple times in the same message.</xs:documentation>
+		</xs:annotation>
+		<xs:choice minOccurs="0">
+			<xs:element name="Target_Link_Addr" type="PacketObj:NDPTargetLinkAddrType" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>Target Link Addr characterizes the Target Link-Layer Address option.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+		</xs:choice>
+	</xs:complexType>
+	<xs:complexType name="RedirectType">
+		<xs:annotation>
+			<xs:documentation>Routers send Redirect packets to inform a host of a better first-hop node on the path to a destination. Hosts can be redirected to a better first-hop router but can also be informed by a redirect that the destination is in fact a neighbor. The latter is accomplished by setting the ICMP Target Address equal to the ICMP Destination Address. (type=137; code=0)</xs:documentation>
+		</xs:annotation>
+		<xs:sequence minOccurs="0">
+			<xs:element name="Target_IPv6_Addr" type="AddressObj:AddressObjectType" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>An IP address that is a better first hop to use for the ICMP Destination Address.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="Dest_IPv6_Addr" type="AddressObj:AddressObjectType" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>The IP address of the destination that is redirected to the target.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="Options" type="PacketObj:RedirectOptionsType" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>Redirect messages include zero or more options, some of which may appear multiple times in the same message.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+		</xs:sequence>
+	</xs:complexType>
+	<xs:complexType name="RedirectOptionsType">
+		<xs:annotation>
+			<xs:documentation>Redirect messages include zero or more options, some of which may appear multiple times in the same message.</xs:documentation>
+		</xs:annotation>
+		<xs:choice minOccurs="0">
+			<xs:element name="Target_Link_Addr" type="PacketObj:NDPTargetLinkAddrType" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>The linnk-layer address for the target.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="Redirected_Header" type="PacketObj:NDPRedirectedHeaderType" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>As much as possible of the IP packet that triggered the sending of the Redirect message without making the redirect packet exceed the minimum MTU specified in the IPv6 protocol.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+		</xs:choice>
+	</xs:complexType>
+	<xs:complexType name="NDPSrcLinkAddrType">
+		<xs:annotation>
+			<xs:documentation>Src Link Addr characterizes the Source Link-Layer Address option. (type=1)</xs:documentation>
+		</xs:annotation>
+		<xs:sequence minOccurs="0">
+			<xs:element name="Length" type="cyboxCommon:IntegerObjectPropertyType" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>The length of the option (including the type and length fields) in units of 8 octets.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="Link_Layer_MAC_Addr" type="AddressObj:AddressObjectType" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>The variable length link-layer address. The content and format of this field (including byte and bit ordering) is expected to be specified in specific documents that describe how IPv6 operates over different link layers.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+		</xs:sequence>
+	</xs:complexType>
+	<xs:complexType name="NDPTargetLinkAddrType">
+		<xs:annotation>
+			<xs:documentation>Target Link Addr characterizes the Target Link-Layer Address option. (type=2)</xs:documentation>
+		</xs:annotation>
+		<xs:sequence minOccurs="0">
+			<xs:element name="Length" type="cyboxCommon:IntegerObjectPropertyType" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>The length of the option (including the type and length fields) in units of 8 octets.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="Link_Layer_MAC_Addr" type="AddressObj:AddressObjectType" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>The variable length link-layer address. The content and format of this field (including byte and bit ordering) is expected to be specified in specific documents that describe how IPv6 operates over different link layers.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+		</xs:sequence>
+	</xs:complexType>
+	<xs:complexType name="NDPPrefixInfoType">
+		<xs:annotation>
+			<xs:documentation>Prefix Info characterizes Prefix Information for Router Advertisement Options. It provides hosts with on-link prefixes and prefixes for Address Autoconfiguration. (type=3). RFC 4861.</xs:documentation>
+		</xs:annotation>
+		<xs:sequence minOccurs="0">
+			<xs:element name="Length" type="cyboxCommon:IntegerObjectPropertyType" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>Length characterizes the length of the option (the number of valid leading bits in the prefix), and is represented as a 32-bit integer. </xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="Prefix_Length" type="cyboxCommon:IntegerObjectPropertyType" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>8-bit unsigned integer. The number of leading bits in the Prefix that are valid. The value ranges from 0 to 128. The prefix length field provides necessary information for on-link determination (when combined with the L flag in the prefix information option).</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="Valid_Lifetime" type="cyboxCommon:IntegerObjectPropertyType" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>32-bit unsigned integer. The length of time in seconds (relative to the time the packet is sent) that the prefix is valid for the purpose of on-link determination. A value of all one bits (0xffffffff) represents infinity.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="Preferred_Lifetime" type="cyboxCommon:IntegerObjectPropertyType" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>32-bit unsigned integer. The length of time in seconds (relative to the time the packet is sent) that addresses generated from the prefix via stateless address autoconfiguration remain preferred.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="Prefix" type="PacketObj:PrefixType" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>The Prefix is an IP address or a prefix of an IP address. </xs:documentation>
+				</xs:annotation>
+			</xs:element>
+		</xs:sequence>
+		<xs:attribute name="link_flag" type="xs:boolean">
+			<xs:annotation>
+				<xs:documentation>1-bit on-link flag. When set, indicates that this prefix can be used for on-link determintation. When not set the advertisement makes no statement about on-link or off-link properties of the prefix.</xs:documentation>
+			</xs:annotation>
+		</xs:attribute>
+		<xs:attribute name="addr_config_flag" type="xs:boolean">
+			<xs:annotation>
+				<xs:documentation>1-bit autonomous address-configuration flag. When set indicates that this prefix can be usd for stateless address configuration.</xs:documentation>
+			</xs:annotation>
+		</xs:attribute>
+	</xs:complexType>
+	<xs:complexType name="NDPRedirectedHeaderType">
+		<xs:annotation>
+			<xs:documentation>The redirected header option is used in redirect messages and contains all or part of the packet that is being redirected. (type=4)</xs:documentation>
+		</xs:annotation>
+		<xs:sequence minOccurs="0">
+			<xs:element name="Length" type="cyboxCommon:IntegerObjectPropertyType" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>The length of the option (including the type and length fields) in units of 8 octets.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="IPHeader_And_Data" type="cyboxCommon:HexBinaryObjectPropertyType" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>As much as possible of the IP packet that triggered the sending of the redirect without making redirect packet larger than MTU.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+		</xs:sequence>
+	</xs:complexType>
+	<xs:complexType name="NDPMTUType">
+		<xs:annotation>
+			<xs:documentation>The MTU option is used in Router Advertisement messages to ensure that all nodes on a link use the same MTU value in those cases where the link MTU is not well known. (type=5).</xs:documentation>
+		</xs:annotation>
+		<xs:sequence>
+			<xs:element name="Length" type="cyboxCommon:IntegerObjectPropertyType" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>The length of the MTU option type: length=1.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="MTU" type="cyboxCommon:IntegerObjectPropertyType" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>The recommended MTU for the link. 32-bit unsigned integer.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+		</xs:sequence>
+	</xs:complexType>
+	<xs:complexType name="InternetLayerType">
+		<xs:annotation>
+			<xs:documentation>The Internet layer is the group of methods, protocols, and specifications that are used to transport packets from the origiating host across network boundaries. Not all protocols are currently defined, just those most commonly used: IPv4, ICMPv4, IPv6, ICMPv6. Other protocols will be added as needed. (http://en.wikipedia.org/wiki/Internet_layer)</xs:documentation>
+		</xs:annotation>
+		<xs:choice>
+			<xs:element name="IPv4" type="PacketObj:IPv4PacketType" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>Internet Protocol version 4 (IPv4) is a connectionless protocol for use on packet-switched link layer networks (e.g., Ethernet).</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="ICMPv4" type="PacketObj:ICMPv4PacketType" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>ICMP is chiefly used the the operating systems of networked computers to send error messages indicating, for example, that a requested serivce is not available or that a host or router could not be reached (http://en.wikipedia.org/wiki/Internet_Control_Message_Protocol; REF: http://www.networksorcery.com/enp/protocol/icmp.htm).</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="IPv6" type="PacketObj:IPv6PacketType" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>Internet Protocol version 6 (IPv6) is intended to succeed IPv4, and like IPv4 it is a connectionless protocol for use on packet-switched link layer networks.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="ICMPv6" type="PacketObj:ICMPv6PacketType" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>ICMPv6 is the implementation of the ICMP for INv6. ICMPv6 performs error reporting and diagnostic functions.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+		</xs:choice>
+	</xs:complexType>
+	<xs:complexType name="IPv4PacketType">
+		<xs:annotation>
+			<xs:documentation>Internet Protocol version 4 (IPv4) is a connectionless protocol for use on packet-switched link layer networks (e.g., Ethernet). REF: RFC 791; http://en.wikipedia.org/wiki/IPv4.</xs:documentation>
+		</xs:annotation>
+		<xs:sequence>
+			<xs:element name="IPv4_Header" type="PacketObj:IPv4HeaderType" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>The IPv4 header provides addressing, and internet modules use fields in the header to fragment and reassemble internet datagrams when necessary for transmission through small packet networks.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="Data" type="cyboxCommon:HexBinaryObjectPropertyType" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>The data portion of an IP packet is interpreted based on the value of the Protocol header field. Actual field values will probably be specified in the elements of the different network layers, but we provide a field here to capture any data as necessary.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+		</xs:sequence>
+	</xs:complexType>
+	<xs:complexType name="IPv4HeaderType">
+		<xs:annotation>
+			<xs:documentation>The IPv4 header provides addressing, and internet modules use fields in the header to fragment and reassemble internet datagrams when necessary for transmission through small packet networks. REF: RFC 791.</xs:documentation>
+		</xs:annotation>
+		<xs:sequence minOccurs="0">
+			<xs:element name="IP_Version" type="PacketObj:IPVersionType" fixed="IPv4(4)" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>The version field indicates the format of the internet header. For IP v4, the version is 4.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="Header_Length" type="cyboxCommon:IntegerObjectPropertyType" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>The Internet Header Length specifies the length of IP packet header in 32 bit words. Min value = 5.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="DSCP" type="cyboxCommon:HexBinaryObjectPropertyType" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>Originally defined as the Type of Service field, the Differentiated Services Code Point (DSCP) field is now defined by RFC 2474 for Differentiated services (DiffServ). New technologies are emerging that require real-time data streaming and therefore make use of the DSCP field. An example is Voice over IP (VoIP), which is used for interactive data voice exchange (http://en.wikipedia.org/wiki/IPv4).</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="ECN" type="cyboxCommon:HexBinaryObjectPropertyType" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>Explicit Congestion Notification: This field is defined in RFC 3168 and allows end-to-end notification of network congestion without dropping packets. ECN is an optional feature that is only used when both endpoints support it and are willing to use it. It is only effective when supported by the underlying network. (http://en.wikipedia.org/wiki/IPv4).</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="Total_Length" type="cyboxCommon:HexBinaryObjectPropertyType" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>This 16-bit field defines the entire datagram size, including header and data, in bytes.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="Identification" type="cyboxCommon:PositiveIntegerObjectPropertyType" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>The Identification field is primarily used for uniquely identifying fragments of an original IP datagram. (http://en.wikipedia.org/wiki/IPv4)</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="Flags" type="PacketObj:IPv4FlagsType" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>This is a three-bit field used to control or identify fragments. An field has been defined for each bit with associated enumerated types.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="Fragment_Offset" type="cyboxCommon:HexBinaryObjectPropertyType" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>The fragment offset field is 13 bits long and specifies the offset of a particular fragment relative to the beinnng of the original unfragmented IP datagram. http://en.wikipedia.org/wiki/IPv4</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="TTL" type="cyboxCommon:HexBinaryObjectPropertyType" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>This 8-bit field helps prevent datagrams from persisting on an internet (it limits a datagram's lifetime).</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="Protocol" type="PacketObj:IANAAssignedIPNumbersType" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>This field defines the protocol used in the data portion of the IP datagram. The type of this field is an enumerated list of IP protocol numbers as maintained by the Internet Assigned Numbers Authority.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="Checksum" type="cyboxCommon:HexBinaryObjectPropertyType" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>This field is a 16-bit checksum used for error-checking of the header.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="Src_IPv4_Addr" type="AddressObj:AddressObjectType" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>This field is the IPv4 address of the sender of the packet.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="Dest_IPv4_Addr" type="AddressObj:AddressObjectType" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>This field is the IPv4 address of the receiver of the packet.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:sequence minOccurs="0">
+				<xs:element name="Option" type="PacketObj:IPv4OptionType" minOccurs="0" maxOccurs="unbounded">
+					<xs:annotation>
+						<xs:documentation>The IPv4 option field is variable in length with zero or more options. It is not often used. http://en.wikipedia.org/wiki/IPv4</xs:documentation>
+					</xs:annotation>
+				</xs:element>
+			</xs:sequence>
+		</xs:sequence>
+	</xs:complexType>
+	<xs:complexType name="IPv4FlagsType">
+		<xs:annotation>
+			<xs:documentation>These flag types are used to control or identify fragments in an IP packet. It is a three-bit field, each of the three bits are defined by a field with a string value that indicates the meaning of whether or not the bit is set.</xs:documentation>
+		</xs:annotation>
+		<xs:sequence minOccurs="0">
+			<xs:element name="Reserved" type="cyboxCommon:IntegerObjectPropertyType" fixed="0" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>Bit 0: This bit value (0) is reserved and must be zero.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="Do_Not_Fragment" type="PacketObj:DoNotFragmentType" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>Bit 1: This is the "don't fragment" bit. Values are specified in the DoNotFragmentType.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="More_Fragments" type="PacketObj:MoreFragmentsType" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>Bit 2: This is the "more fragments" bit. Values are specified in the MoreFragmentsType.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+		</xs:sequence>
+	</xs:complexType>
+	<xs:complexType name="DoNotFragmentType">
+		<xs:annotation>
+			<xs:documentation>DoNotFragmentType specifies fragmenting options, via a union of the DoNotFragmentTypeEnum type and the atomic xs:string type. Its base type is the BaseObjectPropertyType, for permitting complex (i.e. regular-expression based) specifications.</xs:documentation>
+		</xs:annotation>
+		<xs:simpleContent>
+			<xs:restriction base="cyboxCommon:BaseObjectPropertyType">
+				<xs:simpleType>
+					<xs:union memberTypes="PacketObj:DoNotFragmentTypeEnum xs:string"/>
+				</xs:simpleType>
+				<xs:attribute name="datatype" type="cyboxCommon:DatatypeEnum" fixed="string">
+					<xs:annotation>
+						<xs:documentation>This attribute is optional and specifies the expected type for the value of the specified property.</xs:documentation>
+					</xs:annotation>
+				</xs:attribute>
+			</xs:restriction>
+		</xs:simpleContent>
+	</xs:complexType>
+	<xs:simpleType name="DoNotFragmentTypeEnum">
+		<xs:annotation>
+			<xs:documentation>This type enumerates the meaning of the Do Not Fragment bit used in IPv4 flags.</xs:documentation>
+		</xs:annotation>
+		<xs:restriction base="xs:string">
+			<xs:enumeration value="fragementifnecessary(0)">
+				<xs:annotation>
+					<xs:documentation>Indicates that the router or other device should fragment the packet if necessary, especially if the packet size is bigger than the MTU of an outgoing interface.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="donotfragment(1)">
+				<xs:annotation>
+					<xs:documentation>Indicates that the router or other device should NOT fragment the packet in any circumstance.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+		</xs:restriction>
+	</xs:simpleType>
+	<xs:complexType name="MoreFragmentsType">
+		<xs:annotation>
+			<xs:documentation>MoreFragmentsType specifies whether there are more fragments, via a union of the MoreFragmentsTypeEnum type and the atomic xs:string type. Its base type is the BaseObjectPropertyType, for permitting complex (i.e. regular-expression based) specifications.</xs:documentation>
+		</xs:annotation>
+		<xs:simpleContent>
+			<xs:restriction base="cyboxCommon:BaseObjectPropertyType">
+				<xs:simpleType>
+					<xs:union memberTypes="PacketObj:MoreFragmentsTypeEnum xs:string"/>
+				</xs:simpleType>
+				<xs:attribute name="datatype" type="cyboxCommon:DatatypeEnum" fixed="string">
+					<xs:annotation>
+						<xs:documentation>This attribute is optional and specifies the expected type for the value of the specified property.</xs:documentation>
+					</xs:annotation>
+				</xs:attribute>
+			</xs:restriction>
+		</xs:simpleContent>
+	</xs:complexType>
+	<xs:simpleType name="MoreFragmentsTypeEnum">
+		<xs:annotation>
+			<xs:documentation>This type enumerates the meaning of the More Fragments bit used in IPv4 flags.</xs:documentation>
+		</xs:annotation>
+		<xs:restriction base="xs:string">
+			<xs:enumeration value="lastfragment(0)">
+				<xs:annotation>
+					<xs:documentation>Indicates that the last fragment has been received. In other words, the "more fragments" flag is set to 0.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="morefragmentstofollow(1)">
+				<xs:annotation>
+					<xs:documentation>Indicates that more fragments need to be received. In other words, the "more fragments" flag is set.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+		</xs:restriction>
+	</xs:simpleType>
+	<xs:complexType name="IPv4OptionType">
+		<xs:annotation>
+			<xs:documentation>The IPv4 option field is variable in length with zero or more options. </xs:documentation>
+		</xs:annotation>
+		<xs:sequence>
+			<xs:element name="Copy_Flag" type="PacketObj:IPv4CopyFlagType" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>The copied flag indicates that this option is copied into all fragments on fragmentation. 1 bit. They are represented in this field by a string which specifies their value.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="Class" type="PacketObj:IPv4ClassType" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>The option class is represented by 2 bits where 0 = control; 1 = reserved for future use; 2 = debugging and measurement; 3 = reserved for future use. These enumerated values are defined for this field.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="Option" type="PacketObj:IPv4OptionsType" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>The Internet Protocol has provision for optional header fields indeitified by an option type. These types are enumerated in the IPv4OptionsType.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+		</xs:sequence>
+	</xs:complexType>
+	<xs:complexType name="IPv4CopyFlagType">
+		<xs:annotation>
+			<xs:documentation>IPv4CopyFlagType specifies value of IPv4 copy flag, via a union of the IPv4CopyFlagTypeEnum type and the atomic xs:string type. Its base type is the BaseObjectPropertyType, for permitting complex (i.e. regular-expression based) specifications.</xs:documentation>
+		</xs:annotation>
+		<xs:simpleContent>
+			<xs:restriction base="cyboxCommon:BaseObjectPropertyType">
+				<xs:simpleType>
+					<xs:union memberTypes="PacketObj:IPv4CopyFlagTypeEnum xs:string"/>
+				</xs:simpleType>
+				<xs:attribute name="datatype" type="cyboxCommon:DatatypeEnum" fixed="string">
+					<xs:annotation>
+						<xs:documentation>This attribute is optional and specifies the expected type for the value of the specified property.</xs:documentation>
+					</xs:annotation>
+				</xs:attribute>
+			</xs:restriction>
+		</xs:simpleContent>
+	</xs:complexType>
+	<xs:simpleType name="IPv4CopyFlagTypeEnum">
+		<xs:annotation>
+			<xs:documentation>The copy flag indicates whether the option is copied into all fragments on fragmentation (0=not copied; 1=copied). This information is also captured in the IPv4OptionsTypeEnum which lists all options, which incorporates copy and class numbers.</xs:documentation>
+		</xs:annotation>
+		<xs:restriction base="xs:string">
+			<xs:enumeration value="donotcopy(0)">
+				<xs:annotation>
+					<xs:documentation>Indicates that the options need NOT be copied into all fragments of a fragmented packet.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="copy(1)">
+				<xs:annotation>
+					<xs:documentation>Indicates that the options need to be copied into all fragments of a fragmented packet.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+		</xs:restriction>
+	</xs:simpleType>
+	<xs:complexType name="IPv4ClassType">
+		<xs:annotation>
+			<xs:documentation>IPv4ClassType specifies IPv4 class type, via a union of the IPv4ClassTypeEnum type and the atomic xs:string type. Its base type is the BaseObjectPropertyType, for permitting complex (i.e. regular-expression based) specifications.</xs:documentation>
+		</xs:annotation>
+		<xs:simpleContent>
+			<xs:restriction base="cyboxCommon:BaseObjectPropertyType">
+				<xs:simpleType>
+					<xs:union memberTypes="PacketObj:IPv4ClassTypeEnum xs:string"/>
+				</xs:simpleType>
+				<xs:attribute name="datatype" type="cyboxCommon:DatatypeEnum" fixed="string">
+					<xs:annotation>
+						<xs:documentation>This attribute is optional and specifies the expected type for the value of the specified property.</xs:documentation>
+					</xs:annotation>
+				</xs:attribute>
+			</xs:restriction>
+		</xs:simpleContent>
+	</xs:complexType>
+	<xs:simpleType name="IPv4ClassTypeEnum">
+		<xs:annotation>
+			<xs:documentation>The option class is represented by 2 bits. The explicit meanings are captured here in an enumerated list. This information is also captured in the IPv4OptionsTypeEnum which lists all options, which incorporates copy and class numbers.</xs:documentation>
+		</xs:annotation>
+		<xs:restriction base="xs:string">
+			<xs:enumeration value="control(0)">
+				<xs:annotation>
+					<xs:documentation>Indicates the "control" options.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="reserved(1)">
+				<xs:annotation>
+					<xs:documentation>Indicates a reserved value.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="debuggingandmeasurement(2)">
+				<xs:annotation>
+					<xs:documentation>Indicates the debugging and measurement options.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="reserved(3)">
+				<xs:annotation>
+					<xs:documentation>Indicates a reserved value.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+		</xs:restriction>
+	</xs:simpleType>
+	<xs:complexType name="IPv4OptionsType">
+		<xs:annotation>
+			<xs:documentation>IPv4OptionsType specifies IPv4 options, via a union of the IPv4OptionsTypeEnum type and the atomic xs:string type. Its base type is the BaseObjectPropertyType, for permitting complex (i.e. regular-expression based) specifications.</xs:documentation>
+		</xs:annotation>
+		<xs:simpleContent>
+			<xs:restriction base="cyboxCommon:BaseObjectPropertyType">
+				<xs:simpleType>
+					<xs:union memberTypes="PacketObj:IPv4OptionsTypeEnum xs:string"/>
+				</xs:simpleType>
+				<xs:attribute name="datatype" type="cyboxCommon:DatatypeEnum" fixed="string">
+					<xs:annotation>
+						<xs:documentation>This attribute is optional and specifies the expected type for the value of the specified property.</xs:documentation>
+					</xs:annotation>
+				</xs:attribute>
+			</xs:restriction>
+		</xs:simpleContent>
+	</xs:complexType>
+	<xs:simpleType name="IPv4OptionsTypeEnum">
+		<xs:annotation>
+			<xs:documentation>The Internet Protocol (IP) has provision for optional header fields identified by an option type field. Options 0 and 1 are exactly one octet which is their type field. All other options have their one octet type field, followed by a one octet length field, followed by length-2 octets of option data. The option type field is sub-divided into a one bit copied flag, a two bit class field, and a five bit option number. These taken together form an eight bit value for the option type field. IP options are commonly refered to by this value. The IPv4OptionsEnum enumerates the options numbers that can be applied in IP. See http://www.iana.org/assignments/ip-parameters for more information.</xs:documentation>
+		</xs:annotation>
+		<xs:restriction base="xs:string">
+			<xs:enumeration value="endofoptionslist(0)">
+				<xs:annotation>
+					<xs:documentation>Indicates the End of Options List option, or EOOL.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="nop(1)">
+				<xs:annotation>
+					<xs:documentation>Indicates the No Operation option, or NOP.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="security(2)">
+				<xs:annotation>
+					<xs:documentation>Indicates the Security option, or SEC.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="loosesourceroute(3)">
+				<xs:annotation>
+					<xs:documentation>Indicates the Loose Source Route option, or LSR.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="timestamp(4)">
+				<xs:annotation>
+					<xs:documentation>Indicates the Time Stamp option, or TS.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="extendedsecurity(5)">
+				<xs:annotation>
+					<xs:documentation>Indicates the Extended Security option, or E-SEC.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="commercialsecurity(6)">
+				<xs:annotation>
+					<xs:documentation>Indicates the Commercial Security option, or CIPSO.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="recordroute(7)">
+				<xs:annotation>
+					<xs:documentation>Indicates the Record Route option, or RR.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="streamidentifier(8)">
+				<xs:annotation>
+					<xs:documentation>Indicates the Stream ID option, or SID.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="strictsourceroute(9)">
+				<xs:annotation>
+					<xs:documentation>Indicates the Strict Source Route option, or SSR.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="experimentalmeasure(10)">
+				<xs:annotation>
+					<xs:documentation>Indicates the Experimental Measurement option, or ZSU.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="mtuprobe(11)">
+				<xs:annotation>
+					<xs:documentation>Indicates the MTU probe option, or MTUP.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="mtureply(12)">
+				<xs:annotation>
+					<xs:documentation>Indicates the MTU reply option, or MTUR.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="experimentalflowcontrol(13)">
+				<xs:annotation>
+					<xs:documentation>Indicates the Experimental Flow Control option, or FINN.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="experimentalaccesscontrol(14)">
+				<xs:annotation>
+					<xs:documentation>Indicates the Experimental Access Control option, or FINN.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="encode(15)">
+				<xs:annotation>
+					<xs:documentation/>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="imitrafficdescriptor(16)">
+				<xs:annotation>
+					<xs:documentation>Indicates the IMI Traffic Descriptor option, or IMITD.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="extendedip(17)">
+				<xs:annotation>
+					<xs:documentation>Indicates the Extended Internet Protocol option, or EIP.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="traceroute(18)">
+				<xs:annotation>
+					<xs:documentation>Indicates the Trace Route option, or TR.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="addressextension(19)">
+				<xs:annotation>
+					<xs:documentation>Indicates the Address Extension option, or ADDEXT.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="routeralert(20)">
+				<xs:annotation>
+					<xs:documentation>Indicates a Router Alert option, or RTRALT.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="selectivedirectedbroadcasemode(21)">
+				<xs:annotation>
+					<xs:documentation>Indicates a Selective Directed Broadcast option, or SDB.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="dynamicepacketstate(23)">
+				<xs:annotation>
+					<xs:documentation>Indicates the Dynamic Packet State option, or DPS.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="upstreammulticastpacket(24)">
+				<xs:annotation>
+					<xs:documentation>Indicates the Upstream Multicast Packet option, or UMP.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="quickstart(25)">
+				<xs:annotation>
+					<xs:documentation>Indicates the Quick-Start option, or QS.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="exp(30)">
+				<xs:annotation>
+					<xs:documentation>Indicates the RFC3692-style Experiment option, or EXP.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+		</xs:restriction>
+	</xs:simpleType>
+	<xs:complexType name="IPv6PacketType">
+		<xs:annotation>
+			<xs:documentation>Internet Protocol version 6 (IPv6) is intended to succeed IPv4, and like IPv4 it is a connectionless protocol for use on packet-switched link layer networks. RFC 3513, RFC 2460, http://en.wikipedia.org/wiki/IPv6.</xs:documentation>
+		</xs:annotation>
+		<xs:sequence>
+			<xs:element name="IPv6_Header" type="PacketObj:IPv6HeaderType" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>IPv6 headers is a simplification of the IPv4 header.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:sequence minOccurs="0">
+				<xs:element name="Ext_Headers" type="PacketObj:IPv6ExtHeaderType" minOccurs="0" maxOccurs="unbounded">
+					<xs:annotation>
+						<xs:documentation>In IPv6, optional internet-layer information is encoded in separate headers that may be placed between the IPv6 header and the upper-layer header in a packet. http://tools.ietf.org/html/rfc2460</xs:documentation>
+					</xs:annotation>
+				</xs:element>
+			</xs:sequence>
+		</xs:sequence>
+	</xs:complexType>
+	<xs:complexType name="IPv6HeaderType">
+		<xs:annotation>
+			<xs:documentation>The IPv6 header is a simplification of the IPv4 header. </xs:documentation>
+		</xs:annotation>
+		<xs:sequence>
+			<xs:element name="IP_Version" type="PacketObj:IPVersionTypeEnum" fixed="IPv6(6)" minOccurs="0" maxOccurs="1">
+				<xs:annotation>
+					<xs:documentation>4-bit Internet Protocol version number =6.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="Traffic_Class" type="cyboxCommon:HexBinaryObjectPropertyType" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>8-bit traffic class field. Available for use by originating nodes and/or forwarding routers to identify and distinguish between different classes or priorities of IPv6 packets. http://tools.ietf.org/html/rfc2460#section-7</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="Flow_Label" type="cyboxCommon:HexBinaryObjectPropertyType" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>20-bit flow label. Used by a source to label sequences of packets for which it requests special handling by the IPv6 routers, such as non-default quality of service. http://tools.ietf.org/html/rfc2460#section-6.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="Payload_Length" type="cyboxCommon:HexBinaryObjectPropertyType" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>16-bit unsigned integer. Length of the IPv6 payload (the rest of the packet following the IPv6 header) in octets. Any extension headers are considered part of the payload.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="Next_Header" type="PacketObj:IANAAssignedIPNumbersType" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>8-bit selector. Identifies the type of header immediately following the IPv6 header. Uers the same values as the IPv4 protocol field.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="TTL" type="cyboxCommon:PositiveIntegerObjectPropertyType" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>TTL/hop limit specifies how many times a packet can be forwarded. 8-bit unsigned integer.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="Src_IPv6_Addr" type="AddressObj:AddressObjectType" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>128-bit address of the originator of the packet.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="Dest_IPv6_Addr" type="AddressObj:AddressObjectType" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>128-bit address of the intended recipient of the packet.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+		</xs:sequence>
+	</xs:complexType>
+	<xs:complexType name="IPv6ExtHeaderType">
+		<xs:annotation>
+			<xs:documentation>In IPv6, optional internet-layer information is encoded in separate headers that may be placed between the IPv6 header and the upper-layer header in a packet. An IPv6 packet may carry zero, one, or more extension headers, each identified by the Next Header field of the preceding header. http://tools.ietf.org/html/rfc2460</xs:documentation>
+		</xs:annotation>
+		<xs:choice minOccurs="0" maxOccurs="1">
+			<xs:element name="Hop_by_Hop_Options" type="PacketObj:HopByHopOptionsType" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>The Hop-by-Hop Options header is used to carry optional information that must be examined by every node along a packet's delivery path. It carries a variable number of type-length-value (TLV) encoded options.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="Routing" type="PacketObj:RoutingType" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>The Routing header is used by an IPv6 source to list one or more intermediate nodes to be "visited" on the way to a packet's destination. http://tools.ietf.org/html/rfc2460</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="Fragment" type="PacketObj:FragmentType" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>The Fragment header is used by an IPv6 source to send a packet larger than would fit in the path MTU. A fragment packet begins with an unfragmentable part consisting of the IPv6 header plus all extension headers up to and including the routing header. We don't include it for this field because the data is already stored in other elements. We provide the elements necessary for the Fragmentable Part. http://tools.ietf.org/html/rfc2460</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="Destination_Options" type="PacketObj:DestinationOptionsType" minOccurs="0" maxOccurs="2">
+				<xs:annotation>
+					<xs:documentation>The Destination Options header is used to carry optional information that needs to be examined only by a packet's destination node(s).</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="Authentication_Header" type="PacketObj:AuthenticationHeaderType" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>Follows RFC2402. The IP Authentication Header is used to provide connectionless integrity and data origin authentication for IP datagrams and to provide protection against replays. http://www.ietf.org/rfc/rfc2402.txt</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="Excapsulating_Security_Payload" type="PacketObj:ExcapsulatingSecurityPayloadType" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>Follows RFC2406. ESP is used to provide confidentiality, data origin authentication, connectionless integrity, an anti-replay service (a form of partial sequence integrity), and limited traffic flow confidentiality. </xs:documentation>
+				</xs:annotation>
+			</xs:element>
+		</xs:choice>
+	</xs:complexType>
+	<xs:complexType name="IPv6DoNotRecogActionType">
+		<xs:annotation>
+			<xs:documentation>IPv6DoNotRecogActionType specifies possible actions when option is not recognized, via a union of the IPv6DoNotRecogActionTypeEnum type and the atomic xs:string type. Its base type is the BaseObjectPropertyType, for permitting complex (i.e. regular-expression based) specifications.</xs:documentation>
+		</xs:annotation>
+		<xs:simpleContent>
+			<xs:restriction base="cyboxCommon:BaseObjectPropertyType">
+				<xs:simpleType>
+					<xs:union memberTypes="PacketObj:IPv6DoNotRecogActionTypeEnum xs:string"/>
+				</xs:simpleType>
+				<xs:attribute name="datatype" type="cyboxCommon:DatatypeEnum" fixed="string">
+					<xs:annotation>
+						<xs:documentation>This attribute is optional and specifies the expected type for the value of the specified property.</xs:documentation>
+					</xs:annotation>
+				</xs:attribute>
+			</xs:restriction>
+		</xs:simpleContent>
+	</xs:complexType>
+	<xs:simpleType name="IPv6DoNotRecogActionTypeEnum">
+		<xs:annotation>
+			<xs:documentation>Enumerates possible actions when an option is not recognized.</xs:documentation>
+		</xs:annotation>
+		<xs:restriction base="xs:string">
+			<xs:enumeration value="skipoption(00)">
+				<xs:annotation>
+					<xs:documentation>Indicates that the option should be skipped and the header should continue to be processed. See RFC 2460.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="discardpacket(01)">
+				<xs:annotation>
+					<xs:documentation>Indicates that the packet should be discarded. See RFC 2460.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="discardpacketsendicmpcode2(10)">
+				<xs:annotation>
+					<xs:documentation>Indicates that the packet should be discarded and regardless of whether or not the packet's Destination Address was a multicast address, send an ICMP Parameter Problem, Code 2, message to the packet's Source Address, pointing to the unrecognized Option Type. See RFC 2460.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="discardpacketsendicmpcode2nomulti(11)">
+				<xs:annotation>
+					<xs:documentation>Indicates that the packet should be discarded and only if the packet's Destination Address was not a multicast address, send an ICMP Parameter Problem, Code 2, message to the packet's Source Address, pointing to the unrecognized Option Type. See RFC 2460.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+		</xs:restriction>
+	</xs:simpleType>
+	<xs:complexType name="IPv6PacketChangeType">
+		<xs:annotation>
+			<xs:documentation>IPV6PacketChangeType specifies whether a packet has changed, via a union of the IPv6PacketChangeTypeEnum type and the atomic xs:string type. Its base type is the BaseObjectPropertyType, for permitting complex (i.e. regular-expression based) specifications.</xs:documentation>
+		</xs:annotation>
+		<xs:simpleContent>
+			<xs:restriction base="cyboxCommon:BaseObjectPropertyType">
+				<xs:simpleType>
+					<xs:union memberTypes="PacketObj:IPv6PacketChangeTypeEnum xs:string"/>
+				</xs:simpleType>
+				<xs:attribute name="datatype" type="cyboxCommon:DatatypeEnum" fixed="string">
+					<xs:annotation>
+						<xs:documentation>This attribute is optional and specifies the expected type for the value of the specified property.</xs:documentation>
+					</xs:annotation>
+				</xs:attribute>
+			</xs:restriction>
+		</xs:simpleContent>
+	</xs:complexType>
+	<xs:simpleType name="IPv6PacketChangeTypeEnum">
+		<xs:annotation>
+			<xs:documentation>Enumerated list that specifies whether or not the Option Data of an option can change en-route to the packet's final destination.</xs:documentation>
+		</xs:annotation>
+		<xs:restriction base="xs:string">
+			<xs:enumeration value="nochange(0)">
+				<xs:annotation>
+					<xs:documentation>Indicates that the packet does not change en-route. See RFC 2460.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="change(1)">
+				<xs:annotation>
+					<xs:documentation>Indicates that the packet may change en-route. See RFC 2460.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+		</xs:restriction>
+	</xs:simpleType>
+	<xs:complexType name="IPv6OptionType">
+		<xs:annotation>
+			<xs:documentation>Specifies the meaning of each bit of the 8-bit IPv6OptionType type. </xs:documentation>
+		</xs:annotation>
+		<xs:sequence minOccurs="0">
+			<xs:element name="Do_Not_Recogn_Action" type="PacketObj:IPv6DoNotRecogActionType" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>Action to be taken if the processing IPv6 nodes does not recognize the Option Type. This information is internally encoded in the Option Type identifier (higest-order two bits) such that their highest-order two bits specify the action that must be taken if the processing IPv6 node does not recognize the Option type. These possible actions are enumerated via IPv6DoNotRecogActionType.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="Packet_Change" type="PacketObj:IPv6PacketChangeType" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>The third highest order bit of the Option Data specifies whether or not the Option Data of that option can change en-route to the packet's final destination.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="Option_Byte" type="cyboxCommon:HexBinaryObjectPropertyType" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>This field may be used to specify the actual Option Type byte, with no explicit meaning attached. Meaning/intrepretation provided by the Do_Not_Recogn_Action and Packet_Change fields.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+		</xs:sequence>
+	</xs:complexType>
+	<xs:complexType name="IPVersionType">
+		<xs:annotation>
+			<xs:documentation>IPVersionType specifies IP versions, via a union of the IPVersionTypeEnum type and the atomic xs:string type. See http://www.iana.org/assignments/version-numbers/version-numbers.xml for a complete list. Its base type is the BaseObjectPropertyType, for permitting complex (i.e. regular-expression based) specifications.</xs:documentation>
+		</xs:annotation>
+		<xs:simpleContent>
+			<xs:restriction base="cyboxCommon:BaseObjectPropertyType">
+				<xs:simpleType>
+					<xs:union memberTypes="PacketObj:IPVersionTypeEnum xs:string"/>
+				</xs:simpleType>
+				<xs:attribute name="datatype" type="cyboxCommon:DatatypeEnum" fixed="string">
+					<xs:annotation>
+						<xs:documentation>This attribute is optional and specifies the expected type for the value of the specified property.</xs:documentation>
+					</xs:annotation>
+				</xs:attribute>
+			</xs:restriction>
+		</xs:simpleContent>
+	</xs:complexType>
+	<xs:simpleType name="IPVersionTypeEnum">
+		<xs:annotation>
+			<xs:documentation>Enumerates the different Internet Protocol versions. IPv4(4) and IPv6(6) are the most common.</xs:documentation>
+		</xs:annotation>
+		<xs:restriction base="xs:string">
+			<xs:enumeration value="IPv4(4)">
+				<xs:annotation>
+					<xs:documentation>Indicates IP Version 4.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="ST(5)">
+				<xs:annotation>
+					<xs:documentation>Indicates the IP version designating ST Datagram Mode.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="IPv6(6)">
+				<xs:annotation>
+					<xs:documentation>Indicates IP Version 6.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="TP/IX(7)">
+				<xs:annotation>
+					<xs:documentation>Indicates the IP version designating TP/IX: The Next Internet.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="PIP(8)">
+				<xs:annotation>
+					<xs:documentation>Indicates the IP version designating PIP: The P Internet Protocol.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="TUBA(9)">
+				<xs:annotation>
+					<xs:documentation>Indicates the IP version designating TUBA (TCP and UDP with Bigger Addresses, i.e. RFC 1347).</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+		</xs:restriction>
+	</xs:simpleType>
+	<xs:complexType name="TransportLayerType">
+		<xs:annotation>
+			<xs:documentation>only UDP and TCP defined to begin. Other protocols will be defined as necessary.</xs:documentation>
+		</xs:annotation>
+		<xs:choice>
+			<xs:annotation>
+				<xs:documentation/>
+			</xs:annotation>
+			<xs:element name="TCP" type="PacketObj:TCPType" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>TCP provides reliable, ordered delivery of a stream of bytes from a prograom on one computer to another program on another computer. http://en.wikipedia.org/wiki/Transmission_Control_Protocol</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="UDP" type="PacketObj:UDPType" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>UDP uses a simple transmission model without implicit handshaking dialogues for providing reliability, ordering, or data integrity. Thus, UDP provides an unreliable service and datagrams may arrive out of order, appear duplicated, or go missing without notice. http://en.wikipedia.org/wiki/User_Datagram_Protocol</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+		</xs:choice>
+	</xs:complexType>
+	<xs:complexType name="TCPType">
+		<xs:annotation>
+			<xs:documentation>TCP provides reliable, ordered delivery of a stream of bytes from a prograom on one computer to another program on another computer. http://en.wikipedia.org/wiki/Transmission_Control_Protocol</xs:documentation>
+		</xs:annotation>
+		<xs:sequence>
+			<xs:element name="TCP_Header" type="PacketObj:TCPHeaderType" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>The TCP header contains 10 mandatory fields and an optional extension field. http://en.wikipedia.org/wiki/Transmission_Control_Protocol</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="Options" type="cyboxCommon:HexBinaryObjectPropertyType" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>Options have up to three fields: Option-Kind (1 byte), Option-Length (1 byte), Option-Data (variable). This field will be further defined when required.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="Data" type="cyboxCommon:DataSegmentType" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>The Data field specifies the data payload of the TCP packet. </xs:documentation>
+				</xs:annotation>
+			</xs:element>
+		</xs:sequence>
+	</xs:complexType>
+	<xs:complexType name="UDPType">
+		<xs:annotation>
+			<xs:documentation>UDP uses a simple transmission model without implicit handshaking dialogues for providing reliability, ordering, or data integrity. Thus, UDP provides an unreliable service and datagrams may arrive out of order, appear duplicated, or go missing without notice. http://en.wikipedia.org/wiki/User_Datagram_Protocol</xs:documentation>
+		</xs:annotation>
+		<xs:sequence>
+			<xs:element name="UDP_Header" type="PacketObj:UDPHeaderType" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>The UDP header consists of four fields, which are defined here.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="Data" type="cyboxCommon:DataSegmentType" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>The Data field specifies the data payload of the UDP packet. </xs:documentation>
+				</xs:annotation>
+			</xs:element>
+		</xs:sequence>
+	</xs:complexType>
+	<xs:complexType name="TCPHeaderType">
+		<xs:annotation>
+			<xs:documentation>The TCP header contains 10 mandatory fields and an optional extension field. http://en.wikipedia.org/wiki/Transmission_Control_Protocol</xs:documentation>
+		</xs:annotation>
+		<xs:sequence>
+			<xs:element name="Src_Port" type="PortObj:PortObjectType" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>Identifies the sending port.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="Dest_Port" type="PortObj:PortObjectType" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>Identifies the receiveing port.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="Seq_Num" type="cyboxCommon:HexBinaryObjectPropertyType" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>The Sequence number (32-bits) has a dual role: If the SYN flag is set, then this is the initial sequence numbers. If the SYN flag is clear (see Control Bits element), then this is the accumulated sequence number of the first data byte of this packet for the current session. http://en.wikipedia.org/wiki/Transmission_Control_Protocol</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="ACK_Num" type="cyboxCommon:HexBinaryObjectPropertyType" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>If the ACK flag (see Control Bits element) is set then the value of this field is the next sequence number that the receiver is expecting.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="Data_Offset" type="cyboxCommon:HexBinaryObjectPropertyType" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>Specifies the size of the TCP header in 32-bit words.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="Reserved" type="cyboxCommon:HexBinaryObjectPropertyType" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>these 3 bits are reserved for future use and should be set to zero.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="TCP_Flags" type="PacketObj:TCPFlagsType" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>The TCP header contains 9 flags (aka Control Bits).</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="Window" type="cyboxCommon:HexBinaryObjectPropertyType" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>The size of the receive window, which specifies the number of bytes (beyond the sequence number in the acknowledgment field) that the sender of this segment is currently willing to receive. http://en.wikipedia.org/wiki/Transmission_Control_Protocol</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="Checksum" type="cyboxCommon:HexBinaryObjectPropertyType" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>The 16-bit checksum field is used for error-checking of the header and data. http://en.wikipedia.org/wiki/Transmission_Control_Protocol </xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="Urg_Ptr" type="cyboxCommon:HexBinaryObjectPropertyType" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>If the URG flag is set, then this 16-bit field is an offset from the sequence number indicating the last urgent data byte. http://en.wikipedia.org/wiki/Transmission_Control_Protocol </xs:documentation>
+				</xs:annotation>
+			</xs:element>
+		</xs:sequence>
+	</xs:complexType>
+	<xs:complexType name="TCPFlagsType">
+		<xs:annotation>
+			<xs:documentation>Defines the 9 different flags in the TCP header.</xs:documentation>
+		</xs:annotation>
+		<xs:attribute name="ns" type="xs:boolean">
+			<xs:annotation>
+				<xs:documentation>ECN-nonce concealment protection.</xs:documentation>
+			</xs:annotation>
+		</xs:attribute>
+		<xs:attribute name="cwr" type="xs:boolean">
+			<xs:annotation>
+				<xs:documentation>Congestion Window Reduced (CWR) flag is set by the sending host to indicate that it received a TCP segment with the ECE flag set and had responded in congestion control mechanism. http://en.wikipedia.org/wiki/Transmission_Control_Protocol</xs:documentation>
+			</xs:annotation>
+		</xs:attribute>
+		<xs:attribute name="ece" type="xs:boolean">
+			<xs:annotation>
+				<xs:documentation>ECN-Echo indicates: if the SYN flag is set, that the TCP peer is ECN capable; if the SYN flag is clear, that a packet with Congestion Experienced flag in IP header set is received during normal transmission. http://en.wikipedia.org/wiki/Transmission_Control_Protocol</xs:documentation>
+			</xs:annotation>
+		</xs:attribute>
+		<xs:attribute name="urg" type="xs:boolean">
+			<xs:annotation>
+				<xs:documentation>Indicates that the Urgent point field is significant.</xs:documentation>
+			</xs:annotation>
+		</xs:attribute>
+		<xs:attribute name="ack" type="xs:boolean">
+			<xs:annotation>
+				<xs:documentation>indicates that the Acknowledgment field is significant. All packets after the initial SYN packet sent by the client should have this flag set. http://en.wikipedia.org/wiki/Transmission_Control_Protocol</xs:documentation>
+			</xs:annotation>
+		</xs:attribute>
+		<xs:attribute name="psh" type="xs:boolean">
+			<xs:annotation>
+				<xs:documentation>Push functions. asks to push the buffered dtata to the receiving application. http://en.wikipedia.org/wiki/Transmission_Control_Protocol</xs:documentation>
+			</xs:annotation>
+		</xs:attribute>
+		<xs:attribute name="rst" type="xs:boolean">
+			<xs:annotation>
+				<xs:documentation>Reset the connection.</xs:documentation>
+			</xs:annotation>
+		</xs:attribute>
+		<xs:attribute name="syn" type="xs:boolean">
+			<xs:annotation>
+				<xs:documentation>Synchronize sequence numbers. Only the first packet sent from each end should have this flag set. http://en.wikipedia.org/wiki/Transmission_Control_Protocol</xs:documentation>
+			</xs:annotation>
+		</xs:attribute>
+		<xs:attribute name="fin" type="xs:boolean">
+			<xs:annotation>
+				<xs:documentation>If this flag is set, it means there is no more data from sender.</xs:documentation>
+			</xs:annotation>
+		</xs:attribute>
+	</xs:complexType>
+	<xs:complexType name="UDPHeaderType">
+		<xs:annotation>
+			<xs:documentation>The UDP header type defines the four fields in the UDP header.</xs:documentation>
+		</xs:annotation>
+		<xs:sequence>
+			<xs:element name="SrcPort" type="PortObj:PortObjectType" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>Identifies the sender's port.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="DestPort" type="PortObj:PortObjectType" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>Identifies the receiver's port.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="Length" type="cyboxCommon:IntegerObjectPropertyType" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>Specifies the length in bytes of the entire datagram (header and data).</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="Checksum" type="cyboxCommon:HexBinaryObjectPropertyType" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>The checksum is used for error-checking of the header and data.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+		</xs:sequence>
+	</xs:complexType>
+	<xs:complexType name="IANAHardwareType">
+		<xs:annotation>
+			<xs:documentation>IANAHardwareType specifies the type of hardware, via a union of the IANAHardwareTypeEnum type and the atomic xs:string type. Its base type is the BaseObjectPropertyType, for permitting complex (i.e. regular-expression based) specifications.</xs:documentation>
+		</xs:annotation>
+		<xs:simpleContent>
+			<xs:restriction base="cyboxCommon:BaseObjectPropertyType">
+				<xs:simpleType>
+					<xs:union memberTypes="PacketObj:IANAHardwareTypeEnum xs:string"/>
+				</xs:simpleType>
+				<xs:attribute name="datatype" type="cyboxCommon:DatatypeEnum" fixed="string">
+					<xs:annotation>
+						<xs:documentation>This attribute is optional and specifies the expected type for the value of the specified property.</xs:documentation>
+					</xs:annotation>
+				</xs:attribute>
+			</xs:restriction>
+		</xs:simpleContent>
+	</xs:complexType>
+	<xs:simpleType name="IANAHardwareTypeEnum">
+		<xs:annotation>
+			<xs:documentation>This enumerated type specifies Address Resolution Protocol (ARP) parameters. http://www.iana.org/assignments/arp-parameters/arp-parameters.xml</xs:documentation>
+		</xs:annotation>
+		<xs:restriction base="xs:string">
+			<xs:enumeration value="Ethernet(1)">
+				<xs:annotation>
+					<xs:documentation>Indicates Ethernet hardware.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="IEEE802(6)">
+				<xs:annotation>
+					<xs:documentation>Indicates IEEE 802 compliant hardware for networks carrying variable-size packets.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="ARCNET(7)">
+				<xs:annotation>
+					<xs:documentation>Indicates the ARCNET LAN protocol.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="FrameRelay(15)">
+				<xs:annotation>
+					<xs:documentation>Indicates the Frame Relay WAN technology.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="ATM(16)">
+				<xs:annotation>
+					<xs:documentation>Indicates the ATM (Asynchronous Transfer Mode) networking standard.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="HDLC(17)">
+				<xs:annotation>
+					<xs:documentation>Indicates the HDLC (High-Level Data Link Control) protocol.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="FibreChannel(18)">
+				<xs:annotation>
+					<xs:documentation>Indicates the FibreChannel technology.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="ATM(19)">
+				<xs:annotation>
+					<xs:documentation>Indicates the ATM (Asynchronous Transfer Mode) networking standard.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="SerialLine(20)">
+				<xs:annotation>
+					<xs:documentation>Indicates the Serial Line protocol, or SLIP.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+		</xs:restriction>
+	</xs:simpleType>
+	<xs:complexType name="IANAEtherType">
+		<xs:annotation>
+			<xs:documentation>EtherObjectType specifies "type" field of Ethernets, via a union of the IANAEtherTypeEnum type and the atomic xs:string type. Its base type is the BaseObjectPropertyType, for permitting complex (i.e. regular-expression based) specifications.</xs:documentation>
+		</xs:annotation>
+		<xs:simpleContent>
+			<xs:restriction base="cyboxCommon:BaseObjectPropertyType">
+				<xs:simpleType>
+					<xs:union memberTypes="PacketObj:IANAEtherTypeEnum xs:string"/>
+				</xs:simpleType>
+				<xs:attribute name="datatype" type="cyboxCommon:DatatypeEnum" fixed="string">
+					<xs:annotation>
+						<xs:documentation>This attribute is optional and specifies the expected type for the value of the specified property.</xs:documentation>
+					</xs:annotation>
+				</xs:attribute>
+			</xs:restriction>
+		</xs:simpleContent>
+	</xs:complexType>
+	<xs:simpleType name="IANAEtherTypeEnum">
+		<xs:annotation>
+			<xs:documentation>http://cavebear.com/archive/cavebear/Ethernet/type.html http://www.iana.org/assignments/ethernet-numbers http://standards.ieee.org/develop/regauth/ethertype/eth.txt http://en.wikipedia.org/wiki/EtherType</xs:documentation>
+		</xs:annotation>
+		<xs:restriction base="xs:string">
+			<xs:enumeration value="IPv4(0x0800)">
+				<xs:annotation>
+					<xs:documentation>Indicates the IPv4 Ethernet type is specified.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="ARP(0x0806)">
+				<xs:annotation>
+					<xs:documentation>Indicates the ARP Ethernet type is specified.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="RARP(0x8035)">
+				<xs:annotation>
+					<xs:documentation>Indicates the RARP Ethernet type is specified.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="IPX(0x8137)">
+				<xs:annotation>
+					<xs:documentation>Indicates the IPX Ethernet type is specified.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="SNMP(0x814C)">
+				<xs:annotation>
+					<xs:documentation>Indicates the SNMP Ethernet type is specified.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="IPv6(0x86DD)">
+				<xs:annotation>
+					<xs:documentation>Indicates the IPv6 Ethernet type is specified.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+		</xs:restriction>
+	</xs:simpleType>
+	<xs:complexType name="IANAAssignedIPNumbersType">
+		<xs:annotation>
+			<xs:documentation>IANAAssignedIPNumbersType specifies Internet Protocol numbers, via a union of the IANAAssignedIPNumbersTypeEnum type and the atomic xs:string type. Its base type is the BaseObjectPropertyType, for permitting complex (i.e. regular-expression based) specifications.</xs:documentation>
+		</xs:annotation>
+		<xs:simpleContent>
+			<xs:restriction base="cyboxCommon:BaseObjectPropertyType">
+				<xs:simpleType>
+					<xs:union memberTypes="PacketObj:IANAAssignedIPNumbersTypeEnum xs:string"/>
+				</xs:simpleType>
+				<xs:attribute name="datatype" type="cyboxCommon:DatatypeEnum" fixed="string">
+					<xs:annotation>
+						<xs:documentation>This attribute is optional and specifies the expected type for the value of the specified property.</xs:documentation>
+					</xs:annotation>
+				</xs:attribute>
+			</xs:restriction>
+		</xs:simpleContent>
+	</xs:complexType>
+	<xs:simpleType name="IANAAssignedIPNumbersTypeEnum">
+		<xs:annotation>
+			<xs:documentation>Assigned Internet Protocol Numbers http://www.iana.org/assignments/protocol-numbers/protocol-numbers.xml List of protocol numbers used in the Protocol fields of the IPv4 header and the Next Header of the IPv6 header.</xs:documentation>
+		</xs:annotation>
+		<xs:restriction base="xs:string">
+			<xs:enumeration value="IPv6hopbyhop(0)">
+				<xs:annotation>
+					<xs:documentation>Indicates the IPv6 Hop-By-Hop option protocol (HOPOPT).</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="ICMP(1)">
+				<xs:annotation>
+					<xs:documentation>Indicates the Internet Control Message protocol (HOPOPT).</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="IGMP(2)">
+				<xs:annotation>
+					<xs:documentation>Indicates the Internet Control Message protocol (HOPOPT).</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="GGP(3)">
+				<xs:annotation>
+					<xs:documentation>Indicates the Gateway-to-Gateway protocol (HOPOPT).</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="IPv4Encapsulation(4)">
+				<xs:annotation>
+					<xs:documentation>Indicates the IPv4 Encapsulation protocol (IPv4).</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="ST(5)">
+				<xs:annotation>
+					<xs:documentation>Indicates the Stream protocol (HOPOPT).</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="TCP(6)">
+				<xs:annotation>
+					<xs:documentation>Indicates the TCP protocol.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="EGP(8)">
+				<xs:annotation>
+					<xs:documentation>Indicates the EGP (Exterior Gateway) protocol.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="IGRP(9)">
+				<xs:annotation>
+					<xs:documentation>Indicates the IGP/IGRP (Cisco) protocol.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="NVP(11)">
+				<xs:annotation>
+					<xs:documentation>Indicates the Network-Voice protocol.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="PUP(12)">
+				<xs:annotation>
+					<xs:documentation>Indicates the PUP protocol.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="ARGUS(13)">
+				<xs:annotation>
+					<xs:documentation>Indicates the ARGUS protocol.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="EMCON(14)">
+				<xs:annotation>
+					<xs:documentation>Indicates the EMCON protocol.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="XNET(15)">
+				<xs:annotation>
+					<xs:documentation>Indicates the Cross Net Debugger protocol.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="UDP(17)">
+				<xs:annotation>
+					<xs:documentation>Indicates the UDP protocol.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="IPv6Encapsulation(41)">
+				<xs:annotation>
+					<xs:documentation>Indicates the IPv6 protocol.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="SDRP(42)">
+				<xs:annotation>
+					<xs:documentation>Indicates the Source Demand Routing protocol.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="IPv6routingheader(43)">
+				<xs:annotation>
+					<xs:documentation>Indicates the routing header for IPv6.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="IPv6fragmentheader(44)">
+				<xs:annotation>
+					<xs:documentation>Indicates the fragment header for IPv6.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="RSVP(46)">
+				<xs:annotation>
+					<xs:documentation>Indicates the Reservation Protocol.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="GRE(47)">
+				<xs:annotation>
+					<xs:documentation>Indicates the General Routing Encapsulation protocol number.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="encapsultaesecuritypayload_ESP(50)">
+				<xs:annotation>
+					<xs:documentation>Indicates the Encapsulated Security Payload protocol number.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="authenticationheader_AH(51)">
+				<xs:annotation>
+					<xs:documentation>Indicates the Authentication Header protocol number.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="ICMPv6(58)">
+				<xs:annotation>
+					<xs:documentation>Indicates the ICMP for v6 protocol number.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="IPv6nonextheader(59)">
+				<xs:annotation>
+					<xs:documentation>Indicates the No Next Header for IPv6 protocol number.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="IPv6destinationoptions(60)">
+				<xs:annotation>
+					<xs:documentation>Indicates the Destination Options for IPv6 protocol number.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="mobilityheader(135)">
+				<xs:annotation>
+					<xs:documentation>Indicates the Mobility Header protocol number.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+		</xs:restriction>
+	</xs:simpleType>
+	<xs:complexType name="IANAPortNumberRegistryType">
+		<xs:annotation>
+			<xs:documentation>IANAPortNumberRegistryType specifies port numbers, via a union of the IANAPortNumberRegistryTypeEnum type and the atomic xs:string type. Its base type is the BaseObjectPropertyType, for permitting complex (i.e. regular-expression based) specifications.</xs:documentation>
+		</xs:annotation>
+		<xs:simpleContent>
+			<xs:restriction base="cyboxCommon:BaseObjectPropertyType">
+				<xs:simpleType>
+					<xs:union memberTypes="PacketObj:IANAPortNumberRegistryTypeEnum xs:string"/>
+				</xs:simpleType>
+				<xs:attribute name="datatype" type="cyboxCommon:DatatypeEnum" fixed="string">
+					<xs:annotation>
+						<xs:documentation>This attribute is optional and specifies the expected type for the value of the specified property.</xs:documentation>
+					</xs:annotation>
+				</xs:attribute>
+			</xs:restriction>
+		</xs:simpleContent>
+	</xs:complexType>
+	<xs:simpleType name="IANAPortNumberRegistryTypeEnum">
+		<xs:annotation>
+			<xs:documentation>http://www.iana.org/assignments/service-names-port-numbers/service-names-port-numbers.xml</xs:documentation>
+		</xs:annotation>
+		<xs:restriction base="xs:string">
+			<xs:enumeration value="ftpdata(20)">
+				<xs:annotation>
+					<xs:documentation>Indicates the port for ftpdata.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="ftp(21)">
+				<xs:annotation>
+					<xs:documentation>Indicates the port for ftp.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="ssh(22)">
+				<xs:annotation>
+					<xs:documentation>Indicates the port for ssh.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="telnet(23)">
+				<xs:annotation>
+					<xs:documentation>Indicates the port for telnet.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="smtp(25)">
+				<xs:annotation>
+					<xs:documentation>Indicates the port for smtp.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="domain(53)">
+				<xs:annotation>
+					<xs:documentation>Indicates the domain port.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="tftp(69)">
+				<xs:annotation>
+					<xs:documentation>Indicates the port for tftp.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="http(80)">
+				<xs:annotation>
+					<xs:documentation>Indicates the port for http.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="ldap(389)">
+				<xs:annotation>
+					<xs:documentation>Indicates the port for ldap.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="https(443)">
+				<xs:annotation>
+					<xs:documentation>Indicates the port for https.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+		</xs:restriction>
+	</xs:simpleType>
+	<xs:complexType name="ICMPv4PacketType">
+		<xs:annotation>
+			<xs:documentation>ICMP is used to send error messages (e.g., a datagram cannot reach its destination), informational messages ( e.g., timestamp information), or a traceroute message. REF: http://www.networksorcery.com/enp/protocol/icmp.htm</xs:documentation>
+		</xs:annotation>
+		<xs:sequence>
+			<xs:element name="ICMPv4_Header" type="PacketObj:ICMPv4HeaderType" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>Actual header bytes are captured here. The message content of each type/code pair is also defined as part of the larger, complex "ICMPv4PacketType" type as either an error message, an informational message, or a traceroute message. The meaning of the type and code bytes is made explicit in the elements corresponding to each message type.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:choice minOccurs="0">
+				<xs:annotation>
+					<xs:documentation/>
+				</xs:annotation>
+				<xs:element name="Error_Msg" type="PacketObj:ICMPv4ErrorMessageType" minOccurs="1">
+					<xs:annotation>
+						<xs:documentation>For ICMP error messages, boolean values are used in this field to explicitly interpret the type and code bytes appearing in the ICMP header. Additional fields and message content are also defined here.</xs:documentation>
+					</xs:annotation>
+				</xs:element>
+				<xs:element name="Info_Msg" type="PacketObj:ICMPv4InfoMessageType" minOccurs="1">
+					<xs:annotation>
+						<xs:documentation>For ICMP informational messages, boolean values are used in this field to explicitly interpret the type and code bytes appearing in the ICMP header. Additional fields and message content are also defined here.</xs:documentation>
+					</xs:annotation>
+				</xs:element>
+				<xs:element name="Traceroute" type="PacketObj:ICMPv4TracerouteType" minOccurs="1">
+					<xs:annotation>
+						<xs:documentation>For ICMP traceroute messages (type = 30), specifies related fields and ICMP code value. A boolean value is used to explicitly interpret the code byte appearing in the ICMP header. Additional fields and message content are also defined here.</xs:documentation>
+					</xs:annotation>
+				</xs:element>
+			</xs:choice>
+		</xs:sequence>
+	</xs:complexType>
+	<xs:complexType name="ICMPv4HeaderType">
+		<xs:annotation>
+			<xs:documentation>Actual ICMP header bytes are defined, corresponding to the ICMP type, ICMP code, and to the checksum. </xs:documentation>
+		</xs:annotation>
+		<xs:sequence>
+			<xs:element name="Type" type="cyboxCommon:HexBinaryObjectPropertyType" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>ICMP Type byte specifies the format of the ICMP message.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="Code" type="cyboxCommon:HexBinaryObjectPropertyType" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>ICMP Code byte further qualifies the ICMP message.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="Checksum" type="cyboxCommon:HexBinaryObjectPropertyType" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>ICMP Checksum (16 bits) covers the ICMP message.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+		</xs:sequence>
+	</xs:complexType>
+	<xs:complexType name="ICMPv4ErrorMessageType">
+		<xs:annotation>
+			<xs:documentation>ICMP error messages include destination unreachable messages, source quench messages, redirect messages, and time exceeded messages.</xs:documentation>
+		</xs:annotation>
+		<xs:sequence>
+			<xs:choice minOccurs="0">
+				<xs:element name="Destination_Unreachable" type="PacketObj:ICMPv4DestinationUnreachableType" minOccurs="1">
+					<xs:annotation>
+						<xs:documentation>A destination unreachable message is an ICMP message which is generated by the host or its inbound gateway to inform the client that the destiation is unreachable for some reason (http://en.wikipedia.org/wiki/ICMP_Destination_Unreachable).</xs:documentation>
+					</xs:annotation>
+				</xs:element>
+				<xs:element name="Source_Quench" type="PacketObj:ICMPv4SourceQuenchType" minOccurs="1">
+					<xs:annotation>
+						<xs:documentation>A source quench message is an ICMP message that requests that the sender decrease the rate of messages sent to a router or host. This message may be generated if a router or host does not have sufficient buffer space to process the request or may occur if the router or host buffer is approaching its limit (http://en.wikipedia.org/wiki/ICMP_Source_Quench).</xs:documentation>
+					</xs:annotation>
+				</xs:element>
+				<xs:element name="Redirect_Message" type="PacketObj:ICMPv4RedirectMessageType" minOccurs="1">
+					<xs:annotation>
+						<xs:documentation>A redirect message is used to send data packets on an alternative route. This ICMP redirect message informs a host to update its routing information.</xs:documentation>
+					</xs:annotation>
+				</xs:element>
+				<xs:element name="Time_Exceeded" type="PacketObj:ICMPv4TimeExceededType" form="qualified" minOccurs="1">
+					<xs:annotation>
+						<xs:documentation>An ICMP time exceeded message is generated by a gateway to inform the source of a datagram that the datagram has been discarded due to the time to live field reaching zero. A time exceeded message may also be sent by a host if it fails to reassemble a fragmented datagram within its time limit (http://en.wikipedia.org/wiki/ICMP_Time_Exceeded).</xs:documentation>
+					</xs:annotation>
+				</xs:element>
+			</xs:choice>
+			<xs:element name="Error_Msg_Content" type="PacketObj:ICMPv4ErrorMessageContentType" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>Message content common to all ICMP error messages are defined here. Fields that are specific to individual messages are defined separately under each message type.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+		</xs:sequence>
+	</xs:complexType>
+	<xs:complexType name="ICMPv4ErrorMessageContentType">
+		<xs:annotation>
+			<xs:documentation>Elements associated with ICMPv4 error messages (as opposed to ICMP informational messages or ICMP traceroute message).</xs:documentation>
+		</xs:annotation>
+		<xs:sequence>
+			<xs:element name="IP_Header" type="PacketObj:IPv4HeaderType" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>IP header from the original datagram.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="First_Eight_Bytes" type="cyboxCommon:HexBinaryObjectPropertyType" minOccurs="0" maxOccurs="1">
+				<xs:annotation>
+					<xs:documentation>First 8 bytes of the original datagram's data.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+		</xs:sequence>
+	</xs:complexType>
+	<xs:complexType name="ICMPv4InfoMessageType">
+		<xs:annotation>
+			<xs:documentation>ICMP informational messages include echo request/reply, timestamp request/reply, and address mask request/reply.</xs:documentation>
+		</xs:annotation>
+		<xs:sequence>
+			<xs:choice minOccurs="0">
+				<xs:element name="Echo_Reply" type="PacketObj:ICMPv4EchoReplyType" minOccurs="1">
+					<xs:annotation>
+						<xs:documentation>Echo reply/request messages are also known as "ping". The Info_Message_Content field contains an identifier and sequence number which together form the "quench" for echo reply and echo request. Fields specific to an echo reply message are given as elements to this echo reply field (type=0).</xs:documentation>
+					</xs:annotation>
+				</xs:element>
+				<xs:element name="Echo_Request" type="PacketObj:ICMPv4EchoRequestType" minOccurs="1">
+					<xs:annotation>
+						<xs:documentation>Echo reply/request messages are also known as "ping". The Info_Message_Content field contains an identifier and sequence number which together form the "quench" for echo reply and echo request. Fields specific to an echo request message are given as elements to this echo request field (type=8).</xs:documentation>
+					</xs:annotation>
+				</xs:element>
+				<xs:element name="Timestamp_Request" type="PacketObj:ICMPv4TimestampRequestType" minOccurs="1">
+					<xs:annotation>
+						<xs:documentation>A timestamp request is an ICMP informational message used for time synchronization.</xs:documentation>
+					</xs:annotation>
+				</xs:element>
+				<xs:element name="Timestamp_Reply" type="PacketObj:ICMPv4TimestampReplyType" minOccurs="1">
+					<xs:annotation>
+						<xs:documentation>A timestamp reply is an informational ICMP message which replies to a timestamp request message.</xs:documentation>
+					</xs:annotation>
+				</xs:element>
+				<xs:element name="Address_Mask_Request" type="PacketObj:ICMPv4AddressMaskRequestType" minOccurs="1">
+					<xs:annotation>
+						<xs:documentation>An address mask request is an ICMP informational message (query message) normally sent by a host to a router in order to obtain an appropriate subnet mask (type=17).</xs:documentation>
+					</xs:annotation>
+				</xs:element>
+				<xs:element name="Address_Mask_Reply" type="PacketObj:ICMPv4AddressMaskReplyType" minOccurs="1">
+					<xs:annotation>
+						<xs:documentation>An address mask reply is an ICMP informational message, used to reply to an address mask request message with an appropriate subnet mask (type=18).</xs:documentation>
+					</xs:annotation>
+				</xs:element>
+			</xs:choice>
+			<xs:element name="Info_Msg_Content" type="PacketObj:ICMPv4InfoMessageContentType" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>Fields that are common to all ICMP informational messages are defined here. Fields that are specific to individual messages are defined separately under each message type.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+		</xs:sequence>
+	</xs:complexType>
+	<xs:complexType name="ICMPv4InfoMessageContentType">
+		<xs:annotation>
+			<xs:documentation>Elements associated with ICMPv4 informational messages (as opposed to ICMP error messages or ICMP traceroute message).</xs:documentation>
+		</xs:annotation>
+		<xs:sequence>
+			<xs:element name="Identifier" type="cyboxCommon:HexBinaryObjectPropertyType" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>16-bit identifier. Combined with the sequence number, called the "quench" for echo reply and echo request.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="Sequence_Number" type="cyboxCommon:HexBinaryObjectPropertyType" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>16-bit sequence number. The identifier and sequence number can be used by the client to match the reply with the request that caused the reply.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+		</xs:sequence>
+	</xs:complexType>
+	<xs:complexType name="ICMPv4TracerouteType">
+		<xs:annotation>
+			<xs:documentation>Elements associated with ICMPv4 traceroute message (as opposed to ICMP error messages or ICMP informational messages); corresponds to ICMP type =30. (http://www.networksorcery.com/enp/protocol/icmp/msg30.htm)</xs:documentation>
+		</xs:annotation>
+		<xs:sequence>
+			<xs:choice minOccurs="0">
+				<xs:element name="Outbound_Packet_Forward_Success" type="xs:boolean">
+					<xs:annotation>
+						<xs:documentation>One of two possible subtypes for an ICMP traceroute message. This subtype means that the outbound packet was successfully forwarded (code=0).</xs:documentation>
+					</xs:annotation>
+				</xs:element>
+				<xs:element name="Outbound_Packet_no_Route" type="xs:boolean">
+					<xs:annotation>
+						<xs:documentation>One of two possible subtypes for an ICMP traceroute message. This one means that there is no route for the outbound packet and the packet was discarded (code=1).</xs:documentation>
+					</xs:annotation>
+				</xs:element>
+			</xs:choice>
+			<xs:element name="Identifier" type="cyboxCommon:HexBinaryObjectPropertyType" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>16 bits. The ID number as copied from the ICMP traceroute option of the packet which caused this traceroute message to be sent (not related to the ID number in the IP header). (http://www.networksorcery.com/enp/protocol/icmp/msg30.htm)</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="Outbound_Hop_Count" type="cyboxCommon:HexBinaryObjectPropertyType" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>16 bits. Outbound hop count as copied from the IP traceroute option of the packet which caused this traceroute message to be sent (http://www.networksorcery.com/enp/protocol/icmp/msg30.htm).</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="Return_Hop_Count" type="cyboxCommon:HexBinaryObjectPropertyType" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>16 bits. Return hop count as copied from the IP traceroute options of the packet which caused this traceroute message to be sent. (http://www.networksorcery.com/enp/protocol/icmp/msg30.htm)</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="Output_Link_Speed" type="cyboxCommon:HexBinaryObjectPropertyType" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>32 bits. The speed in bytes per second of the link over which the Outbound/Return Packet will be sent. If this value cannot be determined, the field should be set to zero. (http://www.networksorcery.com/enp/protocol/icmp/msg30.htm)</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="Output_Link_MTU" type="cyboxCommon:HexBinaryObjectPropertyType" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>32 bits. The MTU in bytes of the link over which the Outbound/Return Packet will be sent. MTU refers to the data portion (includes IP header; excludes datalink header/trailer) of the packet. If this value cannot be determined, this field should be set to zero. (http://www.networksorcery.com/enp/protocol/icmp/msg30.htm) </xs:documentation>
+				</xs:annotation>
+			</xs:element>
+		</xs:sequence>
+	</xs:complexType>
+	<xs:complexType name="ICMPv6PacketType">
+		<xs:annotation>
+			<xs:documentation>ICMP is used to send error messages (e.g., a datagram cannot reach its destination), informational messages ( e.g., ping). Only the message types defined in RFC 4443 (ICMP v6) are included; additional message types will be defined as needed. REF: http://tools.ietf.org/html/rfc4443 and http://www.networksorcery.com/enp/protocol/icmpv6.htm and http://en.wikipedia.org/wiki/ICMPv6.</xs:documentation>
+		</xs:annotation>
+		<xs:sequence>
+			<xs:element name="ICMPv6_Header" type="PacketObj:ICMPv6HeaderType" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>Actual ICMP v6 header bytes are defined, corresponding to the ICMP type, ICMP code, and to the checksum. </xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:choice minOccurs="0">
+				<xs:element name="Error_Msg" type="PacketObj:ICMPv6ErrorMessageType" minOccurs="1">
+					<xs:annotation>
+						<xs:documentation>For ICMP v6 error messages, boolean values are used in this field to explicitly interpret the type and code bytes appearing in the ICMP header. Additional fields and message content are also defined here. The type value indicates whether an ICMP message is an error message (type is 0 to 127) or an information message (type is 128 to 255).</xs:documentation>
+					</xs:annotation>
+				</xs:element>
+				<xs:element name="Info_Msg" type="PacketObj:ICMPv6InfoMessageType" minOccurs="1">
+					<xs:annotation>
+						<xs:documentation>For ICMP v6 informational messages, boolean values are used in this field to explicitly interpret the type and code bytes appearing in the ICMP header. Additional fields and message content are also defined here. The type value indicates whether an ICMP message is an error message (type is 0 to 127) or an information message (type is 128 to 255).</xs:documentation>
+					</xs:annotation>
+				</xs:element>
+			</xs:choice>
+		</xs:sequence>
+	</xs:complexType>
+	<xs:complexType name="ICMPv6HeaderType">
+		<xs:annotation>
+			<xs:documentation>Actual ICMP header bytes are defined, corresponding to the ICMP type, ICMP code, and to the checksum. Translation of each type and code byte are defined in text by using boolean values associated with corresponding elements in the informational and error message type elements.</xs:documentation>
+		</xs:annotation>
+		<xs:sequence>
+			<xs:element name="Type" type="cyboxCommon:HexBinaryObjectPropertyType" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>The ICMP v6 type byte specifies the type of the message. Values range from 0 to 127 (high order bit is 0) indicate an error messages; values from 128 to 255 (high order bit is 1) indicate an informational message. </xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="Code" type="cyboxCommon:HexBinaryObjectPropertyType" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>The code byte value depends on the message type and provides an additional level of message granularity.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="Checksum" type="cyboxCommon:HexBinaryObjectPropertyType" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>Checksum characterizes the checksum information of an ICMPv6 header.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+		</xs:sequence>
+	</xs:complexType>
+	<xs:complexType name="ICMPv6ErrorMessageType">
+		<xs:annotation>
+			<xs:documentation>ICMP v6 error messages include destination unreachable messages, packet too big messages, and time exceeded messages, and parameter problem messages, as defined in RFC 2463. Type values of ICMP v6 error messages range from 1 to 127.</xs:documentation>
+		</xs:annotation>
+		<xs:sequence>
+			<xs:choice minOccurs="0">
+				<xs:element name="Destination_Unreachable" type="PacketObj:ICMPv6DestinationUnreachableType" minOccurs="0">
+					<xs:annotation>
+						<xs:documentation>A destination unreachable message should be generated by a router, or by the IPv6 later in the originating node, in response to a packet that cannot be delivered to its destination address for reasons other than congestion. (http://tools.ietf.org/html/rfc4443)</xs:documentation>
+					</xs:annotation>
+				</xs:element>
+				<xs:element name="Packet_Too_Big" type="PacketObj:ICMPv6PacketTooBigType" minOccurs="0">
+					<xs:annotation>
+						<xs:documentation>A packet too big message must be sent by a router in response to a packet that it cannot forward because the packet is larger than the MTU of the outgoing link.</xs:documentation>
+					</xs:annotation>
+				</xs:element>
+				<xs:element name="Time_Exceeded" type="PacketObj:ICMPv6TimeExceededType" minOccurs="0">
+					<xs:annotation>
+						<xs:documentation>A time exceeded message is send if either the hop limit is exceeded (hop limit = 0) or if fragment reassembly has timed out. </xs:documentation>
+					</xs:annotation>
+				</xs:element>
+				<xs:element name="Parameter_Problem" type="PacketObj:ICMPv6ParameterProblemType" minOccurs="0">
+					<xs:annotation>
+						<xs:documentation>If an IPv6 node processing a packet finds a problem with a field in the IPv6 header or extension headers and it cannot complete processing of the packet, it should send an ICMPv6 Parameter Problem message to the packet's source (http://tools.ietf.org/html/rfc4443).</xs:documentation>
+					</xs:annotation>
+				</xs:element>
+			</xs:choice>
+			<xs:element name="Invoking_Packet" type="cyboxCommon:HexBinaryObjectPropertyType" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>as much of invoking packet as possible without the ICMPv6 packet exceeding the minimum IPc6 MTU</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+		</xs:sequence>
+	</xs:complexType>
+	<xs:complexType name="ICMPv6InfoMessageType">
+		<xs:annotation>
+			<xs:documentation>ICMP v6 informational messages include echo request/reply; other informational message types will be added in the future as they are more commonly used (only echo request/reply are defined in RFC 4443).</xs:documentation>
+		</xs:annotation>
+		<xs:sequence>
+			<xs:choice minOccurs="0">
+				<xs:element name="Echo_Request" type="PacketObj:ICMPv6EchoRequestType" minOccurs="0">
+					<xs:annotation>
+						<xs:documentation>Echo request and reply messages are used for diagnostic purposes.</xs:documentation>
+					</xs:annotation>
+				</xs:element>
+				<xs:element name="Echo_Reply" type="PacketObj:ICMPv6EchoReplyType" minOccurs="0">
+					<xs:annotation>
+						<xs:documentation>Echo request and reply messages are used for diagnostic purposes</xs:documentation>
+					</xs:annotation>
+				</xs:element>
+			</xs:choice>
+			<xs:element name="Info_Msg_Content" type="PacketObj:ICMPv6InfoMessageContentType" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>ields that are common to all ICMP v6 informational messages are defined here. Fields that are specific to individual messages are defined separately under each message type.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+		</xs:sequence>
+	</xs:complexType>
+	<xs:complexType name="ICMPv6InfoMessageContentType">
+		<xs:annotation>
+			<xs:documentation>Elements associated with ICMPv6 informational messages (as opposed to ICMP v6 error messages).</xs:documentation>
+		</xs:annotation>
+		<xs:sequence>
+			<xs:element name="Identifier" type="cyboxCommon:HexBinaryObjectPropertyType" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>16-bit identifier. Combined with the sequence number, called the "quench" for echo reply and echo request.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="Sequence_Number" type="cyboxCommon:HexBinaryObjectPropertyType" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>16-bit sequence number. The identifier and sequence number can be used by the client to match the reply with the request that caused the reply.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+		</xs:sequence>
+	</xs:complexType>
+	<xs:complexType name="ICMPv4EchoReplyType">
+		<xs:annotation>
+			<xs:documentation>Echo reply v4 informational message (used to ping); ICMP type=0.</xs:documentation>
+		</xs:annotation>
+		<xs:sequence>
+			<xs:choice minOccurs="0">
+				<xs:element name="Echo_Reply" type="xs:boolean" minOccurs="1">
+					<xs:annotation>
+						<xs:documentation>Echo reply is the only subtype (code=0).</xs:documentation>
+					</xs:annotation>
+				</xs:element>
+			</xs:choice>
+			<xs:element name="Data" type="cyboxCommon:HexBinaryObjectPropertyType" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>This data is optional and is used for the different kind of answers given with an ICMP Echo Reply message. Can be arbitrary length (but less than the MTU of the network).</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+		</xs:sequence>
+	</xs:complexType>
+	<xs:complexType name="ICMPv4DestinationUnreachableType">
+		<xs:annotation>
+			<xs:documentation>Destination Unreachable error message; ICMP type=3.</xs:documentation>
+		</xs:annotation>
+		<xs:choice>
+			<xs:element name="Destination_Network_Unreachable" type="xs:boolean" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>One of 16 different subtypes of a destination unreachable ICMP message; destination network unreachable (code=0).</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="Destination_Host_Unreachable" type="xs:boolean" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>One of 16 different subtypes of a destination unreachable ICMP message; destination host unreachable (code=1).</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="Destination_Protocol_Unreachable" type="xs:boolean" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>One of 16 different subtypes of a destination unreachable ICMP message; destination protocol unreachable (code=2).</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="Destination_Port_Unreachable" type="xs:boolean" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>One of 16 different subtypes of a destination unreachable ICMP message; destination port unreachable (code=3).</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="Fragmentation_Required" type="PacketObj:FragmentationRequiredType" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>One of 16 different subtypes of a destination unreachable ICMP message; fragmentation required (code=4). This field has an additional field (Next-Hop MTU), as well as a boolean value indicating this subtype.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="Source_Route_Failed" type="xs:boolean" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>One of 16 different subtypes of a destination unreachable ICMP message; source route failed (code=5).</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="Destination_Network_Unknown" type="xs:boolean" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>One of 16 different subtypes of a destination unreachable ICMP message; destination network unknown (code=6).</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="Destination_Host_Unknown" type="xs:boolean" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>One of 16 different subtypes of a destination unreachable ICMP message; destination host unknown (code=7).</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="Source_Host_Isolated" type="xs:boolean" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>One of 16 different subtypes of a destination unreachable ICMP message; source host isolated (code=8).</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="Network_Administratively_Prohibited" type="xs:boolean" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>One of 16 different subtypes of a destination unreachable ICMP message; host administratively prohibited (code=9).</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="Host_Administratively_Prohibited" type="xs:boolean" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>One of 16 different subtypes of a destination unreachable ICMP message; host administratively prohibited (code=10).</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="Network_Unreachable_For_TOS" type="xs:boolean" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>One of 16 different subtypes of a destination unreachable ICMP message; network unreachable for TOS (code=11).</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="Host_Unreachable_For_TOS" type="xs:boolean" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>One of 16 different subtypes of a destination unreachable ICMP message; host unreachable for TOS (code=12).</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="Communication_Administratively_Prohibited" type="xs:boolean" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>One of 16 different subtypes of a destination unreachable ICMP message; communication administratively prohibited (code=13).</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="Host_Precedence_Violation" type="xs:boolean" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>One of 16 different subtypes of a destination unreachable ICMP message; host precedence violation (code=14).</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="Precedence_Cutoff_In_Effect" type="xs:boolean" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>One of 16 different subtypes of a destination unreachable ICMP message; precedence cutoff in effect (code=15).</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+		</xs:choice>
+	</xs:complexType>
+	<xs:complexType name="FragmentationRequiredType">
+		<xs:annotation>
+			<xs:documentation>This further specifies an ICMP destination unreachable (type=3) message of code=4 (fragmentation required) message by providing a Next-Hop MTU field.</xs:documentation>
+		</xs:annotation>
+		<xs:sequence>
+			<xs:element name="Fragmentation_Required" type="xs:boolean" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>Indicates that the subtype of the destination unreachable ICMP message is "fragmentation required".</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="Next_Hop_MTU" type="cyboxCommon:HexBinaryObjectPropertyType" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>The Next-Hop MTU field contains the MTU of the next-hop network is a code 4 error (fragmentation required) occurs.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+		</xs:sequence>
+	</xs:complexType>
+	<xs:complexType name="ICMPv4SourceQuenchType">
+		<xs:annotation>
+			<xs:documentation>Source Quench (congestion control) error message; ICMP type=4.</xs:documentation>
+		</xs:annotation>
+		<xs:choice>
+			<xs:element name="Source_Quench" type="xs:boolean" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>Source quench is the only subtype (code=0).</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+		</xs:choice>
+	</xs:complexType>
+	<xs:complexType name="ICMPv4RedirectMessageType">
+		<xs:annotation>
+			<xs:documentation>Redirect Message error message; ICMP type=5.</xs:documentation>
+		</xs:annotation>
+		<xs:sequence>
+			<xs:choice minOccurs="0">
+				<xs:element name="Network_Redirect" type="xs:boolean" minOccurs="1">
+					<xs:annotation>
+						<xs:documentation>One of 4 different subtypes of a redirect ICMP message; redirect datagram for the network (code=0).</xs:documentation>
+					</xs:annotation>
+				</xs:element>
+				<xs:element name="Host_Redirect" type="xs:boolean" minOccurs="1">
+					<xs:annotation>
+						<xs:documentation>One of 4 different subtypes of a redirect ICMP message; redirect datagram for the host (code=1).</xs:documentation>
+					</xs:annotation>
+				</xs:element>
+				<xs:element name="ToS_Network_Redirect" type="xs:boolean" minOccurs="1">
+					<xs:annotation>
+						<xs:documentation>One of 4 different subtypes of a redirect ICMP message; redirect datagram for the TOS and network (code=2).</xs:documentation>
+					</xs:annotation>
+				</xs:element>
+				<xs:element name="ToS_Host_Redirect" type="xs:boolean" minOccurs="1">
+					<xs:annotation>
+						<xs:documentation>One of 4 different subtypes of a redirect ICMP message; redirect datagram for the TOS and host (code=3).</xs:documentation>
+					</xs:annotation>
+				</xs:element>
+			</xs:choice>
+			<xs:element name="IP_Address" type="AddressObj:AddressObjectType" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>The IP address is the 32-bit address of the gateway to which the redirection should be sent.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+		</xs:sequence>
+	</xs:complexType>
+	<xs:complexType name="ICMPv4EchoRequestType">
+		<xs:annotation>
+			<xs:documentation>Echo Request informational message (used to ping); ICMP type=8.</xs:documentation>
+		</xs:annotation>
+		<xs:sequence>
+			<xs:choice minOccurs="0">
+				<xs:element name="Echo_Request" type="xs:boolean" minOccurs="1">
+					<xs:annotation>
+						<xs:documentation>Echo request is the only subtype (code=0).</xs:documentation>
+					</xs:annotation>
+				</xs:element>
+			</xs:choice>
+			<xs:element name="Data" type="cyboxCommon:HexBinaryObjectPropertyType" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>This data is optional and is used for the different kind of answers given with an ICMP Echo Request message. Can be arbitrary length (but less than the MTU of the network).</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+		</xs:sequence>
+	</xs:complexType>
+	<xs:complexType name="ICMPv4TimeExceededType">
+		<xs:annotation>
+			<xs:documentation>Time Exceeded error message; ICMP type=11.</xs:documentation>
+		</xs:annotation>
+		<xs:choice>
+			<xs:element name="TTL_Exceeded_In_Transit" type="xs:boolean" minOccurs="1">
+				<xs:annotation>
+					<xs:documentation>specifies that the time-to-live was exceeded in transit (code=0).</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="Frag_Reassembly_Time_Exceeded" type="xs:boolean" minOccurs="1">
+				<xs:annotation>
+					<xs:documentation>specifies that the fragment reassembly time was exceeded (code=1).</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+		</xs:choice>
+	</xs:complexType>
+	<xs:complexType name="ICMPv4TimestampRequestType">
+		<xs:annotation>
+			<xs:documentation>Time Stamp Request informational message; ICMP type=13.</xs:documentation>
+		</xs:annotation>
+		<xs:sequence>
+			<xs:choice minOccurs="0">
+				<xs:element name="Timestamp" type="xs:boolean" minOccurs="1">
+					<xs:annotation>
+						<xs:documentation>This is the only subtype of a timestamp request message (code=0).</xs:documentation>
+					</xs:annotation>
+				</xs:element>
+			</xs:choice>
+			<xs:element name="Originate_Timestamp" type="cyboxCommon:NonNegativeIntegerObjectPropertyType" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>32-bits; number of ms since midnight UT. The originate timestamp is the time the sender last touched the message before senting it. If the time is not available in milliseconds or cannot be provided with respect to midnight UT, then any time can be inserted in a timestamp provided the high order bit of the timestamp is also set to indicate this non-standard value.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+		</xs:sequence>
+	</xs:complexType>
+	<xs:complexType name="ICMPv4TimestampReplyType">
+		<xs:annotation>
+			<xs:documentation>Time Stamp Reply informational message; ICMP type=14.</xs:documentation>
+		</xs:annotation>
+		<xs:sequence>
+			<xs:choice minOccurs="0">
+				<xs:element name="Timestamp_Reply" type="xs:boolean" minOccurs="1">
+					<xs:annotation>
+						<xs:documentation>This is the only subtype of a timestamp reply message (code=0).</xs:documentation>
+					</xs:annotation>
+				</xs:element>
+			</xs:choice>
+			<xs:element name="Originate_Timestamp" type="cyboxCommon:NonNegativeIntegerObjectPropertyType" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>The originate timestamp is the time the sender last touched the message before senting it. If the time is not available in milliseconds or cannot be provided with respect to midnight UT, then any time can be inserted in a timestamp provided the high order bit of the timestamp is also set to indicate this non-standard value.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="Receive_Timestamp" type="cyboxCommon:NonNegativeIntegerObjectPropertyType" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>The receive timestamp is the time the echoer first touched the message on receipt. If the time is not available in milliseconds or cannot be provided with respect to midnight UT, then any time can be inserted in a timestamp provided the high order bit of the timestamp is also set to indicate this non-standard value.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="Transmit_Timestamp" type="cyboxCommon:NonNegativeIntegerObjectPropertyType" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>The transmit timestamp is the time the echoer last touched the message on sending it. If the time is not available in milliseconds or cannot be provided with respect to midnight UT, then any time can be inserted in a timestamp provided the high order bit of the timestamp is also set to indicate this non-standard value.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+		</xs:sequence>
+	</xs:complexType>
+	<xs:complexType name="ICMPv4AddressMaskRequestType">
+		<xs:annotation>
+			<xs:documentation>Address Mask Request informational message; ICMP type=17.</xs:documentation>
+		</xs:annotation>
+		<xs:sequence>
+			<xs:choice minOccurs="0">
+				<xs:element name="Address_Mask_Request" type="xs:boolean" minOccurs="1">
+					<xs:annotation>
+						<xs:documentation>This is the only possible subtype of an address mask request message (code=0).</xs:documentation>
+					</xs:annotation>
+				</xs:element>
+			</xs:choice>
+			<xs:element name="Address_Mask" type="AddressObj:AddressObjectType" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>The address mask can be set to 0 in an address mask request message (as opposed to an address mask reply message, in which case it should be set to the subnet mask).</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+		</xs:sequence>
+	</xs:complexType>
+	<xs:complexType name="ICMPv4AddressMaskReplyType">
+		<xs:annotation>
+			<xs:documentation>Address Mask informational message; ICMP type=18.</xs:documentation>
+		</xs:annotation>
+		<xs:sequence>
+			<xs:choice minOccurs="0">
+				<xs:element name="Address_Mask_Reply" type="xs:boolean" minOccurs="1">
+					<xs:annotation>
+						<xs:documentation>This is the only possible subtype of an address mask reply message (code=0).</xs:documentation>
+					</xs:annotation>
+				</xs:element>
+			</xs:choice>
+			<xs:element name="Address_Mask" type="AddressObj:AddressObjectType" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>This address mask field should be set to the subnet mask.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+		</xs:sequence>
+	</xs:complexType>
+	<xs:complexType name="ICMPv6DestinationUnreachableType">
+		<xs:annotation>
+			<xs:documentation>Destination unreachable error message; ICMP v6 type=1.</xs:documentation>
+		</xs:annotation>
+		<xs:choice minOccurs="0">
+			<xs:element name="No_Route" type="xs:boolean" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>No route to destination (ICMP v6 code=0).</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="Comm_Prohibited" type="xs:boolean" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>Communication with destination administratively prohibited (ICMP v6 code=1).</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="Beyond_Scope" type="xs:boolean" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>Beyond scope of source address (ICMP v6 code =2).</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="Address_Unreachable" type="xs:boolean" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>Address is unreachable (ICMP v6 code=3).</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="Port_Unreachable" type="xs:boolean" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>Port is unreachable (ICMP v6 code=4).</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="Src_Addr_Failed_Policy" type="xs:boolean" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>Source address failed ingress/egress policy (ICMP v6 code=5).</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="Reject_Route" type="xs:boolean" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>Reject route to destination (ICMP v6 code=6).</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+		</xs:choice>
+	</xs:complexType>
+	<xs:complexType name="ICMPv6PacketTooBigType">
+		<xs:annotation>
+			<xs:documentation>Packet too big error message; ICMP v6 type=2.</xs:documentation>
+		</xs:annotation>
+		<xs:sequence minOccurs="0">
+			<xs:choice minOccurs="0">
+				<xs:element name="Packet_Too_Big" type="xs:boolean" minOccurs="0">
+					<xs:annotation>
+						<xs:documentation>Only one code value is defined and is set to 0 (zero) by the originator and ignored by the receiver. </xs:documentation>
+					</xs:annotation>
+				</xs:element>
+			</xs:choice>
+			<xs:element name="MTU" type="cyboxCommon:HexBinaryObjectPropertyType" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>Maximum Transmission Unit describes the size limit for any given physical network.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+		</xs:sequence>
+	</xs:complexType>
+	<xs:complexType name="ICMPv6TimeExceededType">
+		<xs:annotation>
+			<xs:documentation>Time exceeded error message; ICMP v6 type=3.</xs:documentation>
+		</xs:annotation>
+		<xs:choice minOccurs="0">
+			<xs:element name="Hop_Limit_Exceeded" type="xs:boolean" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>Hop limit exceeded in transit (ICMP v6 code=0).</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="Fragment_Reassem_Time_Exceeded" type="xs:boolean" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>Fragment reassembly time exceeded (ICMP v6 code=1).</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+		</xs:choice>
+	</xs:complexType>
+	<xs:complexType name="ICMPv6ParameterProblemType">
+		<xs:annotation>
+			<xs:documentation>Parameter problem error message; ICMP v6 type=4.</xs:documentation>
+		</xs:annotation>
+		<xs:sequence minOccurs="0">
+			<xs:choice minOccurs="0">
+				<xs:element name="Erroneous_Header_Field" type="xs:boolean" minOccurs="0">
+					<xs:annotation>
+						<xs:documentation>Erroneous header field encountered (ICMP v6 code=0).</xs:documentation>
+					</xs:annotation>
+				</xs:element>
+				<xs:element name="Unrecognized_Next_Header_Type" type="xs:boolean" minOccurs="0">
+					<xs:annotation>
+						<xs:documentation>Unrecognized next header type encountered (ICMP v6 code=1).</xs:documentation>
+					</xs:annotation>
+				</xs:element>
+				<xs:element name="Unrecognized_IPv6_Option" type="xs:boolean" minOccurs="0">
+					<xs:annotation>
+						<xs:documentation>Unrecognized IP v6 option encountered (ICMP v6 code=2).</xs:documentation>
+					</xs:annotation>
+				</xs:element>
+			</xs:choice>
+			<xs:element name="Pointer" type="cyboxCommon:HexBinaryObjectPropertyType" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>identifies octet offset within invoking packet where error was detected.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+		</xs:sequence>
+	</xs:complexType>
+	<xs:complexType name="ICMPv6EchoRequestType">
+		<xs:annotation>
+			<xs:documentation>Echo request informational ICMP v6 message; type=128.</xs:documentation>
+		</xs:annotation>
+		<xs:sequence minOccurs="0">
+			<xs:choice minOccurs="0">
+				<xs:element name="Echo_Request" type="xs:boolean" minOccurs="0">
+					<xs:annotation>
+						<xs:documentation>Every node must implement an ICMP v6 Echo responder function that receives Echo Requests (ICMP v6 code=0).</xs:documentation>
+					</xs:annotation>
+				</xs:element>
+			</xs:choice>
+			<xs:element name="Data" type="cyboxCommon:HexBinaryObjectPropertyType" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>Zero or more octets of arbitrary data.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+		</xs:sequence>
+	</xs:complexType>
+	<xs:complexType name="ICMPv6EchoReplyType">
+		<xs:annotation>
+			<xs:documentation>Echo reply informational ICMP v6 message; type=129.</xs:documentation>
+		</xs:annotation>
+		<xs:choice minOccurs="0">
+			<xs:choice minOccurs="0">
+				<xs:element name="Echo_Reply" type="xs:boolean" minOccurs="0">
+					<xs:annotation>
+						<xs:documentation>Every node must implement an ICMP v6 Echo responder function that originates corresponding Echo Replies(ICMP v6 code=0).</xs:documentation>
+					</xs:annotation>
+				</xs:element>
+			</xs:choice>
+			<xs:element name="Data" type="cyboxCommon:HexBinaryObjectPropertyType" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>This is the data from the invoking echo request message. </xs:documentation>
+				</xs:annotation>
+			</xs:element>
+		</xs:choice>
+	</xs:complexType>
+	<xs:complexType name="PrefixType">
+		<xs:annotation>
+			<xs:documentation>Provides an IP address or a prefix of an IP address for NDP for IPv6.</xs:documentation>
+		</xs:annotation>
+		<xs:choice>
+			<xs:element name="IPv6_Addr" type="AddressObj:AddressObjectType" minOccurs="1">
+				<xs:annotation>
+					<xs:documentation>IPv6 address</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="IP_Addr_Prefix" type="AddressObj:AddressObjectType" minOccurs="1">
+				<xs:annotation>
+					<xs:documentation>The initial bits of an IPv6 address (these are identical for all hosts in a network) form the network's prefix. http://ipv6.com/articles/general/IPv6-Addressing.htm</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+		</xs:choice>
+	</xs:complexType>
+	<xs:complexType name="HopByHopOptionsType">
+		<xs:annotation>
+			<xs:documentation>Defines fields for the IPv6 Hop-by-Hop Options header which is used to carry optional information that must be examined by every node along a packet's delivery path.</xs:documentation>
+		</xs:annotation>
+		<xs:sequence minOccurs="0">
+			<xs:element name="Next_Header" type="PacketObj:IANAAssignedIPNumbersType" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>Identifies the type of header immediately following the Hop-by-Hop Options header. Uses the same values as the IPv4 Protocol field.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="Header_Ext_Len" type="cyboxCommon:HexBinaryObjectPropertyType" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>Length of the Hop-by-Hop Options header in 8-octet units, not including the first 8 octets.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="Option_Data" type="PacketObj:OptionDataType" minOccurs="0" maxOccurs="unbounded">
+				<xs:annotation>
+					<xs:documentation>Variable-length field, of length such that the complete Hop-by-Hop Options header is an integer multiple of 8 octets long. Contains one or more type-length-value (TLV)-encoded options.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+		</xs:sequence>
+	</xs:complexType>
+	<xs:complexType name="OptionDataType">
+		<xs:annotation>
+			<xs:documentation>Defines the variable-length fields associated with IPv6 extension headers (the Hop-by-Hop Options header and the Destination Options header). Contains one or more type-length-value (TLV)-encoded options.</xs:documentation>
+		</xs:annotation>
+		<xs:sequence minOccurs="0">
+			<xs:element name="Option_Type" type="PacketObj:IPv6OptionType" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>Identifies the type of option. This 8-bit Option Type identifier is internally encoded such that different bits have different meanings. These meanings are further specified in the IPv6OptionType type. </xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="Option_Data_Len" type="cyboxCommon:HexBinaryObjectPropertyType" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>Length of the Option Data field of this option, in octets.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:choice minOccurs="0">
+				<xs:annotation>
+					<xs:documentation/>
+				</xs:annotation>
+				<xs:element name="Pad1" type="PacketObj:Pad1Type" minOccurs="0">
+					<xs:annotation>
+						<xs:documentation>The Pad1 option is used to insert one octet of padding into the Options area of a header. The Pad1 option does not have length and value fields.</xs:documentation>
+					</xs:annotation>
+				</xs:element>
+				<xs:element name="PadN" type="PacketObj:PadNType" minOccurs="0">
+					<xs:annotation>
+						<xs:documentation>The PadN option is used to insert two or more octets of paddings into the Options area of a header.</xs:documentation>
+					</xs:annotation>
+				</xs:element>
+			</xs:choice>
+		</xs:sequence>
+	</xs:complexType>
+	<xs:complexType name="RoutingType">
+		<xs:annotation>
+			<xs:documentation>Specifies the fields of the Routing header, which is used by an IPv6 source to list one or more intermediate nodes to be "visited" on the way to a packet's destination. http://tools.ietf.org/html/rfc2460</xs:documentation>
+		</xs:annotation>
+		<xs:sequence minOccurs="0">
+			<xs:element name="Next_Header" type="PacketObj:IANAAssignedIPNumbersType" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>Identifies the type of header immediately following the Routing header. Uses the same values as the IPv4 Protocol field.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="Header_Ext_Len" type="cyboxCommon:IntegerObjectPropertyType" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>length of the Routing header in 8-octet units, not including the first 8 octets.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="Routing_Type" type="cyboxCommon:HexBinaryObjectPropertyType" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>8-bit identifiers of a particular Routing header variant. Further definition will be added as required.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="Segments_Left" type="cyboxCommon:IntegerObjectPropertyType" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>Number of route segments remaining, i.e., number of explicitly listed intermediate nodes still to be visited before reaching the final destination. http://tools.ietf.org/html/rfc2460</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="Type_Specific_Data" type="cyboxCommon:StringObjectPropertyType" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>Variable length field, of format determined by the Routing Type.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+		</xs:sequence>
+	</xs:complexType>
+	<xs:complexType name="FragmentType">
+		<xs:annotation>
+			<xs:documentation>Specifies the fields of the Fragment header, which is used by an IPv6 source to send a packet larger than would fit in the path MTU. http://tools.ietf.org/html/rfc2460</xs:documentation>
+		</xs:annotation>
+		<xs:sequence minOccurs="0" maxOccurs="unbounded">
+			<xs:element name="Fragment_Header" type="PacketObj:FragmentHeaderType" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>Each fragment has a header containing next header information, the offset of the fragment, an M flag specifying whether or not it is the last fragment, and an identification value.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="Fragment" type="cyboxCommon:HexBinaryObjectPropertyType" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>The fragment of the packet that corresponds to the fragment header. The length of the fragment must fit with the MTU of the path to the packets' destination.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+		</xs:sequence>
+	</xs:complexType>
+	<xs:complexType name="DestinationOptionsType">
+		<xs:annotation>
+			<xs:documentation>Defines fields for the IPv6 Destination Options header which is used to carry optional information that needs to be examined only by a packet's destination node(s).</xs:documentation>
+		</xs:annotation>
+		<xs:sequence minOccurs="0">
+			<xs:element name="Next_Header" type="PacketObj:IANAAssignedIPNumbersType" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>Identifies the type of header immediately following the Destination_Options options header. Uses the same values as the IPv4 Protocol field.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="Header_Ext_Len" type="cyboxCommon:HexBinaryObjectPropertyType" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>Length of the Destination Options header in 8-octet units, not including the first 8 octets.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="Option_Data" type="PacketObj:OptionDataType" minOccurs="0" maxOccurs="unbounded">
+				<xs:annotation>
+					<xs:documentation>Variable-length field, of length such that the complete Destinations Options header is an integer multiple of 8 octets long. Contains one or more type-length-value (TLV)-encoded options.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+		</xs:sequence>
+	</xs:complexType>
+	<xs:complexType name="AuthenticationHeaderType">
+		<xs:annotation>
+			<xs:documentation>The IP Authentication Header is used to provide connectionless integrity and data origin authentication for IP datagrams and to provide protection against replays. http://www.ietf.org/rfc/rfc2402.txt</xs:documentation>
+		</xs:annotation>
+		<xs:sequence minOccurs="0">
+			<xs:element name="Next_Header" type="PacketObj:IANAAssignedIPNumbersType" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>Identifies the type of header immediately following the Authentication header. Uses the same values as the IPv4 Protocol field.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="Header_Ext_Len" type="cyboxCommon:HexBinaryObjectPropertyType" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>An 8-bit field specifying the length of the AH in 32-bit words.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="Security_Parameters_Index" type="cyboxCommon:HexBinaryObjectPropertyType" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>The SPI is an arbitrary 32-bit value that, in combination with the destination IP address and security protocol (AH), uniquely identifies the Security Association for this datagram. The set of SPI values in the range 1 through 255 are reserved by the Internet Assigned Numbers Authority (IANA) for future use. http://www.ietf.org/rfc/rfc2402.txt</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="Sequence_Number" type="cyboxCommon:HexBinaryObjectPropertyType" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>This unsigned 32-bit field contains a monotonically increasing counter value (sequence number). </xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="Authenication_Data" type="cyboxCommon:HexBinaryObjectPropertyType" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>This is a variable-length field that contains the Integrity Check Value (ICV) for this packet. The field must be an integer multiple of 32 bits in length.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+		</xs:sequence>
+	</xs:complexType>
+	<xs:complexType name="ExcapsulatingSecurityPayloadType">
+		<xs:annotation>
+			<xs:documentation>ESP is used to provide confidentiality, data origin authentication, connectionless integrity, an anti-replay service (a form of partial sequence integrity), and limited traffic flow confidentiality. http://www.ietf.org/rfc/rfc2406.txt</xs:documentation>
+		</xs:annotation>
+		<xs:sequence minOccurs="0">
+			<xs:element name="Security_Parameters_Index" type="cyboxCommon:HexBinaryObjectPropertyType" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>The SPI is an arbitrary 32-bit value that, in combination with the destination IP address and security protocol (ESP), uniquely identifies the Security Association for this datagram. http://www.ietf.org/rfc/rfc2406.txt</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="Sequence_Number" type="cyboxCommon:HexBinaryObjectPropertyType" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>This unsigned 32-bit field contains a monotonically increasing counter value (sequence number). </xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="Payload_Data" type="cyboxCommon:HexBinaryObjectPropertyType" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>Payload Data is a variable-length field containing data described by the Next Header field. </xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="Padding" type="cyboxCommon:HexBinaryObjectPropertyType" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>The padding field can be used for various reasons, such as to fill in the plaintext as required by an encryption algorithm or to conceal the actual length of the payload.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="Padding_Len" type="cyboxCommon:HexBinaryObjectPropertyType" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>The pad length indicates the number of pad bytes immediately preceding it. Range is 0-255, where a value of zero indicates that no padding bytes are present. http://www.ietf.org/rfc/rfc2406.txt</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="Next_Header" type="PacketObj:IANAAssignedIPNumbersType" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>Identifies the type data contained in the payload data field. Uses the same values as the IPv4 Protocol field.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="Authenication_Data" type="cyboxCommon:HexBinaryObjectPropertyType" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>The Authentication Data is a variable-length field containing an Integrity Check Value (ICV) computed over the ESP packet minus the Authentication Data. http://www.ietf.org/rfc/rfc2406.txt</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+		</xs:sequence>
+	</xs:complexType>
+	<xs:complexType name="Pad1Type">
+		<xs:annotation>
+			<xs:documentation>The Pad1 type specifies how one octet of padding is inserted into the Options area of a header. The Pad1 option type does not have length and value fields.</xs:documentation>
+		</xs:annotation>
+		<xs:sequence minOccurs="0">
+			<xs:element name="Octet" type="cyboxCommon:HexBinaryObjectPropertyType" fixed="00">
+				<xs:annotation>
+					<xs:documentation>The fixed 00 value specifies that the Pad1 option is used and also serves as the single octet of padding.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+		</xs:sequence>
+	</xs:complexType>
+	<xs:complexType name="PadNType">
+		<xs:annotation>
+			<xs:documentation>The PadN type specifies how two or more octets of padding are inserted into the Options area of a header.</xs:documentation>
+		</xs:annotation>
+		<xs:sequence minOccurs="0">
+			<xs:element name="Octet" type="cyboxCommon:HexBinaryObjectPropertyType" fixed="01" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>Specifies the PandN option.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="Option_Data_Length" type="cyboxCommon:IntegerObjectPropertyType" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>Length of the padding. For N octets of padding, the Option_Data_Length fields contains the value N-2.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="Option_Data" type="cyboxCommon:IntegerObjectPropertyType" fixed="00" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>Actual padding; consists of N-2 zero-valued octets.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+		</xs:sequence>
+	</xs:complexType>
+	<xs:complexType name="FragmentHeaderType">
+		<xs:annotation>
+			<xs:documentation>Each fragment has a header containing next header information, the offset of the fragment, an M flag specifying whether or not it is the last fragment, and an identification value.</xs:documentation>
+		</xs:annotation>
+		<xs:sequence minOccurs="0">
+			<xs:element name="Next_Header" type="cyboxCommon:HexBinaryObjectPropertyType" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>Identifies the type of header immediately following the Fragment header. Uses the same values as the IPv4 Protocol field.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="Fragment_Offset" type="cyboxCommon:HexBinaryObjectPropertyType" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>13-bit unsigned integer. The offset, in 8-octet units, of the data following this header, relative to the start of the Fragmentable Part or the original packet.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="M_Flag" type="PacketObj:MFlagType" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>Indicates whether this is the last fragment or whether there are more fragments.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="Identification" type="cyboxCommon:HexBinaryObjectPropertyType" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>For every packet that is to be fragmented, the source node generates a 32-bit Identification value. </xs:documentation>
+				</xs:annotation>
+			</xs:element>
+		</xs:sequence>
+	</xs:complexType>
+	<xs:complexType name="MFlagType">
+		<xs:annotation>
+			<xs:documentation>MFlagType specifies whether there are more fragments, via a union of the MFlagTypeEnum type and the atomic xs:string type. Its base type is the BaseObjectPropertyType, for permitting complex (i.e. regular-expression based) specifications.</xs:documentation>
+		</xs:annotation>
+		<xs:simpleContent>
+			<xs:restriction base="cyboxCommon:BaseObjectPropertyType">
+				<xs:simpleType>
+					<xs:union memberTypes="PacketObj:MFlagTypeEnum xs:string"/>
+				</xs:simpleType>
+				<xs:attribute name="datatype" type="cyboxCommon:DatatypeEnum" fixed="string">
+					<xs:annotation>
+						<xs:documentation>This attribute is optional and specifies the expected type for the value of the specified property.</xs:documentation>
+					</xs:annotation>
+				</xs:attribute>
+			</xs:restriction>
+		</xs:simpleContent>
+	</xs:complexType>
+	<xs:simpleType name="MFlagTypeEnum">
+		<xs:annotation>
+			<xs:documentation>Used by the IPv6 Fragment Header to indicate whether or not there are more fragments.</xs:documentation>
+		</xs:annotation>
+		<xs:restriction base="xs:string">
+			<xs:enumeration value="lastfragment(0)">
+				<xs:annotation>
+					<xs:documentation>Fragment is the last fragment.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="morefragments(1)">
+				<xs:annotation>
+					<xs:documentation>There are more fragments (current is not the last).</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+		</xs:restriction>
+	</xs:simpleType>
+</xs:schema>
\ No newline at end of file
diff --git a/stix_validator/schema/cybox/objects/Network_Route_Entry_Object.xsd b/stix_validator/schema/cybox/objects/Network_Route_Entry_Object.xsd
new file mode 100755
index 0000000..8c9b596
--- /dev/null
+++ b/stix_validator/schema/cybox/objects/Network_Route_Entry_Object.xsd
@@ -0,0 +1,155 @@
+<?xml version="1.0" encoding="utf-8"?>
+<xs:schema xmlns:xs="http://www.w3.org/2001/XMLSchema" xmlns:AddressObj="http://cybox.mitre.org/objects#AddressObject-2" xmlns:NetworkRouteEntryObj="http://cybox.mitre.org/objects#NetworkRouteEntryObject-2" xmlns:cyboxCommon="http://cybox.mitre.org/common-2" targetNamespace="http://cybox.mitre.org/objects#NetworkRouteEntryObject-2" elementFormDefault="qualified" attributeFormDefault="unqualified" version="2.0">
+	<xs:annotation>
+		<xs:documentation>This schema was originally developed by The MITRE Corporation. The CybOX XML Schema implementation is maintained by The MITRE Corporation and developed by the open CybOX Community. For more information, including how to get involved in the effort and how to submit change requests, please visit the CybOX website at http://cybox.mitre.org. </xs:documentation>
+		<xs:appinfo>
+			<schema>Network_Route_Entry_Object</schema>
+			<version>2.0</version>
+			<date>02/11/2013 9:00:00 AM</date>
+			<short_description>The following specifies the fields and types that compose this defined CybOX Object type. Each defined object is an extension of the abstract ObjectPropertiesType, defined in CybOX Common. For more information on this extension mechanism, please see the CybOX Specification. This document is intended for developers and assumes some familiarity with XML. </short_description>
+			<terms_of_use>Copyright (c) 2012-2013, The MITRE Corporation. All rights reserved. The contents of this file are subject to the terms of the CybOX License located at http://cybox.mitre.org/about/termsofuse.html. See the CybOX License for the specific language governing permissions and limitations for use of this schema. When distributing copies of the CybOX Schema, this license header must be included. </terms_of_use>
+		</xs:appinfo>
+	</xs:annotation>
+	<xs:import namespace="http://cybox.mitre.org/common-2" schemaLocation="../cybox_common.xsd"/>
+	<xs:import namespace="http://cybox.mitre.org/objects#AddressObject-2" schemaLocation="Address_Object.xsd"/>
+	<xs:element name="Network_Route_Entry" type="NetworkRouteEntryObj:NetworkRouteEntryObjectType">
+		<xs:annotation>
+			<xs:documentation>The Network_Route_Entry object is intended to characterize generic system network routing table entries.</xs:documentation>
+		</xs:annotation>
+	</xs:element>
+	<xs:complexType name="NetworkRouteEntryObjectType" mixed="false">
+		<xs:annotation>
+			<xs:documentation>The NetworkRouteEntryObjectType type is intended to characterize generic system network routing table entries.</xs:documentation>
+		</xs:annotation>
+		<xs:complexContent>
+			<xs:extension base="cyboxCommon:ObjectPropertiesType">
+				<xs:sequence>
+					<xs:element name="Destination_Address" type="AddressObj:AddressObjectType" minOccurs="0">
+						<xs:annotation>
+							<xs:documentation>The Destination_Address field specifies the destination IP address of the network route. It imports and uses the AddressObjectType from the CybOX Address object.</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+					<xs:element name="Origin" type="AddressObj:AddressObjectType" minOccurs="0">
+						<xs:annotation>
+							<xs:documentation>The Origin field specifies the origin address of the network route. It imports and uses the AddressObjectType from the CybOX Address object.</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+					<xs:element name="Netmask" type="AddressObj:AddressObjectType" minOccurs="0">
+						<xs:annotation>
+							<xs:documentation>The Netmask field specifies the netmask for te destination network.</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+					<xs:element name="Gateway_Address" type="AddressObj:AddressObjectType" minOccurs="0">
+						<xs:annotation>
+							<xs:documentation>The Gateway_Address field specifies the IP address of the gateway through which all packets using this route will be gatewayed. It imports and uses the AddressObjectType from the CybOX Address object.</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+					<xs:element name="Metric" type="cyboxCommon:UnsignedLongObjectPropertyType" minOccurs="0">
+						<xs:annotation>
+							<xs:documentation>The Metric field specifies the distance to the target, in terms of hops.</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+					<xs:element name="Type" type="NetworkRouteEntryObj:RouteType" minOccurs="0">
+						<xs:annotation>
+							<xs:documentation>The Type field specifies the type of network route being characterized.</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+					<xs:element name="Protocol" type="cyboxCommon:StringObjectPropertyType" minOccurs="0">
+						<xs:annotation>
+							<xs:documentation>The Protocol field specifies the name of the routing protocol that the route was added with.</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+					<xs:element name="Interface" type="cyboxCommon:StringObjectPropertyType" minOccurs="0">
+						<xs:annotation>
+							<xs:documentation>The Interface field specifies the name of the network interface to which all packets for the route will be sent.</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+					<xs:element name="Preferred_Lifetime" type="cyboxCommon:DurationObjectPropertyType" minOccurs="0">
+						<xs:annotation>
+							<xs:documentation>The Preferred_Lifetime field specifies the preferred lifetime of the route, in seconds.</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+					<xs:element name="Valid_Lifetime" type="cyboxCommon:DurationObjectPropertyType" minOccurs="0">
+						<xs:annotation>
+							<xs:documentation>The Valid_Lifetime field specifies the lifetime for which the route is valid, in seconds.</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+					<xs:element name="Route_Age" type="cyboxCommon:DurationObjectPropertyType" minOccurs="0">
+						<xs:annotation>
+							<xs:documentation>The Route_Age field specifies the number of seconds since the route was added or modified in the routing table.</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+				</xs:sequence>
+				<xs:attribute name="is_ipv6" type="xs:boolean">
+					<xs:annotation>
+						<xs:documentation>The is_ipv6 field specifies whether the route uses IPv6 addresses.</xs:documentation>
+					</xs:annotation>
+				</xs:attribute>
+				<xs:attribute name="is_autoconfigure_address" type="xs:boolean">
+					<xs:annotation>
+						<xs:documentation>The is_autoconfigure_address field specifies whether the destination IP address for the route is automatically configured.</xs:documentation>
+					</xs:annotation>
+				</xs:attribute>
+				<xs:attribute name="is_immortal" type="xs:boolean">
+					<xs:annotation>
+						<xs:documentation>The is_immortal field specifies whether the lifetimes for the route prefixes are infinite.</xs:documentation>
+					</xs:annotation>
+				</xs:attribute>
+				<xs:attribute name="is_loopback" type="xs:boolean">
+					<xs:annotation>
+						<xs:documentation>The is_loopback field specifies whether the route is the default for all packets sent to local network addresses.</xs:documentation>
+					</xs:annotation>
+				</xs:attribute>
+				<xs:attribute name="is_publish" type="xs:boolean">
+					<xs:annotation>
+						<xs:documentation>The is_publish field specifies whether the route is published.</xs:documentation>
+					</xs:annotation>
+				</xs:attribute>
+			</xs:extension>
+		</xs:complexContent>
+	</xs:complexType>
+	<xs:complexType name="RouteType">
+		<xs:annotation>
+			<xs:documentation>RouteType specifies route types, via a union of the RouteTypeEnum type and the atomic xs:string type. Its base type is the CybOX Core BaseObjectPropertyType, for permitting complex (i.e. regular-expression based) specifications.</xs:documentation>
+		</xs:annotation>
+		<xs:simpleContent>
+			<xs:restriction base="cyboxCommon:BaseObjectPropertyType">
+				<xs:simpleType>
+					<xs:union memberTypes="NetworkRouteEntryObj:RouteTypeEnum xs:string"/>
+				</xs:simpleType>
+				<xs:attribute name="datatype" type="cyboxCommon:DatatypeEnum" fixed="string">
+					<xs:annotation>
+						<xs:documentation>This attribute is optional and specifies the expected type for the value of the specified property.</xs:documentation>
+					</xs:annotation>
+				</xs:attribute>
+			</xs:restriction>
+		</xs:simpleContent>
+	</xs:complexType>
+	<xs:simpleType name="RouteTypeEnum">
+		<xs:annotation>
+			<xs:documentation>The RouteTypeEnum type is an enumeration of network route types.</xs:documentation>
+		</xs:annotation>
+		<xs:restriction base="xs:string">
+			<xs:enumeration value="Other">
+				<xs:annotation>
+					<xs:documentation/>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Invalid">
+				<xs:annotation>
+					<xs:documentation>Indicates a route that is invalid.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Direct">
+				<xs:annotation>
+					<xs:documentation>Indicates routing from one machine directly to another, where both machines reside on the same physical network.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Indirect">
+				<xs:annotation>
+					<xs:documentation>Indicates routing that is not direct and must be set to a gateway.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+		</xs:restriction>
+	</xs:simpleType>
+</xs:schema>
\ No newline at end of file
diff --git a/stix_validator/schema/cybox/objects/Network_Route_Object.xsd b/stix_validator/schema/cybox/objects/Network_Route_Object.xsd
new file mode 100755
index 0000000..552103b
--- /dev/null
+++ b/stix_validator/schema/cybox/objects/Network_Route_Object.xsd
@@ -0,0 +1,93 @@
+<?xml version="1.0" encoding="utf-8"?>
+<xs:schema xmlns:xs="http://www.w3.org/2001/XMLSchema" xmlns:NetworkRouteObj="http://cybox.mitre.org/objects#NetworkRouteObject-2" xmlns:cyboxCommon="http://cybox.mitre.org/common-2" xmlns:NetworkRouteEntryObj="http://cybox.mitre.org/objects#NetworkRouteEntryObject-2" targetNamespace="http://cybox.mitre.org/objects#NetworkRouteObject-2" elementFormDefault="qualified" attributeFormDefault="unqualified" version="2.0">
+	<xs:annotation>
+		<xs:documentation>This schema was originally developed by The MITRE Corporation. The CybOX XML Schema implementation is maintained by The MITRE Corporation and developed by the open CybOX Community. For more information, including how to get involved in the effort and how to submit change requests, please visit the CybOX website at http://cybox.mitre.org. </xs:documentation>
+		<xs:appinfo>
+			<schema>Network_Route_Object</schema>
+			<version>2.0</version>
+			<date>02/11/2013 9:00:00 AM</date>
+			<short_description>The following specifies the fields and types that compose this defined CybOX Object type. Each defined object is an extension of the abstract ObjectPropertiesType, defined in CybOX Common. For more information on this extension mechanism, please see the CybOX Specification. This document is intended for developers and assumes some familiarity with XML. </short_description>
+			<terms_of_use>Copyright (c) 2012-2013, The MITRE Corporation. All rights reserved. The contents of this file are subject to the terms of the CybOX License located at http://cybox.mitre.org/about/termsofuse.html. See the CybOX License for the specific language governing permissions and limitations for use of this schema. When distributing copies of the CybOX Schema, this license header must be included. </terms_of_use>
+		</xs:appinfo>
+	</xs:annotation>
+	<xs:import namespace="http://cybox.mitre.org/common-2" schemaLocation="../cybox_common.xsd"/>
+	<xs:import namespace="http://cybox.mitre.org/objects#NetworkRouteEntryObject-2" schemaLocation="Network_Route_Entry_Object.xsd"/>
+	<xs:element name="Network_Route_Object" type="NetworkRouteObj:NetRouteObjectType">
+		<xs:annotation>
+			<xs:documentation>The Network_Route_Object object is intended to specify a single network route.</xs:documentation>
+		</xs:annotation>
+	</xs:element>
+	<xs:complexType name="NetRouteObjectType">
+		<xs:annotation>
+			<xs:documentation>The NetRouteObjectType type is intended to characterize a specific network route.</xs:documentation>
+		</xs:annotation>
+		<xs:complexContent>
+			<xs:extension base="cyboxCommon:ObjectPropertiesType">
+				<xs:sequence>
+					<xs:element name="Description" type="cyboxCommon:StructuredTextType" minOccurs="0">
+						<xs:annotation>
+							<xs:documentation>The Description field is intended for use in providing a brief description of the network route.</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+					<xs:element name="Network_Route_Entries" type="NetworkRouteObj:NetworkRouteEntriesType" minOccurs="0">
+						<xs:annotation>
+							<xs:documentation>The Network_Route_Entries field is optional and characterizes a set of network route segment entries.</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+					<xs:element name="Preferred_Lifetime" type="cyboxCommon:DurationObjectPropertyType" minOccurs="0">
+						<xs:annotation>
+							<xs:documentation>The Preferred_Lifetime field is intended to specify the preferred time, in seconds, that the IP route entry is valid. A value of 0xffffffff is considered to be infinite.</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+					<xs:element name="Valid_Lifetime" type="cyboxCommon:DurationObjectPropertyType" minOccurs="0">
+						<xs:annotation>
+							<xs:documentation>The Valid_Lifetime field is intended to specify the maximum time, in seconds, that the IP route entry is valid. A value of 0xffffffff is considered to be infinite.</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+					<xs:element name="Route_Age" type="cyboxCommon:DurationObjectPropertyType" minOccurs="0">
+						<xs:annotation>
+							<xs:documentation>The Route_Age field is intended to characterize the number of seconds since the route was added or modified in the network routing table.</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+				</xs:sequence>
+				<xs:attribute name="is_ipv6" type="xs:boolean">
+					<xs:annotation>
+						<xs:documentation>The is_ipv6 field specifies whether or not the route uses IPv6 addresses.</xs:documentation>
+					</xs:annotation>
+				</xs:attribute>
+				<xs:attribute name="is_autoconfigure_address" type="xs:boolean">
+					<xs:annotation>
+						<xs:documentation>The is_autoconfigure_address field specifies if the IP address is autoconfigured.</xs:documentation>
+					</xs:annotation>
+				</xs:attribute>
+				<xs:attribute name="is_immortal" type="xs:boolean">
+					<xs:annotation>
+						<xs:documentation>The is_immortal field specifies if the route is immortal.</xs:documentation>
+					</xs:annotation>
+				</xs:attribute>
+				<xs:attribute name="is_loopback" type="xs:boolean">
+					<xs:annotation>
+						<xs:documentation>The is_loopback field specifies if the route is a loopback route (the gateway is on the local host).</xs:documentation>
+					</xs:annotation>
+				</xs:attribute>
+				<xs:attribute name="is_publish" type="xs:boolean">
+					<xs:annotation>
+						<xs:documentation>The is_publish field specifies if the route is published.</xs:documentation>
+					</xs:annotation>
+				</xs:attribute>
+			</xs:extension>
+		</xs:complexContent>
+	</xs:complexType>
+	<xs:complexType name="NetworkRouteEntriesType">
+		<xs:annotation>
+			<xs:documentation>The NetworkRouteEntriesType type is intended to characterize the set of network route segments for this route.</xs:documentation>
+		</xs:annotation>
+		<xs:sequence>
+			<xs:element name="Network_Route_Entry" type="NetworkRouteEntryObj:NetworkRouteEntryObjectType" minOccurs="0" maxOccurs="unbounded">
+				<xs:annotation>
+					<xs:documentation>The Network_Route field is optional and characterizes a single network route segment entry.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+		</xs:sequence>
+	</xs:complexType>
+</xs:schema>
\ No newline at end of file
diff --git a/stix_validator/schema/cybox/objects/Network_Socket_Object.xsd b/stix_validator/schema/cybox/objects/Network_Socket_Object.xsd
new file mode 100755
index 0000000..d3e1302
--- /dev/null
+++ b/stix_validator/schema/cybox/objects/Network_Socket_Object.xsd
@@ -0,0 +1,524 @@
+<?xml version="1.0" encoding="utf-8"?>
+<xs:schema xmlns:xs="http://www.w3.org/2001/XMLSchema" xmlns:NetworkSocketObj="http://cybox.mitre.org/objects#NetworkSocketObject-2" xmlns:SocketAddressObj="http://cybox.mitre.org/objects#SocketAddressObject-1" xmlns:cyboxCommon="http://cybox.mitre.org/common-2" targetNamespace="http://cybox.mitre.org/objects#NetworkSocketObject-2" elementFormDefault="qualified" attributeFormDefault="unqualified" version="2.0">
+	<xs:annotation>
+		<xs:documentation>This schema was originally developed by The MITRE Corporation. The CybOX XML Schema implementation is maintained by The MITRE Corporation and developed by the open CybOX Community. For more information, including how to get involved in the effort and how to submit change requests, please visit the CybOX website at http://cybox.mitre.org. </xs:documentation>
+		<xs:appinfo>
+			<schema>Network_Socket_Object</schema>
+			<version>2.0</version>
+			<date>02/11/2013 9:00:00 AM</date>
+			<short_description>The following specifies the fields and types that compose this defined CybOX Object type. Each defined object is an extension of the abstract ObjectPropertiesType, defined in CybOX Common. For more information on this extension mechanism, please see the CybOX Specification. This document is intended for developers and assumes some familiarity with XML. </short_description>
+			<terms_of_use>Copyright (c) 2012-2013, The MITRE Corporation. All rights reserved. The contents of this file are subject to the terms of the CybOX License located at http://cybox.mitre.org/about/termsofuse.html. See the CybOX License for the specific language governing permissions and limitations for use of this schema. When distributing copies of the CybOX Schema, this license header must be included. </terms_of_use>
+		</xs:appinfo>
+	</xs:annotation>
+	<xs:import namespace="http://cybox.mitre.org/common-2" schemaLocation="../cybox_common.xsd"/>
+	<xs:import namespace="http://cybox.mitre.org/objects#SocketAddressObject-1" schemaLocation="Socket_Address_Object.xsd"/>
+	<xs:element name="Network_Socket" type="NetworkSocketObj:NetworkSocketObjectType" nillable="true">
+		<xs:annotation>
+			<xs:documentation>The Network_Socket element is intended to characterize network sockets.</xs:documentation>
+		</xs:annotation>
+	</xs:element>
+	<xs:complexType name="NetworkSocketObjectType" mixed="false">
+		<xs:annotation>
+			<xs:documentation>The NetworkSocketObjectType is intended to characterize network sockets.</xs:documentation>
+		</xs:annotation>
+		<xs:complexContent>
+			<xs:extension base="cyboxCommon:ObjectPropertiesType">
+				<xs:sequence>
+					<xs:element name="Address_Family" type="NetworkSocketObj:AddressFamilyType" minOccurs="0">
+						<xs:annotation>
+							<xs:documentation>The Address_Family field specifies the address family (AF_*) that the socket is configured for.</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+					<xs:element name="Domain" type="NetworkSocketObj:DomainFamilyType" minOccurs="0">
+						<xs:annotation>
+							<xs:documentation>The Domain field specifies the communication domain (PF_*) of the socket.</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+					<xs:element name="Local_Address" type="SocketAddressObj:SocketAddressObjectType" minOccurs="0">
+						<xs:annotation>
+							<xs:documentation>The Local_Address field specifies the IP address and port for the socket on the local machine.</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+					<xs:element name="Options" type="NetworkSocketObj:SocketOptionsType" minOccurs="0">
+						<xs:annotation>
+							<xs:documentation>The Options field specifies any particular options used by the socket.</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+					<xs:element name="Protocol" type="NetworkSocketObj:ProtocolType" minOccurs="0">
+						<xs:annotation>
+							<xs:documentation>The Protocol field specifies the type of IP layer protocol used by the socket.</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+					<xs:element name="Remote_Address" type="SocketAddressObj:SocketAddressObjectType" minOccurs="0">
+						<xs:annotation>
+							<xs:documentation>The Remote_Address field specifies the IP address and port for the socket on the remote machine.</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+					<xs:element name="Type" type="NetworkSocketObj:SocketType" minOccurs="0">
+						<xs:annotation>
+							<xs:documentation>The Type field specifies the type of socket being characterized.</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+				</xs:sequence>
+				<xs:attribute name="is_blocking" type="xs:boolean">
+					<xs:annotation>
+						<xs:documentation>The is_blocking field specifies whether or not the socket is in blocking mode. </xs:documentation>
+					</xs:annotation>
+				</xs:attribute>
+				<xs:attribute name="is_listening" type="xs:boolean">
+					<xs:annotation>
+						<xs:documentation>The is_listening field specifies whether or not the socket is in listening mode.</xs:documentation>
+					</xs:annotation>
+				</xs:attribute>
+			</xs:extension>
+		</xs:complexContent>
+	</xs:complexType>
+	<xs:complexType name="SocketOptionsType">
+		<xs:annotation>
+			<xs:documentation>The SocketOptionsType specifies any particular options used by the socket. If an options is supported only by specific address families or socket types, that's indicated in parentheses.</xs:documentation>
+		</xs:annotation>
+		<xs:sequence>
+			<xs:element name="IP_MULTICAST_IF" type="cyboxCommon:StringObjectPropertyType" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>Set the interface over which outgoing multicast datagrams should be sent (AF_INET / SOCK_DGRAM or SOCK_RAW).</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="IP_MULTICAST_IF2" type="cyboxCommon:StringObjectPropertyType" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>Set the interface over which outgoing multicast datagrams should be sent (AF_INET6 / SOCK_DGRAM or SOCK_RAW) .</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="IP_MULTICAST_LOOP" type="xs:boolean" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>Specify that the sending host receives a copy of an outgoing multicast datagram (AF_INET / SOCK_DGRAM or SOCK_RAW).</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="IP_TOS" type="cyboxCommon:StringObjectPropertyType" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>Set Type of Service (TOS) and Precedence in the IP header (AF_INET).</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="SO_BROADCAST" type="xs:boolean" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>Enable the socket for issuing messages to a broadcast address (AF_INET / SOCK_DGRAM or SOCK_RAW). (</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="SO_CONDITIONAL_ACCEPT" type="xs:boolean" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>Allows an application to decide whether or not to accept an incoming connection on a listening socket (Windows only).</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="SO_KEEPALIVE" type="xs:boolean" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>Keep the connection up by sending periodic transmissions (AF_INET or AF_INET6 / SOCK_STREAM).</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="SO_DONTROUTE" type="xs:boolean" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>Bypass normal routing mechanisms (AF_INET or AF_INET6 ) </xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="SO_LINGER" type="cyboxCommon:UnsignedIntegerObjectPropertyType" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>Specfies if the system attempts delivery of or discards any buffered data when a close() is issued.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="SO_DONTLINGER" type="xs:boolean" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>Complement of SO_LINGER.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="SO_OOBINLINE" type="xs:boolean" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation> Indicates whether out-of-band data is received inline with normal data (AF_INET or AF_INET6). </xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="SO_RCVBUF" type="cyboxCommon:UnsignedIntegerObjectPropertyType" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>Set size of the receive buffer.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="SO_GROUP_PRIORITY" type="cyboxCommon:UnsignedIntegerObjectPropertyType" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>Sets the relative priority for the socket in its group (Windows only).</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="SO_REUSEADDR" type="xs:boolean" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>Indicates if the local socket address can be reused (AF_INET or AF_INET6 / SOCK_DGRAM or SOCK_RAW)</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="SO_DEBUG" type="xs:boolean" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>Indicates if low-level debugging is active.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="SO_RCVTIMEO" type="cyboxCommon:UnsignedIntegerObjectPropertyType" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>Set the receive timeout value.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="SO_SNDBUF" type="cyboxCommon:UnsignedIntegerObjectPropertyType" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>Set size of the send buffer.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="SO_SNDTIMEO" type="cyboxCommon:UnsignedIntegerObjectPropertyType" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>Set the send timeout value.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="SO_UPDATE_ACCEPT_CONTEXT" type="cyboxCommon:UnsignedIntegerObjectPropertyType" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>Updates the properties of the socket which are inherited from the listening socket (Windows only).</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="SO_TIMEOUT" type="cyboxCommon:UnsignedIntegerObjectPropertyType" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>Set the socket timeout.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="TCP_NODELAY" type="xs:boolean" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>When set, TCP will send data immediately instead of using the Nagle delay algorithm (AF_INET or AF_INET6 / SOCK_STREAM). (</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+		</xs:sequence>
+	</xs:complexType>
+	<xs:complexType name="AddressFamilyType">
+		<xs:annotation>
+			<xs:documentation>AddressFamilyType specifies address family types, via a union of the AddressFamilyTypeEnum type and the atomic xs:string type. Its base type is the CybOX Core BaseObjectPropertyType, for permitting complex (i.e. regular-expression based) specifications.</xs:documentation>
+		</xs:annotation>
+		<xs:simpleContent>
+			<xs:restriction base="cyboxCommon:BaseObjectPropertyType">
+				<xs:simpleType>
+					<xs:union memberTypes="NetworkSocketObj:AddressFamilyTypeEnum xs:string"/>
+				</xs:simpleType>
+				<xs:attribute name="datatype" type="cyboxCommon:DatatypeEnum" fixed="string">
+					<xs:annotation>
+						<xs:documentation>This attribute is optional and specifies the expected type for the value of the specified property.</xs:documentation>
+					</xs:annotation>
+				</xs:attribute>
+			</xs:restriction>
+		</xs:simpleContent>
+	</xs:complexType>
+	<xs:complexType name="DomainFamilyType">
+		<xs:annotation>
+			<xs:documentation>DomainFamilyType specifies domain family types, via a union of the DomainTypeEnum type and the atomic xs:string type. Its base type is the CybOX Core BaseObjectPropertyType, for permitting complex (i.e. regular-expression based) specifications.</xs:documentation>
+		</xs:annotation>
+		<xs:simpleContent>
+			<xs:restriction base="cyboxCommon:BaseObjectPropertyType">
+				<xs:simpleType>
+					<xs:union memberTypes="NetworkSocketObj:DomainTypeEnum xs:string"/>
+				</xs:simpleType>
+				<xs:attribute name="datatype" type="cyboxCommon:DatatypeEnum" fixed="string">
+					<xs:annotation>
+						<xs:documentation>This attribute is optional and specifies the expected type for the value of the specified property.</xs:documentation>
+					</xs:annotation>
+				</xs:attribute>
+			</xs:restriction>
+		</xs:simpleContent>
+	</xs:complexType>
+	<xs:complexType name="SocketType">
+		<xs:annotation>
+			<xs:documentation>SocketType specifies socket types, via a union of the SocketTypeEnum type and the atomic xs:string type. Its base type is the CybOX Core BaseObjectPropertyType, for permitting complex (i.e. regular-expression based) specifications.</xs:documentation>
+		</xs:annotation>
+		<xs:simpleContent>
+			<xs:restriction base="cyboxCommon:BaseObjectPropertyType">
+				<xs:simpleType>
+					<xs:union memberTypes="NetworkSocketObj:SocketTypeEnum xs:string"/>
+				</xs:simpleType>
+				<xs:attribute name="datatype" type="cyboxCommon:DatatypeEnum" fixed="string">
+					<xs:annotation>
+						<xs:documentation>This attribute is optional and specifies the expected type for the value of the specified property.</xs:documentation>
+					</xs:annotation>
+				</xs:attribute>
+			</xs:restriction>
+		</xs:simpleContent>
+	</xs:complexType>
+	<xs:complexType name="ProtocolType">
+		<xs:annotation>
+			<xs:documentation>ProtocolType specifies protocol types, via a union of the ProtocolTypeEnum type and the atomic xs:string type. Its base type is the CybOX Core BaseObjectPropertyType, for permitting complex (i.e. regular-expression based) specifications.</xs:documentation>
+		</xs:annotation>
+		<xs:simpleContent>
+			<xs:restriction base="cyboxCommon:BaseObjectPropertyType">
+				<xs:simpleType>
+					<xs:union memberTypes="NetworkSocketObj:ProtocolTypeEnum xs:string"/>
+				</xs:simpleType>
+				<xs:attribute name="datatype" type="cyboxCommon:DatatypeEnum" fixed="string">
+					<xs:annotation>
+						<xs:documentation>This attribute is optional and specifies the expected type for the value of the specified property.</xs:documentation>
+					</xs:annotation>
+				</xs:attribute>
+			</xs:restriction>
+		</xs:simpleContent>
+	</xs:complexType>
+	<xs:simpleType name="AddressFamilyTypeEnum">
+		<xs:annotation>
+			<xs:documentation>The AddressFamilyTypeEnum is an enumeration of address family (AF_*) types.</xs:documentation>
+		</xs:annotation>
+		<xs:restriction base="xs:string">
+			<xs:enumeration value="AF_UNSPEC">
+				<xs:annotation>
+					<xs:documentation>Specifies an unspecified address family.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="AF_INET">
+				<xs:annotation>
+					<xs:documentation>Specifies sockets using for the Internet when using Berkeley sockets.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="AF_IPX">
+				<xs:annotation>
+					<xs:documentation>Specifies the IPX (Novell Internet Protocol) address family.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="AF_APPLETALK">
+				<xs:annotation>
+					<xs:documentation>Specifies the APPLETALK DDP address family.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="AF_NETBIOS">
+				<xs:annotation>
+					<xs:documentation>Specifies the NETBIOS address family.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="AF_INET6">
+				<xs:annotation>
+					<xs:documentation>Specifies the IP version 6 address family.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="AF_IRDA">
+				<xs:annotation>
+					<xs:documentation>Specifies IRDA sockets.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="AF_BTH">
+				<xs:annotation>
+					<xs:documentation>Specifies BTH sockets.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+		</xs:restriction>
+	</xs:simpleType>
+	<xs:simpleType name="DomainTypeEnum">
+		<xs:annotation>
+			<xs:documentation>The DomainTypeEnum is an enumeration of communication domain (PF_*) types.</xs:documentation>
+		</xs:annotation>
+		<xs:restriction base="xs:string">
+			<xs:enumeration value="PF_LOCAL">
+				<xs:annotation>
+					<xs:documentation>Specifies the communication domain from local to host.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="PF_UNIX">
+				<xs:annotation>
+					<xs:documentation>Specifies the communication domain from UNIX to host.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="PF_FILE">
+				<xs:annotation>
+					<xs:documentation>Specifies the communication domain from file to host.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="PF_INET">
+				<xs:annotation>
+					<xs:documentation>Specifies the IP protocol family.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="PF_AX25">
+				<xs:annotation>
+					<xs:documentation>Specifies the Amateur Radio AX.25 family.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="PF_IPX">
+				<xs:annotation>
+					<xs:documentation>Specifies the Novell Internet Protocol family.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="PF_INET6">
+				<xs:annotation>
+					<xs:documentation>Specifies the IP version 6 protocol family.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="PF_APPLETALK">
+				<xs:annotation>
+					<xs:documentation>Specifies the Appletalk DDP protocol family.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="PF_NETROM">
+				<xs:annotation>
+					<xs:documentation>Specifies the Amateur radio NetROM protocol family.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="PF_BRIDGE">
+				<xs:annotation>
+					<xs:documentation>Specifies the Multiprotocol bridge protocol family.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="PF_ATMPVC">
+				<xs:annotation>
+					<xs:documentation>Specifies the ATM PVCs protocol family.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="PF_X25">
+				<xs:annotation>
+					<xs:documentation>Specifies the protocol family reserved for the X.25 project.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="PF_ROSE">
+				<xs:annotation>
+					<xs:documentation>Specifies the PF_KEY key management API family.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="PF_DECnet">
+				<xs:annotation>
+					<xs:documentation>Specifies the protocol family reserved for the DECnet project.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="PF_NETBEUI">
+				<xs:annotation>
+					<xs:documentation>Specifies the protocol family reserved for the 802.2LLC project.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="PF_SECURITY">
+				<xs:annotation>
+					<xs:documentation>Specifies the Security callback pseudo AF protocol family.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="PF_KEY">
+				<xs:annotation>
+					<xs:documentation>Specifies the PF_KEY key management API protocol family.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="PF_NETLINK">
+				<xs:annotation>
+					<xs:documentation>Specifies the netlink routing API family.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="PF_ROUTE">
+				<xs:annotation>
+					<xs:documentation>Specifies the PF_ROUTE routing API family.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="PF_PACKET">
+				<xs:annotation>
+					<xs:documentation>Specifies the packet family.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="PF_ASH">
+				<xs:annotation>
+					<xs:documentation>Specifies the Ash family.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="PF_ECONET">
+				<xs:annotation>
+					<xs:documentation>Specifies the Acorn Econet family.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="PF_ATMSVC">
+				<xs:annotation>
+					<xs:documentation>Specifies the ATM SVCs protocol family.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="PF_SNA">
+				<xs:annotation>
+					<xs:documentation>Specifies the Linux SNA Project protocol family.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="PF_IRDA">
+				<xs:annotation>
+					<xs:documentation>Specifies IRDA sockets.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="PF_PPPOX">
+				<xs:annotation>
+					<xs:documentation>Specifies PPPoX sockets.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="PF_WANPIPE">
+				<xs:annotation>
+					<xs:documentation>Specifies Wanpipe API sockets.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="PF_BLUETOOTH">
+				<xs:annotation>
+					<xs:documentation>Specifies Bluetooth sockets.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+		</xs:restriction>
+	</xs:simpleType>
+	<xs:simpleType name="SocketTypeEnum">
+		<xs:annotation>
+			<xs:documentation>The SocketTypeEnum is an enumeration of socket (SOCK_*) types.</xs:documentation>
+		</xs:annotation>
+		<xs:restriction base="xs:string">
+			<xs:enumeration value="SOCK_STREAM">
+				<xs:annotation>
+					<xs:documentation>Specifies a pipe-like socket which operates over a connection with a particular remote socket, and transmits data reliably as a stream of bytes.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="SOCK_DGRAM">
+				<xs:annotation>
+					<xs:documentation>Specifies a socket in which individually-addressed packets are sent (datagram).</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="SOCK_RAW">
+				<xs:annotation>
+					<xs:documentation>Specifies raw sockets which allow new IP protocls to be implemented in user space. A raw socket receives or sends the raw datagram not including link level headers.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="SOCK_RDM">
+				<xs:annotation>
+					<xs:documentation>Specifies a socket indicating a reliably-delivered message..</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="SOCK_SEQPACKET">
+				<xs:annotation>
+					<xs:documentation>Specifies a datagram congestion control Protocol socket.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+		</xs:restriction>
+	</xs:simpleType>
+	<xs:simpleType name="ProtocolTypeEnum">
+		<xs:annotation>
+			<xs:documentation>The ProtocolTypeEnum is an enumeration of protocol types.</xs:documentation>
+		</xs:annotation>
+		<xs:restriction base="xs:string">
+			<xs:enumeration value="IPPROTO_ICMP">
+				<xs:annotation>
+					<xs:documentation>Indicates the ICMP protocol.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="IPPROTO_IGMP">
+				<xs:annotation>
+					<xs:documentation>Indicates the IGMP protocol.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="BTHPROTO_RFCOMM">
+				<xs:annotation>
+					<xs:documentation>Indicates the Bluetooth protocol.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="IPPROTO_TCP">
+				<xs:annotation>
+					<xs:documentation>Indicates the TCP protocol.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="IPPROTO_UDP">
+				<xs:annotation>
+					<xs:documentation>Indicates the UDP protocol.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="IPPROTO_ICMPV6">
+				<xs:annotation>
+					<xs:documentation>Indicates the ICMP v6 protocol.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="IPPROTO_RM">
+				<xs:annotation>
+					<xs:documentation>Indicates the Reliable Multicating protocol.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+		</xs:restriction>
+	</xs:simpleType>
+</xs:schema>
diff --git a/stix_validator/schema/cybox/objects/Network_Subnet_Object.xsd b/stix_validator/schema/cybox/objects/Network_Subnet_Object.xsd
new file mode 100755
index 0000000..7227543
--- /dev/null
+++ b/stix_validator/schema/cybox/objects/Network_Subnet_Object.xsd
@@ -0,0 +1,64 @@
+<?xml version="1.0" encoding="utf-8"?>
+<xs:schema xmlns:xs="http://www.w3.org/2001/XMLSchema" xmlns:NetworkSubnetObj="http://cybox.mitre.org/objects#NetworkSubnetObject-2" xmlns:NetworkRouteEntryObj="http://cybox.mitre.org/objects#NetworkRouteEntryObject-2" xmlns:cyboxCommon="http://cybox.mitre.org/common-2" targetNamespace="http://cybox.mitre.org/objects#NetworkSubnetObject-2" elementFormDefault="qualified" attributeFormDefault="unqualified" version="2.0">
+	<xs:annotation>
+		<xs:documentation>This schema was originally developed by The MITRE Corporation. The CybOX XML Schema implementation is maintained by The MITRE Corporation and developed by the open CybOX Community. For more information, including how to get involved in the effort and how to submit change requests, please visit the CybOX website at http://cybox.mitre.org. </xs:documentation>
+		<xs:appinfo>
+			<schema>Network_Subnet_Object</schema>
+			<version>2.0</version>
+			<date>02/11/2013 9:00:00 AM</date>
+			<short_description>The following specifies the fields and types that compose this defined CybOX Object type. Each defined object is an extension of the abstract ObjectPropertiesType, defined in CybOX Common. For more information on this extension mechanism, please see the CybOX Specification. This document is intended for developers and assumes some familiarity with XML. </short_description>
+			<terms_of_use>Copyright (c) 2012-2013, The MITRE Corporation. All rights reserved. The contents of this file are subject to the terms of the CybOX License located at http://cybox.mitre.org/about/termsofuse.html. See the CybOX License for the specific language governing permissions and limitations for use of this schema. When distributing copies of the CybOX Schema, this license header must be included. </terms_of_use>
+		</xs:appinfo>
+	</xs:annotation>
+	<xs:import namespace="http://cybox.mitre.org/common-2" schemaLocation="../cybox_common.xsd"/>
+	<xs:import namespace="http://cybox.mitre.org/objects#NetworkRouteEntryObject-2" schemaLocation="Network_Route_Entry_Object.xsd"/>
+	<xs:import namespace="http://cybox.mitre.org/objects#AddressObject-2" schemaLocation="Address_Object.xsd"/>
+	<xs:element name="Network_Subnet" type="NetworkSubnetObj:NetworkSubnetObjectType">
+		<xs:annotation>
+			<xs:documentation>The Network_Subnet object is intended to characterize a generic system network subnet.</xs:documentation>
+		</xs:annotation>
+	</xs:element>
+	<xs:complexType name="NetworkSubnetObjectType" mixed="false">
+		<xs:annotation>
+			<xs:documentation>The NetworkSubnetObjectType type is intended to characterize a generic system network subnet.</xs:documentation>
+		</xs:annotation>
+		<xs:complexContent>
+			<xs:extension base="cyboxCommon:ObjectPropertiesType">
+				<xs:sequence>
+					<xs:element name="Name" type="cyboxCommon:StringObjectPropertyType" minOccurs="0">
+						<xs:annotation>
+							<xs:documentation>The Name field is intended to specify a name for the network subnet.</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+					<xs:element name="Description" type="cyboxCommon:StructuredTextType" minOccurs="0">
+						<xs:annotation>
+							<xs:documentation>The Description field is intended to provide a description of the network subnet.</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+					<xs:element name="Number_Of_IP_Addresses" type="cyboxCommon:IntegerObjectPropertyType" minOccurs="0">
+						<xs:annotation>
+							<xs:documentation>The NumberOfIPAddresses field is intended to specify the number of valid IP addresses within the scope of the network subnet.</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+					<xs:element name="Routes" type="NetworkSubnetObj:RoutesType" minOccurs="0">
+						<xs:annotation>
+							<xs:documentation>The Routes construct is intended to characterize a set of network routes.</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+				</xs:sequence>
+			</xs:extension>
+		</xs:complexContent>
+	</xs:complexType>
+	<xs:complexType name="RoutesType">
+		<xs:annotation>
+			<xs:documentation>The RoutesType is intended to characterize a set network routes.</xs:documentation>
+		</xs:annotation>
+		<xs:sequence>
+			<xs:element name="Route" type="NetworkRouteEntryObj:NetworkRouteEntryObjectType" maxOccurs="unbounded">
+				<xs:annotation>
+					<xs:documentation>The Route field is intended to characterize a single network route.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+		</xs:sequence>
+	</xs:complexType>
+</xs:schema>
\ No newline at end of file
diff --git a/stix_validator/schema/cybox/objects/PDF_File_Object.xsd b/stix_validator/schema/cybox/objects/PDF_File_Object.xsd
new file mode 100755
index 0000000..8033820
--- /dev/null
+++ b/stix_validator/schema/cybox/objects/PDF_File_Object.xsd
@@ -0,0 +1,601 @@
+<?xml version="1.0" encoding="utf-8"?>
+<xs:schema xmlns:xs="http://www.w3.org/2001/XMLSchema" xmlns:PDFFileObj="http://cybox.mitre.org/objects#PDFFileObject-1" xmlns:cyboxCommon="http://cybox.mitre.org/common-2" xmlns:FileObj="http://cybox.mitre.org/objects#FileObject-2" targetNamespace="http://cybox.mitre.org/objects#PDFFileObject-1" elementFormDefault="qualified" attributeFormDefault="unqualified" version="1.0">
+	<xs:annotation>
+		<xs:documentation>This schema was originally developed by The MITRE Corporation. The CybOX XML Schema implementation is maintained by The MITRE Corporation and developed by the open CybOX Community. For more information, including how to get involved in the effort and how to submit change requests, please visit the CybOX website at http://cybox.mitre.org. </xs:documentation>
+		<xs:appinfo>
+			<schema>PDF_File_Object</schema>
+			<version>1.0</version>
+			<date>03/25/2013 9:00:00 AM</date>
+			<short_description>The following specifies the fields and types that compose this defined CybOX Object type. Each defined object is an extension of the abstract ObjectPropertiesType, defined in CybOX Common. For more information on this extension mechanism, please see the CybOX Specification. This document is intended for developers and assumes some familiarity with XML. </short_description>
+			<terms_of_use>Copyright (c) 2012-2013, The MITRE Corporation.
+				All rights reserved.  The contents of this file are subject to the terms of
+				the CybOX License located at http://cybox.mitre.org/about/termsofuse.html. See
+				the CybOX License for the specific language governing permissions and
+				limitations for use of this schema.  When distributing copies of the CybOX
+				Schema, this license header must be included.
+			</terms_of_use>
+		</xs:appinfo>
+	</xs:annotation>
+	<xs:import namespace="http://cybox.mitre.org/common-2" schemaLocation="../cybox_common.xsd"/>
+	<xs:import namespace="http://cybox.mitre.org/objects#FileObject-2" schemaLocation="File_Object.xsd"/>
+	<xs:element name="PDF_File" type="PDFFileObj:PDFFileObjectType" nillable="true">
+		<xs:annotation>
+			<xs:documentation>The PDF_File element is intended to characterize the structural and metadata information regarding a single PDF file.</xs:documentation>
+		</xs:annotation>
+	</xs:element>
+	<xs:complexType name="PDFFileObjectType" mixed="false">
+		<xs:annotation>
+			<xs:documentation>The PDFFileObjectType type is intended to characterize the structural makeup of PDF files.</xs:documentation>
+		</xs:annotation>
+		<xs:complexContent>
+			<xs:extension base="FileObj:FileObjectType">
+				<xs:sequence minOccurs="1">
+					<xs:element minOccurs="0" name="Metadata" type="PDFFileObj:PDFFileMetadataType">
+						<xs:annotation>
+							<xs:documentation>The Metadata field captures some useful metadata associated with the PDF file.</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+					<xs:element minOccurs="0" name="Version" type="cyboxCommon:DoubleObjectPropertyType">
+						<xs:annotation>
+							<xs:documentation>The Version field specifies the decimal version number portion of the string from the PDF Header that specifies the version of the PDF specification to which the PDF file conforms, e.g. '1.4'.</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+					<xs:element minOccurs="0" name="Indirect_Objects" type="PDFFileObj:PDFIndirectObjectListType">
+						<xs:annotation>
+							<xs:documentation>The Indirect_Objects field captures the indirect objects included in the PDF file, representing the contents of a document.</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+					<xs:element minOccurs="0" name="Cross_Reference_Tables" type="PDFFileObj:PDFXRefTableListType">
+						<xs:annotation>
+							<xs:documentation>The Cross_Reference_Tables field captures the cross-reference tables included in the PDF file, used for faciliting random access of indirect PDF objects.</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+					<xs:element minOccurs="0" name="Trailers" type="PDFFileObj:PDFTrailerListType">
+						<xs:annotation>
+							<xs:documentation>The Trailers field captures the trailers included in the PDF file, used for capturing offsets to the cross-reference table and important objects.</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+				</xs:sequence>
+			</xs:extension>
+		</xs:complexContent>
+	</xs:complexType>
+	<xs:complexType name="PDFXRefTableListType">
+		<xs:annotation>
+			<xs:documentation>The PDFXrefTableListType captures a list of PDF cross-reference tables.</xs:documentation>
+		</xs:annotation>
+		<xs:sequence>
+			<xs:element maxOccurs="unbounded" minOccurs="1" name="Cross_Reference_Table" type="PDFFileObj:PDFXRefTableType">
+				<xs:annotation>
+					<xs:documentation>The Cross_Reference_Table field captures the cross-reference table contained in the PDF file, for the random access of indirect objects contained in the file.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+		</xs:sequence>
+	</xs:complexType>
+	<xs:complexType name="PDFXRefTableType">
+		<xs:annotation>
+			<xs:documentation>The PDFXRefTableType captures the details of a PDF cross-reference table, which provides a capability for the random access of indirect objects contained in the file.</xs:documentation>
+		</xs:annotation>
+		<xs:sequence>
+			<xs:element minOccurs="0" name="Subsections" type="PDFFileObj:PDFXrefTableSubsectionListType">
+				<xs:annotation>
+					<xs:documentation>The Subsections field captures the subsections contained in the cross-reference table.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element minOccurs="0" name="Offset" type="cyboxCommon:PositiveIntegerObjectPropertyType">
+				<xs:annotation>
+					<xs:documentation>The Offset field specifies the offset of the cross-reference from the beginning of the file, in bytes.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element minOccurs="0" name="Hashes" type="cyboxCommon:HashListType">
+				<xs:annotation>
+					<xs:documentation>The Hashes field captures any hashes that were computed for the cross-reference table.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+		</xs:sequence>
+	</xs:complexType>
+	<xs:complexType name="PDFXrefTableSubsectionListType">
+		<xs:annotation>
+			<xs:documentation>The PDFXrefTableSubsectionListType captures a list of cross-reference table subsections.</xs:documentation>
+		</xs:annotation>
+		<xs:sequence>
+			<xs:element maxOccurs="unbounded" name="Subsection" type="PDFFileObj:PDFXrefTableSubsectionType">
+				<xs:annotation>
+					<xs:documentation>The Subsection field captures a single cross-reference table subsection in the list.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+		</xs:sequence>
+	</xs:complexType>
+	<xs:complexType name="PDFXrefTableSubsectionType">
+		<xs:annotation>
+			<xs:documentation>The PDFXrefTableSubsectionType captures details of subsections contained within a PDF cross-reference table.</xs:documentation>
+		</xs:annotation>
+		<xs:sequence>
+			<xs:element minOccurs="0" name="First_Object_Number" type="cyboxCommon:NonNegativeIntegerObjectPropertyType">
+				<xs:annotation>
+					<xs:documentation>The First_Object_Number field captures the object number of the first object for which there is a corresponding entry in this cross-reference subsection.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element minOccurs="0" name="Number_Of_Objects" type="cyboxCommon:NonNegativeIntegerObjectPropertyType">
+				<xs:annotation>
+					<xs:documentation>The Number_Of_Objects field captures the number of objects for which there are corresponding entries in this cross-reference subsection.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element minOccurs="0" name="Cross_Reference_Entries" type="PDFFileObj:PDFXrefEntryListType">
+				<xs:annotation>
+					<xs:documentation>The Cross_Reference_Entries field specifies the cross-reference entries contained in this cross-reference subsection.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+		</xs:sequence>
+	</xs:complexType>
+	<xs:complexType name="PDFTrailerListType">
+		<xs:annotation>
+			<xs:documentation>The PDFTrailerListType captures a list of PDF trailers.</xs:documentation>
+		</xs:annotation>
+		<xs:sequence>
+			<xs:element maxOccurs="unbounded" name="Trailer" type="PDFFileObj:PDFTrailerType">
+				<xs:annotation>
+					<xs:documentation>The Trailer field captures a PDF file trailer contained in the file, used by applications for quickly locating the cross-reference table and certain special objects.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+		</xs:sequence>
+	</xs:complexType>
+	<xs:complexType name="PDFTrailerType">
+		<xs:annotation>
+			<xs:documentation>The PDFTrailerType captures the details of a PDF trailer.</xs:documentation>
+		</xs:annotation>
+		<xs:sequence>
+			<xs:element minOccurs="0" name="Size" type="cyboxCommon:PositiveIntegerObjectPropertyType">
+				<xs:annotation>
+					<xs:documentation>The Size field captures the total number of entries in the file's cross-reference table.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element minOccurs="0" name="Prev" type="cyboxCommon:PositiveIntegerObjectPropertyType">
+				<xs:annotation>
+					<xs:documentation>The Prev field the byte offset from the beginning of the file to the beginning of the previous cross-reference table. This is only applicable for files that have more than one cross-reference table.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element minOccurs="0" name="Root" type="PDFFileObj:PDFIndirectObjectIDType">
+				<xs:annotation>
+					<xs:documentation>The Root field captures an indirect object reference that points to the catalog dictionary for the PDF document contained in the file.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element minOccurs="0" name="Encrypt" type="PDFFileObj:PDFDictionaryType">
+				<xs:annotation>
+					<xs:documentation>The Encrypt field captures the PDF document's encryption dictionary, either through an indirect reference or embedded set of key/value pairs.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element minOccurs="0" name="Info" type="PDFFileObj:PDFIndirectObjectIDType">
+				<xs:annotation>
+					<xs:documentation>The Info field captures an indirect object reference that points to the document information dictionary.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element minOccurs="0" name="ID" type="PDFFileObj:PDFFileIDType">
+				<xs:annotation>
+					<xs:documentation>The ID field captures an array of two strings that constitutes a file identifier. </xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element minOccurs="0" name="Last_Cross_Reference_Offset" type="cyboxCommon:PositiveIntegerObjectPropertyType">
+				<xs:annotation>
+					<xs:documentation>The Last_Cross_Reference_Offset field captures the byte offset, relative to the beginning of the file, of the last cross-reference table contained in the file.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element minOccurs="0" name="Offset" type="cyboxCommon:PositiveIntegerObjectPropertyType">
+				<xs:annotation>
+					<xs:documentation>The Offset field specifies the offset of the trailer from the beginning of the file, in bytes.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element minOccurs="0" name="Hashes" type="cyboxCommon:HashListType">
+				<xs:annotation>
+					<xs:documentation>The Hashes field captures any hashes that were computed for the trailer.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+		</xs:sequence>
+	</xs:complexType>
+	<xs:complexType name="PDFFileIDType">
+		<xs:annotation>
+			<xs:documentation>The PDFTrailerIDType captures the details of a PDF ID value stored in a trailer.</xs:documentation>
+		</xs:annotation>
+		<xs:sequence>
+			<xs:element maxOccurs="2" name="ID_String" type="cyboxCommon:StringObjectPropertyType">
+				<xs:annotation>
+					<xs:documentation>The ID_String field captures one of the two strings that constitutes the file identifier.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+		</xs:sequence>
+	</xs:complexType>
+	<xs:complexType name="PDFIndirectObjectListType">
+		<xs:annotation>
+			<xs:documentation>The PDFIndirectObjectListType captures a list of PDF indirect objects.</xs:documentation>
+		</xs:annotation>
+		<xs:sequence>
+			<xs:element maxOccurs="unbounded" name="Indirect_Object" type="PDFFileObj:PDFIndirectObjectType" form="qualified">
+				<xs:annotation>
+					<xs:documentation>The Indirect_Object field captures a single PDF indirect object contained in the file.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+		</xs:sequence>
+	</xs:complexType>
+	<xs:complexType name="PDFIndirectObjectType">
+		<xs:annotation>
+			<xs:documentation>The PDFObjectType captures the details of a PDF document indirect object, used in constructing and storing data associated with the PDF document.</xs:documentation>
+		</xs:annotation>
+		<xs:sequence>
+			<xs:element minOccurs="0" name="ID" type="PDFFileObj:PDFIndirectObjectIDType">
+				<xs:annotation>
+					<xs:documentation>The ID field specifies the identifier of the PDF indirect object, consisting of an object number and generation number.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element minOccurs="0" name="Contents" type="PDFFileObj:PDFIndirectObjectContentsType">
+				<xs:annotation>
+					<xs:documentation>The Contents field captures the contents of the PDF indirect object, including non-stream and stream data.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element minOccurs="0" name="Offset" type="cyboxCommon:PositiveIntegerObjectPropertyType">
+				<xs:annotation>
+					<xs:documentation>The Offset field specifies the offset of the PDF indirect object from the beginning of the file, in bytes.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element minOccurs="0" name="Hashes" type="cyboxCommon:HashListType">
+				<xs:annotation>
+					<xs:documentation>The Hashes field captures any hashes that were computed for the PDF indirect object.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+		</xs:sequence>
+		<xs:attribute name="type" type="PDFFileObj:PDFObjectTypeEnum">
+			<xs:annotation>
+				<xs:documentation>The type field specifies the basic type of the PDF indirect object.</xs:documentation>
+			</xs:annotation>
+		</xs:attribute>
+	</xs:complexType>
+	<xs:complexType name="PDFIndirectObjectIDType">
+		<xs:annotation>
+			<xs:documentation>The PDFIndirectObjectIDType captures the details of PDF indirect object IDs.</xs:documentation>
+		</xs:annotation>
+		<xs:sequence>
+			<xs:element minOccurs="0" name="Object_Number" type="cyboxCommon:PositiveIntegerObjectPropertyType">
+				<xs:annotation>
+					<xs:documentation>The Object_Number field captures the number portion of the indirect object ID.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element minOccurs="0" name="Generation_Number" type="cyboxCommon:NonNegativeIntegerObjectPropertyType">
+				<xs:annotation>
+					<xs:documentation>The Generation_Number field captures the generation number portion of the indirect object ID.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+		</xs:sequence>
+	</xs:complexType>
+	<xs:complexType name="PDFIndirectObjectContentsType">
+		<xs:annotation>
+			<xs:documentation>The PDFIndirectObjectContentsType captures the contents of a PDF indirect object, including both stream and non-stream portions.</xs:documentation>
+		</xs:annotation>
+		<xs:sequence>
+			<xs:element minOccurs="0" name="Non_Stream_Contents" type="cyboxCommon:StringObjectPropertyType">
+				<xs:annotation>
+					<xs:documentation>The Non_Stream_Contents field captures the raw contents of the PDF indirect object excluding any stream data (i.e. everything after the 'obj' keyword and before the 'endobj' keyword up to but not including anything between the 'stream' and 'endstream' keywords) as a string enclosed in an XML CDATA section.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element minOccurs="0" name="Stream_Contents" type="PDFFileObj:PDFStreamType">
+				<xs:annotation>
+					<xs:documentation>The Stream_Contents field captures the stream contained within in the PDF indirect object, if applicable.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+		</xs:sequence>
+	</xs:complexType>
+	<xs:complexType name="PDFStreamType">
+		<xs:annotation>
+			<xs:documentation>The PDFStreamType element captures details of PDF document stream objects, which represent arbitrary sequences of bytes.</xs:documentation>
+		</xs:annotation>
+		<xs:sequence>
+			<xs:element minOccurs="0" name="Raw_Stream" type="cyboxCommon:StringObjectPropertyType">
+				<xs:annotation>
+					<xs:documentation>The Raw_Stream element captures the raw, undecoded stream (i.e., everything between the 'stream' and 'endstream' keywords), as a hex string.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element minOccurs="0" name="Raw_Stream_Hashes" type="cyboxCommon:HashListType">
+				<xs:annotation>
+					<xs:documentation>The Raw_Stream_Hashes field captures any hashes of the raw, undecoded stream.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element minOccurs="0" name="Decoded_Stream" type="cyboxCommon:HexBinaryObjectPropertyType">
+				<xs:annotation>
+					<xs:documentation>The Decoded_Stream field captures the decoded stream (i.e., after undoing the specified filters in the correct order) as a hex string.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element minOccurs="0" name="Decoded_Stream_Hashes" type="cyboxCommon:HashListType">
+				<xs:annotation>
+					<xs:documentation>The Decoded_Stream_Hashes field captures any hashes of the decoded stream.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+		</xs:sequence>
+	</xs:complexType>
+	<xs:complexType name="PDFDocumentInformationDictionaryType">
+		<xs:annotation>
+			<xs:documentation>The PDFDocumentInformationDictionaryType captures details of the PDF Document Information Dictionary, used for storing metadata associated with the PDF document.</xs:documentation>
+		</xs:annotation>
+		<xs:sequence>
+			<xs:element minOccurs="0" name="Title" type="cyboxCommon:StringObjectPropertyType">
+				<xs:annotation>
+					<xs:documentation>The Title field captures the title of the PDF document.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element minOccurs="0" name="Author" type="cyboxCommon:StringObjectPropertyType">
+				<xs:annotation>
+					<xs:documentation>The Author field captures the name of the person who created the PDF document.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element minOccurs="0" name="Subject" type="cyboxCommon:StringObjectPropertyType">
+				<xs:annotation>
+					<xs:documentation>The Subject field captures the subject of the PDF document.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element minOccurs="0" name="Keywords" type="cyboxCommon:StringObjectPropertyType">
+				<xs:annotation>
+					<xs:documentation>The Keywords field captures the keywords associated with the PDF document.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element minOccurs="0" name="Creator" type="cyboxCommon:StringObjectPropertyType">
+				<xs:annotation>
+					<xs:documentation>The Creator field captures the name of the application that created the original document, for cases where the original document was then converted to PDF.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element maxOccurs="1" minOccurs="0" name="Producer" type="cyboxCommon:StringObjectPropertyType">
+				<xs:annotation>
+					<xs:documentation>The Producer field captures the name of the application that converted the document to PDF, for cases where the original document was then converted to PDF.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element minOccurs="0" name="CreationDate" type="cyboxCommon:DateTimeObjectPropertyType">
+				<xs:annotation>
+					<xs:documentation>The CreationDate field captures the date and time that the document was created.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element minOccurs="0" name="ModDate" type="cyboxCommon:DateTimeObjectPropertyType">
+				<xs:annotation>
+					<xs:documentation>The ModDate field captures the date and time that the document was most recently modified.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element minOccurs="0" name="Trapped" type="cyboxCommon:StringObjectPropertyType">
+				<xs:annotation>
+					<xs:documentation>The Trapped field captures a name object indicating whether the document has been modified to included trapping information.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+		</xs:sequence>
+	</xs:complexType>
+	<xs:complexType name="PDFXrefEntryListType">
+		<xs:annotation>
+			<xs:documentation>The PDFXrefEntryListType captures a list of cross-reference table subsection entries.</xs:documentation>
+		</xs:annotation>
+		<xs:sequence>
+			<xs:element maxOccurs="unbounded" name="Cross_Reference_Entry" type="PDFFileObj:PDFXrefEntryType">
+				<xs:annotation>
+					<xs:documentation>The Cross_Reference_Entry field captures a single cross-reference subsection entry in the list.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+		</xs:sequence>
+	</xs:complexType>
+	<xs:complexType name="PDFXrefEntryType">
+		<xs:annotation>
+			<xs:documentation>The PDFXrefEntryType captures details of a cross-reference table subsection entry.</xs:documentation>
+		</xs:annotation>
+		<xs:sequence>
+			<xs:choice minOccurs="0">
+				<xs:element minOccurs="1" name="Byte_Offset" type="cyboxCommon:IntegerObjectPropertyType">
+					<xs:annotation>
+						<xs:documentation>The Byte_Offset field captures the 10-digit number, padded with leading zeros if necessary, that specifies the number of bytes from the beginning of the file to the beginning of the object.</xs:documentation>
+					</xs:annotation>
+				</xs:element>
+				<xs:element minOccurs="1" name="Object_Number" type="cyboxCommon:NonNegativeIntegerObjectPropertyType">
+					<xs:annotation>
+						<xs:documentation>The Object_Number field specifies the 10-digit object number of the next free object.</xs:documentation>
+					</xs:annotation>
+				</xs:element>
+			</xs:choice>
+			<xs:element minOccurs="0" name="Generation_Number" type="cyboxCommon:NonNegativeIntegerObjectPropertyType">
+				<xs:annotation>
+					<xs:documentation>The Generation_Number field specifies the 5-digit generation number to be used when an object with the same object number is created.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+		</xs:sequence>
+		<xs:attribute name="type" type="PDFFileObj:PDFXrefEntryTypeEnum">
+			<xs:annotation>
+				<xs:documentation>The type field specifies the type of the cross-reference entry.</xs:documentation>
+			</xs:annotation>
+		</xs:attribute>
+	</xs:complexType>
+	<xs:complexType name="PDFDictionaryType">
+		<xs:annotation>
+			<xs:documentation>The PDFDictionaryType captures a PDF dictionary as a set of key value pairs, or as a reference to an indirect object that contains.</xs:documentation>
+		</xs:annotation>
+		<xs:choice>
+			<xs:element minOccurs="1" name="Object_Reference" type="PDFFileObj:PDFIndirectObjectIDType">
+				<xs:annotation>
+					<xs:documentation>The Object_Reference field captures a reference to an indirect PDF object that contains the dictionary, via its object and generation numbers.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="Raw_Contents" type="cyboxCommon:StringObjectPropertyType">
+				<xs:annotation>
+					<xs:documentation>The Raw_Contents field captures the contents of the dictionary as a string enclosed in an XML CDATA section.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+		</xs:choice>
+	</xs:complexType>
+	<xs:complexType name="PDFFileMetadataType">
+		<xs:annotation>
+			<xs:documentation>The PDFFileMetadaType captures some metadata regarding the PDF file object.</xs:documentation>
+		</xs:annotation>
+		<xs:sequence>
+			<xs:element minOccurs="0" name="Document_Information_Dictionary" type="PDFFileObj:PDFDocumentInformationDictionaryType">
+				<xs:annotation>
+					<xs:documentation>The Document_Information_Dictionary field captures the details of the PDF Document Information Dicitonary, which includes properties like the document creation date and producer, if present in the PDF document.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element minOccurs="0" name="Number_Of_Indirect_Objects" type="cyboxCommon:PositiveIntegerObjectPropertyType">
+				<xs:annotation>
+					<xs:documentation>The Number_Of_Indirect_Objects field captures the number of indirect PDF objects contained in the file.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element maxOccurs="1" minOccurs="0" name="Number_Of_Trailers" type="cyboxCommon:PositiveIntegerObjectPropertyType">
+				<xs:annotation>
+					<xs:documentation>The Number_Of_Trailers field captures the number of trailers contained in the file.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element minOccurs="0" name="Number_Of_Cross_Reference_Tables" type="cyboxCommon:PositiveIntegerObjectPropertyType">
+				<xs:annotation>
+					<xs:documentation>The Number_Of_Cross_Reference_Tables field captures the number of cross-reference tables contained in the file.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element minOccurs="0" name="Keyword_Counts" type="PDFFileObj:PDFKeywordCountsType">
+				<xs:annotation>
+					<xs:documentation>The Keyword_Counts field captures the counts of various PDF keyword names in the file.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+		</xs:sequence>
+		<xs:attribute name="encrypted" type="xs:boolean">
+			<xs:annotation>
+				<xs:documentation>The encrypted field specifies whether the PDF file is encrypted.</xs:documentation>
+			</xs:annotation>
+		</xs:attribute>
+		<xs:attribute name="optimized" type="xs:boolean">
+			<xs:annotation>
+				<xs:documentation>The optimized field specifies whether the PDF file has been optimized.</xs:documentation>
+			</xs:annotation>
+		</xs:attribute>
+	</xs:complexType>
+	<xs:complexType name="PDFKeywordCountsType">
+		<xs:annotation>
+			<xs:documentation>The PDFKeywordCountsType captures the occurrences of various keywords in a PDF file.</xs:documentation>
+		</xs:annotation>
+		<xs:sequence>
+			<xs:element minOccurs="0" name="Page_Count" type="PDFFileObj:PDFKeywordCountType">
+				<xs:annotation>
+					<xs:documentation>The Page_Count field captures the number of occurrences of the '/Page' keyword in the PDF file, which provides an indication of the number of pages in the PDF document.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element minOccurs="0" name="Encrypt_Count" type="PDFFileObj:PDFKeywordCountType">
+				<xs:annotation>
+					<xs:documentation>The Encrypt_Count field captures the number of occurrences of the '/Encrypt' keyword in the PDF file, which indicates that the PDF uses encryption.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element minOccurs="0" name="ObjStm_Count" type="PDFFileObj:PDFKeywordCountType">
+				<xs:annotation>
+					<xs:documentation>The ObjStm_Count field captures the number of occurrences of the '/ObjStm' keyword in the PDF file.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element minOccurs="0" name="JS_Count" type="PDFFileObj:PDFKeywordCountType">
+				<xs:annotation>
+					<xs:documentation>The JS_Count field captures the number of occurrences of the '/JS' keyword in the PDF file.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element minOccurs="0" name="JavaScript_Count" type="PDFFileObj:PDFKeywordCountType">
+				<xs:annotation>
+					<xs:documentation>The JavaScript_Count field captures the number of occurrences of the '/JavaScript' keyword in the PDF file.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element minOccurs="0" name="AA_Count" type="PDFFileObj:PDFKeywordCountType">
+				<xs:annotation>
+					<xs:documentation>The AA_Count field captures the number of occurrences of the '/AA' keyword in the PDF file.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element minOccurs="0" name="OpenAction_Count" type="PDFFileObj:PDFKeywordCountType">
+				<xs:annotation>
+					<xs:documentation>The OpenAction_Count field captures the number of occurrences of the '/OpenAction' keyword in the PDF file.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element minOccurs="0" name="ASCIIHexDecode_Count" type="PDFFileObj:PDFKeywordCountType">
+				<xs:annotation>
+					<xs:documentation>The ASCIIHexDecode_Count field captures the number of occurrences of the '/ASCIIHexDecode' keyword in the PDF file.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element minOccurs="0" name="ASCII85Decode_Count" type="PDFFileObj:PDFKeywordCountType">
+				<xs:annotation>
+					<xs:documentation>The ASCII85Decode_Count field captures the number of occurrences of the '/ASCII85Decode' keyword in the PDF file.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element minOccurs="0" name="LZWDecode_Count" type="PDFFileObj:PDFKeywordCountType">
+				<xs:annotation>
+					<xs:documentation>The LZWDecode_Count field captures the number of occurrences of the '/LZWDecode' keyword in the PDF file.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element minOccurs="0" name="FlateDecode_Count" type="PDFFileObj:PDFKeywordCountType">
+				<xs:annotation>
+					<xs:documentation>The FlateDecode_Count field captures the number of occurrences of the '/FlateDecode' keyword in the PDF file.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element minOccurs="0" name="RunLengthDecode_Count" type="PDFFileObj:PDFKeywordCountType">
+				<xs:annotation>
+					<xs:documentation>The RunLengthDecode_Count field captures the number of occurrences of the '/RunLengthDecode' keyword in the PDF file.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element minOccurs="0" name="JBIG2Decode_Count" type="PDFFileObj:PDFKeywordCountType">
+				<xs:annotation>
+					<xs:documentation>The JBIG2Decode_Count field captures the number of occurrences of the '/JBIG2Decode' keyword in the PDF file.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element minOccurs="0" name="DCTDecode_Count" type="PDFFileObj:PDFKeywordCountType">
+				<xs:annotation>
+					<xs:documentation>The DCTDecode_Count field captures the number of occurrences of the '/DCTDecode' keyword in the PDF file.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element minOccurs="0" name="RichMedia_Count" type="PDFFileObj:PDFKeywordCountType">
+				<xs:annotation>
+					<xs:documentation>The RichMedia_Count field captures the number of occurrences of the '/RichMedia' keyword in the PDF file.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element minOccurs="0" name="CCITTFaxDecode_Count" type="PDFFileObj:PDFKeywordCountType">
+				<xs:annotation>
+					<xs:documentation>The CCITTFaxDecode_Count field captures the number of occurrences of the '/CCITTFaxDecode' keyword in the PDF file.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element minOccurs="0" name="Launch_Count" type="PDFFileObj:PDFKeywordCountType">
+				<xs:annotation>
+					<xs:documentation>The Launch_Count field captures the number of occurrences of the '/Launch' keyword in the PDF file.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element minOccurs="0" name="XFA_Count" type="PDFFileObj:PDFKeywordCountType">
+				<xs:annotation>
+					<xs:documentation>The XFA_Count field captures the number of occurrences of the '/XFA' keyword in the PDF file.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+		</xs:sequence>
+	</xs:complexType>
+	<xs:complexType name="PDFKeywordCountType">
+		<xs:annotation>
+			<xs:documentation>The PDFKeywordCountType captures the obfuscated and non-obfuscated occurrences of a keyword.</xs:documentation>
+		</xs:annotation>
+		<xs:sequence>
+			<xs:element minOccurs="0" name="Non_Obfuscated_Count" type="cyboxCommon:NonNegativeIntegerObjectPropertyType">
+				<xs:annotation>
+					<xs:documentation>The Non_Obfuscated_Count field captures the number of times the keyword occurred in the PDF file without any obfuscation.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element minOccurs="0" name="Obfuscated_Count" type="cyboxCommon:NonNegativeIntegerObjectPropertyType">
+				<xs:annotation>
+					<xs:documentation>The Obfuscated_Count field captures the number of times the keyword occurred in the PDF file with some form of obfuscation, such as with hexcodes.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+		</xs:sequence>
+	</xs:complexType>
+	<xs:simpleType name="PDFObjectTypeEnum">
+		<xs:annotation>
+			<xs:documentation>The PDFObjectTypeEnum is an enumeration of basic PDF document object types.</xs:documentation>
+		</xs:annotation>
+		<xs:restriction base="xs:string">
+			<xs:enumeration value="Boolean"/>
+			<xs:enumeration value="Integer"/>
+			<xs:enumeration value="String"/>
+			<xs:enumeration value="Name"/>
+			<xs:enumeration value="Array"/>
+			<xs:enumeration value="Dictionary"/>
+			<xs:enumeration value="Stream"/>
+			<xs:enumeration value="Null"/>
+		</xs:restriction>
+	</xs:simpleType>
+	<xs:simpleType name="PDFXrefEntryTypeEnum">
+		<xs:annotation>
+			<xs:documentation>The PDFXrefEntryTypeEnum is an enumeration of PDF cross-reference table entry types.</xs:documentation>
+		</xs:annotation>
+		<xs:restriction base="xs:string">
+			<xs:enumeration value="In-Use"/>
+			<xs:enumeration value="Free"/>
+		</xs:restriction>
+	</xs:simpleType>
+</xs:schema>
diff --git a/stix_validator/schema/cybox/objects/Pipe_Object.xsd b/stix_validator/schema/cybox/objects/Pipe_Object.xsd
new file mode 100755
index 0000000..a9e7c64
--- /dev/null
+++ b/stix_validator/schema/cybox/objects/Pipe_Object.xsd
@@ -0,0 +1,40 @@
+<?xml version="1.0" encoding="utf-8"?>
+<xs:schema xmlns:xs="http://www.w3.org/2001/XMLSchema" xmlns:PipeObj="http://cybox.mitre.org/objects#PipeObject-2" xmlns:cyboxCommon="http://cybox.mitre.org/common-2" targetNamespace="http://cybox.mitre.org/objects#PipeObject-2" elementFormDefault="qualified" attributeFormDefault="unqualified" version="2.0">
+	<xs:annotation>
+		<xs:documentation>This schema was originally developed by The MITRE Corporation. The CybOX XML Schema implementation is maintained by The MITRE Corporation and developed by the open CybOX Community. For more information, including how to get involved in the effort and how to submit change requests, please visit the CybOX website at http://cybox.mitre.org. </xs:documentation>
+		<xs:appinfo>
+			<schema>Pipe_Object</schema>
+			<version>2.0</version>
+			<date>02/11/2013 9:00:00 AM</date>
+			<short_description>The following specifies the fields and types that compose this defined CybOX Object type. Each defined object is an extension of the abstract ObjectPropertiesType, defined in CybOX Common. For more information on this extension mechanism, please see the CybOX Specification. This document is intended for developers and assumes some familiarity with XML. </short_description>
+			<terms_of_use>Copyright (c) 2012-2013, The MITRE Corporation. All rights reserved. The contents of this file are subject to the terms of the CybOX License located at http://cybox.mitre.org/about/termsofuse.html. See the CybOX License for the specific language governing permissions and limitations for use of this schema. When distributing copies of the CybOX Schema, this license header must be included. </terms_of_use>
+		</xs:appinfo>
+	</xs:annotation>
+	<xs:import namespace="http://cybox.mitre.org/common-2" schemaLocation="../cybox_common.xsd"/>
+	<xs:element name="Pipe" type="PipeObj:PipeObjectType" nillable="true">
+		<xs:annotation>
+			<xs:documentation>The Pipe object is intended to characterize generic system pipes.</xs:documentation>
+		</xs:annotation>
+	</xs:element>
+	<xs:complexType name="PipeObjectType" mixed="false">
+		<xs:annotation>
+			<xs:documentation>The PipeObjectType type is intended to characterize generic system pipes.</xs:documentation>
+		</xs:annotation>
+		<xs:complexContent>
+			<xs:extension base="cyboxCommon:ObjectPropertiesType">
+				<xs:sequence>
+					<xs:element name="Name" type="cyboxCommon:StringObjectPropertyType" minOccurs="0">
+						<xs:annotation>
+							<xs:documentation>The Name field specifies the name of the pipe, if applicable.</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+				</xs:sequence>
+				<xs:attribute name="named" type="xs:boolean">
+					<xs:annotation>
+						<xs:documentation>The named field specifies whether the pipe is named.</xs:documentation>
+					</xs:annotation>
+				</xs:attribute>
+			</xs:extension>
+		</xs:complexContent>
+	</xs:complexType>
+</xs:schema>
\ No newline at end of file
diff --git a/stix_validator/schema/cybox/objects/Port_Object.xsd b/stix_validator/schema/cybox/objects/Port_Object.xsd
new file mode 100755
index 0000000..51cf86f
--- /dev/null
+++ b/stix_validator/schema/cybox/objects/Port_Object.xsd
@@ -0,0 +1,74 @@
+<?xml version="1.0" encoding="utf-8"?>
+<xs:schema xmlns:xs="http://www.w3.org/2001/XMLSchema" xmlns:PortObj="http://cybox.mitre.org/objects#PortObject-2" xmlns:cyboxCommon="http://cybox.mitre.org/common-2" targetNamespace="http://cybox.mitre.org/objects#PortObject-2" elementFormDefault="qualified" attributeFormDefault="unqualified" version="2.0">
+	<xs:annotation>
+		<xs:documentation>This schema was originally developed by The MITRE Corporation. The CybOX XML Schema implementation is maintained by The MITRE Corporation and developed by the open CybOX Community. For more information, including how to get involved in the effort and how to submit change requests, please visit the CybOX website at http://cybox.mitre.org. </xs:documentation>
+		<xs:appinfo>
+			<schema>Port_Object</schema>
+			<version>2.0</version>
+			<date>02/11/2013 9:00:00 AM</date>
+			<short_description>The following specifies the fields and types that compose this defined CybOX Object type. Each defined object is an extension of the abstract ObjectPropertiesType, defined in CybOX Common. For more information on this extension mechanism, please see the CybOX Specification. This document is intended for developers and assumes some familiarity with XML. </short_description>
+			<terms_of_use>Copyright (c) 2012-2013, The MITRE Corporation. All rights reserved. The contents of this file are subject to the terms of the CybOX License located at http://cybox.mitre.org/about/termsofuse.html. See the CybOX License for the specific language governing permissions and limitations for use of this schema. When distributing copies of the CybOX Schema, this license header must be included. </terms_of_use>
+		</xs:appinfo>
+	</xs:annotation>
+	<xs:import namespace="http://cybox.mitre.org/common-2" schemaLocation="../cybox_common.xsd"/>
+	<xs:element name="Port" type="PortObj:PortObjectType">
+		<xs:annotation>
+			<xs:documentation>The Port object is intended to characterize networking ports.</xs:documentation>
+		</xs:annotation>
+	</xs:element>
+	<xs:complexType name="PortObjectType">
+		<xs:annotation>
+			<xs:documentation>The PortObjectType type is intended to characterize networking ports.</xs:documentation>
+		</xs:annotation>
+		<xs:complexContent>
+			<xs:extension base="cyboxCommon:ObjectPropertiesType">
+				<xs:sequence>
+					<xs:element name="Port_Value" type="cyboxCommon:PositiveIntegerObjectPropertyType" minOccurs="0">
+						<xs:annotation>
+							<xs:documentation>The required Port_Value field specifies the actual value of the port.</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+					<xs:element name="Layer4_Protocol" type="PortObj:Layer4ProtocolType" minOccurs="0">
+						<xs:annotation>
+							<xs:documentation>The Layer4_Protocol field specifies the Layer 4 Protocol (OSI Model) associated with the port.</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+				</xs:sequence>
+			</xs:extension>
+		</xs:complexContent>
+	</xs:complexType>
+	<xs:complexType name="Layer4ProtocolType">
+		<xs:annotation>
+			<xs:documentation>Layer4ProtocolType specifies Layer 4 (OSI model) protocols, via a union of the Layer4ProtocolEnum type and the atomic xs:string type. Its base type is the CybOX Core BaseObjectPropertyType, for permitting complex (i.e. regular-expression based) specifications.</xs:documentation>
+		</xs:annotation>
+		<xs:simpleContent>
+			<xs:restriction base="cyboxCommon:BaseObjectPropertyType">
+				<xs:simpleType>
+					<xs:union memberTypes="PortObj:Layer4ProtocolEnum xs:string"/>
+				</xs:simpleType>
+				<xs:attribute name="datatype" type="cyboxCommon:DatatypeEnum" fixed="string">
+					<xs:annotation>
+						<xs:documentation>This attribute is optional and specifies the expected type for the value of the specified property.</xs:documentation>
+					</xs:annotation>
+				</xs:attribute>
+			</xs:restriction>
+		</xs:simpleContent>
+	</xs:complexType>
+	<xs:simpleType name="Layer4ProtocolEnum">
+		<xs:annotation>
+			<xs:documentation>The Layer4ProtocolEnum type is an enumeration of relevant Layer4 networking protocols.</xs:documentation>
+		</xs:annotation>
+		<xs:restriction base="xs:string">
+			<xs:enumeration value="TCP">
+				<xs:annotation>
+					<xs:documentation>Indicates the Layer 4 (OSI model) TCP protocol.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="UDP">
+				<xs:annotation>
+					<xs:documentation>Indicates the Layer 4 (OSI model) UDP protocol.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+		</xs:restriction>
+	</xs:simpleType>
+</xs:schema>
diff --git a/stix_validator/schema/cybox/objects/Process_Object.xsd b/stix_validator/schema/cybox/objects/Process_Object.xsd
new file mode 100755
index 0000000..7fa23d6
--- /dev/null
+++ b/stix_validator/schema/cybox/objects/Process_Object.xsd
@@ -0,0 +1,197 @@
+<?xml version="1.0" encoding="utf-8"?>
+<xs:schema xmlns:xs="http://www.w3.org/2001/XMLSchema" xmlns:ProcessObj="http://cybox.mitre.org/objects#ProcessObject-2" xmlns:cyboxCommon="http://cybox.mitre.org/common-2" xmlns:PortObj="http://cybox.mitre.org/objects#PortObject-2" xmlns:NetworkConnectionObj="http://cybox.mitre.org/objects#NetworkConnectionObject-2" targetNamespace="http://cybox.mitre.org/objects#ProcessObject-2" elementFormDefault="qualified" attributeFormDefault="unqualified" version="2.0">
+	<xs:annotation>
+		<xs:documentation>This schema was originally developed by The MITRE Corporation. The CybOX XML Schema implementation is maintained by The MITRE Corporation and developed by the open CybOX Community. For more information, including how to get involved in the effort and how to submit change requests, please visit the CybOX website at http://cybox.mitre.org. </xs:documentation>
+		<xs:appinfo>
+			<schema>Process_Object</schema>
+			<version>2.0</version>
+			<date>02/11/2013 9:00:00 AM</date>
+			<short_description>The following specifies the fields and types that compose this defined CybOX Object type. Each defined object is an extension of the abstract ObjectPropertiesType, defined in CybOX Common. For more information on this extension mechanism, please see the CybOX Specification. This document is intended for developers and assumes some familiarity with XML. </short_description>
+			<terms_of_use>Copyright (c) 2012-2013, The MITRE Corporation. All rights reserved. The contents of this file are subject to the terms of the CybOX License located at http://cybox.mitre.org/about/termsofuse.html. See the CybOX License for the specific language governing permissions and limitations for use of this schema. When distributing copies of the CybOX Schema, this license header must be included. </terms_of_use>
+		</xs:appinfo>
+	</xs:annotation>
+	<xs:import namespace="http://cybox.mitre.org/common-2" schemaLocation="../cybox_common.xsd"/>
+	<xs:import namespace="http://cybox.mitre.org/objects#PortObject-2" schemaLocation="Port_Object.xsd"/>
+	<xs:import namespace="http://cybox.mitre.org/objects#NetworkConnectionObject-2" schemaLocation="Network_Connection_Object.xsd"/>
+	<xs:element name="Process" type="ProcessObj:ProcessObjectType" nillable="true">
+		<xs:annotation>
+			<xs:documentation>The Process object is intended to characterize system processes.</xs:documentation>
+		</xs:annotation>
+	</xs:element>
+	<xs:complexType name="ProcessObjectType" mixed="false">
+		<xs:annotation>
+			<xs:documentation>The ProcessObjectType type is intended to characterize system processes.</xs:documentation>
+		</xs:annotation>
+		<xs:complexContent>
+			<xs:extension base="cyboxCommon:ObjectPropertiesType">
+				<xs:sequence>
+					<xs:element name="PID" type="cyboxCommon:UnsignedIntegerObjectPropertyType" nillable="true" minOccurs="0">
+						<xs:annotation>
+							<xs:documentation>The PID field specifies the Process ID, or PID, of the process.</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+					<xs:element name="Name" type="cyboxCommon:StringObjectPropertyType" minOccurs="0">
+						<xs:annotation>
+							<xs:documentation>The Name field specifies the name of the process.</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+					<xs:element name="Creation_Time" type="cyboxCommon:DateTimeObjectPropertyType" minOccurs="0">
+						<xs:annotation>
+							<xs:documentation>The Creation_Time field specifies the local date/time at which the process was created.</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+					<xs:element name="Parent_PID" type="cyboxCommon:UnsignedIntegerObjectPropertyType" nillable="true" minOccurs="0">
+						<xs:annotation>
+							<xs:documentation>The Parent_PID field specifies the process ID (PID) of the parent process (i.e. the process that spawned this one), if applicable.</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+					<xs:element name="Child_PID_List" type="ProcessObj:ChildPIDListType" minOccurs="0">
+						<xs:annotation>
+							<xs:documentation>The Child_PID_List field specifies any children spawned by the process being characterized, by way of a list of PIDs.</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+					<xs:element name="Image_Info" type="ProcessObj:ImageInfoType" minOccurs="0">
+						<xs:annotation>
+							<xs:documentation>The Image_Info field specifies information about the image associated with the process, such as its file name and path.</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+					<xs:element name="Argument_List" type="ProcessObj:ArgumentListType" minOccurs="0">
+						<xs:annotation>
+							<xs:documentation>The Argument_List field is optional and specifies a list of arguments utlized in intiating the process.</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+					<xs:element name="Environment_Variable_List" type="cyboxCommon:EnvironmentVariableListType" minOccurs="0">
+						<xs:annotation>
+							<xs:documentation>The Environment_Variable_List field specifies any environment variables associated with the process. This field imports and uses the EnvironmentVariableListType from the CybOX Common Types.</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+					<xs:element name="Kernel_Time" type="cyboxCommon:DurationObjectPropertyType" minOccurs="0">
+						<xs:annotation>
+							<xs:documentation>The Kernel_Time field specifies the duration of time that the process has executed in kernel mode.</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+					<xs:element name="Port_List" type="ProcessObj:PortListType" minOccurs="0">
+						<xs:annotation>
+							<xs:documentation>The Port_List field is optional and specifies a list of ports owned by the process.</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+					<xs:element name="Network_Connection_List" type="ProcessObj:NetworkConnectionListType" minOccurs="0" maxOccurs="1">
+						<xs:annotation>
+							<xs:documentation>The Network_Connection_List field specifies information about any network connections opened or initiated by the process.</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+					<xs:element name="Start_Time" type="cyboxCommon:DateTimeObjectPropertyType" minOccurs="0">
+						<xs:annotation>
+							<xs:documentation>The Start_Time field specifies the local date/time at which the process was started.</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+					<xs:element name="Status" type="ProcessObj:ProcessStatusType" minOccurs="0">
+						<xs:annotation>
+							<xs:documentation>The Status field specifies the current status of the process. Since this is an operating system specific Object property, this is defined here as an abstract type which is then used as a base type in any OS-specific extensions.</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+					<xs:element name="Username" type="cyboxCommon:StringObjectPropertyType" minOccurs="0" maxOccurs="1">
+						<xs:annotation>
+							<xs:documentation>The Username field specifies the name of the user that created the process.</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+					<xs:element name="User_Time" type="cyboxCommon:DurationObjectPropertyType" minOccurs="0">
+						<xs:annotation>
+							<xs:documentation>The User_Time field specifies the duration of time that the process has executed in user mode.</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+					<xs:element name="Extracted_Features" type="cyboxCommon:ExtractedFeaturesType" minOccurs="0">
+						<xs:annotation>
+							<xs:documentation>A description of features extracted from the memory image of this process.</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+				</xs:sequence>
+				<xs:attribute name="is_hidden" type="xs:boolean">
+					<xs:annotation>
+						<xs:documentation>The is_hidden field specifies whether the process is hidden or not.</xs:documentation>
+					</xs:annotation>
+				</xs:attribute>
+			</xs:extension>
+		</xs:complexContent>
+	</xs:complexType>
+	<xs:complexType name="NetworkConnectionListType">
+		<xs:annotation>
+			<xs:documentation>The NetworkConnectionListType type is a list of network connections.</xs:documentation>
+		</xs:annotation>
+		<xs:sequence>
+			<xs:element name="Network_Connection" type="NetworkConnectionObj:NetworkConnectionObjectType" maxOccurs="unbounded">
+				<xs:annotation>
+					<xs:documentation>The Network_Connection field specifies information about a single network connection opened or initiated by the process.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+		</xs:sequence>
+	</xs:complexType>
+	<xs:complexType name="ImageInfoType">
+		<xs:annotation>
+			<xs:documentation>The ImageInfoType type captures information about the process image.</xs:documentation>
+		</xs:annotation>
+		<xs:sequence>
+			<xs:element minOccurs="0" name="File_Name" type="cyboxCommon:StringObjectPropertyType">
+				<xs:annotation>
+					<xs:documentation>The File_Name field specifies the name of the binary file which represents the process image.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="Command_Line" type="cyboxCommon:StringObjectPropertyType" minOccurs="0" maxOccurs="1">
+				<xs:annotation>
+					<xs:documentation>The Command_Line field specifies the complete command used to execute the process image.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="Current_Directory" type="cyboxCommon:StringObjectPropertyType" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>The Current_Directory field specifies the current directory of the process image.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="Path" type="cyboxCommon:StringObjectPropertyType" minOccurs="0" maxOccurs="1">
+				<xs:annotation>
+					<xs:documentation>The Path field specifies the fully qualified path to the image file, including the file name.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+		</xs:sequence>
+	</xs:complexType>
+	<xs:complexType name="ProcessStatusType" abstract="true">
+		<xs:annotation>
+			<xs:documentation>The ProcessStatusType is used for specifying the status of a running or terminated process. Since this property is platform-specific, it is created here as an abstract type and then used in the platform-specific process CybOX objects.</xs:documentation>
+		</xs:annotation>
+	</xs:complexType>
+	<xs:complexType name="ChildPIDListType">
+		<xs:annotation>
+			<xs:documentation>The ChildPIDListType type captures the PID's of the children of the process in a list format.</xs:documentation>
+		</xs:annotation>
+		<xs:sequence>
+			<xs:element name="Child_PID" type="cyboxCommon:UnsignedIntegerObjectPropertyType" maxOccurs="unbounded">
+				<xs:annotation>
+					<xs:documentation>The Child_PID field specifies the process ID of a single child process.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+		</xs:sequence>
+	</xs:complexType>
+	<xs:complexType name="ArgumentListType">
+		<xs:annotation>
+			<xs:documentation>The ArgumentListType is intended to specify a list of arguments utlized in intiating the process.</xs:documentation>
+		</xs:annotation>
+		<xs:sequence>
+			<xs:element name="Argument" type="cyboxCommon:StringObjectPropertyType" minOccurs="1" maxOccurs="unbounded">
+				<xs:annotation>
+					<xs:documentation>The Argument field is optional and specifies a single argument utlized in intiating the process.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+		</xs:sequence>
+	</xs:complexType>
+	<xs:complexType name="PortListType">
+		<xs:annotation>
+			<xs:documentation>The PortListType is intended to specify a list of network ports.</xs:documentation>
+		</xs:annotation>
+		<xs:sequence>
+			<xs:element name="Port" type="PortObj:PortObjectType" maxOccurs="unbounded">
+				<xs:annotation>
+					<xs:documentation>The Port field is optional and specifies a single network port.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+		</xs:sequence>
+	</xs:complexType>
+</xs:schema>
\ No newline at end of file
diff --git a/stix_validator/schema/cybox/objects/Product_Object.xsd b/stix_validator/schema/cybox/objects/Product_Object.xsd
new file mode 100755
index 0000000..30c910d
--- /dev/null
+++ b/stix_validator/schema/cybox/objects/Product_Object.xsd
@@ -0,0 +1,60 @@
+<?xml version="1.0" encoding="utf-8"?>
+<xs:schema xmlns:xs="http://www.w3.org/2001/XMLSchema" xmlns:ProductObj="http://cybox.mitre.org/objects#ProductObject-2" xmlns:cyboxCommon="http://cybox.mitre.org/common-2" targetNamespace="http://cybox.mitre.org/objects#ProductObject-2" elementFormDefault="qualified" attributeFormDefault="unqualified" version="2.0">
+	<xs:annotation>
+		<xs:documentation>This schema was originally developed by The MITRE Corporation. The CybOX XML Schema implementation is maintained by The MITRE Corporation and developed by the open CybOX Community. For more information, including how to get involved in the effort and how to submit change requests, please visit the CybOX website at http://cybox.mitre.org. </xs:documentation>
+		<xs:appinfo>
+			<schema>Product_Object</schema>
+			<version>2.0</version>
+			<date>02/11/2013 9:00:00 AM</date>
+			<short_description>The following specifies the fields and types that compose this defined CybOX Object type. Each defined object is an extension of the abstract ObjectPropertiesType, defined in CybOX Common. For more information on this extension mechanism, please see the CybOX Specification. This document is intended for developers and assumes some familiarity with XML. </short_description>
+			<terms_of_use>Copyright (c) 2012-2013, The MITRE Corporation. All rights reserved. The contents of this file are subject to the terms of the CybOX License located at http://cybox.mitre.org/about/termsofuse.html. See the CybOX License for the specific language governing permissions and limitations for use of this schema. When distributing copies of the CybOX Schema, this license header must be included. </terms_of_use>
+		</xs:appinfo>
+	</xs:annotation>
+	<xs:import namespace="http://cybox.mitre.org/common-2" schemaLocation="../cybox_common.xsd"/>
+	<xs:element name="Product" type="ProductObj:ProductObjectType">
+		<xs:annotation>
+			<xs:documentation>The Product object is intended to characterize software or hardware products.</xs:documentation>
+		</xs:annotation>
+	</xs:element>
+	<xs:complexType name="ProductObjectType" mixed="false">
+		<xs:annotation>
+			<xs:documentation>The ProductObjectType type is intended to characterize software or hardware products.</xs:documentation>
+		</xs:annotation>
+		<xs:complexContent>
+			<xs:extension base="cyboxCommon:ObjectPropertiesType">
+				<xs:sequence>
+					<xs:element name="Edition" type="cyboxCommon:StringObjectPropertyType" minOccurs="0">
+						<xs:annotation>
+							<xs:documentation>The Edition field specifies the edition of the product, if applicable.</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+					<xs:element name="Language" type="cyboxCommon:StringObjectPropertyType" minOccurs="0">
+						<xs:annotation>
+							<xs:documentation>The Language field specifies the language of the product, if applicable.</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+					<xs:element name="Product" type="cyboxCommon:StringObjectPropertyType">
+						<xs:annotation>
+							<xs:documentation>The Product field specifies the name of the product. This field is required.</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+					<xs:element name="Update" type="cyboxCommon:StringObjectPropertyType" minOccurs="0">
+						<xs:annotation>
+							<xs:documentation>The Update field specifies the update/revision of the product, if applicable.</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+					<xs:element name="Vendor" type="cyboxCommon:StringObjectPropertyType">
+						<xs:annotation>
+							<xs:documentation>The Vendor field specifies the name of the product vendor. This field is required.</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+					<xs:element name="Version" type="cyboxCommon:StringObjectPropertyType" minOccurs="0">
+						<xs:annotation>
+							<xs:documentation>The Version field speciifes the version of the product, if applicable.</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+				</xs:sequence>
+			</xs:extension>
+		</xs:complexContent>
+	</xs:complexType>
+</xs:schema>
\ No newline at end of file
diff --git a/stix_validator/schema/cybox/objects/Semaphore_Object.xsd b/stix_validator/schema/cybox/objects/Semaphore_Object.xsd
new file mode 100755
index 0000000..7b0c087
--- /dev/null
+++ b/stix_validator/schema/cybox/objects/Semaphore_Object.xsd
@@ -0,0 +1,50 @@
+<?xml version="1.0" encoding="utf-8"?>
+<xs:schema xmlns:xs="http://www.w3.org/2001/XMLSchema" xmlns:SemaphoreObj="http://cybox.mitre.org/objects#SemaphoreObject-2" xmlns:cyboxCommon="http://cybox.mitre.org/common-2" targetNamespace="http://cybox.mitre.org/objects#SemaphoreObject-2" elementFormDefault="qualified" attributeFormDefault="unqualified" version="2.0">
+	<xs:annotation>
+		<xs:documentation>This schema was originally developed by The MITRE Corporation. The CybOX XML Schema implementation is maintained by The MITRE Corporation and developed by the open CybOX Community. For more information, including how to get involved in the effort and how to submit change requests, please visit the CybOX website at http://cybox.mitre.org. </xs:documentation>
+		<xs:appinfo>
+			<schema>Semaphore_Object</schema>
+			<version>2.0</version>
+			<date>02/11/2013 9:00:00 AM</date>
+			<short_description>The following specifies the fields and types that compose this defined CybOX Object type. Each defined object is an extension of the abstract ObjectPropertiesType, defined in CybOX Common. For more information on this extension mechanism, please see the CybOX Specification. This document is intended for developers and assumes some familiarity with XML. </short_description>
+			<terms_of_use>Copyright (c) 2012-2013, The MITRE Corporation. All rights reserved. The contents of this file are subject to the terms of the CybOX License located at http://cybox.mitre.org/about/termsofuse.html. See the CybOX License for the specific language governing permissions and limitations for use of this schema. When distributing copies of the CybOX Schema, this license header must be included. </terms_of_use>
+		</xs:appinfo>
+	</xs:annotation>
+	<xs:import namespace="http://cybox.mitre.org/common-2" schemaLocation="../cybox_common.xsd"/>
+	<xs:element name="Semaphore" type="SemaphoreObj:SemaphoreObjectType" nillable="true">
+		<xs:annotation>
+			<xs:documentation>The Semaphore object is intended to characterize generic semaphore objects.</xs:documentation>
+		</xs:annotation>
+	</xs:element>
+	<xs:complexType name="SemaphoreObjectType" mixed="false">
+		<xs:annotation>
+			<xs:documentation>The SemaphoreObjectType type is intended to characterize generic semaphore objects.</xs:documentation>
+		</xs:annotation>
+		<xs:complexContent>
+			<xs:extension base="cyboxCommon:ObjectPropertiesType">
+				<xs:sequence>
+					<xs:element name="Current_Count" type="cyboxCommon:UnsignedIntegerObjectPropertyType" minOccurs="0">
+						<xs:annotation>
+							<xs:documentation>The Current_Count field specifies the current count value for the semaphore.</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+					<xs:element name="Maximum_Count" type="cyboxCommon:PositiveIntegerObjectPropertyType" minOccurs="0">
+						<xs:annotation>
+							<xs:documentation>The Maximum_Count field specifies the maximum count value for the semaphore.</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+					<xs:element name="Name" type="cyboxCommon:StringObjectPropertyType" minOccurs="0">
+						<xs:annotation>
+							<xs:documentation>The Name field specifies the name of the semaphore, if applicable.</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+				</xs:sequence>
+				<xs:attribute name="named" type="xs:boolean">
+					<xs:annotation>
+						<xs:documentation>The named field specifies whether the Semaphore is named.</xs:documentation>
+					</xs:annotation>
+				</xs:attribute>
+			</xs:extension>
+		</xs:complexContent>
+	</xs:complexType>
+</xs:schema>
\ No newline at end of file
diff --git a/stix_validator/schema/cybox/objects/Socket_Address_Object.xsd b/stix_validator/schema/cybox/objects/Socket_Address_Object.xsd
new file mode 100755
index 0000000..d77cf07
--- /dev/null
+++ b/stix_validator/schema/cybox/objects/Socket_Address_Object.xsd
@@ -0,0 +1,42 @@
+<?xml version="1.0" encoding="utf-8"?>
+<xs:schema xmlns:SocketAddressObj="http://cybox.mitre.org/objects#SocketAddressObject-1" xmlns:xs="http://www.w3.org/2001/XMLSchema" xmlns:AddressObj="http://cybox.mitre.org/objects#AddressObject-2" xmlns:PortObj="http://cybox.mitre.org/objects#PortObject-2" xmlns:cyboxCommon="http://cybox.mitre.org/common-2" targetNamespace="http://cybox.mitre.org/objects#SocketAddressObject-1" elementFormDefault="qualified" attributeFormDefault="unqualified" version="2.0">
+	<xs:annotation>
+		<xs:documentation>This schema was originally developed by The MITRE Corporation. The CybOX XML Schema implementation is maintained by The MITRE Corporation and developed by the open CybOX Community. For more information, including how to get involved in the effort and how to submit change requests, please visit the CybOX website at http://cybox.mitre.org. </xs:documentation>
+		<xs:appinfo>
+			<schema>Socket_Address_Object</schema>
+			<version>2.0</version>
+			<date>03/27/2013 9:00:00 AM</date>
+			<short_description>The following specifies the fields and types that compose this defined CybOX Object type. Each defined object is an extension of the abstract ObjectPropertiesType, defined in CybOX Common. For more information on this extension mechanism, please see the CybOX Specification. This document is intended for developers and assumes some familiarity with XML. </short_description>
+			<terms_of_use>Copyright (c) 2012-2013, The MITRE Corporation. All rights reserved. The contents of this file are subject to the terms of the CybOX License located at http://cybox.mitre.org/about/termsofuse.html. See the CybOX License for the specific language governing permissions and limitations for use of this schema. When distributing copies of the CybOX Schema, this license header must be included. </terms_of_use>
+		</xs:appinfo>
+	</xs:annotation>
+	<xs:import namespace="http://cybox.mitre.org/common-2" schemaLocation="../cybox_common.xsd"/>
+	<xs:import namespace="http://cybox.mitre.org/objects#AddressObject-2" schemaLocation="Address_Object.xsd"/>
+	<xs:import namespace="http://cybox.mitre.org/objects#PortObject-2" schemaLocation="Port_Object.xsd"/>
+	<xs:element name="Socket_Address" type="SocketAddressObj:SocketAddressObjectType" nillable="true">
+		<xs:annotation>
+			<xs:documentation>The Socket_Address element is intended to characterize a single socket address.</xs:documentation>
+		</xs:annotation>
+	</xs:element>
+	<xs:complexType name="SocketAddressObjectType">
+		<xs:annotation>
+			<xs:documentation>The SocketAddressObjectType specifies an IP address/port number pair.</xs:documentation>
+		</xs:annotation>
+		<xs:complexContent>
+			<xs:extension base="cyboxCommon:ObjectPropertiesType">
+				<xs:sequence>
+					<xs:element name="IP_Address" type="AddressObj:AddressObjectType" minOccurs="0">
+						<xs:annotation>
+							<xs:documentation>The IP_Address field specifies the IP address component of the socket address.</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+					<xs:element name="Port" type="PortObj:PortObjectType" minOccurs="0">
+						<xs:annotation>
+							<xs:documentation>The Port field specifies the port number component of the socket connection.</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+				</xs:sequence>
+			</xs:extension>
+		</xs:complexContent>
+	</xs:complexType>
+</xs:schema>
diff --git a/stix_validator/schema/cybox/objects/System_Object.xsd b/stix_validator/schema/cybox/objects/System_Object.xsd
new file mode 100755
index 0000000..d8f61d3
--- /dev/null
+++ b/stix_validator/schema/cybox/objects/System_Object.xsd
@@ -0,0 +1,409 @@
+<?xml version="1.0" encoding="utf-8"?>
+<xs:schema xmlns:xs="http://www.w3.org/2001/XMLSchema" xmlns:SystemObj="http://cybox.mitre.org/objects#SystemObject-2" xmlns:AddressObj="http://cybox.mitre.org/objects#AddressObject-2" xmlns:cyboxCommon="http://cybox.mitre.org/common-2" targetNamespace="http://cybox.mitre.org/objects#SystemObject-2" elementFormDefault="qualified" attributeFormDefault="unqualified" version="2.0">
+	<xs:annotation>
+		<xs:documentation>This schema was originally developed by The MITRE Corporation. The CybOX XML Schema implementation is maintained by The MITRE Corporation and developed by the open CybOX Community. For more information, including how to get involved in the effort and how to submit change requests, please visit the CybOX website at http://cybox.mitre.org. </xs:documentation>
+		<xs:appinfo>
+			<schema>System_Object</schema>
+			<version>2.0</version>
+			<date>02/11/2013 9:00:00 AM</date>
+			<short_description>The following specifies the fields and types that compose this defined CybOX Object type. Each defined object is an extension of the abstract ObjectPropertiesType, defined in CybOX Common. For more information on this extension mechanism, please see the CybOX Specification. This document is intended for developers and assumes some familiarity with XML. </short_description>
+			<terms_of_use>Copyright (c) 2012-2013, The MITRE Corporation. All rights reserved. The contents of this file are subject to the terms of the CybOX License located at http://cybox.mitre.org/about/termsofuse.html. See the CybOX License for the specific language governing permissions and limitations for use of this schema. When distributing copies of the CybOX Schema, this license header must be included. </terms_of_use>
+		</xs:appinfo>
+	</xs:annotation>
+	<xs:import namespace="http://cybox.mitre.org/common-2" schemaLocation="../cybox_common.xsd"/>
+	<xs:import namespace="http://cybox.mitre.org/objects#AddressObject-2" schemaLocation="Address_Object.xsd"/>
+	<xs:element name="System" type="SystemObj:SystemObjectType" nillable="true">
+		<xs:annotation>
+			<xs:documentation>The System object is intended to characterize computer systems (as a combination of both software and hardware).</xs:documentation>
+		</xs:annotation>
+	</xs:element>
+	<xs:complexType name="SystemObjectType" mixed="false">
+		<xs:annotation>
+			<xs:documentation>The SystemObjectType type is intended to characterize computer systems (as a combination of both software and hardware).</xs:documentation>
+		</xs:annotation>
+		<xs:complexContent>
+			<xs:extension base="cyboxCommon:ObjectPropertiesType">
+				<xs:sequence>
+					<xs:element name="Available_Physical_Memory" type="cyboxCommon:UnsignedLongObjectPropertyType" nillable="true" minOccurs="0" maxOccurs="1">
+						<xs:annotation>
+							<xs:documentation>The Available_Physical_Memory field specifies the amount of physical memory available on the system, in bytes.</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+					<xs:element name="BIOS_Info" type="SystemObj:BIOSInfoType" minOccurs="0" maxOccurs="1">
+						<xs:annotation>
+							<xs:documentation>The BIOS_Info field specifies information about the BIOS on the system.</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+					<xs:element name="Date" type="cyboxCommon:DateObjectPropertyType" nillable="true" minOccurs="0" maxOccurs="1">
+						<xs:annotation>
+							<xs:documentation>The Date field specifies the current date on the system.</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+					<xs:element name="Hostname" type="cyboxCommon:StringObjectPropertyType" minOccurs="0" maxOccurs="1">
+						<xs:annotation>
+							<xs:documentation>The Hostname field specifies the hostname of the system.</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+					<xs:element name="Local_Time" type="cyboxCommon:TimeObjectPropertyType" minOccurs="0">
+						<xs:annotation>
+							<xs:documentation>The Local_Time field specifies the local time on the system.</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+					<xs:element name="Network_Interface_List" type="SystemObj:NetworkInterfaceListType" minOccurs="0" maxOccurs="1">
+						<xs:annotation>
+							<xs:documentation>The Network_Interface_List field specifies the list of network interfaces present on the system.</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+					<xs:element name="OS" type="SystemObj:OSType" minOccurs="0" maxOccurs="1">
+						<xs:annotation>
+							<xs:documentation>The OS field specifies information about the operating system installed on the system.</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+					<xs:element name="Processor" type="cyboxCommon:StringObjectPropertyType" minOccurs="0" maxOccurs="1">
+						<xs:annotation>
+							<xs:documentation>The Processor field specifies the name of the CPU used by the system.</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+					<xs:element name="Processor_Architecture" type="SystemObj:ProcessorArchType" minOccurs="0">
+						<xs:annotation>
+							<xs:documentation>The Processor_Architecture field specifies the specific architecture (e.g. x86) used by the CPU of the system.</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+					<xs:element name="System_Time" type="cyboxCommon:TimeObjectPropertyType" minOccurs="0">
+						<xs:annotation>
+							<xs:documentation>The System_Time field specifies the system, or hardware, time on the system.</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+					<xs:element name="Timezone_DST" type="cyboxCommon:StringObjectPropertyType" minOccurs="0" maxOccurs="1">
+						<xs:annotation>
+							<xs:documentation>The Timezone_DST field specifies the time zone used by the system, taking daylight savings time (DST) into account.</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+					<xs:element name="Timezone_Standard" type="cyboxCommon:StringObjectPropertyType" minOccurs="0" maxOccurs="1">
+						<xs:annotation>
+							<xs:documentation>The Timezone_Standard field specifies the time zone used by the system, wihtout taking daylight savings time (DST) into account.</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+					<xs:element name="Total_Physical_Memory" type="cyboxCommon:UnsignedLongObjectPropertyType" nillable="true" minOccurs="0" maxOccurs="1">
+						<xs:annotation>
+							<xs:documentation>The Total_Physical_Memory field specifies the total amount of physical memory present on the system, in bytes.</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+					<xs:element name="Uptime" type="cyboxCommon:DurationObjectPropertyType" minOccurs="0">
+						<xs:annotation>
+							<xs:documentation>The Uptime field specifies the duration that represents the current amount of time that the system has been up.</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+					<xs:element name="Username" type="cyboxCommon:StringObjectPropertyType" minOccurs="0" maxOccurs="1">
+						<xs:annotation>
+							<xs:documentation>The Username field specifies the name of the user currently logged into the system.</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+				</xs:sequence>
+			</xs:extension>
+		</xs:complexContent>
+	</xs:complexType>
+	<xs:complexType name="BIOSInfoType">
+		<xs:annotation>
+			<xs:documentation>The BIOSInfoType type specifies information about a system's BIOS.</xs:documentation>
+		</xs:annotation>
+		<xs:sequence>
+			<xs:element name="BIOS_Date" type="cyboxCommon:DateObjectPropertyType" minOccurs="0" maxOccurs="1">
+				<xs:annotation>
+					<xs:documentation>The BIOS_Date field specifies the date of the bios (e.g. the datestamp of the BIOS revision).</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="BIOS_Version" type="cyboxCommon:StringObjectPropertyType" minOccurs="0" maxOccurs="1">
+				<xs:annotation>
+					<xs:documentation>The BIOS_Version field specifies the version of the BIOS.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="BIOS_Manufacturer" type="cyboxCommon:StringObjectPropertyType" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>The BIOS_Manufacturer field specifies the manufacturer of the BIOS.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="BIOS_Release_Date" type="cyboxCommon:DateObjectPropertyType" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>The BIOS_Release_Date field specifies the date the BIOS was released.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="BIOS_Serial_Number" type="cyboxCommon:StringObjectPropertyType" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>The BIOS_Serial_Number field specifies the serial number of the BIOS.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+		</xs:sequence>
+	</xs:complexType>
+	<xs:complexType name="NetworkInterfaceListType">
+		<xs:annotation>
+			<xs:documentation>The NetworkInterfaceListType type specifies information about the network interfaces present on the system.</xs:documentation>
+		</xs:annotation>
+		<xs:sequence>
+			<xs:element name="Network_Interface" type="SystemObj:NetworkInterfaceType" nillable="true" minOccurs="1" maxOccurs="unbounded">
+				<xs:annotation>
+					<xs:documentation>The Network_Interface field specifies information about a network interface, such as its MAC address.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+		</xs:sequence>
+	</xs:complexType>
+	<xs:complexType name="IPGatewayListType">
+		<xs:annotation>
+			<xs:documentation>The IPGatewayListType type specifies the IP Addresses of the gateways used by the system.</xs:documentation>
+		</xs:annotation>
+		<xs:sequence>
+			<xs:element name="IP_Gateway_Address" type="AddressObj:AddressObjectType" nillable="true" minOccurs="1" maxOccurs="unbounded">
+				<xs:annotation>
+					<xs:documentation>The IP_Gateway_Address field specifies the IP Address of a gateway used by the system.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+		</xs:sequence>
+	</xs:complexType>
+	<xs:complexType name="NetworkInterfaceType">
+		<xs:annotation>
+			<xs:documentation>The NetworkInterfaceType type specifies information about a network interface, such as its MAC address.</xs:documentation>
+		</xs:annotation>
+		<xs:sequence>
+			<xs:element name="Adapter" type="cyboxCommon:StringObjectPropertyType" minOccurs="0" maxOccurs="1">
+				<xs:annotation>
+					<xs:documentation>The Adapter field specifies the name of the network adapter used by the network interface.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="Description" type="cyboxCommon:StringObjectPropertyType" minOccurs="0" maxOccurs="1">
+				<xs:annotation>
+					<xs:documentation>The Description field specifies the description of the network interface.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="DHCP_Lease_Expires" type="cyboxCommon:DateTimeObjectPropertyType" nillable="true" minOccurs="0" maxOccurs="1">
+				<xs:annotation>
+					<xs:documentation>The DHCP_Lease_Expires field specifies the date/time that the DHCP lease obtained on the network interface expires.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="DHCP_Lease_Obtained" type="cyboxCommon:DateTimeObjectPropertyType" nillable="true" minOccurs="0" maxOccurs="1">
+				<xs:annotation>
+					<xs:documentation>The DHCP_Lease_Obtained field specifies the date/time that the DHCP lease was obtained on the network interface.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="DHCP_Server_List" type="SystemObj:DHCPServerListType" minOccurs="0" maxOccurs="1">
+				<xs:annotation>
+					<xs:documentation>The DHCP_Server_List field specifies the list of DHCP servers used by the network interface.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="IP_Gateway_List" type="SystemObj:IPGatewayListType" minOccurs="0" maxOccurs="1">
+				<xs:annotation>
+					<xs:documentation>The IP_Gateway_List field specifies the list of IP Gateways used by the network interface.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="IP_List" type="SystemObj:IPInfoListType" minOccurs="0" maxOccurs="1">
+				<xs:annotation>
+					<xs:documentation>The IP_List field specifies the list of IP addresses used by the network interface.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="MAC" type="cyboxCommon:StringObjectPropertyType" minOccurs="0" maxOccurs="1">
+				<xs:annotation>
+					<xs:documentation>The MAC field specifies the MAC or hardware address of the physical network card. Either a colon (':') or a dash ('-') may be used a separator between the octets. </xs:documentation>
+				</xs:annotation>
+			</xs:element>
+		</xs:sequence>
+	</xs:complexType>
+	<xs:complexType name="IPInfoListType">
+		<xs:annotation>
+			<xs:documentation>The IPInfoListType type specifies a list of IP address/subnet mask pairs associated with a network interface.</xs:documentation>
+		</xs:annotation>
+		<xs:sequence>
+			<xs:element name="IP_Info" type="SystemObj:IPInfoType" nillable="true" minOccurs="1" maxOccurs="unbounded">
+				<xs:annotation>
+					<xs:documentation>The IP_Info field specifies an IP Address/Subnet mask entry in the list.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+		</xs:sequence>
+	</xs:complexType>
+	<xs:complexType name="IPInfoType">
+		<xs:annotation>
+			<xs:documentation>The IP_Info type specifies information about the IP address and its associated subnet mask used by a network interface.</xs:documentation>
+		</xs:annotation>
+		<xs:sequence>
+			<xs:element name="IP_Address" type="AddressObj:AddressObjectType" minOccurs="1" maxOccurs="1">
+				<xs:annotation>
+					<xs:documentation>The IP_Address field specifies an IP address.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="Subnet_Mask" type="AddressObj:AddressObjectType" minOccurs="0" maxOccurs="1">
+				<xs:annotation>
+					<xs:documentation>The Subnet_Mask field specifies a subnet mask.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+		</xs:sequence>
+	</xs:complexType>
+	<xs:complexType name="DHCPServerListType">
+		<xs:annotation>
+			<xs:documentation>The DHCPServerListType type specifies a list of DHCP Servers, via their IP addresses.</xs:documentation>
+		</xs:annotation>
+		<xs:sequence>
+			<xs:element name="DHCP_Server_Address" type="AddressObj:AddressObjectType" nillable="true" minOccurs="1" maxOccurs="unbounded">
+				<xs:annotation>
+					<xs:documentation>The DHCP_Server_Address field specifies the IP address of a DHCP server.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+		</xs:sequence>
+	</xs:complexType>
+	<xs:complexType name="OSType">
+		<xs:annotation>
+			<xs:documentation>The OSType type specifies information about an operating system. It imports and extends the PlatformSpecificationType from the CybOX Common Types.</xs:documentation>
+		</xs:annotation>
+		<xs:complexContent>
+			<xs:extension base="cyboxCommon:PlatformSpecificationType">
+				<xs:sequence>
+					<xs:element name="Bitness" type="SystemObj:BitnessType" minOccurs="0">
+						<xs:annotation>
+							<xs:documentation>The Bitness field specifies the bitness of the operating system (i.e. 32 or 64).</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+					<xs:element name="Build_Number" type="cyboxCommon:StringObjectPropertyType" minOccurs="0" maxOccurs="1">
+						<xs:annotation>
+							<xs:documentation>The Build_Number field specifies the build number of the operating system.</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+					<xs:element name="Environment_Variable_List" type="cyboxCommon:EnvironmentVariableListType" minOccurs="0">
+						<xs:annotation>
+							<xs:documentation>The EnvironmentVariableList field specifies a list of environment variables present on the operating system.</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+					<xs:element name="Install_Date" type="cyboxCommon:DateObjectPropertyType" nillable="true" minOccurs="0" maxOccurs="1">
+						<xs:annotation>
+							<xs:documentation>The Install_Date field specifies the date the operating system was installed.</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+					<xs:element name="Patch_Level" type="cyboxCommon:StringObjectPropertyType" minOccurs="0" maxOccurs="1">
+						<xs:annotation>
+							<xs:documentation>The Patch_Level field specifies the patch level of the operating system.</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+					<xs:element name="Platform" type="cyboxCommon:PlatformSpecificationType" minOccurs="0">
+						<xs:annotation>
+							<xs:documentation>This field contains general identifiers for this OS instance..</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+				</xs:sequence>
+			</xs:extension>
+		</xs:complexContent>
+	</xs:complexType>
+	<xs:complexType name="ProcessorArchType">
+		<xs:annotation>
+			<xs:documentation>ProcessorArchType specifies CPU architecture types, via a union of the ProcessorArchEnum type and the atomic xs:string type. Its base type is the CybOX Core BaseObjectPropertyType, for permitting complex (i.e. regular-expression based) specifications.</xs:documentation>
+		</xs:annotation>
+		<xs:simpleContent>
+			<xs:restriction base="cyboxCommon:BaseObjectPropertyType">
+				<xs:simpleType>
+					<xs:union memberTypes="SystemObj:ProcessorArchEnum xs:string"/>
+				</xs:simpleType>
+				<xs:attribute name="datatype" type="cyboxCommon:DatatypeEnum" fixed="string">
+					<xs:annotation>
+						<xs:documentation>This attribute is optional and specifies the expected type for the value of the specified property.</xs:documentation>
+					</xs:annotation>
+				</xs:attribute>
+			</xs:restriction>
+		</xs:simpleContent>
+	</xs:complexType>
+	<xs:complexType name="BitnessType">
+		<xs:annotation>
+			<xs:documentation>BitnessType specifies CPU architecture bitness, via a union of the BitnessEnum type and the atomic xs:string type. Its base type is the CybOX Core BaseObjectPropertyType, for permitting complex (i.e. regular-expression based) specifications.</xs:documentation>
+		</xs:annotation>
+		<xs:simpleContent>
+			<xs:restriction base="cyboxCommon:BaseObjectPropertyType">
+				<xs:simpleType>
+					<xs:union memberTypes="SystemObj:BitnessEnum xs:string"/>
+				</xs:simpleType>
+				<xs:attribute name="datatype" type="cyboxCommon:DatatypeEnum" fixed="string">
+					<xs:annotation>
+						<xs:documentation>This attribute is optional and specifies the expected type for the value of the specified property.</xs:documentation>
+					</xs:annotation>
+				</xs:attribute>
+			</xs:restriction>
+		</xs:simpleContent>
+	</xs:complexType>
+	<xs:simpleType name="ProcessorArchEnum">
+		<xs:annotation>
+			<xs:documentation>The ProcessorArchEnum type is a (non-exhaustive) enumeration of computer processor architectures.</xs:documentation>
+		</xs:annotation>
+		<xs:restriction base="xs:string">
+			<xs:enumeration value="x86-32">
+				<xs:annotation>
+					<xs:documentation>Specifies the 32-bit x86 architecture.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="x86-64">
+				<xs:annotation>
+					<xs:documentation>Specifies the 64-bit x86 architecture.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="IA-64">
+				<xs:annotation>
+					<xs:documentation>Specifies the 64-bit IA (Itanium) architecture.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="PowerPC">
+				<xs:annotation>
+					<xs:documentation>Specifies the PowerPC IA (Itanium) architecture.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="ARM">
+				<xs:annotation>
+					<xs:documentation>Specifies the ARM architecture.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Alpha">
+				<xs:annotation>
+					<xs:documentation>Specifies the Alpha architecture.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="SPARC">
+				<xs:annotation>
+					<xs:documentation>Specifies the SPARC architecture.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="z/Architecture">
+				<xs:annotation>
+					<xs:documentation>Specifies the z/architecture, used on IBM mainframes.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="eSi-RISC">
+				<xs:annotation>
+					<xs:documentation>Specifies the eSi-RISC architecture.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="MIPS">
+				<xs:annotation>
+					<xs:documentation>Specifies the MIPS architecture.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Motorola 68k">
+				<xs:annotation>
+					<xs:documentation>Specifies the Motorola 68k architecture.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Other">
+				<xs:annotation>
+					<xs:documentation>Specifies a processor architecture other than those defined in this enumeration.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+		</xs:restriction>
+	</xs:simpleType>
+	<xs:simpleType name="BitnessEnum">
+		<xs:annotation>
+			<xs:documentation>The BitnessEnum type is an enumeration of word sizes that define classes of computer architectures.</xs:documentation>
+		</xs:annotation>
+		<xs:restriction base="xs:string">
+			<xs:enumeration value="32">
+				<xs:annotation>
+					<xs:documentation>Specifies a 32-bit architecture.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="64">
+				<xs:annotation>
+					<xs:documentation>Specifies a 64-bit architecture.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+		</xs:restriction>
+	</xs:simpleType>
+</xs:schema>
\ No newline at end of file
diff --git a/stix_validator/schema/cybox/objects/URI_Object.xsd b/stix_validator/schema/cybox/objects/URI_Object.xsd
new file mode 100755
index 0000000..7329268
--- /dev/null
+++ b/stix_validator/schema/cybox/objects/URI_Object.xsd
@@ -0,0 +1,62 @@
+<?xml version="1.0" encoding="utf-8"?>
+<xs:schema xmlns:xs="http://www.w3.org/2001/XMLSchema" xmlns:URIObj="http://cybox.mitre.org/objects#URIObject-2" xmlns:cyboxCommon="http://cybox.mitre.org/common-2" targetNamespace="http://cybox.mitre.org/objects#URIObject-2" elementFormDefault="qualified" attributeFormDefault="unqualified" version="2.0">
+	<xs:annotation>
+		<xs:documentation>This schema was originally developed by The MITRE Corporation. The CybOX XML Schema implementation is maintained by The MITRE Corporation and developed by the open CybOX Community. For more information, including how to get involved in the effort and how to submit change requests, please visit the CybOX website at http://cybox.mitre.org. </xs:documentation>
+		<xs:appinfo>
+			<schema>URI_Object</schema>
+			<version>2.0</version>
+			<date>02/11/2013 9:00:00 AM</date>
+			<short_description>The following specifies the fields and types that compose this defined CybOX Object type. Each defined object is an extension of the abstract ObjectPropertiesType, defined in CybOX Common. For more information on this extension mechanism, please see the CybOX Specification. This document is intended for developers and assumes some familiarity with XML. </short_description>
+			<terms_of_use>Copyright (c) 2012-2013, The MITRE Corporation. All rights reserved. The contents of this file are subject to the terms of the CybOX License located at http://cybox.mitre.org/about/termsofuse.html. See the CybOX License for the specific language governing permissions and limitations for use of this schema. When distributing copies of the CybOX Schema, this license header must be included. </terms_of_use>
+		</xs:appinfo>
+	</xs:annotation>
+	<xs:import namespace="http://cybox.mitre.org/common-2" schemaLocation="../cybox_common.xsd"/>
+	<xs:element name="URI" type="URIObj:URIObjectType">
+		<xs:annotation>
+			<xs:documentation>The URI object is intended to characterize Uniform Resource Identifiers (URI's).</xs:documentation>
+		</xs:annotation>
+	</xs:element>
+	<xs:complexType name="URIObjectType">
+		<xs:annotation>
+			<xs:documentation>The URIObjectType type is intended to characterize Uniform Resource Identifiers (URI's).</xs:documentation>
+		</xs:annotation>
+		<xs:complexContent>
+			<xs:extension base="cyboxCommon:ObjectPropertiesType">
+				<xs:sequence>
+					<xs:element name="Value" type="cyboxCommon:AnyURIObjectPropertyType">
+						<xs:annotation>
+							<xs:documentation>The Value field specifies the value of the URI.</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+				</xs:sequence>
+				<xs:attribute name="type" type="URIObj:URITypeEnum" fixed="URL">
+					<xs:annotation>
+						<xs:documentation>The type field specifies the type of URI that is being defined. </xs:documentation>
+					</xs:annotation>
+				</xs:attribute>
+			</xs:extension>
+		</xs:complexContent>
+	</xs:complexType>
+	<xs:simpleType name="URITypeEnum">
+		<xs:annotation>
+			<xs:documentation>The URITypeEnum is an enumeration of types of URIs.</xs:documentation>
+		</xs:annotation>
+		<xs:restriction base="xs:string">
+			<xs:enumeration value="URL">
+				<xs:annotation>
+					<xs:documentation>Specifies a URL type of URI. </xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="General URN">
+				<xs:annotation>
+					<xs:documentation>Specifies a General URN type of URI. </xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Domain Name">
+				<xs:annotation>
+					<xs:documentation>Specifies a Domain Name type of URI. </xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+		</xs:restriction>
+	</xs:simpleType>
+</xs:schema>
diff --git a/stix_validator/schema/cybox/objects/Unix_File_Object.xsd b/stix_validator/schema/cybox/objects/Unix_File_Object.xsd
new file mode 100755
index 0000000..b7612a2
--- /dev/null
+++ b/stix_validator/schema/cybox/objects/Unix_File_Object.xsd
@@ -0,0 +1,164 @@
+<?xml version="1.0" encoding="utf-8"?>
+<xs:schema xmlns:xs="http://www.w3.org/2001/XMLSchema" xmlns:UnixFileObj="http://cybox.mitre.org/objects#UnixFileObject-2" xmlns:cyboxCommon="http://cybox.mitre.org/common-2" xmlns:FileObj="http://cybox.mitre.org/objects#FileObject-2" targetNamespace="http://cybox.mitre.org/objects#UnixFileObject-2" elementFormDefault="qualified" attributeFormDefault="unqualified" version="2.0">
+	<xs:annotation>
+		<xs:documentation>This schema was originally developed by The MITRE Corporation. The CybOX XML Schema implementation is maintained by The MITRE Corporation and developed by the open CybOX Community. For more information, including how to get involved in the effort and how to submit change requests, please visit the CybOX website at http://cybox.mitre.org. </xs:documentation>
+		<xs:appinfo>
+			<schema>Unix_File_Object</schema>
+			<version>2.0</version>
+			<date>02/11/2013 9:00:00 AM</date>
+			<short_description>The following specifies the fields and types that compose this defined CybOX Object type. Each defined object is an extension of the abstract ObjectPropertiesType, defined in CybOX Common. For more information on this extension mechanism, please see the CybOX Specification. This document is intended for developers and assumes some familiarity with XML. </short_description>
+			<terms_of_use>Copyright (c) 2012-2013, The MITRE Corporation. All rights reserved. The contents of this file are subject to the terms of the CybOX License located at http://cybox.mitre.org/about/termsofuse.html. See the CybOX License for the specific language governing permissions and limitations for use of this schema. When distributing copies of the CybOX Schema, this license header must be included. </terms_of_use>
+		</xs:appinfo>
+	</xs:annotation>
+	<xs:import namespace="http://cybox.mitre.org/common-2" schemaLocation="../cybox_common.xsd"/>
+	<xs:import namespace="http://cybox.mitre.org/objects#FileObject-2" schemaLocation="File_Object.xsd"/>
+	<xs:element name="Unix_File" type="UnixFileObj:UnixFileObjectType" nillable="true">
+		<xs:annotation>
+			<xs:documentation>The Unix_File object is intended to characterize Unix files.</xs:documentation>
+		</xs:annotation>
+	</xs:element>
+	<xs:complexType name="UnixFileObjectType" mixed="false">
+		<xs:annotation>
+			<xs:documentation>The UnixFileObjectType type is intended to characterize Unix files.</xs:documentation>
+		</xs:annotation>
+		<xs:complexContent>
+			<xs:extension base="FileObj:FileObjectType">
+				<xs:sequence minOccurs="1">
+					<xs:element name="Group_Owner" type="cyboxCommon:StringObjectPropertyType" minOccurs="0">
+						<xs:annotation>
+							<xs:documentation>The Group_Owner field specifies the name of the group which owns the file.</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+					<xs:element name="INode" type="cyboxCommon:UnsignedLongObjectPropertyType" nillable="true" minOccurs="0" maxOccurs="1">
+						<xs:annotation>
+							<xs:documentation>The INode field specifies the inode, or index node, value of the file.</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+					<xs:element name="Type" type="UnixFileObj:UnixFileType" minOccurs="0">
+						<xs:annotation>
+							<xs:documentation>Specifies file type using the UnixFileTypeEnum enumeration.</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+				</xs:sequence>
+			</xs:extension>
+		</xs:complexContent>
+	</xs:complexType>
+	<xs:complexType name="UnixFilePermissionsType">
+		<xs:annotation>
+			<xs:documentation>The UnixFilePermissionsType type specifies the specific permissions used by the Unix family of operating systems.</xs:documentation>
+		</xs:annotation>
+		<xs:complexContent>
+			<xs:extension base="FileObj:FilePermissionsType">
+				<xs:attribute name="suid" type="xs:boolean">
+					<xs:annotation>
+						<xs:documentation>The suid field specifies whether or not the file may be exectued with the privileges of the file's owner.</xs:documentation>
+					</xs:annotation>
+				</xs:attribute>
+				<xs:attribute name="sgid" type="xs:boolean">
+					<xs:annotation>
+						<xs:documentation>The sgid field specifies whether or not the file may be executed with the privileges of the file's group owner.</xs:documentation>
+					</xs:annotation>
+				</xs:attribute>
+				<xs:attribute name="uread" type="xs:boolean">
+					<xs:annotation>
+						<xs:documentation>The uread field specifies whether or not the owner of the file can read its contents.</xs:documentation>
+					</xs:annotation>
+				</xs:attribute>
+				<xs:attribute name="uwrite" type="xs:boolean">
+					<xs:annotation>
+						<xs:documentation>The uwrite field specifies whether or not the owner of the file can write to it.</xs:documentation>
+					</xs:annotation>
+				</xs:attribute>
+				<xs:attribute name="uexec" type="xs:boolean">
+					<xs:annotation>
+						<xs:documentation>The uexec field specifies whether or not the owner of the file can execute it.</xs:documentation>
+					</xs:annotation>
+				</xs:attribute>
+				<xs:attribute name="gread" type="xs:boolean">
+					<xs:annotation>
+						<xs:documentation>The gread field specifies whether or not the group owner of the file can read its contents.</xs:documentation>
+					</xs:annotation>
+				</xs:attribute>
+				<xs:attribute name="gwrite" type="xs:boolean">
+					<xs:annotation>
+						<xs:documentation>The gwrite field specifies whether or not the group owner of the file can write to it.</xs:documentation>
+					</xs:annotation>
+				</xs:attribute>
+				<xs:attribute name="gexec" type="xs:boolean">
+					<xs:annotation>
+						<xs:documentation>The gexec field specifies whether or not the group owner of the file can execute it.</xs:documentation>
+					</xs:annotation>
+				</xs:attribute>
+				<xs:attribute name="oread" type="xs:boolean">
+					<xs:annotation>
+						<xs:documentation>The oread field specifies whether or not all other users can read the contents of the file.</xs:documentation>
+					</xs:annotation>
+				</xs:attribute>
+				<xs:attribute name="owrite" type="xs:boolean">
+					<xs:annotation>
+						<xs:documentation>The owrite field specifies whether or not all other users can write to the file.</xs:documentation>
+					</xs:annotation>
+				</xs:attribute>
+				<xs:attribute name="oexec" type="xs:boolean">
+					<xs:annotation>
+						<xs:documentation>The oexec field specifies whether or not all other users can execute the file.</xs:documentation>
+					</xs:annotation>
+				</xs:attribute>
+			</xs:extension>
+		</xs:complexContent>
+	</xs:complexType>
+	<xs:complexType name="UnixFileType">
+		<xs:annotation>
+			<xs:documentation>UnixFileType specifies Unix file types, via a union of the UnixFileTypeEnum type and the atomic xs:string type. Its base type is the CybOX Core BaseObjectPropertyType, for permitting complex (i.e. regular-expression based) specifications.</xs:documentation>
+		</xs:annotation>
+		<xs:simpleContent>
+			<xs:restriction base="cyboxCommon:BaseObjectPropertyType">
+				<xs:simpleType>
+					<xs:union memberTypes="UnixFileObj:UnixFileTypeEnum xs:string"/>
+				</xs:simpleType>
+				<xs:attribute name="datatype" type="cyboxCommon:DatatypeEnum" fixed="string">
+					<xs:annotation>
+						<xs:documentation>This attribute is optional and specifies the expected type for the value of the specified property.</xs:documentation>
+					</xs:annotation>
+				</xs:attribute>
+			</xs:restriction>
+		</xs:simpleContent>
+	</xs:complexType>
+	<xs:simpleType name="UnixFileTypeEnum">
+		<xs:annotation>
+			<xs:documentation>The UnixFileTypeEnum type is an enumeration of file types used by the Unix family of operating systems. These file types can be determined via the output of the ls and stat commands.</xs:documentation>
+		</xs:annotation>
+		<xs:restriction base="xs:string">
+			<xs:enumeration value="regularfile">
+				<xs:annotation>
+					<xs:documentation>Specifies a regular file, denoted in UNIX by the first dash (-) in a file with permissions -rw-r--r--.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="directory">
+				<xs:annotation>
+					<xs:documentation>Specifies a directory, denoted in UNIX by the d in a file with permissions drw-r--r--.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="socket">
+				<xs:annotation>
+					<xs:documentation>Specifies a socket, denoted in UNIX by the s in a file with permissions srw-r--r--.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="symboliclink">
+				<xs:annotation>
+					<xs:documentation>Specifies a symbolic link, denoted in UNIX by the l in a file with permissions lrw-r--r--.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="blockspecialfile">
+				<xs:annotation>
+					<xs:documentation>Specifies a block device, such as /dev/sda, denoted in UNIX by the b in a file with permissions brw-rw----.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="characterspecialfile">
+				<xs:annotation>
+					<xs:documentation>Specifies a character device, such as /dev/null, denoted in UNIX by the c in a file with permissions crw-------.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+		</xs:restriction>
+	</xs:simpleType>
+</xs:schema>
\ No newline at end of file
diff --git a/stix_validator/schema/cybox/objects/Unix_Network_Route_Entry_Object.xsd b/stix_validator/schema/cybox/objects/Unix_Network_Route_Entry_Object.xsd
new file mode 100755
index 0000000..1e97a6c
--- /dev/null
+++ b/stix_validator/schema/cybox/objects/Unix_Network_Route_Entry_Object.xsd
@@ -0,0 +1,56 @@
+<?xml version="1.0" encoding="utf-8"?>
+<xs:schema xmlns:xs="http://www.w3.org/2001/XMLSchema" xmlns:cyboxCommon="http://cybox.mitre.org/common-2" xmlns:NetworkRouteEntryObj="http://cybox.mitre.org/objects#NetworkRouteEntryObject-2" xmlns:UnixNetworkRouteEntryObj="http://cybox.mitre.org/objects#UnixNetworkRouteEntryObject-2" targetNamespace="http://cybox.mitre.org/objects#UnixNetworkRouteEntryObject-2" elementFormDefault="qualified" attributeFormDefault="unqualified" version="2.0">
+	<xs:annotation>
+		<xs:documentation>This schema was originally developed by The MITRE Corporation. The CybOX XML Schema implementation is maintained by The MITRE Corporation and developed by the open CybOX Community. For more information, including how to get involved in the effort and how to submit change requests, please visit the CybOX website at http://cybox.mitre.org. </xs:documentation>
+		<xs:appinfo>
+			<schema>Unix_Network_Route_Entry_Object</schema>
+			<version>2.0</version>
+			<date>02/11/2013 9:00:00 AM</date>
+			<short_description>The following specifies the fields and types that compose this defined CybOX Object type. Each defined object is an extension of the abstract ObjectPropertiesType, defined in CybOX Common. For more information on this extension mechanism, please see the CybOX Specification. This document is intended for developers and assumes some familiarity with XML. </short_description>
+			<terms_of_use>Copyright (c) 2012-2013, The MITRE Corporation. All rights reserved. The contents of this file are subject to the terms of the CybOX License located at http://cybox.mitre.org/about/termsofuse.html. See the CybOX License for the specific language governing permissions and limitations for use of this schema. When distributing copies of the CybOX Schema, this license header must be included. </terms_of_use>
+		</xs:appinfo>
+	</xs:annotation>
+	<xs:import namespace="http://cybox.mitre.org/common-2" schemaLocation="../cybox_common.xsd"/>
+	<xs:import namespace="http://cybox.mitre.org/objects#NetworkRouteEntryObject-2" schemaLocation="Network_Route_Entry_Object.xsd"/>
+	<xs:element name="Unix_Network_Route_Entry" type="UnixNetworkRouteEntryObj:UnixNetworkRouteEntryObjectType">
+		<xs:annotation>
+			<xs:documentation>The Unix_Network_Route_Entry object is intended to characterize entries in the network routing table of a Unix system.</xs:documentation>
+		</xs:annotation>
+	</xs:element>
+	<xs:complexType name="UnixNetworkRouteEntryObjectType" mixed="false">
+		<xs:annotation>
+			<xs:documentation>The UnixNetworkRouteEntryObjectType type is intended to characterize entries in the network routing table of a Unix system.</xs:documentation>
+		</xs:annotation>
+		<xs:complexContent>
+			<xs:extension base="NetworkRouteEntryObj:NetworkRouteEntryObjectType">
+				<xs:sequence>
+					<xs:element name="Flags" type="cyboxCommon:StringObjectPropertyType" minOccurs="0">
+						<xs:annotation>
+							<xs:documentation>The Flags field specifies any flags used for the network route, such as G (use gateway).</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+					<xs:element name="MSS" type="cyboxCommon:UnsignedIntegerObjectPropertyType" minOccurs="0">
+						<xs:annotation>
+							<xs:documentation>The MSS field specifies the maximum segment size for TCP connections over this network route, in bytes.</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+					<xs:element name="Ref" type="cyboxCommon:UnsignedLongObjectPropertyType" minOccurs="0">
+						<xs:annotation>
+							<xs:documentation>The Ref field specifies the number of references to this network route.</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+					<xs:element name="Use" type="cyboxCommon:UnsignedLongObjectPropertyType" minOccurs="0">
+						<xs:annotation>
+							<xs:documentation>The Use field specifies the number of lookups that were performed for this network route.</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+					<xs:element name="Window" type="cyboxCommon:UnsignedIntegerObjectPropertyType" minOccurs="0">
+						<xs:annotation>
+							<xs:documentation>The Window field specifies the default window size for TCP connections over this network route, in bytes.</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+				</xs:sequence>
+			</xs:extension>
+		</xs:complexContent>
+	</xs:complexType>
+</xs:schema>
\ No newline at end of file
diff --git a/stix_validator/schema/cybox/objects/Unix_Pipe_Object.xsd b/stix_validator/schema/cybox/objects/Unix_Pipe_Object.xsd
new file mode 100755
index 0000000..72c8e8f
--- /dev/null
+++ b/stix_validator/schema/cybox/objects/Unix_Pipe_Object.xsd
@@ -0,0 +1,36 @@
+<?xml version="1.0" encoding="utf-8"?>
+<xs:schema xmlns:xs="http://www.w3.org/2001/XMLSchema" xmlns:UnixPipeObj="http://cybox.mitre.org/objects#UnixPipeObject-2" xmlns:cyboxCommon="http://cybox.mitre.org/common-2" xmlns:PipeObj="http://cybox.mitre.org/objects#PipeObject-2" targetNamespace="http://cybox.mitre.org/objects#UnixPipeObject-2" elementFormDefault="qualified" attributeFormDefault="unqualified" version="2.0">
+	<xs:annotation>
+		<xs:documentation>This schema was originally developed by The MITRE Corporation. The CybOX XML Schema implementation is maintained by The MITRE Corporation and developed by the open CybOX Community. For more information, including how to get involved in the effort and how to submit change requests, please visit the CybOX website at http://cybox.mitre.org. </xs:documentation>
+		<xs:appinfo>
+			<schema>Unix_Pipe_Object</schema>
+			<version>2.0</version>
+			<date>02/11/2013 9:00:00 AM</date>
+			<short_description>The following specifies the fields and types that compose this defined CybOX Object type. Each defined object is an extension of the abstract ObjectPropertiesType, defined in CybOX Common. For more information on this extension mechanism, please see the CybOX Specification. This document is intended for developers and assumes some familiarity with XML. </short_description>
+			<terms_of_use>Copyright (c) 2012-2013, The MITRE Corporation. All rights reserved. The contents of this file are subject to the terms of the CybOX License located at http://cybox.mitre.org/about/termsofuse.html. See the CybOX License for the specific language governing permissions and limitations for use of this schema. When distributing copies of the CybOX Schema, this license header must be included. </terms_of_use>
+		</xs:appinfo>
+	</xs:annotation>
+	<xs:import namespace="http://cybox.mitre.org/objects#PipeObject-2" schemaLocation="Pipe_Object.xsd"/>
+	<xs:import namespace="http://cybox.mitre.org/common-2" schemaLocation="../cybox_common.xsd"/>
+	<xs:element name="Unix_Pipe" type="UnixPipeObj:UnixPipeObjectType" nillable="true">
+		<xs:annotation>
+			<xs:documentation>The Unix_Pipe object is intended to characterize Unix pipes.</xs:documentation>
+		</xs:annotation>
+	</xs:element>
+	<xs:complexType name="UnixPipeObjectType" mixed="false">
+		<xs:annotation>
+			<xs:documentation>The UnixPipeObjectType type is intended to characterize Unix pipes.</xs:documentation>
+		</xs:annotation>
+		<xs:complexContent>
+			<xs:extension base="PipeObj:PipeObjectType">
+				<xs:sequence>
+					<xs:element name="Permission_Mode" type="cyboxCommon:StringObjectPropertyType" minOccurs="0">
+						<xs:annotation>
+							<xs:documentation>The Permission_Mode field specifies the Unix permission mode for the pipe.</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+				</xs:sequence>
+			</xs:extension>
+		</xs:complexContent>
+	</xs:complexType>
+</xs:schema>
\ No newline at end of file
diff --git a/stix_validator/schema/cybox/objects/Unix_Process_Object.xsd b/stix_validator/schema/cybox/objects/Unix_Process_Object.xsd
new file mode 100755
index 0000000..70b2649
--- /dev/null
+++ b/stix_validator/schema/cybox/objects/Unix_Process_Object.xsd
@@ -0,0 +1,143 @@
+<?xml version="1.0" encoding="utf-8"?>
+<xs:schema xmlns:xs="http://www.w3.org/2001/XMLSchema" xmlns:UnixProcessObj="http://cybox.mitre.org/objects#UnixProcessObject-2" xmlns:ProcessObj="http://cybox.mitre.org/objects#ProcessObject-2" xmlns:cyboxCommon="http://cybox.mitre.org/common-2" targetNamespace="http://cybox.mitre.org/objects#UnixProcessObject-2" elementFormDefault="qualified" attributeFormDefault="unqualified" version="2.0">
+	<xs:annotation>
+		<xs:documentation>This schema was originally developed by The MITRE Corporation. The CybOX XML Schema implementation is maintained by The MITRE Corporation and developed by the open CybOX Community. For more information, including how to get involved in the effort and how to submit change requests, please visit the CybOX website at http://cybox.mitre.org. </xs:documentation>
+		<xs:appinfo>
+			<schema>Unix_Process_Object</schema>
+			<version>2.0</version>
+			<date>02/11/2013 9:00:00 AM</date>
+			<short_description>The following specifies the fields and types that compose this defined CybOX Object type. Each defined object is an extension of the abstract ObjectPropertiesType, defined in CybOX Common. For more information on this extension mechanism, please see the CybOX Specification. This document is intended for developers and assumes some familiarity with XML. </short_description>
+			<terms_of_use>Copyright (c) 2012-2013, The MITRE Corporation. All rights reserved. The contents of this file are subject to the terms of the CybOX License located at http://cybox.mitre.org/about/termsofuse.html. See the CybOX License for the specific language governing permissions and limitations for use of this schema. When distributing copies of the CybOX Schema, this license header must be included. </terms_of_use>
+		</xs:appinfo>
+	</xs:annotation>
+	<xs:import namespace="http://cybox.mitre.org/objects#ProcessObject-2" schemaLocation="Process_Object.xsd"/>
+	<xs:import namespace="http://cybox.mitre.org/common-2" schemaLocation="../cybox_common.xsd"/>
+	<xs:element name="Unix_Process" type="UnixProcessObj:UnixProcessObjectType" nillable="true">
+		<xs:annotation>
+			<xs:documentation>The Unix_Process object is intended to characterize Unix processes.</xs:documentation>
+		</xs:annotation>
+	</xs:element>
+	<xs:complexType name="UnixProcessObjectType" mixed="false">
+		<xs:annotation>
+			<xs:documentation>The UnixProcessObjectType type is intended to characterize Unix processes.</xs:documentation>
+		</xs:annotation>
+		<xs:complexContent>
+			<xs:extension base="ProcessObj:ProcessObjectType">
+				<xs:sequence>
+					<xs:element name="Open_File_Descriptor_List" type="UnixProcessObj:FileDescriptorListType" minOccurs="0">
+						<xs:annotation>
+							<xs:documentation>The Open_File_Descriptor_List field specifies a listing of the current file descriptors used by the Unix process.</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+					<xs:element name="Priority" type="cyboxCommon:NonNegativeIntegerObjectPropertyType" minOccurs="0">
+						<xs:annotation>
+							<xs:documentation>The Priority field specifies the priority of the Unix process.</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+					<xs:element name="RUID" type="cyboxCommon:NonNegativeIntegerObjectPropertyType" minOccurs="0">
+						<xs:annotation>
+							<xs:documentation>The RUID field specifies the real user ID, which represents the Unix user who created the process.</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+					<xs:element name="Session_ID" type="cyboxCommon:NonNegativeIntegerObjectPropertyType" minOccurs="0">
+						<xs:annotation>
+							<xs:documentation>The Session_ID field specifies the Unix Sesssion ID of the process.</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+				</xs:sequence>
+			</xs:extension>
+		</xs:complexContent>
+	</xs:complexType>
+	<xs:complexType name="UnixProcessStatusType">
+		<xs:annotation>
+			<xs:documentation>The UnixProcessStatusType field specifies the current status of the running Unix process. It extends the abstract ProcessStatusType from the CybOX Process Object.</xs:documentation>
+		</xs:annotation>
+		<xs:complexContent>
+			<xs:extension base="ProcessObj:ProcessStatusType">
+				<xs:sequence>
+					<xs:element name="Current_Status" type="UnixProcessObj:UnixProcessStateType" minOccurs="0">
+						<xs:annotation>
+							<xs:documentation>Specifies the current state of the Unix process, using the UnixProcessStatusEnum enumeration.</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+					<xs:element name="Timestamp" type="cyboxCommon:DateTimeObjectPropertyType" minOccurs="0">
+						<xs:annotation>
+							<xs:documentation>Specifies when the process started up.</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+				</xs:sequence>
+			</xs:extension>
+		</xs:complexContent>
+	</xs:complexType>
+	<xs:complexType name="FileDescriptorListType">
+		<xs:annotation>
+			<xs:documentation>The FileDescriptorListType type specifies a list of Unix file descriptors.</xs:documentation>
+		</xs:annotation>
+		<xs:sequence>
+			<xs:element name="File_Descriptor" type="cyboxCommon:UnsignedIntegerObjectPropertyType" maxOccurs="unbounded">
+				<xs:annotation>
+					<xs:documentation>The File_Descriptor field specifies a particular Unix File Descriptor.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+		</xs:sequence>
+	</xs:complexType>
+	<xs:complexType name="UnixProcessStateType">
+		<xs:annotation>
+			<xs:documentation>UnixProcessStateType specifies Unix process states, via a union of the UnixProcessStateEnum type and the atomic xs:string type. Its base type is the CybOX Core BaseObjectPropertyType, for permitting complex (i.e. regular-expression based) specifications. See "man ps" for more information.</xs:documentation>
+		</xs:annotation>
+		<xs:simpleContent>
+			<xs:restriction base="cyboxCommon:BaseObjectPropertyType">
+				<xs:simpleType>
+					<xs:union memberTypes="UnixProcessObj:UnixProcessStateEnum xs:string"/>
+				</xs:simpleType>
+				<xs:attribute name="datatype" type="cyboxCommon:DatatypeEnum" fixed="string">
+					<xs:annotation>
+						<xs:documentation>This attribute is optional and specifies the expected type for the value of the specified property.</xs:documentation>
+					</xs:annotation>
+				</xs:attribute>
+			</xs:restriction>
+		</xs:simpleContent>
+	</xs:complexType>
+	<xs:simpleType name="UnixProcessStateEnum">
+		<xs:annotation>
+			<xs:documentation>The UnixProcessStateEnum is an enumeration of Unix process states.</xs:documentation>
+		</xs:annotation>
+		<xs:restriction base="xs:string">
+			<xs:enumeration value="Running">
+				<xs:annotation>
+					<xs:documentation>Specifies a running process or runnable [on run queue] (R).</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="UninterruptibleSleep">
+				<xs:annotation>
+					<xs:documentation>Specifies a process in uninterruptable sleep [usually IO] (D).</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="InterruptibleSleep">
+				<xs:annotation>
+					<xs:documentation>Specifies a process in interruptable sleep [waiting for an event to complete] (S).</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Stopped">
+				<xs:annotation>
+					<xs:documentation>Specifies a stopped process, either by a job control signal or because it is being traced (T).</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Paging">
+				<xs:annotation>
+					<xs:documentation>Specifies a paging process [not valid since the 2.6.xx kernel] (W).</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Dead">
+				<xs:annotation>
+					<xs:documentation>Specifies a dead process [should never be seen] (X).</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Zombie">
+				<xs:annotation>
+					<xs:documentation>Specifies a defunct, zombie process [terminated but not reaped by its parent] (Z).</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+		</xs:restriction>
+	</xs:simpleType>
+</xs:schema>
\ No newline at end of file
diff --git a/stix_validator/schema/cybox/objects/Unix_User_Account_Object.xsd b/stix_validator/schema/cybox/objects/Unix_User_Account_Object.xsd
new file mode 100755
index 0000000..d955888
--- /dev/null
+++ b/stix_validator/schema/cybox/objects/Unix_User_Account_Object.xsd
@@ -0,0 +1,78 @@
+<?xml version="1.0" encoding="utf-8"?>
+<xs:schema xmlns:xs="http://www.w3.org/2001/XMLSchema" xmlns:UnixUserAccountObj="http://cybox.mitre.org/objects#UnixUserAccountObject-2" xmlns:cyboxCommon="http://cybox.mitre.org/common-2" xmlns:UserAccountObj="http://cybox.mitre.org/objects#UserAccountObject-2" targetNamespace="http://cybox.mitre.org/objects#UnixUserAccountObject-2" elementFormDefault="qualified" attributeFormDefault="unqualified" version="2.0">
+	<xs:annotation>
+		<xs:documentation>This schema was originally developed by The MITRE Corporation. The CybOX XML Schema implementation is maintained by The MITRE Corporation and developed by the open CybOX Community. For more information, including how to get involved in the effort and how to submit change requests, please visit the CybOX website at http://cybox.mitre.org. </xs:documentation>
+		<xs:appinfo>
+			<schema>Unix_User_Account_Object</schema>
+			<version>2.0</version>
+			<date>02/11/2013 9:00:00 AM</date>
+			<short_description>The following specifies the fields and types that compose this defined CybOX Object type. Each defined object is an extension of the abstract ObjectPropertiesType, defined in CybOX Common. For more information on this extension mechanism, please see the CybOX Specification. This document is intended for developers and assumes some familiarity with XML. </short_description>
+			<terms_of_use>Copyright (c) 2012-2013, The MITRE Corporation. All rights reserved. The contents of this file are subject to the terms of the CybOX License located at http://cybox.mitre.org/about/termsofuse.html. See the CybOX License for the specific language governing permissions and limitations for use of this schema. When distributing copies of the CybOX Schema, this license header must be included. </terms_of_use>
+		</xs:appinfo>
+	</xs:annotation>
+	<xs:import namespace="http://cybox.mitre.org/objects#UserAccountObject-2" schemaLocation="User_Account_Object.xsd"/>
+	<xs:import namespace="http://cybox.mitre.org/common-2" schemaLocation="../cybox_common.xsd"/>
+	<xs:element name="Unix_User_Account" type="UnixUserAccountObj:UnixUserAccountObjectType" nillable="true">
+		<xs:annotation>
+			<xs:documentation>The Unix_User_Account object is intended to characterize Unix user account objects.</xs:documentation>
+		</xs:annotation>
+	</xs:element>
+	<xs:complexType name="UnixUserAccountObjectType" mixed="false">
+		<xs:annotation>
+			<xs:documentation>The UnixUserAccountType type is intended to characterize Unix user accounts.</xs:documentation>
+		</xs:annotation>
+		<xs:complexContent>
+			<xs:extension base="UserAccountObj:UserAccountObjectType">
+				<xs:sequence>
+					<xs:element name="Group_ID" type="cyboxCommon:UnsignedIntegerObjectPropertyType" minOccurs="0">
+						<xs:annotation>
+							<xs:documentation>The Group_ID field specifies the ID of the primary group to which the Unix user account belongs.</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+					<xs:element name="User_ID" type="cyboxCommon:UnsignedIntegerObjectPropertyType" minOccurs="0">
+						<xs:annotation>
+							<xs:documentation>The User_ID field specifies the ID of the Unix user account.</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+					<xs:element name="Login_Shell" type="cyboxCommon:StringObjectPropertyType" minOccurs="0">
+						<xs:annotation>
+							<xs:documentation>The Login_Shell field specifies the name of the default login shell used by the Unix user account.</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+				</xs:sequence>
+			</xs:extension>
+		</xs:complexContent>
+	</xs:complexType>
+	<xs:complexType name="UnixGroupType">
+		<xs:annotation>
+			<xs:documentation>The UnixGroupType type is used for specifying Unix groups. It extends the abstract GroupType from the Cybox UserAccount construct.</xs:documentation>
+		</xs:annotation>
+		<xs:complexContent>
+			<xs:extension base="UserAccountObj:GroupType">
+				<xs:sequence>
+					<xs:element name="Group_ID" type="cyboxCommon:NonNegativeIntegerObjectPropertyType">
+						<xs:annotation>
+							<xs:documentation>The Group_ID field specifies the Unix ID of the group.</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+				</xs:sequence>
+			</xs:extension>
+		</xs:complexContent>
+	</xs:complexType>
+	<xs:complexType name="UnixPrivilegeType">
+		<xs:annotation>
+			<xs:documentation>The UnixPrivilegeType type is used to specify Unix privileges. It extends the abstract PrivilegeType from the CybOX UserAccount object.</xs:documentation>
+		</xs:annotation>
+		<xs:complexContent>
+			<xs:extension base="UserAccountObj:PrivilegeType">
+				<xs:sequence>
+					<xs:element name="Permissions_Mask" type="cyboxCommon:StringObjectPropertyType">
+						<xs:annotation>
+							<xs:documentation>The Permissions_Mask field specifies the Unix permissions mask for the privilege.</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+				</xs:sequence>
+			</xs:extension>
+		</xs:complexContent>
+	</xs:complexType>
+</xs:schema>
\ No newline at end of file
diff --git a/stix_validator/schema/cybox/objects/Unix_Volume_Object.xsd b/stix_validator/schema/cybox/objects/Unix_Volume_Object.xsd
new file mode 100755
index 0000000..fd5b4d0
--- /dev/null
+++ b/stix_validator/schema/cybox/objects/Unix_Volume_Object.xsd
@@ -0,0 +1,41 @@
+<?xml version="1.0" encoding="utf-8"?>
+<xs:schema xmlns:xs="http://www.w3.org/2001/XMLSchema" xmlns:UnixVolumeObj="http://cybox.mitre.org/objects#UnixVolumeObject-2" xmlns:cyboxCommon="http://cybox.mitre.org/common-2" xmlns:VolumeObj="http://cybox.mitre.org/objects#VolumeObject-2" targetNamespace="http://cybox.mitre.org/objects#UnixVolumeObject-2" elementFormDefault="qualified" attributeFormDefault="unqualified" version="2.0">
+	<xs:annotation>
+		<xs:documentation>This schema was originally developed by The MITRE Corporation. The CybOX XML Schema implementation is maintained by The MITRE Corporation and developed by the open CybOX Community. For more information, including how to get involved in the effort and how to submit change requests, please visit the CybOX website at http://cybox.mitre.org. </xs:documentation>
+		<xs:appinfo>
+			<schema>Unix_Volume_Object</schema>
+			<version>2.0</version>
+			<date>02/11/2013 9:00:00 AM</date>
+			<short_description>The following specifies the fields and types that compose this defined CybOX Object type. Each defined object is an extension of the abstract ObjectPropertiesType, defined in CybOX Common. For more information on this extension mechanism, please see the CybOX Specification. This document is intended for developers and assumes some familiarity with XML. </short_description>
+			<terms_of_use>Copyright (c) 2012-2013, The MITRE Corporation. All rights reserved. The contents of this file are subject to the terms of the CybOX License located at http://cybox.mitre.org/about/termsofuse.html. See the CybOX License for the specific language governing permissions and limitations for use of this schema. When distributing copies of the CybOX Schema, this license header must be included. </terms_of_use>
+		</xs:appinfo>
+	</xs:annotation>
+	<xs:import namespace="http://cybox.mitre.org/objects#VolumeObject-2" schemaLocation="Volume_Object.xsd"/>
+	<xs:import namespace="http://cybox.mitre.org/common-2" schemaLocation="../cybox_common.xsd"/>
+	<xs:element name="Unix_Volume" type="UnixVolumeObj:UnixVolumeObjectType">
+		<xs:annotation>
+			<xs:documentation>The Unix_Volume object is intended to characterize Unix disk volumes.</xs:documentation>
+		</xs:annotation>
+	</xs:element>
+	<xs:complexType name="UnixVolumeObjectType" mixed="false">
+		<xs:annotation>
+			<xs:documentation>The UnixVolumeObjectType type is intended to characterize Unix disk volumes.</xs:documentation>
+		</xs:annotation>
+		<xs:complexContent>
+			<xs:extension base="VolumeObj:VolumeObjectType">
+				<xs:sequence>
+					<xs:element name="Mount_Point" type="cyboxCommon:StringObjectPropertyType" minOccurs="0">
+						<xs:annotation>
+							<xs:documentation>The Mount_Point field specifies the specific mounting point for the Unix volume.</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+					<xs:element name="Options" type="cyboxCommon:StringObjectPropertyType" minOccurs="0">
+						<xs:annotation>
+							<xs:documentation>The Options field specifies any options used when mounting the volume.</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+				</xs:sequence>
+			</xs:extension>
+		</xs:complexContent>
+	</xs:complexType>
+</xs:schema>
\ No newline at end of file
diff --git a/stix_validator/schema/cybox/objects/User_Account_Object.xsd b/stix_validator/schema/cybox/objects/User_Account_Object.xsd
new file mode 100755
index 0000000..43486f1
--- /dev/null
+++ b/stix_validator/schema/cybox/objects/User_Account_Object.xsd
@@ -0,0 +1,110 @@
+<?xml version="1.0" encoding="utf-8"?>
+<xs:schema xmlns:xs="http://www.w3.org/2001/XMLSchema" xmlns:UserAccountObj="http://cybox.mitre.org/objects#UserAccountObject-2" xmlns:cyboxCommon="http://cybox.mitre.org/common-2" xmlns:AccountObj="http://cybox.mitre.org/objects#AccountObject-2" targetNamespace="http://cybox.mitre.org/objects#UserAccountObject-2" elementFormDefault="qualified" attributeFormDefault="unqualified" version="2.0">
+	<xs:annotation>
+		<xs:documentation>This schema was originally developed by The MITRE Corporation. The CybOX XML Schema implementation is maintained by The MITRE Corporation and developed by the open CybOX Community. For more information, including how to get involved in the effort and how to submit change requests, please visit the CybOX website at http://cybox.mitre.org. </xs:documentation>
+		<xs:appinfo>
+			<schema>User_Account_Object</schema>
+			<version>2.0</version>
+			<date>02/11/2013 9:00:00 AM</date>
+			<short_description>The following specifies the fields and types that compose this defined CybOX Object type. Each defined object is an extension of the abstract ObjectPropertiesType, defined in CybOX Common. For more information on this extension mechanism, please see the CybOX Specification. This document is intended for developers and assumes some familiarity with XML. </short_description>
+			<terms_of_use>Copyright (c) 2012-2013, The MITRE Corporation. All rights reserved. The contents of this file are subject to the terms of the CybOX License located at http://cybox.mitre.org/about/termsofuse.html. See the CybOX License for the specific language governing permissions and limitations for use of this schema. When distributing copies of the CybOX Schema, this license header must be included. </terms_of_use>
+		</xs:appinfo>
+	</xs:annotation>
+	<xs:import namespace="http://cybox.mitre.org/common-2" schemaLocation="../cybox_common.xsd"/>
+	<xs:import namespace="http://cybox.mitre.org/objects#AccountObject-2" schemaLocation="Account_Object.xsd"/>
+	<xs:element name="User_Account" type="UserAccountObj:UserAccountObjectType" nillable="true">
+		<xs:annotation>
+			<xs:documentation>The User_Account object is intended to characterize generic user accounts.</xs:documentation>
+		</xs:annotation>
+	</xs:element>
+	<xs:complexType name="UserAccountObjectType" mixed="false">
+		<xs:annotation>
+			<xs:documentation>The UserAccountObjectType type is intended to characterize generic user accounts.</xs:documentation>
+		</xs:annotation>
+		<xs:complexContent>
+			<xs:extension base="AccountObj:AccountObjectType">
+				<xs:sequence>
+					<xs:element name="Full_Name" type="cyboxCommon:StringObjectPropertyType" minOccurs="0" maxOccurs="1">
+						<xs:annotation>
+							<xs:documentation>The Full_Name field specifies the full name of the user for which this account was created.</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+					<xs:element name="Group_List" type="UserAccountObj:GroupListType" minOccurs="0">
+						<xs:annotation>
+							<xs:documentation>The Group_List field specifies the list of groups to which the user account belongs to.</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+					<xs:element name="Home_Directory" type="cyboxCommon:StringObjectPropertyType" minOccurs="0" maxOccurs="1">
+						<xs:annotation>
+							<xs:documentation>The Home_Directory field specifies the fully-qualified path to the home directory of the user account.</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+					<xs:element name="Last_Login" type="cyboxCommon:DateTimeObjectPropertyType" nillable="true" minOccurs="0" maxOccurs="1">
+						<xs:annotation>
+							<xs:documentation>The Last_Login field specifies the date/time that the user account was last logged into.</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+					<xs:element name="Privilege_List" type="UserAccountObj:PrivilegeListType" minOccurs="0">
+						<xs:annotation>
+							<xs:documentation>The Privilege_List field specifies the privileges that the user account has.</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+					<xs:element name="Script_Path" type="cyboxCommon:StringObjectPropertyType" minOccurs="0" maxOccurs="1">
+						<xs:annotation>
+							<xs:documentation>The Script_Path field specifies the fully-qualified path to the directory where the logon script for the user account resides.</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+					<xs:element name="Username" type="cyboxCommon:StringObjectPropertyType" minOccurs="0" maxOccurs="1">
+						<xs:annotation>
+							<xs:documentation>The Username field specifies the particular username of the user account.</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+					<xs:element name="User_Password_Age" type="cyboxCommon:DurationObjectPropertyType" minOccurs="0" maxOccurs="1">
+						<xs:annotation>
+							<xs:documentation>The User_Password_Age field specifies the current age of the user account's password.</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+				</xs:sequence>
+				<xs:attribute name="password_required" type="xs:boolean">
+					<xs:annotation>
+						<xs:documentation>The password_required field specifies whether a password is required for this user account.</xs:documentation>
+					</xs:annotation>
+				</xs:attribute>
+			</xs:extension>
+		</xs:complexContent>
+	</xs:complexType>
+	<xs:complexType name="PrivilegeListType">
+		<xs:annotation>
+			<xs:documentation>The PrivilegeListType type specifies the list of privileges that the user account has.</xs:documentation>
+		</xs:annotation>
+		<xs:sequence>
+			<xs:element name="Privilege" type="UserAccountObj:PrivilegeType" maxOccurs="unbounded">
+				<xs:annotation>
+					<xs:documentation>The Privilege field specifies a specific privilege that a user has. This is an abstract type since user privileges are operating-system specific, and is extended as needed in the derived CybOX object schemas.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+		</xs:sequence>
+	</xs:complexType>
+	<xs:complexType name="PrivilegeType" abstract="true">
+		<xs:annotation>
+			<xs:documentation>The PrivilegeType type specifies a specific privilege that a user has. This is an abstract type since user privileges are operating-system specific, and is extended as needed in the derived CybOX object schemas.</xs:documentation>
+		</xs:annotation>
+	</xs:complexType>
+	<xs:complexType name="GroupListType">
+		<xs:annotation>
+			<xs:documentation>The GroupListType type specifies the groups that the user account belongs to.</xs:documentation>
+		</xs:annotation>
+		<xs:sequence>
+			<xs:element name="Group" type="UserAccountObj:GroupType" maxOccurs="unbounded">
+				<xs:annotation>
+					<xs:documentation>The Group field specifies a group that a user account belongs to. This is an abstract type since group IDs are operating-system specific, and is extended as needed in the derived CybOX object schemas.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+		</xs:sequence>
+	</xs:complexType>
+	<xs:complexType name="GroupType" abstract="true">
+		<xs:annotation>
+			<xs:documentation>The GroupType type specifies a group that a user account belongs to. This is an abstract type since group IDs are operating-system specific, and is extended as needed in the derived CybOX object schemas.</xs:documentation>
+		</xs:annotation>
+	</xs:complexType>
+</xs:schema>
\ No newline at end of file
diff --git a/stix_validator/schema/cybox/objects/User_Session_Object.xsd b/stix_validator/schema/cybox/objects/User_Session_Object.xsd
new file mode 100755
index 0000000..b848d6b
--- /dev/null
+++ b/stix_validator/schema/cybox/objects/User_Session_Object.xsd
@@ -0,0 +1,60 @@
+<?xml version="1.0" encoding="utf-8"?>
+<xs:schema xmlns:xs="http://www.w3.org/2001/XMLSchema" xmlns:UserSessionObj="http://cybox.mitre.org/objects#UserSessionObject-2" xmlns:cyboxCommon="http://cybox.mitre.org/common-2" targetNamespace="http://cybox.mitre.org/objects#UserSessionObject-2" elementFormDefault="qualified" attributeFormDefault="unqualified" version="2.0">
+	<xs:annotation>
+		<xs:documentation>This schema was originally developed by The MITRE Corporation. The CybOX XML Schema implementation is maintained by The MITRE Corporation and developed by the open CybOX Community. For more information, including how to get involved in the effort and how to submit change requests, please visit the CybOX website at http://cybox.mitre.org. </xs:documentation>
+		<xs:appinfo>
+			<schema>User_Session_Object</schema>
+			<version>2.0</version>
+			<date>02/11/2013 9:00:00 AM</date>
+			<short_description>The following specifies the fields and types that compose this defined CybOX Object type. Each defined object is an extension of the abstract ObjectPropertiesType, defined in CybOX Common. For more information on this extension mechanism, please see the CybOX Specification. This document is intended for developers and assumes some familiarity with XML. </short_description>
+			<terms_of_use>Copyright (c) 2012-2013, The MITRE Corporation. All rights reserved. The contents of this file are subject to the terms of the CybOX License located at http://cybox.mitre.org/about/termsofuse.html. See the CybOX License for the specific language governing permissions and limitations for use of this schema. When distributing copies of the CybOX Schema, this license header must be included. </terms_of_use>
+		</xs:appinfo>
+	</xs:annotation>
+	<xs:import namespace="http://cybox.mitre.org/common-2" schemaLocation="../cybox_common.xsd"/>
+	<xs:element name="User_Session" type="UserSessionObj:UserSessionObjectType">
+		<xs:annotation>
+			<xs:documentation>The User_Session object is intended to characterize user sessions.</xs:documentation>
+		</xs:annotation>
+	</xs:element>
+	<xs:complexType name="UserSessionObjectType" mixed="false">
+		<xs:annotation>
+			<xs:documentation>The UserSessionObjectType type is intended to characterize user sessions.</xs:documentation>
+		</xs:annotation>
+		<xs:complexContent>
+			<xs:extension base="cyboxCommon:ObjectPropertiesType">
+				<xs:sequence>
+					<xs:element name="Effective_Group" type="cyboxCommon:StringObjectPropertyType" minOccurs="0">
+						<xs:annotation>
+							<xs:documentation>The Effective_Group field specifies the name of the effective group used in the user session.</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+					<xs:element name="Effective_Group_ID" type="cyboxCommon:StringObjectPropertyType" minOccurs="0">
+						<xs:annotation>
+							<xs:documentation>The Effective_Group_ID field specifies the effective group ID of the group used in the user session.</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+					<xs:element name="Effective_User" type="cyboxCommon:StringObjectPropertyType" minOccurs="0">
+						<xs:annotation>
+							<xs:documentation>The Effective_User field specifies the effective username used in the user session.</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+					<xs:element name="Effective_User_ID" type="cyboxCommon:StringObjectPropertyType" minOccurs="0">
+						<xs:annotation>
+							<xs:documentation>The Effective_Group field specifies the effective user ID of the user used in the user session.</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+					<xs:element name="Login_Time" type="cyboxCommon:DateTimeObjectPropertyType" minOccurs="0">
+						<xs:annotation>
+							<xs:documentation>The Login_Time field specifies the date/time of the login for the user session.</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+					<xs:element name="Logout_Time" type="cyboxCommon:DateTimeObjectPropertyType" minOccurs="0">
+						<xs:annotation>
+							<xs:documentation>The Logout_Time field specifies the date/time of the logout for the user session.</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+				</xs:sequence>
+			</xs:extension>
+		</xs:complexContent>
+	</xs:complexType>
+</xs:schema>
\ No newline at end of file
diff --git a/stix_validator/schema/cybox/objects/Volume_Object.xsd b/stix_validator/schema/cybox/objects/Volume_Object.xsd
new file mode 100755
index 0000000..8caf9c0
--- /dev/null
+++ b/stix_validator/schema/cybox/objects/Volume_Object.xsd
@@ -0,0 +1,235 @@
+<?xml version="1.0" encoding="utf-8"?>
+<xs:schema xmlns:xs="http://www.w3.org/2001/XMLSchema" xmlns:VolumeObj="http://cybox.mitre.org/objects#VolumeObject-2" xmlns:cyboxCommon="http://cybox.mitre.org/common-2" targetNamespace="http://cybox.mitre.org/objects#VolumeObject-2" elementFormDefault="qualified" attributeFormDefault="unqualified" version="2.0">
+	<xs:annotation>
+		<xs:documentation>This schema was originally developed by The MITRE Corporation. The CybOX XML Schema implementation is maintained by The MITRE Corporation and developed by the open CybOX Community. For more information, including how to get involved in the effort and how to submit change requests, please visit the CybOX website at http://cybox.mitre.org. </xs:documentation>
+		<xs:appinfo>
+			<schema>Volume_Object</schema>
+			<version>2.0</version>
+			<date>02/11/2013 9:00:00 AM</date>
+			<short_description>The following specifies the fields and types that compose this defined CybOX Object type. Each defined object is an extension of the abstract ObjectPropertiesType, defined in CybOX Common. For more information on this extension mechanism, please see the CybOX Specification. This document is intended for developers and assumes some familiarity with XML. </short_description>
+			<terms_of_use>Copyright (c) 2012-2013, The MITRE Corporation. All rights reserved. The contents of this file are subject to the terms of the CybOX License located at http://cybox.mitre.org/about/termsofuse.html. See the CybOX License for the specific language governing permissions and limitations for use of this schema. When distributing copies of the CybOX Schema, this license header must be included. </terms_of_use>
+		</xs:appinfo>
+	</xs:annotation>
+	<xs:import namespace="http://cybox.mitre.org/common-2" schemaLocation="../cybox_common.xsd"/>
+	<xs:element name="Volume" type="VolumeObj:VolumeObjectType">
+		<xs:annotation>
+			<xs:documentation>The Volume object is intended to characterize generic drive volumes.</xs:documentation>
+		</xs:annotation>
+	</xs:element>
+	<xs:complexType name="VolumeObjectType" mixed="false">
+		<xs:annotation>
+			<xs:documentation>The VolumeObjectType type is intended to characterize generic drive volumes.</xs:documentation>
+		</xs:annotation>
+		<xs:complexContent>
+			<xs:extension base="cyboxCommon:ObjectPropertiesType">
+				<xs:sequence>
+					<xs:element name="Name" type="cyboxCommon:StringObjectPropertyType" minOccurs="0">
+						<xs:annotation>
+							<xs:documentation>The Name field specifies the name of the volume.</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+					<xs:element name="Device_Path" type="cyboxCommon:StringObjectPropertyType" minOccurs="0">
+						<xs:annotation>
+							<xs:documentation>The Device_Path specifies the full path to the volume, including the device on which it resides.</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+					<xs:element name="File_System_Type" type="cyboxCommon:StringObjectPropertyType" minOccurs="0">
+						<xs:annotation>
+							<xs:documentation>The File_System_Type field specifies the name of the file system which is used on the volume.</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+					<xs:element name="Total_Allocation_Units" type="cyboxCommon:UnsignedLongObjectPropertyType" minOccurs="0">
+						<xs:annotation>
+							<xs:documentation>The Total_Allocation_Units field specifies the total number of allocation units available on the volume.</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+					<xs:element name="Sectors_Per_Allocation_Unit" type="cyboxCommon:UnsignedIntegerObjectPropertyType" minOccurs="0">
+						<xs:annotation>
+							<xs:documentation>The Sectors_Per_Allocation_Unit field speciifes the number of disk sectors used for each allocation unit on the volume.</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+					<xs:element name="Bytes_Per_Sector" type="cyboxCommon:PositiveIntegerObjectPropertyType" minOccurs="0">
+						<xs:annotation>
+							<xs:documentation>The Bytes_Per_Sector field specifies the number of bytes allocated for each sector of the volume.</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+					<xs:element name="Actual_Available_Allocation_Units" type="cyboxCommon:UnsignedLongObjectPropertyType" minOccurs="0">
+						<xs:annotation>
+							<xs:documentation>The Actual_Available_Allocation_Units field specifies the number of allocation units, or clusters, available on the volume.</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+					<xs:element name="Creation_Time" type="cyboxCommon:DateTimeObjectPropertyType" minOccurs="0">
+						<xs:annotation>
+							<xs:documentation>The Creation_Time field specifies the date/time that the volume was created.</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+					<xs:element name="File_System_Flag_List" type="VolumeObj:FileSystemFlagListType" minOccurs="0" maxOccurs="1">
+						<xs:annotation>
+							<xs:documentation>The File_System_Flag_List field specifies the particular flags set for the volume by the file system which is used on the volume.</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+					<xs:element minOccurs="0" name="Serial_Number" type="cyboxCommon:StringObjectPropertyType">
+						<xs:annotation>
+							<xs:documentation>The Serial_Number field specifies the serial number of the volume.</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+				</xs:sequence>
+				<xs:attribute name="is_mounted" type="xs:boolean">
+					<xs:annotation>
+						<xs:documentation>The is_mounted field specifies whether the volume is mounted.</xs:documentation>
+					</xs:annotation>
+				</xs:attribute>
+			</xs:extension>
+		</xs:complexContent>
+	</xs:complexType>
+	<xs:complexType name="VolumeOptionsType" abstract="true">
+		<xs:annotation>
+			<xs:documentation>The VolumeOptionsType type specifies the particular options set for the volume. This is an abstract type since volume options are OS-specific, and is extended by the related OS-specific CybOX volume objects.</xs:documentation>
+		</xs:annotation>
+	</xs:complexType>
+	<xs:complexType name="FileSystemFlagListType">
+		<xs:annotation>
+			<xs:documentation>The FileSystemFlagListType is a listing of the flags specified for the volume by the file system.</xs:documentation>
+		</xs:annotation>
+		<xs:sequence>
+			<xs:element name="File_System_Flag" type="VolumeObj:VolumeFileSystemFlagType" maxOccurs="20">
+				<xs:annotation>
+					<xs:documentation>The File_System_Flag field specifies a particular flag used on the volume by the file system.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+		</xs:sequence>
+	</xs:complexType>
+	<xs:complexType name="VolumeFileSystemFlagType">
+		<xs:annotation>
+			<xs:documentation>VolumeFileSystemFlagType specifies file system flags, via a union of the VolumeFileSystemFlagEnum type and the atomic xs:string type. Its base type is the CybOX Core BaseObjectPropertyType, for permitting complex (i.e. regular-expression based) specifications.</xs:documentation>
+		</xs:annotation>
+		<xs:simpleContent>
+			<xs:restriction base="cyboxCommon:BaseObjectPropertyType">
+				<xs:simpleType>
+					<xs:union memberTypes="VolumeObj:VolumeFileSystemFlagEnum xs:string"/>
+				</xs:simpleType>
+				<xs:attribute name="datatype" type="cyboxCommon:DatatypeEnum" fixed="string">
+					<xs:annotation>
+						<xs:documentation>This attribute is optional and specifies the expected type for the value of the specified property.</xs:documentation>
+					</xs:annotation>
+				</xs:attribute>
+			</xs:restriction>
+		</xs:simpleContent>
+	</xs:complexType>
+	<xs:simpleType name="VolumeFileSystemFlagEnum">
+		<xs:annotation>
+			<xs:documentation>The FileSystemFlagEnum type is an enumeration of flags used by file systems on volumes, especially those on Windows Operating Systems. See http://msdn.microsoft.com/en-us/library/windows/desktop/aa364993(v=vs.85).aspx and http://msdn.microsoft.com/en-us/library/cc232101(v=prot.13).aspx for more information.</xs:documentation>
+		</xs:annotation>
+		<xs:list>
+			<xs:simpleType>
+				<xs:restriction base="xs:string">
+					<xs:enumeration value="FILE_CASE_SENSITIVE_SEARCH">
+						<xs:annotation>
+							<xs:documentation>Indicates that the specified volume supports case-sensitive file names. This corresponds to the lpFileSystemFlags and FileSystemAttributes value 0x00000001.</xs:documentation>
+						</xs:annotation>
+					</xs:enumeration>
+					<xs:enumeration value="FILE_CASE_PRESERVED_NAMES">
+						<xs:annotation>
+							<xs:documentation>Indicates that the specified volume supports preserved case of file names when it places a name on disk. This corresponds to the lpFileSystemFlags and FileSystemAttributes value 0x00000002.</xs:documentation>
+						</xs:annotation>
+					</xs:enumeration>
+					<xs:enumeration value="FILE_UNICODE_ON_DISK">
+						<xs:annotation>
+							<xs:documentation>Indicates that the specified volume supports preserved case of file names when it places a name on disk. This corresponds to the lpFileSystemFlags and FileSystemAttributes value 0x00000004.</xs:documentation>
+						</xs:annotation>
+					</xs:enumeration>
+					<xs:enumeration value="FILE_PERSISTENT_ACLS">
+						<xs:annotation>
+							<xs:documentation>Indicates that the specified volume preserves and enforces access control lists (ACL). For example, the NTFS file system preserves and enforces ACLs, and the FAT file system does not. This corresponds to the lpFileSystemFlags and FileSystemAttributes value 0x00000008.</xs:documentation>
+						</xs:annotation>
+					</xs:enumeration>
+					<xs:enumeration value="FILE_FILE_COMPRESSION">
+						<xs:annotation>
+							<xs:documentation>Indicates that the specified volume supports file-based compression. This corresponds to the lpFileSystemFlags and FileSystemAttributes value 0x00000010.</xs:documentation>
+						</xs:annotation>
+					</xs:enumeration>
+					<xs:enumeration value="FILE_VOLUME_QUOTAS">
+						<xs:annotation>
+							<xs:documentation>Indicates that the specified volume supports disk quotas. This corresponds to the lpFileSystemFlags and FileSystemAttributes value 0x00000020.</xs:documentation>
+						</xs:annotation>
+					</xs:enumeration>
+					<xs:enumeration value="FILE_SUPPORTS_SPARSE_FILES">
+						<xs:annotation>
+							<xs:documentation>Indicates that the specified volume supports sparse files. This corresponds to the lpFileSystemFlags and FileSystemAttributes value 0x00000040.</xs:documentation>
+						</xs:annotation>
+					</xs:enumeration>
+					<xs:enumeration value="FILE_SUPPORTS_REPARSE_POINTS">
+						<xs:annotation>
+							<xs:documentation>Indicates that the specified volume supports re-parse points. This corresponds to the lpFileSystemFlags and FileSystemAttributes value 0x00000080.</xs:documentation>
+						</xs:annotation>
+					</xs:enumeration>
+					<xs:enumeration value="FILE_SUPPORTS_REMOTE_STORAGE">
+						<xs:annotation>
+							<xs:documentation>Indicates that the specified volume supports remote storage. This is not listed with a lpFileSystemFlags value in documentation, but corresponds to the FileSystemAttributes value 0x00000100.</xs:documentation>
+						</xs:annotation>
+					</xs:enumeration>
+					<xs:enumeration value="FILE_VOLUME_IS_COMPRESSED">
+						<xs:annotation>
+							<xs:documentation>Indicates that the specified volume is a compressed volume, for example, a DoubleSpace volume. This flag is incompatible with the FILE_FILE_COMPRESSION flag. This corresponds to the lpFileSystemFlags and FileSystemAttributes value 0x00008000.</xs:documentation>
+						</xs:annotation>
+					</xs:enumeration>
+					<xs:enumeration value="FILE_SUPPORTS_OBJECT_IDS">
+						<xs:annotation>
+							<xs:documentation>Indicates that the specified volume supports object identifiers. This corresponds to the lpFileSystemFlags and FileSystemAttributes value 0x00010000.</xs:documentation>
+						</xs:annotation>
+					</xs:enumeration>
+					<xs:enumeration value="FILE_SUPPORTS_ENCRYPTION">
+						<xs:annotation>
+							<xs:documentation>Indicates that the specified volume supports encryption. This corresponds to the lpFileSystemFlags and FileSystemAttributes value 0x00020000.</xs:documentation>
+						</xs:annotation>
+					</xs:enumeration>
+					<xs:enumeration value="FILE_NAMED_STREAMS">
+						<xs:annotation>
+							<xs:documentation>Indicates that the specified volume supports named streams. This corresponds to the lpFileSystemFlags and FileSystemAttributes value 0x00040000.</xs:documentation>
+						</xs:annotation>
+					</xs:enumeration>
+					<xs:enumeration value="FILE_READ_ONLY_VOLUME">
+						<xs:annotation>
+							<xs:documentation>Indicates that the specified volume is read-only. This corresponds to the lpFileSystemFlags and FileSystemAttributes value 0x00080000.</xs:documentation>
+						</xs:annotation>
+					</xs:enumeration>
+					<xs:enumeration value="FILE_SEQUENTIAL_WRITE_ONCE">
+						<xs:annotation>
+							<xs:documentation>Indicates that the specified volume supports a single sequential write. This corresponds to the lpFileSystemFlags and FileSystemAttributes value 0x00100000.</xs:documentation>
+						</xs:annotation>
+					</xs:enumeration>
+					<xs:enumeration value="FILE_SUPPORTS_TRANSACTIONS">
+						<xs:annotation>
+							<xs:documentation>Indicates that the specified volume supports transactions. For more information about transactions, see http://msdn.microsoft.com/en-us/library/windows/desktop/aa365993(v=vs.85).aspx. This corresponds to the lpFileSystemFlags and FileSystemAttributes value 0x00200000.</xs:documentation>
+						</xs:annotation>
+					</xs:enumeration>
+					<xs:enumeration value="FILE_SUPPORTS_HARD_LINKS">
+						<xs:annotation>
+							<xs:documentation>Indicates that the specified volume supports hard links. For more information about hard links, see http://msdn.microsoft.com/en-us/library/windows/desktop/aa365006(v=vs.85).aspx. Note that hard links are DIFFERENT from symbolic links. This value is ONLY supported for Windows Server 2008 R2 and Windows 7 and later. This corresponds to the lpFileSystemFlags and FileSystemAttributes value 0x00400000.</xs:documentation>
+						</xs:annotation>
+					</xs:enumeration>
+					<xs:enumeration value="FILE_SUPPORTS_EXTENDED_ATTRIBUTES">
+						<xs:annotation>
+							<xs:documentation>Indicates that the specified volume supports extended attributes. An extended attribute is a piece of application-specific metadata that an application can associate with a file and is not part of the file's data. This value is ONLY supported for Windows Server 2008 R2 and Windows 7 and later. This corresponds to the lpFileSystemFlags and FileSystemAttributes value 0x00800000.</xs:documentation>
+						</xs:annotation>
+					</xs:enumeration>
+					<xs:enumeration value="FILE_SUPPORTS_OPEN_BY_FILE_ID">
+						<xs:annotation>
+							<xs:documentation>Indicates that the specified volume supports open by FileID. For more information about open by FileID, see http://msdn.microsoft.com/en-us/library/windows/desktop/aa364226(v=vs.85).aspx. This value is ONLY supported for Windows Server 2008 R2 and Windows 7 and later. This corresponds to the lpFileSystemFlags and FileSystemAttributes value 0x01000000.</xs:documentation>
+						</xs:annotation>
+					</xs:enumeration>
+					<xs:enumeration value="FILE_SUPPORTS_USN_JOURNAL">
+						<xs:annotation>
+							<xs:documentation>Indicates that the specified volume supports unique service number (USN) journals. For more information about USN journals, see http://msdn.microsoft.com/en-us/library/windows/desktop/aa363803(v=vs.85).aspx. This value is ONLY supported for Windows Server 2008 R2 and Windows 7 and later. This corresponds to the lpFileSystemFlags and FileSystemAttributes value 0x02000000.</xs:documentation>
+						</xs:annotation>
+					</xs:enumeration>
+					<xs:enumeration value="FILE_SUPPORTS_INTEGRITY_STREAMS">
+						<xs:annotation>
+							<xs:documentation>Indicates that the specified volume supports integrity streams. Currently, this value is ONLY available for ReFS and Windows 8 Beta. This corresponds to the FileSystemAttributes value 0x04000000.</xs:documentation>
+						</xs:annotation>
+					</xs:enumeration>
+				</xs:restriction>
+			</xs:simpleType>
+		</xs:list>
+	</xs:simpleType>
+</xs:schema>
\ No newline at end of file
diff --git a/stix_validator/schema/cybox/objects/Whois_Object.xsd b/stix_validator/schema/cybox/objects/Whois_Object.xsd
new file mode 100755
index 0000000..a004111
--- /dev/null
+++ b/stix_validator/schema/cybox/objects/Whois_Object.xsd
@@ -0,0 +1,456 @@
+<?xml version="1.0" encoding="utf-8"?>
+<xs:schema xmlns:xs="http://www.w3.org/2001/XMLSchema" xmlns:WhoisObj="http://cybox.mitre.org/objects#WhoisObject-2" xmlns:URIObj="http://cybox.mitre.org/objects#URIObject-2" xmlns:AddressObj="http://cybox.mitre.org/objects#AddressObject-2" xmlns:cyboxCommon="http://cybox.mitre.org/common-2" targetNamespace="http://cybox.mitre.org/objects#WhoisObject-2" elementFormDefault="qualified" attributeFormDefault="unqualified" version="2.0">
+	<xs:annotation>
+		<xs:documentation>This schema was originally developed by The MITRE Corporation. The CybOX XML Schema implementation is maintained by The MITRE Corporation and developed by the open CybOX Community. For more information, including how to get involved in the effort and how to submit change requests, please visit the CybOX website at http://cybox.mitre.org. </xs:documentation>
+		<xs:appinfo>
+			<schema>Whois_Object</schema>
+			<version>2.0</version>
+			<date>02/11/2013 9:00:00 AM</date>
+			<short_description>The following specifies the fields and types that compose this defined CybOX Object type. Each defined object is an extension of the abstract ObjectPropertiesType, defined in CybOX Common. For more information on this extension mechanism, please see the CybOX Specification. This document is intended for developers and assumes some familiarity with XML. </short_description>
+			<terms_of_use>Copyright (c) 2012-2013, The MITRE Corporation. All rights reserved. The contents of this file are subject to the terms of the CybOX License located at http://cybox.mitre.org/about/termsofuse.html. See the CybOX License for the specific language governing permissions and limitations for use of this schema. When distributing copies of the CybOX Schema, this license header must be included. </terms_of_use>
+		</xs:appinfo>
+	</xs:annotation>
+	<xs:import namespace="http://cybox.mitre.org/common-2" schemaLocation="../cybox_common.xsd"/>
+	<xs:import namespace="http://cybox.mitre.org/objects#URIObject-2" schemaLocation="URI_Object.xsd"/>
+	<xs:import namespace="http://cybox.mitre.org/objects#AddressObject-2" schemaLocation="Address_Object.xsd"/>
+	<xs:element name="Whois_Entry" type="WhoisObj:WhoisObjectType">
+		<xs:annotation>
+			<xs:documentation>The Whois_Entry object is intended to characterize an individual Whois entry for a domain.</xs:documentation>
+		</xs:annotation>
+	</xs:element>
+	<xs:complexType name="WhoisObjectType" mixed="false">
+		<xs:annotation>
+			<xs:documentation>The WhoisObjectType type is intended to characterize Whois information for a domain.</xs:documentation>
+		</xs:annotation>
+		<xs:complexContent>
+			<xs:extension base="cyboxCommon:ObjectPropertiesType">
+				<xs:sequence>
+					<xs:element name="Domain_Name" type="URIObj:URIObjectType" minOccurs="0">
+						<xs:annotation>
+							<xs:documentation>The Domain_Name field specifies the corresponding domain name for this whois entry</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+					<xs:element name="Domain_ID" type="cyboxCommon:StringObjectPropertyType" minOccurs="0">
+						<xs:annotation>
+							<xs:documentation>The Domain_ID field specifies the domain id for the domain associated with this Whois entry</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+					<xs:element name="Server_Name" type="URIObj:URIObjectType" minOccurs="0">
+						<xs:annotation>
+							<xs:documentation>The Server_Name field specifies the corresponding server name for this whois entry. This usually corresponds to a nameserver lookup.</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+					<xs:element name="IP_Address" type="AddressObj:AddressObjectType" minOccurs="0">
+						<xs:annotation>
+							<xs:documentation>The IP_Address field specifies the corresponding ip address for this whois entry. The usually corresponds to a nameserver lookup.</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+					<xs:element name="DNSSEC" type="WhoisObj:WhoisDNSSECTypeEnum" minOccurs="0" maxOccurs="1">
+						<xs:annotation>
+							<xs:documentation>The DNSSEC element corresponds to the DNSSEC field associated with a Whois entry. Acceptable values are: "Signed" or "Unsigned".</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+					<xs:element name="Nameservers" type="WhoisObj:WhoisNameserversType" minOccurs="0" maxOccurs="1">
+						<xs:annotation>
+							<xs:documentation>The Nameservers element represents a list of nameserver entries for a Whois entry.</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+					<xs:element name="Status" type="WhoisObj:WhoisStatusesType" minOccurs="0" maxOccurs="1">
+						<xs:annotation>
+							<xs:documentation>The Status element represents a list of statuses for a given Whois entry.</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+					<xs:element name="Updated_Date" type="cyboxCommon:DateObjectPropertyType" minOccurs="0">
+						<xs:annotation>
+							<xs:documentation>The Updated_Date field specifies the date in which the registered domain information was last updated</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+					<xs:element name="Creation_Date" type="cyboxCommon:DateObjectPropertyType" minOccurs="0">
+						<xs:annotation>
+							<xs:documentation>The Creation_Date field specifies the date in which the registered domain was created</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+					<xs:element name="Expiration_Date" type="cyboxCommon:DateObjectPropertyType" minOccurs="0">
+						<xs:annotation>
+							<xs:documentation>The Expiration_Date field specifies the date in which the registered domain will expire</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+					<xs:element minOccurs="0" name="Regional_Internet_Registry" type="WhoisObj:RegionalRegistryType">
+						<xs:annotation>
+							<xs:documentation>The Regional_Internet_Registry field specifies the name of the Regional Internet Registry (RIR) which allocated the IP address contained in this WHOIS entry.</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+					<xs:element name="Sponsoring_Registrar" type="cyboxCommon:StringObjectPropertyType" minOccurs="0">
+						<xs:annotation>
+							<xs:documentation>The Sponsoring_Registrar field holds the name of the sponsoring registrar for the domain</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+					<xs:element name="Registrar_Info" type="WhoisObj:WhoisRegistrarInfoType" minOccurs="0">
+						<xs:annotation>
+							<xs:documentation>The Registrar_Info element represents registrar info that would be returned from a registrar lookup</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+					<xs:element name="Registrants" minOccurs="0" type="WhoisObj:WhoisRegistrantsType">
+						<xs:annotation>
+							<xs:documentation>The Registrants element represents the registrant information associated with a domain lookup</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+					<xs:element name="Contact_Info" type="WhoisObj:WhoisContactType" minOccurs="0">
+						<xs:annotation>
+							<xs:documentation>The Contact_Info element represents contact info that would be returned from a contact lookup</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+				</xs:sequence>
+			</xs:extension>
+		</xs:complexContent>
+	</xs:complexType>
+
+	<xs:simpleType name="WhoisStatusTypeEnum">
+		<xs:annotation>
+			<xs:documentation>The WhoisStatusEnum enumeration lists all valid statuses for a domain within a whois entry</xs:documentation>
+		</xs:annotation>
+		<xs:restriction base="xs:string">
+			<xs:enumeration value="ADD_PERIOD">
+				<xs:annotation>
+					<xs:documentation>The 5-day Add Grace Period after the initial registration of a domain. If the domain is deleted by the registrar during this period, the registry provides a credit to the registrar for the cost of the registration.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="RENEW_PERIOD">
+				<xs:annotation>
+					<xs:documentation>The 5-day period after a domain registration period is explicitly extended (renewed) by the registrar. If the domain is deleted by the registrar during this period, the registry provides a credit to the registrar for the cost of the renewal.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="AUTO_RENEW_PERIOD">
+				<xs:annotation>
+					<xs:documentation>The 45-day period after a domain registration period expires and is extended (renewed) automatically by the registry. If the domain is deleted by the registrar during this period, the registry provides a credit to the registrar for the cost of the renewal.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="TRANSFER_PERIOD">
+				<xs:annotation>
+					<xs:documentation>The 5-day period after the successful transfer of domain name registration sponsorship from one registrar to another registrar. If the domain is deleted by the new sponsoring registrar during this period, the registry provides a credit to the registrar for the cost of the transfer.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="PENDING_DELETE_RESTORABLE">
+				<xs:annotation>
+					<xs:documentation>The 30-day period after a registrar has submitted a delete command to delete a domain from the registry. All Internet services associated with the domain are disabled. During this period, a registrar can submit a request to Restore the domain.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="PENDING_DELETE_SCHEDULED_FOR_RELEASE">
+				<xs:annotation>
+					<xs:documentation>The 5-day period following the PENDING DELETE RESTORABLE period. During this period, all Internet services associated with the domain will remain disabled and domain cannot be Restored.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="PENDING_RESTORE">
+				<xs:annotation>
+					<xs:documentation>The registrar has submitted a Restore request for a domain that was previously in the status of PENDING DELETE RESTORABLE and the registry is awaiting a Restore Report from the registrar.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="OK">
+				<xs:annotation>
+					<xs:documentation>This is the normal status for a domain that has no pending operations or prohibitions.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="INACTIVE">
+				<xs:annotation>
+					<xs:documentation>The domain has no associated nameservers. A minimum of 2 nameservers must be associated with the domain before it can be published to the zone. </xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="CLIENT_TRANSFER_PROHIBITED">
+				<xs:annotation>
+					<xs:documentation>Registrar does not allow the transfer of a domain.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="CLIENT_RENEW_PROHIBITED">
+				<xs:annotation>
+					<xs:documentation>Registrar does not allow the renewal of a domain.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="CLIENT_DELETE_PROHIBITED">
+				<xs:annotation>
+					<xs:documentation>Registrar does not allow the deletion of a domain.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="CLIENT_UPDATE_PROHIBITED">
+				<xs:annotation>
+					<xs:documentation>Registrar does not allow the update or modification of a domain.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="CLIENT_HOLD">
+				<xs:annotation>
+					<xs:documentation>Registrar will not allow the domain to be published to the zone.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="TRANSFER_PROHIBITED">
+				<xs:annotation>
+					<xs:documentation>Registry does not allow the transfer of a domain.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="RENEW_PROHIBITED">
+				<xs:annotation>
+					<xs:documentation>Registry does not allow the renewal of a domain.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="DELETE_PROHIBITED">
+				<xs:annotation>
+					<xs:documentation>Registry does not allow the deletion of a domain.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="UPDATE_PROHIBITED">
+				<xs:annotation>
+					<xs:documentation>Registry does not allow all the update or modification of a domain.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="HOLD">
+				<xs:annotation>
+					<xs:documentation>Registry will not allow the domain to be published to the zone.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+		</xs:restriction>
+	</xs:simpleType>
+
+	<xs:complexType name="WhoisRegistrarInfoType">
+		<xs:sequence>
+			<xs:element name="Registrar_ID" type="cyboxCommon:StringObjectPropertyType" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>The Registrar_ID corresponds to the Registrar ID field of a Whois entry</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="Registrar_GUID" type="cyboxCommon:StringObjectPropertyType" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>The Registrar_GUID corresponds to the Registrar GUID field of a Whois entry</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="Name" type="cyboxCommon:StringObjectPropertyType" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>The Name field holds the name of the registrar organization</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="Address" type="cyboxCommon:StringObjectPropertyType" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>The Address field holds the address (location) of the registrar organization</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="Email_Address" type="AddressObj:AddressObjectType" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>The main email address for the registrar</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="Phone_Number" type="cyboxCommon:StringObjectPropertyType" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>The Phone_Number field holds the phone number of the registrar organization</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="Whois_Server" type="URIObj:URIObjectType" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>The Whois_Server field specifies the corresponding whois server for this registrar</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="Referral_URL" type="URIObj:URIObjectType" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>The Referral_URL field specifies the corresponding referral URL for registrar</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="Contacts" type="WhoisObj:WhoisContactsType" minOccurs="0" maxOccurs="1">
+				<xs:annotation>
+					<xs:documentation>A list of registrar contacts</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+		</xs:sequence>
+	</xs:complexType>
+
+	<xs:simpleType name="WhoisDNSSECTypeEnum">
+		<xs:annotation>
+			<xs:documentation>The WhoisDNSSECTypeEnum defines an enumeration of acceptable values for the DNSSEC field in a Whois entry</xs:documentation>
+		</xs:annotation>
+		<xs:restriction base="xs:string">
+			<xs:enumeration value="Signed">
+				<xs:annotation>
+					<xs:documentation>The Signed value signifies that the domain name associated with the Whois entry is digitally signed</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Unsigned">
+				<xs:annotation>
+					<xs:documentation>The Unsigned value signfies that the domain name associated with the Whois entry is not digitally signed</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+		</xs:restriction>
+	</xs:simpleType>
+
+	<xs:complexType name="WhoisContactsType">
+		<xs:annotation>
+			<xs:documentation>The WhoisContactsType represents a list of contacts (usually registrar or registrant) found in a Whois entry</xs:documentation>
+		</xs:annotation>
+		<xs:sequence>
+			<xs:element name="Contact" type="WhoisObj:WhoisContactType" minOccurs="0" maxOccurs="unbounded">
+				<xs:annotation>
+					<xs:documentation>A contact found in a Whois entry </xs:documentation>
+				</xs:annotation>
+			</xs:element>
+		</xs:sequence>
+	</xs:complexType>
+
+	<xs:complexType name="WhoisContactType">
+		<xs:sequence>
+			<xs:element name="Contact_ID" type="cyboxCommon:StringObjectPropertyType" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>The Contact_ID corresponds to an ID for the contact. This can be presented as Contact ID, Billing ID, Admin ID, Tech ID, etc.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="Name" type="cyboxCommon:StringObjectPropertyType" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>The name of the contact</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="Email_Address" type="AddressObj:AddressObjectType" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>The email address of the contact</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="Phone_Number" type="cyboxCommon:StringObjectPropertyType" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>The phone number of the contact</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="Address" type="cyboxCommon:StringObjectPropertyType" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>The address of the contact</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+		</xs:sequence>
+		<xs:attribute name="contact_type">
+			<xs:annotation>
+				<xs:documentation>The contact_type field specifies what type of contact this is. Only values from WhoisObj:RegistrarContactTypeEnum can be used.</xs:documentation>
+			</xs:annotation>
+			<xs:simpleType>
+				<xs:restriction base="WhoisObj:WhoisContactTypeEnum"/>
+			</xs:simpleType>
+		</xs:attribute>
+	</xs:complexType>
+
+	<xs:simpleType name="WhoisContactTypeEnum">
+		<xs:annotation>
+			<xs:documentation>The RegistrarContactTypeEnum defines the types of registrar contacts listed in a whois entry</xs:documentation>
+		</xs:annotation>
+		<xs:restriction base="xs:string">
+			<xs:enumeration value="ADMIN">
+				<xs:annotation>
+					<xs:documentation>The contact is an administrator</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="BILLING">
+				<xs:annotation>
+					<xs:documentation>The contact is for billing</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="TECHNICAL">
+				<xs:annotation>
+					<xs:documentation>The contact is for technical assistance</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+		</xs:restriction>
+	</xs:simpleType>
+
+	<xs:complexType name="WhoisStatusType">
+		<xs:annotation>
+			<xs:documentation>The WhoisStatusType specifies a status for a domain as listed in its Whois entry. Only statuses defined by WhoisStatusTypeEnum can be used.</xs:documentation>
+		</xs:annotation>
+		<xs:simpleContent>
+			<xs:restriction base="cyboxCommon:BaseObjectPropertyType">
+				<xs:simpleType>
+					<xs:union memberTypes="WhoisObj:WhoisStatusTypeEnum xs:string"/>
+				</xs:simpleType>
+			</xs:restriction>
+		</xs:simpleContent>
+	</xs:complexType>
+
+	<xs:complexType name="WhoisStatusesType">
+		<xs:annotation>
+			<xs:documentation>The WhoisStatusesType defines a list of WhoisStatusType objecst</xs:documentation>
+		</xs:annotation>
+		<xs:sequence>
+			<xs:element name="Status" type="WhoisObj:WhoisStatusType" minOccurs="0" maxOccurs="unbounded"/>
+		</xs:sequence>
+	</xs:complexType>
+
+	<xs:complexType name="WhoisNameserversType">
+		<xs:annotation>
+			<xs:documentation>The WhoisNameserversType defines a list of nameservers associated with a Whois entry</xs:documentation>
+		</xs:annotation>
+		<xs:sequence>
+			<xs:element name="Nameserver" type="URIObj:URIObjectType" minOccurs="0" maxOccurs="unbounded">
+				<xs:annotation>
+					<xs:documentation>The Nameserver field specifies a nameserver of the domain for this whois entry</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+		</xs:sequence>
+	</xs:complexType>
+
+	<xs:complexType name="WhoisRegistrantInfoType">
+		<xs:complexContent>
+			<xs:extension base="WhoisObj:WhoisContactType">
+				<xs:sequence>
+					<xs:element name="Registrant_ID" type="cyboxCommon:StringObjectPropertyType" minOccurs="0" maxOccurs="1">
+						<xs:annotation>
+							<xs:documentation>The Registrant_ID specifies the registrant id for a given registrant</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+				</xs:sequence>
+			</xs:extension>
+		</xs:complexContent>
+	</xs:complexType>
+
+	<xs:complexType name="WhoisRegistrantsType">
+		<xs:annotation>
+			<xs:documentation>The WhoisRegistrantsType represents a list of registrant information for a given Whois entry</xs:documentation>
+		</xs:annotation>
+		<xs:sequence>
+			<xs:element name="Registrant" type="WhoisObj:WhoisRegistrantInfoType" minOccurs="0" maxOccurs="unbounded"/>
+		</xs:sequence>
+	</xs:complexType>
+
+	<xs:complexType name="RegionalRegistryType">
+		<xs:annotation>
+			<xs:documentation>The RegionalRegistryType specifies a Regional Internet Registry (RIR) for a given WHOIS entry. RIRs defined by the RegionalRegistryTypeEnum may be used, as well as those specified by a free form text string.</xs:documentation>
+		</xs:annotation>
+		<xs:simpleContent>
+			<xs:restriction base="cyboxCommon:BaseObjectPropertyType">
+				<xs:simpleType>
+					<xs:union memberTypes="WhoisObj:RegionalRegistryTypeEnum xs:string"/>
+				</xs:simpleType>
+			</xs:restriction>
+		</xs:simpleContent>
+	</xs:complexType>
+
+	<xs:simpleType name="RegionalRegistryTypeEnum">
+		<xs:annotation>
+			<xs:documentation>The RegionalRegistryTypeEnum is an enumeration of Regional Internet Registries (RIRs) names, represente via their respective acronyms.</xs:documentation>
+		</xs:annotation>
+		<xs:restriction base="xs:string">
+			<xs:enumeration value="AfriNIC">
+				<xs:annotation>
+					<xs:documentation>AfriNIC stands for African Network Information Centre, and is the RIR for Africa.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="ARIN">
+				<xs:annotation>
+					<xs:documentation>ARIN stands for American Registry for Internet Numbers, and is the RIR for the United States, Canada, several parts of the Caribbean Region, and Antarctica.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="APNIC">
+				<xs:annotation>
+					<xs:documentation>APNIC stands for Asia-Pacific Network Information Centre, and is the RIR for Asia, Australia, New Zealand, and neighboring countries.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="LACNIC">
+				<xs:annotation>
+					<xs:documentation>LACNIC stands for Latin American and Caribbean Network Information Centre, and is the RIR for Latin America and parts of the Caribbean region.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="RIPE NCC">
+				<xs:annotation>
+					<xs:documentation>RIPE NCC stands for Réseaux IP Européens Network Coordination Centre, and is the RIR for Europe, Russia, the Middle East, and Central Asia.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+		</xs:restriction>
+	</xs:simpleType>
+</xs:schema>
\ No newline at end of file
diff --git a/stix_validator/schema/cybox/objects/Win_Computer_Account_Object.xsd b/stix_validator/schema/cybox/objects/Win_Computer_Account_Object.xsd
new file mode 100755
index 0000000..933c0c7
--- /dev/null
+++ b/stix_validator/schema/cybox/objects/Win_Computer_Account_Object.xsd
@@ -0,0 +1,135 @@
+<?xml version="1.0" encoding="utf-8"?>
+<xs:schema xmlns:xs="http://www.w3.org/2001/XMLSchema" xmlns:WinComputerAccountObj="http://cybox.mitre.org/objects#WinComputerAccountObject-2" xmlns:cyboxCommon="http://cybox.mitre.org/common-2" xmlns:AccountObj="http://cybox.mitre.org/objects#AccountObject-2" xmlns:PortObj="http://cybox.mitre.org/objects#PortObject-2" xmlns:ns1="http://cybox.mitre.org/objects#WinComputerAccountObject-2" targetNamespace="http://cybox.mitre.org/objects#WinComputerAccountObject-2" elementFormDefault="qualified" attributeFormDefault="unqualified" version="2.0">
+	<xs:annotation>
+		<xs:documentation>This schema was originally developed by The MITRE Corporation. The CybOX XML Schema implementation is maintained by The MITRE Corporation and developed by the open CybOX Community. For more information, including how to get involved in the effort and how to submit change requests, please visit the CybOX website at http://cybox.mitre.org. </xs:documentation>
+		<xs:appinfo>
+			<schema>Win_Computer_Account_Object</schema>
+			<version>2.0</version>
+			<date>02/11/2013 9:00:00 AM</date>
+			<short_description>The following specifies the fields and types that compose this defined CybOX Object type. Each defined object is an extension of the abstract ObjectPropertiesType, defined in CybOX Common. For more information on this extension mechanism, please see the CybOX Specification. This document is intended for developers and assumes some familiarity with XML. </short_description>
+			<terms_of_use>Copyright (c) 2012-2013, The MITRE Corporation. All rights reserved. The contents of this file are subject to the terms of the CybOX License located at http://cybox.mitre.org/about/termsofuse.html. See the CybOX License for the specific language governing permissions and limitations for use of this schema. When distributing copies of the CybOX Schema, this license header must be included. </terms_of_use>
+		</xs:appinfo>
+	</xs:annotation>
+	<xs:import namespace="http://cybox.mitre.org/common-2" schemaLocation="../cybox_common.xsd"/>
+	<xs:import namespace="http://cybox.mitre.org/objects#AccountObject-2" schemaLocation="Account_Object.xsd"/>
+	<xs:import namespace="http://cybox.mitre.org/objects#PortObject-2" schemaLocation="Port_Object.xsd"/>
+	<xs:element name="Windows_Computer_Account" type="WinComputerAccountObj:WindowsComputerAccountObjectType" nillable="true">
+		<xs:annotation>
+			<xs:documentation>The Windows_Computer_Account object is intended to characterize Windows computer accounts.</xs:documentation>
+		</xs:annotation>
+	</xs:element>
+	<xs:complexType name="WindowsComputerAccountObjectType" mixed="false">
+		<xs:annotation>
+			<xs:documentation>The WinComputerAccountObject type is intended to characterize Windows computer accounts.</xs:documentation>
+		</xs:annotation>
+		<xs:complexContent>
+			<xs:extension base="AccountObj:AccountObjectType">
+				<xs:sequence>
+					<xs:element name="Fully_Qualified_Name" type="WinComputerAccountObj:FullyQualifiedNameType" minOccurs="0">
+						<xs:annotation>
+							<xs:documentation>The Fully_Qualified_Name field refers to the fully qualified name(s) of the Windows computer account.</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+					<xs:element name="Kerberos" type="WinComputerAccountObj:KerberosType" minOccurs="0">
+						<xs:annotation>
+							<xs:documentation>The Kerberos field specifies the Kerberos authentication protocol specific Object properties for the Windows computer account.</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+					<xs:element name="Security_ID" type="cyboxCommon:StringObjectPropertyType" minOccurs="0" maxOccurs="1">
+						<xs:annotation>
+							<xs:documentation>The Security_ID field specifies the Security ID (SID) value assigned to the Windows computer account.</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+					<xs:element name="Security_Type" type="cyboxCommon:SIDType" nillable="true" minOccurs="0" maxOccurs="1">
+						<xs:annotation>
+							<xs:documentation>The Security_Type field specifies the type of Security ID (SID) assigned to the Windows computer account.</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+					<xs:element name="Type" type="cyboxCommon:StringObjectPropertyType" minOccurs="0">
+						<xs:annotation>
+							<xs:documentation>The Type field specifies the type of the Windows computer account.</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+				</xs:sequence>
+			</xs:extension>
+		</xs:complexContent>
+	</xs:complexType>
+	<xs:complexType name="FullyQualifiedNameType">
+		<xs:annotation>
+			<xs:documentation>The FullyQualifiedNameType type refers to the fully qualified name(s) of the Windows computer account.</xs:documentation>
+		</xs:annotation>
+		<xs:sequence>
+			<xs:element name="NetBEUI_Name" type="cyboxCommon:StringObjectPropertyType" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>The NetBEUI_Name field specifies the NETBEUI name of the Windows computer account.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="Full_Name" type="cyboxCommon:StringObjectPropertyType" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>The Full_Name field specifies the full name of the Windows computer account.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+		</xs:sequence>
+	</xs:complexType>
+	<xs:complexType name="KerberosType">
+		<xs:annotation>
+			<xs:documentation>The KerberosType type specifies the Kerberos authentication protocol specific Object properties for the Windows computer account.</xs:documentation>
+		</xs:annotation>
+		<xs:sequence>
+			<xs:element name="Delegation" type="WinComputerAccountObj:KerberosDelegationType">
+				<xs:annotation>
+					<xs:documentation>The Delegation field specifies the Kerberos delegation used for the Windows computer account.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="Ticket" type="cyboxCommon:UnsignedLongObjectPropertyType" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>The Ticket field specifies the ID of the Kerberos ticket assigned to the Windows computer account.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+		</xs:sequence>
+	</xs:complexType>
+	<xs:complexType name="KerberosDelegationType">
+		<xs:annotation>
+			<xs:documentation>The Delegation field specifies the Kerberos delegation used for the Windows computer account.</xs:documentation>
+		</xs:annotation>
+		<xs:sequence>
+			<xs:element name="Bitmask" type="cyboxCommon:HexBinaryObjectPropertyType">
+				<xs:annotation>
+					<xs:documentation>The Bitmask field specifies the bitmask used in the Kerberos delegation for the Windows computer account.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="Service" type="WinComputerAccountObj:KerberosServiceType">
+				<xs:annotation>
+					<xs:documentation>The Service field specifies the properties of the Kerberos delegation service for the Windows computer account.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+		</xs:sequence>
+	</xs:complexType>
+	<xs:complexType name="KerberosServiceType">
+		<xs:annotation>
+			<xs:documentation>The KerberosServiceType specifies the properties of the Kerberos delegation service for the Windows computer account.</xs:documentation>
+		</xs:annotation>
+		<xs:sequence>
+			<xs:element name="Computer" type="cyboxCommon:StringObjectPropertyType" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>The Computer field specifies the computer name for the Kerberos service.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="Name" type="cyboxCommon:StringObjectPropertyType" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>The Name field specifies the name of the Kerberos service.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="Port" type="PortObj:PortObjectType" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>The Port field specifies the port for the Kerberos service.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="User" type="cyboxCommon:StringObjectPropertyType" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>The User field specifies the username for the Kerberos service.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+		</xs:sequence>
+	</xs:complexType>
+</xs:schema>
\ No newline at end of file
diff --git a/stix_validator/schema/cybox/objects/Win_Critical_Section_Object.xsd b/stix_validator/schema/cybox/objects/Win_Critical_Section_Object.xsd
new file mode 100755
index 0000000..898b194
--- /dev/null
+++ b/stix_validator/schema/cybox/objects/Win_Critical_Section_Object.xsd
@@ -0,0 +1,40 @@
+<?xml version="1.0" encoding="utf-8"?>
+<xs:schema xmlns:xs="http://www.w3.org/2001/XMLSchema" xmlns:WinCriticalSectionObj="http://cybox.mitre.org/objects#WinCriticalSectionObject-2" xmlns:cyboxCommon="http://cybox.mitre.org/common-2" targetNamespace="http://cybox.mitre.org/objects#WinCriticalSectionObject-2" elementFormDefault="qualified" attributeFormDefault="unqualified" version="2.0">
+	<xs:annotation>
+		<xs:documentation>This schema was originally developed by The MITRE Corporation. The CybOX XML Schema implementation is maintained by The MITRE Corporation and developed by the open CybOX Community. For more information, including how to get involved in the effort and how to submit change requests, please visit the CybOX website at http://cybox.mitre.org. </xs:documentation>
+		<xs:appinfo>
+			<schema>Win_Critical_Section_Object</schema>
+			<version>2.0</version>
+			<date>02/11/2013 9:00:00 AM</date>
+			<short_description>The following specifies the fields and types that compose this defined CybOX Object type. Each defined object is an extension of the abstract ObjectPropertiesType, defined in CybOX Common. For more information on this extension mechanism, please see the CybOX Specification. This document is intended for developers and assumes some familiarity with XML. </short_description>
+			<terms_of_use>Copyright (c) 2012-2013, The MITRE Corporation. All rights reserved. The contents of this file are subject to the terms of the CybOX License located at http://cybox.mitre.org/about/termsofuse.html. See the CybOX License for the specific language governing permissions and limitations for use of this schema. When distributing copies of the CybOX Schema, this license header must be included. </terms_of_use>
+		</xs:appinfo>
+	</xs:annotation>
+	<xs:import namespace="http://cybox.mitre.org/common-2" schemaLocation="../cybox_common.xsd"/>
+	<xs:element name="Windows_Critical_Section" type="WinCriticalSectionObj:WindowsCriticalSectionObjectType" nillable="true">
+		<xs:annotation>
+			<xs:documentation>The Windows_Critical_Section object is intended to characterize Windows Critical Section objects.</xs:documentation>
+		</xs:annotation>
+	</xs:element>
+	<xs:complexType name="WindowsCriticalSectionObjectType" mixed="false">
+		<xs:annotation>
+			<xs:documentation>The WindowsCriticalSectionObjectType type is intended to characterize Windows Critical Section objects.</xs:documentation>
+		</xs:annotation>
+		<xs:complexContent>
+			<xs:extension base="cyboxCommon:ObjectPropertiesType">
+				<xs:sequence>
+					<xs:element name="Address" type="cyboxCommon:HexBinaryObjectPropertyType" minOccurs="0">
+						<xs:annotation>
+							<xs:documentation>The Address field specifies the address of the code that crated the critical section object.</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+					<xs:element name="Spin_Count" type="cyboxCommon:NonNegativeIntegerObjectPropertyType" minOccurs="0">
+						<xs:annotation>
+							<xs:documentation>The Spin_Count field specifies the spin count value for the critical section object.</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+				</xs:sequence>
+			</xs:extension>
+		</xs:complexContent>
+	</xs:complexType>
+</xs:schema>
\ No newline at end of file
diff --git a/stix_validator/schema/cybox/objects/Win_Driver_Object.xsd b/stix_validator/schema/cybox/objects/Win_Driver_Object.xsd
new file mode 100755
index 0000000..f7d7f71
--- /dev/null
+++ b/stix_validator/schema/cybox/objects/Win_Driver_Object.xsd
@@ -0,0 +1,269 @@
+<?xml version="1.0" encoding="utf-8"?>
+<xs:schema xmlns:xs="http://www.w3.org/2001/XMLSchema" xmlns:WinDriverObj="http://cybox.mitre.org/objects#WinDriverObject-2" xmlns:cyboxCommon="http://cybox.mitre.org/common-2" targetNamespace="http://cybox.mitre.org/objects#WinDriverObject-2" elementFormDefault="qualified" attributeFormDefault="unqualified" version="2.0">
+	<xs:annotation>
+		<xs:documentation>This schema was originally developed by The MITRE Corporation. The CybOX XML Schema implementation is maintained by The MITRE Corporation and developed by the open CybOX Community. For more information, including how to get involved in the effort and how to submit change requests, please visit the CybOX website at http://cybox.mitre.org. </xs:documentation>
+		<xs:appinfo>
+			<schema>Win_Driver_Object</schema>
+			<version>2.0</version>
+			<date>02/11/2013 9:00:00 AM</date>
+			<short_description>The following specifies the fields and types that compose this defined CybOX Object type. Each defined object is an extension of the abstract ObjectPropertiesType, defined in CybOX Common. For more information on this extension mechanism, please see the CybOX Specification. This document is intended for developers and assumes some familiarity with XML. </short_description>
+			<terms_of_use>Copyright (c) 2012-2013, The MITRE Corporation. All rights reserved. The contents of this file are subject to the terms of the CybOX License located at http://cybox.mitre.org/about/termsofuse.html. See the CybOX License for the specific language governing permissions and limitations for use of this schema. When distributing copies of the CybOX Schema, this license header must be included. </terms_of_use>
+		</xs:appinfo>
+	</xs:annotation>
+	<xs:import namespace="http://cybox.mitre.org/common-2" schemaLocation="../cybox_common.xsd"/>
+	<xs:element name="Windows_Driver" type="WinDriverObj:WindowsDriverObjectType" nillable="true">
+		<xs:annotation>
+			<xs:documentation>The Windows_Driver object is intended to characterize Windows device drivers.</xs:documentation>
+		</xs:annotation>
+	</xs:element>
+	<xs:complexType name="WindowsDriverObjectType" mixed="false">
+		<xs:annotation>
+			<xs:documentation>The WindowsDriverObject type is intended to characterize Windows device drivers.</xs:documentation>
+		</xs:annotation>
+		<xs:complexContent>
+			<xs:extension base="cyboxCommon:ObjectPropertiesType">
+				<xs:sequence>
+					<xs:element name="Device_Object_List" type="WinDriverObj:DeviceObjectListType" minOccurs="0" maxOccurs="1">
+						<xs:annotation>
+							<xs:documentation>The Device_Object_List field specifies the device objects that were created by the driver.</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+					<xs:element name="Driver_Init" type="cyboxCommon:UnsignedLongObjectPropertyType" nillable="true" minOccurs="0" maxOccurs="1">
+						<xs:annotation>
+							<xs:documentation>The Driver_Init field specifies the entry point for the driver's DriverEntry routine. See also: http://msdn.microsoft.com/en-us/library/windows/hardware/ff544174(v=vs.85).aspx</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+					<xs:element name="Driver_Name" type="cyboxCommon:StringObjectPropertyType" minOccurs="0" maxOccurs="1">
+						<xs:annotation>
+							<xs:documentation>The Driver_Name field specifies the name of the driver.</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+					<xs:element name="Driver_Object_Address" type="cyboxCommon:HexBinaryObjectPropertyType" nillable="true" minOccurs="0" maxOccurs="1">
+						<xs:annotation>
+							<xs:documentation>The Driver_Object_Address field specifies the address to the driver's driver object, which contains the storage for the entry point to many of the driver's standard routines. See also: http://msdn.microsoft.com/en-us/library/windows/hardware/ff548034(v=vs.85).aspx</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+					<xs:element name="Driver_Start_IO" type="cyboxCommon:HexBinaryObjectPropertyType" nillable="true" minOccurs="0" maxOccurs="1">
+						<xs:annotation>
+							<xs:documentation>The Driver_Start_IO field specifies the entry point for the driver's StartIO routine. See also: http://msdn.microsoft.com/en-us/library/windows/hardware/ff544174(v=vs.85).aspx</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+					<xs:element name="Driver_Unload" type="cyboxCommon:HexBinaryObjectPropertyType" nillable="true" minOccurs="0" maxOccurs="1">
+						<xs:annotation>
+							<xs:documentation>The Driver_Unload field specifies the entry point for the driver's unload routine. See also: http://msdn.microsoft.com/en-us/library/windows/hardware/ff544174(v=vs.85).aspx</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+					<xs:element name="Image_Base" type="cyboxCommon:HexBinaryObjectPropertyType" nillable="true" minOccurs="0" maxOccurs="1">
+						<xs:annotation>
+							<xs:documentation>The Image_Base field specifies the preferred address of the first byte of the driver's image when it is loaded into memory.</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+					<xs:element name="Image_Size" type="cyboxCommon:HexBinaryObjectPropertyType" nillable="true" minOccurs="0" maxOccurs="1">
+						<xs:annotation>
+							<xs:documentation>The Image_Size field specifies the size of the driver's image, in bytes.</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+					<xs:element name="IRP_MJ_CLEANUP" type="cyboxCommon:UnsignedLongObjectPropertyType" nillable="true" minOccurs="0" maxOccurs="1">
+						<xs:annotation>
+							<xs:documentation>The IRP_MJ_CLEANUP field represents a count of the number of times the CLEANUP function code was processed by the driver.</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+					<xs:element name="IRP_MJ_CLOSE" type="cyboxCommon:UnsignedLongObjectPropertyType" nillable="true" minOccurs="0" maxOccurs="1">
+						<xs:annotation>
+							<xs:documentation>The IRP_MJ_CLOSE field represents a count of the number of times the CLOSE function code was processed by the driver.</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+					<xs:element name="IRP_MJ_CREATE" type="cyboxCommon:UnsignedLongObjectPropertyType" nillable="true" minOccurs="0" maxOccurs="1">
+						<xs:annotation>
+							<xs:documentation>The IRP_MJ_CREATE field represents a count of the number of times the CREATE function code was processed by the driver.</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+					<xs:element name="IRP_MJ_CREATE_MAILSLOT" type="cyboxCommon:UnsignedLongObjectPropertyType" nillable="true" minOccurs="0" maxOccurs="1">
+						<xs:annotation>
+							<xs:documentation>The IRP_MJ_CREATE_MAILSLOT field represents a count of the number of times the CREATE_MAILSLOT function code was processed by the driver.</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+					<xs:element name="IRP_MJ_CREATE_NAMED_PIPE" type="cyboxCommon:UnsignedLongObjectPropertyType" nillable="true" minOccurs="0" maxOccurs="1">
+						<xs:annotation>
+							<xs:documentation>The IRP_MJ_CREATE_NAMED_PIPE field represents a count of the number of times the CREATE_NAMED_PIPE function code was processed by the driver.</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+					<xs:element name="IRP_MJ_DEVICE_CHANGE" type="cyboxCommon:UnsignedLongObjectPropertyType" nillable="true" minOccurs="0" maxOccurs="1">
+						<xs:annotation>
+							<xs:documentation>The IRP_MJ_DEVICE_CHANGE field represents a count of the number of times the DEVICE_CHANGE function code was processed by the driver.</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+					<xs:element name="IRP_MJ_DEVICE_CONTROL" type="cyboxCommon:UnsignedLongObjectPropertyType" nillable="true" minOccurs="0" maxOccurs="1">
+						<xs:annotation>
+							<xs:documentation>The IRP_MJ_DEVICE_CONTROL field represents a count of the number of times the DEVICE_CONTROL function code was processed by the driver.</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+					<xs:element name="IRP_MJ_DIRECTORY_CONTROL" type="cyboxCommon:UnsignedLongObjectPropertyType" nillable="true" minOccurs="0" maxOccurs="1">
+						<xs:annotation>
+							<xs:documentation>The IRP_MJ_DIRECTORY_CONTROL field represents a count of the number of times the DIRECTORY_CONTROL function code was processed by the driver.</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+					<xs:element name="IRP_MJ_FILE_SYSTEM_CONTROL" type="cyboxCommon:UnsignedLongObjectPropertyType" nillable="true" minOccurs="0" maxOccurs="1">
+						<xs:annotation>
+							<xs:documentation>The IRP_MJ_FILE_SYSTEM_CONTROL field represents a count of the number of times the FILE_SYSTEM_CONTROL function code was processed by the driver.</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+					<xs:element name="IRP_MJ_FLUSH_BUFFERS" type="cyboxCommon:UnsignedLongObjectPropertyType" nillable="true" minOccurs="0" maxOccurs="1">
+						<xs:annotation>
+							<xs:documentation>The IRP_MJ_FLUSH_BUFFERS field represents a count of the number of times the FLUSH_BUFFERS function code was processed by the driver.</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+					<xs:element name="IRP_MJ_INTERNAL_DEVICE_CONTROL" type="cyboxCommon:UnsignedLongObjectPropertyType" nillable="true" minOccurs="0" maxOccurs="1">
+						<xs:annotation>
+							<xs:documentation>The IRP_MJ_INTERNAL_DEVICE_CONTROL field represents a count of the number of times the INTERNAL_DEVICE_CONTROL function code was processed by the driver.</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+					<xs:element name="IRP_MJ_LOCK_CONTROL" type="cyboxCommon:UnsignedLongObjectPropertyType" nillable="true" minOccurs="0" maxOccurs="1">
+						<xs:annotation>
+							<xs:documentation>The IRP_MJ_LOCK_CONROL field represents a count of the number of times the LOCK_CONROL function code was processed by the driver.</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+					<xs:element name="IRP_MJ_PNP" type="cyboxCommon:UnsignedLongObjectPropertyType" nillable="true" minOccurs="0" maxOccurs="1">
+						<xs:annotation>
+							<xs:documentation>The IRP_MJ_PNP field represents a count of the number of times the PNP function code was processed by the driver.</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+					<xs:element name="IRP_MJ_POWER" type="cyboxCommon:UnsignedLongObjectPropertyType" nillable="true" minOccurs="0" maxOccurs="1">
+						<xs:annotation>
+							<xs:documentation>The IRP_MJ_POWER field represents a count of the number of times the POWER function code was processed by the driver.</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+					<xs:element name="IRP_MJ_READ" type="cyboxCommon:UnsignedLongObjectPropertyType" nillable="true" minOccurs="0" maxOccurs="1">
+						<xs:annotation>
+							<xs:documentation>The IRP_MJ_READ field represents a count of the number of times the READ function code was processed by the driver.</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+					<xs:element name="IRP_MJ_QUERY_EA" type="cyboxCommon:UnsignedLongObjectPropertyType" nillable="true" minOccurs="0" maxOccurs="1">
+						<xs:annotation>
+							<xs:documentation>The IRP_MJ_QUERY_EA field represents a count of the number of times the QUERY_EA function code was processed by the driver.</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+					<xs:element name="IRP_MJ_QUERY_INFORMATION" type="cyboxCommon:UnsignedLongObjectPropertyType" nillable="true" minOccurs="0" maxOccurs="1">
+						<xs:annotation>
+							<xs:documentation>The IRP_MJ_QUERY_INFORMATION field represents a count of the number of times the QUERY_INFORMATION function code was processed by the driver.</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+					<xs:element name="IRP_MJ_QUERY_SECURITY" type="cyboxCommon:UnsignedLongObjectPropertyType" nillable="true" minOccurs="0" maxOccurs="1">
+						<xs:annotation>
+							<xs:documentation>The IRP_MJ_QUERY_SECURITY field represents a count of the number of times the QUERY_SECURITY function code was processed by the driver.</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+					<xs:element name="IRP_MJ_QUERY_QUOTA" type="cyboxCommon:UnsignedLongObjectPropertyType" nillable="true" minOccurs="0" maxOccurs="1">
+						<xs:annotation>
+							<xs:documentation>The IRP_MJ_QUERY_QUOTA field represents a count of the number of times the QUERY_QUOTA function code was processed by the driver.</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+					<xs:element name="IRP_MJ_QUERY_VOLUME_INFORMATION" type="cyboxCommon:UnsignedLongObjectPropertyType" nillable="true" minOccurs="0" maxOccurs="1">
+						<xs:annotation>
+							<xs:documentation>The IRP_MJ_QUERY_VOLUME_INFORMATION field represents a count of the number of times the QUERY_VOLUME_INFORMATION function code was processed by the driver.</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+					<xs:element name="IRP_MJ_SET_EA" type="cyboxCommon:UnsignedLongObjectPropertyType" nillable="true" minOccurs="0" maxOccurs="1">
+						<xs:annotation>
+							<xs:documentation>The IRP_MJ_SET_EA field represents a count of the number of times the SET_EA function code was processed by the driver.</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+					<xs:element name="IRP_MJ_SET_INFORMATION" type="cyboxCommon:UnsignedLongObjectPropertyType" nillable="true" minOccurs="0" maxOccurs="1">
+						<xs:annotation>
+							<xs:documentation>The IRP_MJ_SET_INFORMATION field represents a count of the number of times the SET_INFORMATION function code was processed by the driver.</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+					<xs:element name="IRP_MJ_SET_SECURITY" type="cyboxCommon:UnsignedLongObjectPropertyType" nillable="true" minOccurs="0" maxOccurs="1">
+						<xs:annotation>
+							<xs:documentation>The IRP_MJ_SET_SECURITY field represents a count of the number of times the SET_SECURITY function code was processed by the driver.</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+					<xs:element name="IRP_MJ_SET_QUOTA" type="cyboxCommon:UnsignedLongObjectPropertyType" nillable="true" minOccurs="0" maxOccurs="1">
+						<xs:annotation>
+							<xs:documentation>The IRP_MJ_SET_QUOTA field represents a count of the number of times the SET_QUOTA function code was processed by the driver.</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+					<xs:element name="IRP_MJ_SET_VOLUME_INFORMATION" type="cyboxCommon:UnsignedLongObjectPropertyType" nillable="true" minOccurs="0" maxOccurs="1">
+						<xs:annotation>
+							<xs:documentation>The IRP_MJ_SET_VOLUME_INFORMATION field represents a count of the number of times the SET_VOLUME_INFORMATION function code was processed by the driver.</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+					<xs:element name="IRP_MJ_SHUTDOWN" type="cyboxCommon:UnsignedLongObjectPropertyType" nillable="true" minOccurs="0" maxOccurs="1">
+						<xs:annotation>
+							<xs:documentation>The IRP_MJ_SHUTDOWN field represents a count of the number of times the SHUTDOWN function code was processed by the driver.</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+					<xs:element name="IRP_MJ_SYSTEM_CONTROL" type="cyboxCommon:UnsignedLongObjectPropertyType" nillable="true" minOccurs="0" maxOccurs="1">
+						<xs:annotation>
+							<xs:documentation>The IRP_MJ_SYSTEM_CONTROL field represents a count of the number of times the SYSTEM_CONTROL function code was processed by the driver.</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+					<xs:element name="IRP_MJ_WRITE" type="cyboxCommon:UnsignedLongObjectPropertyType" nillable="true" minOccurs="0" maxOccurs="1">
+						<xs:annotation>
+							<xs:documentation>The IRP_MJ_WRITE field represents a count of the number of times the WRITE function code was processed by the driver.</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+				</xs:sequence>
+			</xs:extension>
+		</xs:complexContent>
+	</xs:complexType>
+	<xs:complexType name="DeviceObjectStructType">
+		<xs:annotation>
+			<xs:documentation>The DeviceObjectStructType type specifies the properties of a device object. In this context, a device object represents a logical, virtual, or physical device for which a driver handles I/O requests. See also: http://msdn.microsoft.com/en-us/library/windows/hardware/ff543147(v=vs.85).aspx</xs:documentation>
+		</xs:annotation>
+		<xs:sequence>
+			<xs:element name="Attached_Device_Name" type="cyboxCommon:StringObjectPropertyType" minOccurs="0" maxOccurs="1">
+				<xs:annotation>
+					<xs:documentation>The Attached_Device_Name field specifies the name of another device object that was attached to this one. See also: http://msdn.microsoft.com/en-us/library/windows/hardware/ff543147(v=vs.85).aspx</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="Attached_Device_Object" type="cyboxCommon:UnsignedLongObjectPropertyType" nillable="true" minOccurs="0" maxOccurs="1">
+				<xs:annotation>
+					<xs:documentation>The Attached_Device_Object field specifies a pointer to another device object that was attached to this one. Typically this is a filter driver. See also: http://msdn.microsoft.com/en-us/library/windows/hardware/ff543147(v=vs.85).aspx</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="Attached_To_Device_Name" type="cyboxCommon:StringObjectPropertyType" minOccurs="0" maxOccurs="1">
+				<xs:annotation>
+					<xs:documentation>The Attached_To_Device_Name field specifies the name of another device object that this one was attached to.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="Attached_To_Device_Object" type="cyboxCommon:UnsignedLongObjectPropertyType" nillable="true" minOccurs="0" maxOccurs="1">
+				<xs:annotation>
+					<xs:documentation>The Attached_To_Device_Object field specifies a pointer to another device object that this one was attached to. </xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="Attached_To_Driver_Object" type="cyboxCommon:UnsignedLongObjectPropertyType" nillable="true" minOccurs="0" maxOccurs="1">
+				<xs:annotation>
+					<xs:documentation>The Attached_To_Driver_Object field specifies a pointer to the driver to which this device object was attached.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="Attached_To_Driver_Name" type="cyboxCommon:StringObjectPropertyType" minOccurs="0" maxOccurs="1">
+				<xs:annotation>
+					<xs:documentation>The Attached_To_Driver_Name field specifies the name of the driver to which this device object was attached.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="Device_Name" type="cyboxCommon:StringObjectPropertyType" minOccurs="0" maxOccurs="1">
+				<xs:annotation>
+					<xs:documentation>The Device_Name field specifies the name of the device object.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="Device_Object" type="cyboxCommon:UnsignedLongObjectPropertyType" nillable="true" minOccurs="0" maxOccurs="1">
+				<xs:annotation>
+					<xs:documentation>The Device_Object field specifies a pointer to the driver object for the caller.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+		</xs:sequence>
+	</xs:complexType>
+	<xs:complexType name="DeviceObjectListType">
+		<xs:annotation>
+			<xs:documentation>The DeviceObjectListType specifies a list of device objects.</xs:documentation>
+		</xs:annotation>
+		<xs:sequence>
+			<xs:element name="Device_Object_Struct" type="WinDriverObj:DeviceObjectStructType" maxOccurs="unbounded">
+				<xs:annotation>
+					<xs:documentation>The Device_Object _Struct field specifies a single device object utilizing the Windows Driver Device Object Struct.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+		</xs:sequence>
+	</xs:complexType>
+</xs:schema>
\ No newline at end of file
diff --git a/stix_validator/schema/cybox/objects/Win_Event_Log_Object.xsd b/stix_validator/schema/cybox/objects/Win_Event_Log_Object.xsd
new file mode 100755
index 0000000..5638545
--- /dev/null
+++ b/stix_validator/schema/cybox/objects/Win_Event_Log_Object.xsd
@@ -0,0 +1,137 @@
+<?xml version="1.0" encoding="utf-8"?>
+<xs:schema xmlns:xs="http://www.w3.org/2001/XMLSchema" xmlns:cyboxCommon="http://cybox.mitre.org/common-2" xmlns:WinEventLogObj="http://cybox.mitre.org/objects#WinEventLogObject-2" targetNamespace="http://cybox.mitre.org/objects#WinEventLogObject-2" elementFormDefault="qualified" attributeFormDefault="unqualified" version="2.0">
+	<xs:annotation>
+		<xs:documentation>This schema was originally developed by The MITRE Corporation. The CybOX XML Schema implementation is maintained by The MITRE Corporation and developed by the open CybOX Community. For more information, including how to get involved in the effort and how to submit change requests, please visit the CybOX website at http://cybox.mitre.org. </xs:documentation>
+		<xs:appinfo>
+			<schema>Win_Event_Log_Object</schema>
+			<version>2.0</version>
+			<date>02/11/2013 9:00:00 AM</date>
+			<short_description>The following specifies the fields and types that compose this defined CybOX Object type. Each defined object is an extension of the abstract ObjectPropertiesType, defined in CybOX Common. For more information on this extension mechanism, please see the CybOX Specification. This document is intended for developers and assumes some familiarity with XML. </short_description>
+			<terms_of_use>Copyright (c) 2012-2013, The MITRE Corporation. All rights reserved. The contents of this file are subject to the terms of the CybOX License located at http://cybox.mitre.org/about/termsofuse.html. See the CybOX License for the specific language governing permissions and limitations for use of this schema. When distributing copies of the CybOX Schema, this license header must be included. </terms_of_use>
+		</xs:appinfo>
+	</xs:annotation>
+	<xs:import namespace="http://cybox.mitre.org/common-2" schemaLocation="../cybox_common.xsd"/>
+	<xs:element name="Windows_Event_Log" type="WinEventLogObj:WindowsEventLogObjectType">
+		<xs:annotation>
+			<xs:documentation>The Windows_Event_Log object is intended to characterize entries in the Windows event log. Microsoft's Event schema is described at http://msdn.microsoft.com/en-us/library/aa385201 and the .NET API is described at http://msdn.microsoft.com/en-us/library/y80k1300.aspx</xs:documentation>
+		</xs:annotation>
+	</xs:element>
+	<xs:complexType name="WindowsEventLogObjectType" mixed="false">
+		<xs:annotation>
+			<xs:documentation>The WindowsEventLogObjectType type is intended to characterize entries in the Windows event log.</xs:documentation>
+		</xs:annotation>
+		<xs:complexContent>
+			<xs:extension base="cyboxCommon:ObjectPropertiesType">
+				<xs:sequence>
+					<xs:element name="EID" type="cyboxCommon:LongObjectPropertyType" minOccurs="0">
+						<xs:annotation>
+							<xs:documentation>The EID field specifies the ID of the event for which the event log entry was created.</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+					<xs:element name="Type" type="cyboxCommon:StringObjectPropertyType" minOccurs="0">
+						<xs:annotation>
+							<xs:documentation>The event type associated with the entry in the event log, e.g., warning, information, error.</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+					<xs:element name="Log" type="cyboxCommon:StringObjectPropertyType" minOccurs="0">
+						<xs:annotation>
+							<xs:documentation>The name of the log.</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+					<xs:element name="Message" type="cyboxCommon:StringObjectPropertyType" minOccurs="0">
+						<xs:annotation>
+							<xs:documentation>The rendered message string for the event.</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+					<xs:element name="Category_Num" type="cyboxCommon:LongObjectPropertyType" minOccurs="0">
+						<xs:annotation>
+							<xs:documentation>The event entry's category number, as defined by the source.</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+					<xs:element name="Category" type="cyboxCommon:StringObjectPropertyType" minOccurs="0">
+						<xs:annotation>
+							<xs:documentation>The text associated with Category_Num.</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+					<xs:element name="Generation_Time" type="cyboxCommon:DateTimeObjectPropertyType" minOccurs="0">
+						<xs:annotation>
+							<xs:documentation>The Generation_Time field specifies the date/time the event was generated.</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+					<xs:element name="Source" type="cyboxCommon:StringObjectPropertyType" minOccurs="0">
+						<xs:annotation>
+							<xs:documentation>What logged the event, typically the name of an application or sub-component.</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+					<xs:element name="Machine" type="cyboxCommon:StringObjectPropertyType" minOccurs="0">
+						<xs:annotation>
+							<xs:documentation>The name of the computer on which the event log entry was generated.</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+					<xs:element name="User" type="cyboxCommon:StringObjectPropertyType" minOccurs="0">
+						<xs:annotation>
+							<xs:documentation>The name of the user (the security ID) responsible for the event.</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+					<xs:element name="Blob" type="cyboxCommon:Base64BinaryObjectPropertyType" minOccurs="0">
+						<xs:annotation>
+							<xs:documentation>The event data as a binary blob.</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+					<xs:element name="Correlation_Activity_ID" type="cyboxCommon:StringObjectPropertyType" minOccurs="0">
+						<xs:annotation>
+							<xs:documentation>A globally unique identifier that identifies the current activity.</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+					<xs:element name="Correlation_Related_Activity_ID" type="cyboxCommon:StringObjectPropertyType" minOccurs="0">
+						<xs:annotation>
+							<xs:documentation>A globally unique identifier that identifies the activity to which control was transferred to.</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+					<xs:element name="Execution_Process_ID" type="cyboxCommon:StringObjectPropertyType" minOccurs="0">
+						<xs:annotation>
+							<xs:documentation>The Execution_Process_ID field specifies the Process ID (PID) of the process which created the event.</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+					<xs:element name="Execution_Thread_ID" type="cyboxCommon:StringObjectPropertyType" minOccurs="0">
+						<xs:annotation>
+							<xs:documentation>The Execution_Thread_ID field specifies the Thread ID (TID) of the thread which created the event.</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+					<xs:element name="Index" type="cyboxCommon:LongObjectPropertyType" minOccurs="0">
+						<xs:annotation>
+							<xs:documentation>The index of the event entry in the log.</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+					<xs:element name="Reserved" type="cyboxCommon:LongObjectPropertyType" minOccurs="0">
+						<xs:annotation>
+							<xs:documentation>A DWORD value that is always set to ELF_LOG_SIGNATURE (the value 0x654c664c), which is ASCII for eLfL.</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+					<xs:element name="Unformatted_Message_List" type="WinEventLogObj:UnformattedMessageListType" minOccurs="0">
+						<xs:annotation>
+							<xs:documentation>List of unformatted messages in the event log entry.</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+					<xs:element name="Write_Time" type="cyboxCommon:DateTimeObjectPropertyType" minOccurs="0">
+						<xs:annotation>
+							<xs:documentation>The Write_Time field specifies the date/time that the entry was written into the event log.</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+				</xs:sequence>
+			</xs:extension>
+		</xs:complexContent>
+	</xs:complexType>
+	<xs:complexType name="UnformattedMessageListType">
+		<xs:annotation>
+			<xs:documentation>The UnformattedMessageListType type is a list of unformatted messages in the event log entry.</xs:documentation>
+		</xs:annotation>
+		<xs:sequence>
+			<xs:element name="Unformatted_Message" type="cyboxCommon:StringObjectPropertyType" minOccurs="1" maxOccurs="unbounded">
+				<xs:annotation>
+					<xs:documentation>A single unformatted message in the event log entry.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+		</xs:sequence>
+	</xs:complexType>
+</xs:schema>
\ No newline at end of file
diff --git a/stix_validator/schema/cybox/objects/Win_Event_Object.xsd b/stix_validator/schema/cybox/objects/Win_Event_Object.xsd
new file mode 100755
index 0000000..d39670d
--- /dev/null
+++ b/stix_validator/schema/cybox/objects/Win_Event_Object.xsd
@@ -0,0 +1,80 @@
+<?xml version="1.0" encoding="utf-8"?>
+<xs:schema xmlns:xs="http://www.w3.org/2001/XMLSchema" xmlns:WinEventObj="http://cybox.mitre.org/objects#WinEventObject-2" xmlns:cyboxCommon="http://cybox.mitre.org/common-2" xmlns:WinHandleObj="http://cybox.mitre.org/objects#WinHandleObject-2" targetNamespace="http://cybox.mitre.org/objects#WinEventObject-2" elementFormDefault="qualified" attributeFormDefault="unqualified" version="2.0">
+	<xs:annotation>
+		<xs:documentation>This schema was originally developed by The MITRE Corporation. The CybOX XML Schema implementation is maintained by The MITRE Corporation and developed by the open CybOX Community. For more information, including how to get involved in the effort and how to submit change requests, please visit the CybOX website at http://cybox.mitre.org. </xs:documentation>
+		<xs:appinfo>
+			<schema>Win_Event_Object</schema>
+			<version>2.0</version>
+			<date>02/11/2013 9:00:00 AM</date>
+			<short_description>The following specifies the fields and types that compose this defined CybOX Object type. Each defined object is an extension of the abstract ObjectPropertiesType, defined in CybOX Common. For more information on this extension mechanism, please see the CybOX Specification. This document is intended for developers and assumes some familiarity with XML. </short_description>
+			<terms_of_use>Copyright (c) 2012-2013, The MITRE Corporation. All rights reserved. The contents of this file are subject to the terms of the CybOX License located at http://cybox.mitre.org/about/termsofuse.html. See the CybOX License for the specific language governing permissions and limitations for use of this schema. When distributing copies of the CybOX Schema, this license header must be included. </terms_of_use>
+		</xs:appinfo>
+	</xs:annotation>
+	<xs:import namespace="http://cybox.mitre.org/common-2" schemaLocation="../cybox_common.xsd"/>
+	<xs:import namespace="http://cybox.mitre.org/objects#WinHandleObject-2" schemaLocation="Win_Handle_Object.xsd"/>
+	<xs:element name="Windows_Event" type="WinEventObj:WindowsEventObjectType" nillable="true">
+		<xs:annotation>
+			<xs:documentation>The Windows_Event object is intended to characterize Windows event (synchronization) objects.</xs:documentation>
+		</xs:annotation>
+	</xs:element>
+	<xs:complexType name="WindowsEventObjectType" mixed="false">
+		<xs:annotation>
+			<xs:documentation>The WindowsEventObjectType type is intended to characterize Windows event (synchronization) objects.</xs:documentation>
+		</xs:annotation>
+		<xs:complexContent>
+			<xs:extension base="cyboxCommon:ObjectPropertiesType">
+				<xs:sequence>
+					<xs:element name="Handle" type="WinHandleObj:WindowsHandleObjectType" minOccurs="0">
+						<xs:annotation>
+							<xs:documentation>The Handle field specifies the handle to the Windows event object. It imports and uses the WindowsHandleObjectType type from the CybOX Windows Handle object.</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+					<xs:element name="Name" type="cyboxCommon:StringObjectPropertyType" minOccurs="0">
+						<xs:annotation>
+							<xs:documentation>The Name field specifies the name of the Windows event object.</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+					<xs:element name="Type" type="WinEventObj:WinEventType" minOccurs="0">
+						<xs:annotation>
+							<xs:documentation>The Type field specifies the type of the Windows event.</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+				</xs:sequence>
+			</xs:extension>
+		</xs:complexContent>
+	</xs:complexType>
+	<xs:complexType name="WinEventType">
+		<xs:annotation>
+			<xs:documentation>WinEventType specifies Windows event types, via a union of the WinEventTypeEnum type and the atomic xs:string type. Its base type is the CybOX Core BaseObjectPropertyType, for permitting complex (i.e. regular-expression based) specifications.</xs:documentation>
+		</xs:annotation>
+		<xs:simpleContent>
+			<xs:restriction base="cyboxCommon:BaseObjectPropertyType">
+				<xs:simpleType>
+					<xs:union memberTypes="WinEventObj:WinEventTypeEnum xs:string"/>
+				</xs:simpleType>
+				<xs:attribute name="datatype" type="cyboxCommon:DatatypeEnum" fixed="string">
+					<xs:annotation>
+						<xs:documentation>This attribute is optional and specifies the expected type for the value of the specified property.</xs:documentation>
+					</xs:annotation>
+				</xs:attribute>
+			</xs:restriction>
+		</xs:simpleContent>
+	</xs:complexType>
+	<xs:simpleType name="WinEventTypeEnum">
+		<xs:annotation>
+			<xs:documentation>The WinEventTypeEnum type is an enumeration of Windows synchronization event types. These are described in detail in http://msdn.microsoft.com/en-us/library/windows/desktop/ms682655(v=vs.85).aspx.</xs:documentation>
+		</xs:annotation>
+		<xs:restriction base="xs:string">
+			<xs:enumeration value="ManualReset">
+				<xs:annotation>
+					<xs:documentation>Indicates an event object whose state remains signaled until it is explicitly reset to nonsignaled by the ResetEvent function. While it is signaled, any number of waiting threads, or threads that subsequently specify the same event object in one of the wait functions, can be released.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="AutoReset">
+				<xs:annotation>
+					<xs:documentation>Indicates an event object whose state remains signaled until a single waiting thread is released, at which time the system automatically sets the state to nonsignaled. If no threads are waiting, the event object's state remains signaled. If more than one thread is waiting, a waiting thread is selected. Do not assume a first-in, first-out (FIFO) order. External events such as kernel-mode APCs can change the wait order.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+		</xs:restriction>
+	</xs:simpleType>
+</xs:schema>
\ No newline at end of file
diff --git a/stix_validator/schema/cybox/objects/Win_Executable_File_Object.xsd b/stix_validator/schema/cybox/objects/Win_Executable_File_Object.xsd
new file mode 100755
index 0000000..47931ee
--- /dev/null
+++ b/stix_validator/schema/cybox/objects/Win_Executable_File_Object.xsd
@@ -0,0 +1,1333 @@
+<?xml version="1.0" encoding="utf-8"?>
+<xs:schema xmlns:xs="http://www.w3.org/2001/XMLSchema" xmlns:WinExecutableFileObj="http://cybox.mitre.org/objects#WinExecutableFileObject-2" xmlns:cyboxCommon="http://cybox.mitre.org/common-2" xmlns:WinFileObj="http://cybox.mitre.org/objects#WinFileObject-2" targetNamespace="http://cybox.mitre.org/objects#WinExecutableFileObject-2" elementFormDefault="qualified" attributeFormDefault="unqualified" version="2.0">
+	<xs:annotation>
+		<xs:documentation>This schema was originally developed by The MITRE Corporation. The CybOX XML Schema implementation is maintained by The MITRE Corporation and developed by the open CybOX Community. For more information, including how to get involved in the effort and how to submit change requests, please visit the CybOX website at http://cybox.mitre.org. </xs:documentation>
+		<xs:appinfo>
+			<schema>Win_Executable_File_Object</schema>
+			<version>2.0</version>
+			<date>02/11/2013 9:00:00 AM</date>
+			<short_description>The following specifies the fields and types that compose this defined CybOX Object type. Each defined object is an extension of the abstract ObjectPropertiesType, defined in CybOX Common. For more information on this extension mechanism, please see the CybOX Specification. This document is intended for developers and assumes some familiarity with XML. </short_description>
+			<terms_of_use>Copyright (c) 2012-2013, The MITRE Corporation. All rights reserved. The contents of this file are subject to the terms of the CybOX License located at http://cybox.mitre.org/about/termsofuse.html. See the CybOX License for the specific language governing permissions and limitations for use of this schema. When distributing copies of the CybOX Schema, this license header must be included. </terms_of_use>
+		</xs:appinfo>
+	</xs:annotation>
+	<xs:import namespace="http://cybox.mitre.org/objects#WinFileObject-2" schemaLocation="Win_File_Object.xsd"/>
+	<xs:import namespace="http://cybox.mitre.org/common-2" schemaLocation="../cybox_common.xsd"/>
+	<xs:element name="Windows_Executable_File" type="WinExecutableFileObj:WindowsExecutableFileObjectType" nillable="true">
+		<xs:annotation>
+			<xs:documentation>The Windows_Executable_File object is intended to characterize Windows PE (Portable Executable) files. Sources of information: Matt Pietrik's articles in MSDN Magazine (http://msdn.microsoft.com/en-us/magazine/cc301805.aspx and http://msdn.microsoft.com/en-us/magazine/cc301808.aspx); Microsoft's specification of PE and COFF (http://msdn.microsoft.com/library/windows/hardware/gg463125); LUEVELSMEYER's description (http://webster.cs.ucr.edu/Page_TechDocs/pe.txt). </xs:documentation>
+		</xs:annotation>
+	</xs:element>
+	<xs:element name="Resource" type="WinExecutableFileObj:PEResourceType">
+		<xs:annotation>
+			<xs:documentation>The Resource field characterizes an abstract PE file resource.</xs:documentation>
+		</xs:annotation>
+	</xs:element>
+	<xs:element name="VersionInfoResource" substitutionGroup="WinExecutableFileObj:Resource" type="WinExecutableFileObj:PEVersionInfoResourceType">
+		<xs:annotation>
+			<xs:documentation>The VersionInfoResource field characterizes a Version resource that uses the VERSIONINFO resource.</xs:documentation>
+		</xs:annotation>
+	</xs:element>
+	<xs:complexType name="WindowsExecutableFileObjectType" mixed="false">
+		<xs:annotation>
+			<xs:documentation>The WindowsExecutableFileObjectType type is intended to characterize Windows PE (Portable Executable) files.</xs:documentation>
+		</xs:annotation>
+		<xs:complexContent>
+			<xs:extension base="WinFileObj:WindowsFileObjectType">
+				<xs:sequence minOccurs="1">
+					<xs:element minOccurs="0" name="Build_Information" type="WinExecutableFileObj:PEBuildInformationType">
+						<xs:annotation>
+							<xs:documentation>The Build_Information field specifies some information on the tools used to build the PE binary.</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+					<xs:element name="Digital_Signature" type="cyboxCommon:DigitalSignatureInfoType" minOccurs="0" maxOccurs="1">
+						<xs:annotation>
+							<xs:documentation>The Digital_Signature field specifies the information about the digital signature used to sign the PE binary.</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+					<xs:element name="Exports" type="WinExecutableFileObj:PEExportsType" minOccurs="0" maxOccurs="1">
+						<xs:annotation>
+							<xs:documentation>The Exports field characterizes the PE Export table of the PE Binary.</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+					<xs:element name="Extraneous_Bytes" type="cyboxCommon:IntegerObjectPropertyType" nillable="true" minOccurs="0" maxOccurs="1">
+						<xs:annotation>
+							<xs:documentation>The Extraneous_Bytes field specifies the number of extraneous bytes contained in the PE binary.</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+					<xs:element name="Headers" type="WinExecutableFileObj:PEHeadersType" minOccurs="0">
+						<xs:annotation>
+							<xs:documentation>The Headers property contains fields for characterizing aspects the various types of PE headers.</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+					<xs:element name="Imports" type="WinExecutableFileObj:PEImportListType" minOccurs="0">
+						<xs:annotation>
+							<xs:documentation>The Imports property characterizes the PE Import Table of the binary.</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+					<xs:element name="PE_Checksum" type="WinExecutableFileObj:PEChecksumType" minOccurs="0" maxOccurs="1">
+						<xs:annotation>
+							<xs:documentation>The PE_Checksum property specifies the checksum of the PE file.</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+					<xs:element name="Resources" type="WinExecutableFileObj:PEResourceListType" minOccurs="0">
+						<xs:annotation>
+							<xs:documentation>The Resources field characterizes the PE Resources of the binary.</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+					<xs:element name="Sections" type="WinExecutableFileObj:PESectionListType" minOccurs="0" maxOccurs="1">
+						<xs:annotation>
+							<xs:documentation>The Sections field characterizes the PE Sections of the binary.</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+					<xs:element name="Type" type="WinExecutableFileObj:PEType" minOccurs="0" maxOccurs="1">
+						<xs:annotation>
+							<xs:documentation>The Type specifies the particular type of the PE binary, e.g. Executable.</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+				</xs:sequence>
+			</xs:extension>
+		</xs:complexContent>
+	</xs:complexType>
+	<xs:complexType name="PEChecksumType">
+		<xs:annotation>
+			<xs:documentation>The PECheckSumType records the checksum of the PE file, both as found in the file and computed.</xs:documentation>
+		</xs:annotation>
+		<xs:sequence>
+			<xs:element name="PE_Computed_API" type="cyboxCommon:LongObjectPropertyType" minOccurs="0" maxOccurs="1">
+				<xs:annotation>
+					<xs:documentation>PE_Computed_API specifies a checksum computed by an external algorithm.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="PE_File_API" type="cyboxCommon:LongObjectPropertyType" minOccurs="0" maxOccurs="1">
+				<xs:annotation>
+					<xs:documentation>PE_File_API specifed the checksum computed by IMAGHELP.DLL.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="PE_File_Raw" type="cyboxCommon:LongObjectPropertyType" minOccurs="0" maxOccurs="1">
+				<xs:annotation>
+					<xs:documentation>PE_File_Raw specifies the checksum found in the PE file (in the Optional Header).</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+		</xs:sequence>
+	</xs:complexType>
+	<xs:complexType name="PEExportsType">
+		<xs:annotation>
+			<xs:documentation>PEExportsType specifies the PE File exports data section. The exports data section contains information about symbols exported by the PE File (a DLL) which can be dynamically loaded by other executables. This type abstracts, and its components, abstract the Windows structures.</xs:documentation>
+		</xs:annotation>
+		<xs:sequence>
+			<xs:element name="Exported_Functions" type="WinExecutableFileObj:PEExportedFunctionsType" minOccurs="0" maxOccurs="1">
+				<xs:annotation>
+					<xs:documentation>A list of the exported functions in this section.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="Exports_Time_Stamp" type="cyboxCommon:DateTimeObjectPropertyType" nillable="true" minOccurs="0" maxOccurs="1">
+				<xs:annotation>
+					<xs:documentation>The date and time the export data was created.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="Number_Of_Addresses" type="cyboxCommon:LongObjectPropertyType" nillable="true" minOccurs="0" maxOccurs="1">
+				<xs:annotation>
+					<xs:documentation>The number of addresses in the export data section's address table.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="Number_Of_Names" type="cyboxCommon:LongObjectPropertyType" nillable="true" minOccurs="0" maxOccurs="1">
+				<xs:annotation>
+					<xs:documentation>The number of names in the export data section's name table.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+		</xs:sequence>
+	</xs:complexType>
+	<xs:complexType name="PEExportedFunctionsType">
+		<xs:annotation>
+			<xs:documentation>PEExportedFunctionsType specifies a list of PE exported functions</xs:documentation>
+		</xs:annotation>
+		<xs:sequence>
+			<xs:element name="Exported_Function" type="WinExecutableFileObj:PEExportedFunctionType" maxOccurs="unbounded">
+				<xs:annotation>
+					<xs:documentation>Specifies a single field in the list of exported functions.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+		</xs:sequence>
+	</xs:complexType>
+	<xs:complexType name="PESectionListType">
+		<xs:annotation>
+			<xs:documentation>Specifies a list of sections that appear in the PE file.</xs:documentation>
+		</xs:annotation>
+		<xs:sequence>
+			<xs:element name="Section" type="WinExecutableFileObj:PESectionType" nillable="true" minOccurs="1" maxOccurs="unbounded">
+				<xs:annotation>
+					<xs:documentation>Specifies an field of a list of PE file sections.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+		</xs:sequence>
+	</xs:complexType>
+	<xs:complexType name="EntropyType">
+		<xs:annotation>
+			<xs:documentation>Specifies the result of an entropy computation.</xs:documentation>
+		</xs:annotation>
+		<xs:sequence>
+			<xs:element name="Value" type="cyboxCommon:FloatObjectPropertyType" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>Specifies the computed entropy value.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="Min" type="cyboxCommon:FloatObjectPropertyType" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>Specifies the smallest possible value for the entropy computation.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="Max" type="cyboxCommon:FloatObjectPropertyType" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>Specifies the largest possible value for the entropy computation (eg., this would be 8 if the entropy computations is based on bits of information).</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+		</xs:sequence>
+	</xs:complexType>
+	<xs:complexType name="PEImportType">
+		<xs:annotation>
+			<xs:documentation>The PEImportType type is intended as container for the properties relevant to PE binary imports.</xs:documentation>
+		</xs:annotation>
+		<xs:sequence>
+			<xs:element name="File_Name" type="cyboxCommon:StringObjectPropertyType" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>The File_Name field specifies the name of the library (file) that the PE binary imports.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="Imported_Functions" type="WinExecutableFileObj:PEImportedFunctionsType" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>The Imported_Functions field is used to enumerate any functions imported from a particular library.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="Virtual_Address" type="cyboxCommon:HexBinaryObjectPropertyType" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>The Virtual_Address field specifies the relative virtual address (RVA) of the PE binary library import.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+		</xs:sequence>
+		<xs:attribute name="delay_load" type="xs:boolean">
+			<xs:annotation>
+				<xs:documentation>The delay_load field is a boolean value that is intended to describe whether a PE binary import is delay-load or not.</xs:documentation>
+			</xs:annotation>
+		</xs:attribute>
+		<xs:attribute name="initially_visible" type="xs:boolean">
+			<xs:annotation>
+				<xs:documentation>The initially_visible field refers to whether the import is initially visible, with regards to being initially visible or hidden in relation to PE binary packing. A packed binary will typically have few initially visible imports, and thus it is necessary to make the distinction between those that are visible initially or only after the binary is unpacked.</xs:documentation>
+			</xs:annotation>
+		</xs:attribute>
+	</xs:complexType>
+	<xs:complexType name="PEImportedFunctionsType">
+		<xs:annotation>
+			<xs:documentation>A list of PE imported functions</xs:documentation>
+		</xs:annotation>
+		<xs:sequence>
+			<xs:element name="Imported_Function" type="WinExecutableFileObj:PEImportedFunctionType" maxOccurs="unbounded">
+				<xs:annotation>
+					<xs:documentation>Specifies a single field in a list of imported functions.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+		</xs:sequence>
+	</xs:complexType>
+	<xs:complexType name="PEResourceType">
+		<xs:annotation>
+			<xs:documentation>The PEResourceType type is intended as container for the properties relevant to PE binary resources.</xs:documentation>
+		</xs:annotation>
+		<xs:sequence>
+			<xs:element name="Type" type="WinExecutableFileObj:PEResourceTypeEnum" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>This field refers to the type of data referred to by this resource.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="Name" type="cyboxCommon:StringObjectPropertyType" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>The Name field specifies the name of the resource used by the PE binary.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="Hashes" type="cyboxCommon:HashListType" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>The Hashes field is used to include any hash values computed using the specified PE binary resource as input.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+		</xs:sequence>
+	</xs:complexType>
+	<xs:complexType name="PEVersionInfoResourceType">
+		<xs:annotation>
+			<xs:documentation>The PEVersionInfoResourceType characterizes the special VERSIONINFO resource type. For more information please see: http://msdn.microsoft.com/en-us/library/windows/desktop/aa381058(v=vs.85).aspx</xs:documentation>
+		</xs:annotation>
+		<xs:complexContent>
+			<xs:extension base="WinExecutableFileObj:PEResourceType">
+				<xs:sequence>
+					<xs:element minOccurs="0" name="Comments" type="cyboxCommon:StringObjectPropertyType">
+						<xs:annotation>
+							<xs:documentation>The Comments field captures any additional information that should be displayed for diagnostic purposes.</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+					<xs:element minOccurs="0" name="CompanyName" type="cyboxCommon:StringObjectPropertyType">
+						<xs:annotation>
+							<xs:documentation>The CompanyName field captures the company that produced the file - for example, "Microsoft Corporation" or "Standard Microsystems Corporation, Inc." </xs:documentation>
+						</xs:annotation>
+					</xs:element>
+					<xs:element minOccurs="0" name="FileDescription" type="cyboxCommon:StringObjectPropertyType">
+						<xs:annotation>
+							<xs:documentation>The FileDescription field captures the file description to be presented to users. This string may be displayed in a list box when the user is choosing files to install - for example, "Keyboard Driver for AT-Style Keyboards". </xs:documentation>
+						</xs:annotation>
+					</xs:element>
+					<xs:element minOccurs="0" name="FileVersion" type="cyboxCommon:StringObjectPropertyType">
+						<xs:annotation>
+							<xs:documentation>The FileVersion field captures the version number of the file - for example, "3.10" or "5.00.RC2". </xs:documentation>
+						</xs:annotation>
+					</xs:element>
+					<xs:element minOccurs="0" name="InternalName" type="cyboxCommon:StringObjectPropertyType">
+						<xs:annotation>
+							<xs:documentation>The InternalName field captures the internal name of the file, if one exists - for example, a module name if the file is a dynamic-link library. If the file has no internal name, this string should be the original filename, without extension.</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+					<xs:element minOccurs="0" name="LangID" type="cyboxCommon:StringObjectPropertyType">
+						<xs:annotation>
+							<xs:documentation>The LangID field captures the localization language identifier specified in the version-information resource.</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+					<xs:element minOccurs="0" name="LegalCopyright" type="cyboxCommon:StringObjectPropertyType">
+						<xs:annotation>
+							<xs:documentation>The LegalCopyright field captures the copyright notices that apply to the file. This should include the full text of all notices, legal symbols, copyright dates, and so on. </xs:documentation>
+						</xs:annotation>
+					</xs:element>
+					<xs:element minOccurs="0" name="LegalTrademarks" type="cyboxCommon:StringObjectPropertyType">
+						<xs:annotation>
+							<xs:documentation>The LegalTrademarks field captures the trademarks and registered trademarks that apply to the file. This should include the full text of all notices, legal symbols, trademark numbers, and so on. </xs:documentation>
+						</xs:annotation>
+					</xs:element>
+					<xs:element minOccurs="0" name="OriginalFilename" type="cyboxCommon:StringObjectPropertyType">
+						<xs:annotation>
+							<xs:documentation>The OriginalFilename field captures the original name of the file, not including a path. This information enables an application to determine whether a file has been renamed by a user. The format of the name depends on the file system for which the file was created. </xs:documentation>
+						</xs:annotation>
+					</xs:element>
+					<xs:element minOccurs="0" name="PrivateBuild" type="cyboxCommon:StringObjectPropertyType">
+						<xs:annotation>
+							<xs:documentation>The PrivateBuild field captures the information about a private version of the file - for example, "Built by TESTER1 on \TESTBED". This string should be present only if VS_FF_PRIVATEBUILD is specified in the fileflags parameter of the root block.</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+					<xs:element minOccurs="0" name="ProductName" type="cyboxCommon:StringObjectPropertyType">
+						<xs:annotation>
+							<xs:documentation>The ProductName field captures the name of the product with which the file is distributed. This string is required.</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+					<xs:element minOccurs="0" name="ProductVersion" type="cyboxCommon:StringObjectPropertyType">
+						<xs:annotation>
+							<xs:documentation>The ProductVersion field captures the version of the product with which the file is distributed - for example, "3.10" or "5.00.RC2".</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+					<xs:element minOccurs="0" name="SpecialBuild" type="cyboxCommon:StringObjectPropertyType">
+						<xs:annotation>
+							<xs:documentation>The SpecialBuild field captures the text that indicates how this version of the file differs from the standard version - for example, "Private build for TESTER1 solving mouse problems on M250 and M250E computers". This string should be present only if VS_FF_SPECIALBUILD is specified in the fileflags parameter of the root block.</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+				</xs:sequence>
+			</xs:extension>
+		</xs:complexContent>
+	</xs:complexType>
+	<xs:complexType name="PEExportedFunctionType">
+		<xs:annotation>
+			<xs:documentation>PEExportType sepcifies the type describing exported functions.</xs:documentation>
+		</xs:annotation>
+		<xs:sequence>
+			<xs:element name="Function_Name" type="cyboxCommon:StringObjectPropertyType" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>The Function_Name field specifies the name of the function exported by the PE binary.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="Entry_Point" type="cyboxCommon:HexBinaryObjectPropertyType" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>The Entry_Point field specifies the entry point of the function exported by the PE binary.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="Ordinal" type="cyboxCommon:NonNegativeIntegerObjectPropertyType" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>The Ordinal field specifies the ordinal value (index) of the function exported by the PE binary.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+		</xs:sequence>
+	</xs:complexType>
+	<xs:complexType name="PEResourceListType">
+		<xs:annotation>
+			<xs:documentation>PEResourceListType specifies a list of resources found in the PE file.</xs:documentation>
+		</xs:annotation>
+		<xs:sequence>
+			<xs:element maxOccurs="unbounded" ref="WinExecutableFileObj:Resource">
+				<xs:annotation>
+					<xs:documentation>Specifies an field of a list of resources.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+		</xs:sequence>
+	</xs:complexType>
+	<xs:complexType name="PEImportedFunctionType">
+		<xs:annotation>
+			<xs:documentation>PEImportedFunctionType specifies the type describing imported functions.</xs:documentation>
+		</xs:annotation>
+		<xs:sequence>
+			<xs:element name="Function_Name" type="cyboxCommon:StringObjectPropertyType" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>The Function_Name field specifies the name of the function from the specified library that the PE binary imports.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="Hint" type="cyboxCommon:HexBinaryObjectPropertyType" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>The Hint field specifies the index into the export table of the library that the function is found in.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="Ordinal" type="cyboxCommon:NonNegativeIntegerObjectPropertyType" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>The Ordinal field specifies the ordinal value (index) of the function in the library that is found in.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="Bound" type="cyboxCommon:HexBinaryObjectPropertyType" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>The Bound field specifies the precomputed address if the imported function is bound.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="Virtual_Address" type="cyboxCommon:HexBinaryObjectPropertyType" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>The Virtual_Address field specifies the relative virtual address (RVA) of the PE binary library imported function.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+		</xs:sequence>
+	</xs:complexType>
+	<xs:complexType name="PEImportListType">
+		<xs:annotation>
+			<xs:documentation>PEImportListType specifies a list of functions in an import data section.</xs:documentation>
+		</xs:annotation>
+		<xs:sequence>
+			<xs:element name="Import" type="WinExecutableFileObj:PEImportType" maxOccurs="unbounded">
+				<xs:annotation>
+					<xs:documentation>Specifies a single field in a list of imported functions.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+		</xs:sequence>
+	</xs:complexType>
+	<xs:complexType name="PESectionType">
+		<xs:annotation>
+			<xs:documentation>The PESectionType type is intended as container for the properties relevant to PE binary sections. A PE Section consists of a header and data. The PESectionType contains properties that describe the Section Header and metadata computed about the section (e.g., hashes, entropy). </xs:documentation>
+		</xs:annotation>
+		<xs:sequence>
+			<xs:element name="Section_Header" type="WinExecutableFileObj:PESectionHeaderStructType" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>The Section_Header property contains characteristics of the section's section header structure.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="Data_Hashes" type="cyboxCommon:HashListType" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>The Data_Hashes field is used to include any hash values computed using the data contained in the specified PE binary section as input.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="Entropy" type="WinExecutableFileObj:EntropyType" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>The Entropy field specifies the calculated entropy of the PE binary section. </xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="Header_Hashes" type="cyboxCommon:HashListType" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>The Header_Hashes field is used to include any hash values computed using the header of the specified PE binary section as input.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="Type" type="WinExecutableFileObj:SectionType" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>Specifies the type of the section.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+		</xs:sequence>
+	</xs:complexType>
+	<xs:complexType name="PEDataDirectoryStructType">
+		<xs:annotation>
+			<xs:documentation>The PEDataDirectoryStruct type is intended as container for the properties relevant to a PE binary's data directory structure.</xs:documentation>
+		</xs:annotation>
+		<xs:sequence>
+			<xs:element name="Virtual_Address" type="cyboxCommon:HexBinaryObjectPropertyType" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>The Virtual_Address field specifies the relative virtual address (RVA) of the data structure.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="Size" type="cyboxCommon:NonNegativeIntegerObjectPropertyType" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>The size field specifies the size of the data structure, in bytes.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+		</xs:sequence>
+	</xs:complexType>
+	<xs:complexType name="PESectionHeaderStructType">
+		<xs:annotation>
+			<xs:documentation>The PESectionHeaderStruct type is intended as container for the properties relevant to a PE binary's section header structure.</xs:documentation>
+		</xs:annotation>
+		<xs:sequence>
+			<xs:element name="Name" type="cyboxCommon:StringObjectPropertyType" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>The Name field specifies the name of the PE binary section.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="Virtual_Size" type="cyboxCommon:HexBinaryObjectPropertyType" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>The Virtual_Size field is the total size of the PE binary section when loaded into memory. It is valid only for executables and should be 0 for object files.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="Virtual_Address" type="cyboxCommon:HexBinaryObjectPropertyType" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>The Virtual_Address field specifies the relative virtual address (RVA) of the PE binary section.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="Size_Of_Raw_Data" type="cyboxCommon:HexBinaryObjectPropertyType" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>The Size_Of_Raw_Data field specifies the size of the data contained in the PE binary section.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="Pointer_To_Raw_Data" type="cyboxCommon:HexBinaryObjectPropertyType" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>The Pointer_To_Raw_Data field specifies the file offset of the beginning of the PE binary section.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="Pointer_To_Relocations" type="cyboxCommon:HexBinaryObjectPropertyType" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>The Pointer_To_Relocations field specifies the offset of the PE binary section relocations, if applicable.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="Pointer_To_Linenumbers" type="cyboxCommon:HexBinaryObjectPropertyType" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>Specifies the beginning of line-number entries for the section. Should be 0.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="Number_Of_Relocations" type="cyboxCommon:NonNegativeIntegerObjectPropertyType" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>The Number_Of_Relocations field specifies the number of relocations defined for the specified PE binary section.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="Number_Of_Linenumbers" type="cyboxCommon:NonNegativeIntegerObjectPropertyType" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>Specifies the number of line number entreis for the section. Should be 0.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="Characteristics" type="cyboxCommon:HexBinaryObjectPropertyType" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>The Characteristics field specifies any flags defined for the specified PE binary section.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+		</xs:sequence>
+	</xs:complexType>
+	<xs:complexType name="DOSHeaderType">
+		<xs:annotation>
+			<xs:documentation>The DOSHeaderType type is a container for the characteristics of the _IMAGE_DOS_HEADER structure, which can be found in Winnt.h and pe.h. See http://www.csn.ul.ie/~caolan/pub/winresdump/winresdump/doc/pefile.html for more information about the winnt.h file, and http://www.tavi.co.uk/phobos/exeformat.html for even more clarification.</xs:documentation>
+		</xs:annotation>
+		<xs:sequence>
+			<xs:element name="e_magic" type="cyboxCommon:HexBinaryObjectPropertyType" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>Specifies the magic number, specifically the Windows OS signature value, which can either take on MZ for DOS (which is, for all intensive purposes, MOST Windows executables), NE for OS2, LE for OS2 LE, or PE00 for NT.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="e_cblp" type="cyboxCommon:HexBinaryObjectPropertyType" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>Specifies the number of bytes actually used in the last page, with the special case of a full page being represented by a value of zero (since the last page is never empty). For example, assuming a page size of 512 bytes, this value would be 0x0000 for a 1024 byte file, and 0x0001 for a 1025 byte file (since it only contains one valid byte).</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="e_cp" type="cyboxCommon:HexBinaryObjectPropertyType" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>Specifies the the number of pages required to hold the file. For example, if the file contains 1024 bytes, and we assume the file has pages of a size of 512 bytes, this word would contain 0x0002; if the file contains 1025 bytes, this word would contain 0x0003.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="e_crlc" type="cyboxCommon:HexBinaryObjectPropertyType" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>Specifies the number of relocation items, i.e. the number of entries that exist in the relocation pointer table. If there are no relocation entries, this value is zero.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="e_cparhdr" type="cyboxCommon:HexBinaryObjectPropertyType" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>Specifies the size of the executable header in terms of paragraphs (16 byte chunks). It indicates the offset of the program's compiled/assembled and linked image (the load module) within the executable file. The size of the load module can be deduced by subtracting this value (converted to bytes) from the overall file size derived from combining the e_cp (number of file pages) and e_cblp (number of bytes in last page) values. The header always spans an even number of paragraphs.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="e_minalloc" type="cyboxCommon:HexBinaryObjectPropertyType" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>Specifies the minimum number of extra paragraphs needed to be allocated to begin execution. This is IN ADDITION to the memory required to hold the load module. This value normally represents the total size of any uninitialised data and/or stack segments that are linked at the end of a program. This space is not directly included in the load module, since there are no particular initializing values and it would simply waste disk space.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="e_maxalloc" type="cyboxCommon:HexBinaryObjectPropertyType" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>Specifies the maximum number of extra paragraphs needed to be allocated by the program before it begins execution. This indicates ADDITIONAL memory over and above that required by the load module and the value specified by MINALLOC. If the request cannot be satisfied, the program is allocated as much memory as is available.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="e_ss" type="cyboxCommon:HexBinaryObjectPropertyType" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>Specifies the initial SS value, which is the paragraph address of the stack segment relative to the start of the load module. At load time, this value is relocated by adding the address of the start segment of the program to it, and the resulting value is placed in the SS register before the program is started. In DOS, the start segment of the program is the first segment boundary in memory after the PSP.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="e_sp" type="cyboxCommon:HexBinaryObjectPropertyType" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>Specifies the initial SP value, which is the absolute value that must be loaded into the SP register before the program is given control. Since the actual stack segment is determined by the loader, and this is merely a value within that segment, it does not need to be relocated.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="e_csum" type="cyboxCommon:HexBinaryObjectPropertyType" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>Specifies the checksum of the contents of the executable file. It is used to ensure the integrity of the data within the file. For full details on how this checksum is calculated, see http://www.tavi.co.uk/phobos/exeformat.html#checksum.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="e_ip" type="cyboxCommon:HexBinaryObjectPropertyType" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>Specifies the initial IP value, which is the absolute value that should be loaded into the IP register in order to transfer control to the program. Since the actual code segment is determined by the loader, and this is merely a value within that segment, it does not need to be relocated.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="e_cs" type="cyboxCommon:HexBinaryObjectPropertyType" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>Specifies the pre-relocated initial CS value, relative to the start of the load module, that should be placed in the CS register in order to transfer control to the program. At load time, this value is relocated by adding the address of the start segment of the program to it, and the resulting value is placed in the CS register when control is transferred.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="e_lfarlc" type="cyboxCommon:HexBinaryObjectPropertyType" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>Specifies the file address of the relocation table, or more specifically, the offset from the start of the file to the relocation pointer table. This value must be used to locate the relocation pointer table (rather than assuming a fixed location) because variable-length information pertaining to program overlays can occur before this table, causing its position to vary. A value of 0x40 in this field generally indicates a different kind of executable file, not a DOS 'MZ' type.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="e_ovro" type="cyboxCommon:HexBinaryObjectPropertyType" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>Specifies the overlay number, which is normally set to 0x0000, because few programs actually have overlays. It changes only in files containing programs that use overlays. See http://www.tavi.co.uk/phobos/exeformat.html#overlaynote for more information about overlays.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="reserved1" type="cyboxCommon:HexBinaryObjectPropertyType" minOccurs="0" maxOccurs="4">
+				<xs:annotation>
+					<xs:documentation>Specifies reserved words for the program (known in winnt.h as e_res[4]), usually set to zero by the linker. In this case, just use a single reserved1 set to zero; if not zero create four reserved1 with the correct value.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="e_oemid" type="cyboxCommon:HexBinaryObjectPropertyType" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>Specifies the identifier for the OEM for e_oeminfo.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="e_oeminfo" type="cyboxCommon:HexBinaryObjectPropertyType" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>Specifies the OEM information for a specific value of e_oeminfo.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="reserved2" type="cyboxCommon:HexBinaryObjectPropertyType" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>Specifies reserved words for the program (known in winnt.h as e_res[10]), usually set to zero by the linker. In this case, just use a single reserved1 set to zero; if not zero create ten reserved1 with the correct value.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="e_lfanew" type="cyboxCommon:HexBinaryObjectPropertyType" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>Specifies the file adress of the of the new exe header. In particular, it is a 4-byte offset into the file where the PE file header is located. It is necessary to use this offset to locate the PE header in the file.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="Hashes" type="cyboxCommon:HashListType" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>The Hashes field is used to include any hash values computed using the specified PE binary MS-DOS header as input.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+		</xs:sequence>
+	</xs:complexType>
+	<xs:complexType name="PEHeadersType">
+		<xs:annotation>
+			<xs:documentation>PEHeaderType specifies the headers found in PE and COFF files.</xs:documentation>
+		</xs:annotation>
+		<xs:sequence>
+			<xs:element name="DOS_Header" type="WinExecutableFileObj:DOSHeaderType" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>The DOS_Header property refers to the MS-DOS PE header and its associated characteristics.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="Signature" type="cyboxCommon:HexBinaryObjectPropertyType" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>The Signature property specifies the 4-bytes sugnature that identifies the file as a PE file.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="File_Header" type="WinExecutableFileObj:PEFileHeaderType" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>The File_Header property refers to the PE file header (somtimes referred to as the COFF header) and its associated characteristics.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="Optional_Header" type="WinExecutableFileObj:PEOptionalHeaderType" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>The Optional_Header field refers to the PE optional header and its associated characteristics. The Optional Header is required for executable (PE) files, but optional for object (COFF) files.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="Entropy" type="WinExecutableFileObj:EntropyType" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>The Entropy field specifies the calculated entropy of the PE file header. </xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="Hashes" type="cyboxCommon:HashListType" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>The Hashes field is used to include any hash values computed using the specified PE binary file header as input.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+		</xs:sequence>
+	</xs:complexType>
+	<xs:complexType name="PEFileHeaderType">
+		<xs:annotation>
+			<xs:documentation>The PEFileHeaderType type refers to the PE file header (somtimes referred to as the COFF header) and its associated characteristics.</xs:documentation>
+		</xs:annotation>
+		<xs:sequence>
+			<xs:element name="Machine" type="cyboxCommon:HexBinaryObjectPropertyType" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>Specifies the type of target machine.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="Number_Of_Sections" type="cyboxCommon:NonNegativeIntegerObjectPropertyType" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>Specifies the number of sections in the file.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="Time_Date_Stamp" type="cyboxCommon:HexBinaryObjectPropertyType" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>Specifies the time when the file was created (the low 32 bits of the number of seconds since epoch).</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="Pointer_To_Symbol_Table" type="cyboxCommon:HexBinaryObjectPropertyType" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>Specifies the file offset of the COFF symbol table (should be 0).</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="Number_Of_Symbols" type="cyboxCommon:NonNegativeIntegerObjectPropertyType" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>Specifies the number of entries in the symbol table. Should be 0.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="Size_Of_Optional_Header" type="cyboxCommon:HexBinaryObjectPropertyType" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>Specifies the size of the optional header. Should be 0 for object files and non-zero for executables.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="Characteristics" type="cyboxCommon:HexBinaryObjectPropertyType" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>Specifies the flags that indicate the file's characteristics.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="Hashes" type="cyboxCommon:HashListType" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>Any hashes computed for the Optional Header.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+		</xs:sequence>
+	</xs:complexType>
+	<xs:complexType name="SubsystemType">
+		<xs:annotation>
+			<xs:documentation>SubsystemTypes specifies subsystem types via a union of the SubsystemTypeEnum type and the atomic xs:string type. Its base type is the CybOX Core BaseObjectPropertyType, for permitting complex (i.e. regular-expression based) specifications.</xs:documentation>
+		</xs:annotation>
+		<xs:simpleContent>
+			<xs:restriction base="cyboxCommon:BaseObjectPropertyType">
+				<xs:simpleType>
+					<xs:union memberTypes="WinExecutableFileObj:SubsystemTypeEnum xs:string"/>
+				</xs:simpleType>
+				<xs:attribute name="datatype" type="cyboxCommon:DatatypeEnum" fixed="string">
+					<xs:annotation>
+						<xs:documentation>This attribute is optional and specifies the expected type for the value of the specified property.</xs:documentation>
+					</xs:annotation>
+				</xs:attribute>
+			</xs:restriction>
+		</xs:simpleContent>
+	</xs:complexType>
+	<xs:complexType name="PEType">
+		<xs:annotation>
+			<xs:documentation>PEType specifies PE file types via a union of the PETypeEnum type and the atomic xs:string type. Its base type is the CybOX Core BaseObjectPropertyType, for permitting complex (i.e. regular-expression based) specifications.</xs:documentation>
+		</xs:annotation>
+		<xs:simpleContent>
+			<xs:restriction base="cyboxCommon:BaseObjectPropertyType">
+				<xs:simpleType>
+					<xs:union memberTypes="WinExecutableFileObj:PETypeEnum xs:string"/>
+				</xs:simpleType>
+				<xs:attribute name="datatype" type="cyboxCommon:DatatypeEnum" fixed="string">
+					<xs:annotation>
+						<xs:documentation>This attribute is optional and specifies the expected type for the value of the specified property.</xs:documentation>
+					</xs:annotation>
+				</xs:attribute>
+			</xs:restriction>
+		</xs:simpleContent>
+	</xs:complexType>
+	<xs:complexType name="SectionType">
+		<xs:annotation>
+			<xs:documentation>SectionTypes specifies PE section types via a union of the SectionTypeEnum type and the atomic xs:string type. Its base type is the CybOX Core BaseObjectPropertyType, for permitting complex (i.e. regular-expression based) specifications.</xs:documentation>
+		</xs:annotation>
+		<xs:simpleContent>
+			<xs:restriction base="cyboxCommon:BaseObjectPropertyType">
+				<xs:simpleType>
+					<xs:union memberTypes="WinExecutableFileObj:SectionTypeEnum xs:string"/>
+				</xs:simpleType>
+				<xs:attribute name="datatype" type="cyboxCommon:DatatypeEnum" fixed="string">
+					<xs:annotation>
+						<xs:documentation>This attribute is optional and specifies the expected type for the value of the specified property.</xs:documentation>
+					</xs:annotation>
+				</xs:attribute>
+			</xs:restriction>
+		</xs:simpleContent>
+	</xs:complexType>
+	<xs:complexType name="PEOptionalHeaderType">
+		<xs:annotation>
+			<xs:documentation>The PEOptionalHeaderType type describes the PE Optional Header structure. Additional computed metadata, e.g., hashes of the header, are also included.</xs:documentation>
+		</xs:annotation>
+		<xs:sequence>
+			<xs:element name="Magic" type="cyboxCommon:HexBinaryObjectPropertyType" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>Specifies the unsigned integer that indicates the type of executable file.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="Major_Linker_Version" type="cyboxCommon:HexBinaryObjectPropertyType" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>Specifies the linker major version number.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="Minor_Linker_Version" type="cyboxCommon:HexBinaryObjectPropertyType" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>Specifies the linker minor version number.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="Size_Of_Code" type="cyboxCommon:HexBinaryObjectPropertyType" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>Specifies the size of the code (text) section. If there are multiple sections, size is the sum of the sizes if each.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="Size_Of_Initialized_Data" type="cyboxCommon:HexBinaryObjectPropertyType" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>Specifies the size of the initialized data section. If there are multiple sections, size is the sum of the sizes if each.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="Size_Of_Uninitialized_Data" type="cyboxCommon:HexBinaryObjectPropertyType" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>Specifies the size of the uninitialized (bss) data section. If there are multiple sections, size is the sum of the sizes if each.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="Address_Of_Entry_Point" type="cyboxCommon:HexBinaryObjectPropertyType" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>Specifies the address of the entry point relative to the image base when the executable is loaded into memory. When there is no entry point (e.g., optional for DLLs), the value should be 0.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="Base_Of_Code" type="cyboxCommon:HexBinaryObjectPropertyType" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>Specifies the address that is relative to the image base of the beginning-of-code section when it is loaded into memory.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="Base_Of_Data" type="cyboxCommon:HexBinaryObjectPropertyType" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>Specifies the address that is relative to the image base of the beginning-of-data section when it is loaded into memory.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="Image_Base" type="cyboxCommon:HexBinaryObjectPropertyType" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>Specifies the preferred address of the first byte of image when loaded into memory; must be a multiple of 64 K. </xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="Section_Alignment" type="cyboxCommon:HexBinaryObjectPropertyType" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>Specifies the alignment (in bytes) of sections when they are loaded into memory. </xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="File_Alignment" type="cyboxCommon:HexBinaryObjectPropertyType" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>Specifies the factor (in bytes) that is used to align the raw data of sections in the image file. </xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="Major_OS_Version" type="cyboxCommon:HexBinaryObjectPropertyType" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>Specifies the major version number of the required operating system.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="Minor_OS_Version" type="cyboxCommon:HexBinaryObjectPropertyType" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>Specifies the minor version number of the required operating system.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="Major_Image_Version" type="cyboxCommon:HexBinaryObjectPropertyType" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>Specifies the major version number of the image.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="Minor_Image_Version" type="cyboxCommon:HexBinaryObjectPropertyType" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>Specifies the minor version number of the image.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="Major_Subsystem_Version" type="cyboxCommon:HexBinaryObjectPropertyType" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>Specifies the major version number of the subsystem.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="Minor_Subsystem_Version" type="cyboxCommon:HexBinaryObjectPropertyType" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>Specifies the minor version number of the subsystem.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="Win32_Version_Value" type="cyboxCommon:HexBinaryObjectPropertyType" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>Reserved; must be 0.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="Size_Of_Image" type="cyboxCommon:HexBinaryObjectPropertyType" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>Specifies the size (in bytes) of the image, including all headers, as the image is loaded in memory.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="Size_Of_Headers" type="cyboxCommon:HexBinaryObjectPropertyType" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>Specifies the combined size of the MS DOS header, PE header, and section headers rounded up to a multiple of FileAlignment.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="Checksum" type="cyboxCommon:HexBinaryObjectPropertyType" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>Specifies the checksum of the PE file.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="Subsystem" type="cyboxCommon:HexBinaryObjectPropertyType" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>Specifies the subsystem (e.g., GUI, device driver) that is required to run this image. </xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="DLL_Characteristics" type="cyboxCommon:HexBinaryObjectPropertyType" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>Specifies flags that characterize the PE file.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="Size_Of_Stack_Reserve" type="cyboxCommon:HexBinaryObjectPropertyType" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>Specifies the size of the stack to reserve.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="Size_Of_Stack_Commit" type="cyboxCommon:HexBinaryObjectPropertyType" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>Specifies the size of the stack to commit.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="Size_Of_Heap_Reserve" type="cyboxCommon:HexBinaryObjectPropertyType" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>Specifies the size of the local heap space to reserve.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="Size_Of_Heap_Commit" type="cyboxCommon:HexBinaryObjectPropertyType" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>Specifies the size of the local heap space to commit.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="Loader_Flags" type="cyboxCommon:HexBinaryObjectPropertyType" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>Reserved; must be 0.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="Number_Of_Rva_And_Sizes" type="cyboxCommon:HexBinaryObjectPropertyType" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>Specifieshe number of data-directory entries in the remainder of the optional header.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="Data_Directory" type="WinExecutableFileObj:DataDirectoryType" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>Specifies the data directories in the remainder in the optional header. This field will be repeated for each data directory.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="Hashes" type="cyboxCommon:HashListType" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>The Hashes field is used to include any hash values computed using the specified PE binary optional header as input.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+		</xs:sequence>
+	</xs:complexType>
+	<xs:complexType name="DataDirectoryType">
+		<xs:annotation>
+			<xs:documentation>The DataDirectoryType specifies the data directories that can appear in the PE file's optional header. The data directories, except the Certificate Table, are loaded into memory so they can be used at runtime.</xs:documentation>
+		</xs:annotation>
+		<xs:sequence>
+			<xs:element name="Export_Table" type="WinExecutableFileObj:PEDataDirectoryStructType" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>Specifies the export table data directory.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="Import_Table" type="WinExecutableFileObj:PEDataDirectoryStructType" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>Specifies the import table data directory.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="Resource_Table" type="WinExecutableFileObj:PEDataDirectoryStructType" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>Specifies the resource table data directory.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="Exception_Table" type="WinExecutableFileObj:PEDataDirectoryStructType" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>Specifies the exception table data directory.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="Certificate_Table" type="WinExecutableFileObj:PEDataDirectoryStructType" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>Specifies the certificate table data directory. The table of certificates is in a file which the data directory points to.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="Base_Relocation_Table" type="WinExecutableFileObj:PEDataDirectoryStructType" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>Specifies the base relocation table data directory.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="Debug" type="WinExecutableFileObj:PEDataDirectoryStructType" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>Specifies the debug data directory.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="Architecture" type="WinExecutableFileObj:PEDataDirectoryStructType" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>Reserved, must be 0.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="Global_Ptr" type="WinExecutableFileObj:PEDataDirectoryStructType" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>Specifies the RVA of the value to be stored in the global pointer register. </xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="TLS_Table" type="WinExecutableFileObj:PEDataDirectoryStructType" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>Specifies the thread local storage (TLS) table data directory.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="Load_Config_Table" type="WinExecutableFileObj:PEDataDirectoryStructType" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>Specifies the load configuration table data directory.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="Bound_Import" type="WinExecutableFileObj:PEDataDirectoryStructType" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>Specifies the bound import table data directory.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="Import_Address_Table" type="WinExecutableFileObj:PEDataDirectoryStructType" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>Specifies the import address table (IAT) data directory.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="Delay_Import_Descriptor" type="WinExecutableFileObj:PEDataDirectoryStructType" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>Specifies the delay import descriptor data directory.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="CLR_Runtime_Header" type="WinExecutableFileObj:PEDataDirectoryStructType" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>Specifies the Common Language Runtime (CLR) header data directory.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="Reserved" type="WinExecutableFileObj:PEDataDirectoryStructType" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>Reserved; must be 0.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+		</xs:sequence>
+	</xs:complexType>
+	<xs:complexType name="PEBuildInformationType">
+		<xs:annotation>
+			<xs:documentation>The PEBuildInformationType captures information about the tools used to build the PE binary, including the compiler and linker.</xs:documentation>
+		</xs:annotation>
+		<xs:sequence>
+			<xs:element minOccurs="0" name="Linker_Name" type="cyboxCommon:StringObjectPropertyType">
+				<xs:annotation>
+					<xs:documentation>The Linker_Name field specifies the name of the linker used to link the PE binary.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element minOccurs="0" name="Linker_Version" type="cyboxCommon:StringObjectPropertyType">
+				<xs:annotation>
+					<xs:documentation>The Linker_Version field specifies the version of the linker used to link the PE binary.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element minOccurs="0" name="Compiler_Name" type="cyboxCommon:StringObjectPropertyType">
+				<xs:annotation>
+					<xs:documentation>The Compiler_Name field specifies the name of the compiler used to compile the binary.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element minOccurs="0" name="Compiler_Version" type="cyboxCommon:StringObjectPropertyType">
+				<xs:annotation>
+					<xs:documentation>The Compiler_Version field specifies the version of the compiler used to compile the binary.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+		</xs:sequence>
+	</xs:complexType>
+	<xs:simpleType name="SectionTypeEnum">
+		<xs:annotation>
+			<xs:documentation>SectionTypeEnum enumerates the types of PE sections in an executable. See http://www.silurian.com/inspect/peformat.htm for more information. These sections can be viewed in a Disassembler, such as IDA and more specifically in the freeware CFF Explorer.</xs:documentation>
+		</xs:annotation>
+		<xs:restriction base="xs:string">
+			<xs:enumeration value="Text">
+				<xs:annotation>
+					<xs:documentation>Denoted by .text, this specifies the main program code--usually execute and read access only.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Data">
+				<xs:annotation>
+					<xs:documentation>Denoted by .data, this specifies main initialized data code that is used by the program.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Resource">
+				<xs:annotation>
+					<xs:documentation>Denoted by .rsrc, this specifies Windows Resource data.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="ReadonlyData">
+				<xs:annotation>
+					<xs:documentation>Denoted by .rdata, this specifies read only data.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Relocations">
+				<xs:annotation>
+					<xs:documentation>Denoted by .reloc, this specifies base relocations.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Debug">
+				<xs:annotation>
+					<xs:documentation>Denoted by .debug, this specifies debug information.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="IData">
+				<xs:annotation>
+					<xs:documentation>Denoted by .idata, this specifies imported function data.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="TLS">
+				<xs:annotation>
+					<xs:documentation>Denoted by .tls, this specifies Thread Local Storage. Data is private to each thread.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="CRT">
+				<xs:annotation>
+					<xs:documentation>Denoted by .CRT, this specifies data reserved for the C Run-Time library.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+		</xs:restriction>
+	</xs:simpleType>
+	<xs:simpleType name="SubsystemTypeEnum">
+		<xs:annotation>
+			<xs:documentation>SubsystemTypeEnum enumerates the types of subsystems in Windows an executable can be compatible for, according to winnt.h and more specifically, the Subsystem value of the IMAGE_OPTIONAL_HEADER structure. See http://source.winehq.org/source/include/winnt.h and http://msdn.microsoft.com/en-us/library/windows/desktop/ms680339(v=vs.85).aspx for more information.</xs:documentation>
+		</xs:annotation>
+		<xs:restriction base="xs:string">
+			<xs:enumeration value="Unknown">
+				<xs:annotation>
+					<xs:documentation>Specifies an unknown subsystem.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Native">
+				<xs:annotation>
+					<xs:documentation>Specifies that no subsystem is required to run the image (i.e. only device drivers and native system processes are needed).</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Windows_GUI">
+				<xs:annotation>
+					<xs:documentation>Specifies the Windows Graphical user interface (GUI) subsystem.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Windows_CUI">
+				<xs:annotation>
+					<xs:documentation>Specifies the Windows character-mode user interface (CUI) subsystem.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="OS2_CUI">
+				<xs:annotation>
+					<xs:documentation>Specifies the OS/2 CUI subsystem.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="POSIX_CUI">
+				<xs:annotation>
+					<xs:documentation>Specifies the POSIX CUI subsystem.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Native_Win9x_Driver">
+				<xs:annotation>
+					<xs:documentation>Specifies the Native Windows 9x drivers. This is denoted by the value IMAGE_SUBSYSTEM_NATIVE_WINDOWS or 0x8.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Windows_CE_GUI">
+				<xs:annotation>
+					<xs:documentation>Specifies the Windows CE system with a GUI.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="EFI_Application">
+				<xs:annotation>
+					<xs:documentation>Specifies the Extensible Firmware Interface (EFI) application.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="EFI_Boot_Service_Driver">
+				<xs:annotation>
+					<xs:documentation>Specifies the Extensible Firmware Interface (EFI) driver with boot services.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="EFI_Runtime_Driver">
+				<xs:annotation>
+					<xs:documentation>Specifies the Extensible Firmware Interface (EFI) driver with run-time services.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="EFI_ROM">
+				<xs:annotation>
+					<xs:documentation>Specifies the Extensible Firmware Interface (EFI) image.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="XBOX">
+				<xs:annotation>
+					<xs:documentation>Specifies the XBOX system.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Windows_Boot_Application">
+				<xs:annotation>
+					<xs:documentation>Specifies the Windows Boot application.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+		</xs:restriction>
+	</xs:simpleType>
+	<xs:simpleType name="PETypeEnum">
+		<xs:annotation>
+			<xs:documentation>PETypeEnum enumerates the characteristics flags for the executable file in question. These are detailed in winnt.h.</xs:documentation>
+		</xs:annotation>
+		<xs:restriction base="xs:string">
+			<xs:enumeration value="Executable">
+				<xs:annotation>
+					<xs:documentation>Specifies an executable image (not an OBJ or LIB).</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Dll">
+				<xs:annotation>
+					<xs:documentation>Specifies a dynamic link library, not a program.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Invalid">
+				<xs:annotation>
+					<xs:documentation>Specifies an invalid executable file (i.e. not one of the listed types).</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+		</xs:restriction>
+	</xs:simpleType>
+	<xs:simpleType name="PEResourceTypeEnum">
+		<xs:annotation>
+			<xs:documentation>The PEResourceTypeEnum is a non-exhaustive enumeration of PE resource types.</xs:documentation>
+		</xs:annotation>
+		<xs:restriction base="xs:string">
+			<xs:enumeration value="Cursor">
+				<xs:annotation>
+					<xs:documentation>The resource specified is a cursor or animated cursor defined by naming it and specifying the name of the file that contains it. (To use a particular cursor, the application requests it by name.)</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Bitmap">
+				<xs:annotation>
+					<xs:documentation>The resource specified is a bitmap defined by naming it and specifying the name of the file that contains it. (To use a particular cursor, the application requests it by name.)</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Icon">
+				<xs:annotation>
+					<xs:documentation>The resource specified is an icon or animated icon by naming it and specifying the name of the file that contains it. (To use a particular icon, the application requests it by name.)</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Menu">
+				<xs:annotation>
+					<xs:documentation>The resource specified defines the appearance and function of a menu. Does not define help or regular identifiers, nor uses the MFT_* type and MFS_* state flags.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="MenuEX">
+				<xs:annotation>
+					<xs:documentation>The resource specified defines the appearance and function of a menu, which can also utilize help or regular identifiers, as well as the MFT_* type and MFS_* state flags. </xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Popup">
+				<xs:annotation>
+					<xs:documentation>The resource specified defines a menu item that can contain menu items and submenus.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Dialog">
+				<xs:annotation>
+					<xs:documentation>The resource specified defines a template that an application can use to create dialog boxes. This type is considered obsolete in Windows and newer applications use the DIALOGEX resource.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="DialogEX">
+				<xs:annotation>
+					<xs:documentation>The resource specified defines a template that newer applications can use to create dialog boxes.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="String">
+				<xs:annotation>
+					<xs:documentation/>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="StringTable">
+				<xs:annotation>
+					<xs:documentation>The resource specified defines string resources. String resources are Unicode or ASCII strings that can be loaded from the executable file.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Fontdir">
+				<xs:annotation>
+					<xs:documentation/>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Font">
+				<xs:annotation>
+					<xs:documentation>The resource specified defines the name of a file that contains a font.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Accelerators">
+				<xs:annotation>
+					<xs:documentation>The resource specified defines menu accelerator keys.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="RCData">
+				<xs:annotation>
+					<xs:documentation>The resource specified defines data resources. Data resources let you include binary data in the executable file.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="MessageTable">
+				<xs:annotation>
+					<xs:documentation>The resource specified defines a message table by naming it and specifying the name of the file that contains it. The file is a binary resource file generated by the message compiler.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="GroupCursor">
+				<xs:annotation>
+					<xs:documentation/>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="GroupIcon">
+				<xs:annotation>
+					<xs:documentation/>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="VersionInfo">
+				<xs:annotation>
+					<xs:documentation>The resource specified defines version-information. Vontains information such as the version number, intended operating system, and so on.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="DLGInclude">
+				<xs:annotation>
+					<xs:documentation/>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="PlugPlay">
+				<xs:annotation>
+					<xs:documentation>This resource is obsolete and included for completeness.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="TextInclude">
+				<xs:annotation>
+					<xs:documentation>This is a special resource that is interpreted by Visual C++. For more information see http://go.microsoft.com/FWLink/?LinkId=83951.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="TypeLib">
+				<xs:annotation>
+					<xs:documentation>This is a special resource that is used with /TLBID and /TLBOUT linker options. For more information see http://go.microsoft.com/FWLink/?LinkId=83960 (for /TLBID) and http://go.microsoft.com/FWLink/?LinkId=83947 (for /TLBOUT).</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Vxd">
+				<xs:annotation>
+					<xs:documentation>This resource is obsolete and included for completeness.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="AniCursor">
+				<xs:annotation>
+					<xs:documentation/>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="AniIcon">
+				<xs:annotation>
+					<xs:documentation/>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="HTML">
+				<xs:annotation>
+					<xs:documentation>The resource specified defines an HTML file.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Manifest">
+				<xs:annotation>
+					<xs:documentation/>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Other">
+				<xs:annotation>
+					<xs:documentation>The resource specified defines a different object than those listed. This resource type can also be considered User-Defined, i.e. defines a resource that contains application-specific data, as noted in MSDN.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+		</xs:restriction>
+	</xs:simpleType>
+</xs:schema>
diff --git a/stix_validator/schema/cybox/objects/Win_File_Object.xsd b/stix_validator/schema/cybox/objects/Win_File_Object.xsd
new file mode 100755
index 0000000..ca8b003
--- /dev/null
+++ b/stix_validator/schema/cybox/objects/Win_File_Object.xsd
@@ -0,0 +1,269 @@
+<?xml version="1.0" encoding="utf-8"?>
+<xs:schema xmlns:xs="http://www.w3.org/2001/XMLSchema" xmlns:WinFileObj="http://cybox.mitre.org/objects#WinFileObject-2" xmlns:cyboxCommon="http://cybox.mitre.org/common-2" xmlns:FileObj="http://cybox.mitre.org/objects#FileObject-2" targetNamespace="http://cybox.mitre.org/objects#WinFileObject-2" elementFormDefault="qualified" attributeFormDefault="unqualified" version="2.0">
+	<xs:annotation>
+		<xs:documentation>This schema was originally developed by The MITRE Corporation. The CybOX XML Schema implementation is maintained by The MITRE Corporation and developed by the open CybOX Community. For more information, including how to get involved in the effort and how to submit change requests, please visit the CybOX website at http://cybox.mitre.org. </xs:documentation>
+		<xs:appinfo>
+			<schema>Win_File_Object</schema>
+			<version>2.0</version>
+			<date>02/11/2013 9:00:00 AM</date>
+			<short_description>The following specifies the fields and types that compose this defined CybOX Object type. Each defined object is an extension of the abstract ObjectPropertiesType, defined in CybOX Common. For more information on this extension mechanism, please see the CybOX Specification. This document is intended for developers and assumes some familiarity with XML. </short_description>
+			<terms_of_use>Copyright (c) 2012-2013, The MITRE Corporation. All rights reserved. The contents of this file are subject to the terms of the CybOX License located at http://cybox.mitre.org/about/termsofuse.html. See the CybOX License for the specific language governing permissions and limitations for use of this schema. When distributing copies of the CybOX Schema, this license header must be included. </terms_of_use>
+		</xs:appinfo>
+	</xs:annotation>
+	<xs:import namespace="http://cybox.mitre.org/common-2" schemaLocation="../cybox_common.xsd"/>
+	<xs:import namespace="http://cybox.mitre.org/objects#FileObject-2" schemaLocation="File_Object.xsd"/>
+	<xs:element name="Windows_File" type="WinFileObj:WindowsFileObjectType" nillable="true">
+		<xs:annotation>
+			<xs:documentation>The Windows_File object is intended to characterize Windows files.</xs:documentation>
+		</xs:annotation>
+	</xs:element>
+	<xs:complexType name="WindowsFileObjectType" mixed="false">
+		<xs:annotation>
+			<xs:documentation>The WindowsFileObjectType type is intended to characterize Windows files.</xs:documentation>
+		</xs:annotation>
+		<xs:complexContent>
+			<xs:extension base="FileObj:FileObjectType">
+				<xs:sequence minOccurs="1">
+					<xs:element name="Filename_Accessed_Time" type="cyboxCommon:DateTimeObjectPropertyType" minOccurs="0">
+						<xs:annotation>
+							<xs:documentation>The Filename_Accessed_Time field specifies the date/time the filename of the Windows file was last accessed.</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+					<xs:element name="Filename_Created_Time" type="cyboxCommon:DateTimeObjectPropertyType" minOccurs="0">
+						<xs:annotation>
+							<xs:documentation>The Filename_Created_Time field specifies the date/time the filename of the Windows file was created.</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+					<xs:element name="Filename_Modified_Time" type="cyboxCommon:DateTimeObjectPropertyType" minOccurs="0">
+						<xs:annotation>
+							<xs:documentation>The Filename_Modified_Time field specifies the date/time the filename of the Windows file was last modified.</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+					<xs:element name="Drive" type="cyboxCommon:StringObjectPropertyType" minOccurs="0" maxOccurs="1">
+						<xs:annotation>
+							<xs:documentation>The Drive field specifies the drive letter of the drive that the file resides on.</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+					<xs:element name="Security_ID" type="cyboxCommon:StringObjectPropertyType" minOccurs="0" maxOccurs="1">
+						<xs:annotation>
+							<xs:documentation>The Security_ID field specifies the Security ID (SID) value assigned to the file.</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+					<xs:element name="Security_Type" type="cyboxCommon:SIDType" nillable="true" minOccurs="0" maxOccurs="1">
+						<xs:annotation>
+							<xs:documentation>The Security_Type field specifies the type of Security ID (SID) assigned to the file.</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+					<xs:element name="Stream_List" type="WinFileObj:StreamListType" minOccurs="0" maxOccurs="1">
+						<xs:annotation>
+							<xs:documentation>The Stream_List field specifies any alternate data streams contained within the file.</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+				</xs:sequence>
+			</xs:extension>
+		</xs:complexContent>
+	</xs:complexType>
+	<xs:complexType name="StreamObjectType" mixed="false">
+		<xs:annotation>
+			<xs:documentation>The StreamObjectType type is intended to characterize NTFS alternate data streams.</xs:documentation>
+		</xs:annotation>
+		<xs:complexContent>
+			<xs:extension base="cyboxCommon:HashListType">
+				<xs:sequence>
+					<xs:element name="Name" type="cyboxCommon:StringObjectPropertyType" minOccurs="0" maxOccurs="1">
+						<xs:annotation>
+							<xs:documentation>The Name field specifies the name of the alternate data stream.</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+					<xs:element name="Size_In_Bytes" type="cyboxCommon:UnsignedLongObjectPropertyType" nillable="true" minOccurs="1" maxOccurs="1">
+						<xs:annotation>
+							<xs:documentation>The Size_In_Bytes field specifies the size of the alternate data stream, in bytes.</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+				</xs:sequence>
+			</xs:extension>
+		</xs:complexContent>
+	</xs:complexType>
+	<xs:complexType name="StreamListType">
+		<xs:annotation>
+			<xs:documentation>The StreamListType type specifies a list of NTFS alternate data streams.</xs:documentation>
+		</xs:annotation>
+		<xs:sequence>
+			<xs:element name="Stream" type="WinFileObj:StreamObjectType" nillable="true" minOccurs="1" maxOccurs="unbounded">
+				<xs:annotation>
+					<xs:documentation>The Stream field characterizes a single NTFS alternate data stream.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+		</xs:sequence>
+	</xs:complexType>
+	<xs:complexType name="WindowsFileAttributesType">
+		<xs:annotation>
+			<xs:documentation>The WindowsFileAttributesType type specifies Windows file attributes. It imports and extends the FileAttributeType from the CybOX File Object.</xs:documentation>
+		</xs:annotation>
+		<xs:complexContent>
+			<xs:extension base="FileObj:FileAttributeType">
+				<xs:sequence maxOccurs="1">
+					<xs:element name="Attribute" type="WinFileObj:WindowsFileAttributeType" maxOccurs="unbounded">
+						<xs:annotation>
+							<xs:documentation>The WindowsFileAttributeType specifies a single Windows file attribute.</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+				</xs:sequence>
+			</xs:extension>
+		</xs:complexContent>
+	</xs:complexType>
+	<xs:complexType name="WindowsFileAttributeType">
+		<xs:annotation>
+			<xs:documentation>WindowsFileAttributeType specifies Windows file attributes via a union of the FileAttributesEnum type and the atomic xs:string type. Its base type is the CybOX Core BaseObjectPropertyType, for permitting complex (i.e. regular-expression based) specifications.</xs:documentation>
+		</xs:annotation>
+		<xs:simpleContent>
+			<xs:restriction base="cyboxCommon:BaseObjectPropertyType">
+				<xs:simpleType>
+					<xs:union memberTypes="WinFileObj:FileAttributesEnum xs:string"/>
+				</xs:simpleType>
+				<xs:attribute name="datatype" type="cyboxCommon:DatatypeEnum" fixed="string">
+					<xs:annotation>
+						<xs:documentation>This attribute is optional and specifies the expected type for the value of the specified property.</xs:documentation>
+					</xs:annotation>
+				</xs:attribute>
+			</xs:restriction>
+		</xs:simpleContent>
+	</xs:complexType>
+	<xs:complexType name="WindowsFilePermissionsType">
+		<xs:annotation>
+			<xs:documentation>The WindowsFilePermissionsType type specifies Windows file permissions. It imports and extends the FilePermissionsType from the CybOX File Object.</xs:documentation>
+		</xs:annotation>
+		<xs:complexContent>
+			<xs:extension base="FileObj:FilePermissionsType">
+				<xs:sequence>
+					<xs:element name="Full_Control" type="xs:boolean" minOccurs="0">
+						<xs:annotation>
+							<xs:documentation>The Full_Control field specifies whether reading, writing, changing and deleting of the file is perfmitted.</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+					<xs:element name="Modify" type="xs:boolean" minOccurs="0">
+						<xs:annotation>
+							<xs:documentation>The Modify field specifies whether reading and writing or deletion of the file is permitted.</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+					<xs:element name="Read" type="xs:boolean" minOccurs="0">
+						<xs:annotation>
+							<xs:documentation>The Read field specifies whether viewing or accessing of the file's contents is permitted.</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+					<xs:element name="Read_And_Execute" type="xs:boolean" minOccurs="0">
+						<xs:annotation>
+							<xs:documentation>The Read_And_Execute field specifies whether viewing and accessing of the file's contents as well as executing of the file is permitted.</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+					<xs:element name="Write" type="xs:boolean" minOccurs="0">
+						<xs:annotation>
+							<xs:documentation>The Write field specifies whether writing to the file is permitted.</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+				</xs:sequence>
+			</xs:extension>
+		</xs:complexContent>
+	</xs:complexType>
+	<xs:simpleType name="FileAttributesEnum">
+		<xs:annotation>
+			<xs:documentation>The FileAttributesEnum type is an enumeration of Windows file attributes. These refer to the constants specified in http://msdn.microsoft.com/en-us/library/gg258117(v=vs.85).aspx.</xs:documentation>
+		</xs:annotation>
+		<xs:list>
+			<xs:simpleType>
+				<xs:restriction base="xs:string">
+					<xs:enumeration value="ReadOnly">
+						<xs:annotation>
+							<xs:documentation>Specifies a file is read only, as denoted by the constant value, 0x1. Applications can read the file, but cannot write to it or delete it. This attribute is not honored on directories. For more information as to why, see http://go.microsoft.com/FWLink/?LinkId=125896.</xs:documentation>
+						</xs:annotation>
+					</xs:enumeration>
+					<xs:enumeration value="Hidden">
+						<xs:annotation>
+							<xs:documentation>Specifies a file or directory is hidden, as denoted by the constant value, 0x2. It is not included in an ordinary directory listing.</xs:documentation>
+						</xs:annotation>
+					</xs:enumeration>
+					<xs:enumeration value="System">
+						<xs:annotation>
+							<xs:documentation>Specifies a file or directory that the operating system uses a part of, or uses exclusively, as denoted by the constant value, 0x4.</xs:documentation>
+						</xs:annotation>
+					</xs:enumeration>
+					<xs:enumeration value="Directory">
+						<xs:annotation>
+							<xs:documentation>Specifies a directory, as denoted by the constant value, 0x10. </xs:documentation>
+						</xs:annotation>
+					</xs:enumeration>
+					<xs:enumeration value="Archive">
+						<xs:annotation>
+							<xs:documentation>Specifies a file or directory that is an archive file or directory, as denoted by the constant value, 0x20. Applications typically use this attribute to mark files for backup or removal. </xs:documentation>
+						</xs:annotation>
+					</xs:enumeration>
+					<xs:enumeration value="Device">
+						<xs:annotation>
+							<xs:documentation>Specifies a reserved system value, as denoted by the constant value, 0x40.</xs:documentation>
+						</xs:annotation>
+					</xs:enumeration>
+					<xs:enumeration value="Normal">
+						<xs:annotation>
+							<xs:documentation>Specifies a file that has no other attributes set, and is only valid when this attribute is used alone, as denoted by the constant value, 0x80.</xs:documentation>
+						</xs:annotation>
+					</xs:enumeration>
+					<xs:enumeration value="Temporary">
+						<xs:annotation>
+							<xs:documentation>Specifies a file being used for temporary storage, as denoted by the constant value, 0x100.</xs:documentation>
+						</xs:annotation>
+					</xs:enumeration>
+					<xs:enumeration value="SparseFile">
+						<xs:annotation>
+							<xs:documentation>Specifies a sparse file, as denoted by the constant value, 0x200.</xs:documentation>
+						</xs:annotation>
+					</xs:enumeration>
+					<xs:enumeration value="ReparsePoint">
+						<xs:annotation>
+							<xs:documentation>Specifies a file or directory that has an associated reparse point, or a file that is a symbolic link, as denoted by the constant value, 0x400.</xs:documentation>
+						</xs:annotation>
+					</xs:enumeration>
+					<xs:enumeration value="Compressed">
+						<xs:annotation>
+							<xs:documentation>Specifies a file or directory that is compressed, as denoted by the constant value, 0x800. For a file, all of the data in the file is compressed. For a directory, compression is the default for newly created files and subdirectories.</xs:documentation>
+						</xs:annotation>
+					</xs:enumeration>
+					<xs:enumeration value="Offline">
+						<xs:annotation>
+							<xs:documentation>Specifies that the data of a file is not available immediately, as denoted by the constant value, 0x1000. This attribute indicates that the file data is physically moved to offline storage. This attribute is used by Remote Storage, which is the hierarchical storage management software. Applications should not arbitrarily change this attribute.</xs:documentation>
+						</xs:annotation>
+					</xs:enumeration>
+					<xs:enumeration value="NotContentIndexed">
+						<xs:annotation>
+							<xs:documentation>Specifies that a file is not to be indexed by the content indexing service, as denoted by the constant value, 0x2000.</xs:documentation>
+						</xs:annotation>
+					</xs:enumeration>
+					<xs:enumeration value="Encrypted">
+						<xs:annotation>
+							<xs:documentation>Specifies a file or directory that is encrypted, as denoted by the constant value, 0x4000. For a file, all data streams in the file are encrypted. For a directory, encryption is the default for newly created files and subdirectories.</xs:documentation>
+						</xs:annotation>
+					</xs:enumeration>
+					<xs:enumeration value="Deleted">
+						<xs:annotation>
+							<xs:documentation>Specifies a file or directory that is marked as deleted.</xs:documentation>
+						</xs:annotation>
+					</xs:enumeration>
+					<xs:enumeration value="IntegrityStream">
+						<xs:annotation>
+							<xs:documentation>Specifies the directory or user data stream is configured with integrity (only supported on ReFS volumes), as denoted by the constant value, 0x8000. It is not included in an ordinary directory listing. The integrity setting persists with the file if it's renamed. If a file is copied the destination file will have integrity set if either the source file or destination directory have integrity set. NOTE: This flag is supported ONLY for Windows Server 8 Beta and later.</xs:documentation>
+						</xs:annotation>
+					</xs:enumeration>
+					<xs:enumeration value="Virtual">
+						<xs:annotation>
+							<xs:documentation>Specifies a reserved system value, as denoted by the constant value, 0x10000.</xs:documentation>
+						</xs:annotation>
+					</xs:enumeration>
+					<xs:enumeration value="NoScrubData">
+						<xs:annotation>
+							<xs:documentation>The user data stream not to be read by the background data integrity scanner (AKA scrubber), as denoted by the constant value, 0x20000. When set on a directory it only provides inheritance. This flag is only supported on Storage Spaces and ReFS volumes in Windows 8 and Windows Server 8 Beta and later. It is not included in an ordinary directory listing.</xs:documentation>
+						</xs:annotation>
+					</xs:enumeration>
+				</xs:restriction>
+			</xs:simpleType>
+		</xs:list>
+	</xs:simpleType>
+</xs:schema>
\ No newline at end of file
diff --git a/stix_validator/schema/cybox/objects/Win_Handle_Object.xsd b/stix_validator/schema/cybox/objects/Win_Handle_Object.xsd
new file mode 100755
index 0000000..8300bfa
--- /dev/null
+++ b/stix_validator/schema/cybox/objects/Win_Handle_Object.xsd
@@ -0,0 +1,186 @@
+<?xml version="1.0" encoding="utf-8"?>
+<xs:schema xmlns:xs="http://www.w3.org/2001/XMLSchema" xmlns:WinHandleObj="http://cybox.mitre.org/objects#WinHandleObject-2" xmlns:cyboxCommon="http://cybox.mitre.org/common-2" targetNamespace="http://cybox.mitre.org/objects#WinHandleObject-2" elementFormDefault="qualified" attributeFormDefault="unqualified" version="2.0">
+	<xs:annotation>
+		<xs:documentation>This schema was originally developed by The MITRE Corporation. The CybOX XML Schema implementation is maintained by The MITRE Corporation and developed by the open CybOX Community. For more information, including how to get involved in the effort and how to submit change requests, please visit the CybOX website at http://cybox.mitre.org. </xs:documentation>
+		<xs:appinfo>
+			<schema>Win_Handle_Object</schema>
+			<version>2.0</version>
+			<date>02/11/2013 9:00:00 AM</date>
+			<short_description>The following specifies the fields and types that compose this defined CybOX Object type. Each defined object is an extension of the abstract ObjectPropertiesType, defined in CybOX Common. For more information on this extension mechanism, please see the CybOX Specification. This document is intended for developers and assumes some familiarity with XML. </short_description>
+			<terms_of_use>Copyright (c) 2012-2013, The MITRE Corporation. All rights reserved. The contents of this file are subject to the terms of the CybOX License located at http://cybox.mitre.org/about/termsofuse.html. See the CybOX License for the specific language governing permissions and limitations for use of this schema. When distributing copies of the CybOX Schema, this license header must be included. </terms_of_use>
+		</xs:appinfo>
+	</xs:annotation>
+	<xs:import namespace="http://cybox.mitre.org/common-2" schemaLocation="../cybox_common.xsd"/>
+	<xs:element name="Windows_Handle" type="WinHandleObj:WindowsHandleObjectType">
+		<xs:annotation>
+			<xs:documentation>The Windows_Handle object is intended to characterize Windows handles.</xs:documentation>
+		</xs:annotation>
+	</xs:element>
+	<xs:complexType name="WindowsHandleObjectType" mixed="false">
+		<xs:annotation>
+			<xs:documentation>The WindowsHandleObjectType type is intended to characterize Windows handles.</xs:documentation>
+		</xs:annotation>
+		<xs:complexContent>
+			<xs:extension base="cyboxCommon:ObjectPropertiesType">
+				<xs:sequence>
+					<xs:element name="ID" type="cyboxCommon:UnsignedIntegerObjectPropertyType" minOccurs="0">
+						<xs:annotation>
+							<xs:documentation>The ID field refers to the unique number used to identify the handle.</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+					<xs:element name="Name" type="cyboxCommon:StringObjectPropertyType" minOccurs="0" maxOccurs="1">
+						<xs:annotation>
+							<xs:documentation>The Name field specifies the name of the handle.</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+					<xs:element name="Type" type="WinHandleObj:HandleType" minOccurs="0">
+						<xs:annotation>
+							<xs:documentation>The Type field specifies the handle type, which is equivalent to the type of Windows object that the handle refers to. </xs:documentation>
+						</xs:annotation>
+					</xs:element>
+					<xs:element name="Object_Address" type="cyboxCommon:UnsignedLongObjectPropertyType" nillable="true" minOccurs="0">
+						<xs:annotation>
+							<xs:documentation>The Object_Address field specifies the address of the Windows object that the handle refers to.</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+					<xs:element name="Access_Mask" type="cyboxCommon:UnsignedLongObjectPropertyType" nillable="true" minOccurs="0">
+						<xs:annotation>
+							<xs:documentation>The Access_Mask field specifies the access bitmask of the handle.</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+					<xs:element name="Pointer_Count" type="cyboxCommon:UnsignedLongObjectPropertyType" nillable="true" minOccurs="0" maxOccurs="1">
+						<xs:annotation>
+							<xs:documentation>The Pointer_Count field specifies the count of pointer references to the Windows object that the handle refers to.</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+				</xs:sequence>
+			</xs:extension>
+		</xs:complexContent>
+	</xs:complexType>
+	<xs:complexType name="WindowsHandleListType">
+		<xs:annotation>
+			<xs:documentation>The WindowsHandleListType type specifies a list of Windows handles, for re-use in other objects.</xs:documentation>
+		</xs:annotation>
+		<xs:sequence>
+			<xs:element name="Handle" type="WinHandleObj:WindowsHandleObjectType" maxOccurs="unbounded">
+				<xs:annotation>
+					<xs:documentation>The Handle field characterizes a single Windows handle.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+		</xs:sequence>
+	</xs:complexType>
+	<xs:complexType name="HandleType">
+		<xs:annotation>
+			<xs:documentation>HandleType specifies Windows handle types via a union of the HandleTypeEnum type and the atomic xs:string type. Its base type is the CybOX Core BaseObjectPropertyType, for permitting complex (i.e. regular-expression based) specifications.</xs:documentation>
+		</xs:annotation>
+		<xs:simpleContent>
+			<xs:restriction base="cyboxCommon:BaseObjectPropertyType">
+				<xs:simpleType>
+					<xs:union memberTypes="WinHandleObj:HandleTypeEnum xs:string"/>
+				</xs:simpleType>
+				<xs:attribute name="datatype" type="cyboxCommon:DatatypeEnum" fixed="string">
+					<xs:annotation>
+						<xs:documentation>This attribute is optional and specifies the expected type for the value of the specified property.</xs:documentation>
+					</xs:annotation>
+				</xs:attribute>
+			</xs:restriction>
+		</xs:simpleContent>
+	</xs:complexType>
+	<xs:simpleType name="HandleTypeEnum">
+		<xs:annotation>
+			<xs:documentation>The WindowsHandleType is a non-exhaustive enumeration of Windows handle types.</xs:documentation>
+		</xs:annotation>
+		<xs:restriction base="xs:string">
+			<xs:enumeration value="AccessToken">
+				<xs:annotation>
+					<xs:documentation>Specifies an access token handle.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Event">
+				<xs:annotation>
+					<xs:documentation>Specifies an event handle.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="File">
+				<xs:annotation>
+					<xs:documentation>Specifies a file handle.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="FileMapping">
+				<xs:annotation>
+					<xs:documentation>Specifies a file mapping handle.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Job">
+				<xs:annotation>
+					<xs:documentation>Specifies a job handle.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="IOCompletionPort">
+				<xs:annotation>
+					<xs:documentation>Specifies an IO completion port handle.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Mailslot">
+				<xs:annotation>
+					<xs:documentation>Specifies a mailslot handle.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Mutex">
+				<xs:annotation>
+					<xs:documentation>Specifies a mutex handle.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="NamedPipe">
+				<xs:annotation>
+					<xs:documentation>Specifies a named pipe handle.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Pipe">
+				<xs:annotation>
+					<xs:documentation>Specifies a pipe handle.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Process">
+				<xs:annotation>
+					<xs:documentation>Specifies a process handle.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Semaphore">
+				<xs:annotation>
+					<xs:documentation>Specifies a semiphore handle.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Thread">
+				<xs:annotation>
+					<xs:documentation>Specifies a thread handle.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Transaction">
+				<xs:annotation>
+					<xs:documentation>Specifies a transaction handle.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="WaitableTimer">
+				<xs:annotation>
+					<xs:documentation>Specifies a waitable timer handle.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="RegistryKey">
+				<xs:annotation>
+					<xs:documentation>Specifies a registry key handle.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Window">
+				<xs:annotation>
+					<xs:documentation>Specifies a window handle.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="ServiceControlManager">
+				<xs:annotation>
+					<xs:documentation>Specifies a service control manager handle.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+		</xs:restriction>
+	</xs:simpleType>
+</xs:schema>
\ No newline at end of file
diff --git a/stix_validator/schema/cybox/objects/Win_Kernel_Hook_Object.xsd b/stix_validator/schema/cybox/objects/Win_Kernel_Hook_Object.xsd
new file mode 100755
index 0000000..209e4b5
--- /dev/null
+++ b/stix_validator/schema/cybox/objects/Win_Kernel_Hook_Object.xsd
@@ -0,0 +1,109 @@
+<?xml version="1.0" encoding="utf-8"?>
+<xs:schema xmlns:xs="http://www.w3.org/2001/XMLSchema" xmlns:WinKernelHookObj="http://cybox.mitre.org/objects#WinKernelHookObject-2" xmlns:cyboxCommon="http://cybox.mitre.org/common-2" targetNamespace="http://cybox.mitre.org/objects#WinKernelHookObject-2" elementFormDefault="qualified" attributeFormDefault="unqualified" version="2.0">
+	<xs:annotation>
+		<xs:documentation>This schema was originally developed by The MITRE Corporation. The CybOX XML Schema implementation is maintained by The MITRE Corporation and developed by the open CybOX Community. For more information, including how to get involved in the effort and how to submit change requests, please visit the CybOX website at http://cybox.mitre.org. </xs:documentation>
+		<xs:appinfo>
+			<schema>Win_Kernel_Hook_Object</schema>
+			<version>2.0</version>
+			<date>02/11/2013 9:00:00 AM</date>
+			<short_description>The following specifies the fields and types that compose this defined CybOX Object type. Each defined object is an extension of the abstract ObjectPropertiesType, defined in CybOX Common. For more information on this extension mechanism, please see the CybOX Specification. This document is intended for developers and assumes some familiarity with XML. </short_description>
+			<terms_of_use>Copyright (c) 2012-2013, The MITRE Corporation. All rights reserved. The contents of this file are subject to the terms of the CybOX License located at http://cybox.mitre.org/about/termsofuse.html. See the CybOX License for the specific language governing permissions and limitations for use of this schema. When distributing copies of the CybOX Schema, this license header must be included. </terms_of_use>
+		</xs:appinfo>
+	</xs:annotation>
+	<xs:import namespace="http://cybox.mitre.org/common-2" schemaLocation="../cybox_common.xsd"/>
+	<xs:element name="Windows_Kernel_Hook" type="WinKernelHookObj:WindowsKernelHookObjectType" nillable="true">
+		<xs:annotation>
+			<xs:documentation>The Windows_Kernel_Hook object is intended to characterize Windows kernel function hooks.</xs:documentation>
+		</xs:annotation>
+	</xs:element>
+	<xs:complexType name="WindowsKernelHookObjectType" mixed="false">
+		<xs:annotation>
+			<xs:documentation>The WindowsKernelHookObjectType type is intended to characterize Windows kernel function hooks.</xs:documentation>
+		</xs:annotation>
+		<xs:complexContent>
+			<xs:extension base="cyboxCommon:ObjectPropertiesType">
+				<xs:sequence>
+					<xs:element name="Digital_Signature_Hooking" type="cyboxCommon:DigitalSignatureInfoType" minOccurs="0" maxOccurs="1">
+						<xs:annotation>
+							<xs:documentation>The Digital_Signature_Hooked field is optional and specifies the digital signature of the hooking code.</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+					<xs:element name="Digital_Signature_Hooked" type="cyboxCommon:DigitalSignatureInfoType" minOccurs="0" maxOccurs="1">
+						<xs:annotation>
+							<xs:documentation>The Digital_Signature_Hooked field is optional and specifies the digital signature of the hooked code.</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+					<xs:element name="Hooking_Address" type="cyboxCommon:UnsignedLongObjectPropertyType" nillable="true" minOccurs="0" maxOccurs="1">
+						<xs:annotation>
+							<xs:documentation>The Hooking_Address field is optional and specifies the address from where the hooking occurs.</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+					<xs:element name="Hook_Description" type="cyboxCommon:StringObjectPropertyType" minOccurs="0" maxOccurs="1">
+						<xs:annotation>
+							<xs:documentation>The Hook_Description field is optional and provides a description of the nature of the hook.</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+					<xs:element name="Hooked_Function" type="cyboxCommon:StringObjectPropertyType" minOccurs="0" maxOccurs="1">
+						<xs:annotation>
+							<xs:documentation>The Hooked_Function field specifies the name of the function that is hooked.</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+					<xs:element name="Hooked_Module" type="cyboxCommon:StringObjectPropertyType" minOccurs="0" maxOccurs="1">
+						<xs:annotation>
+							<xs:documentation>The Hooked_Module field specifies the name of the module that is hooked.</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+					<xs:element name="Hooking_Module" type="cyboxCommon:StringObjectPropertyType" minOccurs="0" maxOccurs="1">
+						<xs:annotation>
+							<xs:documentation>The Hooking_Module field specifies the name of the module that is doing the hooking.</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+					<xs:element name="Type" type="WinKernelHookObj:KernelHookType" minOccurs="0">
+						<xs:annotation>
+							<xs:documentation>The Type field specifies the type of hook being characterized.</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+				</xs:sequence>
+			</xs:extension>
+		</xs:complexContent>
+	</xs:complexType>
+	<xs:complexType name="KernelHookType">
+		<xs:annotation>
+			<xs:documentation>KernelHookType specifies Windows kernel hook types via a union of the KernelHookTypeEnum type and the atomic xs:string type. Its base type is the CybOX Core BaseObjectPropertyType, for permitting complex (i.e. regular-expression based) specifications.</xs:documentation>
+		</xs:annotation>
+		<xs:simpleContent>
+			<xs:restriction base="cyboxCommon:BaseObjectPropertyType">
+				<xs:simpleType>
+					<xs:union memberTypes="WinKernelHookObj:KernelHookTypeEnum xs:string"/>
+				</xs:simpleType>
+				<xs:attribute name="datatype" type="cyboxCommon:DatatypeEnum" fixed="string">
+					<xs:annotation>
+						<xs:documentation>This attribute is optional and specifies the expected type for the value of the specified property.</xs:documentation>
+					</xs:annotation>
+				</xs:attribute>
+			</xs:restriction>
+		</xs:simpleContent>
+	</xs:complexType>
+	<xs:simpleType name="KernelHookTypeEnum">
+		<xs:annotation>
+			<xs:documentation>The KernelHookTypeEnum type is a non-exhaustive enumeration of Windows kernel hook types.</xs:documentation>
+		</xs:annotation>
+		<xs:restriction base="xs:string">
+			<xs:enumeration value="IAT_API">
+				<xs:annotation>
+					<xs:documentation>Specifies a kernel hook type of IAT_API.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Inline_Function">
+				<xs:annotation>
+					<xs:documentation>Specifies an inline function type of kernel hook.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Instruction_Hooking">
+				<xs:annotation>
+					<xs:documentation>Specifies an instruction hooking type of kernel hook.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+		</xs:restriction>
+	</xs:simpleType>
+</xs:schema>
\ No newline at end of file
diff --git a/stix_validator/schema/cybox/objects/Win_Kernel_Object.xsd b/stix_validator/schema/cybox/objects/Win_Kernel_Object.xsd
new file mode 100755
index 0000000..e33636b
--- /dev/null
+++ b/stix_validator/schema/cybox/objects/Win_Kernel_Object.xsd
@@ -0,0 +1,128 @@
+<?xml version="1.0" encoding="utf-8"?>
+<xs:schema xmlns:xs="http://www.w3.org/2001/XMLSchema" xmlns:WinKernelObj="http://cybox.mitre.org/objects#WinKernelObject-2" xmlns:cyboxCommon="http://cybox.mitre.org/common-2" targetNamespace="http://cybox.mitre.org/objects#WinKernelObject-2" elementFormDefault="qualified" attributeFormDefault="unqualified" version="2.0">
+	<xs:annotation>
+		<xs:documentation>This schema was originally developed by The MITRE Corporation. The CybOX XML Schema implementation is maintained by The MITRE Corporation and developed by the open CybOX Community. For more information, including how to get involved in the effort and how to submit change requests, please visit the CybOX website at http://cybox.mitre.org. </xs:documentation>
+		<xs:appinfo>
+			<schema>Win_Kernel_Object</schema>
+			<version>2.0</version>
+			<date>02/11/2013 9:00:00 AM</date>
+			<short_description>The following specifies the fields and types that compose this defined CybOX Object type. Each defined object is an extension of the abstract ObjectPropertiesType, defined in CybOX Common. For more information on this extension mechanism, please see the CybOX Specification. This document is intended for developers and assumes some familiarity with XML. </short_description>
+			<terms_of_use>Copyright (c) 2012-2013, The MITRE Corporation. All rights reserved. The contents of this file are subject to the terms of the CybOX License located at http://cybox.mitre.org/about/termsofuse.html. See the CybOX License for the specific language governing permissions and limitations for use of this schema. When distributing copies of the CybOX Schema, this license header must be included. </terms_of_use>
+		</xs:appinfo>
+	</xs:annotation>
+	<xs:import namespace="http://cybox.mitre.org/common-2" schemaLocation="../cybox_common.xsd"/>
+	<xs:element name="Windows_Kernel" type="WinKernelObj:WindowsKernelObjectType">
+		<xs:annotation>
+			<xs:documentation>The Windows_Kernel object is intended to characterize Windows Kernel structures.</xs:documentation>
+		</xs:annotation>
+	</xs:element>
+	<xs:complexType name="WindowsKernelObjectType">
+		<xs:annotation>
+			<xs:documentation>The WindowsKernelObjectType type is intended to characterize Windows Kernel structures.</xs:documentation>
+		</xs:annotation>
+		<xs:complexContent>
+			<xs:extension base="cyboxCommon:ObjectPropertiesType">
+				<xs:sequence>
+					<xs:element name="IDT" type="WinKernelObj:IDTEntryListType" minOccurs="0">
+						<xs:annotation>
+							<xs:documentation>The IDT field characterizes the Windows Interrupt Descriptor Table (IDT).</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+					<xs:element name="SSDT" type="WinKernelObj:SSDTEntryListType" minOccurs="0">
+						<xs:annotation>
+							<xs:documentation>The SSDT field characterizes the Windows System Service Descriptor Table (SSDT). The SSDT is a structure that kernel uses to dispatch functions. KeServiceDescriptorTable is a table exported by the kernel that contains pointers to four SSDTs, one for the native API, one for user/GDI support, one of IIS SPUD (in Windows 2000), and one unused.See http://www.honeynet.org/node/438; Sven Boris Schreiber, Undocumented Windows 2000 Secrets (http://undocumented.rawol.com/sbs-w2k-2-the-windows-2000-native-api.pdf); Greg Hoglund and James Butler, Rootkits: Subverting the WIndows kernel</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+				</xs:sequence>
+			</xs:extension>
+		</xs:complexContent>
+	</xs:complexType>
+	<xs:complexType name="SSDTEntryListType">
+		<xs:annotation>
+			<xs:documentation>The SSDTEntryListType type specifies a listing of the entries in the System Service Descriptor Table (SSDT).</xs:documentation>
+		</xs:annotation>
+		<xs:sequence>
+			<xs:element name="SSDT_Entry" type="WinKernelObj:SSDTEntryType" maxOccurs="unbounded">
+				<xs:annotation>
+					<xs:documentation>Specifies an entry in the System Service Descriptor Table.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+		</xs:sequence>
+	</xs:complexType>
+	<xs:complexType name="SSDTEntryType">
+		<xs:annotation>
+			<xs:documentation>The SSDTEntryType type specifies a single entry in the System Service Descriptor Table (SSDT).</xs:documentation>
+		</xs:annotation>
+		<xs:sequence>
+			<xs:element name="Service_Table_Base" type="cyboxCommon:HexBinaryObjectPropertyType" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>Pointer to the system service dispatch table, an array of function addresses which is indexed by the system call number.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="Service_Counter_Table_Base" type="cyboxCommon:HexBinaryObjectPropertyType" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>Pointer to an array of usage counters.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="Number_Of_Services" type="cyboxCommon:NonNegativeIntegerObjectPropertyType" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>Number of entries in the system service dispatch table.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="Argument_Table_Base" type="cyboxCommon:HexBinaryObjectPropertyType" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>Pointer to an array of bytes, which indicate the number of bytes used by the function's arguments.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+		</xs:sequence>
+		<xs:attribute name="hooked" type="xs:boolean">
+			<xs:annotation>
+				<xs:documentation>The hooked attribute specifies whether the SSDT entry is hooked.</xs:documentation>
+			</xs:annotation>
+		</xs:attribute>
+	</xs:complexType>
+	<xs:complexType name="IDTEntryListType">
+		<xs:annotation>
+			<xs:documentation>The IDTEntryListType type specifies a listing of the entries in the Interrupt Descriptor Table (IDT). The IDT is specific to the I386 architecture, indicating where the Prtoetcted mode Interrupt Service Routines (ISR) are located. See http://wiki.osdev.org/Interrupt_Descriptor_Table </xs:documentation>
+		</xs:annotation>
+		<xs:sequence>
+			<xs:element name="IDT_Entry" type="WinKernelObj:IDTEntryType" maxOccurs="unbounded">
+				<xs:annotation>
+					<xs:documentation>Specifies an entry in the Interrupt Descriptor Table. </xs:documentation>
+				</xs:annotation>
+			</xs:element>
+		</xs:sequence>
+	</xs:complexType>
+	<xs:complexType name="IDTEntryType">
+		<xs:annotation>
+			<xs:documentation>The IDTEntryType type specifies a single entry in the Interrupt Descriptor Table (IDT). Entries can be interrupt gates, task gates, and trap gates.</xs:documentation>
+		</xs:annotation>
+		<xs:sequence>
+			<xs:element name="Type_Attr" type="cyboxCommon:HexBinaryObjectPropertyType" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>A byte that encodes the gate type and interrupt attributes (e.g., the Descriptor Privilege Level).</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="Offset_High" type="cyboxCommon:HexBinaryObjectPropertyType" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>Higher part of the interrupt function's offset address bits 16-31 in 32-bit, bits 32-63 in 64-bit)</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="Offset_Low" type="cyboxCommon:HexBinaryObjectPropertyType" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>Lower part of the interrupt function's offset address (bits 0-15)</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="Offset_Middle" type="cyboxCommon:HexBinaryObjectPropertyType" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>In 64-bit architectures, middle part of the interrupt function's offset address (bits 16-31)</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="Selector" type="cyboxCommon:HexBinaryObjectPropertyType" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>A 16-bit value that points to a code segment selector in the Global Descriptot Table.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+		</xs:sequence>
+	</xs:complexType>
+</xs:schema>
\ No newline at end of file
diff --git a/stix_validator/schema/cybox/objects/Win_Mailslot_Object.xsd b/stix_validator/schema/cybox/objects/Win_Mailslot_Object.xsd
new file mode 100755
index 0000000..c153f61
--- /dev/null
+++ b/stix_validator/schema/cybox/objects/Win_Mailslot_Object.xsd
@@ -0,0 +1,56 @@
+<?xml version="1.0" encoding="utf-8"?>
+<xs:schema xmlns:xs="http://www.w3.org/2001/XMLSchema" xmlns:WinMailslotObj="http://cybox.mitre.org/objects#WinMailslotObject-2" xmlns:cyboxCommon="http://cybox.mitre.org/common-2" xmlns:WinHandleObj="http://cybox.mitre.org/objects#WinHandleObject-2" targetNamespace="http://cybox.mitre.org/objects#WinMailslotObject-2" elementFormDefault="qualified" attributeFormDefault="unqualified" version="2.0">
+	<xs:annotation>
+		<xs:documentation>This schema was originally developed by The MITRE Corporation. The CybOX XML Schema implementation is maintained by The MITRE Corporation and developed by the open CybOX Community. For more information, including how to get involved in the effort and how to submit change requests, please visit the CybOX website at http://cybox.mitre.org. </xs:documentation>
+		<xs:appinfo>
+			<schema>Win_Mailslot_Object</schema>
+			<version>2.0</version>
+			<date>02/11/2013 9:00:00 AM</date>
+			<short_description>The following specifies the fields and types that compose this defined CybOX Object type. Each defined object is an extension of the abstract ObjectPropertiesType, defined in CybOX Common. For more information on this extension mechanism, please see the CybOX Specification. This document is intended for developers and assumes some familiarity with XML. </short_description>
+			<terms_of_use>Copyright (c) 2012-2013, The MITRE Corporation. All rights reserved. The contents of this file are subject to the terms of the CybOX License located at http://cybox.mitre.org/about/termsofuse.html. See the CybOX License for the specific language governing permissions and limitations for use of this schema. When distributing copies of the CybOX Schema, this license header must be included. </terms_of_use>
+		</xs:appinfo>
+	</xs:annotation>
+	<xs:import namespace="http://cybox.mitre.org/common-2" schemaLocation="../cybox_common.xsd"/>
+	<xs:import namespace="http://cybox.mitre.org/objects#WinHandleObject-2" schemaLocation="Win_Handle_Object.xsd"/>
+	<xs:element name="Windows_Mailslot" type="WinMailslotObj:WindowsMailslotObjectType" nillable="true">
+		<xs:annotation>
+			<xs:documentation>The Windows_Mailslot object is intended to characterize Windows mailslot objects. See also: http://msdn.microsoft.com/en-us/library/windows/desktop/aa365576(v=vs.85).aspx</xs:documentation>
+		</xs:annotation>
+	</xs:element>
+	<xs:complexType name="WindowsMailslotObjectType" mixed="false">
+		<xs:annotation>
+			<xs:documentation>The WindowsMailslotObjectType is intended to characterize Windows mailslot objects.</xs:documentation>
+		</xs:annotation>
+		<xs:complexContent>
+			<xs:extension base="cyboxCommon:ObjectPropertiesType">
+				<xs:sequence>
+					<xs:element name="Handle" type="WinHandleObj:WindowsHandleListType" minOccurs="0">
+						<xs:annotation>
+							<xs:documentation>The Handle field specifies the open Windows handle to the mailslot. It imports and uses the WindowsHandleObjectType from the CybOX Windows Handle Object.</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+					<xs:element name="Max_Message_Size" type="cyboxCommon:NonNegativeIntegerObjectPropertyType" minOccurs="0">
+						<xs:annotation>
+							<xs:documentation>The Max_Message_Size field specifies the maximum message size for the mailslot, in bytes.</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+					<xs:element name="Name" type="cyboxCommon:StringObjectPropertyType" minOccurs="0">
+						<xs:annotation>
+							<xs:documentation>The Name field specifies the name of the mailslot.</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+					<xs:element name="Read_Timeout" type="cyboxCommon:NonNegativeIntegerObjectPropertyType" minOccurs="0">
+						<xs:annotation>
+							<xs:documentation>The Read_Timeout field specifies the amount of time, in milliseconds, a read operation can wait for a message to be written to the mailslot before a time-out occurs. </xs:documentation>
+						</xs:annotation>
+					</xs:element>
+					<xs:element name="Security_Attributes" type="cyboxCommon:StringObjectPropertyType" minOccurs="0">
+						<xs:annotation>
+							<xs:documentation>The Security_Attributes field specifies the Windows security attributes for the mailslot.</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+				</xs:sequence>
+			</xs:extension>
+		</xs:complexContent>
+	</xs:complexType>
+</xs:schema>
\ No newline at end of file
diff --git a/stix_validator/schema/cybox/objects/Win_Memory_Page_Region_Object.xsd b/stix_validator/schema/cybox/objects/Win_Memory_Page_Region_Object.xsd
new file mode 100755
index 0000000..a55f283
--- /dev/null
+++ b/stix_validator/schema/cybox/objects/Win_Memory_Page_Region_Object.xsd
@@ -0,0 +1,198 @@
+<?xml version="1.0" encoding="utf-8"?>
+<xs:schema xmlns:xs="http://www.w3.org/2001/XMLSchema" xmlns:WinMemoryPageRegionObj="http://cybox.mitre.org/objects#WinMemoryPageRegionObject-2" xmlns:MemoryObj="http://cybox.mitre.org/objects#MemoryObject-2" xmlns:cyboxCommon="http://cybox.mitre.org/common-2" targetNamespace="http://cybox.mitre.org/objects#WinMemoryPageRegionObject-2" elementFormDefault="qualified" attributeFormDefault="unqualified" version="2.0">
+	<xs:annotation>
+		<xs:documentation>This schema was originally developed by The MITRE Corporation. The CybOX XML Schema implementation is maintained by The MITRE Corporation and developed by the open CybOX Community. For more information, including how to get involved in the effort and how to submit change requests, please visit the CybOX website at http://cybox.mitre.org. </xs:documentation>
+		<xs:appinfo>
+			<schema>Win_Memory_Page_Region_Object</schema>
+			<version>2.0</version>
+			<date>02/11/2013 9:00:00 AM</date>
+			<short_description>The following specifies the fields and types that compose this defined CybOX Object type. Each defined object is an extension of the abstract ObjectPropertiesType, defined in CybOX Common. For more information on this extension mechanism, please see the CybOX Specification. This document is intended for developers and assumes some familiarity with XML. </short_description>
+			<terms_of_use>Copyright (c) 2012-2013, The MITRE Corporation. All rights reserved. The contents of this file are subject to the terms of the CybOX License located at http://cybox.mitre.org/about/termsofuse.html. See the CybOX License for the specific language governing permissions and limitations for use of this schema. When distributing copies of the CybOX Schema, this license header must be included. </terms_of_use>
+		</xs:appinfo>
+	</xs:annotation>
+	<xs:import namespace="http://cybox.mitre.org/common-2" schemaLocation="../cybox_common.xsd"/>
+	<xs:import namespace="http://cybox.mitre.org/objects#MemoryObject-2" schemaLocation="Memory_Object.xsd"/>
+	<xs:element name="Windows_Memory_Page_Region" type="WinMemoryPageRegionObj:WindowsMemoryPageRegionObjectType">
+		<xs:annotation>
+			<xs:documentation>The Windows_Memory_Page_Region object is intended represent a single Windows memory page region.</xs:documentation>
+		</xs:annotation>
+	</xs:element>
+	<xs:complexType name="WindowsMemoryPageRegionObjectType" mixed="false">
+		<xs:annotation>
+			<xs:documentation>The WindowsMemoryPageRegionObjectType type is intended to characterize Windows memory page regions.</xs:documentation>
+		</xs:annotation>
+		<xs:complexContent>
+			<xs:extension base="MemoryObj:MemoryObjectType">
+				<xs:sequence>
+					<xs:element minOccurs="0" name="Type" type="WinMemoryPageRegionObj:MemoryPageTypeType">
+						<xs:annotation>
+							<xs:documentation>The Type field specifies the type of pages in the memory page region.</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+					<xs:element minOccurs="0" name="Allocation_Base_Address" type="cyboxCommon:HexBinaryObjectPropertyType">
+						<xs:annotation>
+							<xs:documentation>The Allocation_Base_Address field specifies the base address of the memory page region when the region was first allocated.</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+					<xs:element minOccurs="0" name="Allocation_Protect" type="WinMemoryPageRegionObj:MemoryPageProtectionType">
+						<xs:annotation>
+							<xs:documentation>The Allocation_Protect field specifies the memory protection option for the memory page region when the region was initially allocated.</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+					<xs:element minOccurs="0" name="State" type="WinMemoryPageRegionObj:MemoryPageStateType">
+						<xs:annotation>
+							<xs:documentation>The State field specifies the state of the memory pages in the region.</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+					<xs:element minOccurs="0" name="Protect" type="WinMemoryPageRegionObj:MemoryPageProtectionType">
+						<xs:annotation>
+							<xs:documentation>The Protect field specifies the access protection of the memory pages in the region.</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+				</xs:sequence>
+			</xs:extension>
+		</xs:complexContent>
+	</xs:complexType>
+	<xs:complexType name="MemoryPageProtectionType">
+		<xs:annotation>
+			<xs:documentation>MemoryPageProtectionType specifies memory protection constant types, via a union of the MemoryPageProtectionEnum type and the atomic xs:string type. Its base type is the CybOX Core BaseObjectPropertyType, for permitting complex (i.e. regular-expression based) specifications.</xs:documentation>
+		</xs:annotation>
+		<xs:simpleContent>
+			<xs:restriction base="cyboxCommon:BaseObjectPropertyType">
+				<xs:simpleType>
+					<xs:union memberTypes="WinMemoryPageRegionObj:MemoryPageProtectionEnum xs:string"/>
+				</xs:simpleType>
+				<xs:attribute fixed="string" name="datatype" type="cyboxCommon:DatatypeEnum">
+					<xs:annotation>
+						<xs:documentation>This attribute is optional and specifies the expected type for the value of the specified property.</xs:documentation>
+					</xs:annotation>
+				</xs:attribute>
+			</xs:restriction>
+		</xs:simpleContent>
+	</xs:complexType>
+	<xs:simpleType name="MemoryPageProtectionEnum">
+		<xs:annotation>
+			<xs:documentation>The MemoryPageProtectionEnum defines an enumeration of memory page protection constants. As a further reference, please see: http://msdn.microsoft.com/en-us/library/windows/desktop/aa366786(v=vs.85).aspx</xs:documentation>
+		</xs:annotation>
+		<xs:restriction base="xs:string">
+			<xs:enumeration value="PAGE_EXECUTE">
+				<xs:annotation>
+					<xs:documentation>From Microsoft: "Enables execute access to the committed region of pages. An attempt to read from or write to the committed region results in an access violation."</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="PAGE_EXECUTE_READ">
+				<xs:annotation>
+					<xs:documentation>From Microsoft: "Enables execute or read-only access to the committed region of pages. An attempt to write to the committed region results in an access violation."</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="PAGE_EXECUTE_READWRITE">
+				<xs:annotation>
+					<xs:documentation>From Microsoft: "Enables execute, read-only, or read/write access to the committed region of pages."</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="PAGE_EXECUTE_WRITECOPY">
+				<xs:annotation>
+					<xs:documentation>From Microsoft: "Enables execute, read-only, or copy-on-write access to a mapped view of a file mapping object. An attempt to write to a committed copy-on-write page results in a private copy of the page being made for the process. The private page is marked as PAGE_EXECUTE_READWRITE, and the change is written to the new page."</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="PAGE_NOACCESS">
+				<xs:annotation>
+					<xs:documentation>From Microsoft: "Disables all access to the committed region of pages. An attempt to read from, write to, or execute the committed region results in an access violation."</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="PAGE_READONLY">
+				<xs:annotation>
+					<xs:documentation>From Microsoft: "Enables read-only access to the committed region of pages. An attempt to write to the committed region results in an access violation. If Data Execution Prevention is enabled, an attempt to execute code in the committed region results in an access violation."</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="PAGE_READWRITE">
+				<xs:annotation>
+					<xs:documentation>From Microsoft: "Enables read-only or read/write access to the committed region of pages. If Data Execution Prevention is enabled, attempting to execute code in the committed region results in an access violation."</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="PAGE_WRITECOPY">
+				<xs:annotation>
+					<xs:documentation>From Microsoft: "Enables read-only or copy-on-write access to a mapped view of a file mapping object. An attempt to write to a committed copy-on-write page results in a private copy of the page being made for the process. The private page is marked as PAGE_READWRITE, and the change is written to the new page. If Data Execution Prevention is enabled, attempting to execute code in the committed region results in an access violation."</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+		</xs:restriction>
+	</xs:simpleType>
+	<xs:complexType name="MemoryPageStateType">
+		<xs:annotation>
+			<xs:documentation>MemoryPageStateType specifies memory protection states, via a union of the MemoryPageStateEnum type and the atomic xs:string type. Its base type is the CybOX Core BaseObjectPropertyType, for permitting complex (i.e. regular-expression based) specifications.</xs:documentation>
+		</xs:annotation>
+		<xs:simpleContent>
+			<xs:restriction base="cyboxCommon:BaseObjectPropertyType">
+				<xs:simpleType>
+					<xs:union memberTypes="WinMemoryPageRegionObj:MemoryPageStateEnum xs:string"/>
+				</xs:simpleType>
+				<xs:attribute fixed="string" name="datatype" type="cyboxCommon:DatatypeEnum">
+					<xs:annotation>
+						<xs:documentation>This attribute is optional and specifies the expected type for the value of the specified property.</xs:documentation>
+					</xs:annotation>
+				</xs:attribute>
+			</xs:restriction>
+		</xs:simpleContent>
+	</xs:complexType>
+	<xs:simpleType name="MemoryPageStateEnum">
+		<xs:annotation>
+			<xs:documentation>The MemoryPageStateEnum defines an enumeration of memory page states. As a further reference, please see: http://msdn.microsoft.com/en-us/library/windows/desktop/aa366775(v=vs.85).aspx</xs:documentation>
+		</xs:annotation>
+		<xs:restriction base="xs:string">
+			<xs:enumeration value="MEM_COMMIT">
+				<xs:annotation>
+					<xs:documentation>From Microsoft: "Indicates committed pages for which physical storage has been allocated, either in memory or in the paging file on disk."</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="MEM_FREE">
+				<xs:annotation>
+					<xs:documentation>From Microsoft: "Indicates free pages not accessible to the calling process and available to be allocated. For free pages, the information in the AllocationBase, AllocationProtect, Protect, and Type members is undefined."</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="MEM_RESERVE">
+				<xs:annotation>
+					<xs:documentation>From Microsoft: "Indicates reserved pages where a range of the process's virtual address space is reserved without any physical storage being allocated. For reserved pages, the information in the Protect member is undefined."</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+		</xs:restriction>
+	</xs:simpleType>
+	<xs:complexType name="MemoryPageTypeType">
+		<xs:annotation>
+			<xs:documentation>MemoryPageTypeType specifies memory protection type, via a union of the MemoryPageTypeEnum type and the atomic xs:string type. Its base type is the CybOX Core BaseObjectPropertyType, for permitting complex (i.e. regular-expression based) specifications.</xs:documentation>
+		</xs:annotation>
+		<xs:simpleContent>
+			<xs:restriction base="cyboxCommon:BaseObjectPropertyType">
+				<xs:simpleType>
+					<xs:union memberTypes="WinMemoryPageRegionObj:MemoryPageTypeEnum xs:string"/>
+				</xs:simpleType>
+				<xs:attribute fixed="string" name="datatype" type="cyboxCommon:DatatypeEnum">
+					<xs:annotation>
+						<xs:documentation>This attribute is optional and specifies the expected type for the value of the specified property.</xs:documentation>
+					</xs:annotation>
+				</xs:attribute>
+			</xs:restriction>
+		</xs:simpleContent>
+	</xs:complexType>
+	<xs:simpleType name="MemoryPageTypeEnum">
+		<xs:annotation>
+			<xs:documentation>The MemoryPageTypeEnum defines an enumeration of memory page types. As a further reference, please see: http://msdn.microsoft.com/en-us/library/windows/desktop/aa366775(v=vs.85).aspx</xs:documentation>
+		</xs:annotation>
+		<xs:restriction base="xs:string">
+			<xs:enumeration value="MEM_IMAGE">
+				<xs:annotation>
+					<xs:documentation>From Microsoft: "Indicates that the memory pages within the region are mapped into the view of an image section."</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="MEM_MAPPED">
+				<xs:annotation>
+					<xs:documentation>From Microsoft: "Indicates that the memory pages within the region are mapped into the view of a section."</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="MEM_PRIVATE">
+				<xs:annotation>
+					<xs:documentation>From Microsoft: "Indicates that the memory pages within the region are private (that is, not shared by other processes)."</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+		</xs:restriction>
+	</xs:simpleType>
+</xs:schema>
\ No newline at end of file
diff --git a/stix_validator/schema/cybox/objects/Win_Mutex_Object.xsd b/stix_validator/schema/cybox/objects/Win_Mutex_Object.xsd
new file mode 100755
index 0000000..7eeb2fa
--- /dev/null
+++ b/stix_validator/schema/cybox/objects/Win_Mutex_Object.xsd
@@ -0,0 +1,42 @@
+<?xml version="1.0" encoding="utf-8"?>
+<xs:schema xmlns:xs="http://www.w3.org/2001/XMLSchema" xmlns:WinMutexObj="http://cybox.mitre.org/objects#WinMutexObject-2" xmlns:cyboxCommon="http://cybox.mitre.org/common-2" xmlns:WinHandleObj="http://cybox.mitre.org/objects#WinHandleObject-2" xmlns:MutexObj="http://cybox.mitre.org/objects#MutexObject-2" targetNamespace="http://cybox.mitre.org/objects#WinMutexObject-2" elementFormDefault="qualified" attributeFormDefault="unqualified" version="2.0">
+	<xs:annotation>
+		<xs:documentation>This schema was originally developed by The MITRE Corporation. The CybOX XML Schema implementation is maintained by The MITRE Corporation and developed by the open CybOX Community. For more information, including how to get involved in the effort and how to submit change requests, please visit the CybOX website at http://cybox.mitre.org. </xs:documentation>
+		<xs:appinfo>
+			<schema>Win_Mutex_Object</schema>
+			<version>2.0</version>
+			<date>02/11/2013 9:00:00 AM</date>
+			<short_description>The following specifies the fields and types that compose this defined CybOX Object type. Each defined object is an extension of the abstract ObjectPropertiesType, defined in CybOX Common. For more information on this extension mechanism, please see the CybOX Specification. This document is intended for developers and assumes some familiarity with XML. </short_description>
+			<terms_of_use>Copyright (c) 2012-2013, The MITRE Corporation. All rights reserved. The contents of this file are subject to the terms of the CybOX License located at http://cybox.mitre.org/about/termsofuse.html. See the CybOX License for the specific language governing permissions and limitations for use of this schema. When distributing copies of the CybOX Schema, this license header must be included. </terms_of_use>
+		</xs:appinfo>
+	</xs:annotation>
+	<xs:import namespace="http://cybox.mitre.org/common-2" schemaLocation="../cybox_common.xsd"/>
+	<xs:import namespace="http://cybox.mitre.org/objects#WinHandleObject-2" schemaLocation="Win_Handle_Object.xsd"/>
+	<xs:import namespace="http://cybox.mitre.org/objects#MutexObject-2" schemaLocation="Mutex_Object.xsd"/>
+	<xs:element name="Windows_Mutex" type="WinMutexObj:WindowsMutexObjectType" nillable="true">
+		<xs:annotation>
+			<xs:documentation>The Windows_Mutex object is intended to characterize Windows mutual exclusion (mutex) objects.</xs:documentation>
+		</xs:annotation>
+	</xs:element>
+	<xs:complexType name="WindowsMutexObjectType" mixed="false">
+		<xs:annotation>
+			<xs:documentation>The WindowsMutexObjectType type is intended to characterize Windows mutual exclusion (mutex) objects.</xs:documentation>
+		</xs:annotation>
+		<xs:complexContent mixed="false">
+			<xs:extension base="MutexObj:MutexObjectType">
+				<xs:sequence>
+					<xs:element name="Handle" minOccurs="0" type="WinHandleObj:WindowsHandleObjectType">
+						<xs:annotation>
+							<xs:documentation>The Handle field specifies the open Windows handle to the mutex. It imports and uses the WindowsHandleObjectType from the CybOX Windows Handle Object.</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+					<xs:element minOccurs="0" name="Security_Attributes" type="cyboxCommon:StringObjectPropertyType">
+						<xs:annotation>
+							<xs:documentation>The Security_Attributes field specifies the Windows security attributes for the mutex.</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+				</xs:sequence>
+			</xs:extension>
+		</xs:complexContent>
+	</xs:complexType>
+</xs:schema>
\ No newline at end of file
diff --git a/stix_validator/schema/cybox/objects/Win_Network_Route_Entry_Object.xsd b/stix_validator/schema/cybox/objects/Win_Network_Route_Entry_Object.xsd
new file mode 100755
index 0000000..858d78b
--- /dev/null
+++ b/stix_validator/schema/cybox/objects/Win_Network_Route_Entry_Object.xsd
@@ -0,0 +1,200 @@
+<?xml version="1.0" encoding="utf-8"?>
+<xs:schema xmlns:xs="http://www.w3.org/2001/XMLSchema" xmlns:NetworkRouteEntryObj="http://cybox.mitre.org/objects#NetworkRouteEntryObject-2" xmlns:WinNetworkRouteEntryObj="http://cybox.mitre.org/objects#WinNetworkRouteEntryObject-2" xmlns:cyboxCommon="http://cybox.mitre.org/common-2" targetNamespace="http://cybox.mitre.org/objects#WinNetworkRouteEntryObject-2" elementFormDefault="qualified" attributeFormDefault="unqualified" version="2.0">
+	<xs:annotation>
+		<xs:documentation>This schema was originally developed by The MITRE Corporation. The CybOX XML Schema implementation is maintained by The MITRE Corporation and developed by the open CybOX Community. For more information, including how to get involved in the effort and how to submit change requests, please visit the CybOX website at http://cybox.mitre.org. </xs:documentation>
+		<xs:appinfo>
+			<schema>Win_Network_Route_Entry_Object</schema>
+			<version>2.0</version>
+			<date>02/11/2013 9:00:00 AM</date>
+			<short_description>The following specifies the fields and types that compose this defined CybOX Object type. Each defined object is an extension of the abstract ObjectPropertiesType, defined in CybOX Common. For more information on this extension mechanism, please see the CybOX Specification. This document is intended for developers and assumes some familiarity with XML. </short_description>
+			<terms_of_use>Copyright (c) 2012-2013, The MITRE Corporation. All rights reserved. The contents of this file are subject to the terms of the CybOX License located at http://cybox.mitre.org/about/termsofuse.html. See the CybOX License for the specific language governing permissions and limitations for use of this schema. When distributing copies of the CybOX Schema, this license header must be included. </terms_of_use>
+		</xs:appinfo>
+	</xs:annotation>
+	<xs:import namespace="http://cybox.mitre.org/common-2" schemaLocation="../cybox_common.xsd"/>
+	<xs:import namespace="http://cybox.mitre.org/objects#NetworkRouteEntryObject-2" schemaLocation="Network_Route_Entry_Object.xsd"/>
+	<xs:import namespace="http://cybox.mitre.org/objects#AddressObject-2" schemaLocation="Address_Object.xsd"/>
+	<xs:element name="Windows_Network_Route_Entry" type="WinNetworkRouteEntryObj:WindowsNetworkRouteEntryObjectType">
+		<xs:annotation>
+			<xs:documentation>he Windows_Network_Route_Entry object is intended to characterize Windows network routing table entries.</xs:documentation>
+		</xs:annotation>
+	</xs:element>
+	<xs:complexType name="WindowsNetworkRouteEntryObjectType" mixed="false">
+		<xs:annotation>
+			<xs:documentation>The WindowsNetworkRouteEntryObjectType type is intended to characterize Windows network routing table entries.</xs:documentation>
+		</xs:annotation>
+		<xs:complexContent>
+			<xs:extension base="NetworkRouteEntryObj:NetworkRouteEntryObjectType">
+				<xs:sequence>
+					<xs:element minOccurs="0" name="NL_ROUTE_PROTOCOL" type="WinNetworkRouteEntryObj:NLRouteProtocolType">
+						<xs:annotation>
+							<xs:documentation>The NL_ROUTE_PROTOCOL element captures the routing protocol specified for the network route, as detailed in the NL_ROUTE_PROTOCOL enumeration. For more information please see: http://msdn.microsoft.com/en-us/library/windows/desktop/aa814494(v=vs.85).aspx</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+					<xs:element name="NL_ROUTE_ORIGIN" type="WinNetworkRouteEntryObj:NLRouteOriginType" minOccurs="0">
+						<xs:annotation>
+							<xs:documentation>The NL_ROUTE_ORIGIN element specifies a network route origination point, as detailed in the NL_ROUTE_ORIGIN enumertaion in the MIB_IPFORWARD_ROW2 structure. For more information, see http://msdn.microsoft.com/en-us/library/windows/desktop/aa814494(v=vs.85).aspx for the MIB_IPFORWARD_ROW2 structure and http://msdn.microsoft.com/en-us/library/windows/hardware/ff568764(v=vs.85).aspx for the NL_ROUTE_ORIGIN enumeration.</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+				</xs:sequence>
+			</xs:extension>
+		</xs:complexContent>
+	</xs:complexType>
+	<xs:complexType name="NLRouteOriginType">
+		<xs:annotation>
+			<xs:documentation>NLRouteOriginType specifies Windows-centric network route origination values via a union of the RouteOriginEnum type and the atomic xs:string type. Its base type is the CybOX BaseObjectPropertyType, for permitting complex (i.e. regular-expression based) specifications.</xs:documentation>
+		</xs:annotation>
+		<xs:simpleContent>
+			<xs:restriction base="cyboxCommon:BaseObjectPropertyType">
+				<xs:simpleType>
+					<xs:union memberTypes="WinNetworkRouteEntryObj:NLRouteOriginEnum xs:string"/>
+				</xs:simpleType>
+				<xs:attribute name="datatype" type="cyboxCommon:DatatypeEnum" fixed="string">
+					<xs:annotation>
+						<xs:documentation>This attribute is optional and specifies the expected type for the value of the specified property.</xs:documentation>
+					</xs:annotation>
+				</xs:attribute>
+			</xs:restriction>
+		</xs:simpleContent>
+	</xs:complexType>
+	<xs:simpleType name="NLRouteOriginEnum">
+		<xs:annotation>
+			<xs:documentation>The NLRouteOriginEnum type is a enumeration of network route origination points, as detailed in the NL_ROUTE_ORIGIN enumertaion in the MIB_IPFORWARD_ROW2 structure. For more information, see http://msdn.microsoft.com/en-us/library/windows/desktop/aa814494(v=vs.85).aspx for the MIB_IPFORWARD_ROW2 structure and http://msdn.microsoft.com/en-us/library/windows/hardware/ff568764(v=vs.85).aspx for the NL_ROUTE_ORIGIN enumeration.</xs:documentation>
+		</xs:annotation>
+		<xs:restriction base="xs:string">
+			<xs:enumeration value="NlroManual">
+				<xs:annotation>
+					<xs:documentation>Specifies that the origin was determined as a result of manual configuration.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="NlroWellKnown">
+				<xs:annotation>
+					<xs:documentation>Specifies that the route is well-known.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="NlroDHCP">
+				<xs:annotation>
+					<xs:documentation>Specifies that the origin was determined as a result of DHCP configuration.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="NlroRouterAdvertisement">
+				<xs:annotation>
+					<xs:documentation>Specifies that the origin was determined as a result of router advertisement.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Nlro6to4">
+				<xs:annotation>
+					<xs:documentation>Specifies that the origin was determined as a result of 6to4 tunneling.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+		</xs:restriction>
+	</xs:simpleType>
+	<xs:complexType name="NLRouteProtocolType">
+		<xs:annotation>
+			<xs:documentation>NLRouteProtocolType specifies Windows-centric network routing protocol values via a union of the NLRouteProtocolEnum type and the atomic xs:string type. Its base type is the CybOX BaseObjectPropertyType, for permitting complex (i.e. regular-expression based) specifications.</xs:documentation>
+		</xs:annotation>
+		<xs:simpleContent>
+			<xs:restriction base="cyboxCommon:BaseObjectPropertyType">
+				<xs:simpleType>
+					<xs:union memberTypes="WinNetworkRouteEntryObj:NLRouteProtocolEnum xs:string"/>
+				</xs:simpleType>
+				<xs:attribute name="datatype" type="cyboxCommon:DatatypeEnum" fixed="string">
+					<xs:annotation>
+						<xs:documentation>This attribute is optional and specifies the expected type for the value of the specified property.</xs:documentation>
+					</xs:annotation>
+				</xs:attribute>
+			</xs:restriction>
+		</xs:simpleContent>
+	</xs:complexType>
+	<xs:simpleType name="NLRouteProtocolEnum">
+		<xs:annotation>
+			<xs:documentation>The NLRouteProtocolEnum type is a enumeration of network routing protocols, as detailed in the NL_ROUTE_PROTOCOL enumeration in the MIB_IPFORWARD_ROW2 structure. For more information, see http://msdn.microsoft.com/en-us/library/windows/desktop/aa814494(v=vs.85).aspx for the MIB_IPFORWARD_ROW2 structure.</xs:documentation>
+		</xs:annotation>
+		<xs:restriction base="xs:string">
+			<xs:enumeration value="MIB_IPPROTO_OTHER">
+				<xs:annotation>
+					<xs:documentation>Specifies that the routing mechanism was not specified.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="MIB_IPPROTO_LOCAL">
+				<xs:annotation>
+					<xs:documentation>Specifies a local interface.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="MIB_IPPROTO_NETMGMT">
+				<xs:annotation>
+					<xs:documentation>Specifies a static route. This value is used to identify route information for IP routing set through network management such as the Dynamic Host Configuration Protocol (DCHP), the Simple Network Management Protocol (SNMP), or by calls to the CreateIpForwardEntry2, DeleteIpForwardEntry2, or SetIpForwardEntry2 functions.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="MIB_IPPROTO_ICMP">
+				<xs:annotation>
+					<xs:documentation>Specifies the result of an ICMP redirect.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="MIB_IPPROTO_EGP">
+				<xs:annotation>
+					<xs:documentation>Specifies the Exterior Gateway Protocol (EGP), a dynamic routing protocol.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="MIB_IPPROTO_GGP">
+				<xs:annotation>
+					<xs:documentation>Specifies the Gateway-to-Gateway Protocol (GGP), a dynamic routing protocol.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="MIB_IPPROTO_HELLO">
+				<xs:annotation>
+					<xs:documentation>Specifies the hellospeak protocol, a dynamic routing protocol. This is a historical entry no longer in use and was an early routing protocol used by the original ARPANET routers that ran special software called the Fuzzball routing protocol, sometimes called Hellospeak, as described in RFC 891 and RFC 1305. For more information, see http://www.ietf.org/rfc/rfc891.txt and http://www.ietf.org/rfc/rfc1305.txt.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="MIB_IPPROTO_RIP">
+				<xs:annotation>
+					<xs:documentation>Specifies the Berkeley Routing Information Protocol (RIP) or RIP-II, a dynamic routing protocol.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="MIB_IPPROTO_IS_IS">
+				<xs:annotation>
+					<xs:documentation>Specifies the Intermediate System-to-Intermediate System (IS-IS) protocol, a dynamic routing protocol. The IS-IS protocol was developed for use in the Open Systems Interconnection (OSI) protocol suite.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="MIB_IPPROTO_ES_IS">
+				<xs:annotation>
+					<xs:documentation>Specifies the End System-to-Intermediate System (ES-IS) protocol, a dynamic routing protocol. The ES-IS protocol was developed for use in the Open Systems Interconnection (OSI) protocol suite.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="MIB_IPPROTO_CISCO">
+				<xs:annotation>
+					<xs:documentation>Specifies the Cisco Interior Gateway Routing Protocol (IGRP), a dynamic routing protocol.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="MIB_IPPROTO_BBN">
+				<xs:annotation>
+					<xs:documentation>Specifies the Bolt, Beranek, and Newman (BBN) Interior Gateway Protocol (IGP) that used the Shortest Path First (SPF) algorithm. This was an early dynamic routing protocol.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="MIB_IPPROTO_OSPF">
+				<xs:annotation>
+					<xs:documentation>Specifies the Open Shortest Path First (OSPF) protocol, a dynamic routing protocol.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="MIB_IPPROTO_BGP">
+				<xs:annotation>
+					<xs:documentation>Specifies the Border Gateway Protocol (BGP), a dynamic routing protocol.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="MIB_IPPROTO_NT_AUTOSTATIC">
+				<xs:annotation>
+					<xs:documentation>Specifies a Windows specific entry added originally by a routing protocol, but which is now static.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="MIB_IPPROTO_NT_STATIC">
+				<xs:annotation>
+					<xs:documentation>Specifies a Windows specific entry added as a static route from the routing user interface or a routing command.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="MIB_IPPROTO_NT_STATIC_NON_DOD">
+				<xs:annotation>
+					<xs:documentation>Specifies a Windows specific entry added as an static route from the routing user interface or a routing command, except these routes do not cause Dial On Demand (DOD).</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+		</xs:restriction>
+	</xs:simpleType>
+</xs:schema>
\ No newline at end of file
diff --git a/stix_validator/schema/cybox/objects/Win_Network_Share_Object.xsd b/stix_validator/schema/cybox/objects/Win_Network_Share_Object.xsd
new file mode 100755
index 0000000..25d3399
--- /dev/null
+++ b/stix_validator/schema/cybox/objects/Win_Network_Share_Object.xsd
@@ -0,0 +1,205 @@
+<?xml version="1.0" encoding="utf-8"?>
+<xs:schema xmlns:xs="http://www.w3.org/2001/XMLSchema" xmlns:WinNetworkShareObj="http://cybox.mitre.org/objects#WinNetworkShareObject-2" xmlns:cyboxCommon="http://cybox.mitre.org/common-2" targetNamespace="http://cybox.mitre.org/objects#WinNetworkShareObject-2" elementFormDefault="qualified" attributeFormDefault="unqualified" version="2.0">
+	<xs:annotation>
+		<xs:documentation>This schema was originally developed by The MITRE Corporation. The CybOX XML Schema implementation is maintained by The MITRE Corporation and developed by the open CybOX Community. For more information, including how to get involved in the effort and how to submit change requests, please visit the CybOX website at http://cybox.mitre.org. </xs:documentation>
+		<xs:appinfo>
+			<schema>Win_Network_Share_Object</schema>
+			<version>2.0</version>
+			<date>02/11/2013 9:00:00 AM</date>
+			<short_description>The following specifies the fields and types that compose this defined CybOX Object type. Each defined object is an extension of the abstract ObjectPropertiesType, defined in CybOX Common. For more information on this extension mechanism, please see the CybOX Specification. This document is intended for developers and assumes some familiarity with XML. </short_description>
+			<terms_of_use>Copyright (c) 2012-2013, The MITRE Corporation. All rights reserved. The contents of this file are subject to the terms of the CybOX License located at http://cybox.mitre.org/about/termsofuse.html. See the CybOX License for the specific language governing permissions and limitations for use of this schema. When distributing copies of the CybOX Schema, this license header must be included. </terms_of_use>
+		</xs:appinfo>
+	</xs:annotation>
+	<xs:import namespace="http://cybox.mitre.org/common-2" schemaLocation="../cybox_common.xsd"/>
+	<xs:element name="Windows_Network_Share" type="WinNetworkShareObj:WindowsNetworkShareObjectType" nillable="true">
+		<xs:annotation>
+			<xs:documentation>he Windows_Network_Share object is intended to characterize Windows network shares.</xs:documentation>
+		</xs:annotation>
+	</xs:element>
+	<xs:complexType name="WindowsNetworkShareObjectType" mixed="false">
+		<xs:annotation>
+			<xs:documentation>he WindowsNetworkShareObjectType type is intended to characterize Windows network shares.</xs:documentation>
+		</xs:annotation>
+		<xs:complexContent>
+			<xs:extension base="cyboxCommon:ObjectPropertiesType">
+				<xs:sequence>
+					<xs:element name="Current_Uses" type="cyboxCommon:NonNegativeIntegerObjectPropertyType" minOccurs="0">
+						<xs:annotation>
+							<xs:documentation>The Current_Uses field specifies the current number of uses of the network share.</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+					<xs:element name="Local_Path" type="cyboxCommon:StringObjectPropertyType" minOccurs="0">
+						<xs:annotation>
+							<xs:documentation>The Local_Path field specifies the fully-qualified path on the local system to the network share.</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+					<xs:element name="Max_Uses" type="cyboxCommon:NonNegativeIntegerObjectPropertyType" minOccurs="0">
+						<xs:annotation>
+							<xs:documentation>The Max_Uses field specifies the maximum number of concurrent connections to the network share.</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+					<xs:element name="Netname" type="cyboxCommon:StringObjectPropertyType" minOccurs="1">
+						<xs:annotation>
+							<xs:documentation>The Netname field specifies the network name of the network share.</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+					<xs:element name="Type" type="WinNetworkShareObj:SharedResourceType" minOccurs="0">
+						<xs:annotation>
+							<xs:documentation>The Type field specifies the type of the network share.</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+				</xs:sequence>
+				<xs:attributeGroup ref="WinNetworkShareObj:AccessPermissionsGroup"/>
+			</xs:extension>
+		</xs:complexContent>
+	</xs:complexType>
+	<xs:complexType name="SharedResourceType">
+		<xs:annotation>
+			<xs:documentation>SharedResourceType specifies Windows shared resource types via a union of the SharedResourceTypeEnum type and the atomic xs:string type. Its base type is the CybOX Core BaseObjectPropertyType, for permitting complex (i.e. regular-expression based) specifications.</xs:documentation>
+		</xs:annotation>
+		<xs:simpleContent>
+			<xs:restriction base="cyboxCommon:BaseObjectPropertyType">
+				<xs:simpleType>
+					<xs:union memberTypes="WinNetworkShareObj:SharedResourceTypeEnum xs:string"/>
+				</xs:simpleType>
+				<xs:attribute name="datatype" type="cyboxCommon:DatatypeEnum" fixed="string">
+					<xs:annotation>
+						<xs:documentation>This attribute is optional and specifies the expected type for the value of the specified property.</xs:documentation>
+					</xs:annotation>
+				</xs:attribute>
+			</xs:restriction>
+		</xs:simpleContent>
+	</xs:complexType>
+	<xs:simpleType name="SharedResourceTypeEnum">
+		<xs:annotation>
+			<xs:documentation>The SharedResourceTypeEnum type is an enumeration of Windows that specifies shared resource types for shared devices. These can be checked via the NetShareCheck function. See http://msdn.microsoft.com/en-us/library/windows/desktop/bb525385(v=vs.85).aspx for more information.</xs:documentation>
+		</xs:annotation>
+		<xs:restriction base="xs:string">
+			<xs:enumeration value="STYPE_DISKTREE">
+				<xs:annotation>
+					<xs:documentation>Specifies that the shared device is a disk drive.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="STYPE_DISKTREE_SPECIAL">
+				<xs:annotation>
+					<xs:documentation>Specifies that the shared device is a disk drive with special share reserved for interprocess communcation (IPC$) or remote administration of the server (ADMIN$). Can also refer to administrative shares such as C$, D$, E$, and so forth. For more information, see http://msdn.microsoft.com/en-us/library/windows/desktop/bb525391(v=vs.85).aspx.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="STYPE_DISKTREE_TEMPORARY">
+				<xs:annotation>
+					<xs:documentation>Specifies that the shared device is a disk drive and serves as a temporary share.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="STYPE_DISKTREE_SPECIAL_TEMPORARY">
+				<xs:annotation>
+					<xs:documentation>Specifies that the shared device is a disk drive with special share reserved for interprocess communcation (IPC$) or remote administration of the server (ADMIN$) and serves a temporary share. Can also refer to administrative shares such as C$, D$, E$, and so forth. For more information, see http://msdn.microsoft.com/en-us/library/windows/desktop/bb525391(v=vs.85).aspx.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="STYPE_PRINTQ">
+				<xs:annotation>
+					<xs:documentation>Specifies that the shared device is a print queue.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="STYPE_PRINTQ_SPECIAL">
+				<xs:annotation>
+					<xs:documentation>Specifies that the shared device is a disk drive with special share reserved for interprocess communcation (IPC$) or remote administration of the server (ADMIN$). Can also refer to administrative shares such as C$, D$, E$, and so forth. For more information, see http://msdn.microsoft.com/en-us/library/windows/desktop/bb525391(v=vs.85).aspx.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="STYPE_PRINTQ_TEMPORARY">
+				<xs:annotation>
+					<xs:documentation>Specifies that the shared device is a print queue and serves as a temporary share.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="STYPE_PRINTQ_SPECIAL_TEMPORARY">
+				<xs:annotation>
+					<xs:documentation>Specifies that the shared device is a print queue with special share reserved for interprocess communcation (IPC$) or remote administration of the server (ADMIN$) and serves a temporary share. Can also refer to administrative shares such as C$, D$, E$, and so forth. For more information, see http://msdn.microsoft.com/en-us/library/windows/desktop/bb525391(v=vs.85).aspx.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="STYPE_DEVICE">
+				<xs:annotation>
+					<xs:documentation>Specifies that the shared device is a communications device.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="STYPE_DEVICE_SPECIAL">
+				<xs:annotation>
+					<xs:documentation>Specifies that the shared device is a communications device with special share reserved for interprocess communcation (IPC$) or remote administration of the server (ADMIN$). Can also refer to administrative shares such as C$, D$, E$, and so forth. For more information, see http://msdn.microsoft.com/en-us/library/windows/desktop/bb525391(v=vs.85).aspx.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="STYPE_DEVICE_TEMPORARY">
+				<xs:annotation>
+					<xs:documentation>Specifies that the shared device is a communications device and serves as a temporary share.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="STYPE_DEVICE_SPECIAL_TEMPORARY">
+				<xs:annotation>
+					<xs:documentation>Specifies that the shared device is a communications device with special share reserved for interprocess communcation (IPC$) or remote administration of the server (ADMIN$) and serves a temporary share. Can also refer to administrative shares such as C$, D$, E$, and so forth. For more information, see http://msdn.microsoft.com/en-us/library/windows/desktop/bb525391(v=vs.85).aspx.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="STYPE_IPC">
+				<xs:annotation>
+					<xs:documentation>Specifies that the shared device is an Interprocess Communication (IPC) device.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="STYPE_IPC_SPECIAL">
+				<xs:annotation>
+					<xs:documentation>Specifies that the shared device is an Interprocess Communication (IPC) device with special share reserved for interprocess communcation (IPC$) or remote administration of the server (ADMIN$). Can also refer to administrative shares such as C$, D$, E$, and so forth. For more information, see http://msdn.microsoft.com/en-us/library/windows/desktop/bb525391(v=vs.85).aspx.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="STYPE_IPC_TEMPORARY">
+				<xs:annotation>
+					<xs:documentation>Specifies that the shared device is an Interprocess Communication (IPC) device and serves as a temporary share.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="STYPE_IPC_SPECIAL_TEMPORARY">
+				<xs:annotation>
+					<xs:documentation>Specifies that the shared device is an Interprocess Communication (IPC) device with special share reserved for interprocess communcation (IPC$) or remote administration of the server (ADMIN$) and serves a temporary share. Can also refer to administrative shares such as C$, D$, E$, and so forth. For more information, see http://msdn.microsoft.com/en-us/library/windows/desktop/bb525391(v=vs.85).aspx.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+		</xs:restriction>
+	</xs:simpleType>
+	<xs:attributeGroup name="AccessPermissionsGroup">
+		<xs:annotation>
+			<xs:documentation>The accesspermissions group specifies the various permissions for Windows network shares.</xs:documentation>
+		</xs:annotation>
+		<xs:attribute name="ACCESS_READ" type="xs:boolean">
+			<xs:annotation>
+				<xs:documentation>The ACCESS_READ field specifies the permission to read data from a resource and, by default, to execute the resource.</xs:documentation>
+			</xs:annotation>
+		</xs:attribute>
+		<xs:attribute name="ACCESS_WRITE" type="xs:boolean">
+			<xs:annotation>
+				<xs:documentation>The ACCESS_WRITE field specifies the permission to write data to the resource.</xs:documentation>
+			</xs:annotation>
+		</xs:attribute>
+		<xs:attribute name="ACCESS_CREATE" type="xs:boolean">
+			<xs:annotation>
+				<xs:documentation>The ACCESS_CREATE field specifies the permission to create an instance of the resource (such as a file); data can be written to the resource as the resource is created.</xs:documentation>
+			</xs:annotation>
+		</xs:attribute>
+		<xs:attribute name="ACCESS_EXEC" type="xs:boolean">
+			<xs:annotation>
+				<xs:documentation>The ACCESS_EXEC field specifies the permission to execute the resource.</xs:documentation>
+			</xs:annotation>
+		</xs:attribute>
+		<xs:attribute name="ACCESS_DELETE" type="xs:boolean">
+			<xs:annotation>
+				<xs:documentation>The ACCESS_DELETE field specifies the permission to delete the resource.</xs:documentation>
+			</xs:annotation>
+		</xs:attribute>
+		<xs:attribute name="ACCESS_ATRIB" type="xs:boolean">
+			<xs:annotation>
+				<xs:documentation>The ACCESS_ATRIB field specifies the permission to modify the resource's attributes (such as the date and time when a file was last modified).</xs:documentation>
+			</xs:annotation>
+		</xs:attribute>
+		<xs:attribute name="ACCESS_PERM" type="xs:boolean">
+			<xs:annotation>
+				<xs:documentation>The ACCESS_PERM field specifies the permission to modify the permissions (read, write, create, execute, and delete) assigned to a resource for a user or application.</xs:documentation>
+			</xs:annotation>
+		</xs:attribute>
+		<xs:attribute name="ACCESS_ALL" type="xs:boolean">
+			<xs:annotation>
+				<xs:documentation>The ACCESS_ALL field specifies the permission to read, write, create, execute, and delete resources, and to modify their attributes and permissions.</xs:documentation>
+			</xs:annotation>
+		</xs:attribute>
+	</xs:attributeGroup>
+</xs:schema>
\ No newline at end of file
diff --git a/stix_validator/schema/cybox/objects/Win_Pipe_Object.xsd b/stix_validator/schema/cybox/objects/Win_Pipe_Object.xsd
new file mode 100755
index 0000000..a7d8939
--- /dev/null
+++ b/stix_validator/schema/cybox/objects/Win_Pipe_Object.xsd
@@ -0,0 +1,73 @@
+<?xml version="1.0" encoding="utf-8"?>
+<xs:schema xmlns:xs="http://www.w3.org/2001/XMLSchema" xmlns:WinPipeObj="http://cybox.mitre.org/objects#WinPipeObject-2" xmlns:cyboxCommon="http://cybox.mitre.org/common-2" xmlns:WinHandleObj="http://cybox.mitre.org/objects#WinHandleObject-2" xmlns:PipeObj="http://cybox.mitre.org/objects#PipeObject-2" targetNamespace="http://cybox.mitre.org/objects#WinPipeObject-2" elementFormDefault="qualified" attributeFormDefault="unqualified" version="2.0">
+	<xs:annotation>
+		<xs:documentation>This schema was originally developed by The MITRE Corporation. The CybOX XML Schema implementation is maintained by The MITRE Corporation and developed by the open CybOX Community. For more information, including how to get involved in the effort and how to submit change requests, please visit the CybOX website at http://cybox.mitre.org. </xs:documentation>
+		<xs:appinfo>
+			<schema>Win_Pipe_Object</schema>
+			<version>2.0</version>
+			<date>02/11/2013 9:00:00 AM</date>
+			<short_description>The following specifies the fields and types that compose this defined CybOX Object type. Each defined object is an extension of the abstract ObjectPropertiesType, defined in CybOX Common. For more information on this extension mechanism, please see the CybOX Specification. This document is intended for developers and assumes some familiarity with XML. </short_description>
+			<terms_of_use>Copyright (c) 2012-2013, The MITRE Corporation. All rights reserved. The contents of this file are subject to the terms of the CybOX License located at http://cybox.mitre.org/about/termsofuse.html. See the CybOX License for the specific language governing permissions and limitations for use of this schema. When distributing copies of the CybOX Schema, this license header must be included. </terms_of_use>
+		</xs:appinfo>
+	</xs:annotation>
+	<xs:import namespace="http://cybox.mitre.org/objects#WinHandleObject-2" schemaLocation="Win_Handle_Object.xsd"/>
+	<xs:import namespace="http://cybox.mitre.org/objects#PipeObject-2" schemaLocation="Pipe_Object.xsd"/>
+	<xs:import namespace="http://cybox.mitre.org/common-2" schemaLocation="../cybox_common.xsd"/>
+
+	<xs:element name="Windows_Pipe" type="WinPipeObj:WindowsPipeObjectType" nillable="true">
+		<xs:annotation>
+			<xs:documentation>Windows_Pipe object characterizes windows pipes. See also: http://msdn.microsoft.com/en-us/library/windows/desktop/aa365590(v=vs.85).aspx</xs:documentation>
+		</xs:annotation>
+	</xs:element>
+	<xs:complexType name="WindowsPipeObjectType" mixed="false">
+		<xs:annotation>
+			<xs:documentation>The WindowsPipeObjectType type is intended to characterize Windows pipes.</xs:documentation>
+		</xs:annotation>
+		<xs:complexContent mixed="false">
+			<xs:extension base="PipeObj:PipeObjectType">
+				<xs:sequence>
+					<xs:element minOccurs="0" name="Default_Time_Out" type="cyboxCommon:NonNegativeIntegerObjectPropertyType">
+						<xs:annotation>
+							<xs:documentation>The Default_Time_Out field specifies the default time-out value for the pipe, in milliseconds.</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+					<xs:element name="Handle" minOccurs="0" type="WinHandleObj:WindowsHandleObjectType">
+						<xs:annotation>
+							<xs:documentation>The Handle field specifies the open Windows handle to the pipe. It imports and uses the WindowsHandleObjectType from the CybOX Windows Handle Object.</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+					<xs:element minOccurs="0" name="In_Buffer_Size" type="cyboxCommon:NonNegativeIntegerObjectPropertyType">
+						<xs:annotation>
+							<xs:documentation>The In_Buffer_Size field specifies the number of bytes to reserve for the input buffer of the pipe.</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+					<xs:element minOccurs="0" name="Max_Instances" type="cyboxCommon:NonNegativeIntegerObjectPropertyType">
+						<xs:annotation>
+							<xs:documentation>The Max_Instances field specifies the maximum number of instances that can be created for this pipe.</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+					<xs:element minOccurs="0" name="Open_Mode" type="cyboxCommon:HexBinaryObjectPropertyType">
+						<xs:annotation>
+							<xs:documentation>The Open_Mode field specifies the open mode used for the pipe.</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+					<xs:element minOccurs="0" name="Out_Buffer_Size" type="cyboxCommon:NonNegativeIntegerObjectPropertyType" form="qualified">
+						<xs:annotation>
+							<xs:documentation>The Out_Buffer_Size field specifies the number of bytes to reserve for the output buffer of the pipe.</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+					<xs:element minOccurs="0" name="Pipe_Mode" type="cyboxCommon:HexBinaryObjectPropertyType">
+						<xs:annotation>
+							<xs:documentation>The Pipe_Mode field specifies the mode used for the pipe.</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+					<xs:element minOccurs="0" name="Security_Attributes" type="cyboxCommon:StringObjectPropertyType">
+						<xs:annotation>
+							<xs:documentation>The Security_Attributes field specifies the Windows security attributes for the pipe.</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+				</xs:sequence>
+			</xs:extension>
+		</xs:complexContent>
+	</xs:complexType>
+</xs:schema>
\ No newline at end of file
diff --git a/stix_validator/schema/cybox/objects/Win_Prefetch_Object.xsd b/stix_validator/schema/cybox/objects/Win_Prefetch_Object.xsd
new file mode 100755
index 0000000..6285865
--- /dev/null
+++ b/stix_validator/schema/cybox/objects/Win_Prefetch_Object.xsd
@@ -0,0 +1,113 @@
+<?xml version="1.0" encoding="utf-8"?>
+<xs:schema xmlns:xs="http://www.w3.org/2001/XMLSchema" xmlns:WinPrefetchObj="http://cybox.mitre.org/objects#WinPrefetchObject-2" xmlns:cyboxCommon="http://cybox.mitre.org/common-2" xmlns:DeviceObj="http://cybox.mitre.org/objects#DeviceObject-2" xmlns:WinVolumeObj="http://cybox.mitre.org/objects#WinVolumeObject-2" targetNamespace="http://cybox.mitre.org/objects#WinPrefetchObject-2" elementFormDefault="qualified" attributeFormDefault="unqualified" version="2.0">
+	<xs:annotation>
+		<xs:documentation>This schema was originally developed by The MITRE Corporation. The CybOX XML Schema implementation is maintained by The MITRE Corporation and developed by the open CybOX Community. For more information, including how to get involved in the effort and how to submit change requests, please visit the CybOX website at http://cybox.mitre.org. </xs:documentation>
+		<xs:appinfo>
+			<schema>Win_Prefetch_Object</schema>
+			<version>2.0</version>
+			<date>02/11/2013 9:00:00 AM</date>
+			<short_description>The following specifies the fields and types that compose this defined CybOX Object type. Each defined object is an extension of the abstract ObjectPropertiesType, defined in CybOX Common. For more information on this extension mechanism, please see the CybOX Specification. This document is intended for developers and assumes some familiarity with XML. </short_description>
+			<terms_of_use>Copyright (c) 2012-2013, The MITRE Corporation. All rights reserved. The contents of this file are subject to the terms of the CybOX License located at http://cybox.mitre.org/about/termsofuse.html. See the CybOX License for the specific language governing permissions and limitations for use of this schema. When distributing copies of the CybOX Schema, this license header must be included. </terms_of_use>
+		</xs:appinfo>
+	</xs:annotation>
+	<xs:import namespace="http://cybox.mitre.org/common-2" schemaLocation="../cybox_common.xsd"/>
+	<xs:import namespace="http://cybox.mitre.org/objects#WinVolumeObject-2" schemaLocation="Win_Volume_Object.xsd"/>
+	<xs:import namespace="http://cybox.mitre.org/objects#DeviceObject-2" schemaLocation="Device_Object.xsd"/>
+	<xs:element name="Windows_Prefetch_Entry" type="WinPrefetchObj:WindowsPrefetchObjectType">
+		<xs:annotation>
+			<xs:documentation>The Windows_Prefetch_Entry object is intended to characterize entries in the Windows prefetch files. Starting with Windows XP, prefetching was introduced to speed up application startup. The prefetch object draws upon the descriptions and XML sample at http://www.forensicswiki.org/wiki/Prefetch_XML</xs:documentation>
+		</xs:annotation>
+	</xs:element>
+	<xs:complexType name="WindowsPrefetchObjectType">
+		<xs:annotation>
+			<xs:documentation>The WindowsPrefetchObjectType type is intended to characterize entries in the Windows prefetch files. Starting with Windows XP, prefetching was introduced to speed up application startup. The prefetch object draws upon the descriptions and XML sample at http://www.forensicswiki.org/wiki/Prefetch_XML</xs:documentation>
+		</xs:annotation>
+		<xs:complexContent>
+			<xs:extension base="cyboxCommon:ObjectPropertiesType">
+				<xs:sequence>
+					<xs:element name="Application_File_Name" type="cyboxCommon:StringObjectPropertyType" minOccurs="0">
+						<xs:annotation>
+							<xs:documentation>Name of the executable of the prefetch file.</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+					<xs:element name="Prefetch_Hash" type="cyboxCommon:StringObjectPropertyType" minOccurs="0">
+						<xs:annotation>
+							<xs:documentation>An eight character hash of the location from which the application was run.</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+					<xs:element name="Times_Executed" type="cyboxCommon:LongObjectPropertyType" minOccurs="0">
+						<xs:annotation>
+							<xs:documentation>The number of times the prefetch application has executed.</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+					<xs:element name="First_Run" type="cyboxCommon:DateTimeObjectPropertyType" minOccurs="0">
+						<xs:annotation>
+							<xs:documentation>Timestamp of when the prefetch application was first run.</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+					<xs:element name="Last_Run" type="cyboxCommon:DateTimeObjectPropertyType" minOccurs="0">
+						<xs:annotation>
+							<xs:documentation>Timestamp of when the prefetch application was last run.</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+					<xs:element name="Volume" type="WinPrefetchObj:VolumeType" minOccurs="0">
+						<xs:annotation>
+							<xs:documentation>The volume from which the prefetch application was run. If the applicatin was run from multiple volumes, there will be a separate prefetch file for each.</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+					<xs:element name="Accessed_File_List" type="WinPrefetchObj:AccessedFileListType" minOccurs="0">
+						<xs:annotation>
+							<xs:documentation>Files (e.g., DLLs and other support files) used by the application during startup.</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+					<xs:element name="Accessed_Directory_List" type="WinPrefetchObj:AccessedDirectoryListType" minOccurs="0">
+						<xs:annotation>
+							<xs:documentation>Directories accessed by the prefetch application during starup.</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+				</xs:sequence>
+			</xs:extension>
+		</xs:complexContent>
+	</xs:complexType>
+	<xs:complexType name="AccessedFileListType">
+		<xs:annotation>
+			<xs:documentation>The AccessedFileListType specifies a list of files accessed by a prefetch application.</xs:documentation>
+		</xs:annotation>
+		<xs:sequence>
+			<xs:element name="Accessed_Filename" type="cyboxCommon:StringObjectPropertyType" minOccurs="1" maxOccurs="unbounded">
+				<xs:annotation>
+					<xs:documentation>Specifies the filename of the accessed file.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+		</xs:sequence>
+	</xs:complexType>
+	<xs:complexType name="AccessedDirectoryListType">
+		<xs:annotation>
+			<xs:documentation>The AccessedDirectoryListType specifies a list of directories accessed by a prefetch application.</xs:documentation>
+		</xs:annotation>
+		<xs:sequence>
+			<xs:element name="Accessed_Directory" type="cyboxCommon:StringObjectPropertyType" minOccurs="1" maxOccurs="unbounded">
+				<xs:annotation>
+					<xs:documentation>Specifies the pathname of the accessed directory.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+		</xs:sequence>
+	</xs:complexType>
+	<xs:complexType name="VolumeType">
+		<xs:annotation>
+			<xs:documentation>VolumeType characterizes the volume information in the Windows prefetch file.</xs:documentation>
+		</xs:annotation>
+		<xs:sequence>
+			<xs:element name="VolumeItem" type="WinVolumeObj:WindowsVolumeObjectType" minOccurs="1" maxOccurs="unbounded">
+				<xs:annotation>
+					<xs:documentation>The volume that the prefetch application was run from. The only item in the prefecth file is the volume name.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="DeviceItem" type="DeviceObj:DeviceObjectType" minOccurs="1" maxOccurs="unbounded">
+				<xs:annotation>
+					<xs:documentation>The device that the prefetch application was run from. The only item in the prefetch file is the device serial number.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+		</xs:sequence>
+	</xs:complexType>
+</xs:schema>
\ No newline at end of file
diff --git a/stix_validator/schema/cybox/objects/Win_Process_Object.xsd b/stix_validator/schema/cybox/objects/Win_Process_Object.xsd
new file mode 100755
index 0000000..5729a8b
--- /dev/null
+++ b/stix_validator/schema/cybox/objects/Win_Process_Object.xsd
@@ -0,0 +1,167 @@
+<?xml version="1.0" encoding="utf-8"?>
+<xs:schema xmlns:xs="http://www.w3.org/2001/XMLSchema" xmlns:WinProcessObj="http://cybox.mitre.org/objects#WinProcessObject-2" xmlns:cyboxCommon="http://cybox.mitre.org/common-2" xmlns:MemoryObj="http://cybox.mitre.org/objects#MemoryObject-2" xmlns:WinHandleObj="http://cybox.mitre.org/objects#WinHandleObject-2" xmlns:ProcessObj="http://cybox.mitre.org/objects#ProcessObject-2" targetNamespace="http://cybox.mitre.org/objects#WinProcessObject-2" elementFormDefault="qualified" attributeFormDefault="unqualified" version="2.0">
+	<xs:annotation>
+		<xs:documentation>This schema was originally developed by The MITRE Corporation. The CybOX XML Schema implementation is maintained by The MITRE Corporation and developed by the open CybOX Community. For more information, including how to get involved in the effort and how to submit change requests, please visit the CybOX website at http://cybox.mitre.org. </xs:documentation>
+		<xs:appinfo>
+			<schema>Win_Process_Object</schema>
+			<version>2.0</version>
+			<date>02/11/2013 9:00:00 AM</date>
+			<short_description>The following specifies the fields and types that compose this defined CybOX Object type. Each defined object is an extension of the abstract ObjectPropertiesType, defined in CybOX Common. For more information on this extension mechanism, please see the CybOX Specification. This document is intended for developers and assumes some familiarity with XML. </short_description>
+			<terms_of_use>Copyright (c) 2012-2013, The MITRE Corporation. All rights reserved. The contents of this file are subject to the terms of the CybOX License located at http://cybox.mitre.org/about/termsofuse.html. See the CybOX License for the specific language governing permissions and limitations for use of this schema. When distributing copies of the CybOX Schema, this license header must be included. </terms_of_use>
+		</xs:appinfo>
+	</xs:annotation>
+	<xs:import namespace="http://cybox.mitre.org/objects#WinHandleObject-2" schemaLocation="Win_Handle_Object.xsd"/>
+	<xs:import namespace="http://cybox.mitre.org/objects#MemoryObject-2" schemaLocation="Memory_Object.xsd"/>
+	<xs:import namespace="http://cybox.mitre.org/objects#ProcessObject-2" schemaLocation="Process_Object.xsd"/>
+	<xs:import namespace="http://cybox.mitre.org/common-2" schemaLocation="../cybox_common.xsd"/>
+	<xs:element name="Windows_Process" type="WinProcessObj:WindowsProcessObjectType" nillable="true">
+		<xs:annotation>
+			<xs:documentation>Windows_Process object is intended to characterize Windows processes.</xs:documentation>
+		</xs:annotation>
+	</xs:element>
+	<xs:complexType name="WindowsProcessObjectType" mixed="false">
+		<xs:annotation>
+			<xs:documentation>The WindowsProcessObjectType type is intended to characterize Windows processes.</xs:documentation>
+		</xs:annotation>
+		<xs:complexContent>
+			<xs:extension base="ProcessObj:ProcessObjectType">
+				<xs:sequence>
+					<xs:element name="Handle_List" type="WinHandleObj:WindowsHandleListType" minOccurs="0" maxOccurs="1">
+						<xs:annotation>
+							<xs:documentation>The Handle_List field specifies a list of Windows Handles opened or used by the process.</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+					<xs:element name="Priority" type="cyboxCommon:StringObjectPropertyType" minOccurs="0">
+						<xs:annotation>
+							<xs:documentation>The Priority field speciifes the current priority of the process in Windows.</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+					<xs:element name="Section_List" type="WinProcessObj:MemorySectionListType" minOccurs="0" maxOccurs="1">
+						<xs:annotation>
+							<xs:documentation>The Section_List field specifies the memory sections used by the process.</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+					<xs:element name="Security_ID" type="cyboxCommon:StringObjectPropertyType" minOccurs="0" maxOccurs="1">
+						<xs:annotation>
+							<xs:documentation>The Security_ID field specifies the Security ID (SID) value assigned to the process.</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+					<xs:element name="Startup_Info" type="WinProcessObj:StartupInfoType" minOccurs="0">
+						<xs:annotation>
+							<xs:documentation>The Startup_Info field specifies the STARTUP_INFO struct used by the process.</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+					<xs:element name="Security_Type" type="cyboxCommon:SIDType" nillable="true" minOccurs="0" maxOccurs="1">
+						<xs:annotation>
+							<xs:documentation>The Security_Type field specifies the type of Security ID (SID) assigned to the process.</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+					<xs:element name="Window_Title" type="cyboxCommon:StringObjectPropertyType" minOccurs="0">
+						<xs:annotation>
+							<xs:documentation>The Window_Title field specifies the title of the main window of the process.</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+				</xs:sequence>
+				<xs:attribute name="aslr_enabled" type="xs:boolean">
+					<xs:annotation>
+						<xs:documentation>The aslr_enabled field specifies whether Address Space Layout Randomization (ASLR) is enabled for the process.</xs:documentation>
+					</xs:annotation>
+				</xs:attribute>
+				<xs:attribute name="dep_enabled" type="xs:boolean">
+					<xs:annotation>
+						<xs:documentation>The dep_enabled field specifies whether Data Execution Prevention (DEP) is enabled for the process.</xs:documentation>
+					</xs:annotation>
+				</xs:attribute>
+			</xs:extension>
+		</xs:complexContent>
+	</xs:complexType>
+	<xs:complexType name="MemorySectionListType">
+		<xs:annotation>
+			<xs:documentation>The MemorySectionListType type specifies a list of memory sections used by the process.</xs:documentation>
+		</xs:annotation>
+		<xs:sequence>
+			<xs:element name="Memory_Section" type="MemoryObj:MemoryObjectType" nillable="true" minOccurs="1" maxOccurs="unbounded">
+				<xs:annotation>
+					<xs:documentation>The Memory_Section field specifies a memory section used by the process. It imports and uses the MemoryObjectType from the CybOX Memory Object.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+		</xs:sequence>
+	</xs:complexType>
+	<xs:complexType name="StartupInfoType">
+		<xs:annotation>
+			<xs:documentation>The StartupInfoType type encapsulates the information contained in the STARTUPINFO struct for the process.</xs:documentation>
+		</xs:annotation>
+		<xs:sequence>
+			<xs:element name="lpDesktop" type="cyboxCommon:StringObjectPropertyType" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>The lpDesktop field specifies the name of the desktop, or the name of both the desktop and window station for this process. </xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="lpTitle" type="cyboxCommon:StringObjectPropertyType" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>The lpTitle field specifies the title displayed in the title bar if a new console window is created.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="dwX" type="cyboxCommon:IntegerObjectPropertyType" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>The dwX field specifies the x offset of the upper left corner of a window if a new window is created, in pixels.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="dwY" type="cyboxCommon:IntegerObjectPropertyType" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>The dwY field specifies the y offset of the upper left corner of a window if a new window is created, in pixels.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="dwXSize" type="cyboxCommon:PositiveIntegerObjectPropertyType" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>The dwXSize field specifies the width of the window if a new window is created, in pixels.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="dwYSize" type="cyboxCommon:PositiveIntegerObjectPropertyType" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>The dwYSize field specifies the height of the window if a new window is created, in pixels.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="dwXCountChars" type="cyboxCommon:PositiveIntegerObjectPropertyType" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>The dwXCountChars field specifies the screen buffer width, in character columns.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="dwYCountChars" type="cyboxCommon:PositiveIntegerObjectPropertyType" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>The dwYCountChars field specifies the screen buffer height, in character rows. </xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="dwFillAttribute" type="cyboxCommon:IntegerObjectPropertyType" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>The dwFillAttribute field specifies the initial text and background colors if a new console window is created in a console application. </xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="dwFlags" type="cyboxCommon:IntegerObjectPropertyType" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>The dwFlags field specifies a bitfield that determines whether certain STARTUPINFO members are used when the process creates a window.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="wShowWindow" type="cyboxCommon:IntegerObjectPropertyType" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>The wShowWindow field specifies STARTF_USESHOWWINDOW, this member can be any of the values that can be specified in the nCmdShow parameter for the ShowWindow function, except for SW_SHOWDEFAULT.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="hStdInput" type="WinHandleObj:WindowsHandleObjectType" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>The hStdInput field specifies the standard input handle for the process. </xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="hStdOutput" type="WinHandleObj:WindowsHandleObjectType" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>The hStdOutput field specifies the standard output handle for the process. </xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="hStdError" type="WinHandleObj:WindowsHandleObjectType" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>The hStdError field specifies the standard error handle for the process. </xs:documentation>
+				</xs:annotation>
+			</xs:element>
+		</xs:sequence>
+	</xs:complexType>
+</xs:schema>
\ No newline at end of file
diff --git a/stix_validator/schema/cybox/objects/Win_Registry_Key_Object.xsd b/stix_validator/schema/cybox/objects/Win_Registry_Key_Object.xsd
new file mode 100755
index 0000000..0021d64
--- /dev/null
+++ b/stix_validator/schema/cybox/objects/Win_Registry_Key_Object.xsd
@@ -0,0 +1,290 @@
+<?xml version="1.0" encoding="utf-8"?>
+<xs:schema xmlns:xs="http://www.w3.org/2001/XMLSchema" xmlns:WinRegistryKeyObj="http://cybox.mitre.org/objects#WinRegistryKeyObject-2" xmlns:cyboxCommon="http://cybox.mitre.org/common-2" xmlns:WinHandleObj="http://cybox.mitre.org/objects#WinHandleObject-2" targetNamespace="http://cybox.mitre.org/objects#WinRegistryKeyObject-2" elementFormDefault="qualified" attributeFormDefault="unqualified" version="2.0">
+	<xs:annotation>
+		<xs:documentation>This schema was originally developed by The MITRE Corporation. The CybOX XML Schema implementation is maintained by The MITRE Corporation and developed by the open CybOX Community. For more information, including how to get involved in the effort and how to submit change requests, please visit the CybOX website at http://cybox.mitre.org. </xs:documentation>
+		<xs:appinfo>
+			<schema>Win_Registry_Key_Object</schema>
+			<version>2.0</version>
+			<date>02/11/2013 9:00:00 AM</date>
+			<short_description>The following specifies the fields and types that compose this defined CybOX Object type. Each defined object is an extension of the abstract ObjectPropertiesType, defined in CybOX Common. For more information on this extension mechanism, please see the CybOX Specification. This document is intended for developers and assumes some familiarity with XML. </short_description>
+			<terms_of_use>Copyright (c) 2012-2013, The MITRE Corporation. All rights reserved. The contents of this file are subject to the terms of the CybOX License located at http://cybox.mitre.org/about/termsofuse.html. See the CybOX License for the specific language governing permissions and limitations for use of this schema. When distributing copies of the CybOX Schema, this license header must be included. </terms_of_use>
+		</xs:appinfo>
+	</xs:annotation>
+	<xs:import namespace="http://cybox.mitre.org/common-2" schemaLocation="../cybox_common.xsd"/>
+	<xs:import namespace="http://cybox.mitre.org/objects#WinHandleObject-2" schemaLocation="Win_Handle_Object.xsd"/>
+	<xs:element name="Windows_Registry_Key" type="WinRegistryKeyObj:WindowsRegistryKeyObjectType" nillable="true">
+		<xs:annotation>
+			<xs:documentation>Windows_Registry_Key object characterizes windows registry objects, including Keys and Key/Value pairs. See also: http://msdn.microsoft.com/en-us/library/windows/desktop/ms724871(v=vs.85).aspx</xs:documentation>
+		</xs:annotation>
+	</xs:element>
+	<xs:complexType name="WindowsRegistryKeyObjectType" mixed="false">
+		<xs:annotation>
+			<xs:documentation>The WindowsRegistryObjectType type is intended to characterize Windows registry objects, including Keys and Key/Value pairs.</xs:documentation>
+		</xs:annotation>
+		<xs:complexContent>
+			<xs:extension base="cyboxCommon:ObjectPropertiesType">
+				<xs:sequence>
+					<xs:element name="Key" type="cyboxCommon:StringObjectPropertyType" minOccurs="0">
+						<xs:annotation>
+							<xs:documentation>The Key field specifies the full key to the Windows registry object, not including the hive.</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+					<xs:element name="Hive" type="WinRegistryKeyObj:RegistryHiveType" minOccurs="0">
+						<xs:annotation>
+							<xs:documentation>The Hive field specifies the Windows registry hive to which the registry object belongs to.</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+					<xs:element name="Number_Values" type="cyboxCommon:UnsignedIntegerObjectPropertyType" minOccurs="0">
+						<xs:annotation>
+							<xs:documentation>The Number_Values field specifies the number of values found in the registry key.</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+					<xs:element name="Values" type="WinRegistryKeyObj:RegistryValuesType" minOccurs="0">
+						<xs:annotation>
+							<xs:documentation>The Values field specifies the values (with their name/data pairs) held within the registry key.</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+					<xs:element name="Modified_Time" type="cyboxCommon:DateTimeObjectPropertyType" minOccurs="0">
+						<xs:annotation>
+							<xs:documentation>The Modified_Time field specifies the last date/time that the registry object was modified.</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+					<xs:element name="Creator_Username" type="cyboxCommon:StringObjectPropertyType" minOccurs="0" maxOccurs="1">
+						<xs:annotation>
+							<xs:documentation>The Creator_Username field specifies the name of the user who created the registry object.</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+					<xs:element name="Handle_List" type="WinHandleObj:WindowsHandleListType" minOccurs="0">
+						<xs:annotation>
+							<xs:documentation>The Handle_List field specifies a list of open Handles for this registry object.</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+					<xs:element name="Number_Subkeys" type="cyboxCommon:UnsignedIntegerObjectPropertyType" minOccurs="0">
+						<xs:annotation>
+							<xs:documentation>The Number_Subkeys field specifies the number of subkeys contained under the registry key.</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+					<xs:element name="Subkeys" type="WinRegistryKeyObj:RegistrySubkeysType" minOccurs="0">
+						<xs:annotation>
+							<xs:documentation>The Subkeys field specifies the set of subkeys contained under the registry key.</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+					<xs:element name="Byte_Runs" type="cyboxCommon:ByteRunsType" minOccurs="0">
+						<xs:annotation>
+							<xs:documentation>The Byte_Runs field contains a list of byte runs from the raw registry.</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+				</xs:sequence>
+			</xs:extension>
+		</xs:complexContent>
+	</xs:complexType>
+	<xs:complexType name="RegistryValueType">
+		<xs:annotation>
+			<xs:documentation>The RegistryValueType type is intended to characterize Windows registry Value name/data pairs.</xs:documentation>
+		</xs:annotation>
+		<xs:sequence>
+			<xs:element name="Name" type="cyboxCommon:StringObjectPropertyType" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>The Name field specifies the name of the registry value.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="Data" type="cyboxCommon:StringObjectPropertyType" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>The Data field specifies the data contained in the registry value.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="Datatype" type="WinRegistryKeyObj:RegistryDatatypeType" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>The Datatype field specifies the registry (REG_*) datatype used in the registry value.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="Byte_Runs" type="cyboxCommon:ByteRunsType" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>The Byte_Runs field contains a list of byte runs from the raw registry key entry.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+		</xs:sequence>
+	</xs:complexType>
+	<xs:complexType name="RegistryDatatypeType">
+		<xs:annotation>
+			<xs:documentation>Registry_Datatype specifies Windows registry datatypes via a union of the RegistryDataTypesEnum type and the atomic xs:string type. Its base type is the CybOX Core BaseObjectPropertyType, for permitting complex (i.e. regular-expression based) specifications.</xs:documentation>
+		</xs:annotation>
+		<xs:simpleContent>
+			<xs:restriction base="cyboxCommon:BaseObjectPropertyType">
+				<xs:simpleType>
+					<xs:union memberTypes="WinRegistryKeyObj:RegistryDataTypesEnum xs:string"/>
+				</xs:simpleType>
+				<xs:attribute name="datatype" type="cyboxCommon:DatatypeEnum" fixed="string">
+					<xs:annotation>
+						<xs:documentation>This attribute is optional and specifies the expected type for the value of the specified property.</xs:documentation>
+					</xs:annotation>
+				</xs:attribute>
+			</xs:restriction>
+		</xs:simpleContent>
+	</xs:complexType>
+	<xs:complexType name="RegistryHiveType">
+		<xs:annotation>
+			<xs:documentation>RegistryHiveType specifies Windows registry hive types via a union of the RegistryHiveEnum type and the atomic xs:string type. Its base type is the CybOX Core BaseObjectPropertyType, for permitting complex (i.e. regular-expression based) specifications.</xs:documentation>
+		</xs:annotation>
+		<xs:simpleContent>
+			<xs:restriction base="cyboxCommon:BaseObjectPropertyType">
+				<xs:simpleType>
+					<xs:union memberTypes="WinRegistryKeyObj:RegistryHiveEnum xs:string"/>
+				</xs:simpleType>
+				<xs:attribute name="datatype" type="cyboxCommon:DatatypeEnum" fixed="string">
+					<xs:annotation>
+						<xs:documentation>This attribute is optional and specifies the expected type for the value of the specified property.</xs:documentation>
+					</xs:annotation>
+				</xs:attribute>
+			</xs:restriction>
+		</xs:simpleContent>
+	</xs:complexType>
+	<xs:simpleType name="RegistryDataTypesEnum">
+		<xs:annotation>
+			<xs:documentation>The RegistryDataTypesEnum type is an enumeration of Windows registry datatypes (REG_*). See also: http://msdn.microsoft.com/en-us/library/windows/desktop/ms724884(v=vs.85).aspx See also: http://pubs.logicalexpressions.com/Pub0009/LPMArticle.asp?ID=361</xs:documentation>
+		</xs:annotation>
+		<xs:restriction base="xs:string">
+			<xs:enumeration value="REG_NONE">
+				<xs:annotation>
+					<xs:documentation>No defined value type.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="REG_SZ">
+				<xs:annotation>
+					<xs:documentation>A null-terminated string. This will be either a Unicode or an ANSI string, depending on whether you use the Unicode or ANSI functions.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="REG_EXPAND_SZ">
+				<xs:annotation>
+					<xs:documentation>A null-terminated string that contains unexpanded references to environment variables (for example, "%PATH%"). It will be a Unicode or ANSI string depending on whether you use the Unicode or ANSI functions. </xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="REG_BINARY">
+				<xs:annotation>
+					<xs:documentation>Binary data in any form.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="REG_DWORD">
+				<xs:annotation>
+					<xs:documentation>A 32-bit number.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="REG_DWORD_BIG_ENDIAN">
+				<xs:annotation>
+					<xs:documentation>A 32-bit number in big-endian format. Some UNIX systems support big-endian architectures.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="REG_LINK">
+				<xs:annotation>
+					<xs:documentation>A null-terminated Unicode string that contains the target path of a symbolic link.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="REG_MULTI_SZ">
+				<xs:annotation>
+					<xs:documentation>A sequence of null-terminated strings, terminated by an empty string (\0).</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="REG_RESOURCE_LIST">
+				<xs:annotation>
+					<xs:documentation>A series of nested arrays designed to store a resource list used by a hardware device driver or one of the physical devices it controls. This data is detected and written into the ResourceMap tree by the system and is displayed in Registry Editor in hexadecimal format as a Binary Value.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="REG_FULL_RESOURCE_DESCRIPTOR">
+				<xs:annotation>
+					<xs:documentation>A series of nested arrays designed to store a resource list used by a physical hardware device. This data is detected and written into the HardwareDescription tree by the system and is displayed in Registry Editor in hexadecimal format as a Binary Value.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="REG_RESOURCE_REQUIREMENTS_LIST">
+				<xs:annotation>
+					<xs:documentation>Device driver list of hardware resource requirements in Resource Map tree. See http://www.mdgx.com/reg.htm</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="REG_QWORD">
+				<xs:annotation>
+					<xs:documentation>A 64-bit number.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="REG_INVALID_TYPE">
+				<xs:annotation>
+					<xs:documentation>Specifies an invalid key.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+		</xs:restriction>
+	</xs:simpleType>
+	<xs:simpleType name="RegistryHiveEnum">
+		<xs:annotation>
+			<xs:documentation>The RegistryHiveEnum type is an enumeration of Windows registry hives (HKEY_*). See also: http://msdn.microsoft.com/en-us/library/windows/desktop/ms724836(v=vs.85).aspx</xs:documentation>
+		</xs:annotation>
+		<xs:restriction base="xs:string">
+			<xs:enumeration value="HKEY_CLASSES_ROOT">
+				<xs:annotation>
+					<xs:documentation>Registry entries subordinate to this key define types (or classes) of documents and the properties associated with those types. Shell and COM applications use the information stored under this key.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="HKEY_CURRENT_CONFIG">
+				<xs:annotation>
+					<xs:documentation>Contains information about the current hardware profile of the local computer system. The information under HKEY_CURRENT_CONFIG describes only the differences between the current hardware configuration and the standard configuration. </xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="HKEY_CURRENT_USER">
+				<xs:annotation>
+					<xs:documentation>Registry entries subordinate to this key define the preferences of the current user. These preferences include the settings of environment variables, data about program groups, colors, printers, network connections, and application preferences. This key makes it easier to establish the current user's settings; the key maps to the current user's branch in HKEY_USERS. </xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="HKEY_LOCAL_MACHINE">
+				<xs:annotation>
+					<xs:documentation>Registry entries subordinate to this key define the physical state of the computer, including data about the bus type, system memory, and installed hardware and software.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="HKEY_USERS">
+				<xs:annotation>
+					<xs:documentation>Registry entries subordinate to this key define the default user configuration for new users on the local computer and the user configuration for the current user.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="HKEY_CURRENT_USER_LOCAL_SETTINGS">
+				<xs:annotation>
+					<xs:documentation>Registry entries subordinate to this key define preferences of the current user that are local to the machine. These entries are not included in the per-user registry portion of a roaming user profile.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="HKEY_PERFORMANCE_DATA">
+				<xs:annotation>
+					<xs:documentation>Registry entries subordinate to this key allow you to access performance data. The data is not actually stored in the registry; the registry functions cause the system to collect the data from its source.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="HKEY_PERFORMANCE_NLSTEXT">
+				<xs:annotation>
+					<xs:documentation>Registry entries subordinate to this key reference the text strings that describe counters in the local language of the area in which the computer system is running. These entries are not available to Regedit.exe and Regedt32.exe.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="HKEY_PERFORMANCE_TEXT">
+				<xs:annotation>
+					<xs:documentation>Registry entries subordinate to this key reference the text strings that describe counters in US English. These entries are not available to Regedit.exe and Regedt32.exe.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+		</xs:restriction>
+	</xs:simpleType>
+	<xs:complexType name="RegistryValuesType">
+		<xs:annotation>
+			<xs:documentation>The RegistryValuesType type specifies the values (with their name/data pairs) held within the registry key.</xs:documentation>
+		</xs:annotation>
+		<xs:sequence>
+			<xs:element name="Value" type="WinRegistryKeyObj:RegistryValueType" maxOccurs="unbounded">
+				<xs:annotation>
+					<xs:documentation>The Value field specifies the value (with name/data pair) held within the registry key.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+		</xs:sequence>
+	</xs:complexType>
+	<xs:complexType name="RegistrySubkeysType">
+		<xs:annotation>
+			<xs:documentation>The RegistrySubkeysType specifies the set of subkeys contained under the registry key.</xs:documentation>
+		</xs:annotation>
+		<xs:sequence>
+			<xs:element name="Subkey" type="WinRegistryKeyObj:WindowsRegistryKeyObjectType" maxOccurs="unbounded">
+				<xs:annotation>
+					<xs:documentation>The Subkey field specifies a single subkey contained under the registry key.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+		</xs:sequence>
+	</xs:complexType>
+</xs:schema>
\ No newline at end of file
diff --git a/stix_validator/schema/cybox/objects/Win_Semaphore_Object.xsd b/stix_validator/schema/cybox/objects/Win_Semaphore_Object.xsd
new file mode 100755
index 0000000..16578f6
--- /dev/null
+++ b/stix_validator/schema/cybox/objects/Win_Semaphore_Object.xsd
@@ -0,0 +1,42 @@
+<?xml version="1.0" encoding="utf-8"?>
+<xs:schema xmlns:xs="http://www.w3.org/2001/XMLSchema" xmlns:WinSemaphoreObj="http://cybox.mitre.org/objects#WinSemaphoreObject-2" xmlns:cyboxCommon="http://cybox.mitre.org/common-2" xmlns:WinHandleObj="http://cybox.mitre.org/objects#WinHandleObject-2" xmlns:SemaphoreObj="http://cybox.mitre.org/objects#SemaphoreObject-2" targetNamespace="http://cybox.mitre.org/objects#WinSemaphoreObject-2" elementFormDefault="qualified" attributeFormDefault="unqualified" version="2.0">
+	<xs:annotation>		
+		<xs:documentation>This schema was originally developed by The MITRE Corporation. The CybOX XML Schema implementation is maintained by The MITRE Corporation and developed by the open CybOX Community. For more information, including how to get involved in the effort and how to submit change requests, please visit the CybOX website at http://cybox.mitre.org. </xs:documentation>
+		<xs:appinfo>
+			<schema>Win_Semaphore_Object</schema>
+			<version>2.0</version>
+			<date>02/11/2013 9:00:00 AM</date>
+			<short_description>The following specifies the fields and types that compose this defined CybOX Object type. Each defined object is an extension of the abstract ObjectPropertiesType, defined in CybOX Common. For more information on this extension mechanism, please see the CybOX Specification. This document is intended for developers and assumes some familiarity with XML. </short_description>
+			<terms_of_use>Copyright (c) 2012-2013, The MITRE Corporation. All rights reserved. The contents of this file are subject to the terms of the CybOX License located at http://cybox.mitre.org/about/termsofuse.html. See the CybOX License for the specific language governing permissions and limitations for use of this schema. When distributing copies of the CybOX Schema, this license header must be included. </terms_of_use>
+		</xs:appinfo>
+	</xs:annotation>
+	<xs:import namespace="http://cybox.mitre.org/objects#WinHandleObject-2" schemaLocation="Win_Handle_Object.xsd"/>
+	<xs:import namespace="http://cybox.mitre.org/objects#SemaphoreObject-2" schemaLocation="Semaphore_Object.xsd"/>
+	<xs:import namespace="http://cybox.mitre.org/common-2" schemaLocation="../cybox_common.xsd"/>
+	<xs:element name="Win_Semaphore" type="WinSemaphoreObj:WindowsSemaphoreObjectType" nillable="true">
+		<xs:annotation>
+			<xs:documentation>Windows_Semaphore object is intended to characterize Windows Semaphore (synchronization) objects. See also: http://msdn.microsoft.com/en-us/library/windows/desktop/ms685129(v=vs.85).aspx</xs:documentation>
+		</xs:annotation>
+	</xs:element>
+	<xs:complexType name="WindowsSemaphoreObjectType" mixed="false">
+		<xs:annotation>
+			<xs:documentation>The WindowsSemaphoreObjectType is intended to characterize Windows semaphore (synchronization) objects.</xs:documentation>
+		</xs:annotation>
+		<xs:complexContent mixed="false">
+			<xs:extension base="SemaphoreObj:SemaphoreObjectType">
+				<xs:sequence>
+					<xs:element name="Handle" minOccurs="0" type="WinHandleObj:WindowsHandleObjectType">
+						<xs:annotation>
+							<xs:documentation>The Handle field specifies the open Windows handle to the semaphore. It imports and uses the WindowsHandleObjectType from the CybOX Windows Handle Object.</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+					<xs:element minOccurs="0" name="Security_Attributes" type="cyboxCommon:StringObjectPropertyType">
+						<xs:annotation>
+							<xs:documentation>The Security_Attributes field specifies the Windows security attributes for the semaphore.</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+				</xs:sequence>
+			</xs:extension>
+		</xs:complexContent>
+	</xs:complexType>
+</xs:schema>
\ No newline at end of file
diff --git a/stix_validator/schema/cybox/objects/Win_Service_Object.xsd b/stix_validator/schema/cybox/objects/Win_Service_Object.xsd
new file mode 100755
index 0000000..23de5fc
--- /dev/null
+++ b/stix_validator/schema/cybox/objects/Win_Service_Object.xsd
@@ -0,0 +1,287 @@
+<?xml version="1.0" encoding="utf-8"?>
+<xs:schema xmlns:xs="http://www.w3.org/2001/XMLSchema" xmlns:WinServiceObj="http://cybox.mitre.org/objects#WinServiceObject-2" xmlns:cyboxCommon="http://cybox.mitre.org/common-2" xmlns:WinProcessObj="http://cybox.mitre.org/objects#WinProcessObject-2" targetNamespace="http://cybox.mitre.org/objects#WinServiceObject-2" elementFormDefault="qualified" attributeFormDefault="unqualified" version="2.0">
+	<xs:annotation>		
+		<xs:documentation>Change to This schema was originally developed by The MITRE Corporation. The CybOX XML Schema implementation is maintained by The MITRE Corporation and developed by the open CybOX Community. For more information, including how to get involved in the effort and how to submit change requests, please visit the CybOX website at http://cybox.mitre.org. </xs:documentation>
+		<xs:appinfo>
+			<schema>Win_Service_Object</schema>
+			<version>2.0</version>
+			<date>02/11/2013 9:00:00 AM</date>
+			<short_description>The following specifies the fields and types that compose this defined CybOX Object type. Each defined object is an extension of the abstract ObjectPropertiesType, defined in CybOX Common. For more information on this extension mechanism, please see the CybOX Specification. This document is intended for developers and assumes some familiarity with XML. </short_description>
+			<terms_of_use>Copyright (c) 2012-2013, The MITRE Corporation. All rights reserved. The contents of this file are subject to the terms of the CybOX License located at http://cybox.mitre.org/about/termsofuse.html. See the CybOX License for the specific language governing permissions and limitations for use of this schema. When distributing copies of the CybOX Schema, this license header must be included. </terms_of_use>
+		</xs:appinfo>
+	</xs:annotation>
+	<xs:import namespace="http://cybox.mitre.org/common-2" schemaLocation="../cybox_common.xsd"/>
+	<xs:import namespace="http://cybox.mitre.org/objects#WinProcessObject-2" schemaLocation="Win_Process_Object.xsd"/>
+	<xs:element name="Windows_Service" type="WinServiceObj:WindowsServiceObjectType" nillable="true">
+		<xs:annotation>
+			<xs:documentation>Windows_Service object is intended to characterize Windows services. See also: http://msdn.microsoft.com/en-us/library/windows/desktop/ms685141(v=vs.85).aspx</xs:documentation>
+		</xs:annotation>
+	</xs:element>
+	<xs:complexType name="WindowsServiceObjectType" mixed="false">
+		<xs:annotation>
+			<xs:documentation>The WindowsServiceObjectType type is intended to characterize Windows services.</xs:documentation>
+		</xs:annotation>
+		<xs:complexContent>
+			<xs:extension base="WinProcessObj:WindowsProcessObjectType">
+				<xs:sequence>
+					<xs:element name="Description_List" type="WinServiceObj:ServiceDescriptionListType" minOccurs="0" maxOccurs="1">
+						<xs:annotation>
+							<xs:documentation>A list of description items for this service.</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+					<xs:element name="Display_Name" type="cyboxCommon:StringObjectPropertyType" minOccurs="0" maxOccurs="1">
+						<xs:annotation>
+							<xs:documentation>The Display_Name field specifies the displayed name of the service in Windows GUI controls. See also: http://msdn.microsoft.com/en-us/library/windows/desktop/ms683228(v=vs.85).aspx</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+					<xs:element minOccurs="0" name="Group_Name" type="cyboxCommon:StringObjectPropertyType">
+						<xs:annotation>
+							<xs:documentation>The Group_Name field specifies the name of the load ordering group of which this service is a member.</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+					<xs:element name="Service_Name" type="cyboxCommon:StringObjectPropertyType" minOccurs="0" maxOccurs="1">
+						<xs:annotation>
+							<xs:documentation>The Name field specifies the name of the service. See also: http://msdn.microsoft.com/en-us/library/windows/desktop/ms683229(v=vs.85).aspx</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+					<xs:element name="Service_DLL" type="cyboxCommon:StringObjectPropertyType" nillable="true" minOccurs="0" maxOccurs="1">
+						<xs:annotation>
+							<xs:documentation>The Service_DLL field specifies name of the DLL instantiated in the service.</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+					<xs:element name="Service_DLL_Certificate_Issuer" type="cyboxCommon:StringObjectPropertyType" minOccurs="0" maxOccurs="1">
+						<xs:annotation>
+							<xs:documentation>The Certificate Authority (CA) that issued the certificate used to sign the service DLL.</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+					<xs:element name="Service_DLL_Certificate_Subject" type="cyboxCommon:StringObjectPropertyType" minOccurs="0" maxOccurs="1">
+						<xs:annotation>
+							<xs:documentation>The subject of the certifcate (the entity being authenticated).</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+					<xs:element name="Service_DLL_Hashes" type="cyboxCommon:HashListType" minOccurs="0" maxOccurs="1">
+						<xs:annotation>
+							<xs:documentation>Hashes for the Service DLL file.</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+					<xs:element name="Service_DLL_Signature_Description" type="cyboxCommon:StringObjectPropertyType" minOccurs="0" maxOccurs="1">
+						<xs:annotation>
+							<xs:documentation>The Service_DLL_Signature_Description field provides a description of the digital signature for the service DLL.</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+					<xs:element name="Startup_Command_Line" type="cyboxCommon:StringObjectPropertyType" minOccurs="0" maxOccurs="1">
+						<xs:annotation>
+							<xs:documentation>The Startup_Command_Line field specifies the full command line used to start the service.</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+					<xs:element name="Startup_Type" type="WinServiceObj:ServiceModeType" minOccurs="0" maxOccurs="1">
+						<xs:annotation>
+							<xs:documentation>Service start options. See http://msdn.microsoft.com/en-us/library/windows/desktop/ms682450(v=vs.85).aspx</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+					<xs:element name="Service_Status" type="WinServiceObj:ServiceStatusType" minOccurs="0" maxOccurs="1">
+						<xs:annotation>
+							<xs:documentation>Status information for a service. See also: http://msdn.microsoft.com/en-us/library/windows/desktop/ms685996(v=vs.85).aspx</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+					<xs:element name="Service_Type" type="WinServiceObj:ServiceType" minOccurs="0">
+						<xs:annotation>
+							<xs:documentation>The Type field specifies the type of the service.</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+					<xs:element minOccurs="0" name="Started_As" type="cyboxCommon:StringObjectPropertyType">
+						<xs:annotation>
+							<xs:documentation>The Started_As field specifies the name of the account under which the service was started.</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+				</xs:sequence>
+				<xs:attribute name="service_dll_signature_exists" type="xs:boolean">
+					<xs:annotation>
+						<xs:documentation>Indicates whether or not the DLL is signed.</xs:documentation>
+					</xs:annotation>
+				</xs:attribute>
+				<xs:attribute name="service_dll_signature_verified" type="xs:boolean">
+					<xs:annotation>
+						<xs:documentation>Indicates whether or not the DLL's signature was verified.</xs:documentation>
+					</xs:annotation>
+				</xs:attribute>
+			</xs:extension>
+		</xs:complexContent>
+	</xs:complexType>
+	<xs:complexType name="ServiceDescriptionListType">
+		<xs:annotation>
+			<xs:documentation>A collection of service descriptions.</xs:documentation>
+		</xs:annotation>
+		<xs:sequence>
+			<xs:element name="Description" type="cyboxCommon:StringObjectPropertyType" maxOccurs="unbounded">
+				<xs:annotation>
+					<xs:documentation>A description of the service. See also: http://msdn.microsoft.com/en-us/library/windows/desktop/ms685156(v=vs.85).aspx</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+		</xs:sequence>
+	</xs:complexType>
+	<xs:complexType name="ServiceModeType">
+		<xs:annotation>
+			<xs:documentation>ServiceModeType specifies Windows service modes via a union of the ServiceModeEnum type and the atomic xs:string type. Its base type is the CybOX Core BaseObjectPropertyType, for permitting complex (i.e. regular-expression based) specifications.</xs:documentation>
+		</xs:annotation>
+		<xs:simpleContent>
+			<xs:restriction base="cyboxCommon:BaseObjectPropertyType">
+				<xs:simpleType>
+					<xs:union memberTypes="WinServiceObj:ServiceModeEnum xs:string"/>
+				</xs:simpleType>
+				<xs:attribute name="datatype" type="cyboxCommon:DatatypeEnum" use="optional" fixed="string">
+					<xs:annotation>
+						<xs:documentation>This attribute is optional and specifies the expected type for the value of the specified property.</xs:documentation>
+					</xs:annotation>
+				</xs:attribute>
+			</xs:restriction>
+		</xs:simpleContent>
+	</xs:complexType>
+	<xs:complexType name="ServiceStatusType">
+		<xs:annotation>
+			<xs:documentation>ServiceModeType specifies Windows service states via a union of the ServiceStatusEnum type and the atomic xs:string type. Its base type is the CybOX Core BaseObjectPropertyType, for permitting complex (i.e. regular-expression based) specifications.</xs:documentation>
+		</xs:annotation>
+		<xs:simpleContent>
+			<xs:restriction base="cyboxCommon:BaseObjectPropertyType">
+				<xs:simpleType>
+					<xs:union memberTypes="WinServiceObj:ServiceStatusEnum xs:string"/>
+				</xs:simpleType>
+				<xs:attribute name="datatype" type="cyboxCommon:DatatypeEnum" fixed="string">
+					<xs:annotation>
+						<xs:documentation>This attribute is optional and specifies the expected type for the value of the specified property.</xs:documentation>
+					</xs:annotation>
+				</xs:attribute>
+			</xs:restriction>
+		</xs:simpleContent>
+	</xs:complexType>
+	<xs:complexType name="ServiceType">
+		<xs:annotation>
+			<xs:documentation>ServiceType specifies Windows service types via a union of the ServiceTypeEnum type and the atomic xs:string type. Its base type is the CybOX Core BaseObjectPropertyType, for permitting complex (i.e. regular-expression based) specifications.</xs:documentation>
+		</xs:annotation>
+		<xs:simpleContent>
+			<xs:restriction base="cyboxCommon:BaseObjectPropertyType">
+				<xs:simpleType>
+					<xs:union memberTypes="WinServiceObj:ServiceTypeEnum xs:string"/>
+				</xs:simpleType>
+				<xs:attribute name="datatype" type="cyboxCommon:DatatypeEnum" fixed="string">
+					<xs:annotation>
+						<xs:documentation>This attribute is optional and specifies the expected type for the value of the specified property.</xs:documentation>
+					</xs:annotation>
+				</xs:attribute>
+			</xs:restriction>
+		</xs:simpleContent>
+	</xs:complexType>
+	<xs:simpleType name="ServiceModeEnum">
+		<xs:annotation>
+			<xs:documentation>The ServiceModeEnum type is an enumeration of service modes. See also: http://msdn.microsoft.com/en-us/library/windows/desktop/ms682450(v=vs.85).aspx</xs:documentation>
+		</xs:annotation>
+		<xs:list>
+			<xs:simpleType>
+				<xs:restriction base="xs:string">
+					<xs:enumeration value="SERVICE_AUTO_START">
+						<xs:annotation>
+							<xs:documentation>A service started automatically by the service control manager during system startup.</xs:documentation>
+						</xs:annotation>
+					</xs:enumeration>
+					<xs:enumeration value="SERVICE_BOOT_START">
+						<xs:annotation>
+							<xs:documentation>A device driver started by the system loader. This value is valid only for driver services.</xs:documentation>
+						</xs:annotation>
+					</xs:enumeration>
+					<xs:enumeration value="SERVICE_DEMAND_START">
+						<xs:annotation>
+							<xs:documentation>A service started by the service control manager when a process calls the StartService function.</xs:documentation>
+						</xs:annotation>
+					</xs:enumeration>
+					<xs:enumeration value="SERVICE_DISABLED">
+						<xs:annotation>
+							<xs:documentation>A service that cannot be started. Attempts to start the service result in the error code ERROR_SERVICE_DISABLED.</xs:documentation>
+						</xs:annotation>
+					</xs:enumeration>
+					<xs:enumeration value="SERVICE_SYSTEM_START">
+						<xs:annotation>
+							<xs:documentation>A device driver started by the IoInitSystem function. This value is valid only for driver services.</xs:documentation>
+						</xs:annotation>
+					</xs:enumeration>
+				</xs:restriction>
+			</xs:simpleType>
+		</xs:list>
+	</xs:simpleType>
+	<xs:simpleType name="ServiceStatusEnum">
+		<xs:annotation>
+			<xs:documentation>The ServiceStatusEnum type is an enumeration of potential service states. See also: http://msdn.microsoft.com/en-us/library/windows/desktop/ms685996(v=vs.85).aspx</xs:documentation>
+		</xs:annotation>
+		<xs:list>
+			<xs:simpleType>
+				<xs:restriction base="xs:string">
+					<xs:enumeration value="SERVICE_CONTINUE_PENDING">
+						<xs:annotation>
+							<xs:documentation>The service continue is pending.</xs:documentation>
+						</xs:annotation>
+					</xs:enumeration>
+					<xs:enumeration value="SERVICE_PAUSE_PENDING">
+						<xs:annotation>
+							<xs:documentation>The service pause is pending.</xs:documentation>
+						</xs:annotation>
+					</xs:enumeration>
+					<xs:enumeration value="SERVICE_PAUSED">
+						<xs:annotation>
+							<xs:documentation>The service is paused.</xs:documentation>
+						</xs:annotation>
+					</xs:enumeration>
+					<xs:enumeration value="SERVICE_RUNNING">
+						<xs:annotation>
+							<xs:documentation>The service is running.</xs:documentation>
+						</xs:annotation>
+					</xs:enumeration>
+					<xs:enumeration value="SERVICE_START_PENDING">
+						<xs:annotation>
+							<xs:documentation>The service is starting.</xs:documentation>
+						</xs:annotation>
+					</xs:enumeration>
+					<xs:enumeration value="SERVICE_STOP_PENDING">
+						<xs:annotation>
+							<xs:documentation>The service is stopping.</xs:documentation>
+						</xs:annotation>
+					</xs:enumeration>
+					<xs:enumeration value="SERVICE_STOPPED">
+						<xs:annotation>
+							<xs:documentation>The service is not running.</xs:documentation>
+						</xs:annotation>
+					</xs:enumeration>
+				</xs:restriction>
+			</xs:simpleType>
+		</xs:list>
+	</xs:simpleType>
+	<xs:simpleType name="ServiceTypeEnum">
+		<xs:annotation>
+			<xs:documentation>The ServiceTypeEnum type is an enumeration of service types. See also: http://msdn.microsoft.com/en-us/library/windows/desktop/ms685996(v=vs.85).aspx</xs:documentation>
+		</xs:annotation>
+		<xs:list>
+			<xs:simpleType>
+				<xs:restriction base="xs:string">
+					<xs:enumeration value="SERVICE_KERNEL_DRIVER">
+						<xs:annotation>
+							<xs:documentation>The service is a device driver.</xs:documentation>
+						</xs:annotation>
+					</xs:enumeration>
+					<xs:enumeration value="SERVICE_FILE_SYSTEM_DRIVER">
+						<xs:annotation>
+							<xs:documentation>The service is a file system driver.</xs:documentation>
+						</xs:annotation>
+					</xs:enumeration>
+					<xs:enumeration value="SERVICE_WIN32_OWN_PROCESS">
+						<xs:annotation>
+							<xs:documentation>The service runs in its own process.</xs:documentation>
+						</xs:annotation>
+					</xs:enumeration>
+					<xs:enumeration value="SERVICE_WIN32_SHARE_PROCESS">
+						<xs:annotation>
+							<xs:documentation>The service shares a process with other services.</xs:documentation>
+						</xs:annotation>
+					</xs:enumeration>
+				</xs:restriction>
+			</xs:simpleType>
+		</xs:list>
+	</xs:simpleType>
+</xs:schema>
\ No newline at end of file
diff --git a/stix_validator/schema/cybox/objects/Win_System_Object.xsd b/stix_validator/schema/cybox/objects/Win_System_Object.xsd
new file mode 100755
index 0000000..f347895
--- /dev/null
+++ b/stix_validator/schema/cybox/objects/Win_System_Object.xsd
@@ -0,0 +1,126 @@
+<?xml version="1.0" encoding="utf-8"?>
+<xs:schema xmlns:xs="http://www.w3.org/2001/XMLSchema" xmlns:WinSystemObj="http://cybox.mitre.org/objects#WinSystemObject-2" xmlns:cyboxCommon="http://cybox.mitre.org/common-2" xmlns:WinHandleObj="http://cybox.mitre.org/objects#WinHandleObject-2" xmlns:SystemObj="http://cybox.mitre.org/objects#SystemObject-2" targetNamespace="http://cybox.mitre.org/objects#WinSystemObject-2" elementFormDefault="qualified" attributeFormDefault="unqualified" version="2.0">
+	<xs:annotation>		
+		<xs:documentation>This schema was originally developed by The MITRE Corporation. The CybOX XML Schema implementation is maintained by The MITRE Corporation and developed by the open CybOX Community. For more information, including how to get involved in the effort and how to submit change requests, please visit the CybOX website at http://cybox.mitre.org. </xs:documentation>
+		<xs:appinfo>
+			<schema>Win_System_Object</schema>
+			<version>2.0</version>
+			<date>02/11/2013 9:00:00 AM</date>
+			<short_description>The following specifies the fields and types that compose this defined CybOX Object type. Each defined object is an extension of the abstract ObjectPropertiesType, defined in CybOX Common. For more information on this extension mechanism, please see the CybOX Specification. This document is intended for developers and assumes some familiarity with XML. </short_description>
+			<terms_of_use>Copyright (c) 2012-2013, The MITRE Corporation. All rights reserved. The contents of this file are subject to the terms of the CybOX License located at http://cybox.mitre.org/about/termsofuse.html. See the CybOX License for the specific language governing permissions and limitations for use of this schema. When distributing copies of the CybOX Schema, this license header must be included. </terms_of_use>
+		</xs:appinfo>
+	</xs:annotation>
+	<xs:import namespace="http://cybox.mitre.org/objects#WinHandleObject-2" schemaLocation="Win_Handle_Object.xsd"/>
+	<xs:import namespace="http://cybox.mitre.org/objects#SystemObject-2" schemaLocation="System_Object.xsd"/>
+	<xs:import namespace="http://cybox.mitre.org/common-2" schemaLocation="../cybox_common.xsd"/>
+	<xs:element name="Windows_System" type="WinSystemObj:WindowsSystemObjectType" nillable="true">
+		<xs:annotation>
+			<xs:documentation>Windows_System object is intended to characterize Windows systems.</xs:documentation>
+		</xs:annotation>
+	</xs:element>
+	<xs:complexType name="WindowsSystemObjectType" mixed="false">
+		<xs:annotation>
+			<xs:documentation>The WindowsSystemObjectType type is intended to characterize Windows systems.</xs:documentation>
+		</xs:annotation>
+		<xs:complexContent>
+			<xs:extension base="SystemObj:SystemObjectType">
+				<xs:sequence>
+					<xs:element name="Domain" type="cyboxCommon:StringObjectPropertyType" minOccurs="0" maxOccurs="unbounded">
+						<xs:annotation>
+							<xs:documentation>The domain that the system belongs to.</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+					<xs:element name="Global_Flag_List" type="WinSystemObj:GlobalFlagListType" minOccurs="0">
+						<xs:annotation>
+							<xs:documentation>A list of global flags. See also: http://msdn.microsoft.com/en-us/library/windows/hardware/ff549557(v=vs.85).aspx</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+					<xs:element name="NetBIOS_Name" type="cyboxCommon:StringObjectPropertyType" minOccurs="0">
+						<xs:annotation>
+							<xs:documentation>The NetBIOS_Name field specifies the NetBIOS (Network Basic Input/Output System) name of the Windows system. This is not the same as the host name.</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+					<xs:element name="Open_Handle_List" type="WinHandleObj:WindowsHandleListType" minOccurs="0">
+						<xs:annotation>
+							<xs:documentation>The Open_Handle_List field specifies the list of open handles for the Windows system.</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+					<xs:element name="Product_ID" type="cyboxCommon:StringObjectPropertyType" minOccurs="0" maxOccurs="1">
+						<xs:annotation>
+							<xs:documentation>The Product ID. See also: http://support.microsoft.com/gp/pidwin</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+					<xs:element name="Product_Name" type="cyboxCommon:StringObjectPropertyType" minOccurs="0" maxOccurs="1">
+						<xs:annotation>
+							<xs:documentation>The ProductName of the current installation of Windows. This is typically found in HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion!ProductName </xs:documentation>
+						</xs:annotation>
+					</xs:element>
+					<xs:element name="Registered_Organization" type="cyboxCommon:StringObjectPropertyType" minOccurs="0" maxOccurs="1">
+						<xs:annotation>
+							<xs:documentation>The organization that this copy of Windows is registered to.</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+					<xs:element name="Registered_Owner" type="cyboxCommon:StringObjectPropertyType" minOccurs="0" maxOccurs="1">
+						<xs:annotation>
+							<xs:documentation>The person or organization that is the registered owner of this copy of Windows.</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+					<xs:element name="Windows_Directory" type="cyboxCommon:StringObjectPropertyType" minOccurs="0">
+						<xs:annotation>
+							<xs:documentation>The Windows_Directory field specifies the fully-qualified path to the Windows install directory.</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+					<xs:element name="Windows_System_Directory" type="cyboxCommon:StringObjectPropertyType" minOccurs="0">
+						<xs:annotation>
+							<xs:documentation>The Windows_System_Directory field specifies the fully-qualified path to the Windows system directory.</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+					<xs:element name="Windows_Temp_Directory" type="cyboxCommon:StringObjectPropertyType" minOccurs="0">
+						<xs:annotation>
+							<xs:documentation>The Windows_Temp_Directory field specifies the fully-qualified path to the Windows temporary files directory.</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+				</xs:sequence>
+			</xs:extension>
+		</xs:complexContent>
+	</xs:complexType>
+	<xs:complexType name="GlobalFlagListType">
+		<xs:annotation>
+			<xs:documentation>The GlobalFlagListType type is a listing of all Windows global flags.</xs:documentation>
+		</xs:annotation>
+		<xs:sequence>
+			<xs:element name="Global_Flag" type="WinSystemObj:GlobalFlagType" maxOccurs="unbounded">
+				<xs:annotation>
+					<xs:documentation>This characterizes Windows global flags. See also: http://msdn.microsoft.com/en-us/library/windows/hardware/ff549557(v=vs.85).aspx</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+		</xs:sequence>
+	</xs:complexType>
+	<xs:complexType name="GlobalFlagType">
+		<xs:annotation>
+			<xs:documentation>The GlobalFlagType type is intended to characterize Windows global flags.</xs:documentation>
+		</xs:annotation>
+		<xs:sequence>
+			<xs:element name="Abbreviation" type="cyboxCommon:StringObjectPropertyType" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>The abbreviation of a global flag. See also: http://msdn.microsoft.com/en-us/library/windows/hardware/ff549646(v=vs.85).aspx</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="Destination" type="cyboxCommon:StringObjectPropertyType" minOccurs="0" maxOccurs="1">
+				<xs:annotation>
+					<xs:documentation>The destination of a global flag. See also: http://msdn.microsoft.com/en-us/library/windows/hardware/ff549646(v=vs.85).aspx</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="Hexadecimal_Value" type="cyboxCommon:HexBinaryObjectPropertyType" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>The hexadecimal value of a global flag. See also: http://msdn.microsoft.com/en-us/library/windows/hardware/ff549646(v=vs.85).aspx</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="Symbolic_Name" type="cyboxCommon:StringObjectPropertyType" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>The symbolic name of a global flag. See also: http://msdn.microsoft.com/en-us/library/windows/hardware/ff549646(v=vs.85).aspx</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+		</xs:sequence>
+	</xs:complexType>
+</xs:schema>
\ No newline at end of file
diff --git a/stix_validator/schema/cybox/objects/Win_System_Restore_Object.xsd b/stix_validator/schema/cybox/objects/Win_System_Restore_Object.xsd
new file mode 100755
index 0000000..505d943
--- /dev/null
+++ b/stix_validator/schema/cybox/objects/Win_System_Restore_Object.xsd
@@ -0,0 +1,199 @@
+<?xml version="1.0" encoding="utf-8"?>
+<xs:schema xmlns:xs="http://www.w3.org/2001/XMLSchema" xmlns:WinSystemRestoreObj="http://cybox.mitre.org/objects#WinSystemRestoreObject-2" xmlns:cyboxCommon="http://cybox.mitre.org/common-2" targetNamespace="http://cybox.mitre.org/objects#WinSystemRestoreObject-2" elementFormDefault="qualified" attributeFormDefault="unqualified" version="2.0">
+	<xs:annotation>
+		<xs:documentation>This schema was originally developed by The MITRE Corporation. The CybOX XML Schema implementation is maintained by The MITRE Corporation and developed by the open CybOX Community. For more information, including how to get involved in the effort and how to submit change requests, please visit the CybOX website at http://cybox.mitre.org. </xs:documentation>
+		<xs:appinfo>
+			<schema>Win_System_Restore_Object</schema>
+			<version>2.0</version>
+			<date>02/11/2013 9:00:00 AM</date>
+			<short_description>The following specifies the fields and types that compose this defined CybOX Object type. Each defined object is an extension of the abstract ObjectPropertiesType, defined in CybOX Common. For more information on this extension mechanism, please see the CybOX Specification. This document is intended for developers and assumes some familiarity with XML. </short_description>
+			<terms_of_use>Copyright (c) 2012-2013, The MITRE Corporation. All rights reserved. The contents of this file are subject to the terms of the CybOX License located at http://cybox.mitre.org/about/termsofuse.html. See the CybOX License for the specific language governing permissions and limitations for use of this schema. When distributing copies of the CybOX Schema, this license header must be included. </terms_of_use>
+		</xs:appinfo>
+	</xs:annotation>
+	<xs:import namespace="http://cybox.mitre.org/common-2" schemaLocation="../cybox_common.xsd"/>
+	<xs:element name="Windows_System_Restore_Entry" type="WinSystemRestoreObj:WindowsSystemRestoreObjectType">
+		<xs:annotation>
+			<xs:documentation>Windows_System_Restore_Entry object is intended to characterize Windows system restore points. See also: http://msdn.microsoft.com/en-us/library/windows/desktop/dd408121(v=vs.85).aspx</xs:documentation>
+		</xs:annotation>
+	</xs:element>
+	<xs:complexType name="WindowsSystemRestoreObjectType" mixed="false">
+		<xs:annotation>
+			<xs:documentation>The WindowsSystemRestoreObjectType is intended to characterize Windows system restore points.</xs:documentation>
+		</xs:annotation>
+		<xs:complexContent>
+			<xs:extension base="cyboxCommon:ObjectPropertiesType">
+				<xs:sequence>
+					<xs:element name="Restore_Point_Description" type="cyboxCommon:StringObjectPropertyType" minOccurs="0">
+						<xs:annotation>
+							<xs:documentation>The description of this restore point</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+					<xs:element name="Restore_Point_Full_Path" type="cyboxCommon:StringObjectPropertyType" minOccurs="0">
+						<xs:annotation>
+							<xs:documentation>The full path to the restore point</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+					<xs:element name="Restore_Point_Name" type="cyboxCommon:StringObjectPropertyType" minOccurs="0">
+						<xs:annotation>
+							<xs:documentation>The name associated with this restore point.</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+					<xs:element name="Restore_Point_Type" type="cyboxCommon:StringObjectPropertyType" minOccurs="0">
+						<xs:annotation>
+							<xs:documentation>The type of restore point. (ex: "Checkpoint")</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+					<xs:element name="ACL_Change_SID" type="cyboxCommon:StringObjectPropertyType" minOccurs="0" maxOccurs="1">
+						<xs:annotation>
+							<xs:documentation>The SID associated with a restore point change log event. This usually appears when the event flag includes "ACL Info". </xs:documentation>
+						</xs:annotation>
+					</xs:element>
+					<xs:element name="ACL_Change_Username" type="cyboxCommon:StringObjectPropertyType" minOccurs="0" maxOccurs="1">
+						<xs:annotation>
+							<xs:documentation>The username associated with a restore point change log event. It usually appears when the event flag includes "ACL Info"</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+					<xs:element name="Backup_File_Name" type="cyboxCommon:StringObjectPropertyType" minOccurs="0">
+						<xs:annotation>
+							<xs:documentation>The backup file name associated with a particular restore point change log event</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+					<xs:element name="Change_Event" type="WinSystemRestoreObj:ChangeLogEntryTypeType" minOccurs="0" maxOccurs="1">
+						<xs:annotation>
+							<xs:documentation> The change event associated with this restore point object (ex: "System Checkpoint", "Software Installation", etc.) </xs:documentation>
+						</xs:annotation>
+					</xs:element>
+					<xs:element name="ChangeLog_Entry_Flags" type="cyboxCommon:StringObjectPropertyType" minOccurs="0" maxOccurs="1">
+						<xs:annotation>
+							<xs:documentation>The flags associated with a restore point change log entry (ex: "ACL Info, "Short Name", etc.) </xs:documentation>
+						</xs:annotation>
+					</xs:element>
+					<xs:element name="ChangeLog_Entry_Sequence_Number" type="cyboxCommon:LongObjectPropertyType" minOccurs="0" maxOccurs="1">
+						<xs:annotation>
+							<xs:documentation>The change log sequence number associated with this restore point object</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+					<xs:element name="ChangeLog_Entry_Type" type="WinSystemRestoreObj:ChangeLogEntryTypeType" minOccurs="0" maxOccurs="1">
+						<xs:annotation>
+							<xs:documentation>The changelog entry type associated with this restore point object.</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+					<xs:element name="Change_Log_File_Name" type="cyboxCommon:StringObjectPropertyType" minOccurs="0" maxOccurs="1">
+						<xs:annotation>
+							<xs:documentation>The changelog file associated with the restore point</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+					<xs:element name="Created" type="cyboxCommon:DateTimeObjectPropertyType" minOccurs="0">
+						<xs:annotation>
+							<xs:documentation>The created date of the system restore point.</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+					<xs:element name="File_Attributes" type="cyboxCommon:StringObjectPropertyType" minOccurs="0" maxOccurs="1">
+						<xs:annotation>
+							<xs:documentation>Attributes of the file associated with this restore point object (ex: "Directory")</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+					<xs:element name="New_File_Name" type="cyboxCommon:StringObjectPropertyType" minOccurs="0" maxOccurs="1">
+						<xs:annotation>
+							<xs:documentation>The new filename of the file associated with this restore point object.</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+					<xs:element name="Original_File_Name" type="cyboxCommon:StringObjectPropertyType" minOccurs="0" maxOccurs="1">
+						<xs:annotation>
+							<xs:documentation>The original filename associated with this restore point change log event</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+					<xs:element name="Original_Short_File_Name" type="cyboxCommon:StringObjectPropertyType" minOccurs="0" maxOccurs="1">
+						<xs:annotation>
+							<xs:documentation>The original Short filename (SFN) of the file associated with this restore point object</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+					<xs:element name="Process_Name" type="cyboxCommon:StringObjectPropertyType" minOccurs="0" maxOccurs="1">
+						<xs:annotation>
+							<xs:documentation>The process name associated with this restore point object.</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+					<xs:element name="Registry_Hive_List" type="WinSystemRestoreObj:HiveListType" minOccurs="0" maxOccurs="1">
+						<xs:annotation>
+							<xs:documentation>The registry hives associated with this restore point</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+				</xs:sequence>
+			</xs:extension>
+		</xs:complexContent>
+	</xs:complexType>
+	<xs:complexType name="HiveListType">
+		<xs:sequence>
+			<xs:element name="Hive" type="cyboxCommon:StringObjectPropertyType" minOccurs="1" maxOccurs="unbounded"/>
+		</xs:sequence>
+	</xs:complexType>
+	<xs:complexType name="ChangeLogEntryTypeType">
+		<xs:annotation>
+			<xs:documentation>ChangeLogEntryTypeType types, via a union of the ChangeLogEntryTypeEnum type and the atomic xs:string type. Its base type is the CybOX Core BaseObjectPropertyType, for permitting complex (i.e. regular-expression based) specifications.</xs:documentation>
+		</xs:annotation>
+		<xs:simpleContent>
+			<xs:restriction base="cyboxCommon:BaseObjectPropertyType">
+				<xs:simpleType>
+					<xs:union memberTypes="WinSystemRestoreObj:ChangeLogEntryTypeEnum xs:string"/>
+				</xs:simpleType>
+				<xs:attribute name="datatype" type="cyboxCommon:DatatypeEnum" fixed="string">
+					<xs:annotation>
+						<xs:documentation>This attribute is optional and specifies the expected type for the value of the specified property.</xs:documentation>
+					</xs:annotation>
+				</xs:attribute>
+			</xs:restriction>
+		</xs:simpleContent>
+	</xs:complexType>
+	<xs:simpleType name="ChangeLogEntryTypeEnum">
+		<xs:annotation>
+			<xs:documentation>The change types found in a Restore Point changelog&gt;</xs:documentation>
+		</xs:annotation>
+		<xs:restriction base="xs:string">
+			<xs:enumeration value="UPDATE_ACL">
+				<xs:annotation>
+					<xs:documentation>Represents a changelog entry descriptor for updating an ACL. (0x00000001)</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="UPDATE_ATTRIBUTES">
+				<xs:annotation>
+					<xs:documentation>Represents a changelog entry descriptor for updating attributes. (0x00000002)</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="DELETE_FILE">
+				<xs:annotation>
+					<xs:documentation>Represents a changelog entry descriptor for deleting a file. (0x00000004)</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="CREATE_FILE">
+				<xs:annotation>
+					<xs:documentation>Represents a changelog entry descriptor for creating a file. (0x00000010)</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="RENAME_FILE">
+				<xs:annotation>
+					<xs:documentation>Represents a changelog entry descriptor for renaming a file. (0x00000020)</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="CREATE_DIRECTORY">
+				<xs:annotation>
+					<xs:documentation>Represents a changelog entry descriptor for creating a directory. (0x00000040)</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="RENAME_DIRECTORY">
+				<xs:annotation>
+					<xs:documentation>Represents a changelog entry descriptor for renaming a directory. (0x00000080)</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="DELETE_DIRECTORY">
+				<xs:annotation>
+					<xs:documentation>Represents a changelog entry descriptor for deleting a directory. (0x00000100)</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="MNT_CREATE">
+				<xs:annotation>
+					<xs:documentation>Related to filesystem attachment points. (0x00000200)</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+		</xs:restriction>
+	</xs:simpleType>
+</xs:schema>
\ No newline at end of file
diff --git a/stix_validator/schema/cybox/objects/Win_Task_Object.xsd b/stix_validator/schema/cybox/objects/Win_Task_Object.xsd
new file mode 100755
index 0000000..be82a93
--- /dev/null
+++ b/stix_validator/schema/cybox/objects/Win_Task_Object.xsd
@@ -0,0 +1,755 @@
+<?xml version="1.0" encoding="utf-8"?>
+<xs:schema xmlns:xs="http://www.w3.org/2001/XMLSchema" xmlns:WinTaskObj="http://cybox.mitre.org/objects#WinTaskObject-2" xmlns:cyboxCommon="http://cybox.mitre.org/common-2" xmlns:EmailMessageObj="http://cybox.mitre.org/objects#EmailMessageObject-2" targetNamespace="http://cybox.mitre.org/objects#WinTaskObject-2" elementFormDefault="qualified" attributeFormDefault="unqualified" version="2.0">
+	<xs:annotation>
+		<xs:documentation>This schema was originally developed by The MITRE Corporation. The CybOX XML Schema implementation is maintained by The MITRE Corporation and developed by the open CybOX Community. For more information, including how to get involved in the effort and how to submit change requests, please visit the CybOX website at http://cybox.mitre.org. </xs:documentation>
+		<xs:appinfo>
+			<schema>Win_Task_Object</schema>
+			<version>2.0</version>
+			<date>02/11/2013 9:00:00 AM</date>
+			<short_description>The following specifies the fields and types that compose this defined CybOX Object type. Each defined object is an extension of the abstract ObjectPropertiesType, defined in CybOX Common. For more information on this extension mechanism, please see the CybOX Specification. This document is intended for developers and assumes some familiarity with XML. </short_description>
+			<terms_of_use>Copyright (c) 2012-2013, The MITRE Corporation. All rights reserved. The contents of this file are subject to the terms of the CybOX License located at http://cybox.mitre.org/about/termsofuse.html. See the CybOX License for the specific language governing permissions and limitations for use of this schema. When distributing copies of the CybOX Schema, this license header must be included. </terms_of_use>
+		</xs:appinfo>
+	</xs:annotation>
+	<xs:import namespace="http://cybox.mitre.org/common-2" schemaLocation="../cybox_common.xsd"/>
+	<xs:import namespace="http://cybox.mitre.org/objects#EmailMessageObject-2" schemaLocation="Email_Message_Object.xsd"/>
+	<xs:element name="Windows_Task" type="WinTaskObj:WindowsTaskObjectType">
+		<xs:annotation>
+			<xs:documentation>The Windows_Task object is intended to characterize Windows task scheduler tasks. See also: http://msdn.microsoft.com/en-us/library/windows/desktop/aa381311(v=vs.85).aspx</xs:documentation>
+		</xs:annotation>
+	</xs:element>
+	<xs:complexType name="WindowsTaskObjectType" mixed="false">
+		<xs:annotation>
+			<xs:documentation>The WindowsTaskObjectType type is intended to characterize Windows task scheduler tasks. See Also: http://msdn.microsoft.com/en-us/library/windows/desktop/aa381311(v=vs.85).aspx</xs:documentation>
+		</xs:annotation>
+		<xs:complexContent>
+			<xs:extension base="cyboxCommon:ObjectPropertiesType">
+				<xs:sequence>
+					<xs:element name="Status" type="WinTaskObj:TaskStatusType" minOccurs="0">
+						<xs:annotation>
+							<xs:documentation>The Status field specifies the current status of the scheduled task. See also: http://msdn.microsoft.com/en-us/library/windows/desktop/aa381263(v=vs.85).aspx</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+					<xs:element name="Priority" type="WinTaskObj:TaskPriorityType" minOccurs="0">
+						<xs:annotation>
+							<xs:documentation>The Priority field specifies the priority of the scheduled task. This can either be a free-form string or one the values in the TaskPriorityEnum enumeration. See also: http://msdn.microsoft.com/en-us/library/windows/desktop/aa381876(v=vs.85).aspx</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+					<xs:element name="Name" type="cyboxCommon:StringObjectPropertyType" minOccurs="0">
+						<xs:annotation>
+							<xs:documentation>The Name field specifies the image name for the task.</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+					<xs:element name="Application_Name" type="cyboxCommon:StringObjectPropertyType" minOccurs="0">
+						<xs:annotation>
+							<xs:documentation>The Application_Name specifies the application name associated with the task.</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+					<xs:element name="Parameters" type="cyboxCommon:StringObjectPropertyType" minOccurs="0">
+						<xs:annotation>
+							<xs:documentation>The Parameters field specifies the command line parameters used to launch the scheduled task. See also: http://msdn.microsoft.com/en-us/library/windows/desktop/aa381875(v=vs.85).aspx</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+					<xs:element name="Flags" type="WinTaskObj:TaskFlagType" minOccurs="0">
+						<xs:annotation>
+							<xs:documentation>The Flags field specifies any flags that modify the behavior of the scheduled task. See also: http://msdn.microsoft.com/en-us/library/windows/desktop/aa381248(v=vs.85).aspx</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+					<xs:element name="Account_Name" type="cyboxCommon:StringObjectPropertyType" minOccurs="0">
+						<xs:annotation>
+							<xs:documentation>The Account_Name field specifies the name of the account used to run the scheduled task. See also: http://msdn.microsoft.com/en-us/library/windows/desktop/aa381228(v=vs.85).aspx</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+					<xs:element name="Account_Run_Level" type="cyboxCommon:StringObjectPropertyType" minOccurs="0">
+						<xs:annotation>
+							<xs:documentation>The Account_Run_Level field specifies the permission level of the account that the task will be run at.</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+					<xs:element name="Account_Logon_Type" type="cyboxCommon:StringObjectPropertyType" minOccurs="0">
+						<xs:annotation>
+							<xs:documentation>The Account_Logon_Type field specifies the security logon method required to run the tasks associated with the account. See also: http://msdn.microsoft.com/en-us/library/windows/desktop/aa383013(v=vs.85).aspx</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+					<xs:element name="Creator" type="cyboxCommon:StringObjectPropertyType" minOccurs="0">
+						<xs:annotation>
+							<xs:documentation>The Creator field specifies the name of the creator of the scheduled task. See also: http://msdn.microsoft.com/en-us/library/windows/desktop/aa381235(v=vs.85).aspx</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+					<xs:element name="Creation_Date" type="cyboxCommon:DateTimeObjectPropertyType" minOccurs="0">
+						<xs:annotation>
+							<xs:documentation>The Creation_Date field specifies the date and time that the task was registered. See also: http://msdn.microsoft.com/en-us/library/windows/desktop/aa382623(v=vs.85).aspx</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+					<xs:element name="Most_Recent_Run_Time" type="cyboxCommon:DateTimeObjectPropertyType" minOccurs="0">
+						<xs:annotation>
+							<xs:documentation>The Most_Recent_Run_Time field specifies the most recent run date/time of this scheduled task. See also: http://msdn.microsoft.com/en-us/library/windows/desktop/aa381254(v=vs.85).aspx</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+					<xs:element name="Exit_Code" type="cyboxCommon:LongObjectPropertyType" minOccurs="0">
+						<xs:annotation>
+							<xs:documentation>The Exit_Code field specifies the last exit code of the scheduled task. See also: http://msdn.microsoft.com/en-us/library/windows/desktop/aa381245(v=vs.85).aspx</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+					<xs:element name="Max_Run_Time" type="cyboxCommon:UnsignedLongObjectPropertyType" minOccurs="0">
+						<xs:annotation>
+							<xs:documentation>The Max_Run_Time field specifies the maximum run time of the scheduled task before terminating, in milliseconds. See also: http://msdn.microsoft.com/en-us/library/windows/desktop/aa381874(v=vs.85).aspx</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+					<xs:element name="Next_Run_Time" type="cyboxCommon:DateTimeObjectPropertyType" minOccurs="0">
+						<xs:annotation>
+							<xs:documentation>The Next_Run_Time field specifies the next run date/time of the scheduled task. See also: http://msdn.microsoft.com/en-us/library/windows/desktop/aa381257(v=vs.85).aspx</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+					<xs:element name="Action_List" type="WinTaskObj:TaskActionListType" minOccurs="0" maxOccurs="1">
+						<xs:annotation>
+							<xs:documentation>The Action_List field specifies a list of actions to be performed by the scheduled task.</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+					<xs:element name="Trigger_List" type="WinTaskObj:TriggerListType" minOccurs="0">
+						<xs:annotation>
+							<xs:documentation>The Trigger_List field specifies a set of triggers used by the scheduled task. See also: http://msdn.microsoft.com/en-us/library/windows/desktop/aa383264(v=vs.85).aspx</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+					<xs:element name="Comment" type="cyboxCommon:StringObjectPropertyType" minOccurs="0">
+						<xs:annotation>
+							<xs:documentation>The Comment field specifies a comment for the scheduled task. See also: http://msdn.microsoft.com/en-us/library/windows/desktop/aa381232(v=vs.85).aspx</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+					<xs:element name="Working_Directory" type="cyboxCommon:StringObjectPropertyType" minOccurs="0">
+						<xs:annotation>
+							<xs:documentation>The Working_Directory field specifies the working directory for the scheduled task. See also: http://msdn.microsoft.com/en-us/library/windows/desktop/aa381878(v=vs.85).aspx</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+					<xs:element name="Work_Item_Data" type="cyboxCommon:Base64BinaryObjectPropertyType" minOccurs="0">
+						<xs:annotation>
+							<xs:documentation>The Work_Item_Data field specifies application defined data associated with the scheduled task. See also: http://msdn.microsoft.com/en-us/library/windows/desktop/aa381271(v=vs.85).aspx</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+				</xs:sequence>
+			</xs:extension>
+		</xs:complexContent>
+	</xs:complexType>
+	<xs:complexType name="TriggerListType">
+		<xs:annotation>
+			<xs:documentation>The TriggerListType type specifies a set of triggers associated with the scheduled task.</xs:documentation>
+		</xs:annotation>
+		<xs:sequence minOccurs="1" maxOccurs="1">
+			<xs:element name="Trigger" type="WinTaskObj:TriggerType" minOccurs="1" maxOccurs="unbounded">
+				<xs:annotation>
+					<xs:documentation>A trigger associated with this scheduled task. See also: http://msdn.microsoft.com/en-us/library/windows/desktop/aa381264(v=vs.85).aspx</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+		</xs:sequence>
+	</xs:complexType>
+	<xs:complexType name="TriggerType">
+		<xs:annotation>
+			<xs:documentation>The TriggerType type characterizes task triggers. See also: http://msdn.microsoft.com/en-us/library/windows/desktop/aa383868(v=vs.85).aspx</xs:documentation>
+		</xs:annotation>
+		<xs:sequence>
+			<xs:element name="Trigger_Begin" type="cyboxCommon:DateTimeObjectPropertyType" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>The Trigger_Begin_Element specifies the date/time that the trigger is activated.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="Trigger_Delay" type="cyboxCommon:DurationObjectPropertyType" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>The Trigger_Delay field specifies the delay that takes place between when the task is registered and when the task is started.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="Trigger_End" type="cyboxCommon:DateTimeObjectPropertyType" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>The Trigger_End field specifies the date/time that the trigger is deactivated.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="Trigger_Frequency" type="WinTaskObj:TaskTriggerFrequencyType" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>The Trigger_Frequency field specifies the frequency at which the trigger repeats.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="Trigger_Max_Run_Time" type="cyboxCommon:DurationObjectPropertyType" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>The maximum amount of time that the task launched by the trigger is allowed to run. See also: http://msdn.microsoft.com/en-us/library/windows/desktop/aa383868(v=vs.85).aspx</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="Trigger_Session_Change_Type" type="cyboxCommon:StringObjectPropertyType" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>The Trigger_Session_Change_Type field specifies the type of Terminal Server session change that would trigger a task launch. See also: http://msdn.microsoft.com/en-us/library/windows/desktop/aa381298(v=vs.85).aspx</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="Trigger_Type" type="WinTaskObj:TriggerType" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>The Trigger_Type specifies the type of the task trigger.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+		</xs:sequence>
+		<xs:attribute name="enabled" type="xs:boolean">
+			<xs:annotation>
+				<xs:documentation>The enabled field specifies whether the trigger is enabled.</xs:documentation>
+			</xs:annotation>
+		</xs:attribute>
+	</xs:complexType>
+	<xs:complexType name="TaskActionListType">
+		<xs:annotation>
+			<xs:documentation>The TaskActionListType type specifies a list of task actions.</xs:documentation>
+		</xs:annotation>
+		<xs:sequence>
+			<xs:element name="Action" type="WinTaskObj:TaskActionType" minOccurs="1" maxOccurs="unbounded">
+				<xs:annotation>
+					<xs:documentation>The work items performed by a task are called actions. See also: http://msdn.microsoft.com/en-us/library/windows/desktop/aa383549(v=vs.85).aspx</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+		</xs:sequence>
+	</xs:complexType>
+	<xs:complexType name="TaskActionType">
+		<xs:annotation>
+			<xs:documentation>The TaskActionType type characterizes scheduled task actions.</xs:documentation>
+		</xs:annotation>
+		<xs:sequence>
+			<xs:element name="Action_Type" type="WinTaskObj:TaskActionTypeType" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>The Action_Type field specifies the type of the action. See also: http://msdn.microsoft.com/en-us/library/windows/desktop/aa380596(v=vs.85).aspx</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="Action_ID" type="cyboxCommon:StringObjectPropertyType" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>The Action_ID field specifies the user-defined identifier for the action. This identifier is used by the Task Scheduler for logging purposes. See also: http://msdn.microsoft.com/en-us/library/windows/desktop/aa380590(v=vs.85).aspx</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="IEmailAction" type="EmailMessageObj:EmailMessageObjectType" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>The IEmail_Action field specifies an action that sends an e-mail, which in this context refers to actual email message sent. See also: http://msdn.microsoft.com/en-us/library/windows/desktop/aa380693(v=vs.85).aspx</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="IComHandlerAction" type="WinTaskObj:IComHandlerActionType" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>The IComHandlerAction field specifies an action that fires a handler.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="IExecAction" type="WinTaskObj:IExecActionType" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>The IExecAction field specifies an action that executes a command-line operation. See also: http://msdn.microsoft.com/en-us/library/windows/desktop/aa380715(v=vs.85).aspx</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="IShowMessageAction" type="WinTaskObj:IShowMessageActionType" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>The IShowMessageAction field specifies an action that shows a message box when a task is activated. See also: http://msdn.microsoft.com/en-us/library/windows/desktop/aa381302(v=vs.85).aspx</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+		</xs:sequence>
+	</xs:complexType>
+	<xs:complexType name="TaskActionTypeType">
+		<xs:annotation>
+			<xs:documentation>The TaskActionTypeType characterizes the specific types of task actions.</xs:documentation>
+		</xs:annotation>
+		<xs:simpleContent>
+			<xs:restriction base="cyboxCommon:BaseObjectPropertyType">
+				<xs:simpleType>
+					<xs:union memberTypes="WinTaskObj:TaskActionTypeEnum xs:string"/>
+				</xs:simpleType>
+				<xs:attribute name="datatype" type="cyboxCommon:DatatypeEnum" fixed="string">
+					<xs:annotation>
+						<xs:documentation>This attribute is optional and specifies the expected type for the value of the specified property.</xs:documentation>
+					</xs:annotation>
+				</xs:attribute>
+			</xs:restriction>
+		</xs:simpleContent>
+	</xs:complexType>
+	<xs:complexType name="IComHandlerActionType">
+		<xs:annotation>
+			<xs:documentation>The IComHandlerActionType type characterizes IComHandler actions.</xs:documentation>
+		</xs:annotation>
+		<xs:sequence>
+			<xs:element name="COM_Data" type="cyboxCommon:StringObjectPropertyType" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>The COM_Data field specifies the data associated with the COM handler. See also: http://msdn.microsoft.com/en-us/library/windows/desktop/aa380613(v=vs.85).aspx</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="COM_Class_ID" type="cyboxCommon:StringObjectPropertyType" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>The COM_Class_ID field specifies the ID of the COM action. See also: http://msdn.microsoft.com/en-us/library/windows/desktop/aa380613(v=vs.85).aspx</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+		</xs:sequence>
+	</xs:complexType>
+	<xs:complexType name="IExecActionType">
+		<xs:annotation>
+			<xs:documentation>The IExecActionType type characterizes IExec actions.</xs:documentation>
+		</xs:annotation>
+		<xs:sequence>
+			<xs:element name="Exec_Arguments" type="cyboxCommon:StringObjectPropertyType" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>The Exec_Arguments field specifies the arguments associated with the command-line operation launched by the action. See also: http://msdn.microsoft.com/en-us/library/windows/desktop/aa380715(v=vs.85).aspx</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="Exec_Program_Path" type="cyboxCommon:StringObjectPropertyType" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>The Exec_Program_Path field specifies the path to the executable file launched by the action. See also: http://msdn.microsoft.com/en-us/library/windows/desktop/aa380715(v=vs.85).aspx</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="Exec_Working_Directory" type="cyboxCommon:StringObjectPropertyType" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>The Exec_Working_Directory field specifies the directory that contains either the executable file or the files that are used by the executable file launched by the action. See also: http://msdn.microsoft.com/en-us/library/windows/desktop/aa380715(v=vs.85).aspx</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="Exec_Program_Hashes" type="cyboxCommon:HashListType" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>The Exec_Program_Element specifies the hashes of the executable file launched by the action.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+		</xs:sequence>
+	</xs:complexType>
+	<xs:complexType name="IShowMessageActionType">
+		<xs:annotation>
+			<xs:documentation>The IShowMessageActionType type characterizes IShowMessage actions.</xs:documentation>
+		</xs:annotation>
+		<xs:sequence>
+			<xs:element name="Show_Message_Body" type="cyboxCommon:StringObjectPropertyType" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>The Show_Message_Body field specifies the message text that is displayed in the body of the message box by the action. See also: http://msdn.microsoft.com/en-us/library/windows/desktop/aa381302(v=vs.85).aspx</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="Show_Message_Title" type="cyboxCommon:StringObjectPropertyType" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>The Show_Message_Title field specifies the title of the message box shown by the action. See also: http://msdn.microsoft.com/en-us/library/windows/desktop/aa381302(v=vs.85).aspx</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+		</xs:sequence>
+	</xs:complexType>
+	<xs:complexType name="TaskFlagType">
+		<xs:annotation>
+			<xs:documentation>The TaskFlagType type specifies Windows Task flag types via a union of the TaskFlagEnum type and the atomic xs:string type. Its base type is the CybOX Core BaseObjectPropertyType, for permitting complex (i.e. regular-expression based) specifications.</xs:documentation>
+		</xs:annotation>
+		<xs:simpleContent>
+			<xs:restriction base="cyboxCommon:BaseObjectPropertyType">
+				<xs:simpleType>
+					<xs:union memberTypes="WinTaskObj:TaskFlagEnum xs:string"/>
+				</xs:simpleType>
+				<xs:attribute name="datatype" type="cyboxCommon:DatatypeEnum" fixed="string">
+					<xs:annotation>
+						<xs:documentation>This attribute is optional and specifies the expected type for the value of the specified property.</xs:documentation>
+					</xs:annotation>
+				</xs:attribute>
+			</xs:restriction>
+		</xs:simpleContent>
+	</xs:complexType>
+	<xs:complexType name="TaskPriorityType">
+		<xs:annotation>
+			<xs:documentation>The TaskPriorityType type specifies Windows Task priority types via a union of the TaskPriorityEnum type and the atomic xs:string type. Its base type is the CybOX Core BaseObjectPropertyType, for permitting complex (i.e. regular-expression based) specifications.</xs:documentation>
+		</xs:annotation>
+		<xs:simpleContent>
+			<xs:restriction base="cyboxCommon:BaseObjectPropertyType">
+				<xs:simpleType>
+					<xs:union memberTypes="WinTaskObj:TaskPriorityEnum xs:string"/>
+				</xs:simpleType>
+				<xs:attribute name="datatype" type="cyboxCommon:DatatypeEnum" fixed="string">
+					<xs:annotation>
+						<xs:documentation>This attribute is optional and specifies the expected type for the value of the specified property.</xs:documentation>
+					</xs:annotation>
+				</xs:attribute>
+			</xs:restriction>
+		</xs:simpleContent>
+	</xs:complexType>
+	<xs:complexType name="TaskTriggerFrequencyType">
+		<xs:annotation>
+			<xs:documentation>The TaskTriggerFrequencyType type specifies Windows Task trigger frequency types via a union of the TriggerFrequencyEnum type and the atomic xs:string type. Its base type is the CybOX Core BaseObjectPropertyType, for permitting complex (i.e. regular-expression based) specifications.</xs:documentation>
+		</xs:annotation>
+		<xs:simpleContent>
+			<xs:restriction base="cyboxCommon:BaseObjectPropertyType">
+				<xs:simpleType>
+					<xs:union memberTypes="WinTaskObj:TriggerFrequencyEnum xs:string"/>
+				</xs:simpleType>
+				<xs:attribute name="datatype" type="cyboxCommon:DatatypeEnum" fixed="string">
+					<xs:annotation>
+						<xs:documentation>This attribute is optional and specifies the expected type for the value of the specified property.</xs:documentation>
+					</xs:annotation>
+				</xs:attribute>
+			</xs:restriction>
+		</xs:simpleContent>
+	</xs:complexType>
+	<xs:complexType name="TaskTriggerType">
+		<xs:annotation>
+			<xs:documentation>The TaskTriggerType type specifies Windows Task trigger types via a union of the TriggerTypeEnum enumeration and the atomic xs:string type. Its base type is the CybOX Core BaseObjectPropertyType, for permitting complex (i.e. regular-expression based) specifications.</xs:documentation>
+		</xs:annotation>
+		<xs:simpleContent>
+			<xs:restriction base="cyboxCommon:BaseObjectPropertyType">
+				<xs:simpleType>
+					<xs:union memberTypes="WinTaskObj:TriggerTypeEnum xs:string"/>
+				</xs:simpleType>
+				<xs:attribute name="datatype" type="cyboxCommon:DatatypeEnum" fixed="string">
+					<xs:annotation>
+						<xs:documentation>This attribute is optional and specifies the expected type for the value of the specified property.</xs:documentation>
+					</xs:annotation>
+				</xs:attribute>
+			</xs:restriction>
+		</xs:simpleContent>
+	</xs:complexType>
+	<xs:complexType name="TaskStatusType">
+		<xs:annotation>
+			<xs:documentation>The TaskStatusType type specifies Windows Task states via a union of the TaskStatusEnum type and the atomic xs:string type. Its base type is the CybOX Core BaseObjectPropertyType, for permitting complex (i.e. regular-expression based) specifications.</xs:documentation>
+		</xs:annotation>
+		<xs:simpleContent>
+			<xs:restriction base="cyboxCommon:BaseObjectPropertyType">
+				<xs:simpleType>
+					<xs:union memberTypes="WinTaskObj:TaskStatusEnum xs:string"/>
+				</xs:simpleType>
+				<xs:attribute name="datatype" type="cyboxCommon:DatatypeEnum" fixed="string">
+					<xs:annotation>
+						<xs:documentation>This attribute is optional and specifies the expected type for the value of the specified property.</xs:documentation>
+					</xs:annotation>
+				</xs:attribute>
+			</xs:restriction>
+		</xs:simpleContent>
+	</xs:complexType>
+	<xs:simpleType name="TaskActionTypeEnum">
+		<xs:annotation>
+			<xs:documentation>An enumeration of action types. See also: http://msdn.microsoft.com/en-us/library/windows/desktop/aa380596(v=vs.85).aspx</xs:documentation>
+		</xs:annotation>
+		<xs:restriction base="xs:string">
+			<xs:whiteSpace value="preserve"/>
+			<xs:enumeration value="TASK_ACTION_EXEC">
+				<xs:annotation>
+					<xs:documentation>This action performs a command-line operation. For example, the action could run a script, launch an executable, or, if the name of a document is provided, find its associated application and launch the application with the document.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="TASK_ACTION_COM_HANDLER">
+				<xs:annotation>
+					<xs:documentation>This action fires a handler.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="TASK_ACTION_SEND_EMAIL">
+				<xs:annotation>
+					<xs:documentation>This action sends an e-mail.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="TASK_ACTION_SHOW_MESSAGE">
+				<xs:annotation>
+					<xs:documentation>This action shows a message box.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+		</xs:restriction>
+	</xs:simpleType>
+	<xs:simpleType name="TaskFlagEnum">
+		<xs:annotation>
+			<xs:documentation>The TaskFlagEnum enumeration specifies the run flags for a task scheduler task. See also: http://msdn.microsoft.com/en-us/library/windows/desktop/aa381283(v=vs.85).aspx See Also: http://msdn.microsoft.com/en-us/library/microsoft.office.excel.server.addins.computecluster.taskscheduler.taskflags(v=office.12).aspx</xs:documentation>
+		</xs:annotation>
+		<xs:list>
+			<xs:simpleType>
+				<xs:restriction base="xs:string">
+					<xs:enumeration value="TASK_FLAG_ZERO"/>
+					<xs:enumeration value="TASK_FLAG_INTERACTIVE">
+						<xs:annotation>
+							<xs:documentation>This flag is used when converting Windows NT AT service jobs into work items. The Windows NT AT service job refers to At.exe, the Windows NT command-line utility used for creating jobs for the Windows NT Schedule service. The Task Scheduler service replaces the Schedule service and is backwards compatible with it. The conversion occurs when the Task Scheduler is installed on Windows NT/Windows 2000— for example, if you install Internet Explorer 4.0, or upgrade to Windows 2000. During the setup process, the Task Scheduler installation code searches the registry for jobs created for the AT service and creates work items that will accomplish the same operation. For such converted jobs, the interactive flag is set if the work item is intended to be displayed to the user. When this flag is not set, no work items are displayed in the Tasks folder, and no user interface associated with the work item is presented to the user when the work item is executed.</xs:documentation>
+						</xs:annotation>
+					</xs:enumeration>
+					<xs:enumeration value="TASK_FLAG_DELETE_WHEN_DONE">
+						<xs:annotation>
+							<xs:documentation>The work item will be deleted when there are no more scheduled run times.</xs:documentation>
+						</xs:annotation>
+					</xs:enumeration>
+					<xs:enumeration value="TASK_FLAG_DISABLED">
+						<xs:annotation>
+							<xs:documentation>The work item is disabled. This is useful to temporarily prevent a work item from running at the scheduled time(s).</xs:documentation>
+						</xs:annotation>
+					</xs:enumeration>
+					<xs:enumeration value="TASK_FLAG_HIDDEN">
+						<xs:annotation>
+							<xs:documentation>The work item created will be hidden.</xs:documentation>
+						</xs:annotation>
+					</xs:enumeration>
+					<xs:enumeration value="TASK_FLAG_RUN_ONLY_IF_LOGGED_ON">
+						<xs:annotation>
+							<xs:documentation>The work item runs only if the user specified in IScheduledWorkItem::SetAccountInformation is logged on interactively. This flag has no effect on the work items that are set to run in the local account.</xs:documentation>
+						</xs:annotation>
+					</xs:enumeration>
+					<xs:enumeration value="TASK_FLAG_START_ONLY_IF_IDLE">
+						<xs:annotation>
+							<xs:documentation>The work item begins only if the computer is not in use at the scheduled start time.</xs:documentation>
+						</xs:annotation>
+					</xs:enumeration>
+					<xs:enumeration value="TASK_FLAG_SYSTEM_REQUIRED">
+						<xs:annotation>
+							<xs:documentation>The work item causes the system to be resumed, or awakened, if the system is running on battery power. This flag is supported only on systems that support resume timers.</xs:documentation>
+						</xs:annotation>
+					</xs:enumeration>
+					<xs:enumeration value="TASK_FLAG_KILL_ON_IDLE_END">
+						<xs:annotation>
+							<xs:documentation>The work item terminates if the computer makes an idle to non-idle transition while the work item is running. The computer is not considered idle until the IdleWait triggers' time elapses with no user input. For information regarding idle triggers, see Idle Trigger.</xs:documentation>
+						</xs:annotation>
+					</xs:enumeration>
+					<xs:enumeration value="TASK_FLAG_RESTART_ON_IDLE_RESUME">
+						<xs:annotation>
+							<xs:documentation>The work item starts again if the computer makes a non-idle to idle transition before all the work item's task_triggers elapse. (Use this flag in conjunction with TASK_FLAG_KILL_ON_IDLE_END.)</xs:documentation>
+						</xs:annotation>
+					</xs:enumeration>
+					<xs:enumeration value="TASK_FLAG_DONT_START_IF_ON_BATTERIES">
+						<xs:annotation>
+							<xs:documentation>The work item does not start if its target computer is running on battery power.</xs:documentation>
+						</xs:annotation>
+					</xs:enumeration>
+					<xs:enumeration value="TASK_FLAG_KILL_IF_GOING_ON_BATTERIES">
+						<xs:annotation>
+							<xs:documentation>The work item ends, and the associated application quits if the work item's target computer switches to battery power.</xs:documentation>
+						</xs:annotation>
+					</xs:enumeration>
+					<xs:enumeration value="TASK_FLAG_RUN_IF_CONNECTED_TO_INTERNET">
+						<xs:annotation>
+							<xs:documentation>The work item runs only if there is currently a valid Internet connection.</xs:documentation>
+						</xs:annotation>
+					</xs:enumeration>
+				</xs:restriction>
+			</xs:simpleType>
+		</xs:list>
+	</xs:simpleType>
+	<xs:simpleType name="TaskPriorityEnum">
+		<xs:annotation>
+			<xs:documentation>The TaskPriorityEnum enumeration specifies the priority levels of task scheduler tasks. See also: http://msdn.microsoft.com/en-us/library/windows/desktop/aa383512(v=vs.85).aspx</xs:documentation>
+		</xs:annotation>
+		<xs:restriction base="xs:string">
+			<xs:enumeration value="HIGH_PRIORITY_CLASS">
+				<xs:annotation>
+					<xs:documentation>A priority class of high (1)</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="NORMAL_PRIORITY_CLASS">
+				<xs:annotation>
+					<xs:documentation>A priority class of normal (4-6)</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="IDLE_PRIORITY_CLASS">
+				<xs:annotation>
+					<xs:documentation>A priority class of idle (9-10)</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="REALTIME_PRIORITY_CLASS">
+				<xs:annotation>
+					<xs:documentation>A priority class of realtime (0)</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="ABOVE_NORMAL_PRIORITY_CLASS">
+				<xs:annotation>
+					<xs:documentation>A priority class of above normal (2-3)</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="BELOW_NORMAL_PRIORITY_CLASS">
+				<xs:annotation>
+					<xs:documentation>A priority class of below normal (7-8)</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+		</xs:restriction>
+	</xs:simpleType>
+	<xs:simpleType name="TriggerFrequencyEnum">
+		<xs:annotation>
+			<xs:documentation>The TriggerFrequencyEnum enumeration defines the frequency types that a trigger may use. See also: http://msdn.microsoft.com/en-us/library/windows/desktop/aa383620(v=vs.85).aspx and http://msdn.microsoft.com/en-us/library/windows/desktop/aa383987(v=vs.85).aspx</xs:documentation>
+		</xs:annotation>
+		<xs:restriction base="xs:string">
+			<xs:enumeration value="TASK_TIME_TRIGGER_ONCE">
+				<xs:annotation>
+					<xs:documentation>Trigger is set to run the task a single time.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="TASK_EVENT_TRIGGER_ON_IDLE">
+				<xs:annotation>
+					<xs:documentation>Trigger is set to run the task if the system remains idle for the amount of time specified by the idle wait time of the task.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="TASK_EVENT_TRIGGER_AT_SYSTEMSTART">
+				<xs:annotation>
+					<xs:documentation>Trigger is set to run the task at system startup.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="TASK_EVENT_TRIGGER_AT_LOGON">
+				<xs:annotation>
+					<xs:documentation>Trigger is set to run the task when a user logs on.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="TASK_TIME_TRIGGER_DAILY">
+				<xs:annotation>
+					<xs:documentation>Trigger is set to run the task on a daily interval.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="TASK_TIME_TRIGGER_WEEKLY">
+				<xs:annotation>
+					<xs:documentation>Trigger is set to run the work item on specific days of a specific week of a specific month.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="TASK_TIME_TRIGGER_MONTHLYDATE">
+				<xs:annotation>
+					<xs:documentation>Trigger is set to run the task on a specific day(s) of the month.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="TASK_TIME_TRIGGER_MONTHLYDOW">
+				<xs:annotation>
+					<xs:documentation>Trigger is set to run the task on specific days, weeks, and months.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+		</xs:restriction>
+	</xs:simpleType>
+	<xs:simpleType name="TriggerTypeEnum">
+		<xs:annotation>
+			<xs:documentation>The TriggerFrequencyEnum enumeration defines the types of triggers associated with a task. </xs:documentation>
+		</xs:annotation>
+		<xs:restriction base="xs:string">
+			<xs:enumeration value="TASK_TRIGGER_EVENT">
+				<xs:annotation>
+					<xs:documentation>Triggers the task when a specific system event occurs.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="TASK_TRIGGER_TIME">
+				<xs:annotation>
+					<xs:documentation>Triggers the task at a specific date and time.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="TASK_TRIGGER_IDLE">
+				<xs:annotation>
+					<xs:documentation>Triggers the task when the computer enters an idle state.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="TASK_TRIGGER_REGISTRATION">
+				<xs:annotation>
+					<xs:documentation>Triggers the task when the task is registered or updated.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="TASK_TRIGGER_BOOT">
+				<xs:annotation>
+					<xs:documentation>Triggers the task when the system is booted.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="TASK_TRIGGER_LOGON">
+				<xs:annotation>
+					<xs:documentation>Triggers the task when a user logs on.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="TASK_TRIGGER_SESSION_STATE_CHANGE">
+				<xs:annotation>
+					<xs:documentation>Triggers the task when a Terminal Server session changes state.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+		</xs:restriction>
+	</xs:simpleType>
+	<xs:simpleType name="TaskStatusEnum">
+		<xs:annotation>
+			<xs:documentation>The TaskStatusEnum enumeration specifies the possible statuses of a scheduled task. See also: http://msdn.microsoft.com/en-us/library/windows/desktop/aa383604(v=vs.85).aspx See also: http://msdn.microsoft.com/en-us/library/windows/desktop/aa381263(v=vs.85).aspx See also: http://msdn.microsoft.com/en-us/library/windows/desktop/aa381833(v=vs.85).aspx See also: http://msdn.microsoft.com/en-us/library/windows/desktop/aa383617(v=vs.85).aspx</xs:documentation>
+		</xs:annotation>
+		<xs:restriction base="xs:string">
+			<xs:enumeration value="SCHED_S_TASK_READY">
+				<xs:annotation>
+					<xs:documentation>The task is ready to run at its next scheduled time.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="SCHED_S_TASK_RUNNING">
+				<xs:annotation>
+					<xs:documentation>The task is currently running.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="SCHED_S_TASK_NOT_SCHEDULED">
+				<xs:annotation>
+					<xs:documentation>One or more of the properties that are needed to run this task on a schedule have not been set.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="SCHED_E_SERVICE_NOT_RUNNING">
+				<xs:annotation>
+					<xs:documentation>The Task Scheduler service is not running.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="SCHED_E_UNSUPPORTED_ACCOUNT_OPTION">
+				<xs:annotation>
+					<xs:documentation>The task has been configured with an unsupported combination of account settings and run time options.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="SCHED_E_UNKNOWN_OBJECT_VERSION">
+				<xs:annotation>
+					<xs:documentation>The task object version is either unsupported or invalid.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="SCHED_E_NO_SECURITY_SERVICES">
+				<xs:annotation>
+					<xs:documentation>Task Scheduler security services are available only on Windows NT.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="SCHED_E_ACCOUNT_DBASE_CORRUPT">
+				<xs:annotation>
+					<xs:documentation>Corruption was detected in the Task Scheduler security database; the database has been reset.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="SCHED_E_ACCOUNT_NAME_NOT_FOUND">
+				<xs:annotation>
+					<xs:documentation>Unable to establish existence of the account specified.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="SCHED_E_ACCOUNT_INFORMATION_NOT_SET">
+				<xs:annotation>
+					<xs:documentation>No account information could be found in the Task Scheduler security database for the task indicated.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="SCHED_E_INVALID_TASK">
+				<xs:annotation>
+					<xs:documentation>The object is either an invalid task object or is not a task object.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="SCHED_E_CANNOT_OPEN_TASK">
+				<xs:annotation>
+					<xs:documentation>The task object could not be opened.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="SCHED_E_SERVICE_NOT_INSTALLED">
+				<xs:annotation>
+					<xs:documentation>The Task Scheduler service is not installed on this computer.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="SCHED_E_TASK_NOT_RUNNING">
+				<xs:annotation>
+					<xs:documentation>There is no running instance of the task.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="SCHED_E_TASK_NOT_READY">
+				<xs:annotation>
+					<xs:documentation>One or more of the properties required to run this task have not been set.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="SCHED_E_TRIGGER_NOT_FOUND">
+				<xs:annotation>
+					<xs:documentation>A task's trigger is not found.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="SCHED_S_EVENT_TRIGGER">
+				<xs:annotation>
+					<xs:documentation>Event triggers do not have set run times.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="SCHED_S_TASK_NO_VALID_TRIGGERS">
+				<xs:annotation>
+					<xs:documentation>Either the task has no triggers or the existing triggers are disabled or not set.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="SCHED_S_TASK_TERMINATED">
+				<xs:annotation>
+					<xs:documentation>The last run of the task was terminated by the user.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="SCHED_S_TASK_NO_MORE_RUNS">
+				<xs:annotation>
+					<xs:documentation>There are no more runs scheduled for this task.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="SCHED_S_TASK_HAS_NOT_RUN">
+				<xs:annotation>
+					<xs:documentation>The task has not been run. This value is returned whenever the task has not been run, even if the task is ready to be run at the next scheduled time or the task is a recurring task.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="SCHED_S_TASK_DISABLED">
+				<xs:annotation>
+					<xs:documentation>The task will not run at the scheduled times because it has been disabled.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="TASK_STATE_UNKNOWN">
+				<xs:annotation>
+					<xs:documentation>The state of the task is unknown.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="TASK_STATE_QUEUED">
+				<xs:annotation>
+					<xs:documentation>Instances of the task are queued.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+		</xs:restriction>
+	</xs:simpleType>
+</xs:schema>
\ No newline at end of file
diff --git a/stix_validator/schema/cybox/objects/Win_Thread_Object.xsd b/stix_validator/schema/cybox/objects/Win_Thread_Object.xsd
new file mode 100755
index 0000000..880ba5d
--- /dev/null
+++ b/stix_validator/schema/cybox/objects/Win_Thread_Object.xsd
@@ -0,0 +1,146 @@
+<?xml version="1.0" encoding="utf-8"?>
+<xs:schema xmlns:xs="http://www.w3.org/2001/XMLSchema" xmlns:WinThreadObj="http://cybox.mitre.org/objects#WinThreadObject-2" xmlns:cyboxCommon="http://cybox.mitre.org/common-2" xmlns:WinHandleObj="http://cybox.mitre.org/objects#WinHandleObject-2" targetNamespace="http://cybox.mitre.org/objects#WinThreadObject-2" elementFormDefault="qualified" attributeFormDefault="unqualified" version="2.0">
+	<xs:annotation>
+		<xs:documentation>This schema was originally developed by The MITRE Corporation. The CybOX XML Schema implementation is maintained by The MITRE Corporation and developed by the open CybOX Community. For more information, including how to get involved in the effort and how to submit change requests, please visit the CybOX website at http://cybox.mitre.org. </xs:documentation>
+		<xs:appinfo>
+			<schema>Win_Thread_Object</schema>
+			<version>2.0</version>
+			<date>02/11/2013 9:00:00 AM</date>
+			<short_description>The following specifies the fields and types that compose this defined CybOX Object type. Each defined object is an extension of the abstract ObjectPropertiesType, defined in CybOX Common. For more information on this extension mechanism, please see the CybOX Specification. This document is intended for developers and assumes some familiarity with XML. </short_description>
+			<terms_of_use>Copyright (c) 2012-2013, The MITRE Corporation. All rights reserved. The contents of this file are subject to the terms of the CybOX License located at http://cybox.mitre.org/about/termsofuse.html. See the CybOX License for the specific language governing permissions and limitations for use of this schema. When distributing copies of the CybOX Schema, this license header must be included. </terms_of_use>
+		</xs:appinfo>
+	</xs:annotation>
+	<xs:import namespace="http://cybox.mitre.org/common-2" schemaLocation="../cybox_common.xsd"/>
+	<xs:import namespace="http://cybox.mitre.org/objects#WinHandleObject-2" schemaLocation="Win_Handle_Object.xsd"/>
+	<xs:element name="Windows_Thread" type="WinThreadObj:WindowsThreadObjectType" nillable="true">
+		<xs:annotation>
+			<xs:documentation>The Windows_Threat object is intended to characterize Windows process threads. See also: http://msdn.microsoft.com/en-us/library/windows/desktop/ms684852(v=vs.85).aspx</xs:documentation>
+		</xs:annotation>
+	</xs:element>
+	<xs:complexType name="WindowsThreadObjectType" mixed="false">
+		<xs:annotation>
+			<xs:documentation>The Windows_ThreadObjectType is intended to characterize Windows process threads. See also: http://msdn.microsoft.com/en-us/library/windows/desktop/ms684852(v=vs.85).aspx</xs:documentation>
+		</xs:annotation>
+		<xs:complexContent>
+			<xs:extension base="cyboxCommon:ObjectPropertiesType">
+				<xs:sequence>
+					<xs:element name="Thread_ID" type="cyboxCommon:NonNegativeIntegerObjectPropertyType" minOccurs="0">
+						<xs:annotation>
+							<xs:documentation>Represents the identifier of this thread. See also: http://msdn.microsoft.com/en-us/library/windows/desktop/ms683183(v=vs.85).aspx</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+					<xs:element name="Handle" type="WinHandleObj:WindowsHandleObjectType" minOccurs="0">
+						<xs:annotation>
+							<xs:documentation>Handle represents the handle of a specific thread. See also: http://msdn.microsoft.com/en-us/library/windows/desktop/ms682453(v=vs.85).aspx</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+					<xs:element name="Running_Status" type="WinThreadObj:ThreadRunningStatusType" minOccurs="0">
+						<xs:annotation>
+							<xs:documentation>Running Status represents the running state that the thread is in.</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+					<xs:element name="Context" type="cyboxCommon:StringObjectPropertyType" minOccurs="0">
+						<xs:annotation>
+							<xs:documentation>The Context field specifies the thread context structure, which contains processor-specific register data.</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+					<xs:element name="Priority" type="cyboxCommon:UnsignedIntegerObjectPropertyType" minOccurs="0">
+						<xs:annotation>
+							<xs:documentation>Represents the priority of the thread. See also: http://msdn.microsoft.com/en-us/library/windows/desktop/ms685100(v=vs.85).aspx</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+					<xs:element name="Creation_Flags" type="cyboxCommon:HexBinaryObjectPropertyType" minOccurs="0">
+						<xs:annotation>
+							<xs:documentation>The Creation flags field represents the creation flags that a thread may be launched with. See also: http://msdn.microsoft.com/en-us/library/windows/desktop/ms684863(v=vs.85).aspx</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+					<xs:element name="Creation_Time" type="cyboxCommon:DateTimeObjectPropertyType" minOccurs="0">
+						<xs:annotation>
+							<xs:documentation>Creation time represents the creation time of the thread.</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+					<xs:element name="Start_Address" type="cyboxCommon:HexBinaryObjectPropertyType" minOccurs="0">
+						<xs:annotation>
+							<xs:documentation>Start address represents the start address of this thread, representing the memory address where this thread should start. See Also: http://msdn.microsoft.com/en-us/library/windows/desktop/ms682453(v=vs.85).aspx</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+					<xs:element name="Parameter_Address" type="cyboxCommon:HexBinaryObjectPropertyType" minOccurs="0"/>
+					<xs:element name="Security_Attributes" type="cyboxCommon:StringObjectPropertyType" minOccurs="0">
+						<xs:annotation>
+							<xs:documentation>Security attributes represents the security attributes for the thread. See also: http://msdn.microsoft.com/en-us/library/windows/desktop/aa379560(v=vs.85).aspx</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+					<xs:element name="Stack_Size" type="cyboxCommon:NonNegativeIntegerObjectPropertyType" minOccurs="0">
+						<xs:annotation>
+							<xs:documentation>Represents the stack size of the thread. See also: http://msdn.microsoft.com/en-us/library/windows/desktop/ms686774(v=vs.85).aspx</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+				</xs:sequence>
+			</xs:extension>
+		</xs:complexContent>
+	</xs:complexType>
+	<xs:complexType name="ThreadRunningStatusType">
+		<xs:annotation>
+			<xs:documentation>ThreadRunningStatusType specifies Windows thread running states via a union of the ThreadRunningStatusEnum type and the atomic xs:string type. Its base type is the CybOX Core BaseObjectPropertyType, for permitting complex (i.e. regular-expression based) specifications.</xs:documentation>
+		</xs:annotation>
+		<xs:simpleContent>
+			<xs:restriction base="cyboxCommon:BaseObjectPropertyType">
+				<xs:simpleType>
+					<xs:union memberTypes="WinThreadObj:ThreadRunningStatusEnum xs:string"/>
+				</xs:simpleType>
+				<xs:attribute name="datatype" type="cyboxCommon:DatatypeEnum" fixed="string">
+					<xs:annotation>
+						<xs:documentation>This attribute is optional and specifies the expected type for the value of the specified property.</xs:documentation>
+					</xs:annotation>
+				</xs:attribute>
+			</xs:restriction>
+		</xs:simpleContent>
+	</xs:complexType>
+	<xs:simpleType name="ThreadRunningStatusEnum">
+		<xs:annotation>
+			<xs:documentation>Thread running status enumerates the various states that a thread may be in before, during, or after execution. See http://msdn.microsoft.com/en-us/library/system.diagnostics.threadstate(v=vs.110).aspx</xs:documentation>
+		</xs:annotation>
+		<xs:restriction base="xs:string">
+			<xs:enumeration value="Initialized">
+				<xs:annotation>
+					<xs:documentation>A state that indicates the thread has been initialized, but has not yet started.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Ready">
+				<xs:annotation>
+					<xs:documentation>A state that indicates the thread is waiting to use a processor because no processor is free. The thread is preapared to run on the next available processor.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Running">
+				<xs:annotation>
+					<xs:documentation>A state that indicates the thread is currently using a prcoessor.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Standby">
+				<xs:annotation>
+					<xs:documentation>A state that indicates the thread is about to use a processor. Only one thread can be in this state at a time.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Terminated">
+				<xs:annotation>
+					<xs:documentation>A state that indicates the thread has finished executing and has exited.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Waiting">
+				<xs:annotation>
+					<xs:documentation>A state that indicates the thread is not ready to use the processor because it is waiting for a peripheral operation to complete or a resource to become free. When the thread is ready, it will be rescheduled.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Transition">
+				<xs:annotation>
+					<xs:documentation>A state that indicates the thread is waiting for a resource, other than the processor, before it can execute.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Unknown">
+				<xs:annotation>
+					<xs:documentation>The thread of the thread is unknown.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+		</xs:restriction>
+	</xs:simpleType>
+</xs:schema>
\ No newline at end of file
diff --git a/stix_validator/schema/cybox/objects/Win_User_Account_Object.xsd b/stix_validator/schema/cybox/objects/Win_User_Account_Object.xsd
new file mode 100755
index 0000000..0b64165
--- /dev/null
+++ b/stix_validator/schema/cybox/objects/Win_User_Account_Object.xsd
@@ -0,0 +1,73 @@
+<?xml version="1.0" encoding="utf-8"?>
+<xs:schema xmlns:xs="http://www.w3.org/2001/XMLSchema" xmlns:WinUserAccountObj="http://cybox.mitre.org/objects#WinUserAccountObject-2" xmlns:cyboxCommon="http://cybox.mitre.org/common-2" xmlns:UserAccountObj="http://cybox.mitre.org/objects#UserAccountObject-2" targetNamespace="http://cybox.mitre.org/objects#WinUserAccountObject-2" elementFormDefault="qualified" attributeFormDefault="unqualified" version="2.0">
+	<xs:annotation>
+		<xs:documentation>This schema was originally developed by The MITRE Corporation. The CybOX XML Schema implementation is maintained by The MITRE Corporation and developed by the open CybOX Community. For more information, including how to get involved in the effort and how to submit change requests, please visit the CybOX website at http://cybox.mitre.org. </xs:documentation>
+		<xs:appinfo>
+			<schema>Win_User_Account_Object</schema>
+			<version>2.0</version>
+			<date>02/11/2013 9:00:00 AM</date>
+			<short_description>The following specifies the fields and types that compose this defined CybOX Object type. Each defined object is an extension of the abstract ObjectPropertiesType, defined in CybOX Common. For more information on this extension mechanism, please see the CybOX Specification. This document is intended for developers and assumes some familiarity with XML. </short_description>
+			<terms_of_use>Copyright (c) 2012-2013, The MITRE Corporation. All rights reserved. The contents of this file are subject to the terms of the CybOX License located at http://cybox.mitre.org/about/termsofuse.html. See the CybOX License for the specific language governing permissions and limitations for use of this schema. When distributing copies of the CybOX Schema, this license header must be included. </terms_of_use>
+		</xs:appinfo>
+	</xs:annotation>
+	<xs:import namespace="http://cybox.mitre.org/common-2" schemaLocation="../cybox_common.xsd"/>
+	<xs:import namespace="http://cybox.mitre.org/objects#UserAccountObject-2" schemaLocation="User_Account_Object.xsd"/>
+	<xs:element name="Windows_User_Account" type="WinUserAccountObj:WindowsUserAccountObjectType" nillable="true">
+		<xs:annotation>
+			<xs:documentation>Windows_User_Account object is intended to characterize Windows user accounts.</xs:documentation>
+		</xs:annotation>
+	</xs:element>
+	<xs:complexType name="WindowsUserAccountObjectType" mixed="false">
+		<xs:annotation>
+			<xs:documentation>The WinUserAccountObjectType type is intended to characterize Windows user accounts.</xs:documentation>
+		</xs:annotation>
+		<xs:complexContent>
+			<xs:extension base="UserAccountObj:UserAccountObjectType">
+				<xs:sequence>
+					<xs:element name="Security_ID" type="cyboxCommon:StringObjectPropertyType" minOccurs="0" maxOccurs="1">
+						<xs:annotation>
+							<xs:documentation>Security ID represents the Security ID (SID) of a windows user.</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+					<xs:element name="Security_Type" type="cyboxCommon:SIDType" nillable="true" minOccurs="0" maxOccurs="1">
+						<xs:annotation>
+							<xs:documentation>Security Type represents the type of the Security ID (SID).</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+				</xs:sequence>
+			</xs:extension>
+		</xs:complexContent>
+	</xs:complexType>
+	<xs:complexType name="WindowsGroupType">
+		<xs:annotation>
+			<xs:documentation>Windows Group represents a single windows group.</xs:documentation>
+		</xs:annotation>
+		<xs:complexContent>
+			<xs:extension base="UserAccountObj:GroupType">
+				<xs:sequence>
+					<xs:element name="Name" type="cyboxCommon:StringObjectPropertyType">
+						<xs:annotation>
+							<xs:documentation>Identifies the name of the windows group.</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+				</xs:sequence>
+			</xs:extension>
+		</xs:complexContent>
+	</xs:complexType>
+	<xs:complexType name="WindowsPrivilegeType">
+		<xs:annotation>
+			<xs:documentation>Windows Privilege represents a single privilege that a user may have within Windows.</xs:documentation>
+		</xs:annotation>
+		<xs:complexContent>
+			<xs:extension base="UserAccountObj:PrivilegeType">
+				<xs:sequence>
+					<xs:element name="User_Right" type="cyboxCommon:StringObjectPropertyType">
+						<xs:annotation>
+							<xs:documentation>User Right represents one right that a user may have.</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+				</xs:sequence>
+			</xs:extension>
+		</xs:complexContent>
+	</xs:complexType>
+</xs:schema>
\ No newline at end of file
diff --git a/stix_validator/schema/cybox/objects/Win_Volume_Object.xsd b/stix_validator/schema/cybox/objects/Win_Volume_Object.xsd
new file mode 100755
index 0000000..496ce0d
--- /dev/null
+++ b/stix_validator/schema/cybox/objects/Win_Volume_Object.xsd
@@ -0,0 +1,161 @@
+<?xml version="1.0" encoding="utf-8"?>
+<xs:schema xmlns:xs="http://www.w3.org/2001/XMLSchema" xmlns:WinVolumeObj="http://cybox.mitre.org/objects#WinVolumeObject-2" xmlns:cyboxCommon="http://cybox.mitre.org/common-2" xmlns:VolumeObj="http://cybox.mitre.org/objects#VolumeObject-2" targetNamespace="http://cybox.mitre.org/objects#WinVolumeObject-2" elementFormDefault="qualified" attributeFormDefault="unqualified" version="2.0">
+	<xs:annotation>
+		<xs:documentation>This schema was originally developed by The MITRE Corporation. The CybOX XML Schema implementation is maintained by The MITRE Corporation and developed by the open CybOX Community. For more information, including how to get involved in the effort and how to submit change requests, please visit the CybOX website at http://cybox.mitre.org. </xs:documentation>
+		<xs:appinfo>
+			<schema>Win_Volume_Object</schema>
+			<version>2.0</version>
+			<date>02/11/2013 9:00:00 AM</date>
+			<short_description>The following specifies the fields and types that compose this defined CybOX Object type. Each defined object is an extension of the abstract ObjectPropertiesType, defined in CybOX Common. For more information on this extension mechanism, please see the CybOX Specification. This document is intended for developers and assumes some familiarity with XML. </short_description>
+			<terms_of_use>Copyright (c) 2012-2013, The MITRE Corporation. All rights reserved. The contents of this file are subject to the terms of the CybOX License located at http://cybox.mitre.org/about/termsofuse.html. See the CybOX License for the specific language governing permissions and limitations for use of this schema. When distributing copies of the CybOX Schema, this license header must be included. </terms_of_use>
+		</xs:appinfo>
+	</xs:annotation>
+	<xs:import namespace="http://cybox.mitre.org/objects#VolumeObject-2" schemaLocation="Volume_Object.xsd"/>
+	<xs:import namespace="http://cybox.mitre.org/common-2" schemaLocation="../cybox_common.xsd"/>
+	<xs:element name="Windows_Volume" type="WinVolumeObj:WindowsVolumeObjectType">
+		<xs:annotation>
+			<xs:documentation>Windows_Volume object is intended to characterize Windows disk volumes. This object is roughly based on the Windows Volume Object: http://msdn.microsoft.com/en-us/library/windows/desktop/aa383970(v=vs.85).aspx. </xs:documentation>
+		</xs:annotation>
+	</xs:element>
+	<xs:complexType name="WindowsVolumeObjectType" mixed="false">
+		<xs:annotation>
+			<xs:documentation>The WindowsVolumeObjectType type is intended to characterize Windows disk volumes.</xs:documentation>
+		</xs:annotation>
+		<xs:complexContent>
+			<xs:extension base="VolumeObj:VolumeObjectType">
+				<xs:sequence>
+					<xs:element minOccurs="0" name="Attributes_List" type="WinVolumeObj:WindowsVolumeAttributesListType">
+						<xs:annotation>
+							<xs:documentation>Represents the attributes of this windows volume object.</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+					<xs:element name="Drive_Letter" type="cyboxCommon:StringObjectPropertyType" minOccurs="0" maxOccurs="1">
+						<xs:annotation>
+							<xs:documentation>Represents the drive letter of this windows volume object.</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+					<xs:element maxOccurs="1" minOccurs="0" name="Drive_Type" type="WinVolumeObj:WindowsDriveType">
+						<xs:annotation>
+							<xs:documentation>Represents the drive type of this windows volume object.</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+				</xs:sequence>
+			</xs:extension>
+		</xs:complexContent>
+	</xs:complexType>
+	<xs:complexType name="WindowsVolumeAttributesListType">
+		<xs:annotation>
+			<xs:documentation>A list of attributes describing this windows volume.</xs:documentation>
+		</xs:annotation>
+		<xs:sequence>
+			<xs:element maxOccurs="4" name="Attribute" type="WinVolumeObj:WindowsVolumeAttributeType">
+				<xs:annotation>
+					<xs:documentation>Each attribute field represents a single attribute in the windows volume attribute list.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+		</xs:sequence>
+	</xs:complexType>
+	<xs:complexType name="WindowsDriveType">
+		<xs:annotation>
+			<xs:documentation>WindowsDriveType specifies Windows drive types via a union of the WindowsDriveTypeEnum type and the atomic xs:string type. Its base type is the CybOX Core BaseObjectPropertyType, for permitting complex (i.e. regular-expression based) specifications.</xs:documentation>
+		</xs:annotation>
+		<xs:simpleContent>
+			<xs:restriction base="cyboxCommon:BaseObjectPropertyType">
+				<xs:simpleType>
+					<xs:union memberTypes="WinVolumeObj:WindowsDriveTypeEnum xs:string"/>
+				</xs:simpleType>
+				<xs:attribute fixed="string" name="datatype" type="cyboxCommon:DatatypeEnum">
+					<xs:annotation>
+						<xs:documentation>This attribute is optional and specifies the expected type for the value of the specified property.</xs:documentation>
+					</xs:annotation>
+				</xs:attribute>
+			</xs:restriction>
+		</xs:simpleContent>
+	</xs:complexType>
+	<xs:complexType name="WindowsVolumeAttributeType">
+		<xs:annotation>
+			<xs:documentation>WindowsVolumeAttributeType specifies Windows volume attributes via a union of the WindowsVolumeAttributeEnum type and the atomic xs:string type. Its base type is the CybOX Core BaseObjectPropertyType, for permitting complex (i.e. regular-expression based) specifications.</xs:documentation>
+		</xs:annotation>
+		<xs:simpleContent>
+			<xs:restriction base="cyboxCommon:BaseObjectPropertyType">
+				<xs:simpleType>
+					<xs:union memberTypes="WinVolumeObj:WindowsVolumeAttributeEnum xs:string"/>
+				</xs:simpleType>
+				<xs:attribute fixed="string" name="datatype" type="cyboxCommon:DatatypeEnum">
+					<xs:annotation>
+						<xs:documentation>This attribute is optional and specifies the expected type for the value of the specified property.</xs:documentation>
+					</xs:annotation>
+				</xs:attribute>
+			</xs:restriction>
+		</xs:simpleContent>
+	</xs:complexType>
+	<xs:simpleType name="WindowsDriveTypeEnum">
+		<xs:annotation>
+			<xs:documentation>This enumeration contains possible drive types, as enumerated by the WINAPI GetDriveType function: http://msdn.microsoft.com/en-us/library/windows/desktop/aa364939(v=vs.85).aspx</xs:documentation>
+		</xs:annotation>
+		<xs:restriction base="xs:string">
+			<xs:enumeration value="DRIVE_UNKNOWN">
+				<xs:annotation>
+					<xs:documentation>The drive type cannot be determined.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="DRIVE_NO_ROOT_DIR">
+				<xs:annotation>
+					<xs:documentation>The root path is invalid; for example, there is no volume mounted at the specified path.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="DRIVE_REMOVABLE">
+				<xs:annotation>
+					<xs:documentation>The drive has removable media; for example, a floppy drive, thumb drive, or flash card reader.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="DRIVE_FIXED">
+				<xs:annotation>
+					<xs:documentation>The drive has fixed media; for example, a hard disk drive or flash drive.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="DRIVE_REMOTE">
+				<xs:annotation>
+					<xs:documentation>The drive is a remote (network) drive.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="DRIVE_CDROM">
+				<xs:annotation>
+					<xs:documentation>The drive is a CD-ROM drive.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="DRIVE_RAMDISK">
+				<xs:annotation>
+					<xs:documentation>The drive is a RAM disk.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+		</xs:restriction>
+	</xs:simpleType>
+	<xs:simpleType name="WindowsVolumeAttributeEnum">
+		<xs:annotation>
+			<xs:documentation>This enumeration is a list of attributes that may be returned by the diskpart attributes command: http://technet.microsoft.com/en-us/library/cc766465(v=ws.10).aspx</xs:documentation>
+		</xs:annotation>
+		<xs:restriction base="xs:string">
+			<xs:enumeration value="ReadOnly">
+				<xs:annotation>
+					<xs:documentation>Specifies that the volume is read-only.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Hidden">
+				<xs:annotation>
+					<xs:documentation>Specifies that the volume is hidden.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="NoDefaultDriveLetter">
+				<xs:annotation>
+					<xs:documentation>Specifies that the volume does not receive a drive letter by default.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="ShadowCopy">
+				<xs:annotation>
+					<xs:documentation>Specifies that the volume is a shadow copy volume.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+		</xs:restriction>
+	</xs:simpleType>
+</xs:schema>
\ No newline at end of file
diff --git a/stix_validator/schema/cybox/objects/Win_Waitable_Timer_Object.xsd b/stix_validator/schema/cybox/objects/Win_Waitable_Timer_Object.xsd
new file mode 100755
index 0000000..e4bc3f2
--- /dev/null
+++ b/stix_validator/schema/cybox/objects/Win_Waitable_Timer_Object.xsd
@@ -0,0 +1,90 @@
+<?xml version="1.0" encoding="utf-8"?>
+<xs:schema xmlns:xs="http://www.w3.org/2001/XMLSchema" xmlns:WinWaitableTimerObj="http://cybox.mitre.org/objects#WinWaitableTimerObject-2" xmlns:cyboxCommon="http://cybox.mitre.org/common-2" xmlns:WinHandleObj="http://cybox.mitre.org/objects#WinHandleObject-2" targetNamespace="http://cybox.mitre.org/objects#WinWaitableTimerObject-2" elementFormDefault="qualified" attributeFormDefault="unqualified" version="2.0">
+	<xs:annotation>
+		<xs:documentation>This schema was originally developed by The MITRE Corporation. The CybOX XML Schema implementation is maintained by The MITRE Corporation and developed by the open CybOX Community. For more information, including how to get involved in the effort and how to submit change requests, please visit the CybOX website at http://cybox.mitre.org. </xs:documentation>
+		<xs:appinfo>
+			<schema>Win_Waitable_Timer_Object</schema>
+			<version>2.0</version>
+			<date>02/11/2013 9:00:00 AM</date>
+			<short_description>The following specifies the fields and types that compose this defined CybOX Object type. Each defined object is an extension of the abstract ObjectPropertiesType, defined in CybOX Common. For more information on this extension mechanism, please see the CybOX Specification. This document is intended for developers and assumes some familiarity with XML. </short_description>
+			<terms_of_use>Copyright (c) 2012-2013, The MITRE Corporation. All rights reserved. The contents of this file are subject to the terms of the CybOX License located at http://cybox.mitre.org/about/termsofuse.html. See the CybOX License for the specific language governing permissions and limitations for use of this schema. When distributing copies of the CybOX Schema, this license header must be included. </terms_of_use>
+		</xs:appinfo>
+	</xs:annotation>
+	<xs:import namespace="http://cybox.mitre.org/common-2" schemaLocation="../cybox_common.xsd"/>
+	<xs:import namespace="http://cybox.mitre.org/objects#WinHandleObject-2" schemaLocation="Win_Handle_Object.xsd"/>
+	<xs:element name="Windows_Waitable_Timer" type="WinWaitableTimerObj:WindowsWaitableTimerObjectType" nillable="true">
+		<xs:annotation>
+			<xs:documentation>Windows_Waitable_Timer object is intended to characterize Windows waitable timer (synchronization) objects.</xs:documentation>
+		</xs:annotation>
+	</xs:element>
+	<xs:complexType name="WindowsWaitableTimerObjectType" mixed="false">
+		<xs:annotation>
+			<xs:documentation>The WindowsWaitableTimerObjectType is intended to characterize Windows waitable timer (synchronization) objects.</xs:documentation>
+		</xs:annotation>
+		<xs:complexContent mixed="false">
+			<xs:extension base="cyboxCommon:ObjectPropertiesType">
+				<xs:sequence>
+					<xs:element name="Handle" minOccurs="0" type="WinHandleObj:WindowsHandleObjectType">
+						<xs:annotation>
+							<xs:documentation>The Handle field specifies the handle to the Windows waitable timer object. It imports and uses the WindowsHandleObjectType type from the CybOX Windows Handle object.</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+					<xs:element name="Name" type="cyboxCommon:StringObjectPropertyType" minOccurs="0">
+						<xs:annotation>
+							<xs:documentation>The Name field specifies the name of the Windows waitable timer object.</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+					<xs:element minOccurs="0" name="Security_Attributes" type="cyboxCommon:StringObjectPropertyType">
+						<xs:annotation>
+							<xs:documentation>The Security_Attributes field specifies the security attributes for the Windows waitable timer object.</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+					<xs:element minOccurs="0" name="Type" type="WinWaitableTimerObj:WaitableTimerType">
+						<xs:annotation>
+							<xs:documentation>The Type property specifies the type of the windows waitable timer object.</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+				</xs:sequence>
+			</xs:extension>
+		</xs:complexContent>
+	</xs:complexType>
+	<xs:complexType name="WaitableTimerType">
+		<xs:annotation>
+			<xs:documentation>WaitableTimerType specifies Windows waitable timer types via a union of the WaitableTimerTypeEnum type and the atomic xs:string type. Its base type is the CybOX Core BaseObjectPropertyType, for permitting complex (i.e. regular-expression based) specifications.</xs:documentation>
+		</xs:annotation>
+		<xs:simpleContent>
+			<xs:restriction base="cyboxCommon:BaseObjectPropertyType">
+				<xs:simpleType>
+					<xs:union memberTypes="WinWaitableTimerObj:WaitableTimerTypeEnum xs:string"/>
+				</xs:simpleType>
+				<xs:attribute fixed="string" name="datatype" type="cyboxCommon:DatatypeEnum">
+					<xs:annotation>
+						<xs:documentation>This attribute is optional and specifies the expected type for the value of the specified property.</xs:documentation>
+					</xs:annotation>
+				</xs:attribute>
+			</xs:restriction>
+		</xs:simpleContent>
+	</xs:complexType>
+	<xs:simpleType name="WaitableTimerTypeEnum">
+		<xs:annotation>
+			<xs:documentation>The WaitableTimerTypeEnum type is an enumeration of Windows waitable timer types.</xs:documentation>
+		</xs:annotation>
+		<xs:restriction base="xs:string">
+			<xs:enumeration value="ManualReset">
+				<xs:annotation>
+					<xs:documentation>A timer whose state remains signaled until SetWaitableTimer is called to establish a new due time. See also: http://msdn.microsoft.com/en-us/library/windows/desktop/ms687012(v=vs.85).aspx</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Synchronization">
+				<xs:annotation>
+					<xs:documentation>A timer whose state remains signaled until a thread completes a wait operation on the timer object. See also: http://msdn.microsoft.com/en-us/library/windows/desktop/ms687012(v=vs.85).aspx</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Periodic">
+				<xs:annotation>
+					<xs:documentation>A timer that is reactivated each time the specified period expires, until the timer is reset or canceled. A periodic timer is either a periodic manual-reset timer or a periodic synchronization timer. See also: http://msdn.microsoft.com/en-us/library/windows/desktop/ms687012(v=vs.85).aspx</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+		</xs:restriction>
+	</xs:simpleType>
+</xs:schema>
\ No newline at end of file
diff --git a/stix_validator/schema/cybox/objects/X509_Certificate_Object.xsd b/stix_validator/schema/cybox/objects/X509_Certificate_Object.xsd
new file mode 100755
index 0000000..6600566
--- /dev/null
+++ b/stix_validator/schema/cybox/objects/X509_Certificate_Object.xsd
@@ -0,0 +1,270 @@
+<?xml version="1.0" encoding="utf-8"?>
+<xs:schema xmlns:xs="http://www.w3.org/2001/XMLSchema" xmlns:X509CertificateObj="http://cybox.mitre.org/objects#X509CertificateObject-2" xmlns:cyboxCommon="http://cybox.mitre.org/common-2" targetNamespace="http://cybox.mitre.org/objects#X509CertificateObject-2" elementFormDefault="qualified" attributeFormDefault="unqualified" version="2.0">
+	<xs:annotation>
+
+		<xs:documentation>This schema was originally developed by The MITRE Corporation. The CybOX XML Schema implementation is maintained by The MITRE Corporation and developed by the open CybOX Community. For more information, including how to get involved in the effort and how to submit change requests, please visit the CybOX website at http://cybox.mitre.org. </xs:documentation>
+		<xs:appinfo>
+			<schema>X509_Certificate_Object</schema>
+			<version>2.0</version>
+			<date>03/11/2013 9:00:00 AM</date>
+			<short_description>The following specifies the fields and types that compose this defined CybOX Object type. Each defined object is an extension of the abstract ObjectPropertiesType, defined in CybOX Common. For more information on this extension mechanism, please see the CybOX Specification. This document is intended for developers and assumes some familiarity with XML. </short_description>
+			<terms_of_use>Copyright (c) 2012-2013, The MITRE Corporation. All rights reserved. The contents of this file are subject to the terms of the CybOX License located at http://cybox.mitre.org/about/termsofuse.html. See the CybOX License for the specific language governing permissions and limitations for use of this schema. When distributing copies of the CybOX Schema, this license header must be included. </terms_of_use>
+		</xs:appinfo>
+	</xs:annotation>
+	<xs:import namespace="http://cybox.mitre.org/common-2" schemaLocation="../cybox_common.xsd"/>
+	<xs:element name="X509_Certificate" type="X509CertificateObj:X509CertificateObjectType">
+		<xs:annotation>
+			<xs:documentation>X509_Certificate object represents a public key certificate for use in a public key infrastructure.</xs:documentation>
+		</xs:annotation>
+	</xs:element>
+	<xs:complexType mixed="false" name="X509CertificateObjectType">
+		<xs:annotation>
+			<xs:documentation>The X509CertificateObjectType type is intended to characterize X.509 certificates.</xs:documentation>
+		</xs:annotation>
+		<xs:complexContent mixed="false">
+			<xs:extension base="cyboxCommon:ObjectPropertiesType">
+				<xs:sequence>
+					<xs:element minOccurs="0" name="Certificate" type="X509CertificateObj:X509CertificateType">
+						<xs:annotation>
+							<xs:documentation>Certificate represents the contents of an X.509 certificate, including items such as issuer, subject, and others.</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+					<xs:element minOccurs="0" name="Certificate_Signature" type="X509CertificateObj:X509CertificateSignatureType">
+						<xs:annotation>
+							<xs:documentation>Certificate Signature contains the signature and signature algorithm of this X.509 certificate.</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+				</xs:sequence>
+			</xs:extension>
+		</xs:complexContent>
+	</xs:complexType>
+	<xs:complexType name="X509CertificateType">
+		<xs:annotation>
+			<xs:documentation>The X509CertificateType type represents the contents of an X.509 certificate, including items such as issuer, subject, and others.</xs:documentation>
+		</xs:annotation>
+		<xs:sequence>
+			<xs:element minOccurs="0" name="Version" type="cyboxCommon:IntegerObjectPropertyType">
+				<xs:annotation>
+					<xs:documentation>Version describes the version of the encoded certificate.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element minOccurs="0" name="Serial_Number" type="cyboxCommon:StringObjectPropertyType">
+				<xs:annotation>
+					<xs:documentation>The serial number is a unique identifier for each X.509 certificate issued by a specific Certificate Authority.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element minOccurs="0" name="Signature_Algorithm" type="cyboxCommon:StringObjectPropertyType">
+				<xs:annotation>
+					<xs:documentation>The signature algorithm is the algorithm used to sign the X.509 certificate.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element minOccurs="0" name="Issuer" type="cyboxCommon:StringObjectPropertyType">
+				<xs:annotation>
+					<xs:documentation>The issuer is the Certificate Authority who issued the X.509 certificate.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element minOccurs="0" name="Validity" type="X509CertificateObj:ValidityType">
+				<xs:annotation>
+					<xs:documentation>Validity is the time interval during which the issuer warrants that it will maintain information about the status of the certificate.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element minOccurs="0" name="Subject" type="cyboxCommon:StringObjectPropertyType">
+				<xs:annotation>
+					<xs:documentation>The subject identifies the entity associated with the public key stored in the subject public key field of the X.509 certificate.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element minOccurs="0" name="Subject_Public_Key" type="X509CertificateObj:SubjectPublicKeyType">
+				<xs:annotation>
+					<xs:documentation>The Subject Public Key is used to carry the public key and identify the algorithm with which the key is used.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element minOccurs="0" name="Standard_Extensions" type="X509CertificateObj:X509V3ExtensionsType">
+				<xs:annotation>
+					<xs:documentation>The Standard_Extensions field captures standard X509 V3 extensions that may be specified in the certificate.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element minOccurs="0" name="Non_Standard_Extensions" type="X509CertificateObj:X509NonStandardExtensionsType">
+				<xs:annotation>
+					<xs:documentation>The Non_Standard_Extensions field captures non-standard X509 extensions that may be specified in the certificate.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+		</xs:sequence>
+	</xs:complexType>
+	<xs:complexType name="X509CertificateSignatureType">
+		<xs:annotation>
+			<xs:documentation>The X509CertificateSignatureType contains the signature and signature algorithm of this X.509 certificate.</xs:documentation>
+		</xs:annotation>
+		<xs:sequence>
+			<xs:element minOccurs="0" name="Signature_Algorithm" type="cyboxCommon:StringObjectPropertyType">
+				<xs:annotation>
+					<xs:documentation>Signature Algorithm contains the algorithm identifier for the algorithm used by the Certificate Authority to compute the signature.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="Signature" type="cyboxCommon:StringObjectPropertyType" maxOccurs="1" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>Signature contains a digital signature computed upon this X.509 certificate.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+		</xs:sequence>
+	</xs:complexType>
+	<xs:complexType name="SubjectPublicKeyType">
+		<xs:annotation>
+			<xs:documentation>The SubjectPublicKeyType is used to carry the public key and identify the algorithm with which the key is used.</xs:documentation>
+		</xs:annotation>
+		<xs:sequence>
+			<xs:element minOccurs="0" name="Public_Key_Algorithm" type="cyboxCommon:StringObjectPropertyType">
+				<xs:annotation>
+					<xs:documentation>Public Key Algorithm is the algorithm with which to encrypt data being sent to the subject.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element minOccurs="0" name="RSA_Public_Key" type="X509CertificateObj:RSAPublicKeyType">
+				<xs:annotation>
+					<xs:documentation>RSA Public Key is the public key contained in this X.509 certificate.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+		</xs:sequence>
+	</xs:complexType>
+	<xs:complexType name="ValidityType">
+		<xs:annotation>
+			<xs:documentation>The ValidityType type is the time interval during which the issuer warrants that it will maintain information about the status of the certificate.</xs:documentation>
+		</xs:annotation>
+		<xs:sequence>
+			<xs:element minOccurs="0" name="Not_Before" type="cyboxCommon:DateTimeObjectPropertyType">
+				<xs:annotation>
+					<xs:documentation>Not before is the date on which the certificate validity period begins.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element minOccurs="0" name="Not_After" type="cyboxCommon:DateTimeObjectPropertyType">
+				<xs:annotation>
+					<xs:documentation>Not after is the date on which the certificate validity period ends.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+		</xs:sequence>
+	</xs:complexType>
+	<xs:complexType name="RSAPublicKeyType">
+		<xs:annotation>
+			<xs:documentation>The RSAPublicKeyType captures details of RSA public keys.</xs:documentation>
+		</xs:annotation>
+		<xs:sequence>
+			<xs:element name="Modulus" type="cyboxCommon:StringObjectPropertyType" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>Modulus is the modulus portion of a public key.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element minOccurs="0" name="Exponent" type="cyboxCommon:IntegerObjectPropertyType">
+				<xs:annotation>
+					<xs:documentation>Exponent is the exponent portion of a public key.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+		</xs:sequence>
+	</xs:complexType>
+	<xs:complexType name="X509V3ExtensionsType">
+		<xs:annotation>
+			<xs:documentation>The X509V3ExtensionsType captures the standard X509 V3 Extensions that may be used in X509 certificates. Based on RFC 3280, "Standard Extensions": http://www.ietf.org/rfc/rfc3280.txt</xs:documentation>
+		</xs:annotation>
+		<xs:sequence>
+			<xs:element minOccurs="0" name="Basic_Constraints" type="cyboxCommon:StringObjectPropertyType">
+				<xs:annotation>
+					<xs:documentation>The Basic_Constraints field captures a multi-valued extension which indicates whether a certificate is a CA certificate. The first (mandatory) name is CA followed by TRUE or FALSE. If CA is TRUE then an optional pathlen name followed by an non-negative value can be included. Also equivalent to the object ID (OID) value of 2.5.29.19.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element minOccurs="0" name="Name_Constraints" type="cyboxCommon:StringObjectPropertyType">
+				<xs:annotation>
+					<xs:documentation>The Name_Constraints field captures a name space within which all subject names in subsequent certificates in a certification path MUST be located. Also equivalent to the object ID (OID) value of 2.5.29.30.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element minOccurs="0" name="Policy_Constraints" type="cyboxCommon:StringObjectPropertyType">
+				<xs:annotation>
+					<xs:documentation>The Policy_Constraints field captures any constraints on path validation for certificates issued to CAs. Also equivalent to the object ID (OID) value of 2.5.29.36.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element minOccurs="0" name="Key_Usage" type="cyboxCommon:StringObjectPropertyType">
+				<xs:annotation>
+					<xs:documentation>The Key_Usage element field captures a multi-valued extension consisting of a list of names of the permitted key usages. Also equivalent to the object ID (OID) value of 2.5.29.15.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element minOccurs="0" name="Extended_Key_Usage" type="cyboxCommon:StringObjectPropertyType">
+				<xs:annotation>
+					<xs:documentation>The Extended_Key_Usage field captures a list of usages indicating purposes for which the certificate public key can be used for. Also equivalent to the object ID (OID) value of 2.5.29.37.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element minOccurs="0" name="Subject_Key_Identifier" type="cyboxCommon:StringObjectPropertyType">
+				<xs:annotation>
+					<xs:documentation>The Subject_Key_Identifier field captures the identifier that provides a means of identifying certificates that contain a particular public key. Also equivalent to the object ID (OID) value of 2.5.29.14.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element minOccurs="0" name="Authority_Key_Identifier" type="cyboxCommon:StringObjectPropertyType">
+				<xs:annotation>
+					<xs:documentation>The Authority_Key_Identifier field captures the identifier that provides a means of identifying the public key corresponding to the private key used to sign a certificate. Also equivalent to the object ID (OID) value of 2.5.29.35.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element minOccurs="0" name="Subject_Alternative_Name" type="cyboxCommon:StringObjectPropertyType">
+				<xs:annotation>
+					<xs:documentation>The Subject_Alternative_Name field captures the additional identities to be bound to the subject of the certificate. Also equivalent to the object ID (OID) value of 2.5.29.17.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element minOccurs="0" name="Issuer_Alternative_Name" type="cyboxCommon:StringObjectPropertyType">
+				<xs:annotation>
+					<xs:documentation>The Issuer_Alternative_Name field captures the additional identities to be bound to the issuer of the certificate. Also equivalent to the object ID (OID) value of 2.5.29.18.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element minOccurs="0" name="Subject_Directory_Attributes" type="cyboxCommon:StringObjectPropertyType">
+				<xs:annotation>
+					<xs:documentation>The Subject_Directory_Attributes field captures the identification attributes (e.g., nationality) of the subject. Also equivalent to the object ID (OID) value of 2.5.29.9.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element minOccurs="0" name="CRL_Distribution_Points" type="cyboxCommon:StringObjectPropertyType">
+				<xs:annotation>
+					<xs:documentation>The CRL_Distribution_Points field captures how CRL information is obtained. Also equivalent to the object ID (OID) value of 2.5.29.31.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element minOccurs="0" name="Inhibit_Any_Policy" type="cyboxCommon:NonNegativeIntegerObjectPropertyType">
+				<xs:annotation>
+					<xs:documentation>The Inhibit_Any_Policy field the number of additional certificates that may appear in the path before anyPolicy is no longer permitted. Also equivalent to the object ID (OID) value of 2.5.29.54.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element minOccurs="0" name="Private_Key_Usage_Period" type="X509CertificateObj:ValidityType">
+				<xs:annotation>
+					<xs:documentation>The Private_Key_Usage_Period field captures the validity period for the private key, if it is different from the validity period of the certificate. Also equivalent to the object ID (OID) value of 2.5.29.16.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element minOccurs="0" name="Certificate_Policies" type="cyboxCommon:StringObjectPropertyType">
+				<xs:annotation>
+					<xs:documentation>The Certificate_Policies field captures a sequence of one or more policy information terms, each of which consists of an object identifier (OID) and optional qualifiers. Also equivalent to the object ID (OID) value of 2.5.29.32.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element minOccurs="0" name="Policy_Mappings" type="cyboxCommon:StringObjectPropertyType">
+				<xs:annotation>
+					<xs:documentation>The Policy_Mappings field captures one or more pairs of OIDs; each pair includes an issuerDomainPolicy and a subjectDomainPolicy. The pairing indicates whether the issuing CA considers its issuerDomainPolicy equivalent to the subject CA's subjectDomainPolicy. Also equivalent to the object ID (OID) value of 2.5.29.33.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+		</xs:sequence>
+	</xs:complexType>
+	<xs:complexType name="X509NonStandardExtensionsType">
+		<xs:annotation>
+			<xs:documentation>The NonStandardX509ExtensionsType captures some non-standard or deprecated X509 extensions that may be useful. Based on the OpenSSL "Deprecated Extensions" documentation: https://www.openssl.org/docs/apps/x509v3_config.html#Deprecated_Extensions. Also based on the Alvestrand certificateExtension reference: http://www.alvestrand.no/objectid/2.5.29.html</xs:documentation>
+		</xs:annotation>
+		<xs:sequence>
+			<xs:element minOccurs="0" name="Netscape_Comment" type="cyboxCommon:StringObjectPropertyType">
+				<xs:annotation>
+					<xs:documentation>The Netscape_Comment field captures a comment which may be displayed when the certificate is viewed in some browsers.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element minOccurs="0" name="Netscape_Certificate_Type" type="cyboxCommon:StringObjectPropertyType">
+				<xs:annotation>
+					<xs:documentation>The Netscape_Certificate_Type field captures a list of flags which indicate the purposes for which a certificate could be used.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element minOccurs="0" name="Old_Authority_Key_Identifier" type="cyboxCommon:StringObjectPropertyType">
+				<xs:annotation>
+					<xs:documentation>The Old_Authority_Key_Identifier captures the old version of the authority key identifier, equivalent to the object ID (OID) value of 2.5.29.1.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element minOccurs="0" name="Old_Primary_Key_Attributes" type="cyboxCommon:StringObjectPropertyType">
+				<xs:annotation>
+					<xs:documentation>The Old_Primary_Key_Attributes field captures the old version of the primary key attributes, equivalent to the object ID (OID) value of 2.5.29.2.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+		</xs:sequence>
+	</xs:complexType>
+</xs:schema>
diff --git a/stix_validator/schema/data_marking.xsd b/stix_validator/schema/data_marking.xsd
new file mode 100755
index 0000000..be63323
--- /dev/null
+++ b/stix_validator/schema/data_marking.xsd
@@ -0,0 +1,92 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<xs:schema xmlns:xs="http://www.w3.org/2001/XMLSchema" xmlns:marking="http://data-marking.mitre.org/Marking-1" xmlns:stixCommon="http://stix.mitre.org/common-1" targetNamespace="http://data-marking.mitre.org/Marking-1" elementFormDefault="qualified" attributeFormDefault="unqualified" version="1.0" xml:lang="English">
+	<xs:annotation>
+		<xs:documentation>This schema was originally developed by The MITRE Corporation. The Data Marking XML Schema implementation is maintained by The MITRE Corporation and developed by the open STIX Community. For more information, including how to get involved in the effort and how to submit change requests, please visit the STIX website at http://stix.mitre.org. </xs:documentation>
+		<xs:appinfo>
+			<schema>Data Marking</schema>
+			<version>1.0</version>
+			<date>04/08/2013 9:00:00 AM</date>
+			<short_description>Data_Marking - Schematic implementation for an independent, flexible, structured data marking expression.</short_description>
+			<terms_of_use>Copyright (c) 2012-2013, The MITRE Corporation. All rights reserved. The contents of this file are subject to the terms of the STIX License located at http://stix.mitre.org/about/termsofuse.html. See the STIX License for the specific language governing permissions and limitations for use of this schema. When distributing copies of the Data Marking Schema, this license header must be included. </terms_of_use>
+		</xs:appinfo>
+	</xs:annotation>
+	<xs:import namespace="http://stix.mitre.org/common-1" schemaLocation="stix_common.xsd"/>
+	<xs:complexType name="MarkingType">
+		<xs:annotation>
+			<xs:documentation>MarkingType specifies a structure for marking information to be applied to portions of XML content.</xs:documentation>
+		</xs:annotation>
+		<xs:sequence>
+			<xs:element name="Marking" type="marking:MarkingSpecificationType" minOccurs="0" maxOccurs="unbounded">
+				<xs:annotation>
+					<xs:documentation>This field contains specification of marking information to be applied to portions of XML content.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+		</xs:sequence>
+	</xs:complexType>
+	<xs:complexType name="MarkingStructureType" abstract="true">
+		<xs:annotation>
+			<xs:documentation>
+				The MarkingStructureType contains the marking information to be applied to a portion of XML content.
+				
+				This type is defined as abstract and is intended to be extended to enable the expression of any structured or unstructured data marking mechanism. STIX provides two options: Simple, and TLP.Additionally, those who wish to use another format may do so by defining a new extension to this type. The information for the STIX-provided extensions is:
+				
+				1. Simple: The Simple marking structures allows for the specification of unstructured statements through the use of a string field. The type is named SimpleMarkingStructureType and is in the http://data-marking.mitre.org/extensions/MarkingStructure#Simple-1 namespace. The extension is defined in the file extensions/marking/simple_marking.xsd or at the URL http://stix.mitre.org/XMLSchema/extensions/marking/simple_marking/1.0/simple_marking.xsd.
+				
+				2. TLP: The TLP marking structure allows for the expression of Traffic Light Protocol statements through the use of a simple enumeration. The type is named TLPMarkingStructureType and is in the http://data-marking.mitre.org/extensions/MarkingStructure#TLP-1 namespace. The extension is defined in the file extensions/marking/tlp.xsd or at the URL http://stix.mitre.org/XMLSchema/extensions/marking/tlp/1.0/tlp.xsd.	
+			</xs:documentation>
+		</xs:annotation>
+		<xs:attribute name="marking_model_name" type="xs:QName">
+			<xs:annotation>
+				<xs:documentation>This field specifies the name of the marking model to be applied within this Marking_Structure.</xs:documentation>
+			</xs:annotation>
+		</xs:attribute>
+		<xs:attribute name="marking_model_ref" type="xs:anyURI">
+			<xs:annotation>
+				<xs:documentation>This field contains a reference to an authoritative source on the marking model to be applied within this Marking_Structure.</xs:documentation>
+			</xs:annotation>
+		</xs:attribute>
+	</xs:complexType>
+	<xs:complexType name="MarkingSpecificationType">
+		<xs:sequence>
+			<xs:element name="Controlled_Structure" type="xs:string">
+				<xs:annotation>
+					<xs:documentation>
+						This field utilizes XPath 1.0 to specify the structures for which the Marking is to be applied.
+						
+						The XPath expression is NOT recursive and the marking structure does NOT apply to child nodes of the selected node. Instead, the expression must explicitly select all nodes that the marking is to be applied to including elements, attributes, and text nodes.
+						
+						The context root of the XPath statement is this Controlled_Structure element. Any namespace prefix declarations that are available to this Controlled_Structure element are available to the XPath.
+						
+						Note that all Controlled_Structure elements have a scope within the document for which their XPath is valid to reference.
+						Usages of MarkingType may specify a "marking scope". The marking scope is always recursive and specifies the set of nodes that may be selected by the XPath expression (and therefore that may have the markings applied to them). If no marking scope is specified in the schema documentation or specification where the MarkingType is used, it should be assumed that the document itself and all nodes are within scope.
+						</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="Marking_Structure" type="marking:MarkingStructureType" maxOccurs="unbounded">
+				<xs:annotation>
+					<xs:documentation>This field contains the marking information to be applied to the portions of XML content specified in the ControlledStructure field. This field is defined as MarkingStructureType which is an abstract type the enables the flexibility to utilize any variety of marking structures.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="Information_Source" type="stixCommon:InformationSourceType" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>The Information_Source field details the source of this entry.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+		</xs:sequence>
+		<xs:attribute name="id" type="xs:QName">
+			<xs:annotation>
+				<xs:documentation>Specifies a unique ID for this Marking.</xs:documentation>
+			</xs:annotation>
+		</xs:attribute>
+		<xs:attribute name="idref" type="xs:QName">
+			<xs:annotation>
+				<xs:documentation>Specifies a reference to the ID of a Marking defined elsewhere.</xs:documentation>
+			</xs:annotation>
+		</xs:attribute>
+		<xs:attribute name="version" type="xs:string">
+			<xs:annotation>
+				<xs:documentation>Specifies the relevant Data_Marking schema version for this content.</xs:documentation>
+			</xs:annotation>
+		</xs:attribute>
+	</xs:complexType>
+</xs:schema>
diff --git a/stix_validator/schema/exploit_target.xsd b/stix_validator/schema/exploit_target.xsd
new file mode 100755
index 0000000..8c6403f
--- /dev/null
+++ b/stix_validator/schema/exploit_target.xsd
@@ -0,0 +1,223 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<xs:schema xmlns:xs="http://www.w3.org/2001/XMLSchema" xmlns:et="http://stix.mitre.org/ExploitTarget-1" xmlns:stixCommon="http://stix.mitre.org/common-1" xmlns:marking="http://data-marking.mitre.org/Marking-1" targetNamespace="http://stix.mitre.org/ExploitTarget-1" elementFormDefault="qualified" attributeFormDefault="unqualified" version="1.0" xml:lang="English">
+	<xs:annotation>
+		<xs:documentation>This schema was originally developed by The MITRE Corporation. The STIX XML Schema implementation is maintained by The MITRE Corporation and developed by the open STIX Community. For more information, including how to get involved in the effort and how to submit change requests, please visit the STIX website at http://stix.mitre.org. </xs:documentation>
+		<xs:appinfo>
+			<schema>STIX Exploit Target</schema>
+			<version>1.0</version>
+			<date>04/08/2013 9:00:00 AM</date>
+			<short_description>Structured Threat Information eXpression (STIX) - ExploitTarget - Schematic implementation for the ExploitTarget construct within the STIX structured cyber threat expression language architecture</short_description>
+			<terms_of_use>Copyright (c) 2012-2013, The MITRE Corporation. All rights reserved. The contents of this file are subject to the terms of the STIX License located at http://stix.mitre.org/about/termsofuse.html. See the STIX License for the specific language governing permissions and limitations for use of this schema. When distributing copies of the STIX Schema, this license header must be included. </terms_of_use>
+		</xs:appinfo>
+	</xs:annotation>
+	<xs:import namespace="http://stix.mitre.org/common-1" schemaLocation="stix_common.xsd"/>
+	<xs:import namespace="http://data-marking.mitre.org/Marking-1" schemaLocation="data_marking.xsd"/>
+	<xs:element name="Exploit_Target" type="et:ExploitTargetType">
+		<xs:annotation>
+			<xs:documentation>The ExploitTarget field characterizes potential targets for exploitation. In other words characteristics about targeted victims that may make them vulnerable to attack.</xs:documentation>
+		</xs:annotation>
+	</xs:element>
+	<xs:complexType name="ExploitTargetType">
+		<xs:complexContent>
+			<xs:extension base="stixCommon:ExploitTargetBaseType">
+				<xs:sequence>
+					<xs:element name="Title" type="xs:string" minOccurs="0">
+						<xs:annotation>
+							<xs:documentation>The Title field provides a simple title for this ExploitTarget.</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+					<xs:element name="Vulnerability" type="et:VulnerabilityType" minOccurs="0" maxOccurs="unbounded">
+						<xs:annotation>
+							<xs:documentation>The Vulnerability field identifies and characterizes a Vulnerability as a potential ExploitTarget.</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+					<xs:element name="Weakness" type="et:WeaknessType" minOccurs="0" maxOccurs="unbounded">
+						<xs:annotation>
+							<xs:documentation>The Weakness field identifies and characterizes a Weakness as a potential ExploitTarget.</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+					<xs:element name="Configuration" type="et:ConfigurationType" minOccurs="0" maxOccurs="unbounded">
+						<xs:annotation>
+							<xs:documentation>The Configuration field identifies and characterizes a Configuration as a potential ExploitTarget.</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+					<xs:element name="Potential_COAs" type="et:PotentialCOAsType" minOccurs="0">
+						<xs:annotation>
+							<xs:documentation>The Potential_COAs field specifies potential Courses of Action for this ExploitTarget.</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+					<xs:element name="Information_Source" type="stixCommon:InformationSourceType" minOccurs="0">
+						<xs:annotation>
+							<xs:documentation>The Information_Source field details the source of this entry.</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+					<xs:element name="Handling" type="marking:MarkingType" minOccurs="0">
+						<xs:annotation>
+							<xs:documentation>The Handling field specifies the appropriate data handling markings for the elements of this Exploit Target. The valid marking scope is the nearest ExploitTargetBaseType ancestor of this Handling element and all its descendants.</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+				</xs:sequence>
+				<xs:attribute name="version" type="et:ExploitTargetVersionType" default="1.0">
+					<xs:annotation>
+						<xs:documentation>Specifies the relevant STIX-ExploitTarget schema version for this content.</xs:documentation>
+					</xs:annotation>
+				</xs:attribute>
+			</xs:extension>
+		</xs:complexContent>
+	</xs:complexType>
+	<!---->
+	<xs:simpleType name="ExploitTargetVersionType">
+		<xs:annotation>
+			<xs:documentation>An enumeration of all versions of the Exploit Target type valid in the current release of STIX.</xs:documentation>
+		</xs:annotation>
+		<xs:restriction base="xs:string">
+			<xs:enumeration value="1.0"/>
+		</xs:restriction>
+	</xs:simpleType>
+	<xs:complexType name="VulnerabilityType">
+		<xs:annotation>
+			<xs:documentation>
+				Characterizes an individual vulnerability.
+
+				In addition to capturing basic information and references to vulnerability registries, this type is intended to be extended to enable the structured description of a vulnerability by using the XML Schema extension feature. The STIX default extension uses the Common Vulnerability Reporting Format (CVRF) schema to do so. The extension that defines this is captured in the CVRF1.1InstanceType in the http://stix.mitre.org/extensions/Vulnerability#CVRF1.1-1 namespace. This type is defined in the extensions/vulnerability/cvrf_1.1.xsd file or at the URL http://stix.mitre.org/XMLSchema/extensions/vulnerability/cvrf_1.1/1.0/cvrf_1.1.xsd.
+			</xs:documentation>
+		</xs:annotation>
+		<xs:sequence>
+			<xs:element name="Description" type="stixCommon:StructuredTextType" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>The Description element is optional and enables a generalized description of this Vulnerability.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="CVE_ID" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>The CVE_ID field is optional and specifies a CVE identifier for a particular vulnerability.</xs:documentation>
+				</xs:annotation>
+				<xs:simpleType>
+					<xs:restriction base="xs:string">
+						<xs:pattern value="CVE-\d\d\d\d-\d\d\d\d"/>
+					</xs:restriction>
+				</xs:simpleType>
+			</xs:element>
+			<xs:element name="OSVDB_ID" type="xs:positiveInteger" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>The OSVDB_ID field is optional and specifies an OSVDB identifier for a particular vulnerability.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="CVSS_Score" type="et:CVSSVectorType" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>The CVSS_Score field captures the full CVSS v2.0 base, temporal, and environmental vectors in their string format.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+		</xs:sequence>
+	</xs:complexType>
+	<xs:complexType name="PotentialCOAsType">
+		<xs:complexContent>
+			<xs:extension base="stixCommon:GenericRelationshipListType">
+				<xs:sequence>
+					<xs:element name="Potential_COA" type="stixCommon:RelatedCourseOfActionType" maxOccurs="unbounded">
+						<xs:annotation>
+							<xs:documentation>The Potential_COA field specifies a potential Course of Action for this ExploitTarget.</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+				</xs:sequence>
+			</xs:extension>
+		</xs:complexContent>
+	</xs:complexType>
+	<xs:complexType name="ConfigurationType">
+		<xs:sequence>
+			<xs:element name="Description" type="stixCommon:StructuredTextType" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>The Description element is optional and enables a generalized description of this Configuration.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="CCE_ID" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>The CCE_ID field is optional and specifies a CCE identifier for a particular configuration item.</xs:documentation>
+				</xs:annotation>
+				<xs:simpleType>
+					<xs:restriction base="xs:string">
+						<xs:pattern value="CCE-\d+-\d"/>
+					</xs:restriction>
+				</xs:simpleType>
+			</xs:element>
+		</xs:sequence>
+	</xs:complexType>
+	<xs:complexType name="WeaknessType">
+		<xs:sequence>
+			<xs:element name="Description" type="stixCommon:StructuredTextType" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>The Description element is optional and enables a generalized description of this Weakness.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="CWE_ID" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>The CWE_ID element is optional and specifies a CWE identifier for a particular weakness.</xs:documentation>
+				</xs:annotation>
+				<xs:simpleType>
+					<xs:restriction base="xs:string">
+						<xs:pattern value="CWE-\d+"/>
+					</xs:restriction>
+				</xs:simpleType>
+			</xs:element>
+		</xs:sequence>
+	</xs:complexType>
+	<xs:complexType name="CVSSVectorType">
+		<xs:sequence>
+			<xs:element name="Overall_Score" type="et:CVSSScoreType" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>Captures the overall CVSS 2.0 score. Note that this is not the same as the unadjusted CVSS Base Score, which should be captured in the Base_Score field.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="Base_Score" type="et:CVSSScoreType" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>Captures the unadjusted CVSS 2.0 Base score.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="Base_Vector" type="et:CVSSBaseVectorType" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>Captures the CVSS 2.0 Base Vector per the compressed string format.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="Temporal_Score" type="et:CVSSScoreType" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>Captures the unadjusted CVSS 2.0 Temporal score.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="Temporal_Vector" type="et:CVSSTemporalVectorType" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>Captures the CVSS 2.0 Temporal Vector per the compressed string format.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="Environmental_Score" type="et:CVSSScoreType" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>Captures the unadjusted CVSS 2.0 Environmental score.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="Environmental_Vector" type="et:CVSSEnvironmentalVectorType" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>Captures the CVSS 2.0 Environmental Vector in the compressed string format.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+		</xs:sequence>
+	</xs:complexType>
+	<xs:simpleType name="CVSSScoreType">
+		<xs:restriction base="xs:string">
+			<xs:pattern value="((10)|[0-9])\.[0-9]"/>
+		</xs:restriction>
+	</xs:simpleType>
+	<xs:simpleType name="CVSSBaseVectorType">
+		<xs:restriction base="xs:string">
+			<xs:pattern value="AV:[LAN]/AC:[HML]/Au:[MSN]/C:[NPC]/I:[NPC]/A:[NPC]"/>
+		</xs:restriction>
+	</xs:simpleType>
+	<xs:simpleType name="CVSSTemporalVectorType">
+		<xs:restriction base="xs:string">
+			<xs:pattern value="E:([UFH]|(POC)|(ND))/RL:([WU]|(OF)|(TF)|(ND))/RC:([C]|(UC)|(UR)|(ND))"/>
+		</xs:restriction>
+	</xs:simpleType>
+	<xs:simpleType name="CVSSEnvironmentalVectorType">
+		<xs:restriction base="xs:string">
+			<xs:pattern value="CDP:([NLH]|(LM)|(MH)|(ND))/TD:([NLMH]|(ND))/CR:([LMH]|(ND))/IR:([LMH]|(ND))/AR:([LMH]|(ND))"/>
+		</xs:restriction>
+	</xs:simpleType>
+</xs:schema>
diff --git a/stix_validator/schema/extensions/address/ciq_address_3.0.xsd b/stix_validator/schema/extensions/address/ciq_address_3.0.xsd
new file mode 100755
index 0000000..eda7fc1
--- /dev/null
+++ b/stix_validator/schema/extensions/address/ciq_address_3.0.xsd
@@ -0,0 +1,27 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<xs:schema xmlns:xs="http://www.w3.org/2001/XMLSchema" elementFormDefault="qualified" targetNamespace="http://stix.mitre.org/extensions/Address#CIQAddress3.0-1" xmlns:a="urn:oasis:names:tc:ciq:xal:3" xmlns:stixCommon="http://stix.mitre.org/common-1" xmlns="http://stix.mitre.org/extensions/Address#CIQAddress3.0-1" version="1.0" xml:lang="English">
+    <xs:annotation>
+        <xs:documentation>This schema was originally developed by The MITRE Corporation. The STIX XML Schema implementation is maintained by The MITRE Corporation and developed by the open STIX Community. For more information, including how to get involved in the effort and how to submit change requests, please visit the STIX website at http://stix.mitre.org. </xs:documentation>
+        <xs:appinfo>
+            <schema>STIX Extension - CIQ Address 3.0 Instance</schema>
+            <version>1.0</version>
+            <date>04/08/2013 9:00:00 AM</date>
+            <short_description>Structured Threat Information eXpression (STIX) Extension - CIQ Address 3.0 Instance - Schematic implementation for the using version 3.0 of CIQ to describe an Address within the STIX structured cyber threat expression language architecture.</short_description>
+            <terms_of_use>Copyright (c) 2012-2013, The MITRE Corporation. All rights reserved. The contents of this file are subject to the terms of the STIX License located at http://stix.mitre.org/about/termsofuse.html. See the STIX License for the specific language governing permissions and limitations for use of this schema. When distributing copies of the STIX Schema, this license header must be included. </terms_of_use>
+        </xs:appinfo>
+    </xs:annotation>
+    <xs:import namespace="http://stix.mitre.org/common-1" schemaLocation="../../stix_common.xsd"/>
+    <xs:import namespace="urn:oasis:names:tc:ciq:xal:3" schemaLocation="../../external/oasis_ciq_3.0/xAL.xsd"/>
+    <xs:complexType name="CIQAddress3.0InstanceType">
+        <xs:annotation>
+            <xs:documentation>The CIQAddress3.0InstanceType provides an extension to the AddressAbstractType which imports and leverages version 3.0 of the OASIS CIQ-PIL schema for structured characterization of Addresses.</xs:documentation>
+        </xs:annotation>
+        <xs:complexContent>
+            <xs:extension base="stixCommon:AddressAbstractType">
+                <xs:sequence>
+                    <xs:element minOccurs="0" name="Location" type="a:AddressType"/>
+                </xs:sequence>
+            </xs:extension>
+        </xs:complexContent>
+    </xs:complexType>
+</xs:schema>
diff --git a/stix_validator/schema/extensions/address/readme.txt b/stix_validator/schema/extensions/address/readme.txt
new file mode 100755
index 0000000..a941d36
--- /dev/null
+++ b/stix_validator/schema/extensions/address/readme.txt
@@ -0,0 +1 @@
+The default type for representing addresses is CIQAddress3.0InstanceType in ciq_address_3.0.xsd.
\ No newline at end of file
diff --git a/stix_validator/schema/extensions/attack_pattern/capec_2.5.xsd b/stix_validator/schema/extensions/attack_pattern/capec_2.5.xsd
new file mode 100755
index 0000000..32fac89
--- /dev/null
+++ b/stix_validator/schema/extensions/attack_pattern/capec_2.5.xsd
@@ -0,0 +1,31 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<xs:schema xmlns:xs="http://www.w3.org/2001/XMLSchema" xmlns="http://stix.mitre.org/extensions/AP#CAPEC2.5-1" xmlns:capec="http://capec.mitre.org/capec-2" xmlns:ttp="http://stix.mitre.org/TTP-1" targetNamespace="http://stix.mitre.org/extensions/AP#CAPEC2.5-1" elementFormDefault="qualified" version="1.0" xml:lang="English">
+	<xs:annotation>
+		<xs:documentation>This schema was originally developed by The MITRE Corporation. The STIX XML Schema implementation is maintained by The MITRE Corporation and developed by the open STIX Community. For more information, including how to get involved in the effort and how to submit change requests, please visit the STIX website at http://stix.mitre.org. </xs:documentation>
+		<xs:appinfo>
+			<schema>STIX Extension - CAPEC 2.5 Attack Pattern Instance</schema>
+			<version>1.0</version>
+			<date>04/08/2013 9:00:00 AM</date>
+			<short_description>Structured Threat Information eXpression (STIX) Extension - CAPEC Attack Pattern Instance - Schematic implementation for the using CAPEC 2.5 to describe an Attack Pattern within the STIX structured cyber threat expression language architecture.</short_description>
+			<terms_of_use>Copyright (c) 2012-2013, The MITRE Corporation. All rights reserved. The contents of this file are subject to the terms of the STIX License located at http://stix.mitre.org/about/termsofuse.html. See the STIX License for the specific language governing permissions and limitations for use of this schema. When distributing copies of the STIX Schema, this license header must be included. </terms_of_use>
+		</xs:appinfo>
+	</xs:annotation>
+	<xs:import namespace="http://stix.mitre.org/TTP-1" schemaLocation="../../ttp.xsd"/>
+	<xs:import namespace="http://capec.mitre.org/capec-2" schemaLocation="../../external/capec_2.5/ap_schema_v2.5.xsd"/>
+	<xs:complexType name="CAPEC2.5InstanceType">
+		<xs:annotation>
+			<xs:documentation>The CAPECInstanceType provides an extension to the APStructureAbstractType which imports and leverages the CAPEC schema for structured characterization of Attack Patterns.</xs:documentation>
+		</xs:annotation>
+		<xs:complexContent>
+			<xs:extension base="ttp:AttackPatternType">
+				<xs:sequence>
+					<xs:element name="CAPEC" type="capec:Attack_PatternType">
+						<xs:annotation>
+							<xs:documentation>The CAPEC field contains the structured specification of an Attack Pattern utilizing the CAPEC schema.</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+				</xs:sequence>
+			</xs:extension>
+		</xs:complexContent>
+	</xs:complexType>
+</xs:schema>
diff --git a/stix_validator/schema/extensions/identity/ciq_identity_3.0.xsd b/stix_validator/schema/extensions/identity/ciq_identity_3.0.xsd
new file mode 100755
index 0000000..631dc97
--- /dev/null
+++ b/stix_validator/schema/extensions/identity/ciq_identity_3.0.xsd
@@ -0,0 +1,108 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<xs:schema xmlns:xs="http://www.w3.org/2001/XMLSchema" elementFormDefault="qualified" xmlns:ciq="urn:oasis:names:tc:ciq:xpil:3" xmlns:stixCommon="http://stix.mitre.org/common-1" targetNamespace="http://stix.mitre.org/extensions/Identity#CIQIdentity3.0-1" xmlns="http://stix.mitre.org/extensions/Identity#CIQIdentity3.0-1" version="1.0" xml:lang="English">
+    <xs:annotation>
+        <xs:documentation>This schema was originally developed by The MITRE Corporation. The STIX XML Schema implementation is maintained by The MITRE Corporation and developed by the open STIX Community. For more information, including how to get involved in the effort and how to submit change requests, please visit the STIX website at http://stix.mitre.org. </xs:documentation>
+        <xs:appinfo>
+            <schema>STIX Extension - CIQ Identity 3.0 Instance</schema>
+            <version>1.0</version>
+            <date>04/08/2013 9:00:00 AM</date>
+            <short_description>Structured Threat Information eXpression (STIX) Extension - CIQ Identity 3.0 Instance - Schematic implementation for the using version 3.0 of CIQ to describe an Identity within the STIX structured cyber threat expression language architecture.</short_description>
+            <terms_of_use>Copyright (c) 2012-2013, The MITRE Corporation. All rights reserved. The contents of this file are subject to the terms of the STIX License located at http://stix.mitre.org/about/termsofuse.html. See the STIX License for the specific language governing permissions and limitations for use of this schema. When distributing copies of the STIX Schema, this license header must be included. </terms_of_use>
+        </xs:appinfo>
+    </xs:annotation>
+    <xs:import namespace="http://stix.mitre.org/common-1" schemaLocation="../../stix_common.xsd"/>
+    <xs:import namespace="urn:oasis:names:tc:ciq:xpil:3" schemaLocation="../../external/oasis_ciq_3.0/xPIL.xsd"/>
+    <xs:complexType name="CIQIdentity3.0InstanceType">
+        <xs:annotation>
+            <xs:documentation>The CIQIdentity3.0InstanceType provides an extension to the IdentityStructureAbstractType which imports and leverages version 3.0 of the OASIS CIQ-PIL schema for structured characterization of Identities.</xs:documentation>
+        </xs:annotation>
+        <xs:complexContent>
+            <xs:extension base="stixCommon:IdentityType">
+                <xs:sequence>
+                    <xs:element name="Specification" type="STIXCIQIdentity3.0Type">
+                        <xs:annotation>
+                            <xs:documentation>The Specification field contains the structured characterization of an Identity utilizing the CIQ-PIL schema.</xs:documentation>
+                        </xs:annotation>
+                    </xs:element>
+                    <xs:element name="Role" type="xs:string" minOccurs="0" maxOccurs="unbounded">
+                        <xs:annotation>
+                            <xs:documentation>The Role field specifies a relevant role played by this entity.</xs:documentation>
+                        </xs:annotation>
+                    </xs:element>
+                </xs:sequence>
+            </xs:extension>
+        </xs:complexContent>
+    </xs:complexType>
+    <xs:complexType name="STIXCIQIdentity3.0Type">
+        <xs:annotation>
+            <xs:documentation>The STIXCIQIdentityType provides a restriction and minor extension of the imported OASIS CIQ-PIL PartyType for use in characterizing STIX Identities.</xs:documentation>
+        </xs:annotation>
+        <xs:complexContent>
+            <xs:restriction base="ciq:PartyType">
+                <xs:sequence>
+                    <xs:element minOccurs="0" ref="ciq:FreeTextLines"/>
+                    <xs:element minOccurs="0" ref="ciq:PartyName"/>
+                    <xs:element minOccurs="0" ref="ciq:Addresses"/>
+                    <xs:element minOccurs="0" ref="ciq:Accounts">
+                        <xs:annotation>
+                            <xs:documentation>A container to define the accounts details of the party such as utility account, financil accounts</xs:documentation>
+                        </xs:annotation>
+                    </xs:element>
+                    <xs:element minOccurs="0" ref="ciq:ContactNumbers"/>
+                    <xs:element minOccurs="0" ref="ciq:Documents">
+                        <xs:annotation>
+                            <xs:documentation>A container for identification document and cards of the party that are unique to the party. e.g. license, identification card, credit card, etc</xs:documentation>
+                        </xs:annotation>
+                    </xs:element>
+                    <xs:element minOccurs="0" ref="ciq:ElectronicAddressIdentifiers"/>
+                    <xs:element minOccurs="0" ref="ciq:Events"/>
+                    <xs:element minOccurs="0" ref="ciq:Identifiers"/>
+                    <xs:element minOccurs="0" ref="ciq:Memberships">
+                        <xs:annotation>
+                            <xs:documentation>A container for memberships of party with other organisations (e.g. industry groups) or social networks (clubs, association, etc)</xs:documentation>
+                        </xs:annotation>
+                    </xs:element>
+                    <xs:element minOccurs="0" ref="ciq:Relationships">
+                        <xs:annotation>
+                            <xs:documentation>Relationships with other parties (persons or organisations, and the nature of relationship). Examples: - For person: Contacts, blood relatives, friends, referees, customers, etc - for Organisation: Subsidiary, Parent company, Branches, Divisions, Partners, etc</xs:documentation>
+                        </xs:annotation>
+                    </xs:element>
+                    <xs:element minOccurs="0" ref="ciq:Revenues">
+                        <xs:annotation>
+                            <xs:documentation>Container for income / revenue information of the party (salary/organisation revenue)</xs:documentation>
+                        </xs:annotation>
+                    </xs:element>
+                    <xs:element minOccurs="0" ref="ciq:Stocks"/>
+                    <xs:element minOccurs="0" ref="ciq:Vehicles"/>
+                    <xs:element minOccurs="0" ref="ciq:OrganisationInfo">
+                        <xs:annotation>
+                            <xs:documentation>Container for other organisation specific details that are not covered in this schema that are common to a party</xs:documentation>
+                        </xs:annotation>
+                    </xs:element>
+                    <xs:element minOccurs="0" ref="ciq:PersonInfo">
+                        <xs:annotation>
+                            <xs:documentation>Container for other person specific details that are not covered in this schema elements that are common to a party</xs:documentation>
+                        </xs:annotation>
+                    </xs:element>
+                    <xs:element minOccurs="0" ref="ciq:BirthInfo"/>
+                    <xs:element minOccurs="0" ref="ciq:CountriesOfResidence"/>
+                    <xs:element minOccurs="0" ref="ciq:Favourites"/>
+                    <xs:element minOccurs="0" ref="ciq:Habits"/>
+                    <xs:element minOccurs="0" ref="ciq:Hobbies"/>
+                    <xs:element minOccurs="0" ref="ciq:Languages"/>
+                    <xs:element minOccurs="0" ref="ciq:Nationalities"/>
+                    <xs:element minOccurs="0" ref="ciq:Occupations"/>
+                    <xs:element minOccurs="0" ref="ciq:PhysicalInfo"/>
+                    <xs:element minOccurs="0" ref="ciq:Preferences"/>
+                    <xs:element minOccurs="0" ref="ciq:Qualifications"/>
+                    <xs:element minOccurs="0" ref="ciq:Visas"/>
+                </xs:sequence>
+                <xs:attribute form="qualified" name="PartyType" type="ciq:PartyTypeList">
+                    <xs:annotation>
+                        <xs:documentation>Type of Party. e.g. Person or an organisation. An organisation could be university, college, club, association, company, etc</xs:documentation>
+                    </xs:annotation>
+                </xs:attribute>
+            </xs:restriction>
+        </xs:complexContent>
+    </xs:complexType>
+</xs:schema>
diff --git a/stix_validator/schema/extensions/identity/readme.txt b/stix_validator/schema/extensions/identity/readme.txt
new file mode 100755
index 0000000..2540f3b
--- /dev/null
+++ b/stix_validator/schema/extensions/identity/readme.txt
@@ -0,0 +1 @@
+The default type for representing identities is CIQIdentity3.0InstanceType in ciq_identity_3.0.xsd.
\ No newline at end of file
diff --git a/stix_validator/schema/extensions/malware/maec_4.0.xsd b/stix_validator/schema/extensions/malware/maec_4.0.xsd
new file mode 100755
index 0000000..9bb2f50
--- /dev/null
+++ b/stix_validator/schema/extensions/malware/maec_4.0.xsd
@@ -0,0 +1,32 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<xs:schema xmlns:xs="http://www.w3.org/2001/XMLSchema" elementFormDefault="qualified" targetNamespace="http://stix.mitre.org/extensions/Malware#MAEC4.0-1" xmlns="http://stix.mitre.org/extensions/Malware#MAEC4.0-1" xmlns:maec="http://maec.mitre.org/XMLSchema/maec-package-2" xmlns:ttp="http://stix.mitre.org/TTP-1" version="1.0" xml:lang="English">
+    <xs:annotation>
+        <xs:documentation>This schema was originally developed by The MITRE Corporation. The STIX XML Schema implementation is maintained by The MITRE Corporation and developed by the open STIX Community. For more information, including how to get involved in the effort and how to submit change requests, please visit the STIX website at http://stix.mitre.org.</xs:documentation>
+        <xs:documentation>NOTICE: This schema is not currently live. Once MAEC 4.0 is released, the URLs referenced below will resolve and the schema will be usable. Please refer to the MAEC website and mailing lists for more information on when it will be released.</xs:documentation>
+        <xs:appinfo>
+            <schema>STIX Extension - MAEC Malware Instance</schema>
+            <version>1.0</version>
+            <date>04/08/2013 9:00:00 AM</date>
+            <short_description>Structured Threat Information eXpression (STIX) Extension - MAEC 4.0 Malware Instance - Schematic implementation for the using MAEC 4.0 to describe Malware within the STIX structured cyber threat expression language architecture.</short_description>
+            <terms_of_use>Copyright (c) 2012-2013, The MITRE Corporation. All rights reserved. The contents of this file are subject to the terms of the STIX License located at http://stix.mitre.org/about/termsofuse.html. See the STIX License for the specific language governing permissions and limitations for use of this schema. When distributing copies of the STIX Schema, this license header must be included. </terms_of_use>
+        </xs:appinfo>
+    </xs:annotation>
+    <xs:import namespace="http://stix.mitre.org/TTP-1" schemaLocation="../../ttp.xsd"/>
+    <xs:import namespace="http://maec.mitre.org/XMLSchema/maec-package-2" schemaLocation="http://maec.mitre.org/language/version4.0/maec-package-schema.xsd"/>
+    <xs:complexType name="MAEC4.0InstanceType">
+        <xs:annotation>
+            <xs:documentation>The MAEC4.0InstanceType provides an extension to MalwareInstanceType which imports and leverages the MAEC 4.0 schema for structured characterization of Malware.</xs:documentation>
+        </xs:annotation>
+        <xs:complexContent>
+            <xs:extension base="ttp:MalwareInstanceType">
+                <xs:sequence>
+                    <xs:element name="MAEC" type="maec:PackageType">
+                        <xs:annotation>
+                            <xs:documentation>The MAEC field contains the structured characterization of instances of Malware utilizing the MAEC Package schema.</xs:documentation>
+                        </xs:annotation>
+                    </xs:element>
+                </xs:sequence>
+            </xs:extension>
+        </xs:complexContent>
+    </xs:complexType>
+</xs:schema>
diff --git a/stix_validator/schema/extensions/malware/readme.txt b/stix_validator/schema/extensions/malware/readme.txt
new file mode 100755
index 0000000..f3418f9
--- /dev/null
+++ b/stix_validator/schema/extensions/malware/readme.txt
@@ -0,0 +1,3 @@
+The default type for representing identities is the MAEC4.0InstanceType defined in maec_4.0.xsd.
+
+Please note that this extension is targeted against MAEC 4.0. At the time of the STIX 1.0 release MAEC 4.0 has not been released and the extension will not validate. Once MAEC 4.0 is released the STIX team will notify the community and the extension will start to work.
\ No newline at end of file
diff --git a/stix_validator/schema/extensions/marking/simple_marking.xsd b/stix_validator/schema/extensions/marking/simple_marking.xsd
new file mode 100755
index 0000000..ad70918
--- /dev/null
+++ b/stix_validator/schema/extensions/marking/simple_marking.xsd
@@ -0,0 +1,30 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<xs:schema xmlns:xs="http://www.w3.org/2001/XMLSchema" xmlns:marking="http://data-marking.mitre.org/Marking-1" xmlns:simpleMarking="http://data-marking.mitre.org/extensions/MarkingStructure#Simple-1" targetNamespace="http://data-marking.mitre.org/extensions/MarkingStructure#Simple-1" elementFormDefault="qualified" attributeFormDefault="unqualified" version="1.0" xml:lang="English">
+	<xs:annotation>
+		<xs:documentation>This schema was originally developed by The MITRE Corporation. The Data Marking Schema implementation is maintained by The MITRE Corporation and developed by the open STIX Community. For more information, including how to get involved in the effort and how to submit change requests, please visit the STIX website at http://stix.mitre.org. </xs:documentation>
+		<xs:appinfo>
+			<schema>Data Marking Extension - Simple Marking Instance</schema>
+			<version>1.0</version>
+			<date>04/08/2013 9:00:00 AM</date>
+			<short_description>Data Marking Extension - Simple Marking Instance - Schematic implementation for attaching a simple statement to an idendified XML structure.</short_description>
+			<terms_of_use>Copyright (c) 2012-2013, The MITRE Corporation. All rights reserved. The contents of this file are subject to the terms of the STIX License located at http://stix.mitre.org/about/termsofuse.html. See the STIX License for the specific language governing permissions and limitations for use of this schema. When distributing copies of the STIX Schema, this license header must be included. </terms_of_use>
+		</xs:appinfo>
+	</xs:annotation>
+	<xs:import namespace="http://data-marking.mitre.org/Marking-1" schemaLocation="../../data_marking.xsd"/>
+	<xs:complexType name="SimpleMarkingStructureType">
+		<xs:annotation>
+			<xs:documentation>The SimpleMarkingStructureType is a basic implementation of the data marking schema that allows for a string statement to be associated with the data being marked. One example might be the application of a copyright statement to some data set.</xs:documentation>
+		</xs:annotation>
+		<xs:complexContent>
+			<xs:extension base="marking:MarkingStructureType">
+				<xs:sequence>
+					<xs:element name="Statement" type="xs:string">
+						<xs:annotation>
+							<xs:documentation>The statement to apply to the structure for which the Marking is to be applied.</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+				</xs:sequence>
+			</xs:extension>
+		</xs:complexContent>
+	</xs:complexType>
+</xs:schema>
diff --git a/stix_validator/schema/extensions/marking/tlp.xsd b/stix_validator/schema/extensions/marking/tlp.xsd
new file mode 100755
index 0000000..2bf027f
--- /dev/null
+++ b/stix_validator/schema/extensions/marking/tlp.xsd
@@ -0,0 +1,39 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<xs:schema xmlns:xs="http://www.w3.org/2001/XMLSchema" xmlns:marking="http://data-marking.mitre.org/Marking-1" xmlns:tlpMarking="http://data-marking.mitre.org/extensions/MarkingStructure#TLP-1" targetNamespace="http://data-marking.mitre.org/extensions/MarkingStructure#TLP-1" elementFormDefault="qualified" attributeFormDefault="unqualified" version="1.0" xml:lang="English">
+	<xs:annotation>
+		<xs:documentation>This schema was originally developed by The MITRE Corporation. The Data Marking Schema implementation is maintained by The MITRE Corporation and developed by the open STIX Community. For more information, including how to get involved in the effort and how to submit change requests, please visit the STIX website at http://stix.mitre.org. </xs:documentation>
+		<xs:appinfo>
+			<schema>Data Marking Extension - TLP</schema>
+			<version>1.0</version>
+			<date>04/08/2013 9:00:00 AM</date>
+			<short_description>Data Marking Extension - TLP Marking Instance - Schematic implementation for attaching a Traffic Light Protocol (TLP)designation to an idendified XML structure.</short_description>
+			<terms_of_use>Copyright (c) 2012-2013, The MITRE Corporation. All rights reserved. The contents of this file are subject to the terms of the STIX License located at http://stix.mitre.org/about/termsofuse.html. See the STIX License for the specific language governing permissions and limitations for use of this schema. When distributing copies of the STIX Schema, this license header must be included. </terms_of_use>
+		</xs:appinfo>
+	</xs:annotation>
+	<xs:import namespace="http://data-marking.mitre.org/Marking-1" schemaLocation="../../data_marking.xsd"/>
+	<xs:complexType name="TLPMarkingStructureType">
+		<xs:annotation>
+			<xs:documentation>The TLPMarkingStructureType is an implementation of the data marking schema that allows for a TLP Designation to be attached to an identified XML structure. Information about TLP is available here: http://www.us-cert.gov/tlp.</xs:documentation>
+		</xs:annotation>
+		<xs:complexContent>
+			<xs:extension base="marking:MarkingStructureType">
+				<xs:attribute name="color" type="tlpMarking:TLPColorEnum">
+					<xs:annotation>
+						<xs:documentation>The TLP color designation of the marked structure.</xs:documentation>
+					</xs:annotation>
+				</xs:attribute>
+			</xs:extension>
+		</xs:complexContent>
+	</xs:complexType>
+	<xs:simpleType name="TLPColorEnum">
+		<xs:annotation>
+			<xs:documentation>The TLP color designation of the marked structure.</xs:documentation>
+		</xs:annotation>
+		<xs:restriction base="xs:string">
+			<xs:enumeration value="RED"/>
+			<xs:enumeration value="AMBER"/>
+			<xs:enumeration value="GREEN"/>
+			<xs:enumeration value="WHITE"/>
+		</xs:restriction>
+	</xs:simpleType>
+</xs:schema>
diff --git a/stix_validator/schema/extensions/structured_coa/generic.xsd b/stix_validator/schema/extensions/structured_coa/generic.xsd
new file mode 100755
index 0000000..0bcfda3
--- /dev/null
+++ b/stix_validator/schema/extensions/structured_coa/generic.xsd
@@ -0,0 +1,46 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<xs:schema xmlns:xs="http://www.w3.org/2001/XMLSchema" xmlns:coa="http://stix.mitre.org/CourseOfAction-1" xmlns:stixCommon="http://stix.mitre.org/common-1" xmlns="http://stix.mitre.org/extensions/StructuredCOA#Generic-1" xmlns:genericStructuredCOA="http://stix.mitre.org/extensions/StructuredCOA#Generic-1" targetNamespace="http://stix.mitre.org/extensions/StructuredCOA#Generic-1" elementFormDefault="qualified" attributeFormDefault="unqualified" version="1.0" xml:lang="English">
+    <xs:annotation>
+        <xs:documentation>This schema was originally developed by The MITRE Corporation. The STIX XML Schema implementation is maintained by The MITRE Corporation and developed by the open STIX Community. For more information, including how to get involved in the effort and how to submit change requests, please visit the STIX website at http://stix.mitre.org.</xs:documentation>
+        <xs:appinfo>
+            <schema>STIX Extension - Structured Course of Action Instance</schema>
+            <version>1.0</version>
+            <date>04/08/2013 9:00:00 AM</date>
+            <short_description>Structured Threat Information eXpression (STIX) Extension - Generic Structured Course of Action Instance - Schematic implementation for the using a generic Structured Course of Action within the STIX structured cyber threat expression language architecture.</short_description>
+            <terms_of_use>Copyright (c) 2012-2013, The MITRE Corporation. All rights reserved. The contents of this file are subject to the terms of the STIX License located at http://stix.mitre.org/about/termsofuse.html. See the STIX License for the specific language governing permissions and limitations for use of this schema. When distributing copies of the STIX Schema, this license header must be included. </terms_of_use>
+        </xs:appinfo>
+    </xs:annotation>
+    <xs:import namespace="http://stix.mitre.org/CourseOfAction-1" schemaLocation="../../course_of_action.xsd"/>
+    <xs:import namespace="http://stix.mitre.org/common-1" schemaLocation="../../stix_common.xsd"/>
+    <xs:complexType name="GenericStructuredCOAType">
+        <xs:annotation>
+            <xs:documentation>The GenericStructuredCOAType specifies an instantial extension from the abstract StructuredCOAType intended to support the generic inclusion of any COA content.</xs:documentation>
+        </xs:annotation>
+        <xs:complexContent>
+            <xs:extension base="coa:StructuredCOAType">
+                <xs:sequence>
+                    <xs:element name="Description" type="stixCommon:StructuredTextType">
+                        <xs:annotation>
+                            <xs:documentation>A structured Description of this Generic Structured COA.</xs:documentation>
+                        </xs:annotation>
+                    </xs:element>
+                    <xs:element name="Type" type="stixCommon:ControlledVocabularyStringType">
+                        <xs:annotation>
+                            <xs:documentation>Specifies the type of Generic Structured COA.</xs:documentation>
+                        </xs:annotation>
+                    </xs:element>
+                    <xs:element name="Specification" type="stixCommon:EncodedCDATAType">
+                        <xs:annotation>
+                            <xs:documentation>The Specification field encapsulates any test mechnism specification in its native format within a string field. The specification should be within a CDATA construct within the string field.</xs:documentation>
+                        </xs:annotation>
+                    </xs:element>
+                </xs:sequence>
+                <xs:attribute name="reference_location" type="xs:anyURI">
+                    <xs:annotation>
+                        <xs:documentation>Specifies a reference URL for the location of the Generic Structured COA.</xs:documentation>
+                    </xs:annotation>
+                </xs:attribute>
+            </xs:extension>
+        </xs:complexContent>
+    </xs:complexType>
+</xs:schema>
\ No newline at end of file
diff --git a/stix_validator/schema/extensions/test_mechanism/generic.xsd b/stix_validator/schema/extensions/test_mechanism/generic.xsd
new file mode 100755
index 0000000..568d9f4
--- /dev/null
+++ b/stix_validator/schema/extensions/test_mechanism/generic.xsd
@@ -0,0 +1,46 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<xs:schema xmlns:xs="http://www.w3.org/2001/XMLSchema" xmlns:indicator="http://stix.mitre.org/Indicator-2" xmlns:stixCommon="http://stix.mitre.org/common-1" xmlns="http://stix.mitre.org/extensions/TestMechanism#Generic-1" xmlns:genericTM="http://stix.mitre.org/extensions/TestMechanism#Generic-1" targetNamespace="http://stix.mitre.org/extensions/TestMechanism#Generic-1" elementFormDefault="qualified" attributeFormDefault="unqualified" version="1.0" xml:lang="English">
+    <xs:annotation>
+        <xs:documentation>This schema was originally developed by The MITRE Corporation. The STIX XML Schema implementation is maintained by The MITRE Corporation and developed by the open STIX Community. For more information, including how to get involved in the effort and how to submit change requests, please visit the STIX website at http://stix.mitre.org.</xs:documentation>
+        <xs:appinfo>
+            <schema>STIX Extension - Generic Test Mechanism Instance</schema>
+            <version>1.0</version>
+            <date>04/08/2013 9:00:00 AM</date>
+            <short_description>Structured Threat Information eXpression (STIX) Extension - Generic Test Mechanism Instance - Schematic implementation for the using a generic Test Machanism within the STIX structured cyber threat expression language architecture.</short_description>
+            <terms_of_use>Copyright (c) 2012-2013, The MITRE Corporation. All rights reserved. The contents of this file are subject to the terms of the STIX License located at http://stix.mitre.org/about/termsofuse.html. See the STIX License for the specific language governing permissions and limitations for use of this schema. When distributing copies of the STIX Schema, this license header must be included. </terms_of_use>
+        </xs:appinfo>
+    </xs:annotation>
+    <xs:import namespace="http://stix.mitre.org/Indicator-2" schemaLocation="../../indicator.xsd"/>
+    <xs:import namespace="http://stix.mitre.org/common-1" schemaLocation="../../stix_common.xsd"/>
+    <xs:complexType name="GenericTestMechanismType">
+        <xs:annotation>
+            <xs:documentation>The GenericTestMechanismType specifies an instantial extension from the abstract TestMechanismType intended to support the generic inclusion of any test mechanism content.</xs:documentation>
+        </xs:annotation>
+        <xs:complexContent>
+            <xs:extension base="indicator:TestMechanismType">
+                <xs:sequence>
+                    <xs:element name="Description" type="stixCommon:StructuredTextType">
+                        <xs:annotation>
+                            <xs:documentation>A structured Description of this Generic Test Mechanism.</xs:documentation>
+                        </xs:annotation>
+                    </xs:element>
+                    <xs:element name="Type" type="stixCommon:ControlledVocabularyStringType">
+                        <xs:annotation>
+                            <xs:documentation>Specifies the type of Generic Test Mechanism.</xs:documentation>
+                        </xs:annotation>
+                    </xs:element>
+                    <xs:element name="Specification" type="stixCommon:EncodedCDATAType">
+                        <xs:annotation>
+                            <xs:documentation>The Specification field encapsulates any test mechnism specification in its native format within a string field. The specification should be within a CDATA construct within the string field.</xs:documentation>
+                        </xs:annotation>
+                    </xs:element>
+                </xs:sequence>
+                <xs:attribute name="reference_location" type="xs:anyURI">
+                    <xs:annotation>
+                        <xs:documentation>Specifies a reference URL for the location of the Generic Test Mechanism.</xs:documentation>
+                    </xs:annotation>
+                </xs:attribute>
+            </xs:extension>
+        </xs:complexContent>
+    </xs:complexType>
+</xs:schema>
\ No newline at end of file
diff --git a/stix_validator/schema/extensions/test_mechanism/open_ioc_2010.xsd b/stix_validator/schema/extensions/test_mechanism/open_ioc_2010.xsd
new file mode 100755
index 0000000..a53f0cb
--- /dev/null
+++ b/stix_validator/schema/extensions/test_mechanism/open_ioc_2010.xsd
@@ -0,0 +1,32 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<xs:schema xmlns:xs="http://www.w3.org/2001/XMLSchema" xmlns:indicator="http://stix.mitre.org/Indicator-2" xmlns:ioc-tr="http://schemas.mandiant.com/2010/ioc/TR/" xmlns:ioc="http://schemas.mandiant.com/2010/ioc" xmlns="http://stix.mitre.org/extensions/TestMechanism#OpenIOC2010-1" targetNamespace="http://stix.mitre.org/extensions/TestMechanism#OpenIOC2010-1" elementFormDefault="qualified" attributeFormDefault="unqualified" version="1.0" xml:lang="English">
+    <xs:annotation>
+        <xs:documentation>This schema was originally developed by The MITRE Corporation. The STIX XML Schema implementation is maintained by The MITRE Corporation and developed by the open STIX Community. For more information, including how to get involved in the effort and how to submit change requests, please visit the STIX website at http://stix.mitre.org.</xs:documentation>
+        <xs:appinfo>
+            <schema>STIX Extension - Open IOC Test Mechanism Instance</schema>
+            <version>1.0</version>
+            <date>04/08/2013 9:00:00 AM</date>
+            <short_description>Structured Threat Information eXpression (STIX) Extension - Open IOC Test Mechanism Instance - Schematic implementation for the using the 2010 version of Open IOC to describe a Test Machanism within the STIX structured cyber threat expression language architecture.</short_description>
+            <terms_of_use>Copyright (c) 2012-2013, The MITRE Corporation. All rights reserved. The contents of this file are subject to the terms of the STIX License located at http://stix.mitre.org/about/termsofuse.html. See the STIX License for the specific language governing permissions and limitations for use of this schema. When distributing copies of the STIX Schema, this license header must be included. </terms_of_use>
+        </xs:appinfo>
+    </xs:annotation>
+    <xs:import namespace="http://stix.mitre.org/Indicator-2" schemaLocation="../../indicator.xsd"/>
+    <xs:import namespace="http://schemas.mandiant.com/2010/ioc" schemaLocation="../../external/open_ioc_2010/ioc.xsd"/>
+    <xs:import namespace="http://schemas.mandiant.com/2010/ioc/TR/" schemaLocation="../../external/open_ioc_2010/ioc-TR.xsd"/>
+    <xs:complexType name="OpenIOC2010TestMechanismType">
+        <xs:annotation>
+            <xs:documentation>The OpenIOC2010TestMechanismType provides an extension to the TestMechanismType which imports and leverages the 2010 Open IOC schema in order to include OpenIOC elements as the test mechanism.</xs:documentation>
+        </xs:annotation>
+        <xs:complexContent>
+            <xs:extension base="indicator:TestMechanismType">
+                <xs:sequence>
+                    <xs:element name="ioc" type="ioc:IndicatorOfCompromise">
+                        <xs:annotation>
+                            <xs:documentation>The ioc field contains the structured specification of the OpenIOC test mechanism.</xs:documentation>
+                        </xs:annotation>
+                    </xs:element>
+                </xs:sequence>
+            </xs:extension>
+        </xs:complexContent>
+    </xs:complexType>
+</xs:schema>
\ No newline at end of file
diff --git a/stix_validator/schema/extensions/test_mechanism/oval_5.10.xsd b/stix_validator/schema/extensions/test_mechanism/oval_5.10.xsd
new file mode 100755
index 0000000..4a29e33
--- /dev/null
+++ b/stix_validator/schema/extensions/test_mechanism/oval_5.10.xsd
@@ -0,0 +1,37 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<xs:schema xmlns:xs="http://www.w3.org/2001/XMLSchema" xmlns:indicator="http://stix.mitre.org/Indicator-2" xmlns:oval-def="http://oval.mitre.org/XMLSchema/oval-definitions-5" xmlns:oval-var="http://oval.mitre.org/XMLSchema/oval-variables-5" xmlns="http://stix.mitre.org/extensions/TestMechanism#OVAL5.10-1" targetNamespace="http://stix.mitre.org/extensions/TestMechanism#OVAL5.10-1" elementFormDefault="qualified" attributeFormDefault="unqualified" version="1.0" xml:lang="English">
+    <xs:annotation>
+        <xs:documentation>This schema was originally developed by The MITRE Corporation. The STIX XML Schema implementation is maintained by The MITRE Corporation and developed by the open STIX Community. For more information, including how to get involved in the effort and how to submit change requests, please visit the STIX website at http://stix.mitre.org.</xs:documentation>
+        <xs:appinfo>
+            <schema>STIX Extension - OVAL Test Mechanism Instance</schema>
+            <version>1.0</version>
+            <date>04/08/2013 9:00:00 AM</date>
+            <short_description>Structured Threat Information eXpression (STIX) Extension - OVAL Test Mechanism Instance - Schematic implementation for the using OVAL to describe a Test Machanism within the STIX structured cyber threat expression language architecture.</short_description>
+            <terms_of_use>Copyright (c) 2012-2013, The MITRE Corporation. All rights reserved. The contents of this file are subject to the terms of the STIX License located at http://stix.mitre.org/about/termsofuse.html. See the STIX License for the specific language governing permissions and limitations for use of this schema. When distributing copies of the STIX Schema, this license header must be included. </terms_of_use>
+        </xs:appinfo>
+    </xs:annotation>
+    <xs:import namespace="http://stix.mitre.org/Indicator-2" schemaLocation="../../indicator.xsd"/>
+    <xs:import namespace="http://oval.mitre.org/XMLSchema/oval-definitions-5" schemaLocation="../../external/oval_5.10/oval-definitions-schema.xsd"/>
+    <xs:import namespace="http://oval.mitre.org/XMLSchema/oval-variables-5" schemaLocation="../../external/oval_5.10/oval-variables-schema.xsd"/>
+    <xs:complexType name="OVAL5.10TestMechanismType">
+        <xs:annotation>
+            <xs:documentation>The OVALTestMechanismType provides an extension to the TestMechanismType which imports and leverages the OVAL schema in order to include OVAL Definitions as the test mechanism.</xs:documentation>
+        </xs:annotation>
+        <xs:complexContent>
+            <xs:extension base="indicator:TestMechanismType">
+                <xs:sequence>
+                    <xs:element ref="oval-def:oval_definitions">
+                        <xs:annotation>
+                            <xs:documentation>The oval_definitions field contains the structured specification of the OVAL test mechanism. When including OVAL Definition documents it is expected that at least one valid OVAL Definition Definition is included.</xs:documentation>
+                        </xs:annotation>
+                    </xs:element>
+                    <xs:element ref="oval-var:oval_variables" minOccurs="0">
+                        <xs:annotation>
+                            <xs:documentation>The oval_variables field contains a valid OVAL Variables document and should only be used to supply external variable values needed by this OVAL Test Mechanism's OVAL Definitions.</xs:documentation>
+                        </xs:annotation>
+                    </xs:element>
+                </xs:sequence>
+            </xs:extension>
+        </xs:complexContent>
+    </xs:complexType>
+</xs:schema>
\ No newline at end of file
diff --git a/stix_validator/schema/extensions/test_mechanism/snort.xsd b/stix_validator/schema/extensions/test_mechanism/snort.xsd
new file mode 100755
index 0000000..8039763
--- /dev/null
+++ b/stix_validator/schema/extensions/test_mechanism/snort.xsd
@@ -0,0 +1,36 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<xs:schema xmlns:xs="http://www.w3.org/2001/XMLSchema" xmlns:stixCommon="http://stix.mitre.org/common-1" xmlns:indicator="http://stix.mitre.org/Indicator-2" xmlns="http://stix.mitre.org/extensions/TestMechanism#Snort-1" xmlns:snortTM="http://stix.mitre.org/extensions/TestMechanism#Snort-1" targetNamespace="http://stix.mitre.org/extensions/TestMechanism#Snort-1" elementFormDefault="qualified" attributeFormDefault="unqualified" version="1.0" xml:lang="English">
+    <xs:annotation>
+        <xs:documentation>This schema was originally developed by The MITRE Corporation. The STIX XML Schema implementation is maintained by The MITRE Corporation and developed by the open STIX Community. For more information, including how to get involved in the effort and how to submit change requests, please visit the STIX website at http://stix.mitre.org.</xs:documentation>
+        <xs:appinfo>
+            <schema>STIX Extension - Snort Test Mechanism Instance</schema>
+            <version>1.0</version>
+            <date>03/21/2013 9:00:00 AM</date>
+            <short_description>Structured Threat Information eXpression (STIX) Extension - Snort Test Mechanism Instance - Schematic implementation for the using a Snort rule as a Test Machanism within the STIX structured cyber threat expression language architecture.</short_description>
+            <terms_of_use>Copyright (c) 2012-2013, The MITRE Corporation. All rights reserved. The contents of this file are subject to the terms of the STIX License located at http://stix.mitre.org/about/termsofuse.html. See the STIX License for the specific language governing permissions and limitations for use of this schema. When distributing copies of the STIX Schema, this license header must be included. </terms_of_use>
+        </xs:appinfo>
+    </xs:annotation>
+    <xs:import namespace="http://stix.mitre.org/Indicator-2" schemaLocation="../../indicator.xsd"/>
+    <xs:import namespace="http://stix.mitre.org/common-1" schemaLocation="../../stix_common.xsd"/>
+    <xs:complexType name="SnortTestMechanismType">
+        <xs:annotation>
+            <xs:documentation>The SnortTestMechanismType specifies an instantial extension from the abstract TestMechanismType intended to support the inclusion of a Snort rule as a test mechanism content.</xs:documentation>
+        </xs:annotation>
+        <xs:complexContent>
+            <xs:extension base="indicator:TestMechanismType">
+                <xs:sequence>
+                    <xs:element name="Version" type="xs:string" minOccurs="0">
+                        <xs:annotation>
+                            <xs:documentation>The Version of Snort that the rule was written against.</xs:documentation>
+                        </xs:annotation>
+                    </xs:element>
+                    <xs:element name="Rule" type="stixCommon:EncodedCDATAType" minOccurs="0">
+                        <xs:annotation>
+                            <xs:documentation>The Rule field encapsulates a Snort rule in its native format within a String field. The specification should be within a CDATA construct within the String field.</xs:documentation>
+                        </xs:annotation>
+                    </xs:element>
+                </xs:sequence>
+            </xs:extension>
+        </xs:complexContent>
+    </xs:complexType>
+</xs:schema>
\ No newline at end of file
diff --git a/stix_validator/schema/extensions/test_mechanism/yara.xsd b/stix_validator/schema/extensions/test_mechanism/yara.xsd
new file mode 100755
index 0000000..223ee89
--- /dev/null
+++ b/stix_validator/schema/extensions/test_mechanism/yara.xsd
@@ -0,0 +1,36 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<xs:schema xmlns:xs="http://www.w3.org/2001/XMLSchema" xmlns:indicator="http://stix.mitre.org/Indicator-2" xmlns="http://stix.mitre.org/extensions/TestMechanism#YARA-1" xmlns:stixCommon="http://stix.mitre.org/common-1" xmlns:yaraTM="http://stix.mitre.org/extensions/TestMechanism#YARA-1" targetNamespace="http://stix.mitre.org/extensions/TestMechanism#YARA-1" elementFormDefault="qualified" attributeFormDefault="unqualified" version="1.0" xml:lang="English">
+    <xs:annotation>
+        <xs:documentation>This schema was originally developed by The MITRE Corporation. The STIX XML Schema implementation is maintained by The MITRE Corporation and developed by the open STIX Community. For more information, including how to get involved in the effort and how to submit change requests, please visit the STIX website at http://stix.mitre.org.</xs:documentation>
+        <xs:appinfo>
+            <schema>STIX Extension - YARA Test Mechanism Instance</schema>
+            <version>1.0</version>
+            <date>04/08/2013 9:00:00 AM</date>
+            <short_description>Structured Threat Information eXpression (STIX) Extension - YARA Test Mechanism Instance - Schematic implementation for the using a YARA rule as a Test Machanism within the STIX structured cyber threat expression language architecture.</short_description>
+            <terms_of_use>Copyright (c) 2012-2013, The MITRE Corporation. All rights reserved. The contents of this file are subject to the terms of the STIX License located at http://stix.mitre.org/about/termsofuse.html. See the STIX License for the specific language governing permissions and limitations for use of this schema. When distributing copies of the STIX Schema, this license header must be included. </terms_of_use>
+        </xs:appinfo>
+    </xs:annotation>
+    <xs:import namespace="http://stix.mitre.org/Indicator-2" schemaLocation="../../indicator.xsd"/>
+    <xs:import namespace="http://stix.mitre.org/common-1" schemaLocation="../../stix_common.xsd"/>
+    <xs:complexType name="YaraTestMechanismType">
+        <xs:annotation>
+            <xs:documentation>The YaraTestMechanismType specifies an instantial extension from the abstract TestMechanismType intended to support the inclusion of a YARA rule as a test mechanism content.</xs:documentation>
+        </xs:annotation>
+        <xs:complexContent>
+            <xs:extension base="indicator:TestMechanismType">
+                <xs:sequence>
+                    <xs:element name="Version" type="xs:string" minOccurs="0">
+                        <xs:annotation>
+                            <xs:documentation>The Version of YARA that the rule was written against.</xs:documentation>
+                        </xs:annotation>
+                    </xs:element>
+                    <xs:element name="Rule" type="stixCommon:EncodedCDATAType" minOccurs="0">
+                        <xs:annotation>
+                            <xs:documentation>The Rule field encapsulates a YARA rule in its native format within a String field. The specification should be within a CDATA construct within the String field.</xs:documentation>
+                        </xs:annotation>
+                    </xs:element>
+                </xs:sequence>
+            </xs:extension>
+        </xs:complexContent>
+    </xs:complexType>
+</xs:schema>
\ No newline at end of file
diff --git a/stix_validator/schema/extensions/vulnerability/cvrf_1.1.xsd b/stix_validator/schema/extensions/vulnerability/cvrf_1.1.xsd
new file mode 100755
index 0000000..f9f6d89
--- /dev/null
+++ b/stix_validator/schema/extensions/vulnerability/cvrf_1.1.xsd
@@ -0,0 +1,33 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<xs:schema xmlns:xs="http://www.w3.org/2001/XMLSchema" elementFormDefault="qualified" targetNamespace="http://stix.mitre.org/extensions/Vulnerability#CVRF-1" xmlns="http://stix.mitre.org/extensions/Vulnerability#CVRF-1" xmlns:cvrf="http://www.icasi.org/CVRF/schema/cvrf/1.1" xmlns:et="http://stix.mitre.org/ExploitTarget-1" version="1.0" xml:lang="English">
+    <xs:annotation>
+        <xs:documentation>This schema was originally developed by The MITRE Corporation. The STIX XML Schema implementation is maintained by The MITRE Corporation and developed by the open STIX Community. For more information, including how to get involved in the effort and how to submit change requests, please visit the STIX website at http://stix.mitre.org. </xs:documentation>
+        <xs:appinfo>
+            <schema>STIX Extension - CVRF 1.1 Vulnerability Instance</schema>
+            <version>1.0</version>
+            <date>04/08/2013 9:00:00 AM</date>
+            <short_description>Structured Threat Information eXpression (STIX) Extension - CVRF 1.1 Vulnerability Instance - Schematic implementation for the using version 1.1 of CVRF to describe an Vulneability within the STIX structured cyber threat expression language architecture.</short_description>
+            <terms_of_use>Copyright (c) 2012-2013, The MITRE Corporation. All rights reserved. The contents of this file are subject to the terms of the STIX License located at http://stix.mitre.org/about/termsofuse.html. See the STIX License for the specific language governing permissions and limitations for use of this schema. When distributing copies of the STIX Schema, this license header must be included. </terms_of_use>
+        </xs:appinfo>
+    </xs:annotation>
+    <xs:import namespace="http://www.icasi.org/CVRF/schema/cvrf/1.1" schemaLocation="../../external/cvrf_1.1/cvrf.xsd"/>
+    <xs:import namespace="http://stix.mitre.org/ExploitTarget-1" schemaLocation="../../exploit_target.xsd"/>
+    <xs:complexType name="CVRF1.1InstanceType">
+        <xs:annotation>
+            <xs:documentation>
+                The CVRF1.1InstanceType provides an extension to the VulnerabilityType which imports and leverages the CVRF schema for structured characterization of Vulnerabilities. This could include characterization of 0-days or other vulnerabilities that do not have a CVE or OSVDB ID.
+            </xs:documentation>
+        </xs:annotation>
+        <xs:complexContent>
+            <xs:extension base="et:VulnerabilityType">
+                <xs:sequence>
+                    <xs:element ref="cvrf:cvrfdoc">
+                        <xs:annotation>
+                            <xs:documentation>The CVRF field contains the structured characterization of Vulnerabilities utilizing the CVRF schema.</xs:documentation>
+                        </xs:annotation>
+                    </xs:element>
+                </xs:sequence>
+            </xs:extension>
+        </xs:complexContent>
+    </xs:complexType>
+</xs:schema>
diff --git a/stix_validator/schema/extensions/vulnerability/readme.txt b/stix_validator/schema/extensions/vulnerability/readme.txt
new file mode 100755
index 0000000..29e7132
--- /dev/null
+++ b/stix_validator/schema/extensions/vulnerability/readme.txt
@@ -0,0 +1 @@
+The default type for representing vulnerabilities in STIX is CVRF1.1InstanceType in cvrf1.1.xsd
\ No newline at end of file
diff --git a/stix_validator/schema/external/capec_2.5/ap_schema_v2.5.xsd b/stix_validator/schema/external/capec_2.5/ap_schema_v2.5.xsd
new file mode 100755
index 0000000..fb0c284
--- /dev/null
+++ b/stix_validator/schema/external/capec_2.5/ap_schema_v2.5.xsd
@@ -0,0 +1,2671 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<xs:schema xmlns:xs="http://www.w3.org/2001/XMLSchema" xmlns:capec="http://capec.mitre.org/capec-2" xmlns:cybox="http://cybox.mitre.org/cybox-2" targetNamespace="http://capec.mitre.org/capec-2" elementFormDefault="qualified" attributeFormDefault="unqualified" version="2.5">
+	<xs:import namespace="http://cybox.mitre.org/cybox-2" schemaLocation="../../cybox/cybox_core.xsd"/>
+	<xs:element name="Attack_Pattern_Catalog">
+		<xs:annotation>
+			<xs:documentation>This is the enumerated catalog of common attack patterns.</xs:documentation>
+		</xs:annotation>
+		<xs:complexType>
+			<xs:sequence>
+				<xs:element name="Views" minOccurs="0">
+					<xs:complexType>
+						<xs:sequence>
+							<xs:element ref="capec:View" maxOccurs="unbounded"/>
+						</xs:sequence>
+					</xs:complexType>
+				</xs:element>
+				<xs:element name="Categories" minOccurs="0">
+					<xs:complexType>
+						<xs:sequence>
+							<xs:element ref="capec:Category" maxOccurs="unbounded">
+								<xs:annotation>
+									<xs:documentation>A category is a collection of attack patterns sharing a common attribute. The shared attribute may any number of things.</xs:documentation>
+								</xs:annotation>
+							</xs:element>
+						</xs:sequence>
+					</xs:complexType>
+				</xs:element>
+				<xs:element name="Attack_Patterns" minOccurs="0">
+					<xs:complexType>
+						<xs:sequence>
+							<xs:element ref="capec:Attack_Pattern" maxOccurs="unbounded"/>
+						</xs:sequence>
+					</xs:complexType>
+				</xs:element>
+				<xs:element name="Compound_Elements" minOccurs="0">
+					<xs:complexType>
+						<xs:sequence>
+							<xs:element ref="capec:Compound_Element">
+								<xs:annotation>
+									<xs:documentation> The Compound_Element structure represents a meaningful aggregation of several attack patterns. </xs:documentation>
+								</xs:annotation>
+							</xs:element>
+						</xs:sequence>
+					</xs:complexType>
+				</xs:element>
+				<xs:element name="Common_Attack_Steps" minOccurs="0">
+					<xs:complexType>
+						<xs:sequence>
+							<xs:element name="Common_Attack_Step" maxOccurs="unbounded">
+								<xs:complexType>
+									<xs:complexContent>
+										<xs:extension base="capec:Custom_Attack_StepType">
+											<xs:attribute name="ID" type="xs:integer" use="required"/>
+										</xs:extension>
+									</xs:complexContent>
+								</xs:complexType>
+							</xs:element>
+						</xs:sequence>
+					</xs:complexType>
+				</xs:element>
+				<xs:element name="Common_Attack_Surfaces" minOccurs="0">
+					<xs:complexType>
+						<xs:sequence>
+							<xs:element name="Common_Attack_Surface" maxOccurs="unbounded">
+								<xs:complexType>
+									<xs:complexContent>
+										<xs:extension base="capec:Target_Attack_Surface_DescriptionType">
+											<xs:attribute name="ID" type="xs:integer" use="required"/>
+										</xs:extension>
+									</xs:complexContent>
+								</xs:complexType>
+							</xs:element>
+						</xs:sequence>
+					</xs:complexType>
+				</xs:element>
+				<xs:element name="Environments" minOccurs="0">
+					<xs:complexType>
+						<xs:sequence>
+							<xs:element ref="capec:Environment" maxOccurs="unbounded"/>
+						</xs:sequence>
+					</xs:complexType>
+				</xs:element>
+			</xs:sequence>
+			<xs:attribute name="Catalog_Name" type="xs:string" use="required"/>
+			<xs:attribute name="Catalog_Version" type="xs:string" use="required"/>
+			<xs:attribute name="Catalog_Date" type="xs:date"/>
+		</xs:complexType>
+	</xs:element>
+	<xs:element name="View">
+		<xs:annotation>
+			<xs:documentation> Each View element represents a perspective with which one might look at the attack patterns in CAPEC. </xs:documentation>
+		</xs:annotation>
+		<xs:complexType>
+			<xs:group ref="capec:View_Attributes">
+				<xs:annotation>
+					<xs:documentation> The View_Attributes structure is a collection of common elements which might be shared by all Views. </xs:documentation>
+				</xs:annotation>
+			</xs:group>
+			<xs:attribute name="ID" type="xs:integer" use="required">
+				<xs:annotation>
+					<xs:documentation> The ID attribute provides a unique identifier for the entry.			It will be static for the lifetime of the entry. In the event that this entry becomes deprecated, the ID will not be reused and a pointer will be left in this entry to the replacement. This is required for all Views.</xs:documentation>
+				</xs:annotation>
+			</xs:attribute>
+			<xs:attribute name="Name" type="xs:string" use="required">
+				<xs:annotation>
+					<xs:documentation> The Name is a descriptive attribute used to give the reader an idea of what perspective this view represents. All words in the name should be capitalized except for articles and prepositions unless they begin or end the name. Subsequent words in a hyphenated chain are also not capitalized. This is required for all Views. </xs:documentation>
+				</xs:annotation>
+			</xs:attribute>
+			<xs:attribute name="Status" type="capec:Status_Type" use="required">
+				<xs:annotation>
+					<xs:documentation> The Status attribute defines the status level for this view.
+					</xs:documentation>
+				</xs:annotation>
+			</xs:attribute>
+		</xs:complexType>
+	</xs:element>
+	<xs:element name="Category">
+		<xs:complexType>
+			<xs:sequence>
+				<xs:element name="Description">
+					<xs:annotation>
+						<xs:documentation> This field provides a description of this Category. Its primary subelement is Description_Summary which is intended to serve as a minimalistic description which provides the information necessary to understand the primary focus of this entry. Additionally, it has the subelement Extended_Description which is optional and is used to provide further information pertaining to this attack pattern. </xs:documentation>
+					</xs:annotation>
+					<xs:complexType>
+						<xs:sequence>
+							<xs:element name="Description_Summary" type="xs:string">
+								<xs:annotation>
+									<xs:documentation> This description should be short and should limit itself to describing the key points that define this entry. Further explanation can be included in the extended description element. This is required for all entries. </xs:documentation>
+								</xs:annotation>
+							</xs:element>
+							<xs:element name="Extended_Description" type="capec:Structured_Text_Type" minOccurs="0">
+								<xs:annotation>
+									<xs:documentation> This element provides a place for details important to the description of this entry to be included that are not necessary to convey the fundamental concept behind the entry. This is not required for all entries and should only be included where appropriate. </xs:documentation>
+								</xs:annotation>
+							</xs:element>
+						</xs:sequence>
+					</xs:complexType>
+				</xs:element>
+				<xs:element name="Related_Weaknesses" minOccurs="0">
+					<xs:annotation>
+						<xs:documentation>Which specific weaknesses does this attack target and leverage? Specific weaknesses (underlying issues that may cause vulnerabilities) reference the industry-standard Common Weakness Enumeration (CWE). This list should include not only those weaknesses that are directly targeted by the attack but also those whose presence can directly increase the likelihood of the attack succeeding or the impact if it does succeed.</xs:documentation>
+					</xs:annotation>
+					<xs:complexType>
+						<xs:sequence>
+							<xs:element name="Related_Weakness" maxOccurs="unbounded">
+								<xs:annotation>
+									<xs:documentation>This field describes an individual related weakness.</xs:documentation>
+								</xs:annotation>
+								<xs:complexType>
+									<xs:sequence>
+										<xs:element name="CWE_ID" type="xs:integer">
+											<xs:annotation>
+												<xs:documentation>The CWE_ID is a field that exists for all weaknesses enumerated in the Common Weakness Enumeration (CWE). It is a unique value that allows each weakness to be unambiguously identified. The CWE_ID field for the attack pattern contains the value of the CWE_ID for the specific related weakness. </xs:documentation>
+											</xs:annotation>
+										</xs:element>
+										<xs:element name="Weakness_Relationship_Type">
+											<xs:annotation>
+												<xs:documentation>This field describes the nature of the relationship between this weakness and the attack pattern. Weaknesses that are specifically targeted by the attack are of type "Targeted". Weaknesses which are not specifically targeted but whose presence may increase the likelihood of the attack succeeding or the impact of the attack if it does succeed are of type "Secondary".</xs:documentation>
+											</xs:annotation>
+											<xs:simpleType>
+												<xs:restriction base="xs:string">
+													<xs:enumeration value="Targeted"/>
+													<xs:enumeration value="Secondary"/>
+												</xs:restriction>
+											</xs:simpleType>
+										</xs:element>
+									</xs:sequence>
+								</xs:complexType>
+							</xs:element>
+						</xs:sequence>
+					</xs:complexType>
+				</xs:element>
+				<xs:element name="Attack_Prerequisites" minOccurs="0">
+					<xs:annotation>
+						<xs:documentation>This field describes the conditions that must exist or the functionality and characteristics that the target software must have or behavior it must exhibit for an attack of this type to succeed.</xs:documentation>
+					</xs:annotation>
+					<xs:complexType>
+						<xs:sequence>
+							<xs:element name="Attack_Prerequisite" type="capec:Structured_Text_Type" maxOccurs="unbounded">
+								<xs:annotation>
+									<xs:documentation>This field describes an individual attack prerequisite.</xs:documentation>
+								</xs:annotation>
+							</xs:element>
+						</xs:sequence>
+					</xs:complexType>
+				</xs:element>
+				<xs:element name="Methods_of_Attack" minOccurs="0">
+					<xs:annotation>
+						<xs:documentation>This field describes the mechanism of attack used by this pattern. This field can help define the applicable attack surface required for this attack.</xs:documentation>
+					</xs:annotation>
+					<xs:complexType>
+						<xs:sequence>
+							<xs:element name="Method_of_Attack" minOccurs="0" maxOccurs="unbounded">
+								<xs:annotation>
+									<xs:documentation>This field describes the mechanism of attack used by this pattern. In order to assist in normalization and classification, this field involves a selection from an enumerated list of defined vectors which is currently incomplete and will grow as new relevant vectors are identified. This field can help define the applicable attack surface required for this attack.</xs:documentation>
+								</xs:annotation>
+								<xs:simpleType>
+									<xs:restriction base="xs:string">
+										<xs:enumeration value="Injection"/>
+										<xs:enumeration value="Modification of Resources"/>
+										<xs:enumeration value="Protocol Manipulation"/>
+										<xs:enumeration value="Analysis"/>
+										<xs:enumeration value="API Abuse"/>
+										<xs:enumeration value="Brute Force"/>
+										<xs:enumeration value="Flooding"/>
+										<xs:enumeration value="Time and State"/>
+										<xs:enumeration value="Spoofing"/>
+										<xs:enumeration value="Social Engineering"/>
+									</xs:restriction>
+								</xs:simpleType>
+							</xs:element>
+						</xs:sequence>
+					</xs:complexType>
+				</xs:element>
+				<xs:element name="Attacker_Skills_or_Knowledge_Required" minOccurs="0">
+					<xs:annotation>
+						<xs:documentation>This field describes the level of skills or specific knowledge required by an attacker to execute this type of attack. </xs:documentation>
+					</xs:annotation>
+					<xs:complexType>
+						<xs:sequence>
+							<xs:element name="Attacker_Skill_or_Knowledge_Required" maxOccurs="unbounded">
+								<xs:annotation>
+									<xs:documentation>This field describes the level of skill or specific knowledge required by an attacker to execute this type of attack. </xs:documentation>
+								</xs:annotation>
+								<xs:complexType>
+									<xs:sequence>
+										<xs:element name="Skill_or_Knowledge_Level" minOccurs="0">
+											<xs:annotation>
+												<xs:documentation>This should be communicated on a rough scale (Low, Medium, High).
+For example:
+• Low - Basic computer familiarity
+• Low - Basic SQL knowledge
+• Medium - Moderate scripting and shell experience and ability to disassemble and decompile
+• High - Expert knowledge of LINUX kernel
+• High - Detailed knowledge of target software development practices and business context (former employee)
+• Etc.
+</xs:documentation>
+											</xs:annotation>
+											<xs:simpleType>
+												<xs:restriction base="xs:string">
+													<xs:enumeration value="Low"/>
+													<xs:enumeration value="Medium"/>
+													<xs:enumeration value="High"/>
+												</xs:restriction>
+											</xs:simpleType>
+										</xs:element>
+										<xs:element name="Skill_or_Knowledge_Type" type="capec:Structured_Text_Type" minOccurs="0">
+											<xs:annotation>
+												<xs:documentation>This field provides contextual detail for the skill or knowledge level.</xs:documentation>
+											</xs:annotation>
+										</xs:element>
+									</xs:sequence>
+								</xs:complexType>
+							</xs:element>
+						</xs:sequence>
+					</xs:complexType>
+				</xs:element>
+				<xs:element name="Resources_Required" type="capec:Structured_Text_Type" minOccurs="0">
+					<xs:annotation>
+						<xs:documentation>This field describes the resources (CPU cycles, IP addresses, tools, etc.) required by an attacker to effectively execute this type of attack.</xs:documentation>
+					</xs:annotation>
+				</xs:element>
+				<xs:element name="Attack_Motivation-Consequences" minOccurs="0">
+					<xs:annotation>
+						<xs:documentation>What is the attacker trying to achieve by using this attack? This is not the end business/mission goal of the attack within the target context but rather the specific technical result desired that could be leveraged to achieve the end business/mission objective. This information is useful for aligning attack patterns to threat models and for determining which attack patterns are relevant for a given context.</xs:documentation>
+					</xs:annotation>
+					<xs:complexType>
+						<xs:sequence>
+							<xs:element name="Attack_Motivation-Consequence" type="capec:Common_ConsequenceType" maxOccurs="unbounded">
+								<xs:annotation>
+									<xs:documentation>What is the attacker trying to achieve by using this attack? This is not the end business/mission goal of the attack within the target context but rather the specific technical result desired that could be leveraged to achieve the end business/mission objective. In order to assist in normalization and classification, this field involves a selection from an enumerated list of defined motivations/consequences which is currently incomplete and will grow as new relevant possibilities are identified. This information is useful for aligning attack patterns to threat models and for determining which attack patterns are relevant for a given context.</xs:documentation>
+								</xs:annotation>
+							</xs:element>
+						</xs:sequence>
+					</xs:complexType>
+				</xs:element>
+				<xs:element ref="capec:Relationships" minOccurs="0">
+					<xs:annotation>
+						<xs:documentation> The Relationships structure contains one or more Relationship elements, each of which identifies an association between this structure, whether it is an Attack Pattern, Category, or Compound_Element and another structure.
+			</xs:documentation>
+					</xs:annotation>
+				</xs:element>
+				<xs:element ref="capec:Relationship_Notes" minOccurs="0">
+					<xs:annotation>
+						<xs:documentation> This structure houses one or more Relationship_Note elements, which each contain details regarding the relationships between CAPEC entries. </xs:documentation>
+					</xs:annotation>
+				</xs:element>
+				<xs:element ref="capec:Maintenance_Notes" minOccurs="0">
+					<xs:annotation>
+						<xs:documentation> This element contains one or more Maintenance_Note elements which each contain significant maintenance tasks within this entry that still need to be addressed, such as clarifying the concepts involved or improving relationships. It should be filled out in any entry that is still undergoing significant review by the
+CAPEC team.</xs:documentation>
+					</xs:annotation>
+				</xs:element>
+				<xs:element name="Background_Details" minOccurs="0">
+					<xs:annotation>
+						<xs:documentation> This structure contains one or more Background_Detail elements, each of which holds information regarding the entry or any technologies that are related to it, where the background information is not related to the nature of the entry itself. It should be filled out where appropriate. </xs:documentation>
+					</xs:annotation>
+					<xs:complexType>
+						<xs:sequence>
+							<xs:element name="Background_Detail" type="capec:Structured_Text_Type" maxOccurs="unbounded">
+								<xs:annotation>
+									<xs:documentation> This element contains background information regarding the entry or any technologies that are related to it, where the background information is not related to the nature of the category itself. It should be filled out where appropriate.
+								</xs:documentation>
+								</xs:annotation>
+							</xs:element>
+						</xs:sequence>
+					</xs:complexType>
+				</xs:element>
+				<xs:element ref="capec:Other_Notes" minOccurs="0">
+					<xs:annotation>
+						<xs:documentation> This element contains one or more Note elements, each of which provide any additional notes or comments that cannot be captured using other elements. New elements might be defined in the future to contain this information. It should be filled out where needed. </xs:documentation>
+					</xs:annotation>
+				</xs:element>
+				<xs:element ref="capec:Alternate_Terms" minOccurs="0">
+					<xs:annotation>
+						<xs:documentation> This element contains one or more Alternate_Term elements, each of which contains other names used to describe this attack pattern. </xs:documentation>
+					</xs:annotation>
+				</xs:element>
+				<xs:element ref="capec:Research_Gaps" minOccurs="0">
+					<xs:annotation>
+						<xs:documentation> This structure contains one or more Research gap elements, each of 	which identifies potential opportunities for the vulnerability research community to conduct further exploration of issues related to this attack pattern. It is intended to highlight parts of CAPEC that have not received sufficient attention from researchers.
+This should be filled out where appropriate for attack patterns and categories.</xs:documentation>
+					</xs:annotation>
+				</xs:element>
+				<xs:element name="References" type="capec:Reference_List_Type" minOccurs="0">
+					<xs:annotation>
+						<xs:documentation> The References element contains one or more Reference elements, each of which provide further reading and insight into this
+attack pattern. </xs:documentation>
+					</xs:annotation>
+				</xs:element>
+				<xs:element ref="capec:Content_History" minOccurs="0">
+					<xs:annotation>
+						<xs:documentation> This element is used to keep track of the author of the attack pattern entry and anyone who has made modifications to the content. This provides a means of 	contacting the authors and modifiers for clarifying ambiguities, merging overlapping contributions, etc. This should be filled out for all entries. </xs:documentation>
+					</xs:annotation>
+				</xs:element>
+			</xs:sequence>
+			<xs:attribute name="ID" type="xs:integer" use="required">
+				<xs:annotation>
+					<xs:documentation> This attribute provides a unique identifier for the entry. It will be static for the lifetime of the entry. In the event that this entry becomes deprecated, the ID will not be reused and a pointer will be left in this entry to the replacement. This is required for all Categories.</xs:documentation>
+				</xs:annotation>
+			</xs:attribute>
+			<xs:attribute name="Name" type="xs:string" use="required">
+				<xs:annotation>
+					<xs:documentation> The Name is a descriptive name used to give the reader an idea of what the commonality is amongst the children of this category. All
+ words in the name should be capitalized except for articles and prepositions unless they begin or end the name. Subsequent words in a hyphenated chain are also not capitalized. This is required for all Categories.</xs:documentation>
+				</xs:annotation>
+			</xs:attribute>
+			<xs:attribute name="Status" type="capec:Status_Type" use="required">
+				<xs:annotation>
+					<xs:documentation> The Status attribute defines the status level for this category. </xs:documentation>
+				</xs:annotation>
+			</xs:attribute>
+		</xs:complexType>
+	</xs:element>
+	<xs:element name="Attack_Pattern" type="capec:Attack_PatternType">
+		<xs:annotation>
+			<xs:documentation>This element is an individual attack pattern.</xs:documentation>
+		</xs:annotation>
+	</xs:element>
+	<xs:element name="Compound_Element">
+		<xs:complexType>
+			<xs:sequence>
+				<xs:element name="Description">
+					<xs:annotation>
+						<xs:documentation> This field provides a description of this Structure, whether it is an Attack Pattern, Category or Compound Element. Its primary subelement is Description_Summary which is intended to serve as a minimalistic description which provides the information necessary to understand the primary focus of this entry. Additionally, it has the subelement Extended_Description which is optional and is used to provide further information pertaining to this attack pattern. </xs:documentation>
+					</xs:annotation>
+					<xs:complexType>
+						<xs:sequence>
+							<xs:element name="Description_Summary" type="xs:string">
+								<xs:annotation>
+									<xs:documentation> This description should be short and should limit itself to describing the key points that define this entry. Further explanation can be included in the extended description element. This is required for all entries. </xs:documentation>
+								</xs:annotation>
+							</xs:element>
+							<xs:element name="Extended_Description" type="capec:Structured_Text_Type" minOccurs="0">
+								<xs:annotation>
+									<xs:documentation> This element provides a place for details important to the description of this entry to be included that are not necessary to convey the fundamental concept behind the entry. This is not required for all entries and should only be included where appropriate. </xs:documentation>
+								</xs:annotation>
+							</xs:element>
+						</xs:sequence>
+					</xs:complexType>
+				</xs:element>
+				<xs:element ref="capec:Relationships" minOccurs="0">
+					<xs:annotation>
+						<xs:documentation> The Relationships structure contains one or more Relationship elements, each of which identifies an association between this structure, whether it is an Attack Pattern, Category, or Compound_Element and another structure.
+			</xs:documentation>
+					</xs:annotation>
+				</xs:element>
+				<xs:element ref="capec:Relationship_Notes" minOccurs="0">
+					<xs:annotation>
+						<xs:documentation> This structure houses one or more Relationship_Note elements, which each contain details regarding the relationships between CAPEC entries. </xs:documentation>
+					</xs:annotation>
+				</xs:element>
+				<xs:element ref="capec:Maintenance_Notes" minOccurs="0">
+					<xs:annotation>
+						<xs:documentation> This element contains one or more Maintenance_Note elements which each contain significant maintenance tasks within this entry that still need to be addressed, such as clarifying the concepts involved or improving relationships. It should be filled out in any entry that is still undergoing significant review by the
+CAPEC team.</xs:documentation>
+					</xs:annotation>
+				</xs:element>
+				<xs:element name="Background_Details" minOccurs="0">
+					<xs:annotation>
+						<xs:documentation> This structure contains one or more Background_Detail elements, each of which holds information regarding the entry or any technologies that are related to it, where the background information is not related to the nature of the entry itself. It should be filled out where appropriate. </xs:documentation>
+					</xs:annotation>
+					<xs:complexType>
+						<xs:sequence>
+							<xs:element name="Background_Detail" type="capec:Structured_Text_Type" maxOccurs="unbounded">
+								<xs:annotation>
+									<xs:documentation> This element contains background information regarding the entry or any technologies that are related to it, where the background information is not related to the nature of the attack pattern itself. It should be filled out where appropriate.
+								</xs:documentation>
+								</xs:annotation>
+							</xs:element>
+						</xs:sequence>
+					</xs:complexType>
+				</xs:element>
+				<xs:element ref="capec:Other_Notes" minOccurs="0">
+					<xs:annotation>
+						<xs:documentation> This element contains one or more Note elements, each of which provide any additional notes or comments that cannot be captured using other elements. New elements might be defined in the future to contain this information. It should be filled out where needed. </xs:documentation>
+					</xs:annotation>
+				</xs:element>
+				<xs:element ref="capec:Alternate_Terms" minOccurs="0">
+					<xs:annotation>
+						<xs:documentation> This element contains one or more Alternate_Term elements, each of which contains other names used to describe this attack pattern. </xs:documentation>
+					</xs:annotation>
+				</xs:element>
+				<xs:element ref="capec:Research_Gaps" minOccurs="0">
+					<xs:annotation>
+						<xs:documentation> This structure contains one or more Research gap elements, each of 	which identifies potential opportunities for the vulnerability research community to conduct further exploration of issues related to this attack pattern. It is intended to highlight parts of CAPEC that have not received sufficient attention from researchers.
+This should be filled out where appropriate for attack patterns and categories.</xs:documentation>
+					</xs:annotation>
+				</xs:element>
+				<xs:element name="References" type="capec:Reference_List_Type" minOccurs="0">
+					<xs:annotation>
+						<xs:documentation> The References element contains one or more Reference elements, each of which provide further reading and insight into this
+attack pattern. </xs:documentation>
+					</xs:annotation>
+				</xs:element>
+				<xs:element ref="capec:Content_History" minOccurs="0">
+					<xs:annotation>
+						<xs:documentation> This element is used to keep track of the author of the attack pattern entry and anyone who has made modifications to the content. This provides a means of 	contacting the authors and modifiers for clarifying ambiguities, merging overlapping contributions, etc. This should be filled out for all entries. </xs:documentation>
+					</xs:annotation>
+				</xs:element>
+			</xs:sequence>
+			<xs:attribute name="ID" type="xs:integer" use="required">
+				<xs:annotation>
+					<xs:documentation> This attribute provides a unique identifier for the entry. It will be static for the lifetime of the entry. In the event that this entry becomes deprecated, the ID will not be reused and a pointer will be left in this entry to the replacement. This is required for all Compound_Elements.</xs:documentation>
+				</xs:annotation>
+			</xs:attribute>
+			<xs:attribute name="Name" type="xs:string" use="required">
+				<xs:annotation>
+					<xs:documentation> The Name is a descriptive name used to give the reader an idea of the meaning behind the compound attack pattern structure. All words in the name should be capitalized except for articles and prepositions unless they begin or end the name. Subsequent words in a hyphenated chain are also not capitalized. This is required for all Compound_Elements. </xs:documentation>
+				</xs:annotation>
+			</xs:attribute>
+			<xs:attribute name="Compound_Element_Abstraction" use="required">
+				<xs:annotation>
+					<xs:documentation> The Abstraction defines the abstraction level for this attack pattern. The abstraction levels for Compound_Elements and Attack Patterns are the same. For example, if the Compound_Element is a chain, and all elements of the chain are Meta level, then the Compound_Element Abstraction attribute is Meta. This is required for all Compound_Elements.</xs:documentation>
+				</xs:annotation>
+				<xs:simpleType>
+					<xs:restriction base="xs:string">
+						<xs:enumeration value="Meta"/>
+						<xs:enumeration value="Standard"/>
+						<xs:enumeration value="Detailed"/>
+					</xs:restriction>
+				</xs:simpleType>
+			</xs:attribute>
+			<xs:attribute name="Compound_Element_Completeness" use="required">
+				<xs:simpleType>
+					<xs:restriction base="xs:string">
+						<xs:enumeration value="Complete"/>
+						<xs:enumeration value="Stub"/>
+						<xs:enumeration value="Hook"/>
+					</xs:restriction>
+				</xs:simpleType>
+			</xs:attribute>
+			<xs:attribute name="Compound_Element_Structure" use="required">
+				<xs:annotation>
+					<xs:documentation> The Structure attribute defines the structural nature of this compound element - that is, composed of other attack patterns concurrently, as in a composite, or consecutively, as in a chain. </xs:documentation>
+				</xs:annotation>
+				<xs:simpleType>
+					<xs:restriction base="xs:string">
+						<xs:enumeration value="Composite"/>
+						<xs:enumeration value="Chain"/>
+					</xs:restriction>
+				</xs:simpleType>
+			</xs:attribute>
+			<xs:attribute name="Status" type="capec:Status_Type" use="required">
+				<xs:annotation>
+					<xs:documentation> The Status attribute defines the status level for this compound element. </xs:documentation>
+				</xs:annotation>
+			</xs:attribute>
+		</xs:complexType>
+	</xs:element>
+	<xs:element name="Environment">
+		<xs:complexType>
+			<xs:annotation>
+				<xs:documentation> Description and globally unique ID for a kind of environment or
+					context that is required. Used in Attack Steps, Indicators of Susceptibility,
+					and Security Controls, etc. </xs:documentation>
+			</xs:annotation>
+			<xs:all>
+				<xs:element name="Environment_Title" type="xs:token"/>
+				<xs:element name="Environment_Description" type="xs:token"/>
+			</xs:all>
+			<xs:attribute name="ID" type="xs:ID" use="required"/>
+		</xs:complexType>
+	</xs:element>
+	<xs:element name="Attack_Execution_Flow">
+		<xs:complexType>
+			<xs:sequence>
+				<xs:element name="Attack_Phases">
+					<xs:complexType>
+						<xs:sequence>
+							<xs:element name="Attack_Phase" maxOccurs="3">
+								<xs:annotation>
+									<xs:documentation>Segment the attack steps into the various phases of attack. One of three phases "Explore," "Experiment," or "Exploit."  Each phase should appear at most once, and attack steps should be grouped by what kind of activities the attacker is carrying out. The exploration and experimentation phases may or may not occur during a particular attack, because the attacker may already know exactly how to exploit a system.</xs:documentation>
+								</xs:annotation>
+								<xs:complexType>
+									<xs:sequence>
+										<xs:annotation>
+											<xs:documentation> One of three phases "Explore," "Experiment," or
+"Exploit." Each phase should appear at most once, and attack steps should be grouped by what kind of activities the attacker is carrying out. </xs:documentation>
+										</xs:annotation>
+										<xs:element name="Attack_Steps">
+											<xs:complexType>
+												<xs:sequence>
+													<xs:element name="Attack_Step" maxOccurs="unbounded">
+														<xs:annotation>
+															<xs:documentation>Brief description of an individual action step
+										in carrying out the attack</xs:documentation>
+														</xs:annotation>
+														<xs:complexType>
+															<xs:choice>
+																<xs:element name="Common_Attack_Step">
+																	<xs:complexType>
+																		<xs:sequence>
+																			<xs:element name="Pattern_Specific_Overrides" type="capec:Custom_Attack_StepType"/>
+																		</xs:sequence>
+																		<xs:attribute name="Common_Attack_Step_ID" type="xs:integer" use="required"/>
+																	</xs:complexType>
+																</xs:element>
+																<xs:element name="Custom_Attack_Step" type="capec:Custom_Attack_StepType"/>
+															</xs:choice>
+															<xs:attribute name="ID" type="xs:integer" use="required"/>
+														</xs:complexType>
+													</xs:element>
+												</xs:sequence>
+											</xs:complexType>
+										</xs:element>
+									</xs:sequence>
+									<xs:attribute name="ID" type="xs:integer" use="required"/>
+									<xs:attribute name="Name" use="required">
+										<xs:annotation>
+											<xs:documentation>"Explore," "Experiment," or "Exploit." </xs:documentation>
+										</xs:annotation>
+										<xs:simpleType>
+											<xs:restriction base="xs:token">
+												<xs:enumeration value="Explore"/>
+												<xs:enumeration value="Experiment"/>
+												<xs:enumeration value="Exploit"/>
+												<xs:enumeration value=""/>
+											</xs:restriction>
+										</xs:simpleType>
+									</xs:attribute>
+								</xs:complexType>
+							</xs:element>
+						</xs:sequence>
+					</xs:complexType>
+				</xs:element>
+			</xs:sequence>
+		</xs:complexType>
+	</xs:element>
+	<xs:element name="Attack_Step_Technique">
+		<xs:complexType>
+			<xs:annotation>
+				<xs:documentation>
+				A particular technique that may accomplish this attack step.
+			</xs:documentation>
+			</xs:annotation>
+			<xs:all>
+				<xs:element name="Attack_Step_Technique_Description" type="capec:Structured_Text_Type">
+					<xs:annotation>
+						<xs:documentation>This field contains a brief description of the attack step technique.</xs:documentation>
+					</xs:annotation>
+				</xs:element>
+				<xs:element name="Leveraged_Attack_Patterns" minOccurs="0">
+					<xs:complexType>
+						<xs:sequence>
+							<xs:element name="Leveraged_Attack_Pattern_ID" maxOccurs="unbounded"/>
+						</xs:sequence>
+					</xs:complexType>
+				</xs:element>
+				<xs:element name="Relevant_Attack_Surface_Elements" type="capec:Relevant_Attack_Surface_ElementsType" minOccurs="0"/>
+				<xs:element name="Observables" type="cybox:ObservablesType" minOccurs="0"/>
+				<xs:element name="Environments" type="xs:IDREFS">
+					<xs:annotation>
+						<xs:documentation>References the defined environments where this attack step technique is applicable.</xs:documentation>
+					</xs:annotation>
+				</xs:element>
+			</xs:all>
+			<xs:attribute name="ID" type="xs:integer" use="required"/>
+		</xs:complexType>
+	</xs:element>
+	<xs:group name="View_Attributes">
+		<xs:annotation>
+			<xs:documentation> The View_Attributes structure is a collection of common elements	which might be shared by all Views. </xs:documentation>
+		</xs:annotation>
+		<xs:sequence>
+			<xs:element name="View_Structure">
+				<xs:annotation>
+					<xs:documentation>The View_Structure element describes how this view is being constructed. Valid values are: Implicit Slice = a slice based on a filter criteria; Explicit Slice = a slice based on arbitrary membership, as defined by specific relationships between entries; Graph = a bounded graphical slice based on ChildOf relationships.</xs:documentation>
+				</xs:annotation>
+				<xs:simpleType>
+					<xs:restriction base="xs:string">
+						<xs:enumeration value="Implicit_Slice"/>
+						<xs:enumeration value="Explicit_Slice"/>
+						<xs:enumeration value="Graph"/>
+					</xs:restriction>
+				</xs:simpleType>
+			</xs:element>
+			<xs:element name="View_Objective" type="capec:Structured_Text_Type">
+				<xs:annotation>
+					<xs:documentation> The View_Objective element describes the perspective from which this View is constructed. </xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="View_Audience" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation> The View_Audience element provides a reference to the targeted audiences or groups for this view. </xs:documentation>
+				</xs:annotation>
+				<xs:complexType>
+					<xs:sequence>
+						<xs:element name="Audience" maxOccurs="unbounded">
+							<xs:annotation>
+								<xs:documentation> The Audience element provides a reference to the
+target audience or group for this view. </xs:documentation>
+							</xs:annotation>
+							<xs:complexType>
+								<xs:sequence>
+									<xs:element name="Stakeholder">
+										<xs:annotation>
+											<xs:documentation> The Stakeholder element specifies what types of members of the CAPEC community might be
+interested in this view. </xs:documentation>
+										</xs:annotation>
+										<xs:simpleType>
+											<xs:restriction base="xs:string">
+												<xs:enumeration value="Developers"/>
+												<xs:enumeration value="Software_Vendors"/>
+												<xs:enumeration value="Assessment_Vendors"/>
+												<xs:enumeration value="Educators"/>
+												<xs:enumeration value="OWGV"/>
+												<xs:enumeration value="SAMATE"/>
+												<xs:enumeration value="CAPEC_Formalization"/>
+												<xs:enumeration value="CAPEC_Team"/>
+												<xs:enumeration value="Software_Customers"/>
+												<xs:enumeration value="Assessment_Customers"/>
+												<xs:enumeration value="Academic_Researchers"/>
+												<xs:enumeration value="Applied_Researchers"/>
+												<xs:enumeration value="Information_Providers"/>
+											</xs:restriction>
+										</xs:simpleType>
+									</xs:element>
+									<xs:element name="Stakeholder_Description" type="capec:Structured_Text_Type" minOccurs="0">
+										<xs:annotation>
+											<xs:documentation> The Stakeholder_Description el provides some text describing what properties of this View this particular Stakeholder might find
+useful.</xs:documentation>
+										</xs:annotation>
+									</xs:element>
+								</xs:sequence>
+							</xs:complexType>
+						</xs:element>
+					</xs:sequence>
+				</xs:complexType>
+			</xs:element>
+			<xs:element ref="capec:Relationships" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation> The Relationships structure contains one or more Relationship elements, each of which identifies an association between this structure, whether it is a Attack Pattern, Category, or Compound_Element and another structure.			</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element ref="capec:Relationship_Notes" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation> This structure houses one or more Relationship_Note elements, which each contain details regarding the relationships between CAPEC entries.
+			</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element ref="capec:Maintenance_Notes" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation> This element contains one or more Maintenance_Note elements which each contain significant maintenance tasks within this entry that still need to be addressed, such as clarifying the concepts involved or improving relationships. It should be filled out in any entry that is still undergoing significant review by the CAPEC team.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element ref="capec:Other_Notes" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation> This element contains one or more Note elements, each of which provide any additional notes or comments that cannot be captured using other elements. New elements might be defined in the future to contain this information. It should be filled out where needed. </xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element ref="capec:Alternate_Terms" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation> This element contains one or more Alternate_Term elements, each of which contains other names used to describe this attack pattern. </xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element ref="capec:Research_Gaps" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation> This structure contains one or more Research gap elements, each of	which identifies potential opportunities for the vulnerability research community to conduct further exploration of issues related to this attack pattern. It is intended to highlight parts of CAPEC that have not received sufficient attention from researchers.		This should be filled out where appropriate for attack patterns and categories.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="References" type="capec:Reference_List_Type" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>The References element contains one or more Reference elements, each of which provide further reading and insight into this view. This should be filled out when the view is based on sources or projects that are external to the CAPEC project.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="View_Filter" type="xs:string" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>The View_Filter element holds an XSL query for identifying which elements are members of an implicit slice. This should only be present for implicit slices.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element ref="capec:Content_History" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation> This element is used to keep track of the author of the attack pattern entry and anyone who has made modifications to the content. This provides a means of
+contacting the authors and modifiers for clarifying ambiguities, merging overlapping contributions, etc. This should be filled out for all entries. </xs:documentation>
+				</xs:annotation>
+			</xs:element>
+		</xs:sequence>
+	</xs:group>
+	<xs:element name="Relationships">
+		<xs:annotation>
+			<xs:documentation> The Relationships structure contains one or more Relationship elements, each of which identifies an association between this structure, whether it	is a Attack Pattern, Category, or Compound_Element and another structure.</xs:documentation>
+		</xs:annotation>
+		<xs:complexType>
+			<xs:sequence>
+				<xs:element name="Relationship" type="capec:RelationshipType" maxOccurs="unbounded">
+					<xs:annotation>
+						<xs:documentation> Each Relationship identifies an association between this structure, whether it is an Attack Pattern, Category, or Compound_Element and another structure. The relationship also identifies the views under which the relationship is applicable.	</xs:documentation>
+					</xs:annotation>
+				</xs:element>
+			</xs:sequence>
+		</xs:complexType>
+	</xs:element>
+	<xs:complexType name="RelationshipType">
+		<xs:sequence>
+			<xs:element name="Relationship_Views">
+				<xs:annotation>
+					<xs:documentation> This element contains a list of the individual Views to which this relationship pertains. </xs:documentation>
+				</xs:annotation>
+				<xs:complexType>
+					<xs:sequence>
+						<xs:element name="Relationship_View_ID" maxOccurs="unbounded">
+							<xs:annotation>
+								<xs:documentation> Specifies the unique ID of the individual view element to which this relationship pertains. This ID must correspond to a View. </xs:documentation>
+							</xs:annotation>
+							<xs:complexType>
+								<xs:simpleContent>
+									<xs:extension base="xs:integer">
+										<xs:attribute name="Ordinal">
+											<xs:annotation>
+												<xs:documentation> The ordinal attribute is used
+to determine if this relationship is the primary ChildOf relationship for this
+ entry for a given		Relationship_View_ID element.. This attribute can only have the value "Primary" and should only be included for the primary	parent/child relationship.
+		</xs:documentation>
+											</xs:annotation>
+											<xs:simpleType>
+												<xs:restriction base="xs:string">
+													<xs:enumeration value="Primary"/>
+												</xs:restriction>
+											</xs:simpleType>
+										</xs:attribute>
+									</xs:extension>
+								</xs:simpleContent>
+							</xs:complexType>
+						</xs:element>
+					</xs:sequence>
+				</xs:complexType>
+			</xs:element>
+			<xs:element name="Relationship_Chains" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation> This element contains a list of the individual Chains this relationship pertains to. </xs:documentation>
+				</xs:annotation>
+				<xs:complexType>
+					<xs:sequence>
+						<xs:element name="Relationship_Chain_ID" type="xs:integer" minOccurs="0" maxOccurs="unbounded">
+							<xs:annotation>
+								<xs:documentation> This element specifies the unique ID of an individual chain element this relationship pertains to.</xs:documentation>
+							</xs:annotation>
+						</xs:element>
+					</xs:sequence>
+				</xs:complexType>
+			</xs:element>
+			<xs:element name="Relationship_Target_Form">
+				<xs:annotation>
+					<xs:documentation>The Relationship_Target_Form element defines the form of the target of this relationship, such as Category, Attack Pattern, View or	Compound_Element.</xs:documentation>
+				</xs:annotation>
+				<xs:simpleType>
+					<xs:restriction base="xs:string">
+						<xs:enumeration value="Category"/>
+						<xs:enumeration value="Attack Pattern"/>
+						<xs:enumeration value="View"/>
+						<xs:enumeration value="Compound_Element"/>
+					</xs:restriction>
+				</xs:simpleType>
+			</xs:element>
+			<xs:element name="Relationship_Nature" maxOccurs="unbounded">
+				<xs:annotation>
+					<xs:documentation> The Relationship_Nature element defines the nature of the relationship between this element and the target element, such as ChildOf, HasMember or Requires to name a few. </xs:documentation>
+				</xs:annotation>
+				<xs:simpleType>
+					<xs:restriction base="xs:string">
+						<xs:enumeration value="HasMember">
+							<xs:annotation>
+								<xs:documentation> This Relationship_Nature denotes the
+									specified entry as a top level member of this View. This
+									value for Relationship_Nature can only be used in Views. The
+									complementary relationship is MemberOf.</xs:documentation>
+							</xs:annotation>
+						</xs:enumeration>
+						<xs:enumeration value="MemberOf">
+							<xs:annotation>
+								<xs:documentation>This Relationship_Nature denotes membership of
+									this entry in the top level of the View specified in
+									Relationship_Target_ID. The complementary relationship is
+									HasMember.</xs:documentation>
+							</xs:annotation>
+						</xs:enumeration>
+						<xs:enumeration value="ChildOf">
+							<xs:annotation>
+								<xs:documentation>This Relationship_Nature denotes a specified
+									entry as a parent of this entry. In general, this means
+									that the parent will be a higher level representation of
+									this entry from the perspective of the View provided in
+									Relationship_View_ID. The complementary relationship is
+									ParentOf.</xs:documentation>
+							</xs:annotation>
+						</xs:enumeration>
+						<xs:enumeration value="ParentOf">
+							<xs:annotation>
+								<xs:documentation>This Relationship_Nature denotes a specified
+									entry as a child of this entry. In general, this means
+									that the child will be a lower level representation of this
+									entry from the perspective of the View provided in
+									Relationship_View_ID. The complementary relationship is
+									ChildOf.</xs:documentation>
+							</xs:annotation>
+						</xs:enumeration>
+						<xs:enumeration value="PeerOf">
+							<xs:annotation>
+								<xs:documentation> This Relationship_Nature denotes a specified
+									entry as having some similarity with this entry which does
+									not fit any of the other Relationship_Nature values. In this
+									case, a Relationship_Note should also be provided explaining
+									the connection. The complementary relationship is itself
+									(PeerOf).</xs:documentation>
+							</xs:annotation>
+						</xs:enumeration>
+						<xs:enumeration value="Requires">
+							<xs:annotation>
+								<xs:documentation> This Relationship_Nature denotes a
+									Compound_Element of Compound_Element_Structure="Composite".
+									All entries that a Composite Requires must exist
+									simultaneously in order for the Compound_Element to exist.
+									The complementary relationship is
+									RequiredBy.</xs:documentation>
+							</xs:annotation>
+						</xs:enumeration>
+						<xs:enumeration value="RequiredBy">
+							<xs:annotation>
+								<xs:documentation> This Relationship_Nature denotes an entry
+									that is required in order for the Compound_Element specified
+									in Relationship_Target_ID to exist. The complementary
+									relationship is Requires.</xs:documentation>
+							</xs:annotation>
+						</xs:enumeration>
+						<xs:enumeration value="StartsWith">
+							<xs:annotation>
+								<xs:documentation>This Relationship_Nature denotes the starting
+									point in this chain as the entry specified by
+									Relationship_Target_ID. This Relationship_Nature can only be
+									used for Compound_Elements with
+									Compound_Element_Structure="Chain". For named chains, the
+									complementary relationship is
+									StartsChain.</xs:documentation>
+							</xs:annotation>
+						</xs:enumeration>
+						<xs:enumeration value="StartsChain">
+							<xs:annotation>
+								<xs:documentation>This Relationship_Nature denotes this entry
+									as the starting point in the chain specified in
+									Relationship_Target_ID. For named chains, the complementary
+									relationship is StartsWith.</xs:documentation>
+							</xs:annotation>
+						</xs:enumeration>
+						<xs:enumeration value="CanPrecede">
+							<xs:annotation>
+								<xs:documentation>This Relationship_Nature denotes a chain where
+									this entry can precede the entry specified by
+									Relationship_Target_ID in a sequential fashion. It is
+									important to note that not all CanPrecede relationships are
+									captured in a Compound_Element chain, only the most common
+									for now. The complementary relationship is
+									CanFollow.</xs:documentation>
+							</xs:annotation>
+						</xs:enumeration>
+						<xs:enumeration value="CanFollow">
+							<xs:annotation>
+								<xs:documentation>This Relationship_Nature denotes a chain where
+									this entry can follow the entry specified by
+									Relationship_Target_ID in a sequential fashion. It is
+									important to note that not all CanFollow relationships are
+									captured in a Compound_Element chain, only the most common
+									for now. The complementary relationship is
+									CanPrecede.</xs:documentation>
+							</xs:annotation>
+						</xs:enumeration>
+						<xs:enumeration value="CanAlsoBe">
+							<xs:annotation>
+								<xs:documentation> This Relationship_Nature denotes an entry
+									that, in the proper environment and context, can also be
+									perceived as the entry specified by Relationship_Target_ID.
+									This relationship is not necessarily reciprocal.
+								</xs:documentation>
+							</xs:annotation>
+						</xs:enumeration>
+					</xs:restriction>
+				</xs:simpleType>
+			</xs:element>
+			<xs:element name="Relationship_Target_ID" type="xs:integer">
+				<xs:annotation>
+					<xs:documentation>The Relationship_Target_ID specifies the unique ID of the
+target element of the relationship.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="Relationship_Description" type="capec:Structured_Text_Type" minOccurs="0"/>
+		</xs:sequence>
+	</xs:complexType>
+	<xs:element name="Relationship_Notes">
+		<xs:annotation>
+			<xs:documentation> This structure houses one or more Relationship_Note elements, which each contain details regarding the relationships between CAPEC entries.
+			</xs:documentation>
+		</xs:annotation>
+		<xs:complexType>
+			<xs:sequence>
+				<xs:element name="Relationship_Note" type="capec:Structured_Text_Type" maxOccurs="unbounded">
+					<xs:annotation>
+						<xs:documentation> This element contains a note regarding the relationships between CAPEC entries. </xs:documentation>
+					</xs:annotation>
+				</xs:element>
+			</xs:sequence>
+		</xs:complexType>
+	</xs:element>
+	<xs:element name="Maintenance_Notes">
+		<xs:annotation>
+			<xs:documentation> This element contains one or more Maintenance_Note elements which each contain significant maintenance tasks within this entry that still need to be addressed, such as clarifying the concepts involved or improving relationships. It should be filled out in any entry that is still undergoing significant review by the CAPEC team.</xs:documentation>
+		</xs:annotation>
+		<xs:complexType>
+			<xs:sequence>
+				<xs:element name="Maintenance_Note" type="capec:Structured_Text_Type" maxOccurs="unbounded">
+					<xs:annotation>
+						<xs:documentation> This element describes a significant maintenance task
+ within this entry that still need to be addressed, such as clarifying the concepts involved or improving relationships. It should be filled out in any entry that is still undergoing significant review by the CAPEC team. </xs:documentation>
+					</xs:annotation>
+				</xs:element>
+			</xs:sequence>
+		</xs:complexType>
+	</xs:element>
+	<xs:element name="Other_Notes">
+		<xs:annotation>
+			<xs:documentation> This element contains one or more Note elements, each of which	provide any additional notes or comments that cannot be captured using other elements. New elements might be defined in the future to contain this information. It should be filled out where needed. </xs:documentation>
+		</xs:annotation>
+		<xs:complexType>
+			<xs:sequence>
+				<xs:element name="Note" type="capec:Structured_Text_Type" maxOccurs="unbounded">
+					<xs:annotation>
+						<xs:documentation> This element contains any additional notes or comments
+that cannot be captured using other elements. New elements might be defined in the future to contain this information. It should be filled out where needed. </xs:documentation>
+					</xs:annotation>
+				</xs:element>
+			</xs:sequence>
+		</xs:complexType>
+	</xs:element>
+	<xs:element name="Alternate_Terms">
+		<xs:annotation>
+			<xs:documentation> This element contains one or more Alternate_Term elements, each of which contains other names used to describe this attack pattern. </xs:documentation>
+		</xs:annotation>
+		<xs:complexType>
+			<xs:sequence>
+				<xs:element name="Alternate_Term" maxOccurs="unbounded">
+					<xs:annotation>
+						<xs:documentation> This element contains alternate terms by which this
+attack pattern may be known and a description to explain the context in which the term may be relevant. This is not required for all entries and should only be included where appropriate. </xs:documentation>
+					</xs:annotation>
+					<xs:complexType>
+						<xs:sequence>
+							<xs:element name="Term" type="xs:string">
+								<xs:annotation>
+									<xs:documentation> This element contains the actual term for the Alternate_Term element. Each term should follow the same conventions as the entry Name attribute.</xs:documentation>
+								</xs:annotation>
+							</xs:element>
+							<xs:element name="Alternate_Term_Description" type="capec:Structured_Text_Type" minOccurs="0">
+								<xs:annotation>
+									<xs:documentation> This element provides context to each
+Alternate_Term by which this attack pattern may be known.</xs:documentation>
+								</xs:annotation>
+							</xs:element>
+						</xs:sequence>
+					</xs:complexType>
+				</xs:element>
+			</xs:sequence>
+		</xs:complexType>
+	</xs:element>
+	<xs:element name="Research_Gaps">
+		<xs:annotation>
+			<xs:documentation> This structure contains one or more Research gap elements, each of	which identifies potential opportunities for the attack research community to conduct further exploration of issues related to this attack pattern. It is intended to highlight parts of CAPEC that have not received sufficient attention from researchers. This should be filled out where appropriate for attack patterns and categories.</xs:documentation>
+		</xs:annotation>
+		<xs:complexType>
+			<xs:sequence>
+				<xs:element name="Research_Gap" type="capec:Structured_Text_Type" maxOccurs="unbounded">
+					<xs:annotation>
+						<xs:documentation> This element identifies potential opportunities for the
+vulnerability research community to conduct further exploration of 	issues related to this attack pattern. It is intended to highlight parts of CAPEC that have not received sufficient attention from researchers. This should be filled out where appropriate for attack patterns and categories.</xs:documentation>
+					</xs:annotation>
+				</xs:element>
+			</xs:sequence>
+		</xs:complexType>
+	</xs:element>
+	<xs:element name="Content_History">
+		<xs:annotation>
+			<xs:documentation> This element is used to keep track of the author of the attack pattern entry and anyone who has made modifications to the content. This provides a means of contacting the authors and modifiers for clarifying ambiguities, merging overlapping contributions, etc. This should be filled out for all entries. </xs:documentation>
+		</xs:annotation>
+		<xs:complexType>
+			<xs:sequence>
+				<xs:element name="Submissions" minOccurs="0">
+					<xs:annotation>
+						<xs:documentation>This structure contains one or more Submission elements.</xs:documentation>
+					</xs:annotation>
+					<xs:complexType>
+						<xs:sequence>
+							<xs:element name="Submission" maxOccurs="unbounded">
+								<xs:annotation>
+									<xs:documentation> This element houses the subelements which identify the submitter and the submitter's comments related to this entry. This element has a single attribute, Submission_Source, which provides a general idea of how the initial information for this entry was obtained, whether internal to the CAPEC team, external, donated, etc.</xs:documentation>
+								</xs:annotation>
+								<xs:complexType>
+									<xs:sequence>
+										<xs:element name="Submitter" type="xs:string" minOccurs="0">
+											<xs:annotation>
+												<xs:documentation> This element should contain the name of the author for this entry. </xs:documentation>
+											</xs:annotation>
+										</xs:element>
+										<xs:element name="Submitter_Organization" type="xs:string" minOccurs="0">
+											<xs:annotation>
+												<xs:documentation> This element should identify the author's organization. </xs:documentation>
+											</xs:annotation>
+										</xs:element>
+										<xs:element name="Submission_Date" type="xs:date" minOccurs="0">
+											<xs:annotation>
+												<xs:documentation> This element should provide the date on which this content was authored in YYYY-MM-DD format. </xs:documentation>
+											</xs:annotation>
+										</xs:element>
+										<xs:element name="Submission_Comment" type="xs:string" minOccurs="0">
+											<xs:annotation>
+												<xs:documentation> This element provides the author with a place to store any comments regarding the content of this attack pattern entry, such as assumptions made, reasons for omitting elements, contact information, pending questions, etc.</xs:documentation>
+											</xs:annotation>
+										</xs:element>
+									</xs:sequence>
+									<xs:attribute name="Submission_Source" use="optional">
+										<xs:annotation>
+											<xs:documentation> This attribute identifies how the initial	information for this entry was obtained. </xs:documentation>
+										</xs:annotation>
+										<xs:simpleType>
+											<xs:restriction base="xs:string">
+												<xs:enumeration value="Externally_Mined"/>
+												<xs:enumeration value="NDA"/>
+												<xs:enumeration value="Internal_CAPEC_Team"/>
+												<xs:enumeration value="External_Submission"/>
+											</xs:restriction>
+										</xs:simpleType>
+									</xs:attribute>
+								</xs:complexType>
+							</xs:element>
+						</xs:sequence>
+					</xs:complexType>
+				</xs:element>
+				<xs:element name="Contributions" minOccurs="0">
+					<xs:annotation>
+						<xs:documentation>This structure contains one or more Contribution elements.</xs:documentation>
+					</xs:annotation>
+					<xs:complexType>
+						<xs:sequence>
+							<xs:element name="Contribution" maxOccurs="unbounded">
+								<xs:annotation>
+									<xs:documentation> This element houses the subelements which identify the contributor and contributor's comments related to this entry. This element has a single attribute, Contribution_Mode, which indicates whether the contribution was part of feedback given to the CAPEC team or actual content that was donated.</xs:documentation>
+								</xs:annotation>
+								<xs:complexType>
+									<xs:sequence>
+										<xs:element name="Contributor" type="xs:string" minOccurs="0">
+											<xs:annotation>
+												<xs:documentation> This element should contain the name of the author for this entry. </xs:documentation>
+											</xs:annotation>
+										</xs:element>
+										<xs:element name="Contribution_Organization" type="xs:string" minOccurs="0">
+											<xs:annotation>
+												<xs:documentation> This element should identify the author's organization. </xs:documentation>
+											</xs:annotation>
+										</xs:element>
+										<xs:element name="Contribution_Date" type="xs:date" minOccurs="0">
+											<xs:annotation>
+												<xs:documentation> This element should provide the date on which this content was authored in YYYY-MM-DD format.</xs:documentation>
+											</xs:annotation>
+										</xs:element>
+										<xs:element name="Contribution_Comment" type="xs:string" minOccurs="0">
+											<xs:annotation>
+												<xs:documentation> This element provides the author with a place to store any comments regarding the content of this attack patterns entry, such as assumptions made, reasons for omitting elements, contact information, pending questions, etc.</xs:documentation>
+											</xs:annotation>
+										</xs:element>
+									</xs:sequence>
+									<xs:attribute name="Contribution_Mode" use="optional">
+										<xs:annotation>
+											<xs:documentation> This attribute indicates whether the contribution was part of feedback given to the CAPEC team or actual content that was donated.</xs:documentation>
+										</xs:annotation>
+										<xs:simpleType>
+											<xs:restriction base="xs:string">
+												<xs:enumeration value="Content"/>
+												<xs:enumeration value="Feedback"/>
+											</xs:restriction>
+										</xs:simpleType>
+									</xs:attribute>
+								</xs:complexType>
+							</xs:element>
+						</xs:sequence>
+					</xs:complexType>
+				</xs:element>
+				<xs:element name="Modifications" minOccurs="0">
+					<xs:annotation>
+						<xs:documentation>This structure contains one or more Modification elements.</xs:documentation>
+					</xs:annotation>
+					<xs:complexType>
+						<xs:sequence>
+							<xs:element name="Modification" maxOccurs="unbounded">
+								<xs:annotation>
+									<xs:documentation> This element houses the subelements which identify the modifier and modifier's comments related to this entry. A new Modification element should exist for each modification of the entry content. This element has a single attribute, Modification_Source, which indicates whether this modification was made by a CAPEC team member or an external party.</xs:documentation>
+								</xs:annotation>
+								<xs:complexType>
+									<xs:sequence>
+										<xs:element name="Modifier" type="xs:string" minOccurs="0">
+											<xs:annotation>
+												<xs:documentation> This element should contain the name of the person modifying this entry. </xs:documentation>
+											</xs:annotation>
+										</xs:element>
+										<xs:element name="Modifier_Organization" type="xs:string" minOccurs="0">
+											<xs:annotation>
+												<xs:documentation> This element should contain the modifier's organization. </xs:documentation>
+											</xs:annotation>
+										</xs:element>
+										<xs:element name="Modification_Date" type="xs:date" minOccurs="0">
+											<xs:annotation>
+												<xs:documentation> This element should contain the date of the modifications. </xs:documentation>
+											</xs:annotation>
+										</xs:element>
+										<xs:element name="Modification_Comment" type="xs:string" minOccurs="0">
+											<xs:annotation>
+												<xs:documentation> This element provides the modifier with a place to store any comments regarding the content of this attack pattern entry, such as assumptions made, reasons for omitting elements, contact information, pending questions, etc. </xs:documentation>
+											</xs:annotation>
+										</xs:element>
+									</xs:sequence>
+									<xs:attribute name="Modification_Importance">
+										<xs:annotation>
+											<xs:documentation> This attribute identifies how significant the modification is to the attack pattern with regard to the meaning and interpretation of the pattern. If a modification has a value of Critical, then the meaning of the entry or how it might be interpreted has changed and requires attention from anyone previously dependent on the attack pattern. </xs:documentation>
+										</xs:annotation>
+										<xs:simpleType>
+											<xs:restriction base="xs:string">
+												<xs:enumeration value="Normal"/>
+												<xs:enumeration value="Critical"/>
+											</xs:restriction>
+										</xs:simpleType>
+									</xs:attribute>
+									<xs:attribute name="Modification_Source" use="optional">
+										<xs:annotation>
+											<xs:documentation> This attribute indicates whether this modification was created by a CAPEC team member or provided by an
+ external party.</xs:documentation>
+										</xs:annotation>
+										<xs:simpleType>
+											<xs:restriction base="xs:string">
+												<xs:enumeration value="Internal"/>
+												<xs:enumeration value="External"/>
+											</xs:restriction>
+										</xs:simpleType>
+									</xs:attribute>
+								</xs:complexType>
+							</xs:element>
+						</xs:sequence>
+					</xs:complexType>
+				</xs:element>
+				<xs:element name="Previous_Entry_Names" minOccurs="0">
+					<xs:annotation>
+						<xs:documentation> This structure contains one or more Previous_Entry_Name elements, each of which describes a previous name that was used for this entry. This should be filled out whenever a substantive name change occurs.</xs:documentation>
+					</xs:annotation>
+					<xs:complexType>
+						<xs:sequence>
+							<xs:element name="Previous_Entry_Name" maxOccurs="unbounded">
+								<xs:annotation>
+									<xs:documentation> This element identifies a name that was previously used for this entry.</xs:documentation>
+								</xs:annotation>
+								<xs:complexType>
+									<xs:simpleContent>
+										<xs:extension base="xs:string">
+											<xs:attribute name="Name_Change_Date" type="xs:date" use="required">
+												<xs:annotation>
+													<xs:documentation>This lists the date on which this name was changed to something else. 	Typically, this date will be closely aligned with new releases of CAPEC.</xs:documentation>
+												</xs:annotation>
+											</xs:attribute>
+										</xs:extension>
+									</xs:simpleContent>
+								</xs:complexType>
+							</xs:element>
+						</xs:sequence>
+					</xs:complexType>
+				</xs:element>
+			</xs:sequence>
+		</xs:complexType>
+	</xs:element>
+	<xs:complexType name="ObservablesType">
+		<xs:sequence>
+			<xs:element name="Observable" maxOccurs="unbounded">
+				<xs:complexType>
+					<xs:sequence>
+						<xs:element name="Signature">
+							<xs:complexType>
+								<xs:sequence>
+									<xs:element name="Location-Sensor" minOccurs="0"/>
+									<xs:element name="Stateful_Measure">
+										<xs:complexType>
+											<xs:sequence>
+												<xs:element name="Description" type="capec:Structured_Text_Type"/>
+												<xs:element name="Value_Type">
+													<xs:complexType>
+														<xs:choice>
+															<xs:element name="Objective_Value" type="xs:string"/>
+															<xs:element name="Trend">
+																<xs:simpleType>
+																	<xs:restriction base="xs:string">
+																		<xs:enumeration value="Increasing"/>
+																		<xs:enumeration value="Decreasing"/>
+																	</xs:restriction>
+																</xs:simpleType>
+															</xs:element>
+															<xs:element name="Frequency">
+																<xs:complexType>
+																	<xs:attribute name="Rate" type="xs:float" use="required"/>
+																	<xs:attribute name="Units" type="xs:string" use="required"/>
+																	<xs:attribute name="Scale" type="xs:string" use="required"/>
+																</xs:complexType>
+															</xs:element>
+														</xs:choice>
+													</xs:complexType>
+												</xs:element>
+											</xs:sequence>
+											<xs:attribute name="Name"/>
+										</xs:complexType>
+									</xs:element>
+									<xs:element name="Event">
+										<xs:complexType>
+											<xs:sequence>
+												<xs:element name="Description" type="capec:Structured_Text_Type"/>
+												<xs:element name="Action">
+													<xs:complexType>
+														<xs:sequence>
+															<xs:element name="Object" maxOccurs="unbounded">
+																<xs:complexType>
+																	<xs:sequence>
+																		<xs:element name="Value" maxOccurs="unbounded">
+																			<xs:complexType>
+																				<xs:sequence>
+																					<xs:element name="Objective_Value" type="xs:string" minOccurs="0"/>
+																					<xs:element name="Change" type="xs:boolean" minOccurs="0"/>
+																					<xs:element name="Delta" minOccurs="0">
+																						<xs:complexType>
+																							<xs:choice>
+																								<xs:element name="Trend">
+																									<xs:simpleType>
+																										<xs:restriction base="xs:string">
+																											<xs:enumeration value="Increasing"/>
+																											<xs:enumeration value="Decreasing"/>
+																										</xs:restriction>
+																									</xs:simpleType>
+																								</xs:element>
+																								<xs:element name="Frequency">
+																									<xs:complexType>
+																										<xs:attribute name="Rate" type="xs:float" use="required"/>
+																										<xs:attribute name="Units" type="xs:string" use="required"/>
+																										<xs:attribute name="Scale" type="xs:string" use="required"/>
+																									</xs:complexType>
+																								</xs:element>
+																							</xs:choice>
+																						</xs:complexType>
+																					</xs:element>
+																				</xs:sequence>
+																			</xs:complexType>
+																		</xs:element>
+																	</xs:sequence>
+																</xs:complexType>
+															</xs:element>
+														</xs:sequence>
+													</xs:complexType>
+												</xs:element>
+											</xs:sequence>
+											<xs:attribute name="Event_Type" type="xs:string"/>
+										</xs:complexType>
+									</xs:element>
+								</xs:sequence>
+							</xs:complexType>
+						</xs:element>
+						<xs:element name="Noisiness" minOccurs="0">
+							<xs:simpleType>
+								<xs:restriction base="xs:string">
+									<xs:enumeration value="High"/>
+									<xs:enumeration value="Medium"/>
+									<xs:enumeration value="Low"/>
+								</xs:restriction>
+							</xs:simpleType>
+						</xs:element>
+						<xs:element name="Ease_of_Obfuscation" minOccurs="0">
+							<xs:simpleType>
+								<xs:restriction base="xs:string">
+									<xs:enumeration value="High"/>
+									<xs:enumeration value="Medium"/>
+									<xs:enumeration value="Low"/>
+								</xs:restriction>
+							</xs:simpleType>
+						</xs:element>
+						<xs:element name="Obfuscation_Techniques" minOccurs="0">
+							<xs:complexType>
+								<xs:sequence>
+									<xs:element name="Obfuscation_Technique" maxOccurs="unbounded">
+										<xs:complexType>
+											<xs:sequence>
+												<xs:element name="Description" type="capec:Structured_Text_Type"/>
+												<xs:element name="Observables" type="capec:ObservablesType"/>
+											</xs:sequence>
+										</xs:complexType>
+									</xs:element>
+								</xs:sequence>
+							</xs:complexType>
+						</xs:element>
+					</xs:sequence>
+				</xs:complexType>
+			</xs:element>
+		</xs:sequence>
+	</xs:complexType>
+	<xs:complexType name="Structured_Text_Type">
+		<xs:sequence>
+			<xs:choice maxOccurs="unbounded">
+				<xs:group ref="capec:Structured_Text_Group"/>
+				<xs:element ref="capec:Block">
+					<xs:annotation>
+						<xs:documentation> Block is a Structured_Text element consisting of one of Text_Title, Text, Code_Example_Language, or Code followed by another Block element.	Structured_Text elements help define whitespace and text segments.</xs:documentation>
+					</xs:annotation>
+				</xs:element>
+			</xs:choice>
+		</xs:sequence>
+	</xs:complexType>
+	<xs:group name="Structured_Text_Group">
+		<xs:sequence>
+			<xs:choice>
+				<xs:element name="Text_Title" type="xs:string" minOccurs="0" maxOccurs="unbounded">
+					<xs:annotation>
+						<xs:documentation> Presentation Element: This element is used to definebold-faced title for a subsequent block of text. </xs:documentation>
+					</xs:annotation>
+				</xs:element>
+				<xs:element name="Text" type="xs:string" minOccurs="0" maxOccurs="unbounded">
+					<xs:annotation>
+						<xs:documentation> Presentation Element: This element is used to define a paragraph of text. </xs:documentation>
+					</xs:annotation>
+				</xs:element>
+				<xs:element name="Code_Example_Language" type="capec:Language_Type" minOccurs="0" maxOccurs="unbounded">
+					<xs:annotation>
+						<xs:documentation>Presentation Element: This element is used to identify the programming language being used in the following block of Code</xs:documentation>
+					</xs:annotation>
+				</xs:element>
+				<xs:element name="Code" type="xs:string" minOccurs="0" maxOccurs="unbounded">
+					<xs:annotation>
+						<xs:documentation> Presentation Element: This element is used to define a line of code. </xs:documentation>
+					</xs:annotation>
+				</xs:element>
+				<xs:element name="Comment" type="xs:string" minOccurs="0" maxOccurs="unbounded">
+					<xs:annotation>
+						<xs:documentation>Presentation Element: This element is used to define a
+							comment in code.</xs:documentation>
+					</xs:annotation>
+				</xs:element>
+				<xs:element name="Images" minOccurs="0">
+					<xs:annotation>
+						<xs:documentation>Presentation Element: This element is used to define an
+							image.</xs:documentation>
+					</xs:annotation>
+					<xs:complexType>
+						<xs:sequence>
+							<xs:element name="Image" maxOccurs="unbounded">
+								<xs:annotation>
+									<xs:documentation> Presentation Element: This element is used to define an image. </xs:documentation>
+								</xs:annotation>
+								<xs:complexType>
+									<xs:sequence maxOccurs="unbounded">
+										<xs:element name="Image_Location" type="xs:string">
+											<xs:annotation>
+												<xs:documentation>This element provides the location of the image file.</xs:documentation>
+											</xs:annotation>
+										</xs:element>
+										<xs:element name="Image_Title" type="xs:string">
+											<xs:annotation>
+												<xs:documentation>This element provides a title for the image.</xs:documentation>
+											</xs:annotation>
+										</xs:element>
+									</xs:sequence>
+								</xs:complexType>
+							</xs:element>
+						</xs:sequence>
+					</xs:complexType>
+				</xs:element>
+			</xs:choice>
+		</xs:sequence>
+	</xs:group>
+	<xs:element name="Block">
+		<xs:annotation>
+			<xs:documentation> Block is a Structured_Text element consisting of one of Text_Title,
+				Text, Code_Example_Language, or Code followed by another Block element.
+				Structured_Text elements help define whitespace and text segments.
+			</xs:documentation>
+		</xs:annotation>
+		<xs:complexType>
+			<xs:choice maxOccurs="unbounded">
+				<xs:group ref="capec:Structured_Text_Group"/>
+				<xs:element ref="capec:Block">
+					<xs:annotation>
+						<xs:documentation> Block is a Structured_Text element consisting of one of Text_Title,Text, Code_Example_Language, or Code followed by another Block element. Structured_Text elements help define whitespace and text segments.</xs:documentation>
+					</xs:annotation>
+				</xs:element>
+			</xs:choice>
+			<xs:attribute name="Block_Nature">
+				<xs:annotation>
+					<xs:documentation> This attribute identifies the nature of the content containedwithin the Block. </xs:documentation>
+				</xs:annotation>
+				<xs:simpleType>
+					<xs:restriction base="xs:string">
+						<xs:enumeration value="Good_Code"/>
+						<xs:enumeration value="Bad_Code"/>
+						<xs:enumeration value="Mitigation_Code"/>
+						<xs:enumeration value="Attack"/>
+						<xs:enumeration value="Result"/>
+						<xs:enumeration value="List"/>
+					</xs:restriction>
+				</xs:simpleType>
+			</xs:attribute>
+		</xs:complexType>
+	</xs:element>
+	<xs:complexType name="Reference_List_Type">
+		<xs:annotation>
+			<xs:documentation>The References_List_Type contains one or more Reference elements, each
+				of which provide further reading and insight into the item. This should be filled
+				out as appropriate.</xs:documentation>
+		</xs:annotation>
+		<xs:sequence>
+			<xs:element name="Reference" type="capec:Reference_Type" maxOccurs="unbounded">
+				<xs:annotation>
+					<xs:documentation> Each Reference subelement should provide a single source from which more information and deeper insight can be obtained, such as a research paper or an excerpt from a publication. Multiple Reference subelements can exist. The sole attribute of this element is the id. The id is optional and translates to a preceding footnote below the context notes if the author of the entry wants to cite a reference. Not all subelements need to be completed, since some are designed for web references and others are designed for book references. The fields Reference_Author and Reference_Title should be filled out for all references if possible. Reference_Section and Reference_Date can be included for either book references or online references. Reference_Edition, Reference_Publication, Reference_Publisher, and Reference_PubDate are intended for book references,
+ however they can be included where appropriate for other types of references. Reference_Link is intended for web references, however it can be included for book references as well if applicable. </xs:documentation>
+				</xs:annotation>
+			</xs:element>
+		</xs:sequence>
+	</xs:complexType>
+	<xs:complexType name="Reference_Type">
+		<xs:sequence>
+			<xs:element name="Reference_Description" type="capec:Structured_Text_Type" minOccurs="0"/>
+			<xs:element name="Reference_Author" type="xs:string" minOccurs="0" maxOccurs="unbounded">
+				<xs:annotation>
+					<xs:documentation> This element identifies an individual author of the material being referenced. It is not required, but may be repeated sequentially in order to identify multiple authors for a single piece of material.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="Reference_Title" type="xs:string" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation> This element identifies the title of the material beingreferenced. It is not required if the material does not have a title.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="Reference_Section" type="xs:string" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation> This element is intended to provide a means of identifying the exact location of the material inside of the publication source, such as the relevant pages of a research paper, the appropriate chapters from a book, etc. This is useful for both book references and internet references.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="Reference_Edition" type="xs:string" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation> This element identifies the edition of the material being
+ referenced in the event that multiple editions of the material exist. This will usually only be useful for book references. </xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="Reference_Publication" type="xs:string" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation> This element identifies the publication source of the reference material, if one exists. </xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="Reference_Publisher" type="xs:string" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation> This element identifies the publisher of the reference material, if one exists. </xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="Reference_Date" type="xs:date" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation> This element identifies the date when the reference was included in the entry. This provides the reader with a time line for when the material in the reference, usually the link, was valid. The date should be of the format YYYY-MM-DD. </xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="Reference_PubDate" type="xs:string" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation> This field describes the date when the reference was published YYYY. </xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="Reference_Link" type="xs:string" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation> This element should hold the URL for the material being referenced, if one exists. This should always be used for web references, and may optionally be used for book and other publication references.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+		</xs:sequence>
+		<xs:attribute name="Reference_ID">
+			<xs:annotation>
+				<xs:documentation> The id attribute is optional and is used as a mechanism forciting text in the entry. If an id is provided, it is placed between brackets and precedes this reference and the matching id should be used inside of the text for the attack pattern itself where this reference is applicable. All reference ids assigned within an entry must be unique. </xs:documentation>
+			</xs:annotation>
+		</xs:attribute>
+	</xs:complexType>
+	<xs:simpleType name="Language_Type">
+		<xs:restriction base="xs:string">
+			<xs:enumeration value="C"/>
+			<xs:enumeration value="C++"/>
+			<xs:enumeration value="C#"/>
+			<xs:enumeration value="Java"/>
+			<xs:enumeration value="JSP"/>
+			<xs:enumeration value="Javascript"/>
+			<xs:enumeration value="ASP.NET"/>
+			<xs:enumeration value="SQL"/>
+			<xs:enumeration value="Python"/>
+			<xs:enumeration value="Perl"/>
+			<xs:enumeration value="PHP"/>
+			<xs:enumeration value="SOAP"/>
+			<xs:enumeration value="Ruby"/>
+			<xs:enumeration value="Shell"/>
+			<xs:enumeration value="PseudoCode"/>
+			<xs:enumeration value=".NET"/>
+			<xs:enumeration value="Assembly"/>
+			<xs:enumeration value="XML"/>
+			<xs:enumeration value="HTML"/>
+		</xs:restriction>
+	</xs:simpleType>
+	<xs:simpleType name="Frequency_Type">
+		<xs:restriction base="xs:string">
+			<xs:enumeration value="Often"/>
+			<xs:enumeration value="Sometimes"/>
+			<xs:enumeration value="Rarely"/>
+		</xs:restriction>
+	</xs:simpleType>
+	<xs:simpleType name="Status_Type">
+		<xs:restriction base="xs:string">
+			<xs:enumeration value="Deprecated"/>
+			<xs:enumeration value="Incomplete"/>
+			<xs:enumeration value="Draft"/>
+			<xs:enumeration value="Usable"/>
+			<xs:enumeration value="Stable"/>
+		</xs:restriction>
+	</xs:simpleType>
+	<xs:complexType name="Custom_Attack_StepType">
+		<xs:sequence>
+			<xs:element name="Attack_Step_Title" type="xs:string" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>This field contains a short descriptive title for the attack step. It should be kept as short as possible but also clearly convey the nature of the attack step being described.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="Attack_Step_Description" type="capec:Structured_Text_Type">
+				<xs:annotation>
+					<xs:documentation>This field contains a brief description of the attack step.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="Attack_Step_Techniques" minOccurs="0">
+				<xs:complexType>
+					<xs:sequence>
+						<xs:element ref="capec:Attack_Step_Technique" maxOccurs="unbounded">
+							<xs:annotation>
+								<xs:documentation>This field captures various techniques that the attacker can use to achieve the attack step's goal. For example, an attacker may use tools such as WebScarab and Tamper Data in the experimentation phase of a SQL Injection attack pattern. The techniques include references to environments, because not all techniques work in all environments</xs:documentation>
+							</xs:annotation>
+						</xs:element>
+					</xs:sequence>
+				</xs:complexType>
+			</xs:element>
+			<xs:element name="Indicators" minOccurs="0">
+				<xs:complexType>
+					<xs:sequence>
+						<xs:element name="Indicator" maxOccurs="unbounded">
+							<xs:annotation>
+								<xs:documentation>These are indicators that the application may or may not be susceptible to the given attack step (not necessarily the pattern as a whole). </xs:documentation>
+							</xs:annotation>
+							<xs:complexType>
+								<xs:all>
+									<xs:element name="Indicator_Description" type="capec:Structured_Text_Type">
+										<xs:annotation>
+											<xs:documentation>This field contains a brief description of the indicator.</xs:documentation>
+										</xs:annotation>
+									</xs:element>
+									<xs:element name="Relevant_Attack_Surface_Elements" type="capec:Relevant_Attack_Surface_ElementsType" minOccurs="0"/>
+									<xs:element name="Environments" type="xs:IDREFS">
+										<xs:annotation>
+											<xs:documentation>References the defined environments where this indicator of susceptibility  is applicable.</xs:documentation>
+										</xs:annotation>
+									</xs:element>
+									<xs:element name="Observables" type="cybox:ObservablesType" minOccurs="0"/>
+								</xs:all>
+								<xs:attribute name="ID" type="xs:integer" use="required">
+									<xs:annotation>
+										<xs:documentation>This field contains a unique integer identifier for the indicator.</xs:documentation>
+									</xs:annotation>
+
+								</xs:attribute>
+								<xs:attribute name="type" use="required">
+									<xs:annotation>
+										<xs:documentation>Each indicator has a mandatory type attribute that can be one of the values "Positive," "Negative," or "Inconclusive." For example, a positive indicator of susceptibility to parameter tampering is the existence of parameters in the URL. Although it does not guarantee susceptibility, it indicates a cause for further examination. A negative indicator for the technique of privilege escalation is a lack of credentials and user identifiers in an application. Again, this is not a conclusive measure of resistance to attack, but an indicator that the attack step technique is unlikely to bear significant fruit. An inconclusive indicator of susceptibility to dynamic code injection is a page whose URL ends in .jsp, .asp, or .do but which has no visible explicit parameters. Such URLs typically indicate dynamic processing, but since no visible parameters are passed, it is inconclusive whether dynamic code could be injected into the application.</xs:documentation>
+									</xs:annotation>
+									<xs:simpleType>
+										<xs:restriction base="xs:token">
+											<xs:enumeration value="Positive"/>
+											<xs:enumeration value="Negative"/>
+											<xs:enumeration value="Inconclusive"/>
+										</xs:restriction>
+									</xs:simpleType>
+								</xs:attribute>
+							</xs:complexType>
+						</xs:element>
+					</xs:sequence>
+				</xs:complexType>
+			</xs:element>
+			<xs:element name="Outcomes" minOccurs="0">
+				<xs:complexType>
+					<xs:sequence>
+						<xs:element name="Outcome" maxOccurs="unbounded">
+							<xs:annotation>
+								<xs:documentation>This field captures possible outcomes for this attack step. </xs:documentation>
+							</xs:annotation>
+							<xs:complexType>
+								<xs:sequence>
+									<xs:element name="Outcome_Description" type="xs:string"/>
+									<xs:element name="Relevant_Attack_Surface_Elements" type="capec:Relevant_Attack_Surface_ElementsType" minOccurs="0"/>
+									<xs:element name="Observables" type="cybox:ObservablesType" minOccurs="0"/>
+								</xs:sequence>
+								<xs:attribute name="ID" type="xs:integer" use="required">
+									<xs:annotation>
+										<xs:documentation>This field contains a unique integer identifier for the outcome.</xs:documentation>
+									</xs:annotation>
+								</xs:attribute>
+								<xs:attribute name="type" use="required">
+									<xs:annotation>
+										<xs:documentation>An outcome has a mandatory type attribute that can be one of the values "success," "failure," or "inconclusive." It indicates what results of executing the attack step techniques should be considered successes, which should be considered failures, and which ones are inconclusive. Outcomes' successes are determined relative to the attacker's point of view. It is a success if the attack step got the attacker closer to his goal of attacking the application. It is a failure if the attacker got no closer to his goal.</xs:documentation>
+									</xs:annotation>
+									<xs:simpleType>
+										<xs:restriction base="xs:token">
+											<xs:enumeration value="Success"/>
+											<xs:enumeration value="Failure"/>
+											<xs:enumeration value="Inconclusive"/>
+										</xs:restriction>
+									</xs:simpleType>
+								</xs:attribute>
+							</xs:complexType>
+						</xs:element>
+					</xs:sequence>
+				</xs:complexType>
+			</xs:element>
+			<xs:element name="Security_Controls" minOccurs="0">
+				<xs:complexType>
+					<xs:sequence>
+						<xs:element name="Security_Control" maxOccurs="unbounded">
+							<xs:annotation>
+								<xs:documentation>This field captures security controls for this attack step that describe ways in which the attack step can be detected, corrected, or prevented. These are presented from a defender's point of view, where the defender may be a developer, tester, operations administrator, or other resource resisting the attacker. </xs:documentation>
+							</xs:annotation>
+							<xs:complexType>
+								<xs:sequence>
+									<xs:element name="Security_Control_Description" type="xs:string"/>
+									<xs:element name="Relevant_Attack_Surface_Elements" type="capec:Relevant_Attack_Surface_ElementsType" minOccurs="0"/>
+									<xs:element name="Observable_Evidence" minOccurs="0">
+										<xs:complexType>
+											<xs:choice>
+												<xs:element name="IfPresent_Observables" type="cybox:ObservablesType"/>
+												<xs:element name="IfNotPresent_Observables" type="cybox:ObservablesType"/>
+											</xs:choice>
+										</xs:complexType>
+									</xs:element>
+								</xs:sequence>
+								<xs:attribute name="ID" type="xs:integer" use="required">
+									<xs:annotation>
+										<xs:documentation>This field contains a unique integer identifier for the security control.</xs:documentation>
+									</xs:annotation>
+								</xs:attribute>
+								<xs:attribute name="type" use="required">
+									<xs:annotation>
+										<xs:documentation>Each security control has a mandatory type attribute that can be one of the values "Detective," "Corrective," or "Preventative." Detective controls detect an attacker's activities in the attack step, whether the activities are successful or not. Corrective controls attempt to mitigate an attacker's success by responding to a successful outcome. They are not related to or normalized against outcomes. Preventative controls are those that make the attack step unlikely or impossible to succeed.</xs:documentation>
+									</xs:annotation>
+									<xs:simpleType>
+										<xs:restriction base="xs:token">
+											<xs:enumeration value="Detective"/>
+											<xs:enumeration value="Corrective"/>
+											<xs:enumeration value="Preventative"/>
+										</xs:restriction>
+									</xs:simpleType>
+								</xs:attribute>
+							</xs:complexType>
+						</xs:element>
+					</xs:sequence>
+				</xs:complexType>
+			</xs:element>
+			<xs:element name="Observables" type="cybox:ObservablesType" minOccurs="0"/>
+		</xs:sequence>
+	</xs:complexType>
+	<xs:complexType name="Target_Attack_SurfaceType">
+		<xs:choice>
+			<xs:element name="Common_Attack_Surface_Description">
+				<xs:complexType>
+					<xs:sequence>
+						<xs:element name="Relevant_Attack_Surface_Elements" type="capec:Relevant_Attack_Surface_ElementsType"/>
+						<xs:element name="Pattern_Specific_Overrides" type="capec:Target_Attack_Surface_DescriptionType" minOccurs="0"/>
+					</xs:sequence>
+					<xs:attribute name="Common_Attack_Surface_ID"/>
+				</xs:complexType>
+			</xs:element>
+			<xs:element name="Target_Attack_Surface_Description" type="capec:Target_Attack_Surface_DescriptionType"/>
+		</xs:choice>
+	</xs:complexType>
+	<xs:complexType name="Target_Attack_Surface_DescriptionType">
+		<xs:sequence>
+			<xs:element name="Targeted_OSI_Layers">
+				<xs:complexType>
+					<xs:sequence>
+						<xs:element name="Targeted_OSI_Layer" maxOccurs="unbounded">
+							<xs:simpleType>
+								<xs:restriction base="xs:string">
+									<xs:enumeration value="Physical Layer"/>
+									<xs:enumeration value="Data Link Layer"/>
+									<xs:enumeration value="Network Layer"/>
+									<xs:enumeration value="Transport Layer"/>
+									<xs:enumeration value="Session Layer"/>
+									<xs:enumeration value="Presentation Layer"/>
+									<xs:enumeration value="Application Layer"/>
+								</xs:restriction>
+							</xs:simpleType>
+						</xs:element>
+					</xs:sequence>
+				</xs:complexType>
+			</xs:element>
+			<xs:element name="Target_Attack_Surface_Localities">
+				<xs:complexType>
+					<xs:sequence>
+						<xs:element name="Target_Attack_Surface_Locality" maxOccurs="unbounded">
+							<xs:simpleType>
+								<xs:restriction base="xs:string">
+									<xs:enumeration value="Client-side"/>
+									<xs:enumeration value="Server-side"/>
+								</xs:restriction>
+							</xs:simpleType>
+						</xs:element>
+					</xs:sequence>
+				</xs:complexType>
+			</xs:element>
+			<xs:element name="Target_Attack_Surface_Types">
+				<xs:complexType>
+					<xs:sequence>
+						<xs:element name="Target_Attack_Surface_Type" maxOccurs="unbounded">
+							<xs:simpleType>
+								<xs:restriction base="xs:string">
+									<xs:enumeration value="Network"/>
+									<xs:enumeration value="Host"/>
+									<xs:enumeration value="Service"/>
+									<xs:enumeration value="Non-Web Application"/>
+									<xs:enumeration value="Web Application"/>
+									<xs:enumeration value="Firewall"/>
+								</xs:restriction>
+							</xs:simpleType>
+						</xs:element>
+					</xs:sequence>
+				</xs:complexType>
+			</xs:element>
+			<xs:element name="Target_Functional_Services" minOccurs="0">
+				<xs:complexType>
+					<xs:sequence>
+						<xs:element name="Target_Functional_Service" maxOccurs="unbounded">
+							<xs:complexType>
+								<xs:sequence>
+									<xs:element name="Protocol" minOccurs="0" maxOccurs="unbounded">
+										<xs:complexType>
+											<xs:sequence>
+												<xs:element name="Protocol_Structure" minOccurs="0">
+													<xs:complexType>
+														<xs:sequence>
+															<xs:element name="Protocol_Header" maxOccurs="unbounded">
+																<xs:complexType>
+																	<xs:sequence>
+																		<xs:element name="Protocol_RFC" type="xs:string" minOccurs="0" maxOccurs="unbounded"/>
+																		<xs:element name="Protocol_Field_Name" type="xs:string" minOccurs="0" maxOccurs="unbounded"/>
+																		<xs:element name="Protocol_Field_Description" type="xs:string" minOccurs="0" maxOccurs="unbounded"/>
+																		<xs:element name="Protocol_Flag_Description" type="xs:string" minOccurs="0" maxOccurs="unbounded"/>
+																		<xs:element name="Protocol_Flag_Value" type="xs:string" minOccurs="0" maxOccurs="unbounded"/>
+																		<xs:element name="Protocol_Operation_Code" type="xs:string" minOccurs="0" maxOccurs="unbounded"/>
+																		<xs:element name="Protocol_Data" type="xs:string" minOccurs="0" maxOccurs="unbounded"/>
+																	</xs:sequence>
+																	<xs:attribute name="ID" type="xs:integer" use="required"/>
+																	<xs:attribute name="Name" type="xs:string"/>
+																</xs:complexType>
+															</xs:element>
+														</xs:sequence>
+													</xs:complexType>
+												</xs:element>
+												<xs:element name="Command_Structures" minOccurs="0">
+													<xs:complexType>
+														<xs:sequence>
+															<xs:element name="Command_Structure" maxOccurs="unbounded">
+																<xs:complexType>
+																	<xs:sequence>
+																		<xs:element name="Command_Description" type="xs:string" minOccurs="0"/>
+																		<xs:element name="Command_Type" type="xs:string" minOccurs="0"/>
+																		<xs:element name="Command_Group_Label" type="xs:string" minOccurs="0"/>
+																	</xs:sequence>
+																	<xs:attribute name="ID" type="xs:integer" use="required"/>
+																	<xs:attribute name="Name" type="xs:string" use="required"/>
+																</xs:complexType>
+															</xs:element>
+														</xs:sequence>
+													</xs:complexType>
+												</xs:element>
+												<xs:element name="Related_Protocols" minOccurs="0">
+													<xs:complexType>
+														<xs:sequence>
+															<xs:element name="Related_Protocol" maxOccurs="unbounded">
+																<xs:complexType>
+																	<xs:sequence>
+																		<xs:element name="Relationship_Type" maxOccurs="unbounded">
+																			<xs:simpleType>
+																				<xs:restriction base="xs:string">
+																					<xs:enumeration value="Is an abstraction of"/>
+																					<xs:enumeration value="Is a refinement of"/>
+																					<xs:enumeration value="Is an alternative to"/>
+																					<xs:enumeration value="Uses Protocol"/>
+																					<xs:enumeration value="Is a service of"/>
+																					<xs:enumeration value="Is a command of"/>
+																				</xs:restriction>
+																			</xs:simpleType>
+																		</xs:element>
+																	</xs:sequence>
+																	<xs:attribute name="Name"/>
+																	<xs:attribute name="RFC"/>
+																</xs:complexType>
+															</xs:element>
+														</xs:sequence>
+													</xs:complexType>
+												</xs:element>
+											</xs:sequence>
+											<xs:attribute name="ID" type="xs:integer" use="required"/>
+											<xs:attribute name="Name" type="xs:string" use="required"/>
+											<xs:attribute name="RFC" type="xs:string"/>
+											<xs:attribute name="Encryption" type="xs:boolean"/>
+											<xs:attribute name="Encryption_Type" type="xs:string"/>
+										</xs:complexType>
+									</xs:element>
+								</xs:sequence>
+								<xs:attribute name="ID" type="xs:integer" use="required"/>
+								<xs:attribute name="Name" type="xs:string" use="required"/>
+							</xs:complexType>
+						</xs:element>
+					</xs:sequence>
+				</xs:complexType>
+			</xs:element>
+		</xs:sequence>
+	</xs:complexType>
+	<xs:complexType name="Relevant_Attack_Surface_ElementsType">
+		<xs:sequence>
+			<xs:element name="Relevant_Functional_Services" minOccurs="0">
+				<xs:complexType>
+					<xs:sequence>
+						<xs:element name="Relevant_Functional_Service_ID" maxOccurs="unbounded"/>
+					</xs:sequence>
+				</xs:complexType>
+			</xs:element>
+			<xs:element name="Relevant_Protocols" minOccurs="0">
+				<xs:complexType>
+					<xs:sequence>
+						<xs:element name="Relevant_Protocol_ID" maxOccurs="unbounded"/>
+					</xs:sequence>
+				</xs:complexType>
+			</xs:element>
+			<xs:element name="Relevant_Protocol_Headers" minOccurs="0">
+				<xs:complexType>
+					<xs:sequence>
+						<xs:element name="Relevant_Protocol_Header_ID" maxOccurs="unbounded"/>
+					</xs:sequence>
+				</xs:complexType>
+			</xs:element>
+			<xs:element name="Relevant_Command_Structures" minOccurs="0">
+				<xs:complexType>
+					<xs:sequence>
+						<xs:element name="Relevant_Command_Structure_ID" maxOccurs="unbounded"/>
+					</xs:sequence>
+				</xs:complexType>
+			</xs:element>
+		</xs:sequence>
+	</xs:complexType>
+	<xs:complexType name="Common_ConsequenceType">
+		<xs:sequence>
+			<xs:element name="Consequence_Scope" minOccurs="0" maxOccurs="unbounded">
+				<xs:annotation>
+					<xs:documentation> This subelement identifies an individual consequence that
+may result from this attack pattern. </xs:documentation>
+				</xs:annotation>
+				<xs:simpleType>
+					<xs:restriction base="xs:string">
+						<xs:enumeration value="Confidentiality"/>
+						<xs:enumeration value="Integrity"/>
+						<xs:enumeration value="Availability"/>
+						<xs:enumeration value="Access_Control"/>
+						<xs:enumeration value="Non-Repudiation"/>
+						<xs:enumeration value="Accountability"/>
+						<xs:enumeration value="Authentication"/>
+						<xs:enumeration value="Authorization"/>
+						<xs:enumeration value="Other"/>
+					</xs:restriction>
+				</xs:simpleType>
+			</xs:element>
+			<xs:element name="Consequence_Technical_Impact" minOccurs="0" maxOccurs="unbounded">
+				<xs:annotation>
+					<xs:documentation>This subelement describes the technical impacts that can result from successful execution of this attack pattern.</xs:documentation>
+				</xs:annotation>
+				<xs:simpleType>
+					<xs:restriction base="xs:string">
+						<xs:whiteSpace value="collapse"/>
+						<xs:enumeration value="Modify memory"/>
+						<xs:enumeration value="Read memory"/>
+						<xs:enumeration value="Modify files or directories"/>
+						<xs:enumeration value="Read files or directories"/>
+						<xs:enumeration value="Modify application data"/>
+						<xs:enumeration value="Read application data"/>
+						<xs:enumeration value="DoS: crash / exit / restart"/>
+						<xs:enumeration value="DoS: amplification"/>
+						<xs:enumeration value="DoS: instability"/>
+						<xs:enumeration value="DoS: resource consumption (CPU)"/>
+						<xs:enumeration value="DoS: resource consumption (memory)"/>
+						<xs:enumeration value="DoS: resource consumption (other)"/>
+						<xs:enumeration value="Execute unauthorized code or commands"/>
+						<xs:enumeration value="Gain privileges / assume identity"/>
+						<xs:enumeration value="Bypass protection mechanism"/>
+						<xs:enumeration value="Hide activities"/>
+						<xs:enumeration value="Alter execution logic"/>
+						<xs:enumeration value="Other"/>
+						<xs:enumeration value="&quot;Varies by context&quot;"/>
+						<xs:enumeration value="Quality degradation"/>
+						<xs:enumeration value="Unexpected State"/>
+					</xs:restriction>
+				</xs:simpleType>
+			</xs:element>
+			<xs:element name="Consequence_Note" type="capec:Structured_Text_Type" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>This subelement provides additional commentary about this consequence.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+		</xs:sequence>
+		<xs:attribute name="Common_Consequence_ID" type="xs:string">
+			<xs:annotation>
+				<xs:documentation> The Common_Consequence_ID stores the value for the related
+Common_Consequence entry identifier as a string. Only one
+Common_Consequence_ID element can exist for each Common_Consequence element
+(ex: CC-1). However, Common_Consequences across CAPEC with the same ID should
+only vary in small details.</xs:documentation>
+			</xs:annotation>
+		</xs:attribute>
+	</xs:complexType>
+	<xs:complexType name="Attack_PatternType">
+		<xs:sequence>
+			<xs:element name="Description" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>This field contains a detailed description of the attack including the chain of actions taken by the attacker. More comprehensive descriptions could include relevant attack trees and/or exploit graphs to more clearly elaborate this type of attack.</xs:documentation>
+				</xs:annotation>
+				<xs:complexType>
+					<xs:sequence>
+						<xs:element name="Summary" type="capec:Structured_Text_Type">
+							<xs:annotation>
+								<xs:documentation>Brief description of what the attack involves and what weaknesses it is leveraging for exploit.</xs:documentation>
+							</xs:annotation>
+						</xs:element>
+						<xs:element ref="capec:Attack_Execution_Flow" minOccurs="0">
+							<xs:annotation>
+								<xs:documentation>Outline of the steps involved in an attacker executing the typical flow of the attack.</xs:documentation>
+							</xs:annotation>
+						</xs:element>
+					</xs:sequence>
+				</xs:complexType>
+			</xs:element>
+			<xs:element ref="capec:Alternate_Terms" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation> This element contains one or more Alternate_Term elements, each ofwhich contains other names used to describe this attack pattern. </xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="Target_Attack_Surface" type="capec:Target_Attack_SurfaceType" minOccurs="0"/>
+			<xs:element name="Attack_Prerequisites" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>This field describes the conditions that must exist or the functionality and characteristics that the target software must have or behavior it must exhibit for an attack of this type to succeed.</xs:documentation>
+				</xs:annotation>
+				<xs:complexType>
+					<xs:sequence>
+						<xs:element name="Attack_Prerequisite" type="capec:Structured_Text_Type" maxOccurs="unbounded">
+							<xs:annotation>
+								<xs:documentation>This field describes an individual attack prerequisite.</xs:documentation>
+							</xs:annotation>
+						</xs:element>
+					</xs:sequence>
+				</xs:complexType>
+			</xs:element>
+			<xs:element name="Typical_Severity" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>On a rough scale (Very Low, Low, Medium, High, Very high), what is the typical severity of impact to the targeted software if this attack occurs? The severity of a specific attack instance can vary greatly depending on the specific context of the target software under attack. This field is intended to capture an overall typical average value for this type of attack with the understanding that it will not be completely accurate for all attacks.</xs:documentation>
+				</xs:annotation>
+				<xs:simpleType>
+					<xs:restriction base="xs:string">
+						<xs:enumeration value="Very High"/>
+						<xs:enumeration value="High"/>
+						<xs:enumeration value="Medium"/>
+						<xs:enumeration value="Low"/>
+						<xs:enumeration value="Very Low"/>
+					</xs:restriction>
+				</xs:simpleType>
+			</xs:element>
+			<xs:element name="Typical_Likelihood_of_Exploit" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>On a rough scale (Very Low, Low Medium,  High, Very High), what is the overall likelihood of this type of attack typically succeeding considering the attack prerequisites, targeted weakness attack surface, skill required and resources required as well as available and likely implemented blocking solutions? The likelihood of exploit of a specific attack instance can vary greatly depending on the specific context of the target software under attack. This field is intended to capture an overall typical average value for this type of attack with the understanding that it will not be completely accurate for all attacks.</xs:documentation>
+				</xs:annotation>
+				<xs:complexType>
+					<xs:sequence>
+						<xs:element name="Likelihood" type="xs:string" minOccurs="0">
+							<xs:annotation>
+								<xs:documentation>On a rough scale (Very Low, Low Medium,  High, Very High), what is the overall likelihood of this type of attack typically succeeding considering the attack prerequisites, targeted weakness attack surface, skill required and resources required as well as available and likely implemented blocking solutions?</xs:documentation>
+							</xs:annotation>
+						</xs:element>
+						<xs:element name="Explanation" type="capec:Structured_Text_Type" minOccurs="0">
+							<xs:annotation>
+								<xs:documentation>This field captures any useful explanation for the defined Likelihood.</xs:documentation>
+							</xs:annotation>
+						</xs:element>
+					</xs:sequence>
+				</xs:complexType>
+			</xs:element>
+			<xs:element name="Methods_of_Attack" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>This field describes the mechanism of attack used by this pattern. This field can help define the applicable attack surface required for this attack.</xs:documentation>
+				</xs:annotation>
+				<xs:complexType>
+					<xs:sequence>
+						<xs:element name="Method_of_Attack" minOccurs="0" maxOccurs="unbounded">
+							<xs:annotation>
+								<xs:documentation>This field describes the mechanism of attack used by this pattern. In order to assist in normalization and classification, this field involves a selection from an enumerated list of defined vectors which is currently incomplete and will grow as new relevant vectors are identified. This field can help define the applicable attack surface required for this attack.</xs:documentation>
+							</xs:annotation>
+							<xs:simpleType>
+								<xs:restriction base="xs:string">
+									<xs:enumeration value="Injection"/>
+									<xs:enumeration value="Modification of Resources"/>
+									<xs:enumeration value="Protocol Manipulation"/>
+									<xs:enumeration value="Analysis"/>
+									<xs:enumeration value="API Abuse"/>
+									<xs:enumeration value="Brute Force"/>
+									<xs:enumeration value="Flooding"/>
+									<xs:enumeration value="Time and State"/>
+									<xs:enumeration value="Spoofing"/>
+									<xs:enumeration value="Social Engineering"/>
+								</xs:restriction>
+							</xs:simpleType>
+						</xs:element>
+					</xs:sequence>
+				</xs:complexType>
+			</xs:element>
+			<xs:element name="Examples-Instances" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>This field contains explanatory examples or demonstrative exploit instances of this attack, which are intended to help the reader understand the nature, context and variability of the attack in more practical and concrete terms.</xs:documentation>
+				</xs:annotation>
+				<xs:complexType>
+					<xs:sequence>
+						<xs:element name="Example-Instance" maxOccurs="unbounded">
+							<xs:annotation>
+								<xs:documentation>This field describes an individual example or exploit instance.</xs:documentation>
+							</xs:annotation>
+							<xs:complexType>
+								<xs:sequence>
+									<xs:element name="Example-Instance_Description" type="capec:Structured_Text_Type">
+										<xs:annotation>
+											<xs:documentation>This field describes in detail a specific example or exploit instance of this attack. It should outline the context of the attack, the targeted software, the targeted weaknesses or vulnerabilities, the specific set of actions involved in the attack and the resulting impact of the attacks success or failure (in the case of counterexamples).</xs:documentation>
+										</xs:annotation>
+									</xs:element>
+									<xs:element name="References" minOccurs="0">
+										<xs:complexType>
+											<xs:sequence>
+												<xs:element name="Reference" type="capec:Reference_Type" maxOccurs="unbounded"/>
+											</xs:sequence>
+										</xs:complexType>
+									</xs:element>
+									<xs:element name="Example-Instance_Related_Vulnerabilities" minOccurs="0">
+										<xs:complexType>
+											<xs:sequence>
+												<xs:element name="Example-Instance_Related_Vulnerability" type="capec:Structured_Text_Type" maxOccurs="unbounded">
+													<xs:annotation>
+														<xs:documentation>This field lists the specific vulnerabilities targeted by this exploit instance of the attack. Specific vulnerabilities should reference industry-standard identifiers such as Common Vulnerabilities and Exposures (CVE) numbers and/or US-CERT numbers.</xs:documentation>
+													</xs:annotation>
+												</xs:element>
+											</xs:sequence>
+										</xs:complexType>
+									</xs:element>
+								</xs:sequence>
+							</xs:complexType>
+						</xs:element>
+					</xs:sequence>
+				</xs:complexType>
+			</xs:element>
+			<xs:element name="Attacker_Skills_or_Knowledge_Required" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>This field describes the level of skills or specific knowledge required by an attacker to execute this type of attack. </xs:documentation>
+				</xs:annotation>
+				<xs:complexType>
+					<xs:sequence>
+						<xs:element name="Attacker_Skill_or_Knowledge_Required" maxOccurs="unbounded">
+							<xs:annotation>
+								<xs:documentation>This field describes the level of skill or specific knowledge required by an attacker to execute this type of attack. </xs:documentation>
+							</xs:annotation>
+							<xs:complexType>
+								<xs:sequence>
+									<xs:element name="Skill_or_Knowledge_Level" minOccurs="0">
+										<xs:annotation>
+											<xs:documentation>This should be communicated on a rough scale (Low, Medium, High).
+For example:
+• Low - Basic computer familiarity
+• Low - Basic SQL knowledge
+• Medium - Moderate scripting and shell experience and ability to disassemble and decompile
+• High - Expert knowledge of LINUX kernel
+• High - Detailed knowledge of target software development practices and business context (former employee)
+• Etc.
+</xs:documentation>
+										</xs:annotation>
+										<xs:simpleType>
+											<xs:restriction base="xs:string">
+												<xs:enumeration value="Low"/>
+												<xs:enumeration value="Medium"/>
+												<xs:enumeration value="High"/>
+											</xs:restriction>
+										</xs:simpleType>
+									</xs:element>
+									<xs:element name="Skill_or_Knowledge_Type" type="capec:Structured_Text_Type" minOccurs="0">
+										<xs:annotation>
+											<xs:documentation>This field provides contextual detail for the skill or knowledge level.</xs:documentation>
+										</xs:annotation>
+									</xs:element>
+								</xs:sequence>
+							</xs:complexType>
+						</xs:element>
+					</xs:sequence>
+				</xs:complexType>
+			</xs:element>
+			<xs:element name="Resources_Required" type="capec:Structured_Text_Type" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>This field describes the resources (CPU cycles, IP addresses, tools, etc.) required by an attacker to effectively execute this type of attack.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="Probing_Techniques" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>This field describes techniques typically used to probe and reconnoiter a potential target to determine vulnerability and/or to prepare for this type of attack.</xs:documentation>
+				</xs:annotation>
+				<xs:complexType>
+					<xs:sequence>
+						<xs:element name="Probing_Technique" maxOccurs="unbounded">
+							<xs:annotation>
+								<xs:documentation>This field describes an individual probing technique.</xs:documentation>
+							</xs:annotation>
+							<xs:complexType>
+								<xs:sequence>
+									<xs:element name="Description" type="capec:Structured_Text_Type" minOccurs="0"/>
+									<xs:element name="Observables" type="cybox:ObservablesType" minOccurs="0"/>
+								</xs:sequence>
+							</xs:complexType>
+						</xs:element>
+					</xs:sequence>
+				</xs:complexType>
+			</xs:element>
+			<xs:element name="Indicators-Warnings_of_Attack" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>This field describes activities, events, conditions or behaviors that could serve as indicators that an attack of this type is imminent, in progress or has occurred.</xs:documentation>
+				</xs:annotation>
+				<xs:complexType>
+					<xs:sequence>
+						<xs:element name="Indicator-Warning_of_Attack" maxOccurs="unbounded">
+							<xs:annotation>
+								<xs:documentation>This field describes an individual indicator/warning.</xs:documentation>
+							</xs:annotation>
+							<xs:complexType>
+								<xs:sequence>
+									<xs:element name="Description" type="capec:Structured_Text_Type" minOccurs="0"/>
+									<xs:element name="Observables" type="cybox:ObservablesType" minOccurs="0"/>
+								</xs:sequence>
+							</xs:complexType>
+						</xs:element>
+					</xs:sequence>
+				</xs:complexType>
+			</xs:element>
+			<xs:element name="Obfuscation_Techniques" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>This field describes techniques typically used to disguise the fact that an attack of this type is imminent, in progress or has occurred.</xs:documentation>
+				</xs:annotation>
+				<xs:complexType>
+					<xs:sequence>
+						<xs:element name="Obfuscation_Technique" maxOccurs="unbounded">
+							<xs:annotation>
+								<xs:documentation>This field describes an individual obfuscation technique.</xs:documentation>
+							</xs:annotation>
+							<xs:complexType>
+								<xs:sequence>
+									<xs:element name="Description" type="capec:Structured_Text_Type" minOccurs="0"/>
+									<xs:element name="Observables" type="cybox:ObservablesType" minOccurs="0"/>
+								</xs:sequence>
+							</xs:complexType>
+						</xs:element>
+					</xs:sequence>
+				</xs:complexType>
+			</xs:element>
+			<xs:element name="Solutions_and_Mitigations" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>This field describes actions or approaches that can potentially prevent or mitigate the risk of this attack. These solutions and mitigations are targeted to improve the resistance of the target software and thereby reduce the likelihood of the attack's success or to improve the resilience of the target software and thereby reduce the impact of the attack if it is successful. </xs:documentation>
+				</xs:annotation>
+				<xs:complexType>
+					<xs:sequence>
+						<xs:element name="Solution_or_Mitigation" type="capec:Structured_Text_Type" maxOccurs="unbounded">
+							<xs:annotation>
+								<xs:documentation>This field describes an individual blocking solution or mitigation.</xs:documentation>
+							</xs:annotation>
+						</xs:element>
+					</xs:sequence>
+				</xs:complexType>
+			</xs:element>
+			<xs:element name="Attack_Motivation-Consequences" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>What is the attacker trying to achieve by using this attack? This is not the end business/mission goal of the attack within the target context but rather the specific technical result desired that could be leveraged to achieve the end business/mission objective. This information is useful for aligning attack patterns to threat models and for determining which attack patterns are relevant for a given context.</xs:documentation>
+				</xs:annotation>
+				<xs:complexType>
+					<xs:sequence>
+						<xs:element name="Attack_Motivation-Consequence" type="capec:Common_ConsequenceType" maxOccurs="unbounded">
+							<xs:annotation>
+								<xs:documentation>What is the attacker trying to achieve by using this attack? This is not the end business/mission goal of the attack within the target context but rather the specific technical result desired that could be leveraged to achieve the end business/mission objective. In order to assist in normalization and classification, this field involves a selection from an enumerated list of defined motivations/consequences which is currently incomplete and will grow as new relevant possibilities are identified. This information is useful for aligning attack patterns to threat models and for determining which attack patterns are relevant for a given context.</xs:documentation>
+							</xs:annotation>
+						</xs:element>
+					</xs:sequence>
+				</xs:complexType>
+			</xs:element>
+			<xs:element name="Injection_Vector" type="capec:Structured_Text_Type" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>This field describes, as precisely as possible, the mechanism and format of an input-driven attack of this type. Injection vectors must take into account the grammar of an attack, the syntax accepted by the system, the position of various fields, and the ranges of data that are acceptable. </xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="Payload" type="capec:Structured_Text_Type" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>This field describes the code, configuration or other data to be executed or otherwise activated as part of an injection-based attack of this type. </xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="Activation_Zone" type="capec:Structured_Text_Type" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>This field describes the area within the target software that is capable of executing or otherwise activating the payload of an injection-based attack of this type. The activation zone is where the intent of the attacker is put into action. The activation zone may be a command interpreter, some active machine code in a buffer, a client browser, a system API call, etc. </xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="Payload_Activation_Impact" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>This field is a description of the impact that the activation of the attack payload for an injection-based attack of this type would typically have on the confidentiality, integrity or availability of the target software.</xs:documentation>
+				</xs:annotation>
+				<xs:complexType>
+					<xs:sequence>
+						<xs:element name="Description" type="capec:Structured_Text_Type" minOccurs="0"/>
+						<xs:element name="Observables" type="cybox:ObservablesType" minOccurs="0"/>
+					</xs:sequence>
+				</xs:complexType>
+			</xs:element>
+			<xs:element name="Related_Weaknesses" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>Which specific weaknesses does this attack target and leverage? Specific weaknesses (underlying issues that may cause vulnerabilities) reference the industry-standard Common Weakness Enumeration (CWE). This list should include not only those weaknesses that are directly targeted by the attack but also those whose presence can directly increase the likelihood of the attack succeeding or the impact if it does succeed.</xs:documentation>
+				</xs:annotation>
+				<xs:complexType>
+					<xs:sequence>
+						<xs:element name="Related_Weakness" maxOccurs="unbounded">
+							<xs:annotation>
+								<xs:documentation>This field describes an individual related weakness.</xs:documentation>
+							</xs:annotation>
+							<xs:complexType>
+								<xs:sequence>
+									<xs:element name="CWE_ID" type="xs:integer">
+										<xs:annotation>
+											<xs:documentation>The CWE_ID is a field that exists for all weaknesses enumerated in the Common Weakness Enumeration (CWE). It is a unique value that allows each weakness to be unambiguously identified. The CWE_ID field for the attack pattern contains the value of the CWE_ID for the specific related weakness. </xs:documentation>
+										</xs:annotation>
+									</xs:element>
+									<xs:element name="Weakness_Relationship_Type">
+										<xs:annotation>
+											<xs:documentation>This field describes the nature of the relationship between this weakness and the attack pattern. Weaknesses that are specifically targeted by the attack are of type "Targeted". Weaknesses which are not specifically targeted but whose presence may increase the likelihood of the attack succeeding or the impact of the attack if it does succeed are of type "Secondary".</xs:documentation>
+										</xs:annotation>
+										<xs:simpleType>
+											<xs:restriction base="xs:string">
+												<xs:enumeration value="Targeted"/>
+												<xs:enumeration value="Secondary"/>
+											</xs:restriction>
+										</xs:simpleType>
+									</xs:element>
+								</xs:sequence>
+							</xs:complexType>
+						</xs:element>
+					</xs:sequence>
+				</xs:complexType>
+			</xs:element>
+			<xs:element name="Related_Vulnerabilities" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>What specific vulnerabilities does this attack target and leverage? Specific vulnerabilities should reference industry-standard identifiers such as Common Vulnerabilities and Exposures (CVE ) numbers and/or US-CERT  numbers. As vulnerabilities are much more specific and localized than weaknesses, it is typically rare that an attack pattern will target specific vulnerabilities. This would most likely occur if they are targeting vulnerabilities in underlying platforms, frameworks, libraries, etc.</xs:documentation>
+				</xs:annotation>
+				<xs:complexType>
+					<xs:sequence>
+						<xs:element name="Related_Vulnerability" maxOccurs="unbounded">
+							<xs:annotation>
+								<xs:documentation>This field describes an individual related vulnerability.</xs:documentation>
+							</xs:annotation>
+							<xs:complexType>
+								<xs:sequence>
+									<xs:element name="Vulnerability_ID" type="xs:string">
+										<xs:annotation>
+											<xs:documentation>This field uses the unique reference ID for a specific related vulnerability utilizing an industry standard vulnerability listing (e.g., CVE-2006-4192, VU#650769, etc.).</xs:documentation>
+										</xs:annotation>
+									</xs:element>
+									<xs:element name="Vulnerability_Description" type="capec:Structured_Text_Type">
+										<xs:annotation>
+											<xs:documentation>This field contains a short textual description of the specific related vulnerability taken from the industry standard vulnerability listing.</xs:documentation>
+										</xs:annotation>
+									</xs:element>
+								</xs:sequence>
+							</xs:complexType>
+						</xs:element>
+					</xs:sequence>
+				</xs:complexType>
+			</xs:element>
+			<xs:element name="Related_Attack_Patterns" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>This field identifies other attack patterns that are somehow related to, dependent on, typically chained together, etc. with this pattern.</xs:documentation>
+				</xs:annotation>
+				<xs:complexType>
+					<xs:sequence>
+						<xs:element name="Related_Attack_Pattern" type="capec:RelationshipType" maxOccurs="unbounded">
+							<xs:annotation>
+								<xs:documentation>This field describes an individual related attack pattern.</xs:documentation>
+							</xs:annotation>
+						</xs:element>
+					</xs:sequence>
+				</xs:complexType>
+			</xs:element>
+			<xs:element name="Relevant_Security_Requirements" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>This field identifies specific security requirements that are relevant to this type of attack and are general enough to offer opportunities for reuse.</xs:documentation>
+				</xs:annotation>
+				<xs:complexType>
+					<xs:sequence>
+						<xs:element name="Relevant_Security_Requirement" type="capec:Structured_Text_Type" maxOccurs="unbounded">
+							<xs:annotation>
+								<xs:documentation>This field describes an individual relevant security requirement.</xs:documentation>
+							</xs:annotation>
+						</xs:element>
+					</xs:sequence>
+				</xs:complexType>
+			</xs:element>
+			<xs:element name="Relevant_Design_Patterns" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>This field identifies specific relevant design patterns that are recommended as providing resistance or resilience to this attack, or which are not recommended as they are particularly susceptible to this type of attack.</xs:documentation>
+				</xs:annotation>
+				<xs:complexType>
+					<xs:sequence>
+						<xs:element name="Recommended_Design_Patterns">
+							<xs:complexType>
+								<xs:sequence>
+									<xs:element name="Recommended_Design_Pattern" type="capec:Structured_Text_Type" maxOccurs="unbounded">
+										<xs:annotation>
+											<xs:documentation>This field describes an individual design pattern that is recommended due to its likelihood of increasing the software's resistance or resiliency to this type of attack.</xs:documentation>
+										</xs:annotation>
+									</xs:element>
+								</xs:sequence>
+							</xs:complexType>
+						</xs:element>
+						<xs:element name="Non-Recommended_Design_Patterns">
+							<xs:complexType>
+								<xs:sequence>
+									<xs:element name="Non-Recommended_Design_Pattern" type="capec:Structured_Text_Type" maxOccurs="unbounded">
+										<xs:annotation>
+											<xs:documentation>This field describes an individual design pattern that is not recommended due to its likelihood of decreasing the software's resistance or resiliency to this type of attack.</xs:documentation>
+										</xs:annotation>
+									</xs:element>
+								</xs:sequence>
+							</xs:complexType>
+						</xs:element>
+					</xs:sequence>
+				</xs:complexType>
+			</xs:element>
+			<xs:element name="Relevant_Security_Patterns" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>This field identifies specific security patterns that are recommended as providing resistance or resilience to this type of attack.</xs:documentation>
+				</xs:annotation>
+				<xs:complexType>
+					<xs:sequence>
+						<xs:element name="Relevant_Security_Pattern" type="capec:Structured_Text_Type" maxOccurs="unbounded">
+							<xs:annotation>
+								<xs:documentation>This field describes an individual relevant security pattern.</xs:documentation>
+							</xs:annotation>
+						</xs:element>
+					</xs:sequence>
+				</xs:complexType>
+			</xs:element>
+			<xs:element name="Related_Security_Principles" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>This field identifies specific security principles relevant to this attack pattern. The security principles that this field references come from the set available on the Build Security In website.</xs:documentation>
+				</xs:annotation>
+				<xs:complexType>
+					<xs:sequence>
+						<xs:element name="Related_Security_Principle" type="capec:Structured_Text_Type" maxOccurs="unbounded">
+							<xs:annotation>
+								<xs:documentation>This field describes an individual security principle.</xs:documentation>
+							</xs:annotation>
+						</xs:element>
+					</xs:sequence>
+				</xs:complexType>
+			</xs:element>
+			<xs:element name="Related_Guidelines" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>This field identifies existing security guidelines that are relevant to identifying or mitigating this type of attack.</xs:documentation>
+				</xs:annotation>
+				<xs:complexType>
+					<xs:sequence>
+						<xs:element name="Related_Guideline" type="capec:Structured_Text_Type" maxOccurs="unbounded">
+							<xs:annotation>
+								<xs:documentation>This field describes an individual related guideline.</xs:documentation>
+							</xs:annotation>
+						</xs:element>
+					</xs:sequence>
+				</xs:complexType>
+			</xs:element>
+			<xs:element name="Purposes" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>This field describes the generalized purposes of the pattern in order to enable the capture of pattern composibility. In order to assist in normalization and classification, this field involves a selection from an enumerated list of defined purposes which may be currently incomplete and may grow as new relevant possibilities are identified.</xs:documentation>
+				</xs:annotation>
+				<xs:complexType>
+					<xs:sequence>
+						<xs:element name="Purpose" maxOccurs="unbounded">
+							<xs:annotation>
+								<xs:documentation>This field describes the generalized purpose of the pattern in order to enable the capture of pattern composibility. In order to assist in normalization and classification, this field involves a selection from an enumerated list of defined purposes which may be currently incomplete and may grow as new relevant possibilities are identified.</xs:documentation>
+							</xs:annotation>
+							<xs:simpleType>
+								<xs:restriction base="xs:string">
+									<xs:enumeration value="Reconnaissance"/>
+									<xs:enumeration value="Penetration"/>
+									<xs:enumeration value="Exploitation"/>
+									<xs:enumeration value="Obfuscation"/>
+								</xs:restriction>
+							</xs:simpleType>
+						</xs:element>
+					</xs:sequence>
+				</xs:complexType>
+			</xs:element>
+			<xs:element name="CIA_Impact" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>This field characterizes the typical relative impact of this pattern on the confidentiality, integrity and availability of the targeted software.</xs:documentation>
+				</xs:annotation>
+				<xs:complexType>
+					<xs:sequence>
+						<xs:element name="Confidentiality_Impact" minOccurs="0">
+							<xs:annotation>
+								<xs:documentation>This field describes the typical impact of this pattern on the confidentiality characteristics of the targeted software and related data.</xs:documentation>
+							</xs:annotation>
+							<xs:simpleType>
+								<xs:restriction base="xs:string">
+									<xs:enumeration value="Low"/>
+									<xs:enumeration value="Medium"/>
+									<xs:enumeration value="High"/>
+								</xs:restriction>
+							</xs:simpleType>
+						</xs:element>
+						<xs:element name="Integrity_Impact" minOccurs="0">
+							<xs:annotation>
+								<xs:documentation>This field describes the typical impact of this pattern on the integrity characteristics of the targeted software and related data.</xs:documentation>
+							</xs:annotation>
+							<xs:simpleType>
+								<xs:restriction base="xs:string">
+									<xs:enumeration value="Low"/>
+									<xs:enumeration value="Medium"/>
+									<xs:enumeration value="High"/>
+								</xs:restriction>
+							</xs:simpleType>
+						</xs:element>
+						<xs:element name="Availability_Impact" minOccurs="0">
+							<xs:annotation>
+								<xs:documentation>This field describes the typical impact of this pattern on the availability characteristics of the targeted software and related data.</xs:documentation>
+							</xs:annotation>
+							<xs:simpleType>
+								<xs:restriction base="xs:string">
+									<xs:enumeration value="Low"/>
+									<xs:enumeration value="Medium"/>
+									<xs:enumeration value="High"/>
+								</xs:restriction>
+							</xs:simpleType>
+						</xs:element>
+					</xs:sequence>
+				</xs:complexType>
+			</xs:element>
+			<xs:element name="Technical_Context" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>This field characterizes the technical context where this pattern is applicable.</xs:documentation>
+				</xs:annotation>
+				<xs:complexType>
+					<xs:sequence>
+						<xs:element name="Architectural_Paradigms" minOccurs="0">
+							<xs:annotation>
+								<xs:documentation>This field outlines the architectural paradigms of target software where the pattern is possible and relevant. In order to assist in normalization and classification, this field involves a selection from an enumerated list of defined paradigms which may be currently incomplete and may grow or change as new relevant possibilities are identified.</xs:documentation>
+							</xs:annotation>
+							<xs:complexType>
+								<xs:sequence>
+									<xs:element name="Architectural_Paradigm" maxOccurs="unbounded">
+										<xs:annotation>
+											<xs:documentation>This field outlines the architectural paradigms of target software where the pattern is possible and relevant. In order to assist in normalization and classification, this field involves a selection from an enumerated list of defined paradigms which may be currently incomplete and may grow or change as new relevant possibilities are identified.</xs:documentation>
+										</xs:annotation>
+										<xs:simpleType>
+											<xs:restriction base="xs:string">
+												<xs:enumeration value="Mainframe"/>
+												<xs:enumeration value="Client-Server"/>
+												<xs:enumeration value="n-Tier"/>
+												<xs:enumeration value="Web"/>
+												<xs:enumeration value="SOA"/>
+												<xs:enumeration value="Other"/>
+												<xs:enumeration value="All"/>
+											</xs:restriction>
+										</xs:simpleType>
+									</xs:element>
+								</xs:sequence>
+							</xs:complexType>
+						</xs:element>
+						<xs:element name="Frameworks" minOccurs="0">
+							<xs:annotation>
+								<xs:documentation>This field outlines the frameworks used as part of the target software where the pattern is possible and relevant. In order to assist in normalization and classification, this field involves a selection from an enumerated list of defined frameworks which may be currently incomplete and may grow or change as new relevant possibilities are identified.</xs:documentation>
+							</xs:annotation>
+							<xs:complexType>
+								<xs:sequence>
+									<xs:element name="Framework" minOccurs="0" maxOccurs="unbounded">
+										<xs:annotation>
+											<xs:documentation>This field outlines the frameworks used as part of the target software where the pattern is possible and relevant. In order to assist in normalization and classification, this field involves a selection from an enumerated list of defined frameworks which may be currently incomplete and may grow or change as new relevant possibilities are identified.</xs:documentation>
+										</xs:annotation>
+										<xs:simpleType>
+											<xs:restriction base="xs:string">
+												<xs:enumeration value="J2EE"/>
+												<xs:enumeration value=".NET"/>
+												<xs:enumeration value="Struts"/>
+												<xs:enumeration value="Spring"/>
+												<xs:enumeration value="Hibernate"/>
+												<xs:enumeration value="Other"/>
+												<xs:enumeration value="All"/>
+											</xs:restriction>
+										</xs:simpleType>
+									</xs:element>
+								</xs:sequence>
+							</xs:complexType>
+						</xs:element>
+						<xs:element name="Platforms" minOccurs="0">
+							<xs:annotation>
+								<xs:documentation>This field outlines the platforms (OS) of the target software where the pattern is possible and relevant. In order to assist in normalization and classification, this field involves a selection from an enumerated list of defined platforms which may be currently incomplete and may grow or change as new relevant possibilities are identified.</xs:documentation>
+							</xs:annotation>
+							<xs:complexType>
+								<xs:sequence>
+									<xs:element name="Platform" minOccurs="0" maxOccurs="unbounded">
+										<xs:annotation>
+											<xs:documentation>This field outlines the platforms (OS) of the target software where the pattern is possible and relevant. In order to assist in normalization and classification, this field involves a selection from an enumerated list of defined platforms which may be currently incomplete and may grow or change as new relevant possibilities are identified.</xs:documentation>
+										</xs:annotation>
+										<xs:simpleType>
+											<xs:restriction base="xs:string">
+												<xs:enumeration value="Windows"/>
+												<xs:enumeration value="UNIX-LINUX"/>
+												<xs:enumeration value="Solaris"/>
+												<xs:enumeration value="Other"/>
+												<xs:enumeration value="All"/>
+											</xs:restriction>
+										</xs:simpleType>
+									</xs:element>
+								</xs:sequence>
+							</xs:complexType>
+						</xs:element>
+						<xs:element name="Languages" minOccurs="0">
+							<xs:annotation>
+								<xs:documentation>This field outlines the implementation languages of the target software where the pattern is possible and relevant. In order to assist in normalization and classification, this field involves a selection from an enumerated list of defined platforms which may be currently incomplete and may grow or change as new relevant possibilities are identified.</xs:documentation>
+							</xs:annotation>
+							<xs:complexType>
+								<xs:sequence>
+									<xs:element name="Language" minOccurs="0" maxOccurs="unbounded">
+										<xs:annotation>
+											<xs:documentation>This field outlines the implementation languages of the target software where the pattern is possible and relevant. In order to assist in normalization and classification, this field involves a selection from an enumerated list of defined platforms which may be currently incomplete and may grow or change as new relevant possibilities are identified.</xs:documentation>
+										</xs:annotation>
+										<xs:simpleType>
+											<xs:restriction base="xs:string">
+												<xs:enumeration value="AJAX"/>
+												<xs:enumeration value="ASP"/>
+												<xs:enumeration value="ASP.NET"/>
+												<xs:enumeration value="C"/>
+												<xs:enumeration value="C++"/>
+												<xs:enumeration value="C#"/>
+												<xs:enumeration value="Java"/>
+												<xs:enumeration value="JSP"/>
+												<xs:enumeration value="PHP"/>
+												<xs:enumeration value="PERL"/>
+												<xs:enumeration value="Ruby"/>
+												<xs:enumeration value="Visual Basic"/>
+												<xs:enumeration value="Other"/>
+												<xs:enumeration value="All"/>
+											</xs:restriction>
+										</xs:simpleType>
+									</xs:element>
+								</xs:sequence>
+							</xs:complexType>
+						</xs:element>
+					</xs:sequence>
+				</xs:complexType>
+			</xs:element>
+			<xs:element name="Keywords" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>This field is intended to be a catch-all field for assisting in searching and subsecting a collection of patterns according to criteria not contained elsewehre in this schema.</xs:documentation>
+				</xs:annotation>
+				<xs:complexType>
+					<xs:sequence>
+						<xs:element name="Keyword" type="xs:string" maxOccurs="unbounded">
+							<xs:annotation>
+								<xs:documentation>This field contains an individual keyword to be used for tagging and searching.</xs:documentation>
+							</xs:annotation>
+						</xs:element>
+					</xs:sequence>
+				</xs:complexType>
+			</xs:element>
+			<xs:element name="References" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>This field enumerates reference resources that were used to develop the definition of this attack pattern and those that could prove valuable to the reader looking for further information on this attack.</xs:documentation>
+				</xs:annotation>
+				<xs:complexType>
+					<xs:sequence>
+						<xs:element name="Reference" type="capec:Reference_Type" maxOccurs="unbounded">
+							<xs:annotation>
+								<xs:documentation>This field should describe the reference clearly and unambiguously by name and with some method of address such that the reader can locate the resource for further reference.</xs:documentation>
+							</xs:annotation>
+						</xs:element>
+					</xs:sequence>
+				</xs:complexType>
+			</xs:element>
+			<xs:element ref="capec:Other_Notes" minOccurs="0"/>
+			<xs:element ref="capec:Maintenance_Notes" minOccurs="0"/>
+			<xs:element ref="capec:Content_History" minOccurs="0"/>
+		</xs:sequence>
+		<xs:attribute name="ID" type="xs:integer" use="optional" default="0"/>
+		<xs:attribute name="Name" type="xs:string" use="required"/>
+		<xs:attribute name="Pattern_Completeness">
+			<xs:simpleType>
+				<xs:restriction base="xs:string">
+					<xs:enumeration value="Complete"/>
+					<xs:enumeration value="Stub"/>
+					<xs:enumeration value="Hook"/>
+				</xs:restriction>
+			</xs:simpleType>
+		</xs:attribute>
+		<xs:attribute name="Pattern_Abstraction" use="optional">
+			<xs:simpleType>
+				<xs:restriction base="xs:string">
+					<xs:enumeration value="Meta"/>
+					<xs:enumeration value="Standard"/>
+					<xs:enumeration value="Detailed"/>
+				</xs:restriction>
+			</xs:simpleType>
+		</xs:attribute>
+		<xs:attribute name="Status" type="capec:Status_Type" use="required">
+			<xs:annotation>
+				<xs:documentation> The Status attribute defines the status level for this view.
+					</xs:documentation>
+			</xs:annotation>
+		</xs:attribute>
+	</xs:complexType>
+</xs:schema>
diff --git a/stix_validator/schema/external/cvrf_1.1/common.xsd b/stix_validator/schema/external/cvrf_1.1/common.xsd
new file mode 100755
index 0000000..ed9152d
--- /dev/null
+++ b/stix_validator/schema/external/cvrf_1.1/common.xsd
@@ -0,0 +1,176 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<xs:schema
+ xmlns:cvrf-common="http://www.icasi.org/CVRF/schema/common/1.1"
+ xmlns:xs="http://www.w3.org/2001/XMLSchema"
+ xmlns:dc="http://purl.org/dc/elements/1.1/"
+ id="CVRFCommonDictionary"
+ targetNamespace="http://www.icasi.org/CVRF/schema/common/1.1"
+ elementFormDefault="qualified"
+ attributeFormDefault="unqualified"
+ version="1.1">
+  <!-- =============================================================================== -->
+  <!-- =============================   SCHEMA IMPORTS  =============================== -->
+  <!-- =============================================================================== -->
+  <xs:import namespace="http://purl.org/dc/elements/1.1/" schemaLocation="dc.xsd"/>
+  <xs:import namespace="http://www.w3.org/XML/1998/namespace" schemaLocation="xml.xsd"/>
+  <!-- =============================================================================== -->
+  <!-- ============================ SCHEMA INFORMATION =============================== -->
+  <!-- =============================================================================== -->
+  <xs:annotation>
+    <xs:documentation xml:lang="en">This is the XML schema for the Common Vulerability Reporting Framework's common data types.</xs:documentation>
+    <xs:appinfo>
+      <dc:creator>Brian Schafer &lt;bschafer@microsoft.com&gt;</dc:creator>
+      <dc:contributor>Joe Clarke &lt;jclarke@cisco.com&gt;</dc:contributor>
+      <dc:contributor>Joe Hemmerlein &lt;Joe.Hemmerlein@microsoft.com&gt;</dc:contributor>
+      <dc:date>2012-05-07</dc:date>
+      <dc:subject>CVRF Common Data Types</dc:subject>
+      <version>1.1</version>
+    </xs:appinfo>
+  </xs:annotation>
+  <!-- =============================================================================== -->
+  <!-- =================================== DATA TYPES ================================ -->
+  <!-- =============================================================================== -->
+  <xs:simpleType name="nonEmptyNormalizedString">
+    <xs:annotation>
+      <xs:documentation xml:lang="en">A normalized string type that cannot be empty.</xs:documentation>
+    </xs:annotation>
+    <xs:restriction base="xs:normalizedString">
+      <xs:minLength value="1" />
+    </xs:restriction>
+  </xs:simpleType>
+  <xs:simpleType name="nonEmptyString">
+    <xs:annotation>
+      <xs:documentation xml:lang="en">A string type that cannot be empty.</xs:documentation>
+    </xs:annotation>
+    <xs:restriction base="xs:string">
+      <xs:minLength value="1" />
+    </xs:restriction>
+  </xs:simpleType>
+  <xs:complexType name="localizedString">
+    <xs:annotation>
+      <xs:documentation xml:lang="en">String type with an optional language attribute.  The default language is English.</xs:documentation>
+    </xs:annotation>
+    <xs:simpleContent>
+      <xs:extension base="cvrf-common:nonEmptyString">
+        <xs:attribute ref="xml:lang" default="en">
+          <xs:annotation>
+            <xs:documentation xml:lang="en">Locale code used for the string value.  The default is &quot;en&quot;.</xs:documentation>
+          </xs:annotation>
+        </xs:attribute>
+      </xs:extension>
+    </xs:simpleContent>
+  </xs:complexType>
+  <xs:complexType name="localizedNormalizedString">
+    <xs:annotation>
+      <xs:documentation xml:lang="en">Normalized string type with an optional language attribute.  The default language is English.  This string cannot be empty.</xs:documentation>
+    </xs:annotation>
+    <xs:simpleContent>
+      <xs:extension base="cvrf-common:nonEmptyNormalizedString">
+        <xs:attribute ref="xml:lang" default="en">
+          <xs:annotation>
+            <xs:documentation xml:lang="en">Locale code used for the string value.  The default is &quot;en&quot;.</xs:documentation>
+          </xs:annotation>
+        </xs:attribute>
+      </xs:extension>
+    </xs:simpleContent>
+  </xs:complexType>
+  <xs:simpleType name="revisionNumber">
+    <xs:annotation>
+      <xs:documentation xml:lang="en">Dotted string representing the document revision</xs:documentation>
+    </xs:annotation>
+    <xs:restriction base="xs:token">
+      <xs:pattern value="(0|[1-9][0-9]*)(\.(0|[1-9][0-9]*)){0,3}" />
+    </xs:restriction>
+  </xs:simpleType>
+  <xs:simpleType name="ReferenceTypeEnum">
+    <xs:annotation>
+      <xs:documentation xml:lang="en">Types enumerating the type of reference document</xs:documentation>
+    </xs:annotation>
+    <xs:restriction base="xs:token">
+      <xs:enumeration value="External">
+        <xs:annotation>
+          <xs:documentation xml:lang="en">This document is an external reference to the current vulnerability.</xs:documentation>
+        </xs:annotation>
+      </xs:enumeration>
+      <xs:enumeration value="Self">
+        <xs:annotation>
+          <xs:documentation xml:lang="en">This document is a reference to this same vulnerability.</xs:documentation>
+        </xs:annotation>
+      </xs:enumeration>
+    </xs:restriction>
+  </xs:simpleType>
+  <xs:simpleType name="PublisherEnumType">
+    <xs:annotation>
+      <xs:documentation xml:lang="en">Types enumerating the various publishers of a document.</xs:documentation>
+    </xs:annotation>
+    <xs:restriction base="xs:token">
+      <xs:enumeration value="Vendor">
+        <xs:annotation>
+          <xs:documentation xml:lang="en">Developers or maintainers of information system products or services.</xs:documentation>
+        </xs:annotation>
+      </xs:enumeration>
+      <xs:enumeration value="Discoverer">
+        <xs:annotation>
+          <xs:documentation xml:lang="en">Individuals or organizations that find vulnerabilities or security weaknesses.</xs:documentation>
+        </xs:annotation>
+      </xs:enumeration>
+      <xs:enumeration value="Coordinator">
+        <xs:annotation>
+          <xs:documentation xml:lang="en">Individuals or organizations that manage a single vendor's response or multiple vendors' responses to a vulnerability, a security flaw, or an incident.</xs:documentation>
+        </xs:annotation>
+      </xs:enumeration>
+      <xs:enumeration value="User">
+        <xs:annotation>
+          <xs:documentation xml:lang="en">Everyone using a vendor's product.</xs:documentation>
+        </xs:annotation>
+      </xs:enumeration>
+      <xs:enumeration value="Other">
+        <xs:annotation>
+          <xs:documentation xml:lang="en">Catchall for everyone else. Currently this includes forwarders, re-publishers, language translators and miscellaneous contributors.</xs:documentation>
+        </xs:annotation>
+      </xs:enumeration>
+    </xs:restriction>
+  </xs:simpleType>
+  <xs:simpleType name="NoteTypeEnumType">
+    <xs:annotation>
+      <xs:documentation xml:lang="en">Allowed type values for CVRF notes.</xs:documentation>
+    </xs:annotation>
+    <xs:restriction base="xs:token">
+      <xs:enumeration value="General">
+        <xs:annotation>
+          <xs:documentation xml:lang="en">A general, high-level note (Title may have more information).</xs:documentation>
+        </xs:annotation>
+      </xs:enumeration>
+      <xs:enumeration value="Details">
+        <xs:annotation>
+          <xs:documentation xml:lang="en">A low-level detailed discussion (Title may have more information).</xs:documentation>
+        </xs:annotation>
+      </xs:enumeration>
+      <xs:enumeration value="Description">
+        <xs:annotation>
+          <xs:documentation xml:lang="en">A description of something (Title may have more information).</xs:documentation>
+        </xs:annotation>
+      </xs:enumeration>
+      <xs:enumeration value="Summary">
+        <xs:annotation>
+          <xs:documentation xml:lang="en">A summary of something (Title may have more information).</xs:documentation>
+        </xs:annotation>
+      </xs:enumeration>
+      <xs:enumeration value="FAQ">
+        <xs:annotation>
+          <xs:documentation xml:lang="en">A list of frequently asked questions.</xs:documentation>
+        </xs:annotation>
+      </xs:enumeration>
+      <xs:enumeration value="Legal Disclaimer">
+        <xs:annotation>
+          <xs:documentation xml:lang="en">Any possible legal discussion, including constraints, surrounding the document.</xs:documentation>
+        </xs:annotation>
+      </xs:enumeration>
+      <xs:enumeration value="Other">
+        <xs:annotation>
+          <xs:documentation xml:lang="en">Something that doesn’t fit (Title should have more information).</xs:documentation>
+        </xs:annotation>
+      </xs:enumeration>
+    </xs:restriction>
+  </xs:simpleType>
+</xs:schema>
diff --git a/stix_validator/schema/external/cvrf_1.1/cpe-language_2.2a.xsd b/stix_validator/schema/external/cvrf_1.1/cpe-language_2.2a.xsd
new file mode 100755
index 0000000..a337d06
--- /dev/null
+++ b/stix_validator/schema/external/cvrf_1.1/cpe-language_2.2a.xsd
@@ -0,0 +1,182 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<xsd:schema xmlns:xsd="http://www.w3.org/2001/XMLSchema"
+      xmlns:cpe="http://cpe.mitre.org/language/2.0"
+      xmlns:xml="http://www.w3.org/XML/1998/namespace"
+      xmlns:sch="http://purl.oclc.org/dsdl/schematron"
+      targetNamespace="http://cpe.mitre.org/language/2.0" elementFormDefault="qualified"
+      attributeFormDefault="unqualified" version="2.2a">
+      <xsd:import namespace="http://www.w3.org/XML/1998/namespace" schemaLocation="xml.xsd"/>
+      <xsd:annotation>
+            <xsd:documentation xml:lang="en">This XML Schema defines the CPE Language. An individual
+                  CPE Name addresses a single part of an actual system. To identify more complex
+                  platform types, there needs to be a way to combine different CPE Names using
+                  logical operators. For example, there may be a need to identify a platform with a
+                  particular operating system AND a certain application. The CPE Language exists to
+                  satisfy this need, enabling the CPE Name for the operating system to be combined
+                  with the CPE Name for the application. For more information, consult the CPE
+                  Specification document.</xsd:documentation>
+            <xsd:appinfo>
+                  <schema>CPE Language</schema>
+                  <author>Neal Ziring, Andrew Buttner, David Waltermire</author>
+                  <version>2.2</version>
+                  <date>10/27/2008 10:00:00 AM</date>
+            </xsd:appinfo>
+      </xsd:annotation>
+
+      <!-- =============================================================================== -->
+      <!-- =============================================================================== -->
+      <!-- =============================================================================== -->
+      <xsd:element name="platform-specification" type="cpe:platformSpecificationType">
+            <xsd:annotation>
+                  <xsd:documentation xml:lang="en">This element is the root element of a CPE
+                        Language XML documents and therefore acts as a container for child platform
+                        definitions.</xsd:documentation>
+            </xsd:annotation>
+            <xsd:key name="platformKey">
+                  <xsd:selector xpath="cpe:platform"/>
+                  <xsd:field xpath="@id"/>
+            </xsd:key>
+      </xsd:element>
+
+      <xsd:element name="platform" type="cpe:PlatformType"/>
+      <xsd:element name="platform-configuration" type="cpe:PlatformBaseType"/>
+
+      <xsd:element name="logical-test" type="cpe:LogicalTestType"/>
+
+      <xsd:element name="fact-ref" type="cpe:FactRefType"/>
+      
+
+      <!-- =============================================================================== -->
+      <!-- =========================== PLATFORM SPECIFICATION ============================ -->
+      <!-- =============================================================================== -->
+      <xsd:complexType name="platformSpecificationType">
+            <xsd:sequence>
+                  <xsd:element ref="cpe:platform" minOccurs="1"
+                        maxOccurs="unbounded"/>
+            </xsd:sequence>
+      </xsd:complexType>
+      
+      <!-- =============================================================================== -->
+      <!-- ==================================  PLATFORM  ================================= -->
+      <!-- =============================================================================== -->
+      <xsd:complexType name="PlatformBaseType">
+            <xsd:annotation>
+                  <xsd:documentation xml:lang="en">The platform element represents the description
+                        or qualifications of a particular IT platform type. The platform is defined
+                        by the logical-test child element.</xsd:documentation>
+            </xsd:annotation>
+            <xsd:sequence>
+                  <xsd:element name="title" type="cpe:TextType" minOccurs="0" maxOccurs="unbounded">
+                        <xsd:annotation>
+                              <xsd:documentation xml:lang="en">The optional title element may appear as a child
+                                    to a platform element. It provides a human-readable title for it. To support
+                                    uses intended for multiple languages, this element supports the ‘xml:lang’
+                                    attribute. At most one title element can appear for each language.</xsd:documentation>
+                        </xsd:annotation>
+                  </xsd:element>
+                  <xsd:element name="remark" type="cpe:TextType" minOccurs="0" maxOccurs="unbounded">
+                        <xsd:annotation>
+                              <xsd:documentation xml:lang="en">The optional remark element may appear as a child
+                                    of a platform element. It provides some additional description. Zero or more
+                                    remark elements may appear. To support uses intended for multiple languages,
+                                    this element supports the ‘xml:lang’ attribute. There can be multiple
+                                    remarks for a single language.</xsd:documentation>
+                        </xsd:annotation>
+                  </xsd:element>
+                  <xsd:element ref="cpe:logical-test" minOccurs="1" maxOccurs="1"/>
+            </xsd:sequence>
+      </xsd:complexType>
+      <xsd:complexType name="PlatformType">
+            <xsd:complexContent>
+                  <xsd:extension base="cpe:PlatformBaseType">
+                        <xsd:attribute name="id" type="xsd:anyURI" use="required">
+                              <xsd:annotation>
+                                    <xsd:documentation xml:lang="en">The id attribute holds a locally unique
+                                          name for the platform. There is no defined format for this id, it just has
+                                          to be unique to the containing language document.</xsd:documentation>
+                              </xsd:annotation>
+                        </xsd:attribute>
+                  </xsd:extension>
+            </xsd:complexContent>
+      </xsd:complexType>
+      <xsd:complexType name="LogicalTestType">
+            <xsd:annotation>
+                  <xsd:documentation xml:lang="en">The logical-test element appears as a child of a
+                        platform element, and may also be nested to create more complex logical
+                        tests. The content consists of one or more elements: fact-ref, and
+                        logical-test children are permitted. The operator to be applied, and
+                        optional negation of the test, are given as attributes.</xsd:documentation>
+            </xsd:annotation>
+            <xsd:sequence>
+                  <xsd:element name="logical-test" type="cpe:LogicalTestType" minOccurs="0"
+                        maxOccurs="unbounded"/>
+                  <xsd:element ref="cpe:fact-ref" minOccurs="0"
+                        maxOccurs="unbounded">
+                        <xsd:annotation>
+                              <xsd:documentation xml:lang="en"></xsd:documentation>
+                        </xsd:annotation>
+                  </xsd:element>
+            </xsd:sequence>
+            <xsd:attribute name="operator" type="cpe:operatorEnumeration" use="required"/>
+            <xsd:attribute name="negate" type="xsd:boolean" use="required"/>
+      </xsd:complexType>
+      <xsd:complexType name="FactRefType">
+            <xsd:annotation>
+                  <xsd:documentation xml:lang="en">The fact-ref element appears as a
+                        child of a logical-test element. It is simply a reference to a CPE Name that
+                        always evaluates to a Boolean result.</xsd:documentation>
+            </xsd:annotation>
+            <xsd:attribute name="name" type="cpe:namePattern" use="required"/>
+      </xsd:complexType>
+
+      <!-- =============================================================================== -->
+      <!-- ===============================  ENUMERATIONS  ================================ -->
+      <!-- =============================================================================== -->
+      <xsd:simpleType name="operatorEnumeration">
+            <xsd:annotation>
+                  <xsd:documentation xml:lang="en">The OperatorEnumeration simple type defines
+                        acceptable operators. Each operator defines how to evaluate multiple
+                        arguments.</xsd:documentation>
+            </xsd:annotation>
+            <xsd:restriction base="xsd:string">
+                  <xsd:enumeration value="AND"/>
+                  <xsd:enumeration value="OR"/>
+            </xsd:restriction>
+      </xsd:simpleType>
+      <!-- =============================================================================== -->
+      <!-- ==============================  SUPPORTING TYPES  ============================== -->
+      <!-- =============================================================================== -->
+      <xsd:complexType name="TextType">
+            <xsd:annotation>
+                  <xsd:documentation xml:lang="en">This type allows the xml:lang attribute to
+                        associate a specific language with an element's string
+                  content.</xsd:documentation>
+            </xsd:annotation>
+            <xsd:simpleContent>
+                  <xsd:extension base="xsd:string">
+                        <xsd:attribute ref="xml:lang"/>
+                  </xsd:extension>
+            </xsd:simpleContent>
+      </xsd:complexType>
+      <!-- =============================================================================== -->
+      <!-- ================================  ID PATTERNS  ================================ -->
+      <!-- =============================================================================== -->
+      <xsd:simpleType name="namePattern">
+            <xsd:annotation>
+                  <xsd:documentation xml:lang="en">Define the format for acceptable CPE Names. A URN
+                        format is used with the id starting with the word cpe followed by :/ and
+                        then some number of individual components separated by
+                  colons.</xsd:documentation>
+            </xsd:annotation>
+            <xsd:restriction base="xsd:anyURI">
+                  <xsd:pattern value="[c][pP][eE]:/[AHOaho]?(:[A-Za-z0-9\._\-~%]*){0,6}"/>
+            </xsd:restriction>
+      </xsd:simpleType>
+    <!-- ================================================== -->
+    <!-- =====  Change History  -->
+    <!-- ================================================== -->
+    <!--
+        v2.2 - Initial working version
+        v2.3 - Various refactoring of types to use element refs.  This enables more fine-grained reuse of this schema and allows XSD substitution to be possible.
+    -->
+</xsd:schema>
diff --git a/stix_validator/schema/external/cvrf_1.1/cvrf.xsd b/stix_validator/schema/external/cvrf_1.1/cvrf.xsd
new file mode 100755
index 0000000..3448717
--- /dev/null
+++ b/stix_validator/schema/external/cvrf_1.1/cvrf.xsd
@@ -0,0 +1,487 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<xs:schema id="CVRFDictionary"
+  targetNamespace="http://www.icasi.org/CVRF/schema/cvrf/1.1"
+  xmlns:cvrf="http://www.icasi.org/CVRF/schema/cvrf/1.1"
+  xmlns:vuln="http://www.icasi.org/CVRF/schema/vuln/1.1"
+  xmlns:prod="http://www.icasi.org/CVRF/schema/prod/1.1"
+  xmlns:cvrf-common="http://www.icasi.org/CVRF/schema/common/1.1"
+  xmlns:xs="http://www.w3.org/2001/XMLSchema"
+  xmlns:dc="http://purl.org/dc/elements/1.1/"
+  elementFormDefault="qualified"
+  attributeFormDefault="unqualified"
+  version="1.1">
+  <!-- =============================================================================== -->
+  <!-- =============================   SCHEMA IMPORTS  =============================== -->
+  <!-- =============================================================================== -->
+  <xs:import namespace="http://purl.org/dc/elements/1.1/" schemaLocation="dc.xsd" />
+  <xs:import namespace="http://www.icasi.org/CVRF/schema/vuln/1.1" schemaLocation="vuln.xsd" />
+  <xs:import namespace="http://www.icasi.org/CVRF/schema/common/1.1" schemaLocation="common.xsd" />
+  <xs:import namespace="http://www.icasi.org/CVRF/schema/prod/1.1" schemaLocation="prod.xsd" />
+  <!-- =============================================================================== -->
+  <!-- ============================ SCHEMA INFORMATION =============================== -->
+  <!-- =============================================================================== -->
+  <xs:annotation>
+    <xs:documentation xml:lang="en">This is the XML schema for the Common Vulnerability Reporting Framework.  For more information, see the CVRF whitepaper.</xs:documentation>
+    <xs:appinfo>
+      <dc:creator>Brian Schafer &lt;bschafer@microsoft.com&gt;</dc:creator>
+      <dc:contributor>Joe Clarke &lt;jclarke@cisco.com&gt;</dc:contributor>
+      <dc:contributor>Joe Hemmerlein &lt;Joe.Hemmerlein@microsoft.com&gt;</dc:contributor>
+      <dc:date>2012-05-07</dc:date>
+      <dc:subject>CVRF Dictionary</dc:subject>
+      <version>1.1</version>
+    </xs:appinfo>
+  </xs:annotation>
+  <!-- =============================================================================== -->
+  <!-- =================================== DATA TYPES ================================ -->
+  <!-- =============================================================================== -->
+  <xs:simpleType name="DocumentStatusEnumType">
+    <xs:annotation>
+      <xs:documentation xml:lang="en">Types enumerating the status of the document.</xs:documentation>
+    </xs:annotation>
+    <xs:restriction base="xs:normalizedString">
+      <xs:enumeration value="Draft">
+        <xs:annotation>
+          <xs:documentation xml:lang="en">Pre-release, intended for issuing party’s internal use only, or possibly used externally when the party is seeking feedback or indicating its intentions regarding a specific issue.</xs:documentation>
+        </xs:annotation>
+      </xs:enumeration>
+      <xs:enumeration value="Interim">
+        <xs:annotation>
+          <xs:documentation xml:lang="en">The issuing party believes the content is subject to change.</xs:documentation>
+        </xs:annotation>
+      </xs:enumeration>
+      <xs:enumeration value="Final">
+        <xs:annotation>
+          <xs:documentation xml:lang="en">The issuing party asserts the content is unlikely to change.</xs:documentation>
+        </xs:annotation>
+      </xs:enumeration>
+    </xs:restriction>
+  </xs:simpleType>
+  <xs:simpleType name="cvrfVersion">
+    <xs:annotation>
+      <xs:documentation xml:lang="en">Floating point number representing the CVRF specification version</xs:documentation>
+    </xs:annotation>
+    <xs:restriction base="xs:float">
+      <xs:pattern value="[0-9]+\.[0-9]{1,3}" />
+    </xs:restriction>
+  </xs:simpleType>
+  <!-- =============================================================================== -->
+  <!-- ============================= DOCUMENT DEFINITION ============================= -->
+  <!-- =============================================================================== -->
+  <xs:element name="cvrfdoc">
+    <xs:annotation>
+      <xs:documentation xml:lang="en">Root element of a CVRF document.</xs:documentation>
+    </xs:annotation>
+    <xs:complexType>
+      <xs:sequence>
+        <xs:element name="DocumentTitle" minOccurs="1" maxOccurs="1">
+          <xs:annotation>
+            <xs:documentation xml:lang="en">A definitive canonical name for the document, providing enough descriptive content to differentiate from other similar documents, ideally providing a unique “handle”.</xs:documentation>
+          </xs:annotation>
+          <xs:complexType>
+            <xs:simpleContent>
+              <xs:extension base="cvrf-common:localizedNormalizedString" />
+            </xs:simpleContent>
+          </xs:complexType>
+        </xs:element>
+        <xs:element name="DocumentType" minOccurs="1" maxOccurs="1">
+          <xs:annotation>
+            <xs:documentation xml:lang="en">A short canonical name, chosen by the document producer, which will inform the consumer about the type of the document.</xs:documentation>
+          </xs:annotation>
+          <xs:complexType>
+            <xs:simpleContent>
+              <xs:extension base="cvrf-common:localizedNormalizedString" />
+            </xs:simpleContent>
+          </xs:complexType>
+        </xs:element>
+        <xs:element name="DocumentPublisher" minOccurs="1" maxOccurs="1">
+          <xs:annotation>
+            <xs:documentation xml:lang="en">A container holding all information about the publisher of the CVRF document.</xs:documentation>
+          </xs:annotation>
+          <xs:complexType>
+            <xs:sequence>
+              <xs:element name="ContactDetails" minOccurs="0" maxOccurs="1">
+                <xs:annotation>
+                  <xs:documentation xml:lang="en">Author contact information such as address, phone number, email, etc.</xs:documentation>
+                </xs:annotation>
+                <xs:complexType>
+                  <xs:simpleContent>
+                    <xs:extension base="cvrf-common:localizedString" />
+                  </xs:simpleContent>
+                </xs:complexType>
+              </xs:element>
+              <xs:element name="IssuingAuthority" minOccurs="0" maxOccurs="1">
+                <xs:annotation>
+                  <xs:documentation xml:lang="en">The name of the issuing party and their authority to release the document, in particular, the party's constituency and responsibilities or other obligations.</xs:documentation>
+                </xs:annotation>
+                <xs:complexType>
+                  <xs:simpleContent>
+                    <xs:extension base="cvrf-common:localizedString" />
+                  </xs:simpleContent>
+                </xs:complexType>
+              </xs:element>
+            </xs:sequence>
+            <xs:attribute name="Type" type="cvrf-common:PublisherEnumType" use="required">
+              <xs:annotation>
+                <xs:documentation xml:lang="en">Type is an enumerated list containing an array of different document publisher types.</xs:documentation>
+              </xs:annotation>
+            </xs:attribute>
+            <xs:attribute name="VendorID" type="xs:string">
+              <xs:annotation>
+                <xs:documentation xml:lang="en">Vendor ID is a unique identifier (OID) that a vendor uses as issued by FIRST under the auspices of IETF.</xs:documentation>
+              </xs:annotation>
+            </xs:attribute>
+          </xs:complexType> 
+        </xs:element>
+        <xs:element name="DocumentTracking" minOccurs="1" maxOccurs="1">
+          <xs:annotation>
+            <xs:documentation xml:lang="en">The Document Tracking meta-container contains all of the attributes necessary to track a CVRF document.</xs:documentation>
+          </xs:annotation>
+          <xs:complexType>
+            <xs:sequence>
+              <xs:element name="Identification" minOccurs="1" maxOccurs="1">
+                <xs:annotation>
+                  <xs:documentation xml:lang="en">Contains document ID and optional document aliases</xs:documentation>
+                </xs:annotation>
+                <xs:complexType>
+                  <xs:sequence>
+                    <xs:element name="ID" minOccurs="1" maxOccurs="1">
+                      <xs:annotation>
+                        <xs:documentation xml:lang="en">Short unique identifier used to refer to the document unambiguously in any context.</xs:documentation>
+                      </xs:annotation>
+                      <xs:complexType>
+                        <xs:simpleContent>
+                          <xs:extension base="cvrf-common:localizedString" />
+                        </xs:simpleContent>
+                      </xs:complexType>
+                    </xs:element>
+                    <xs:element name="Alias" minOccurs="0" maxOccurs="unbounded">
+                      <xs:annotation>
+                        <xs:documentation xml:lang="en">Optional alternative ID for document</xs:documentation>
+                      </xs:annotation>
+                      <xs:complexType>
+                        <xs:simpleContent>
+                          <xs:extension base="cvrf-common:localizedString" />
+                        </xs:simpleContent>
+                      </xs:complexType>
+                    </xs:element>
+                  </xs:sequence>
+                </xs:complexType>
+              </xs:element>
+              <xs:element name="Status" type="cvrf:DocumentStatusEnumType" minOccurs="1" maxOccurs="1">
+                <xs:annotation>
+                  <xs:documentation xml:lang="en">The condition of the document with regard to completeness and the likelihood of future editions.</xs:documentation>
+                </xs:annotation>
+              </xs:element>
+              <xs:element name="Version" type="cvrf-common:revisionNumber" minOccurs="1" maxOccurs="1">
+                <xs:annotation>
+                  <xs:documentation xml:lang="en">Document Version is a simple counter to track the version of the document.</xs:documentation>
+                </xs:annotation>
+              </xs:element>
+              <xs:element name="RevisionHistory" minOccurs="1" maxOccurs="1">
+                <xs:annotation>
+                  <xs:documentation xml:lang="en">The Document Revision History contains one entry for each substantive version of the document, including the initial version and entries for each subsequent update.</xs:documentation>
+                </xs:annotation>
+                <xs:complexType>
+                  <xs:sequence>
+                    <xs:element name="Revision" minOccurs="1" maxOccurs="unbounded">
+                      <xs:annotation>
+                        <xs:documentation xml:lang="en">A set of Version, Date, and Description elements describing one iteration of this document</xs:documentation>
+                      </xs:annotation>
+                      <xs:complexType>
+                        <xs:sequence>
+                          <xs:element name="Number" type="cvrf-common:revisionNumber" minOccurs="1" maxOccurs="1">
+                            <xs:annotation>
+                              <xs:documentation xml:lang="en">Revision number of this iteration of the document.</xs:documentation>
+                            </xs:annotation>
+                          </xs:element>
+                          <xs:element name="Date" type="xs:dateTime" minOccurs="1" maxOccurs="1">
+                            <xs:annotation>
+                              <xs:documentation xml:lang="en">Date when this iteration of the document was released.</xs:documentation>
+                            </xs:annotation>
+                          </xs:element>
+                          <xs:element name="Description" minOccurs="1" maxOccurs="1">
+                            <xs:annotation>
+                              <xs:documentation xml:lang="en">Description of this iteration of the document.</xs:documentation>
+                            </xs:annotation>
+                            <xs:complexType>
+                              <xs:simpleContent>
+                                <xs:extension base="cvrf-common:localizedString" />
+                              </xs:simpleContent>
+                            </xs:complexType>
+                          </xs:element>
+                        </xs:sequence>
+                      </xs:complexType>
+                    </xs:element>
+                  </xs:sequence>
+                </xs:complexType>
+              </xs:element>
+              <xs:element name="InitialReleaseDate" type="xs:dateTime" minOccurs="1" maxOccurs="1">
+                <xs:annotation>
+                  <xs:documentation xml:lang="en">The initial date (and time, optionally) that the document was initially released by the issuing party.</xs:documentation>
+                </xs:annotation>
+              </xs:element>
+              <xs:element name="CurrentReleaseDate" type="xs:dateTime" minOccurs="1" maxOccurs="1">
+                <xs:annotation>
+                  <xs:documentation xml:lang="en">The current date (and time, optionally) that the document was released by the issuing party.</xs:documentation>
+                </xs:annotation>
+              </xs:element>
+              <xs:element name="Generator" minOccurs="0" maxOccurs="1">
+                <xs:annotation>
+                  <xs:documentation xml:lang="en">The Document Generator meta-container contains all of the elements related to the generation of the document.</xs:documentation>
+                </xs:annotation>
+                <xs:complexType>
+                  <xs:sequence>
+                    <xs:element name="Engine" minOccurs="0" maxOccurs="1">
+                      <xs:annotation>
+                        <xs:documentation xml:lang="en">The name and version of the engine that generated the CVRF document.</xs:documentation>
+                      </xs:annotation>
+                      <xs:complexType>
+                        <xs:simpleContent>
+                          <xs:extension base="cvrf-common:localizedString" />
+                        </xs:simpleContent>
+                      </xs:complexType>
+                    </xs:element>
+                    <xs:element name="Date" type="xs:dateTime" minOccurs="0" maxOccurs="1">
+                      <xs:annotation>
+                        <xs:documentation xml:lang="en">The date the CVRF document was generated.</xs:documentation>
+                      </xs:annotation>
+                    </xs:element>
+                  </xs:sequence>
+                </xs:complexType>
+              </xs:element>
+            </xs:sequence>
+          </xs:complexType>
+        </xs:element>
+        <xs:element name="DocumentNotes" minOccurs="0" maxOccurs="1">
+          <xs:annotation>
+            <xs:documentation xml:lang="en">The Document Notes text contains all of the individual notes necessary to provide different types of low-level discussions of a CVRF document to various audiences.</xs:documentation>
+          </xs:annotation>
+          <xs:complexType>
+            <xs:sequence>
+              <xs:element name="Note" minOccurs="1" maxOccurs="unbounded">
+                <xs:annotation>
+                  <xs:documentation xml:lang="en">A individual note in freeform text.</xs:documentation>
+                </xs:annotation>
+                <xs:complexType>
+                  <xs:simpleContent>
+                    <xs:extension base="cvrf-common:localizedString">
+                      <xs:attribute name="Title" type="xs:string">
+                        <xs:annotation>
+                          <xs:documentation xml:lang="en">Title should be a concise description of what is contained in this specific note.</xs:documentation>
+                        </xs:annotation>
+                      </xs:attribute>
+                      <xs:attribute name="Audience" type="xs:string">
+                        <xs:annotation>
+                          <xs:documentation xml:lang="en">Audience will indicate who is intended to read the note.</xs:documentation>
+                        </xs:annotation>
+                      </xs:attribute>
+                      <xs:attribute name="Type" type="cvrf-common:NoteTypeEnumType" use="required">
+                        <xs:annotation>
+                          <xs:documentation xml:lang="en">Type of content within this note.</xs:documentation>
+                        </xs:annotation>
+                      </xs:attribute>
+                      <xs:attribute name="Ordinal" type="xs:positiveInteger" use="required">
+                        <xs:annotation>
+                          <xs:documentation xml:lang="en">Ordinal is a locally significant integral counter indexed from 1 used to track notes.</xs:documentation>
+                        </xs:annotation>
+                      </xs:attribute>
+                    </xs:extension>
+                  </xs:simpleContent>
+                </xs:complexType>
+              </xs:element>
+            </xs:sequence>
+          </xs:complexType>
+        </xs:element>
+        <xs:element name="DocumentDistribution" minOccurs="0" maxOccurs="1">
+          <xs:annotation>
+            <xs:documentation xml:lang="en">The Document Distribution string should contain details on constraints, if any, about sharing this CVRF Document with additional recipients.</xs:documentation>
+          </xs:annotation>
+          <xs:complexType>
+            <xs:simpleContent>
+              <xs:extension base="cvrf-common:localizedString" />
+            </xs:simpleContent>
+          </xs:complexType>
+        </xs:element>
+        <xs:element name="AggregateSeverity" minOccurs="0" maxOccurs="1">
+          <xs:annotation>
+            <xs:documentation xml:lang="en">Aggregate Severity is provided by the producer of the document to convey the urgency and criticality with which the vulnerability or vulnerabilities should be addressed.</xs:documentation>
+          </xs:annotation>
+          <xs:complexType>
+            <xs:simpleContent>
+              <xs:extension base="cvrf-common:localizedString">
+                <xs:attribute name="Namespace" type="xs:anyURI">
+                  <xs:annotation>
+                    <xs:documentation xml:lang="en">URL of the namespace from which the Aggregate Severity is taken.</xs:documentation>
+                  </xs:annotation>
+                </xs:attribute>
+              </xs:extension>
+            </xs:simpleContent>
+          </xs:complexType>
+        </xs:element>
+        <xs:element name="DocumentReferences" minOccurs="0" maxOccurs="1">
+          <xs:annotation>
+            <xs:documentation xml:lang="en">This meta-container should include references to any conferences, papers, advisories, and other resources that are related and considered to be of value to the document consumer.</xs:documentation>
+          </xs:annotation>
+          <xs:complexType>
+            <xs:sequence>
+              <xs:element name="Reference" minOccurs="1" maxOccurs="unbounded">
+                <xs:annotation>
+                  <xs:documentation xml:lang="en">Related documents to the CVRF document.</xs:documentation>
+                </xs:annotation>
+                <xs:complexType>
+                  <xs:sequence>
+                    <xs:element name="URL" type="xs:anyURI" minOccurs="1" maxOccurs="1">
+                      <xs:annotation>
+                        <xs:documentation xml:lang="en">The URL of the related document.</xs:documentation>
+                      </xs:annotation>
+                    </xs:element>
+                    <xs:element name="Description" minOccurs="1" maxOccurs="1">
+                      <xs:annotation>
+                        <xs:documentation xml:lang="en">The description of the related document.</xs:documentation>
+                      </xs:annotation>
+                      <xs:complexType>
+                        <xs:simpleContent>
+                          <xs:extension base="cvrf-common:localizedString" />
+                        </xs:simpleContent>
+                      </xs:complexType>
+                    </xs:element>
+                  </xs:sequence>
+                  <xs:attribute name="Type" type="cvrf-common:ReferenceTypeEnum" default="External">
+                    <xs:annotation>
+                      <xs:documentation xml:lang="en">Enumerated type value of reference relative to this document.</xs:documentation>
+                    </xs:annotation>
+                  </xs:attribute>
+                </xs:complexType>
+              </xs:element>
+            </xs:sequence>
+          </xs:complexType>
+        </xs:element>
+        <xs:element name="Acknowledgments" minOccurs="0" maxOccurs="1">
+          <xs:annotation>
+            <xs:documentation xml:lang="en">The Acknowledgments container holds one or more Acknowledgement containers for document-level acknowledgements.</xs:documentation>
+          </xs:annotation>
+          <xs:complexType>
+            <xs:sequence>
+              <xs:element name="Acknowledgment" minOccurs="1" maxOccurs="unbounded">
+                <xs:annotation>
+                  <xs:documentation xml:lang="en">The Acknowledgment container holds recognition details for external parties, specific to the document as a whole rather than individual vulnerabilities.</xs:documentation>
+                </xs:annotation>
+                <xs:complexType>
+                  <xs:sequence>
+                    <xs:element name="Name" minOccurs="0" maxOccurs="unbounded">
+                      <xs:annotation>
+                        <xs:documentation xml:lang="en">The name (i.e., individual name) of the party being acknowledged.</xs:documentation>
+                      </xs:annotation>
+                      <xs:complexType>
+                        <xs:simpleContent>
+                          <xs:extension base="cvrf-common:localizedString" />
+                        </xs:simpleContent>
+                      </xs:complexType>
+                    </xs:element>
+                    <xs:element name="Organization" minOccurs="0" maxOccurs="unbounded">
+                      <xs:annotation>
+                        <xs:documentation xml:lang="en">The organization of the party being acknowledged or the organization itself being acknowledged.</xs:documentation>
+                      </xs:annotation>
+                      <xs:complexType>
+                        <xs:simpleContent>
+                          <xs:extension base="cvrf-common:localizedString" />
+                        </xs:simpleContent>
+                      </xs:complexType>
+                    </xs:element>
+                    <xs:element name="Description" minOccurs="0" maxOccurs="1">
+                      <xs:annotation>
+                        <xs:documentation xml:lang="en">The details of the acknowledgment that address the recognition of external parties who were instrumental in the discovery, reporting and response of this document.</xs:documentation>
+                      </xs:annotation>
+                      <xs:complexType>
+                        <xs:simpleContent>
+                          <xs:extension base="cvrf-common:localizedString" />
+                        </xs:simpleContent>
+                      </xs:complexType>
+                    </xs:element>
+                    <xs:element name="URL" type="xs:anyURI"  minOccurs="0" maxOccurs="unbounded">
+                      <xs:annotation>
+                        <xs:documentation xml:lang="en">The optional URL to the person, place, or thing being acknowledged.</xs:documentation>
+                      </xs:annotation>
+                    </xs:element>
+                  </xs:sequence>
+                </xs:complexType>
+              </xs:element>
+            </xs:sequence>
+          </xs:complexType>
+        </xs:element>
+        <xs:element ref="prod:ProductTree" minOccurs="0" maxOccurs="1" />
+        <xs:element ref="vuln:Vulnerability" minOccurs="0" maxOccurs="unbounded" />
+      </xs:sequence>
+    </xs:complexType>
+    <xs:unique name="UniqueOrdinal">
+      <xs:annotation>
+        <xs:documentation xml:lang="en">This is to ensure that each Vulnerability's Ordinal uses a unique value.</xs:documentation>
+      </xs:annotation>
+      <xs:selector xpath=".//vuln:Vulnerability"/>
+      <xs:field xpath="@Ordinal"/>
+    </xs:unique>
+     <xs:unique name="UniqueNotesOrdinal">
+      <xs:annotation>
+        <xs:documentation xml:lang="en">This is to ensure that each note has a unique ordinal value.</xs:documentation>
+      </xs:annotation>
+      <xs:selector xpath=".//cvrf:DocumentNotes/cvrf:Note"/>
+      <xs:field xpath="@Ordinal"/>
+    </xs:unique>
+    <xs:key name="ProductKey">
+      <xs:annotation>
+        <xs:documentation xml:lang="en">A key to reference a specific product defined in a referenced product schema.</xs:documentation>
+      </xs:annotation>
+      <xs:selector xpath=".//prod:FullProductName" />
+      <xs:field xpath="@ProductID" />
+    </xs:key>
+    <xs:keyref name="AffectedProductKeyRef" refer="cvrf:ProductKey">
+      <xs:annotation>
+        <xs:documentation xml:lang="en">An instance of the ProductKey to be used in the ProductID element for affected products.</xs:documentation>
+      </xs:annotation>
+      <xs:selector xpath=".//vuln:ProductStatuses/vuln:Status/vuln:ProductID"/>
+      <xs:field xpath="."/>
+    </xs:keyref>
+    <xs:keyref name="ScoreSetProductKeyRef" refer="cvrf:ProductKey">
+      <xs:annotation>
+        <xs:documentation xml:lang="en">An instance of the ProductKey to be used in the CVSS ScoreSet product references.</xs:documentation>
+      </xs:annotation>
+      <xs:selector xpath=".//vuln:CVSSScoreSets/vuln:ScoreSet/vuln:ProductID"/>
+      <xs:field xpath="."/>
+    </xs:keyref>
+    <xs:keyref name="ThreatProductKeyRef" refer="cvrf:ProductKey">
+      <xs:annotation>
+        <xs:documentation xml:lang="en">An instance of the ProductKey to be used in the Threat product references.</xs:documentation>
+      </xs:annotation>
+      <xs:selector xpath=".//vuln:Threats/vuln:Threat/vuln:ProductID"/>
+      <xs:field xpath="."/>
+    </xs:keyref>
+    <xs:keyref name="RemediationProductKeyRef" refer="cvrf:ProductKey">
+      <xs:annotation>
+        <xs:documentation xml:lang="en">An instance of the ProductKey to be used in the Remediation product references.</xs:documentation>
+      </xs:annotation>
+      <xs:selector xpath=".//vuln:Remediations/vuln:Remediation/vuln:ProductID"/>
+      <xs:field xpath="."/>
+    </xs:keyref>
+    <xs:key name="GroupKey">
+      <xs:annotation>
+        <xs:documentation xml:lang="en">A key to reference a specific product group defined in a referenced product schema.</xs:documentation>
+      </xs:annotation>
+      <xs:selector xpath=".//prod:ProductGroups/prod:Group" />
+      <xs:field xpath="@GroupID" />
+    </xs:key>
+    <xs:keyref name="ThreatGroupKeyRef" refer="cvrf:GroupKey">
+      <xs:annotation>
+        <xs:documentation xml:lang="en">An instance of the GroupKey to be used in the Threat product references.</xs:documentation>
+      </xs:annotation>
+      <xs:selector xpath=".//vuln:Threats/vuln:Threat/vuln:GroupID"/>
+      <xs:field xpath="."/>
+    </xs:keyref>
+    <xs:keyref name="RemediationGroupKeyRef" refer="cvrf:GroupKey">
+      <xs:annotation>
+        <xs:documentation xml:lang="en">An instance of the GroupKey to be used in the Remediation product references.</xs:documentation>
+      </xs:annotation>
+      <xs:selector xpath=".//vuln:Remediations/vuln:Remediation/vuln:GroupID"/>
+      <xs:field xpath="."/>
+    </xs:keyref>
+  </xs:element>
+</xs:schema>
diff --git a/stix_validator/schema/external/cvrf_1.1/cvss-v2_0.9.xsd b/stix_validator/schema/external/cvrf_1.1/cvss-v2_0.9.xsd
new file mode 100755
index 0000000..f68fb81
--- /dev/null
+++ b/stix_validator/schema/external/cvrf_1.1/cvss-v2_0.9.xsd
@@ -0,0 +1,415 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!--
+== Package: cvss-v2
+-->
+<xsd:schema xmlns:xsd="http://www.w3.org/2001/XMLSchema"
+	xmlns="http://scap.nist.gov/schema/cvss-v2/1.0"
+	targetNamespace="http://scap.nist.gov/schema/cvss-v2/1.0"
+	elementFormDefault="qualified" attributeFormDefault="unqualified"
+	version="0.9">
+	<!-- ================================================== -->
+	<!-- =====  Simple Type Definitions  -->
+	<!-- ================================================== -->
+	<!-- ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -->
+	<!--  Zero_To_Ten  <<simpleType>>  -->
+	<!-- ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -->
+	<xsd:simpleType name="zeroToTenDecimalType">
+		<xsd:annotation>
+			<xsd:documentation>Value restriction to single decimal values from 0.0 to 10.0, as used in CVSS scores</xsd:documentation>
+		</xsd:annotation>
+		<xsd:restriction base="xsd:decimal">
+			<xsd:minInclusive value="0"/>
+			<xsd:maxInclusive value="10"/>
+			<xsd:fractionDigits value="1"/>
+		</xsd:restriction>
+	</xsd:simpleType>
+	<!-- ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -->
+	<!--  HML_Enumeration  <<simpleType>>  -->
+	<!-- ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -->
+	<xsd:simpleType name="accessComplexityEnumType">
+		<xsd:restriction base="xsd:token">
+			<xsd:enumeration value="HIGH"/>
+			<xsd:enumeration value="MEDIUM"/>
+			<xsd:enumeration value="LOW"/>
+		</xsd:restriction>
+	</xsd:simpleType>
+	<!-- ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -->
+	<!--  LAN_Enumerations  <<simpleType>>  -->
+	<!-- ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -->
+	<xsd:simpleType name="accessVectorEnumType">
+		<xsd:restriction base="xsd:token">
+			<xsd:enumeration value="LOCAL"/>
+			<xsd:enumeration value="ADJACENT_NETWORK"/>
+			<xsd:enumeration value="NETWORK"/>
+		</xsd:restriction>
+	</xsd:simpleType>
+	<!-- ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -->
+	<!--  LMHN_Enumeration  <<simpleType>>  -->
+	<!-- ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -->
+	<xsd:simpleType name="ciaRequirementEnumType">
+		<xsd:restriction base="xsd:token">
+			<xsd:enumeration value="LOW"/>
+			<xsd:enumeration value="MEDIUM"/>
+			<xsd:enumeration value="HIGH"/>
+			<xsd:enumeration value="NOT_DEFINED"/>
+		</xsd:restriction>
+	</xsd:simpleType>
+	<!-- ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -->
+	<!--  NLLMMHHN_Enumeration  <<simpleType>>  -->
+	<!-- ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -->
+	<xsd:simpleType name="collateralDamagePotentialEnumType">
+		<xsd:restriction base="xsd:token">
+			<xsd:enumeration value="NONE"/>
+			<xsd:enumeration value="LOW"/>
+			<xsd:enumeration value="LOW_MEDIUM"/>
+			<xsd:enumeration value="MEDIUM_HIGH"/>
+			<xsd:enumeration value="HIGH"/>
+			<xsd:enumeration value="NOT_DEFINED"/>
+		</xsd:restriction>
+	</xsd:simpleType>
+	<!-- ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -->
+	<!--  NLMHN_Enumeration  <<simpleType>>  -->
+	<!-- ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -->
+	<xsd:simpleType name="targetDistributionEnumType">
+		<xsd:restriction base="xsd:token">
+			<xsd:enumeration value="NONE"/>
+			<xsd:enumeration value="LOW"/>
+			<xsd:enumeration value="MEDIUM"/>
+			<xsd:enumeration value="HIGH"/>
+			<xsd:enumeration value="NOT_DEFINED"/>
+		</xsd:restriction>
+	</xsd:simpleType>
+	<!-- ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -->
+	<!--  NPC_Enumeration  <<simpleType>>  -->
+	<!-- ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -->
+	<xsd:simpleType name="ciaEnumType">
+		<xsd:restriction base="xsd:token">
+			<xsd:enumeration value="NONE"/>
+			<xsd:enumeration value="PARTIAL"/>
+			<xsd:enumeration value="COMPLETE"/>
+		</xsd:restriction>
+	</xsd:simpleType>
+	<!-- ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -->
+	<!--  NSM_Enumeration  <<simpleType>>  -->
+	<!-- ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -->
+	<xsd:simpleType name="authenticationEnumType">
+		<xsd:restriction base="xsd:token">
+			<xsd:enumeration value="MULTIPLE_INSTANCES"/>
+			<xsd:enumeration value="SINGLE_INSTANCE"/>
+			<xsd:enumeration value="NONE"/>
+		</xsd:restriction>
+	</xsd:simpleType>
+	<!-- ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -->
+	<!--  OTWU_Enumeration  <<simpleType>>  -->
+	<!-- ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -->
+	<xsd:simpleType name="remediationLevelEnumType">
+		<xsd:restriction base="xsd:token">
+			<xsd:enumeration value="OFFICIAL_FIX"/>
+			<xsd:enumeration value="TEMPORARY_FIX"/>
+			<xsd:enumeration value="WORKAROUND"/>
+			<xsd:enumeration value="UNAVAILABLE"/>
+			<xsd:enumeration value="NOT_DEFINED"/>
+		</xsd:restriction>
+	</xsd:simpleType>
+	<!-- ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -->
+	<!--  UUCN_Enumeration  <<simpleType>>  -->
+	<!-- ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -->
+	<xsd:simpleType name="confidenceEnumType">
+		<xsd:restriction base="xsd:token">
+			<xsd:enumeration value="UNCONFIRMED"/>
+			<xsd:enumeration value="UNCORROBORATED"/>
+			<xsd:enumeration value="CONFIRMED"/>
+			<xsd:enumeration value="NOT_DEFINED"/>
+		</xsd:restriction>
+	</xsd:simpleType>
+	<!-- ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -->
+	<!--  UPFH_Enumeration  <<simpleType>>  -->
+	<!-- ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -->
+	<xsd:simpleType name="exploitabilityEnumType">
+		<xsd:restriction base="xsd:token">
+			<xsd:enumeration value="UNPROVEN"/>
+			<xsd:enumeration value="PROOF_OF_CONCEPT"/>
+			<xsd:enumeration value="FUNCTIONAL"/>
+			<xsd:enumeration value="HIGH"/>
+			<xsd:enumeration value="NOT_DEFINED"/>
+		</xsd:restriction>
+	</xsd:simpleType>
+
+	<!-- ================================================== -->
+	<!-- =====  Group Definitions  -->
+	<!-- ================================================== -->
+	<xsd:group name="baseVectorsGroup">
+		<xsd:sequence>
+			<xsd:element minOccurs="0" name="access-vector" type="accessVectorType"/>
+			<xsd:element minOccurs="0" name="access-complexity" type="accessComplexityType"/>
+			<xsd:element minOccurs="0" name="authentication" type="authenticationType"/>
+			<xsd:element minOccurs="0" name="confidentiality-impact" type="ciaType"/>
+			<xsd:element minOccurs="0" name="integrity-impact" type="ciaType"/>
+			<xsd:element minOccurs="0" name="availability-impact" type="ciaType"/>
+		</xsd:sequence>
+	</xsd:group>
+	<xsd:group name="environmentalVectorsGroup">
+		<xsd:sequence>
+			<xsd:element minOccurs="0" name="collateral-damage-potential" type="collateralDamagePotentialType"/>
+			<xsd:element minOccurs="0" name="target-distribution" type="targetDistributionType"/>
+			<xsd:element minOccurs="0" name="confidentiality-requirement" type="ciaRequirementType"/>
+			<xsd:element minOccurs="0" name="integrity-requirement" type="ciaRequirementType"/>
+			<xsd:element minOccurs="0" name="availability-requirement" type="ciaRequirementType"/>
+		</xsd:sequence>
+	</xsd:group>
+	<xsd:group name="temporalVectorsGroup">
+		<xsd:sequence>
+			<xsd:element minOccurs="0" name="exploitability" type="exploitabilityType"/>
+			<xsd:element minOccurs="0" name="remediation-level" type="remediationLevelType"/>
+			<xsd:element minOccurs="0" name="report-confidence" type="confidenceType"/>
+		</xsd:sequence>
+	</xsd:group>
+	<xsd:group name="baseVectorsCriteriaGroup">
+		<xsd:sequence>
+			<xsd:element minOccurs="0" name="access-vector" type="accessVectorEnumType"/>
+			<xsd:element minOccurs="0" name="access-complexity" type="accessComplexityEnumType"/>
+			<xsd:element minOccurs="0" name="authentication" type="authenticationEnumType"/>
+			<xsd:element minOccurs="0" name="confidentiality-impact" type="ciaEnumType"/>
+			<xsd:element minOccurs="0" name="integrity-impact" type="ciaEnumType"/>
+			<xsd:element minOccurs="0" name="availability-impact" type="ciaEnumType"/>
+		</xsd:sequence>
+	</xsd:group>
+	<xsd:group name="environmentalVectorsCriteriaGroup">
+		<xsd:sequence>
+			<xsd:element minOccurs="0" name="collateral-damage-potential" type="collateralDamagePotentialEnumType"/>
+			<xsd:element minOccurs="0" name="target-distribution" type="targetDistributionEnumType"/>
+			<xsd:element minOccurs="0" name="confidentiality-requirement" type="ciaRequirementEnumType"/>
+			<xsd:element minOccurs="0" name="integrity-requirement" type="ciaRequirementEnumType"/>
+			<xsd:element minOccurs="0" name="availability-requirement" type="ciaRequirementEnumType"/>
+		</xsd:sequence>
+	</xsd:group>
+	<xsd:group name="temporalVectorsCriteriaGroup">
+		<xsd:sequence>
+			<xsd:element minOccurs="0" name="exploitability" type="exploitabilityEnumType"/>
+			<xsd:element minOccurs="0" name="remediation-level" type="remediationLevelEnumType"/>
+			<xsd:element minOccurs="0" name="report-confidence" type="confidenceEnumType"/>
+		</xsd:sequence>
+	</xsd:group>
+	<xsd:attributeGroup name="vectorAttributeGroup">
+		<xsd:attribute name="approximated" type="xsd:boolean" default="false">
+			<xsd:annotation>
+				<xsd:documentation>Indicates if the vector has been approximated as the result of an upgrade from a previous CVSS version</xsd:documentation>
+			</xsd:annotation>
+		</xsd:attribute>
+	</xsd:attributeGroup>
+
+	<!-- ================================================== -->
+	<!-- =====  Complex Type Definitions  -->
+	<!-- ================================================== -->
+	<xsd:complexType name="accessComplexityType">
+		<xsd:simpleContent>
+			<xsd:extension base="accessComplexityEnumType">
+				<xsd:attributeGroup ref="vectorAttributeGroup"/>
+			</xsd:extension>
+		</xsd:simpleContent>
+	</xsd:complexType>
+	<xsd:complexType name="accessVectorType">
+		<xsd:simpleContent>
+			<xsd:extension base="accessVectorEnumType">
+				<xsd:attributeGroup ref="vectorAttributeGroup"/>
+			</xsd:extension>
+		</xsd:simpleContent>
+	</xsd:complexType>
+	<xsd:complexType name="ciaRequirementType">
+		<xsd:simpleContent>
+			<xsd:extension base="ciaRequirementEnumType">
+				<xsd:attributeGroup ref="vectorAttributeGroup"/>
+			</xsd:extension>
+		</xsd:simpleContent>
+	</xsd:complexType>
+	<xsd:complexType name="collateralDamagePotentialType">
+		<xsd:simpleContent>
+			<xsd:extension base="collateralDamagePotentialEnumType">
+				<xsd:attributeGroup ref="vectorAttributeGroup"/>
+			</xsd:extension>
+		</xsd:simpleContent>
+	</xsd:complexType>
+	<xsd:complexType name="targetDistributionType">
+		<xsd:simpleContent>
+			<xsd:extension base="targetDistributionEnumType">
+				<xsd:attributeGroup ref="vectorAttributeGroup"/>
+			</xsd:extension>
+		</xsd:simpleContent>
+	</xsd:complexType>
+	<xsd:complexType name="ciaType">
+		<xsd:simpleContent>
+			<xsd:extension base="ciaEnumType">
+				<xsd:attributeGroup ref="vectorAttributeGroup"/>
+			</xsd:extension>
+		</xsd:simpleContent>
+	</xsd:complexType>
+	<xsd:complexType name="authenticationType">
+		<xsd:simpleContent>
+			<xsd:extension base="authenticationEnumType">
+				<xsd:attributeGroup ref="vectorAttributeGroup"/>
+			</xsd:extension>
+		</xsd:simpleContent>
+	</xsd:complexType>
+	<xsd:complexType name="remediationLevelType">
+		<xsd:simpleContent>
+			<xsd:extension base="remediationLevelEnumType">
+				<xsd:attributeGroup ref="vectorAttributeGroup"/>
+			</xsd:extension>
+		</xsd:simpleContent>
+	</xsd:complexType>
+	<xsd:complexType name="confidenceType">
+		<xsd:simpleContent>
+			<xsd:extension base="confidenceEnumType">
+				<xsd:attributeGroup ref="vectorAttributeGroup"/>
+			</xsd:extension>
+		</xsd:simpleContent>
+	</xsd:complexType>
+	<xsd:complexType name="exploitabilityType">
+		<xsd:simpleContent>
+			<xsd:extension base="exploitabilityEnumType">
+				<xsd:attributeGroup ref="vectorAttributeGroup"/>
+			</xsd:extension>
+		</xsd:simpleContent>
+	</xsd:complexType>
+
+	<!-- ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -->
+	<!--  CVSS_V2  -->
+	<!-- ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -->
+	<xsd:complexType name="cvssType">
+		<xsd:annotation>
+			<xsd:documentation>"This schema was intentionally designed to avoid mixing classes and attributes between CVSS version 1, CVSS version 2, and future versions. Scores in the CVSS system are interdependent.  The temporal score is a multiplier of the base score.  The environmental score, in turn, is a multiplier of the temporal score.  The ability to transfer these scores independently is provided on the assumption that the user understands the business logic. For any given metric, it is preferred that the score, as a minimum is provided, however the score can be re-created from the metrics or the multiplier and any scores they are dependent on."</xsd:documentation>
+		</xsd:annotation>
+		<xsd:sequence>
+			<xsd:element minOccurs="0" maxOccurs="unbounded" name="base_metrics" type="baseMetricsType"/>
+			<xsd:element minOccurs="0" maxOccurs="unbounded" name="environmental_metrics" type="environmentalMetricsType"/>
+			<xsd:element minOccurs="0" maxOccurs="unbounded" name="temporal_metrics" type="temporalMetricsType"/>
+		</xsd:sequence>
+	</xsd:complexType>
+	
+	<xsd:complexType name="cvssImpactType">
+		<xsd:complexContent>
+			<xsd:restriction base="cvssType">
+				<xsd:sequence>
+					<xsd:element minOccurs="1" maxOccurs="1" name="base_metrics" type="baseMetricsType"/>
+					<xsd:element minOccurs="0" maxOccurs="1" name="environmental_metrics" type="environmentalMetricsType"/>
+					<xsd:element minOccurs="0" maxOccurs="1" name="temporal_metrics" type="temporalMetricsType"/>
+				</xsd:sequence>
+			</xsd:restriction>
+		</xsd:complexContent>            
+	</xsd:complexType>
+
+	<xsd:complexType name="cvssImpactBaseType">
+		<xsd:sequence>
+			<xsd:element name="base_metrics" type="baseMetricsType"/>
+		</xsd:sequence>
+	</xsd:complexType>
+
+	<xsd:complexType name="cvssImpactTemporalType">
+		<xsd:complexContent>
+			<xsd:extension base="cvssImpactBaseType">
+				<xsd:sequence>
+					<xsd:element name="temporal_metrics" type="temporalMetricsType" minOccurs="0"/>
+				</xsd:sequence>
+			</xsd:extension>
+		</xsd:complexContent>
+	</xsd:complexType>
+	
+	<xsd:complexType name="cvssImpactEnvironmentalType">
+		<xsd:complexContent>
+			<xsd:extension base="cvssImpactTemporalType">
+				<xsd:sequence>
+					<xsd:element name="environmental_metrics" type="environmentalMetricsType" minOccurs="0"/>
+				</xsd:sequence>
+			</xsd:extension>
+		</xsd:complexContent>
+	</xsd:complexType>
+	<!-- ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -->
+	<!--  Metrics  -->
+	<!-- ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -->
+	<xsd:complexType name="metricsType" abstract="true">
+		<xsd:annotation>
+			<xsd:documentation>Base type for metrics that defines common attributes of all metrics.</xsd:documentation>
+		</xsd:annotation>
+		<xsd:attribute name="upgraded-from-version" type="xsd:decimal">
+			<xsd:annotation>
+				<xsd:documentation>Indicates if the metrics have been upgraded from a previous version of CVSS.  If fields that were approximated will have an approximated attribute set to 'true'.</xsd:documentation>
+			</xsd:annotation>
+		</xsd:attribute>
+	</xsd:complexType>
+	<!-- ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -->
+	<!--  Base_Metrics  -->
+	<!-- ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -->
+	<xsd:complexType name="baseMetricsType">
+		<xsd:complexContent>
+			<xsd:extension base="metricsType">
+				<xsd:sequence>
+					<xsd:element minOccurs="0" name="score" type="zeroToTenDecimalType">
+						<xsd:annotation>
+							<xsd:documentation>Base severity score assigned to a vulnerability by a source</xsd:documentation>
+						</xsd:annotation>
+					</xsd:element>
+					<xsd:element minOccurs="0" name="exploit-subscore" type="zeroToTenDecimalType">
+						<xsd:annotation>
+							<xsd:documentation>Base exploit sub-score assigned to a vulnerability by a source</xsd:documentation>
+						</xsd:annotation>
+					</xsd:element>
+					<xsd:element minOccurs="0" name="impact-subscore" type="zeroToTenDecimalType">
+						<xsd:annotation>
+							<xsd:documentation>Base impact sub-score assigned to a vulnerability by a source</xsd:documentation>
+						</xsd:annotation>
+					</xsd:element>
+					<xsd:group ref="baseVectorsGroup"/>
+					<xsd:element name="source" type="xsd:anyURI">
+						<xsd:annotation>
+							<xsd:documentation>Data source the vector was obtained from.  Example:  http://nvd.nist.gov or com.symantec.deepsight</xsd:documentation>
+						</xsd:annotation>
+					</xsd:element>
+					<xsd:element minOccurs="0" name="generated-on-datetime" type="xsd:dateTime"/>
+				</xsd:sequence>
+			</xsd:extension>
+		</xsd:complexContent>
+	</xsd:complexType>
+	<!-- ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -->
+	<!--  Environmental_Metrics  -->
+	<!-- ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -->
+	<xsd:complexType name="environmentalMetricsType">
+		<xsd:complexContent>
+			<xsd:extension base="metricsType">
+				<xsd:sequence>
+					<xsd:element minOccurs="0" name="score" type="zeroToTenDecimalType"/>
+					<xsd:group ref="environmentalVectorsGroup"/>
+					<xsd:element name="source" type="xsd:anyURI">
+						<xsd:annotation>
+							<xsd:documentation>Data source the vector was obtained from.  Example:  gov.nist.nvd or com.symantec.deepsight</xsd:documentation>
+						</xsd:annotation>
+					</xsd:element>
+					<xsd:element minOccurs="0" name="generated-on-datetime" type="xsd:dateTime"/>
+				</xsd:sequence>
+			</xsd:extension>
+		</xsd:complexContent>
+	</xsd:complexType>
+	<!-- ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -->
+	<!--  Temporal_Metrics  -->
+	<!-- ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -->
+	<xsd:complexType name="temporalMetricsType">
+		<xsd:complexContent>
+			<xsd:extension base="metricsType">
+				<xsd:sequence>
+					<xsd:element minOccurs="0" name="score" type="zeroToTenDecimalType">
+						<xsd:annotation>
+							<xsd:documentation>The temporal score is the temporal multiplier times the base score.</xsd:documentation>
+						</xsd:annotation>
+					</xsd:element>
+					<xsd:element minOccurs="0" name="temporal-multiplier" type="xsd:decimal">
+						<xsd:annotation>
+							<xsd:documentation>The temporal multiplier is a number between zero and one.  Reference the CVSS standard for computation.</xsd:documentation>
+						</xsd:annotation>
+					</xsd:element>
+					<xsd:group ref="temporalVectorsGroup"/>
+					<xsd:element name="source" type="xsd:anyURI"/>
+					<xsd:element name="generated-on-datetime" type="xsd:dateTime"/>
+				</xsd:sequence>
+			</xsd:extension>
+		</xsd:complexContent>
+	</xsd:complexType>
+</xsd:schema>
diff --git a/stix_validator/schema/external/cvrf_1.1/dc.xsd b/stix_validator/schema/external/cvrf_1.1/dc.xsd
new file mode 100755
index 0000000..9752962
--- /dev/null
+++ b/stix_validator/schema/external/cvrf_1.1/dc.xsd
@@ -0,0 +1,118 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<xs:schema xmlns:xs="http://www.w3.org/2001/XMLSchema"
+           xmlns="http://purl.org/dc/elements/1.1/"
+           targetNamespace="http://purl.org/dc/elements/1.1/"
+           elementFormDefault="qualified"
+           attributeFormDefault="unqualified">
+
+  <xs:annotation>
+    <xs:documentation xml:lang="en">
+      DCMES 1.1 XML Schema
+      XML Schema for http://purl.org/dc/elements/1.1/ namespace
+
+      Created 2008-02-11
+
+      Created by 
+
+      Tim Cole (t-cole3@uiuc.edu)
+      Tom Habing (thabing@uiuc.edu)
+      Jane Hunter (jane@dstc.edu.au)
+      Pete Johnston (p.johnston@ukoln.ac.uk),
+      Carl Lagoze (lagoze@cs.cornell.edu)
+
+      This schema declares XML elements for the 15 DC elements from the
+      http://purl.org/dc/elements/1.1/ namespace.
+
+      It defines a complexType SimpleLiteral which permits mixed content 
+      and makes the xml:lang attribute available. It disallows child elements by
+      use of minOcccurs/maxOccurs.
+
+      However, this complexType does permit the derivation of other complexTypes
+      which would permit child elements.
+
+      All elements are declared as substitutable for the abstract element any, 
+      which means that the default type for all elements is dc:SimpleLiteral.
+
+    </xs:documentation>
+
+  </xs:annotation>
+
+
+  <xs:import namespace="http://www.w3.org/XML/1998/namespace"
+             schemaLocation="xml.xsd">
+  </xs:import>
+
+  <xs:complexType name="SimpleLiteral">
+        <xs:annotation>
+        <xs:documentation xml:lang="en">
+            This is the default type for all of the DC elements.
+            It permits text content only with optional
+            xml:lang attribute.
+            Text is allowed because mixed="true", but sub-elements
+            are disallowed because minOccurs="0" and maxOccurs="0" 
+            are on the xs:any tag.
+
+    	    This complexType allows for restriction or extension permitting
+            child elements.
+    	</xs:documentation>
+  	</xs:annotation>
+
+   <xs:complexContent mixed="true">
+    <xs:restriction base="xs:anyType">
+     <xs:sequence>
+      <xs:any processContents="lax" minOccurs="0" maxOccurs="0"/>
+     </xs:sequence>
+     <xs:attribute ref="xml:lang" use="optional"/>
+    </xs:restriction>
+   </xs:complexContent>
+  </xs:complexType>
+
+  <xs:element name="any" type="SimpleLiteral" abstract="true"/>
+
+  <xs:element name="title" substitutionGroup="any"/>
+  <xs:element name="creator" substitutionGroup="any"/>
+  <xs:element name="subject" substitutionGroup="any"/>
+  <xs:element name="description" substitutionGroup="any"/>
+  <xs:element name="publisher" substitutionGroup="any"/>
+  <xs:element name="contributor" substitutionGroup="any"/>
+  <xs:element name="date" substitutionGroup="any"/>
+  <xs:element name="type" substitutionGroup="any"/>
+  <xs:element name="format" substitutionGroup="any"/>
+  <xs:element name="identifier" substitutionGroup="any"/>
+  <xs:element name="source" substitutionGroup="any"/>
+  <xs:element name="language" substitutionGroup="any"/>
+  <xs:element name="relation" substitutionGroup="any"/>
+  <xs:element name="coverage" substitutionGroup="any"/>
+  <xs:element name="rights" substitutionGroup="any"/>
+
+  <xs:group name="elementsGroup">
+  	<xs:annotation>
+    	<xs:documentation xml:lang="en">
+    	    This group is included as a convenience for schema authors
+            who need to refer to all the elements in the 
+            http://purl.org/dc/elements/1.1/ namespace.
+    	</xs:documentation>
+  	</xs:annotation>
+
+  <xs:sequence>
+    <xs:choice minOccurs="0" maxOccurs="unbounded">
+      <xs:element ref="any"/>
+    </xs:choice>
+    </xs:sequence>
+  </xs:group>
+
+  <xs:complexType name="elementContainer">
+  	<xs:annotation>
+    	<xs:documentation xml:lang="en">
+    		This complexType is included as a convenience for schema authors who need to define a root
+    		or container element for all of the DC elements.
+    	</xs:documentation>
+  	</xs:annotation>
+
+    <xs:choice>
+      <xs:group ref="elementsGroup"/>
+    </xs:choice>
+  </xs:complexType>
+
+
+</xs:schema>
diff --git a/stix_validator/schema/external/cvrf_1.1/prod.xsd b/stix_validator/schema/external/cvrf_1.1/prod.xsd
new file mode 100755
index 0000000..99fccad
--- /dev/null
+++ b/stix_validator/schema/external/cvrf_1.1/prod.xsd
@@ -0,0 +1,292 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<xs:schema
+ xmlns:prod="http://www.icasi.org/CVRF/schema/prod/1.1"
+ xmlns:vuln="http://www.icasi.org/CVRF/schema/vuln/1.1"
+ xmlns:cvrf-common="http://www.icasi.org/CVRF/schema/common/1.1"
+ xmlns:xs="http://www.w3.org/2001/XMLSchema"
+ xmlns:dc="http://purl.org/dc/elements/1.1/"
+ xmlns:cpe-lang="http://cpe.mitre.org/language/2.0"
+ xmlns:cvssv2="http://scap.nist.gov/schema/cvss-v2/1.0"
+ xmlns:scap-core="http://scap.nist.gov/schema/scap-core/1.0"
+ id="CVRFProductDictionary"
+ targetNamespace="http://www.icasi.org/CVRF/schema/prod/1.1"
+ elementFormDefault="qualified"
+ attributeFormDefault="unqualified"
+ version="1.1">
+  <!-- =============================================================================== -->
+  <!-- =============================   SCHEMA IMPORTS  =============================== -->
+  <!-- =============================================================================== -->
+  <xs:import namespace="http://purl.org/dc/elements/1.1/" schemaLocation="dc.xsd"/>
+  <xs:import namespace="http://cpe.mitre.org/language/2.0" schemaLocation="cpe-language_2.2a.xsd"/>
+  <xs:import namespace="http://scap.nist.gov/schema/scap-core/1.0" schemaLocation="scap-core_0.9.xsd"/>
+  <xs:import namespace="http://scap.nist.gov/schema/cvss-v2/1.0" schemaLocation="cvss-v2_0.9.xsd"/>
+  <xs:import namespace="http://www.icasi.org/CVRF/schema/common/1.1" schemaLocation="common.xsd"/>
+  <!-- =============================================================================== -->
+  <!-- ============================ SCHEMA INFORMATION =============================== -->
+  <!-- =============================================================================== -->
+  <xs:annotation>
+    <xs:documentation xml:lang="en">This is the XML schema for the Common Vulnerability Reporting Framework's Product model.  For more information, see the CVRF whitepaper.</xs:documentation>
+    <xs:appinfo>
+      <dc:creator>Joe Hemmerlein &lt;joe.hemmerlein@microsoft.com&gt;</dc:creator>
+      <dc:contributor>Joe Clarke &lt;jclarke@cisco.com&gt;</dc:contributor>
+      <dc:date>2012-05-07</dc:date>
+      <dc:subject>CVRF Product Dictionary</dc:subject>
+      <version>1.1</version>
+    </xs:appinfo>
+  </xs:annotation>
+  <!-- =============================================================================== -->
+  <!-- =================================== DATA TYPES ================================ -->
+  <!-- =============================================================================== -->
+  <xs:simpleType name="BranchTypeEnumType">
+    <xs:annotation>
+      <xs:documentation xml:lang="en">Types enumerating the individual parts (stubs) that comprise a product name.</xs:documentation>
+    </xs:annotation>
+    <xs:restriction base="xs:token">
+      <xs:enumeration value="Vendor">
+        <xs:annotation>
+          <xs:documentation xml:lang="en">The name of the vendor or manufacturer that makes the product .</xs:documentation>
+        </xs:annotation>
+      </xs:enumeration>
+      <xs:enumeration value="Product Family">
+        <xs:annotation>
+          <xs:documentation xml:lang="en">The product family that the product falls into.</xs:documentation>
+        </xs:annotation>
+      </xs:enumeration>
+      <xs:enumeration value="Product Name">
+        <xs:annotation>
+          <xs:documentation xml:lang="en">The name of the product.</xs:documentation>
+        </xs:annotation>
+      </xs:enumeration>
+      <xs:enumeration value="Product Version">
+        <xs:annotation>
+          <xs:documentation xml:lang="en">The version of the product. This can be a numeric or other descriptor.</xs:documentation>
+        </xs:annotation>
+      </xs:enumeration>
+      <xs:enumeration value="Patch Level">
+        <xs:annotation>
+          <xs:documentation xml:lang="en">The patch level of the product.</xs:documentation>
+        </xs:annotation>
+      </xs:enumeration>
+      <xs:enumeration value="Service Pack">
+        <xs:annotation>
+          <xs:documentation xml:lang="en">The service pack of the product.</xs:documentation>
+        </xs:annotation>
+      </xs:enumeration>
+      <xs:enumeration value="Architecture">
+        <xs:annotation>
+          <xs:documentation xml:lang="en">The architecture for which the product is intended.</xs:documentation>
+        </xs:annotation>
+      </xs:enumeration>
+      <xs:enumeration value="Language">
+        <xs:annotation>
+          <xs:documentation xml:lang="en">The language of the product.</xs:documentation>
+        </xs:annotation>
+      </xs:enumeration>
+      <xs:enumeration value="Legacy">
+        <xs:annotation>
+          <xs:documentation xml:lang="en">A non-specific legacy entry.</xs:documentation>
+        </xs:annotation>
+      </xs:enumeration>
+      <xs:enumeration value="Specification">
+        <xs:annotation>
+          <xs:documentation xml:lang="en">A specification such as a standard, best common practice, etc.</xs:documentation>
+        </xs:annotation>
+      </xs:enumeration>
+      <xs:enumeration value="Host Name">
+        <xs:annotation>
+          <xs:documentation xml:lang="en">The host name of a system/service.</xs:documentation>
+        </xs:annotation>
+      </xs:enumeration>
+      <xs:enumeration value="Realm">
+        <xs:annotation>
+          <xs:documentation xml:lang="en">The URI component of a system/service.</xs:documentation>
+        </xs:annotation>
+      </xs:enumeration>
+      <xs:enumeration value="Resource">
+        <xs:annotation>
+          <xs:documentation xml:lang="en">The file name component of a system/service.</xs:documentation>
+        </xs:annotation>
+      </xs:enumeration>
+    </xs:restriction>
+  </xs:simpleType>
+  <xs:simpleType name="RelationTypeEnumType">
+    <xs:annotation>
+      <xs:documentation xml:lang="en">Types enumerating the ways products can be related to each other.</xs:documentation>
+    </xs:annotation>
+    <xs:restriction base="xs:token">
+      <xs:enumeration value="Default Component Of">
+        <xs:annotation>
+          <xs:documentation xml:lang="en">This product is a default component of the referenced product.</xs:documentation>
+        </xs:annotation>
+      </xs:enumeration>
+      <xs:enumeration value="Optional Component Of">
+        <xs:annotation>
+          <xs:documentation xml:lang="en">This product is an optional component of the referenced product.</xs:documentation>
+        </xs:annotation>
+      </xs:enumeration>
+      <xs:enumeration value="External Component Of">
+        <xs:annotation>
+          <xs:documentation xml:lang="en">This product is an external component of the referenced product.</xs:documentation>
+        </xs:annotation>
+      </xs:enumeration>
+      <xs:enumeration value="Installed On">
+        <xs:annotation>
+          <xs:documentation xml:lang="en">This product is installed on the referenced product.</xs:documentation>
+        </xs:annotation>
+      </xs:enumeration>
+      <xs:enumeration value="Installed With">
+        <xs:annotation>
+          <xs:documentation xml:lang="en">This product is installed with the referenced product.</xs:documentation>
+        </xs:annotation>
+      </xs:enumeration>
+    </xs:restriction>
+  </xs:simpleType>
+  <xs:complexType name="BranchType">
+    <xs:choice>
+      <xs:element ref="prod:FullProductName" />
+      <xs:element name="Branch" type="prod:BranchType" maxOccurs="unbounded"/>
+    </xs:choice>
+    <xs:attribute name="Type" type="prod:BranchTypeEnumType" use="required"/>
+    <xs:attribute name="Name" type="xs:string" use="required"/>
+  </xs:complexType>
+  <!-- =============================================================================== -->
+  <!-- ============================= DOCUMENT DEFINITION ============================= -->
+  <!-- =============================================================================== -->
+  <xs:element name="ProductTree">
+    <xs:annotation>
+      <xs:documentation xml:lang="en">Neutral product tree to streamline product entries that can be referenced elsewhere in the document. The end of each branch ("FullProductName") represents a referrenceable product.</xs:documentation>
+    </xs:annotation>
+    <xs:complexType>
+      <xs:sequence>
+        <xs:element name="Branch" minOccurs="0" maxOccurs="unbounded" type="prod:BranchType"/>
+        <xs:element ref="prod:FullProductName" minOccurs="0" maxOccurs="unbounded"/>
+        <xs:element name="Relationship" minOccurs="0" maxOccurs="unbounded">
+          <xs:annotation>
+            <xs:documentation xml:lang="en">Defines how this product is related to another product.</xs:documentation>
+          </xs:annotation>
+          <xs:complexType>
+            <xs:sequence>
+              <xs:element ref="prod:FullProductName" minOccurs="1" maxOccurs="unbounded" />
+            </xs:sequence>
+            <xs:attribute name="ProductReference" type="xs:token" use="required">
+              <xs:annotation>
+                <xs:documentation xml:lang="en">The ProductReference refers to the unique ProductID of the product that is to which another product will be related.</xs:documentation>
+              </xs:annotation>
+            </xs:attribute>
+            <xs:attribute name="RelationType" type="prod:RelationTypeEnumType" use="required">
+              <xs:annotation>
+                <xs:documentation xml:lang="en">The RelationType attribute defines how the two products are related.</xs:documentation>
+              </xs:annotation>
+            </xs:attribute>
+            <xs:attribute name="RelatesToProductReference" type="xs:token" use="required">
+              <xs:annotation>
+                <xs:documentation xml:lang="en">RelatesToProductReference refers to the unique ProductID of the product to which the ProductReference attribute value relates.</xs:documentation>
+              </xs:annotation>
+            </xs:attribute>
+          </xs:complexType>
+        </xs:element>
+        <xs:element name="ProductGroups" minOccurs="0" maxOccurs="1">
+          <xs:annotation>
+            <xs:documentation xml:lang="en">Container for grouping products to be used in vulnerabilities.</xs:documentation>
+          </xs:annotation>
+          <xs:complexType>
+            <xs:sequence>
+              <xs:element name="Group" minOccurs="1" maxOccurs="unbounded">
+                <xs:annotation>
+                  <xs:documentation xml:lang="en">A named container to associate two or more product IDs together for use in vulnerabilities.</xs:documentation>
+                </xs:annotation>
+                <xs:complexType>
+                  <xs:sequence>
+                    <xs:element name="Description" minOccurs="0" maxOccurs="1">
+                      <xs:annotation>
+                        <xs:documentation xml:lang="en">Optional textual description for this group.</xs:documentation>
+                      </xs:annotation>
+                      <xs:complexType>
+                        <xs:simpleContent>
+                          <xs:extension base="cvrf-common:localizedString" />
+                        </xs:simpleContent>
+                      </xs:complexType>
+                    </xs:element>
+                    <xs:element name="ProductID" type="xs:token" minOccurs="2" maxOccurs="unbounded">
+                      <xs:annotation>
+                        <xs:documentation xml:lang="en">The ID of an existing product in this tree that is to be a member of this group.</xs:documentation>
+                      </xs:annotation>
+                    </xs:element>
+                  </xs:sequence>
+                  <xs:attribute name="GroupID" type="xs:token" use="required">
+                    <xs:annotation>
+                      <xs:documentation xml:lang="en">The unique identifier used to reference this group.</xs:documentation>
+                    </xs:annotation>
+                  </xs:attribute>
+                </xs:complexType>
+              </xs:element>
+            </xs:sequence>
+          </xs:complexType>
+        </xs:element>
+      </xs:sequence>
+    </xs:complexType>
+    <xs:unique name="UniqueProductID">
+      <xs:annotation>
+        <xs:documentation xml:lang="en">This is to ensure that each FullProductName uses a unique ProductID value.</xs:documentation>
+      </xs:annotation>
+      <xs:selector xpath=".//prod:FullProductName"/>
+      <xs:field xpath="@ProductID"/>
+    </xs:unique>
+    <xs:unique name="UniqueGroupID">
+      <xs:annotation>
+        <xs:documentation xml:lang="en">This is to ensure that each Group uses a unique GroupID value.</xs:documentation>
+      </xs:annotation>
+      <xs:selector xpath=".//prod:ProductGroups/prod:Group"/>
+      <xs:field xpath="@GroupID"/>
+    </xs:unique>
+    <xs:key name="ProductKey">
+      <xs:annotation>
+        <xs:documentation xml:lang="en">A key to reference a specific product.</xs:documentation>
+      </xs:annotation>
+      <xs:selector xpath=".//prod:FullProductName" />
+      <xs:field xpath="@ProductID" />
+    </xs:key>
+    <xs:keyref name="ProductReferenceKeyRef" refer="prod:ProductKey">
+      <xs:annotation>
+        <xs:documentation xml:lang="en">An instance of the ProductKey used to define a relationship product.</xs:documentation>
+      </xs:annotation>
+      <xs:selector xpath=".//prod:Relationship" />
+      <xs:field xpath="@ProductReference" />
+    </xs:keyref>
+    <xs:keyref name="RelatesToProductReferenceKeyRef" refer="prod:ProductKey">
+      <xs:annotation>
+        <xs:documentation xml:lang="en">An instance of the ProductKey used to define a related product.</xs:documentation>
+      </xs:annotation>
+      <xs:selector xpath=".//prod:Relationship" />
+      <xs:field xpath="@RelatesToProductReference" />
+    </xs:keyref>
+    <xs:keyref name="GroupProductReferenceKeyRef" refer="prod:ProductKey">
+      <xs:annotation>
+        <xs:documentation xml:lang="en">An instance of the ProductKey used to define a product group membership list.</xs:documentation>
+      </xs:annotation>
+      <xs:selector xpath=".//prod:ProductGroups/prod:Group/prod:ProductID" />
+      <xs:field xpath="." />
+    </xs:keyref>
+  </xs:element>
+  <xs:element name="FullProductName">
+    <xs:annotation>
+      <xs:documentation xml:lang="en">Endpoint of product tree - this is an actual product entry. The string represents the friendly product name (i.e. the way it would be printed in other publications)</xs:documentation>
+    </xs:annotation>
+    <xs:complexType>
+      <xs:simpleContent>
+        <xs:extension base="cvrf-common:nonEmptyNormalizedString">
+          <xs:attribute name="ProductID" type="xs:token" use="required">
+            <xs:annotation>
+              <xs:documentation xml:lang="en">A value that uniquely identifies this Product entry in the scope of this document. Whenever a reference to this Product entry is needed anywhere in this document, its unique ID will be referenced.</xs:documentation>
+            </xs:annotation>
+          </xs:attribute>
+          <xs:attribute name="CPE" type="cpe-lang:namePattern">
+            <xs:annotation>
+              <xs:documentation xml:lang="en">The Common Platform Enumeration (CPE) attribute refers to a method for naming platforms. The structure for CPE is described at http://cpe.mitre.org.</xs:documentation>
+            </xs:annotation>
+          </xs:attribute>
+	    </xs:extension>
+      </xs:simpleContent>
+    </xs:complexType>
+  </xs:element>
+</xs:schema>
diff --git a/stix_validator/schema/external/cvrf_1.1/scap-core_0.9.xsd b/stix_validator/schema/external/cvrf_1.1/scap-core_0.9.xsd
new file mode 100755
index 0000000..e274dcb
--- /dev/null
+++ b/stix_validator/schema/external/cvrf_1.1/scap-core_0.9.xsd
@@ -0,0 +1,170 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<xsd:schema xmlns:xsd="http://www.w3.org/2001/XMLSchema"
+      xmlns="http://scap.nist.gov/schema/scap-core/1.0"
+      xmlns:xml="http://www.w3.org/XML/1998/namespace"
+      elementFormDefault="qualified" attributeFormDefault="unqualified"
+      targetNamespace="http://scap.nist.gov/schema/scap-core/1.0"
+      version="0.9">
+      <xsd:import namespace="http://www.w3.org/XML/1998/namespace" schemaLocation="xml.xsd"/>
+
+      <xsd:element name="control-mappings" type="controlMappingsType" />
+
+      <!-- ================================================== -->
+      <!-- =====  Complex Type Definitions  -->
+      <!-- ================================================== -->
+      <!-- ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -->
+      <!--  check  <<complexType>>  -->
+      <!-- ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -->
+      <xsd:complexType name="checkReferenceType">
+            <xsd:annotation>
+                  <xsd:documentation xml:lang="en">Data type for the check element, a checking system specification URI, string content, and an optional external file reference. The checking system specification should be the URI for a particular version of OVAL or a related system testing language, and the content will be an identifier of a test written in that language. The external file reference could be used to point to the file in which the content test identifier is defined.</xsd:documentation>
+            </xsd:annotation>
+            <xsd:complexContent>
+                  <xsd:extension base="checkSearchType">
+                        <xsd:attribute name="href" type="xsd:anyURI" use="required"/>
+                  </xsd:extension>
+            </xsd:complexContent>
+      </xsd:complexType>
+      <xsd:element name="assessment-check" type="checkReferenceType"/>
+      
+      <xsd:complexType name="checkSearchType">
+            <xsd:attribute name="system" type="xsd:anyURI" use="required"/>
+            <xsd:attribute name="name" type="xsd:token" use="optional"/>
+      </xsd:complexType>
+      
+      <xsd:group name="cpeReferenceGroup">
+            <xsd:choice>
+                  <xsd:element name="cpe-name" type="cpeNamePatternType"/>
+                  <xsd:element name="cpe-searchable-name" type="cpeSearchableNamePatternType"/>
+            </xsd:choice>
+      </xsd:group>
+      
+      <xsd:complexType name="searchableCpeReferencesType">
+            <xsd:sequence>
+                  <xsd:group ref="cpeReferenceGroup" minOccurs="1" maxOccurs="unbounded"/>
+            </xsd:sequence>
+      </xsd:complexType>
+      
+      <xsd:complexType name="controlMappingsType">
+            <xsd:sequence>
+                  <xsd:element name="control-mapping" type="controlMappingType" minOccurs="1" maxOccurs="unbounded" />
+            </xsd:sequence>
+      </xsd:complexType>
+      
+      <xsd:complexType name="controlMappingType">
+            <xsd:sequence>
+                  <xsd:element name="mapping" type="mappingInstanceType" minOccurs="0" maxOccurs="unbounded" />
+            </xsd:sequence>
+            <xsd:attribute name="system-id" type="xsd:anyURI" use="required"/>
+            <xsd:attribute name="source" type="xsd:anyURI" use="required"/>
+            <xsd:attribute name="last-modified" type="xsd:dateTime" use="required"/>
+      </xsd:complexType>
+      
+      <xsd:complexType name="mappingInstanceType">
+            <xsd:simpleContent>
+                  <xsd:extension base="xsd:token">
+                        <xsd:attribute name="published" type="xsd:dateTime" use="required"/>
+                  </xsd:extension>
+            </xsd:simpleContent>
+      </xsd:complexType>
+
+      <!-- ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -->
+      <!--  Tool_Configuration  -->
+      <!-- ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -->
+      <xsd:complexType name="assessmentMethodType">
+            <xsd:annotation>
+                  <xsd:documentation>Denotes a scanner and required configuration that is capable of detecting the referenced vulnerability.  May also be an OVAL definition and omit scanner name.</xsd:documentation>
+                  <xsd:documentation>Identifies a tool and any associated information about the tool, such as signature versions, that indicate the tool is capable or properly detecting and/or remdiating the vulnerability or misconfiguration</xsd:documentation>
+            </xsd:annotation>
+            <xsd:sequence>
+                  <xsd:element name="assessment-check" type="checkReferenceType">
+                        <xsd:annotation>
+                              <xsd:documentation>Identifies a check that can be used to detect the vulnerability or misconfiguration</xsd:documentation>
+                        </xsd:annotation>
+                  </xsd:element>
+                  <xsd:element name="assessment-engine" type="cpeNamePatternType" minOccurs="0" maxOccurs="unbounded">
+                        <xsd:annotation>
+                              <xsd:documentation>The CPE name of the scanning tool.  A value must be supplied for this element.  The CPE name can be used for a CPE from the NVD.  The CPE title attribute can be used for internal naming conventions. (or both, if possible)</xsd:documentation>
+                        </xsd:annotation>
+                  </xsd:element>
+            </xsd:sequence>
+      </xsd:complexType>
+
+      <xsd:complexType name="identifyableAssessmentMethodType">
+            <xsd:complexContent>
+                  <xsd:extension base="assessmentMethodType">
+                        <xsd:attribute name="id" type="xsd:positiveInteger"/>
+                  </xsd:extension>
+            </xsd:complexContent>
+      </xsd:complexType>
+      <xsd:element name="assessment-method" type="identifyableAssessmentMethodType"/>
+      
+      <!-- =============================================================================== -->
+      <!-- ================================  ID PATTERNS  ================================ -->
+      <!-- =============================================================================== -->
+      <xsd:simpleType name="cpeNamePatternType">
+            <xsd:annotation>
+                  <xsd:documentation xml:lang="en">Define the format for acceptable CPE Names. An urn format is used with the id starting with the word oval followed by a unique string, followed by the three letter code 'def', and ending with an integer.</xsd:documentation>
+            </xsd:annotation>
+            <xsd:restriction base="xsd:anyURI">
+                  <xsd:pattern value="[c][pP][eE]:/[AHOaho]?(:[A-Za-z0-9._\-~%]*){0,6}"/>
+            </xsd:restriction>
+      </xsd:simpleType>
+
+      <xsd:simpleType name="cpeNamePVPVPatternType">
+            <xsd:annotation>
+                  <xsd:documentation xml:lang="en-US">Define the format for acceptable CPE Names. A URN format is used with the id starting with the word cpe followed by :/ and then some number of individual  components separated by colons.</xsd:documentation>
+            </xsd:annotation>
+            <xsd:restriction base="cpeNamePatternType">
+                  <xsd:pattern value="[c][pP][eE]:/[AHOaho]?(:[A-Za-z0-9\._\-~%]*){3,6}"/>
+            </xsd:restriction>
+      </xsd:simpleType>
+      
+      <xsd:simpleType name="cpeSearchableNamePatternType">
+            <xsd:annotation>
+                  <xsd:documentation xml:lang="en">Define the format for acceptable
+                        searchableCPE Names.  The URI escaped code '%25' may be used
+                        to represent the character '%' which will be interpreted as a
+                        wildcard.</xsd:documentation>
+            </xsd:annotation>
+            <xsd:restriction base="xsd:anyURI">
+                  <xsd:pattern value="[c][pP][eE]:/[AHOaho]?(:[A-Za-z0-9._\-~%*]*){0,6}"/>
+            </xsd:restriction>
+      </xsd:simpleType>
+      
+      <xsd:simpleType name="cpeComponentPatternType">
+            <xsd:annotation>
+                  <xsd:documentation>The name pattern of a CPE component.</xsd:documentation>
+            </xsd:annotation>
+            <xsd:restriction base="xsd:token">
+                  <xsd:pattern value="[A-Za-z0-9._\-~]*"/>
+            </xsd:restriction>
+      </xsd:simpleType>
+
+      <xsd:simpleType name="cpePartComponentPatternType">
+            <xsd:annotation>
+                  <xsd:documentation>The name pattern of the CPE part component.</xsd:documentation>
+            </xsd:annotation>
+            <xsd:restriction base="cpeComponentPatternType">
+                  <xsd:pattern value="[hoaHOA]"/>
+            </xsd:restriction>
+      </xsd:simpleType>
+
+      <xsd:simpleType name="cweNamePatternType">
+            <xsd:restriction base="xsd:token">
+                  <xsd:pattern value="CWE-[1-9]\d{0,5}"></xsd:pattern>
+            </xsd:restriction>
+      </xsd:simpleType>
+      <!-- ================================================== -->
+      <!-- =====  Change History  -->
+      <!-- ================================================== -->
+      <!--
+            v0.1 - Initial public draft
+            v0.1a - Fixed the CPE Name pattern to properly allow '-' characters
+            v0.2
+                  - Refactored some types into the metadata-core schema
+                  - Unified the checkReferenceType with the check type used in the CPE dictionary
+            v0.3
+                  - Added controlMappingsType
+      -->
+</xsd:schema>
diff --git a/stix_validator/schema/external/cvrf_1.1/vuln.xsd b/stix_validator/schema/external/cvrf_1.1/vuln.xsd
new file mode 100755
index 0000000..fc090c2
--- /dev/null
+++ b/stix_validator/schema/external/cvrf_1.1/vuln.xsd
@@ -0,0 +1,631 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<xs:schema
+ xmlns:vuln="http://www.icasi.org/CVRF/schema/vuln/1.1"
+ xmlns:prod="http://www.icasi.org/CVRF/schema/prod/1.1"
+ xmlns:cvrf-common="http://www.icasi.org/CVRF/schema/common/1.1"
+ xmlns:xs="http://www.w3.org/2001/XMLSchema"
+ xmlns:dc="http://purl.org/dc/elements/1.1/"
+ xmlns:cpe-lang="http://cpe.mitre.org/language/2.0"
+ xmlns:cvssv2="http://scap.nist.gov/schema/cvss-v2/1.0"
+ xmlns:scap-core="http://scap.nist.gov/schema/scap-core/1.0"
+ id="CVRFVulnerabilityDictionary"
+ targetNamespace="http://www.icasi.org/CVRF/schema/vuln/1.1"
+ elementFormDefault="qualified"
+ attributeFormDefault="unqualified"
+ version="1.1">
+  <!-- =============================================================================== -->
+  <!-- =============================   SCHEMA IMPORTS  =============================== -->
+  <!-- =============================================================================== -->
+  <xs:import namespace="http://purl.org/dc/elements/1.1/" schemaLocation="dc.xsd"/>
+  <xs:import namespace="http://cpe.mitre.org/language/2.0" schemaLocation="cpe-language_2.2a.xsd"/>
+  <xs:import namespace="http://scap.nist.gov/schema/scap-core/1.0" schemaLocation="scap-core_0.9.xsd"/>
+  <xs:import namespace="http://scap.nist.gov/schema/cvss-v2/1.0" schemaLocation="cvss-v2_0.9.xsd"/>
+  <xs:import namespace="http://www.icasi.org/CVRF/schema/common/1.1" schemaLocation="common.xsd"/>
+  <xs:import namespace="http://www.icasi.org/CVRF/schema/prod/1.1" schemaLocation="prod.xsd"/>
+  <!-- =============================================================================== -->
+  <!-- ============================ SCHEMA INFORMATION =============================== -->
+  <!-- =============================================================================== -->
+  <xs:annotation>
+    <xs:documentation xml:lang="en">This is the XML schema for the Common Vulnerability Reporting Framework's Vulnerability model.  For more information, see the CVRF whitepaper.</xs:documentation>
+    <xs:appinfo>
+      <dc:creator>Brian Schafer &lt;bschafer@microsoft.com&gt;</dc:creator>
+      <dc:contributor>Joe Clarke &lt;jclarke@cisco.com&gt;</dc:contributor>
+      <dc:contributor>Joe Hemmerlein &lt;Joe.Hemmerlein@microsoft.com&gt;</dc:contributor>
+      <dc:date>2012-05-07</dc:date>
+      <dc:subject>CVRF Vulnerability Dictionary</dc:subject>
+      <version>1.1</version>
+    </xs:appinfo>
+  </xs:annotation>
+  <!-- =============================================================================== -->
+  <!-- =================================== DATA TYPES ================================ -->
+  <!-- =============================================================================== -->
+  <xs:simpleType name="InvolvementStatusEnumType">
+    <xs:annotation>
+      <xs:documentation xml:lang="en">Types enumerating a party's current engagement status for this vulnerability.</xs:documentation>
+    </xs:annotation>
+    <xs:restriction base="xs:token">
+      <xs:enumeration value="Open">
+        <xs:annotation>
+          <xs:documentation xml:lang="en">The party has acknowledged that they are aware of the vulnerability report.</xs:documentation>
+        </xs:annotation>
+      </xs:enumeration>
+      <xs:enumeration value="Disputed">
+        <xs:annotation>
+          <xs:documentation xml:lang="en">The party disputes the vulnerability report in its entirety</xs:documentation>
+        </xs:annotation>
+      </xs:enumeration>
+      <xs:enumeration value="In Progress">
+        <xs:annotation>
+          <xs:documentation xml:lang="en">Some hot-fixes, permanent fixes, or patches have been made available by the party, but more fixes or patches are going to be released in the future.</xs:documentation>
+        </xs:annotation>
+      </xs:enumeration>
+      <xs:enumeration value="Completed">
+        <xs:annotation>
+          <xs:documentation xml:lang="en">The party asserts that they have completed remediation of the vulnerability.</xs:documentation>
+        </xs:annotation>
+      </xs:enumeration>
+      <xs:enumeration value="Contact Attempted">
+        <xs:annotation>
+          <xs:documentation xml:lang="en">The party has been contacted, but was unresponsive or unavailable.</xs:documentation>
+        </xs:annotation>
+      </xs:enumeration>
+      <xs:enumeration value="Not Contacted">
+        <xs:annotation>
+          <xs:documentation xml:lang="en">No contact has been attempted with the party.</xs:documentation>
+        </xs:annotation>
+      </xs:enumeration>
+    </xs:restriction>
+  </xs:simpleType>
+  <xs:simpleType name="cvePattern">
+    <xs:annotation>
+      <xs:documentation xml:lang="en">String type to match CVE IDs</xs:documentation>
+    </xs:annotation>
+    <xs:restriction base="xs:token">
+      <xs:pattern value="CVE-[0-9\-]+"/>
+    </xs:restriction>
+  </xs:simpleType>
+  <xs:simpleType name="cwePattern">
+    <xs:annotation>
+      <xs:documentation xml:lang="en">String type to match CWE IDs</xs:documentation>
+    </xs:annotation>
+    <xs:restriction base="xs:token">
+      <xs:pattern value="CWE-[1-9]\d{0,5}"/>
+    </xs:restriction>
+  </xs:simpleType>
+  <xs:simpleType name="cvssVector">
+    <xs:annotation>
+      <xs:documentation xml:lang="en">String representing the components needed to compute the various CVSS scores</xs:documentation>
+    </xs:annotation>
+    <xs:restriction base="xs:token">
+      <xs:maxLength value="76"/>
+    </xs:restriction>
+  </xs:simpleType>
+  <xs:simpleType name="AffectedStatusEnumType">
+    <xs:annotation>
+      <xs:documentation xml:lang="en">Types enumerating the affected statuses described by a vulnerability</xs:documentation>
+    </xs:annotation>
+    <xs:restriction base="xs:token">
+      <xs:enumeration value="First Affected">
+        <xs:annotation>
+          <xs:documentation xml:lang="en">The first version known to be affected by this vulnerability.</xs:documentation>
+        </xs:annotation>
+      </xs:enumeration>
+      <xs:enumeration value="First Fixed">
+        <xs:annotation>
+          <xs:documentation xml:lang="en">This version is the first fixed version for the vulnerability but may not be the recommended fixed version.</xs:documentation>
+        </xs:annotation>
+      </xs:enumeration>
+      <xs:enumeration value="Fixed">
+        <xs:annotation>
+          <xs:documentation xml:lang="en">This version is contains a fix for the vulnerability but may not be the recommended fixed version.</xs:documentation>
+        </xs:annotation>
+      </xs:enumeration>
+      <xs:enumeration value="Known Affected">
+        <xs:annotation>
+          <xs:documentation xml:lang="en">This version is known to be affected by the vulnerability.</xs:documentation>
+        </xs:annotation>
+      </xs:enumeration>
+      <xs:enumeration value="Known Not Affected">
+        <xs:annotation>
+          <xs:documentation xml:lang="en">This version is known NOT to be affected by the vulnerability.</xs:documentation>
+        </xs:annotation>
+      </xs:enumeration>
+      <xs:enumeration value="Last Affected">
+        <xs:annotation>
+          <xs:documentation xml:lang="en">This is the last version in a train known to be affected.  Versions released after this would contain a fix for this vulnerability.</xs:documentation>
+        </xs:annotation>
+      </xs:enumeration>
+      <xs:enumeration value="Recommended">
+        <xs:annotation>
+          <xs:documentation xml:lang="en">This version has a fix for the vulnerability and is the vendor-recommended version for fixing the vulnerability.</xs:documentation>
+        </xs:annotation>
+      </xs:enumeration>
+    </xs:restriction>
+  </xs:simpleType>
+  <xs:simpleType name="ThreatTypeEnumType">
+    <xs:annotation>
+      <xs:documentation xml:lang="en">Types enumerating the Threat type described by the vulnerability</xs:documentation>
+    </xs:annotation>
+    <xs:restriction base="xs:token">
+      <xs:enumeration value="Impact">
+        <xs:annotation>
+          <xs:documentation xml:lang="en">Impact contains an assessment of the impact on the user or the target set if the vulnerability is successful exploited.</xs:documentation>
+        </xs:annotation>
+      </xs:enumeration>
+      <xs:enumeration value="Exploit Status">
+        <xs:annotation>
+          <xs:documentation xml:lang="en">Exploit Status contains a description of the degree to which an exploit for the vulnerability is known.</xs:documentation>
+        </xs:annotation>
+      </xs:enumeration>
+      <xs:enumeration value="Target Set">
+        <xs:annotation>
+          <xs:documentation xml:lang="en">Target Set contains a description of the currently known victim population in whatever terms are appropriate.</xs:documentation>
+        </xs:annotation>
+      </xs:enumeration>
+    </xs:restriction>
+  </xs:simpleType>
+  <xs:simpleType name="RemedyTypeEnumType">
+    <xs:annotation>
+      <xs:documentation xml:lang="en">Types enumerating the Remedy type described by the vulnerability.</xs:documentation>
+    </xs:annotation>
+    <xs:restriction base="xs:token">
+      <xs:enumeration value="Workaround">
+        <xs:annotation>
+          <xs:documentation xml:lang="en">Workaround contains information about a configuration or specific deployment scenario that can be used to avoid exposure to the vulnerability.</xs:documentation>
+        </xs:annotation>
+      </xs:enumeration>
+      <xs:enumeration value="Mitigation">
+        <xs:annotation>
+          <xs:documentation xml:lang="en">Mitigation contains information about a configuration or deployment scenario that helps to reduce the risk of the vulnerability but that does not resolve the vulnerability on the affected product.</xs:documentation>
+        </xs:annotation>
+      </xs:enumeration>
+      <xs:enumeration value="Vendor Fix">
+        <xs:annotation>
+          <xs:documentation xml:lang="en">Vendor Fix contains information about an official fix that is issued by the original author of the affected product.</xs:documentation>
+        </xs:annotation>
+      </xs:enumeration>
+      <xs:enumeration value="None Available">
+        <xs:annotation>
+          <xs:documentation xml:lang="en">Currently there is no fix available.</xs:documentation>
+        </xs:annotation>
+      </xs:enumeration>
+      <xs:enumeration value="Will Not Fix">
+        <xs:annotation>
+          <xs:documentation xml:lang="en">There is no fix for the vulnerability and there never will be one.</xs:documentation>
+        </xs:annotation>
+      </xs:enumeration>
+    </xs:restriction>
+  </xs:simpleType>
+  <xs:element name="ProductID" type="xs:token">
+    <xs:annotation>
+      <xs:documentation xml:lang="en">Existing product ID from the product tree.</xs:documentation>
+    </xs:annotation>
+  </xs:element>
+  <xs:element name="GroupID" type="xs:token">
+    <xs:annotation>
+      <xs:documentation xml:lang="en">Existing product group ID from the product tree.</xs:documentation>
+    </xs:annotation>
+  </xs:element>
+  <!-- =============================================================================== -->
+  <!-- ============================= DOCUMENT DEFINITION ============================= -->
+  <!-- =============================================================================== -->
+  <xs:element name="Vulnerability">
+    <xs:annotation>
+      <xs:documentation xml:lang="en">This is a meta-container for the aggregation of all fields that are related to a single vulnerability within the document.</xs:documentation>
+    </xs:annotation>
+    <xs:complexType>
+      <xs:sequence>
+        <xs:element name="Title" minOccurs="0" maxOccurs="1">
+          <xs:annotation>
+            <xs:documentation xml:lang="en">Vulnerability Title gives the document producer the ability to apply a canonical name or title to the vulnerability.</xs:documentation>
+          </xs:annotation>
+          <xs:complexType>
+            <xs:simpleContent>
+              <xs:extension base="cvrf-common:localizedString"/>
+            </xs:simpleContent>
+          </xs:complexType>
+        </xs:element>
+        <xs:element name="ID" minOccurs="0" maxOccurs="1">
+          <xs:annotation>
+            <xs:documentation xml:lang="en">Vulnerability ID gives the document producer a place to publish a unique label or tracking ID for the vulnerability (if such information exists).</xs:documentation>
+          </xs:annotation>
+          <xs:complexType>
+            <xs:simpleContent>
+              <xs:extension base="xs:token">
+                <xs:attribute name="SystemName" type="xs:token" use="required">
+                  <xs:annotation>
+                    <xs:documentation xml:lang="en">System Name indicates the name of the vulnerability tracking or numbering system that this vulnerability ID comes from.</xs:documentation>
+                  </xs:annotation>
+                </xs:attribute>
+              </xs:extension>
+            </xs:simpleContent>
+          </xs:complexType>
+        </xs:element>
+        <xs:element name="Notes" minOccurs="0" maxOccurs="1">
+          <xs:annotation>
+            <xs:documentation xml:lang="en">The Notes container holds all individual notes concerning this vulnerability.</xs:documentation>
+          </xs:annotation>
+          <xs:complexType>
+            <xs:sequence>
+              <xs:element name="Note" minOccurs="0" maxOccurs="unbounded">
+                <xs:annotation>
+                  <xs:documentation xml:lang="en">The Notes text contains all of the content necessary to provide different types of low-level discussions of a given vulnerability to various audiences.</xs:documentation>
+                </xs:annotation>
+                <xs:complexType>
+                  <xs:simpleContent>
+                    <xs:extension base="cvrf-common:localizedString">
+                      <xs:attribute name="Title" type="xs:string">
+                        <xs:annotation>
+                          <xs:documentation xml:lang="en">Title should be a concise description of what is contained in Vulnerability Notes.</xs:documentation>
+                        </xs:annotation>
+                      </xs:attribute>
+                      <xs:attribute name="Audience" type="xs:string">
+                        <xs:annotation>
+                          <xs:documentation xml:lang="en">Audience will indicate who is intended to read the note.</xs:documentation>
+                        </xs:annotation>
+                      </xs:attribute>
+                      <xs:attribute name="Type" type="cvrf-common:NoteTypeEnumType" use="required">
+                        <xs:annotation>
+                          <xs:documentation xml:lang="en">Type of content within this note.</xs:documentation>
+                        </xs:annotation>
+                      </xs:attribute>
+                      <xs:attribute name="Ordinal" type="xs:positiveInteger" use="required">
+                        <xs:annotation>
+                          <xs:documentation xml:lang="en">Ordinal is a locally significant integral counter indexed from 1 used to track notes.</xs:documentation>
+                        </xs:annotation>
+                      </xs:attribute>
+                    </xs:extension>
+                  </xs:simpleContent>
+                </xs:complexType>
+              </xs:element>
+            </xs:sequence>
+          </xs:complexType>
+        </xs:element>
+        <xs:element name="DiscoveryDate" type="xs:dateTime" minOccurs="0" maxOccurs="1">
+          <xs:annotation>
+            <xs:documentation xml:lang="en">Date vulnerability was initially discovered by its original discoverer.</xs:documentation>
+          </xs:annotation>
+        </xs:element>
+        <xs:element name="ReleaseDate" type="xs:dateTime" minOccurs="0" maxOccurs="1">
+          <xs:annotation>
+            <xs:documentation xml:lang="en">Date vulnerability was initially released to the public.</xs:documentation>
+          </xs:annotation>
+        </xs:element>
+        <xs:element name="Involvements" minOccurs="0" maxOccurs="1">
+          <xs:annotation>
+            <xs:documentation xml:lang="en">The Involvements container lists any number of vendor or third party interactions related to this vulnerability.</xs:documentation>
+          </xs:annotation>
+          <xs:complexType>
+            <xs:sequence>
+              <xs:element name="Involvement" minOccurs="1" maxOccurs="unbounded">
+                <xs:annotation>
+                  <xs:documentation xml:lang="en">Involvement contains a specific set of interaction details.</xs:documentation>
+                </xs:annotation>
+                <xs:complexType>
+                  <xs:sequence>
+                    <xs:element name="Description" minOccurs="0" maxOccurs="1">
+                      <xs:annotation>
+                        <xs:documentation xml:lang="en">The description of the Involvement.</xs:documentation>
+                      </xs:annotation>
+                      <xs:complexType>
+                        <xs:simpleContent>
+                          <xs:extension base="cvrf-common:localizedString"/>
+                        </xs:simpleContent>
+                      </xs:complexType>
+                    </xs:element>
+                  </xs:sequence>
+                  <xs:attribute name="Party" type="cvrf-common:PublisherEnumType" use="required">
+                    <xs:annotation>
+                      <xs:documentation xml:lang="en">Type of party with whom the involvement is taking place.</xs:documentation>
+                    </xs:annotation>
+                  </xs:attribute>
+                  <xs:attribute name="Status" type="vuln:InvolvementStatusEnumType" use="required">
+                    <xs:annotation>
+                      <xs:documentation xml:lang="en">Status of the involvement with the specified party.</xs:documentation>
+                    </xs:annotation>
+                  </xs:attribute>
+                </xs:complexType>
+              </xs:element>
+            </xs:sequence>
+          </xs:complexType>
+        </xs:element>
+        <xs:element name="CVE" type="vuln:cvePattern" minOccurs="0" maxOccurs="1">
+          <xs:annotation>
+            <xs:documentation xml:lang="en">The CVE string refers to the MITRE standard Common Vulnerabilities Enumeration (CVE) tracking number for the vulnerability.</xs:documentation>
+          </xs:annotation>
+        </xs:element>
+        <xs:element name="CWE" minOccurs="0" maxOccurs="unbounded">
+          <xs:annotation>
+            <xs:documentation xml:lang="en">Detailed description of the referrenced Common Weakness Enumeration (CWE) identifier.</xs:documentation>
+          </xs:annotation>
+          <xs:complexType>
+            <xs:simpleContent>
+              <xs:extension base="cvrf-common:localizedString">
+                <xs:attribute name="ID" type="vuln:cwePattern" use="required">
+                  <xs:annotation>
+                    <xs:documentation xml:lang="en">The MITRE-assigned CWE identifier.</xs:documentation>
+                  </xs:annotation>
+                </xs:attribute>
+              </xs:extension>
+            </xs:simpleContent>
+          </xs:complexType>
+        </xs:element>
+        <xs:element name="ProductStatuses" minOccurs="0" maxOccurs="1">
+	      <xs:annotation>
+	        <xs:documentation xml:lang="en">The ProductStatuses container holds the list of all the products affected by the vulnerability in question.</xs:documentation>
+	      </xs:annotation>
+	      <xs:complexType>
+	        <xs:sequence>
+	          <xs:element name="Status" minOccurs="1" maxOccurs="unbounded">
+	            <xs:annotation>
+	              <xs:documentation xml:lang="en">The Status element holds an enumerated value based on available Product Name Entry items as constructed from the Product Tree container.</xs:documentation>
+	            </xs:annotation>
+	            <xs:complexType>
+	              <xs:sequence>
+	                <xs:element ref="vuln:ProductID" minOccurs="1" maxOccurs="unbounded" />
+	              </xs:sequence>
+	              <xs:attribute name="Type" type="vuln:AffectedStatusEnumType" use="required">
+	                <xs:annotation>
+	                  <xs:documentation xml:lang="en">Affected status for the product or products defined in this container.</xs:documentation>
+	                </xs:annotation>
+	              </xs:attribute>
+	            </xs:complexType>
+	          </xs:element>
+	        </xs:sequence>
+	      </xs:complexType>
+	    </xs:element>
+        <xs:element name="Threats" minOccurs="0" maxOccurs="1">
+          <xs:annotation>
+            <xs:documentation xml:lang="en">Contains all Threat containers</xs:documentation>
+          </xs:annotation>
+          <xs:complexType>
+            <xs:sequence>
+              <xs:element name="Threat" minOccurs="1" maxOccurs="unbounded">
+                <xs:annotation>
+                  <xs:documentation xml:lang="en">Threat contains the "kinetic" information associated with a vulnerability.</xs:documentation>
+                </xs:annotation>
+                <xs:complexType>
+                  <xs:sequence>
+                    <xs:element name="Description" minOccurs="1" maxOccurs="1">
+                      <xs:annotation>
+                        <xs:documentation xml:lang="en">The description of the Threat.</xs:documentation>
+                      </xs:annotation>
+                      <xs:complexType>
+                        <xs:simpleContent>
+                          <xs:extension base="cvrf-common:localizedString"/>
+                        </xs:simpleContent>
+                      </xs:complexType>
+                    </xs:element>
+                    <xs:element ref="vuln:ProductID" minOccurs="0" maxOccurs="unbounded" />
+                    <xs:element ref="vuln:GroupID" minOccurs="0" maxOccurs="unbounded" />
+                  </xs:sequence>
+                  <xs:attribute name="Type" type="vuln:ThreatTypeEnumType" use="required">
+                    <xs:annotation>
+                      <xs:documentation xml:lang="en">The type of the Threat.</xs:documentation>
+                    </xs:annotation>
+                  </xs:attribute>
+                  <xs:attribute name="Date" type="xs:dateTime">
+                    <xs:annotation>
+                      <xs:documentation xml:lang="en">The date this Threat item was last updated; if omitted it is deemed to be unknown, irrelevant, or unimportant.</xs:documentation>
+                    </xs:annotation>
+                  </xs:attribute>
+                </xs:complexType>
+              </xs:element>
+            </xs:sequence>
+          </xs:complexType>
+        </xs:element>
+        <xs:element name="CVSSScoreSets" minOccurs="0" maxOccurs="1">
+          <xs:annotation>
+            <xs:documentation xml:lang="en">The CVSS Score Set meta-container holds one or more CVSS score sets to describe vulnerable products.</xs:documentation>
+          </xs:annotation>
+          <xs:complexType>
+            <xs:sequence>
+              <xs:element name="ScoreSet" minOccurs="1" maxOccurs="unbounded">
+                <xs:annotation>
+                  <xs:documentation xml:lang="en">CVSS scores for a given product ID.  If the ProductID attribute is omitted, the score applies to all vulnerable products.</xs:documentation>
+                </xs:annotation>
+                <xs:complexType>
+                  <xs:sequence>
+                    <xs:element name="BaseScore" type="cvssv2:zeroToTenDecimalType" minOccurs="1" maxOccurs="1">
+                      <xs:annotation>
+                        <xs:documentation xml:lang="en">The CVSS Base Score is the numeric value of the computed CVSS Base Score which should be a float from 0 – 10.0.</xs:documentation>
+                      </xs:annotation>
+                    </xs:element>
+                    <xs:element name="TemporalScore" type="cvssv2:zeroToTenDecimalType" minOccurs="0" maxOccurs="1">
+                      <xs:annotation>
+                        <xs:documentation xml:lang="en">The CVSS Base Score is the numeric value of the computed CVSS Temporal Score which should be a float from 0 – 10.0.</xs:documentation>
+                      </xs:annotation>
+                    </xs:element>
+                    <xs:element name="EnvironmentalScore" type="cvssv2:zeroToTenDecimalType" minOccurs="0" maxOccurs="1">
+                      <xs:annotation>
+                        <xs:documentation xml:lang="en">The CVSS Base Score is the numeric value of the computed CVSS Environmental Score which should be a float from 0 – 10.0.</xs:documentation>
+                      </xs:annotation>
+                    </xs:element>
+                    <xs:element name="Vector" type="vuln:cvssVector" minOccurs="0" maxOccurs="1">
+                      <xs:annotation>
+                        <xs:documentation xml:lang="en">The CVSS Vector string is the official notation that contains all of the values used to compute the Base, Temporal, and Environmental scores.</xs:documentation>
+                      </xs:annotation>
+                    </xs:element>
+                    <xs:element ref="vuln:ProductID" minOccurs="0" maxOccurs="unbounded" />
+                  </xs:sequence>
+                </xs:complexType>
+              </xs:element>
+            </xs:sequence>
+          </xs:complexType>
+        </xs:element>
+        <xs:element name="Remediations" minOccurs="0" maxOccurs="1">
+          <xs:annotation>
+            <xs:documentation xml:lang="en">The Remediation meta-container tag holds all related Workaround, Mitigation, Vendor Fix, and Entitlement entries that are associated with the specific vulnerability.</xs:documentation>
+          </xs:annotation>
+          <xs:complexType>
+            <xs:sequence>
+              <xs:element name="Remediation" minOccurs="1" maxOccurs="unbounded">
+                <xs:annotation>
+                  <xs:documentation xml:lang="en">Holds all of the specific details on how to handle (and presumably, fix) the vulnerability, tied to Product ID.</xs:documentation>
+                </xs:annotation>
+                <xs:complexType>
+                  <xs:sequence>
+                    <xs:element name="Description" minOccurs="1" maxOccurs="1">
+                      <xs:annotation>
+                        <xs:documentation xml:lang="en">Textual description of this remedy.</xs:documentation>
+                      </xs:annotation>
+                      <xs:complexType>
+                        <xs:simpleContent>
+                          <xs:extension base="cvrf-common:localizedString"/>
+                        </xs:simpleContent>
+                      </xs:complexType>
+                    </xs:element>
+                    <xs:element name="Entitlement" minOccurs="0" maxOccurs="unbounded">
+                      <xs:annotation>
+                        <xs:documentation xml:lang="en">The Entitlement string will contain any possible vendor-defined constraints for obtaining fixed software or hardware that fully resolves the vulnerability.</xs:documentation>
+                      </xs:annotation>
+                      <xs:complexType>
+                        <xs:simpleContent>
+                          <xs:extension base="cvrf-common:localizedString"/>
+                        </xs:simpleContent>
+                      </xs:complexType>
+                    </xs:element>
+                    <xs:element name="URL" type="xs:anyURI" minOccurs="0" maxOccurs="1">
+                      <xs:annotation>
+                        <xs:documentation xml:lang="en">URL from which the remedy can be obtained.</xs:documentation>
+                      </xs:annotation>
+                    </xs:element>
+                    <xs:element ref="vuln:ProductID" minOccurs="0" maxOccurs="unbounded" />
+                    <xs:element ref="vuln:GroupID" minOccurs="0" maxOccurs="unbounded" />
+                  </xs:sequence>
+                  <xs:attribute name="Type" type="vuln:RemedyTypeEnumType" use="required">
+                    <xs:annotation>
+                      <xs:documentation xml:lang="en">Specific type of remedy.</xs:documentation>
+                    </xs:annotation>
+                  </xs:attribute>
+                  <xs:attribute name="Date" type="xs:dateTime">
+                    <xs:annotation>
+                      <xs:documentation xml:lang="en">The date Remedy was last updated, if omitted it is deemed to be unknown, unimportant, or irrelevant.</xs:documentation>
+                    </xs:annotation>
+                  </xs:attribute>
+                </xs:complexType>
+              </xs:element>
+            </xs:sequence>
+          </xs:complexType>
+        </xs:element>
+        <xs:element name="References" minOccurs="0" maxOccurs="1">
+          <xs:annotation>
+            <xs:documentation xml:lang="en">This meta-container should include references to any conferences, papers, advisories, and other resources that are related to this vulnerability.</xs:documentation>
+          </xs:annotation>
+          <xs:complexType>
+            <xs:sequence>
+              <xs:element name="Reference" minOccurs="1" maxOccurs="unbounded">
+                <xs:annotation>
+                  <xs:documentation xml:lang="en">This meta-container contains an orthogonally related document, background info, whitepaper, etc. to the specific vulnerability.</xs:documentation>
+                </xs:annotation>
+                <xs:complexType>
+                  <xs:sequence>
+                    <xs:element name="URL" type="xs:anyURI" minOccurs="1" maxOccurs="1">
+                      <xs:annotation>
+                        <xs:documentation xml:lang="en">The URL of the related document.</xs:documentation>
+                      </xs:annotation>
+                    </xs:element>
+                    <xs:element name="Description" minOccurs="1" maxOccurs="1">
+                      <xs:annotation>
+                        <xs:documentation xml:lang="en">The description of the related document.</xs:documentation>
+                      </xs:annotation>
+                      <xs:complexType>
+                        <xs:simpleContent>
+                          <xs:extension base="cvrf-common:localizedString"/>
+                        </xs:simpleContent>
+                      </xs:complexType>
+                    </xs:element>
+                  </xs:sequence>
+                  <xs:attribute name="Type" type="cvrf-common:ReferenceTypeEnum" default="External">
+                    <xs:annotation>
+                      <xs:documentation xml:lang="en">Enumerated type value of reference relative to this document.</xs:documentation>
+                    </xs:annotation>
+                  </xs:attribute>
+                </xs:complexType>
+              </xs:element>
+            </xs:sequence>
+          </xs:complexType>
+        </xs:element>
+        <xs:element name="Acknowledgments" minOccurs="0" maxOccurs="1">
+          <xs:annotation>
+            <xs:documentation xml:lang="en">The Acknowledgments container holds one or more Acknowledgement containers for vulnerability-level acknowledgements.</xs:documentation>
+          </xs:annotation>
+          <xs:complexType>
+            <xs:sequence>
+              <xs:element name="Acknowledgment" minOccurs="1" maxOccurs="unbounded">
+                <xs:annotation>
+                  <xs:documentation xml:lang="en">The Acknowledgment container holds recognition for external parties who were instrumental in the discovery of, reporting of, and response to the vulnerability.</xs:documentation>
+                </xs:annotation>
+                <xs:complexType>
+                  <xs:sequence>
+                    <xs:element name="Name" minOccurs="0" maxOccurs="unbounded">
+                      <xs:annotation>
+                        <xs:documentation xml:lang="en">The name (i.e., individual name) of the party being acknowledged.</xs:documentation>
+                      </xs:annotation>
+                      <xs:complexType>
+                        <xs:simpleContent>
+                          <xs:extension base="cvrf-common:localizedString" />
+                        </xs:simpleContent>
+                      </xs:complexType>
+                    </xs:element>
+                    <xs:element name="Organization" minOccurs="0" maxOccurs="unbounded">
+                      <xs:annotation>
+                        <xs:documentation xml:lang="en">The organization of the party being acknowledged or the organization itself being acknowledged.</xs:documentation>
+                      </xs:annotation>
+                      <xs:complexType>
+                        <xs:simpleContent>
+                          <xs:extension base="cvrf-common:localizedString" />
+                        </xs:simpleContent>
+                      </xs:complexType>
+                    </xs:element>
+                    <xs:element name="Description" minOccurs="0" maxOccurs="1">
+                      <xs:annotation>
+                        <xs:documentation xml:lang="en">The details of the acknowledgment that address the recognition of external parties who were instrumental in the discovery, reporting and response of this document.</xs:documentation>
+                      </xs:annotation>
+                      <xs:complexType>
+                        <xs:simpleContent>
+                          <xs:extension base="cvrf-common:localizedString" />
+                        </xs:simpleContent>
+                      </xs:complexType>
+                    </xs:element>
+                    <xs:element name="URL" type="xs:anyURI"  minOccurs="0" maxOccurs="unbounded">
+                      <xs:annotation>
+                        <xs:documentation xml:lang="en">The optional URL to the person, place, or thing being acknowledged.</xs:documentation>
+                      </xs:annotation>
+                    </xs:element>
+                  </xs:sequence>
+                </xs:complexType>
+              </xs:element>
+            </xs:sequence>
+          </xs:complexType>
+        </xs:element>
+      </xs:sequence>
+      <xs:attribute name="Ordinal" type="xs:positiveInteger" use="required">
+        <xs:annotation>
+          <xs:documentation xml:lang="en">Locally significant numeric value to track vulnerabilities within a CVRF document.  This enables vulnerabilities to be referenced from elsewhere inside the document (often at the document-level)</xs:documentation>
+        </xs:annotation>
+      </xs:attribute>
+    </xs:complexType>
+    <xs:unique name="UniqueProductProductID">
+      <xs:annotation>
+        <xs:documentation xml:lang="en">This is to ensure that each product mentions a given ProductID only one.</xs:documentation>
+      </xs:annotation>
+      <xs:selector xpath=".//vuln:ProductStatuses/vuln:Status/vuln:ProductID"/>
+      <xs:field xpath="."/>
+    </xs:unique>
+    <xs:unique name="UniqueScoreSetProductID">
+      <xs:annotation>
+        <xs:documentation xml:lang="en">This is to ensure that each CVSS score set mentions a given ProductID only one.</xs:documentation>
+      </xs:annotation>
+      <xs:selector xpath=".//vuln:CVSSScoreSets/vuln:ScoreSet/vuln:ProductID"/>
+      <xs:field xpath="."/>
+    </xs:unique>
+    <xs:unique name="UniqueNotesOrdinal">
+      <xs:annotation>
+        <xs:documentation xml:lang="en">This is to ensure that each note has a unique ordinal value.</xs:documentation>
+      </xs:annotation>
+      <xs:selector xpath=".//vuln:Notes/vuln:Note"/>
+      <xs:field xpath="@Ordinal"/>
+    </xs:unique>
+  </xs:element>
+</xs:schema>
diff --git a/stix_validator/schema/external/cvrf_1.1/xml.xsd b/stix_validator/schema/external/cvrf_1.1/xml.xsd
new file mode 100755
index 0000000..aea7d0d
--- /dev/null
+++ b/stix_validator/schema/external/cvrf_1.1/xml.xsd
@@ -0,0 +1,287 @@
+<?xml version='1.0'?>
+<?xml-stylesheet href="http://github.com/2008/09/xsd.xsl" type="text/xsl"?>
+<xs:schema targetNamespace="http://www.w3.org/XML/1998/namespace" 
+  xmlns:xs="http://www.w3.org/2001/XMLSchema" 
+  xmlns   ="http://www.w3.org/1999/xhtml"
+  xml:lang="en">
+
+ <xs:annotation>
+  <xs:documentation>
+   <div>
+    <h1>About the XML namespace</h1>
+
+    <div class="bodytext">
+     <p>
+      This schema document describes the XML namespace, in a form
+      suitable for import by other schema documents.
+     </p>
+     <p>
+      See <a href="http://www.w3.org/XML/1998/namespace.html">
+      http://www.w3.org/XML/1998/namespace.html</a> and
+      <a href="http://www.w3.org/TR/REC-xml">
+      http://www.w3.org/TR/REC-xml</a> for information 
+      about this namespace.
+     </p>
+     <p>
+      Note that local names in this namespace are intended to be
+      defined only by the World Wide Web Consortium or its subgroups.
+      The names currently defined in this namespace are listed below.
+      They should not be used with conflicting semantics by any Working
+      Group, specification, or document instance.
+     </p>
+     <p>   
+      See further below in this document for more information about <a
+      href="#usage">how to refer to this schema document from your own
+      XSD schema documents</a> and about <a href="#nsversioning">the
+      namespace-versioning policy governing this schema document</a>.
+     </p>
+    </div>
+   </div>
+  </xs:documentation>
+ </xs:annotation>
+
+ <xs:attribute name="lang">
+  <xs:annotation>
+   <xs:documentation>
+    <div>
+     
+      <h3>lang (as an attribute name)</h3>
+      <p>
+       denotes an attribute whose value
+       is a language code for the natural language of the content of
+       any element; its value is inherited.  This name is reserved
+       by virtue of its definition in the XML specification.</p>
+     
+    </div>
+    <div>
+     <h4>Notes</h4>
+     <p>
+      Attempting to install the relevant ISO 2- and 3-letter
+      codes as the enumerated possible values is probably never
+      going to be a realistic possibility.  
+     </p>
+     <p>
+      See BCP 47 at <a href="http://www.rfc-editor.org/rfc/bcp/bcp47.txt">
+       http://www.rfc-editor.org/rfc/bcp/bcp47.txt</a>
+      and the IANA language subtag registry at
+      <a href="http://www.iana.org/assignments/language-subtag-registry">
+       http://www.iana.org/assignments/language-subtag-registry</a>
+      for further information.
+     </p>
+     <p>
+      The union allows for the 'un-declaration' of xml:lang with
+      the empty string.
+     </p>
+    </div>
+   </xs:documentation>
+  </xs:annotation>
+  <xs:simpleType>
+   <xs:union memberTypes="xs:language">
+    <xs:simpleType>    
+     <xs:restriction base="xs:string">
+      <xs:enumeration value=""/>
+     </xs:restriction>
+    </xs:simpleType>
+   </xs:union>
+  </xs:simpleType>
+ </xs:attribute>
+
+ <xs:attribute name="space">
+  <xs:annotation>
+   <xs:documentation>
+    <div>
+     
+      <h3>space (as an attribute name)</h3>
+      <p>
+       denotes an attribute whose
+       value is a keyword indicating what whitespace processing
+       discipline is intended for the content of the element; its
+       value is inherited.  This name is reserved by virtue of its
+       definition in the XML specification.</p>
+     
+    </div>
+   </xs:documentation>
+  </xs:annotation>
+  <xs:simpleType>
+   <xs:restriction base="xs:NCName">
+    <xs:enumeration value="default"/>
+    <xs:enumeration value="preserve"/>
+   </xs:restriction>
+  </xs:simpleType>
+ </xs:attribute>
+ 
+ <xs:attribute name="base" type="xs:anyURI"> <xs:annotation>
+   <xs:documentation>
+    <div>
+     
+      <h3>base (as an attribute name)</h3>
+      <p>
+       denotes an attribute whose value
+       provides a URI to be used as the base for interpreting any
+       relative URIs in the scope of the element on which it
+       appears; its value is inherited.  This name is reserved
+       by virtue of its definition in the XML Base specification.</p>
+     
+     <p>
+      See <a
+      href="http://www.w3.org/TR/xmlbase/">http://www.w3.org/TR/xmlbase/</a>
+      for information about this attribute.
+     </p>
+    </div>
+   </xs:documentation>
+  </xs:annotation>
+ </xs:attribute>
+ 
+ <xs:attribute name="id" type="xs:ID">
+  <xs:annotation>
+   <xs:documentation>
+    <div>
+     
+      <h3>id (as an attribute name)</h3> 
+      <p>
+       denotes an attribute whose value
+       should be interpreted as if declared to be of type ID.
+       This name is reserved by virtue of its definition in the
+       xml:id specification.</p>
+     
+     <p>
+      See <a
+      href="http://www.w3.org/TR/xml-id/">http://www.w3.org/TR/xml-id/</a>
+      for information about this attribute.
+     </p>
+    </div>
+   </xs:documentation>
+  </xs:annotation>
+ </xs:attribute>
+
+ <xs:attributeGroup name="specialAttrs">
+  <xs:attribute ref="xml:base"/>
+  <xs:attribute ref="xml:lang"/>
+  <xs:attribute ref="xml:space"/>
+  <xs:attribute ref="xml:id"/>
+ </xs:attributeGroup>
+
+ <xs:annotation>
+  <xs:documentation>
+   <div>
+   
+    <h3>Father (in any context at all)</h3> 
+
+    <div class="bodytext">
+     <p>
+      denotes Jon Bosak, the chair of 
+      the original XML Working Group.  This name is reserved by 
+      the following decision of the W3C XML Plenary and 
+      XML Coordination groups:
+     </p>
+     <blockquote>
+       <p>
+	In appreciation for his vision, leadership and
+	dedication the W3C XML Plenary on this 10th day of
+	February, 2000, reserves for Jon Bosak in perpetuity
+	the XML name "xml:Father".
+       </p>
+     </blockquote>
+    </div>
+   </div>
+  </xs:documentation>
+ </xs:annotation>
+
+ <xs:annotation>
+  <xs:documentation>
+   <div xml:id="usage" id="usage">
+    <h2><a name="usage">About this schema document</a></h2>
+
+    <div class="bodytext">
+     <p>
+      This schema defines attributes and an attribute group suitable
+      for use by schemas wishing to allow <code>xml:base</code>,
+      <code>xml:lang</code>, <code>xml:space</code> or
+      <code>xml:id</code> attributes on elements they define.
+     </p>
+     <p>
+      To enable this, such a schema must import this schema for
+      the XML namespace, e.g. as follows:
+     </p>
+     <pre>
+          &lt;schema . . .>
+           . . .
+           &lt;import namespace="http://www.w3.org/XML/1998/namespace"
+                      schemaLocation="http://www.w3.org/2001/xml.xsd"/>
+     </pre>
+     <p>
+      or
+     </p>
+     <pre>
+           &lt;import namespace="http://www.w3.org/XML/1998/namespace"
+                      schemaLocation="http://www.w3.org/2009/01/xml.xsd"/>
+     </pre>
+     <p>
+      Subsequently, qualified reference to any of the attributes or the
+      group defined below will have the desired effect, e.g.
+     </p>
+     <pre>
+          &lt;type . . .>
+           . . .
+           &lt;attributeGroup ref="xml:specialAttrs"/>
+     </pre>
+     <p>
+      will define a type which will schema-validate an instance element
+      with any of those attributes.
+     </p>
+    </div>
+   </div>
+  </xs:documentation>
+ </xs:annotation>
+
+ <xs:annotation>
+  <xs:documentation>
+   <div id="nsversioning" xml:id="nsversioning">
+    <h2><a name="nsversioning">Versioning policy for this schema document</a></h2>
+    <div class="bodytext">
+     <p>
+      In keeping with the XML Schema WG's standard versioning
+      policy, this schema document will persist at
+      <a href="http://www.w3.org/2009/01/xml.xsd">
+       http://www.w3.org/2009/01/xml.xsd</a>.
+     </p>
+     <p>
+      At the date of issue it can also be found at
+      <a href="http://www.w3.org/2001/xml.xsd">
+       http://www.w3.org/2001/xml.xsd</a>.
+     </p>
+     <p>
+      The schema document at that URI may however change in the future,
+      in order to remain compatible with the latest version of XML
+      Schema itself, or with the XML namespace itself.  In other words,
+      if the XML Schema or XML namespaces change, the version of this
+      document at <a href="http://www.w3.org/2001/xml.xsd">
+       http://www.w3.org/2001/xml.xsd 
+      </a> 
+      will change accordingly; the version at 
+      <a href="http://www.w3.org/2009/01/xml.xsd">
+       http://www.w3.org/2009/01/xml.xsd 
+      </a> 
+      will not change.
+     </p>
+     <p>
+      Previous dated (and unchanging) versions of this schema 
+      document are at:
+     </p>
+     <ul>
+      <li><a href="http://www.w3.org/2009/01/xml.xsd">
+	http://www.w3.org/2009/01/xml.xsd</a></li>
+      <li><a href="http://www.w3.org/2007/08/xml.xsd">
+	http://www.w3.org/2007/08/xml.xsd</a></li>
+      <li><a href="http://www.w3.org/2004/10/xml.xsd">
+	http://www.w3.org/2004/10/xml.xsd</a></li>
+      <li><a href="http://www.w3.org/2001/03/xml.xsd">
+	http://www.w3.org/2001/03/xml.xsd</a></li>
+     </ul>
+    </div>
+   </div>
+  </xs:documentation>
+ </xs:annotation>
+
+</xs:schema>
+
diff --git a/stix_validator/schema/external/oasis_ciq_3.0/CommonTypes.xsd b/stix_validator/schema/external/oasis_ciq_3.0/CommonTypes.xsd
new file mode 100755
index 0000000..bfe3cd1
--- /dev/null
+++ b/stix_validator/schema/external/oasis_ciq_3.0/CommonTypes.xsd
@@ -0,0 +1,104 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<xs:schema xmlns:xs="http://www.w3.org/2001/XMLSchema" xmlns="urn:oasis:names:tc:ciq:ct:3" targetNamespace="urn:oasis:names:tc:ciq:ct:3" elementFormDefault="qualified" attributeFormDefault="qualified">
+	<xs:annotation>
+		<xs:documentation> 
+		Specification Name: OASIS CIQ TC - CIQ V3.0
+		Description: Defines the W3C schema with commonly used types in the name, address and party schemas
+		(Using XML Schema based standard code list/enumeration mechanism - OPTION 1 AND DEFAULT)
+		Produced by: OASIS Customer Information Quality Technical Committee
+		URL: http://www.oasis-open.org/committees/ciq
+		Version: 3.0  
+		Status: Committee Specification CS02
+		Copyright: 2007-09, OASIS, http://www.oasis-open.org
+		Last Modified: 20 September 2008
+		Last Modified by: Ram Kumar, Chair, OASIS CIQ TC 
+		</xs:documentation>
+		<xs:documentation>Please note: These schemas have been modified by the STIX team to support remote validation. The only change made is to the schemaLocation attribute(s).</xs:documentation>
+	</xs:annotation>
+	<xs:simpleType name="String">
+		<xs:annotation>
+			<xs:documentation>Normalized and Collapsed String</xs:documentation>
+		</xs:annotation>
+		<xs:restriction base="xs:normalizedString">
+			<xs:whiteSpace value="collapse"/>
+		</xs:restriction>
+	</xs:simpleType>
+	<xs:simpleType name="DataQualityTypeList">
+		<xs:annotation>
+			<xs:documentation>A list of values to indicate the level of reliability of the data</xs:documentation>
+		</xs:annotation>
+		<xs:restriction base="xs:string">
+			<xs:enumeration value="Valid">
+				<xs:annotation>
+					<xs:documentation>The data was validated and is considered to be true and correct.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Invalid">
+				<xs:annotation>
+					<xs:documentation>Indicates that at least some part of the content is known to be incorrect.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+		</xs:restriction>
+	</xs:simpleType>
+	<xs:simpleType name="StatusList">
+		<xs:annotation>
+			<xs:documentation>A list of values to indicate the status of the entity</xs:documentation>
+		</xs:annotation>
+		<xs:restriction base="xs:string"/>
+	</xs:simpleType>
+	<xs:attributeGroup name="grValidityDate">
+		<xs:annotation>
+			<xs:documentation>Date Valid from to Date Valid to</xs:documentation>
+		</xs:annotation>
+		<xs:attribute name="DateValidFrom" type="xs:dateTime">
+			<xs:annotation>
+				<xs:documentation>Could be start date, issue date, validity start date, etc</xs:documentation>
+			</xs:annotation>
+		</xs:attribute>
+		<xs:attribute name="DateValidTo" type="xs:dateTime">
+			<xs:annotation>
+				<xs:documentation>Could be end date, expiry date, validity end date, etc</xs:documentation>
+			</xs:annotation>
+		</xs:attribute>
+	</xs:attributeGroup>
+	<xs:attributeGroup name="grAbbreviation">
+		<xs:annotation>
+			<xs:documentation>A group of commonly used attributes for internal reuse</xs:documentation>
+		</xs:annotation>
+		<xs:attribute name="Abbreviation" type="xs:boolean">
+			<xs:annotation>
+				<xs:documentation>If set to true then indicates that the value is an abbreviation or initial. If set to false then the value is definitely not an abbreviation. If omitted then it is not known if the value is an abbreviation or not.</xs:documentation>
+			</xs:annotation>
+		</xs:attribute>
+	</xs:attributeGroup>
+	<xs:attributeGroup name="grDataQuality">
+		<xs:annotation>
+			<xs:documentation>A group of commonly used attributes for internal reuse</xs:documentation>
+		</xs:annotation>
+		<xs:attribute name="DataQualityType" type="DataQualityTypeList">
+			<xs:annotation>
+				<xs:documentation>This attribute indicates what level of trust can be given to the parent element. Omit this attribute if the data quality is unknown. If the data quality is known, the value is "Valid, else "InValid"</xs:documentation>
+			</xs:annotation>
+		</xs:attribute>
+		<xs:attribute name="ValidFrom" type="xs:dateTime">
+			<xs:annotation>
+				<xs:documentation>Date the data quality is valid from </xs:documentation>
+			</xs:annotation>
+		</xs:attribute>
+		<xs:attribute name="ValidTo" type="xs:dateTime">
+			<xs:annotation>
+				<xs:documentation>Date the data quality is valid to</xs:documentation>
+			</xs:annotation>
+		</xs:attribute>
+	</xs:attributeGroup>
+	<xs:attributeGroup name="grLanguageCode">
+		<xs:annotation>
+			<xs:documentation>The language used (name of human language, e.g. en, en-US)</xs:documentation>
+		</xs:annotation>
+		<xs:attribute name="LanguageCode" type="xs:language">
+			<xs:annotation>
+				<xs:documentation>Human Language used. e.g. "en", "en-US", "en-AUS", etc</xs:documentation>
+			</xs:annotation>
+		</xs:attribute>
+	</xs:attributeGroup>
+</xs:schema>
diff --git a/stix_validator/schema/external/oasis_ciq_3.0/xAL-types.xsd b/stix_validator/schema/external/oasis_ciq_3.0/xAL-types.xsd
new file mode 100755
index 0000000..eadc5c3
--- /dev/null
+++ b/stix_validator/schema/external/oasis_ciq_3.0/xAL-types.xsd
@@ -0,0 +1,511 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<xs:schema xmlns="urn:oasis:names:tc:ciq:xal:3" xmlns:xs="http://www.w3.org/2001/XMLSchema" targetNamespace="urn:oasis:names:tc:ciq:xal:3" elementFormDefault="qualified" attributeFormDefault="qualified">
+	<xs:annotation>
+		<xs:documentation> 
+		Specification Name: OASIS CIQ TC - extensible AddressLanguage Types (xAL-types)
+		Description: Defines the W3C schema that provides enumeration lists to support xNL v3.0
+		(Using XML Schema based standard code list/enumeration mechanism - OPTION 1 AND DEFAULT)
+		Produced by: OASIS Customer Information Quality Technical Committee
+		URL: http://www.oasis-open.org/committees/ciq
+		Version: 3.0  
+		Status: Committee Specification CS02
+		Copyright: 2007-09, OASIS, http://www.oasis-open.org
+		Last Modified: 20 September 2008
+		Last Modified by: Ram Kumar, Chair, OASIS CIQ TC 
+		
+		NOTE: This is the schema that users can customise the enumeration lists to meet their
+		exchange requirements. The enumeration values provided are ONLY SAMPLES and 
+		is not complete. It is upto the application to decide what the values should be.  To achieve 
+		interoperability between applications using this specification, it is recommended that an
+		SLA/agreement is in place as to what the enumeration values will be used in this file 
+		</xs:documentation>
+		<xs:documentation>Please note: These schemas have been modified by the STIX team to support remote validation. The only change made is to the schemaLocation attribute(s).</xs:documentation>
+	</xs:annotation>
+	<xs:simpleType name="AddressTypeList">
+		<xs:annotation>
+			<xs:documentation>A list of types of addresses</xs:documentation>
+		</xs:annotation>
+		<xs:restriction base="xs:normalizedString">
+			<xs:enumeration value="Airport"/>
+			<xs:enumeration value="Business"/>
+			<xs:enumeration value="CaravanPark"/>
+			<xs:enumeration value="CommercialPark"/>
+			<xs:enumeration value="CommunityDevelopment"/>
+			<xs:enumeration value="EducationalInstitution"/>
+			<xs:enumeration value="Entertainment"/>
+			<xs:enumeration value="Hospital"/>
+			<xs:enumeration value="Location"/>
+			<xs:enumeration value="Marina"/>
+			<xs:enumeration value="MilitaryBase"/>
+			<xs:enumeration value="OverseasMilitary"/>
+			<xs:enumeration value="Port"/>
+			<xs:enumeration value="Primary"/>
+			<xs:enumeration value="RecreationalPark"/>
+			<xs:enumeration value="Resort"/>
+			<xs:enumeration value="RetirementVillage"/>
+			<xs:enumeration value="Rural"/>
+			<xs:enumeration value="Secondary"/>
+			<xs:enumeration value="ShoppingCentre"/>
+			<xs:enumeration value="SportingCentre"/>
+			<xs:enumeration value="Urban"/>
+		</xs:restriction>
+	</xs:simpleType>
+	<xs:simpleType name="AddressIDTypeList">
+		<xs:annotation>
+			<xs:documentation>A list of types of address identiifers </xs:documentation>
+		</xs:annotation>
+		<xs:restriction base="xs:normalizedString"/>
+	</xs:simpleType>
+	<xs:simpleType name="AddressLineTypeList">
+		<xs:annotation>
+			<xs:documentation>A list of ypes of address line., e.g. street details, locality details</xs:documentation>
+		</xs:annotation>
+		<xs:restriction base="xs:normalizedString"/>
+	</xs:simpleType>
+	<xs:simpleType name="AddressUsageList">
+		<xs:annotation>
+			<xs:documentation>A list of types of usage of the address</xs:documentation>
+		</xs:annotation>
+		<xs:restriction base="xs:normalizedString">
+			<xs:enumeration value="Business"/>
+			<xs:enumeration value="Billing"/>
+			<xs:enumeration value="Communication"/>
+			<xs:enumeration value="Contact"/>
+			<xs:enumeration value="Mailing"/>
+			<xs:enumeration value="Personal"/>
+			<xs:enumeration value="Postal"/>
+			<xs:enumeration value="Residential"/>
+		</xs:restriction>
+	</xs:simpleType>
+	<xs:simpleType name="AdministrativeAreaTypeList">
+		<xs:annotation>
+			<xs:documentation>A list of administrative area types</xs:documentation>
+		</xs:annotation>
+		<xs:restriction base="xs:normalizedString">
+			<xs:enumeration value="City">
+				<xs:annotation>
+					<xs:documentation>Only name of the administrative area without its type, e.g. NSW, CA, Quebec</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="State">
+				<xs:annotation>
+					<xs:documentation>The type of the area, e.g. state, district, province, etc.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Territory"/>
+			<xs:enumeration value="Province"/>
+		</xs:restriction>
+	</xs:simpleType>
+	<xs:simpleType name="AdministrativeAreaNameTypeList">
+		<xs:annotation>
+			<xs:documentation>A list of administrative area name element types</xs:documentation>
+		</xs:annotation>
+		<xs:restriction base="xs:normalizedString">
+			<xs:enumeration value="Name">
+				<xs:annotation>
+					<xs:documentation>Name of the administrative area</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Number"/>
+			<xs:enumeration value="ReferenceLocation">
+				<xs:annotation>
+					<xs:documentation>Reference location information in support of the administrative area. e.g. Territory of France</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Type">
+				<xs:annotation>
+					<xs:documentation>Other supporting information </xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+		</xs:restriction>
+	</xs:simpleType>
+	<xs:simpleType name="AdministrativeAreaNameCodeList">
+		<xs:annotation>
+			<xs:documentation>A list of codes for name of administrative area</xs:documentation>
+		</xs:annotation>
+		<xs:restriction base="xs:normalizedString"/>
+	</xs:simpleType>
+	<xs:simpleType name="CountryNameTypeList">
+		<xs:annotation>
+			<xs:documentation>A list of country name element types</xs:documentation>
+		</xs:annotation>
+		<xs:restriction base="xs:normalizedString">
+			<xs:enumeration value="Name">
+				<xs:annotation>
+					<xs:documentation>Name of the country  e.g. AUSTRALIA</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Type">
+				<xs:annotation>
+					<xs:documentation>Although a Country, could be classified as a territory of a country. For example, "NOUVELLE CALEDONIE" is a territory of "FRANCE".</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+		</xs:restriction>
+	</xs:simpleType>
+	<xs:simpleType name="CountryNameCodeList">
+		<xs:annotation>
+			<xs:documentation>A list of codes for name of country</xs:documentation>
+		</xs:annotation>
+		<xs:restriction base="xs:normalizedString"/>
+	</xs:simpleType>
+	<xs:simpleType name="DatumCodeList">
+		<xs:annotation>
+			<xs:documentation>A list of codes for datum</xs:documentation>
+		</xs:annotation>
+		<xs:restriction base="xs:normalizedString"/>
+	</xs:simpleType>
+	<xs:simpleType name="DeliveryModeList">
+		<xs:annotation>
+			<xs:documentation>A list of codes for mode of delivery of address</xs:documentation>
+		</xs:annotation>
+		<xs:restriction base="xs:normalizedString"/>
+	</xs:simpleType>
+	<xs:simpleType name="DirectionTypeList">
+		<xs:annotation>
+			<xs:documentation>A list of directions for geo-coordinates</xs:documentation>
+		</xs:annotation>
+		<xs:restriction base="xs:normalizedString">
+			<xs:enumeration value="East"/>
+			<xs:enumeration value="West"/>
+			<xs:enumeration value="North"/>
+			<xs:enumeration value="South"/>
+		</xs:restriction>
+	</xs:simpleType>
+	<xs:simpleType name="IdentifierElementTypeList">
+		<xs:annotation>
+			<xs:documentation>A list of name types for commonly used Number type</xs:documentation>
+		</xs:annotation>
+		<xs:restriction base="xs:normalizedString">
+			<xs:enumeration value="Name">
+				<xs:annotation>
+					<xs:documentation>Applicable to mail box office names such as PO BOX, GPO BOX, MAIL BAG NO., etc. </xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="RangeFrom">
+				<xs:annotation>
+					<xs:documentation>Indicates that the element contains the lower value of a range, e.g. 25 in 25-37</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Range">
+				<xs:annotation>
+					<xs:documentation>Indicates that the value is a range, e.g. 25-37</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="RangeTo">
+				<xs:annotation>
+					<xs:documentation>Indicates that the element contains the top value of a range, e.g. 25 in 25-37</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Prefix">
+				<xs:annotation>
+					<xs:documentation>Indocates that the element contains some value that is important, but not exactly the number itself. E.g. PoBox can be a prefix in PoBox 2020, street no. A-15, where A is the prefix and 15 is the number</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Suffix">
+				<xs:annotation>
+					<xs:documentation>Indicates that the element contains some value that is important, but not exactly the number itself. E.g. 'bis' in '45 bis'</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Number">
+				<xs:annotation>
+					<xs:documentation>Indicates that the value is number, e.g. 2020 in PoBox 2020. The actual value can be alpha-numeric. </xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Separator">
+				<xs:annotation>
+					<xs:documentation>Indicates that the value is a separator that is expected to be preserved. Examples are / - #, as in 15-A where "-" is the separator</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Extension">
+				<xs:annotation>
+					<xs:documentation>Indicates that the value is an extension number of some identifier, e.g. 01 in Private Bag 2330-01, where the main number of the private bag is 2330, 12345-1223 in post code where 1223 is the extension</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+		</xs:restriction>
+	</xs:simpleType>
+	<xs:simpleType name="LocalityNameTypeList">
+		<xs:annotation>
+			<xs:documentation>A list of locality name element types such as name of locality, reference data in support of locality</xs:documentation>
+		</xs:annotation>
+		<xs:restriction base="xs:normalizedString">
+			<xs:enumeration value="Name">
+				<xs:annotation>
+					<xs:documentation>Name of the locality</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Number"/>
+			<xs:enumeration value="ReferenceLocation">
+				<xs:annotation>
+					<xs:documentation>Any reference locality data in support of the locality. e.g. Next town north of Town A, via-town name</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Type">
+				<xs:annotation>
+					<xs:documentation>Other supporting information </xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+		</xs:restriction>
+	</xs:simpleType>
+	<xs:simpleType name="LocalityNameCodeList">
+		<xs:annotation>
+			<xs:documentation>A list of codes for name of locality</xs:documentation>
+		</xs:annotation>
+		<xs:restriction base="xs:normalizedString"/>
+	</xs:simpleType>
+	<xs:simpleType name="LocalityTypeList">
+		<xs:annotation>
+			<xs:documentation>A list of locality name types such as Municipality, Village, Area, etc</xs:documentation>
+		</xs:annotation>
+		<xs:restriction base="xs:normalizedString">
+			<xs:enumeration value="Municipality"/>
+			<xs:enumeration value="PostTown"/>
+			<xs:enumeration value="Place"/>
+			<xs:enumeration value="Suburb"/>
+			<xs:enumeration value="Town"/>
+			<xs:enumeration value="Village"/>
+			<xs:enumeration value="Area"/>
+			<xs:enumeration value="Zone"/>
+		</xs:restriction>
+	</xs:simpleType>
+	<xs:simpleType name="MeridianCodeList">
+		<xs:annotation>
+			<xs:documentation>A list of meridian codes</xs:documentation>
+		</xs:annotation>
+		<xs:restriction base="xs:normalizedString"/>
+	</xs:simpleType>
+	<xs:simpleType name="PostOfficeTypeList">
+		<xs:annotation>
+			<xs:documentation>A list of types of postal delivery offices</xs:documentation>
+		</xs:annotation>
+		<xs:restriction base="xs:normalizedString"/>
+	</xs:simpleType>
+	<xs:simpleType name="PostalDeliveryPointTypeList">
+		<xs:annotation>
+			<xs:documentation>A list of postal delivery point types</xs:documentation>
+		</xs:annotation>
+		<xs:restriction base="xs:normalizedString">
+			<xs:enumeration value="GPOBox"/>
+			<xs:enumeration value="POBox"/>
+			<xs:enumeration value="LockedBag"/>
+			<xs:enumeration value="MailStop"/>
+			<xs:enumeration value="PigeonHole"/>
+			<xs:enumeration value="PrivateBag"/>
+		</xs:restriction>
+	</xs:simpleType>
+	<xs:simpleType name="ProjectionCodeList">
+		<xs:annotation>
+			<xs:documentation>A list of codes for projection</xs:documentation>
+		</xs:annotation>
+		<xs:restriction base="xs:normalizedString"/>
+	</xs:simpleType>
+	<xs:simpleType name="PremisesElementTypeList">
+		<xs:annotation>
+			<xs:documentation>A list of name types for premises</xs:documentation>
+		</xs:annotation>
+		<xs:restriction base="xs:normalizedString">
+			<xs:enumeration value="Name">
+				<xs:annotation>
+					<xs:documentation>Names of Premises such as airport, hospital, university, military base, etc. Can also be the name of the building or house or apartment</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Location">
+				<xs:annotation>
+					<xs:documentation>Where in the building/landmark the premises is located, e.g. lobby, ground floor, penthouse, or where in a larger complex (e.g. airport) the address is located.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="SubPremisesConnector">
+				<xs:annotation>
+					<xs:documentation>Free text description that is required to logically connect the 2 premises</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="InternalThoroughfare">
+				<xs:annotation>
+					<xs:documentation>Roads and streets within boundaries of larger complexes/premises such as hospitals, airports, etc.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="ReferenceLocation">
+				<xs:annotation>
+					<xs:documentation>Free text description of some other location and how this premises relates to it, e.g. 300m from water station, new the police station, etc.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Type">
+				<xs:annotation>
+					<xs:documentation>additional supporting information</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+		</xs:restriction>
+	</xs:simpleType>
+	<xs:simpleType name="PremisesTypeList">
+		<xs:annotation>
+			<xs:documentation>A list of premises type</xs:documentation>
+		</xs:annotation>
+		<xs:restriction base="xs:normalizedString">
+			<xs:enumeration value="Airport"/>
+			<xs:enumeration value="Area"/>
+			<xs:enumeration value="Building"/>
+			<xs:enumeration value="Farm"/>
+			<xs:enumeration value="Hospital"/>
+			<xs:enumeration value="House"/>
+			<xs:enumeration value="LandMark"/>
+			<xs:enumeration value="LargeMailUser"/>
+			<xs:enumeration value="Lot"/>
+			<xs:enumeration value="RailwayStation"/>
+			<xs:enumeration value="ShoppingComplex"/>
+			<xs:enumeration value="University"/>
+			<xs:enumeration value="Unit"/>
+		</xs:restriction>
+	</xs:simpleType>
+	<xs:simpleType name="RuralDeliveryTypeList">
+		<xs:annotation>
+			<xs:documentation>A list of rural delivery types such as road, air, water</xs:documentation>
+		</xs:annotation>
+		<xs:restriction base="xs:normalizedString"/>
+	</xs:simpleType>
+	<xs:simpleType name="SubAdministrativeAreaNameTypeList">
+		<xs:annotation>
+			<xs:documentation>A list of sub administrative area name element types</xs:documentation>
+		</xs:annotation>
+		<xs:restriction base="xs:normalizedString">
+			<xs:enumeration value="Name">
+				<xs:annotation>
+					<xs:documentation>Name of the sub administrative area</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Number"/>
+			<xs:enumeration value="ReferenceLocation">
+				<xs:annotation>
+					<xs:documentation>Reference location information in support of the sub administrative area.  </xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Type">
+				<xs:annotation>
+					<xs:documentation>Other supporting information </xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+		</xs:restriction>
+	</xs:simpleType>
+	<xs:simpleType name="SubAdministrativeAreaNameCodeList">
+		<xs:annotation>
+			<xs:documentation>A list of codes for name of sub adiministrative area</xs:documentation>
+		</xs:annotation>
+		<xs:restriction base="xs:normalizedString"/>
+	</xs:simpleType>
+	<xs:simpleType name="SubAdministrativeAreaTypeList">
+		<xs:annotation>
+			<xs:documentation>A list of sub administrative area name types</xs:documentation>
+		</xs:annotation>
+		<xs:restriction base="xs:normalizedString">
+			<xs:enumeration value="County"/>
+			<xs:enumeration value="District"/>
+			<xs:enumeration value="Province"/>
+			<xs:enumeration value="Region"/>
+		</xs:restriction>
+	</xs:simpleType>
+	<xs:simpleType name="SubLocalityNameTypeList">
+		<xs:annotation>
+			<xs:documentation>A list of sub locality name element types</xs:documentation>
+		</xs:annotation>
+		<xs:restriction base="xs:normalizedString">
+			<xs:enumeration value="Name"/>
+			<xs:enumeration value="Number"/>
+			<xs:enumeration value="ReferenceLocation"/>
+			<xs:enumeration value="Type">
+				<xs:annotation>
+					<xs:documentation>Other supporting information </xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+		</xs:restriction>
+	</xs:simpleType>
+	<xs:simpleType name="SubLocalityNameCodeList">
+		<xs:annotation>
+			<xs:documentation>A list of codes for names of sub locality</xs:documentation>
+		</xs:annotation>
+		<xs:restriction base="xs:normalizedString"/>
+	</xs:simpleType>
+	<xs:simpleType name="SubLocalityTypeList">
+		<xs:annotation>
+			<xs:documentation>A ist of sublocality types</xs:documentation>
+		</xs:annotation>
+		<xs:restriction base="xs:normalizedString">
+			<xs:enumeration value="Municipality"/>
+			<xs:enumeration value="Village"/>
+		</xs:restriction>
+	</xs:simpleType>
+	<xs:simpleType name="SubPremisesTypeList">
+		<xs:annotation>
+			<xs:documentation>A list of sub premises types</xs:documentation>
+		</xs:annotation>
+		<xs:restriction base="xs:normalizedString">
+			<xs:enumeration value="Room"/>
+			<xs:enumeration value="Suite"/>
+			<xs:enumeration value="Apartment"/>
+			<xs:enumeration value="Shop"/>
+			<xs:enumeration value="Office"/>
+			<xs:enumeration value="Unit"/>
+		</xs:restriction>
+	</xs:simpleType>
+	<xs:simpleType name="ThoroughfareNameTypeList">
+		<xs:annotation>
+			<xs:documentation>A list of name element types for thoroughfare</xs:documentation>
+		</xs:annotation>
+		<xs:restriction base="xs:normalizedString">
+			<xs:enumeration value="NameOnly">
+				<xs:annotation>
+					<xs:documentation>Just the name part, such as Baker in Baker Street.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="PreDirection">
+				<xs:annotation>
+					<xs:documentation>North Archer Street, where "North" is PreDirection</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="PostDirection">
+				<xs:annotation>
+					<xs:documentation>Archer Street North, where "North" is PostDirection</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="NameAndNumber">
+				<xs:annotation>
+					<xs:documentation>This value indicates that the element contains the street name and street number. E.g. 39 Baker Street. Use this when you do not want to break the thoroughfare into atomic types</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="NameAndType">
+				<xs:annotation>
+					<xs:documentation>Baker Street, where Baker is Name and Street is Type</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="NameNumberAndType">
+				<xs:annotation>
+					<xs:documentation>21 Archer Street (Full thoroughfare details)</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Unstructured">
+				<xs:annotation>
+					<xs:documentation>Full details of a thorughfare in a single line (unstructured)
+e.g. 39 Baker Street North</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="SubThoroughfareConnector">
+				<xs:annotation>
+					<xs:documentation>When more than one street name is required to identify the location this type can be used to connect them with values such as CORNER OF or VIA.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="ReferenceLocation">
+				<xs:annotation>
+					<xs:documentation>Free text description of some other location and how this thoroughfare relates to it, e.g. 300m from water station, new the police station, etc.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Type">
+				<xs:annotation>
+					<xs:documentation>Additional description like intersection, cross streets, etc</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+		</xs:restriction>
+	</xs:simpleType>
+	<xs:simpleType name="ThoroughfareTypeList">
+		<xs:annotation>
+			<xs:documentation>A list of types for thoroughfare (e.g. STREET, ROAD, CRT)</xs:documentation>
+		</xs:annotation>
+		<xs:restriction base="xs:normalizedString"/>
+	</xs:simpleType>
+</xs:schema>
diff --git a/stix_validator/schema/external/oasis_ciq_3.0/xAL.xsd b/stix_validator/schema/external/oasis_ciq_3.0/xAL.xsd
new file mode 100755
index 0000000..bbbf55b
--- /dev/null
+++ b/stix_validator/schema/external/oasis_ciq_3.0/xAL.xsd
@@ -0,0 +1,672 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<xs:schema xmlns:xs="http://www.w3.org/2001/XMLSchema" xmlns="urn:oasis:names:tc:ciq:xal:3" xmlns:xlink="http://www.w3.org/1999/xlink" xmlns:ct="urn:oasis:names:tc:ciq:ct:3" targetNamespace="urn:oasis:names:tc:ciq:xal:3" elementFormDefault="qualified" attributeFormDefault="qualified">
+	<xs:annotation>
+		<xs:documentation> 
+		Specification Name: OASIS CIQ TC - extensible Address Language (xAL) 
+		Description: Defines the W3C schema for representing addresses
+		(Using XML Schema based standard code list/enumeration mechanism - OPTION 1 AND DEFAULT)
+		Produced by: OASIS Customer Information Quality Technical Committee
+		URL: http://www.oasis-open.org/committees/ciq
+		Version: 3.0  
+		Status: Committee Specification CS02
+		Copyright: 2007-09, OASIS, http://www.oasis-open.org
+		Last Modified: 20 September 2008
+		Last Modified by: Ram Kumar, Chair, OASIS CIQ TC 
+		NOTE: Do not modify this schema as it will break specifications compatibility 
+		</xs:documentation>
+		<xs:documentation>Please note: These schemas have been modified by the STIX team to support remote validation. The only change made is to the schemaLocation attribute(s).</xs:documentation>
+	</xs:annotation>
+	<xs:include schemaLocation="xAL-types.xsd"/>
+	<xs:import namespace="urn:oasis:names:tc:ciq:ct:3" schemaLocation="CommonTypes.xsd"/>
+	<xs:import namespace="http://www.w3.org/1999/xlink" schemaLocation="xlink-2003-12-31.xsd"/>
+	<xs:element name="Address" type="AddressType">
+		<xs:annotation>
+			<xs:documentation>Top level element for address with geocode details</xs:documentation>
+		</xs:annotation>
+	</xs:element>
+	<xs:complexType name="AddressType">
+		<xs:annotation>
+			<xs:documentation>Complex type that defines the structure of an address with geocode details for reuse</xs:documentation>
+		</xs:annotation>
+		<xs:sequence>
+			<xs:element name="FreeTextAddress" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>Container for free text address elements where address elements are not parsed </xs:documentation>
+				</xs:annotation>
+				<xs:complexType>
+					<xs:sequence>
+						<xs:element name="AddressLine" maxOccurs="unbounded">
+							<xs:annotation>
+								<xs:documentation>Free format address representation. An address can have more than one line. The order of the AddressLine elements must be preserved.</xs:documentation>
+							</xs:annotation>
+							<xs:complexType>
+								<xs:simpleContent>
+									<xs:extension base="ct:String">
+										<xs:attribute name="Type" type="AddressLineTypeList">
+											<xs:annotation>
+												<xs:documentation>What does the address line describe? e.g. Street details, suburb details, post code details, whole address, etc</xs:documentation>
+											</xs:annotation>
+										</xs:attribute>
+										<xs:attributeGroup ref="ct:grDataQuality"/>
+										<xs:anyAttribute namespace="##other"/>
+									</xs:extension>
+								</xs:simpleContent>
+							</xs:complexType>
+						</xs:element>
+					</xs:sequence>
+					<xs:attributeGroup ref="ct:grDataQuality"/>
+					<xs:anyAttribute namespace="##other" processContents="lax"/>
+				</xs:complexType>
+			</xs:element>
+			<xs:element name="Country" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>Country details</xs:documentation>
+				</xs:annotation>
+				<xs:complexType>
+					<xs:complexContent>
+						<xs:extension base="CountryType"/>
+					</xs:complexContent>
+				</xs:complexType>
+			</xs:element>
+			<xs:element name="AdministrativeArea" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>Details of the top-level area division in the country, such as state, district, province, island, region, etc. Note that some countries do not have this</xs:documentation>
+				</xs:annotation>
+				<xs:complexType>
+					<xs:sequence>
+						<xs:element name="NameElement" maxOccurs="unbounded">
+							<xs:annotation>
+								<xs:documentation>Data associated with the Administrative Area. e.g. Full name of administrative area or part of it. eg. MI in USA, NSW in Australia, reference location to the administrative area</xs:documentation>
+							</xs:annotation>
+							<xs:complexType>
+								<xs:simpleContent>
+									<xs:extension base="ct:String">
+										<xs:attributeGroup ref="ct:grAbbreviation"/>
+										<xs:attribute name="NameType" type="AdministrativeAreaNameTypeList">
+											<xs:annotation>
+												<xs:documentation>semantics of data associated with name</xs:documentation>
+											</xs:annotation>
+										</xs:attribute>
+										<xs:attribute name="NameCode" type="AdministrativeAreaNameCodeList">
+											<xs:annotation>
+												<xs:documentation>Name of administrative area represented as a code. e.g. "COL" for COLORADO</xs:documentation>
+											</xs:annotation>
+										</xs:attribute>
+										<xs:attribute name="NameCodeType" type="ct:String">
+											<xs:annotation>
+												<xs:documentation>Type of code used to represent name as a code</xs:documentation>
+											</xs:annotation>
+										</xs:attribute>
+										<xs:anyAttribute namespace="##other"/>
+									</xs:extension>
+								</xs:simpleContent>
+							</xs:complexType>
+						</xs:element>
+						<xs:element name="SubAdministrativeArea" minOccurs="0">
+							<xs:annotation>
+								<xs:documentation>The next level down division of the area. E.g. state / county, province / reservation. Note that not all countries have a subadministrative area</xs:documentation>
+							</xs:annotation>
+							<xs:complexType>
+								<xs:sequence>
+									<xs:element name="NameElement" maxOccurs="unbounded">
+										<xs:annotation>
+											<xs:documentation>Data associated with the SubAdministrative Area. e.g. Full name of sub administrative area or part of it.  </xs:documentation>
+										</xs:annotation>
+										<xs:complexType>
+											<xs:simpleContent>
+												<xs:extension base="ct:String">
+													<xs:attributeGroup ref="ct:grAbbreviation"/>
+													<xs:attribute name="NameType" type="SubAdministrativeAreaNameTypeList">
+														<xs:annotation>
+															<xs:documentation>semantics of data associated with name</xs:documentation>
+														</xs:annotation>
+													</xs:attribute>
+													<xs:attribute name="NameCode" type="SubAdministrativeAreaNameCodeList">
+														<xs:annotation>
+															<xs:documentation>Name of administrative area represented as a code. e.g. "COL" for COLORADO</xs:documentation>
+														</xs:annotation>
+													</xs:attribute>
+													<xs:attribute name="NameCodeType" type="ct:String">
+														<xs:annotation>
+															<xs:documentation>Type of code used to represent name as a code</xs:documentation>
+														</xs:annotation>
+													</xs:attribute>
+													<xs:anyAttribute namespace="##other"/>
+												</xs:extension>
+											</xs:simpleContent>
+										</xs:complexType>
+									</xs:element>
+								</xs:sequence>
+								<xs:attribute name="Type" type="SubAdministrativeAreaTypeList">
+									<xs:annotation>
+										<xs:documentation>Type of sub administrative area</xs:documentation>
+									</xs:annotation>
+								</xs:attribute>
+								<xs:attributeGroup ref="ct:grDataQuality"/>
+								<xs:anyAttribute namespace="##other" processContents="lax"/>
+							</xs:complexType>
+						</xs:element>
+					</xs:sequence>
+					<xs:attribute name="Type" type="AdministrativeAreaTypeList">
+						<xs:annotation>
+							<xs:documentation>Type of administrative area. e.g. state, city, town, etc</xs:documentation>
+						</xs:annotation>
+					</xs:attribute>
+					<xs:attributeGroup ref="ct:grDataQuality"/>
+					<xs:anyAttribute namespace="##other" processContents="lax"/>
+				</xs:complexType>
+			</xs:element>
+			<xs:element name="Locality" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>Details of Locality which is a named densely populated area  (a place) such as town, village, suburb, etc. A locality composes of many individual addresses.  Many localities exist in an administrative area or a sub adminisrative area. A locality can also have sub localities. For example, a municipality locality can have many villages associated with it which are sub localities. Example: Tamil Nadu State, Erode District, Bhavani Taluk, Paruvachi Village is a valid address in India. Tamil Nadu is the Administrative Area, Erode is the sub admin area, Bhavani is the locality, and Paruvachi is the sub locality</xs:documentation>
+				</xs:annotation>
+				<xs:complexType>
+					<xs:sequence>
+						<xs:element name="NameElement" maxOccurs="unbounded">
+							<xs:annotation>
+								<xs:documentation>Data associated with the locality. e.g. Full name of the locality or part of it, reference location to the locality</xs:documentation>
+							</xs:annotation>
+							<xs:complexType>
+								<xs:simpleContent>
+									<xs:extension base="ct:String">
+										<xs:attributeGroup ref="ct:grAbbreviation"/>
+										<xs:attribute name="NameType" type="LocalityNameTypeList">
+											<xs:annotation>
+												<xs:documentation>semantics of data associated with name</xs:documentation>
+											</xs:annotation>
+										</xs:attribute>
+										<xs:attribute name="NameCode" type="LocalityNameCodeList">
+											<xs:annotation>
+												<xs:documentation>name of locality represented as a code</xs:documentation>
+											</xs:annotation>
+										</xs:attribute>
+										<xs:attribute name="NameCodeType" type="ct:String">
+											<xs:annotation>
+												<xs:documentation>type of code used to represent name as a code</xs:documentation>
+											</xs:annotation>
+										</xs:attribute>
+										<xs:anyAttribute namespace="##other"/>
+									</xs:extension>
+								</xs:simpleContent>
+							</xs:complexType>
+						</xs:element>
+						<xs:element name="SubLocality" minOccurs="0">
+							<xs:annotation>
+								<xs:documentation>A locality that is smaller and is contained within the boundaries of its parent locality. Note that not all localities have sub locality. For example, many areas within a locality where each area is a sub locality</xs:documentation>
+							</xs:annotation>
+							<xs:complexType>
+								<xs:sequence>
+									<xs:element name="NameElement" maxOccurs="unbounded">
+										<xs:annotation>
+											<xs:documentation>Data associated with the sub locality. e.g. Full name of the locality or part of it, reference location to the locality</xs:documentation>
+										</xs:annotation>
+										<xs:complexType>
+											<xs:simpleContent>
+												<xs:extension base="ct:String">
+													<xs:attributeGroup ref="ct:grAbbreviation"/>
+													<xs:attribute name="NameType" type="SubLocalityNameTypeList">
+														<xs:annotation>
+															<xs:documentation>semantics of data associated with name</xs:documentation>
+														</xs:annotation>
+													</xs:attribute>
+													<xs:attribute name="NameCode" type="SubLocalityNameCodeList">
+														<xs:annotation>
+															<xs:documentation>name of locality represented as a code</xs:documentation>
+														</xs:annotation>
+													</xs:attribute>
+													<xs:attribute name="NameCodeType" type="ct:String">
+														<xs:annotation>
+															<xs:documentation>type of code used to represent name as a code</xs:documentation>
+														</xs:annotation>
+													</xs:attribute>
+													<xs:anyAttribute namespace="##other"/>
+												</xs:extension>
+											</xs:simpleContent>
+										</xs:complexType>
+									</xs:element>
+								</xs:sequence>
+								<xs:attribute name="Type" type="SubLocalityTypeList">
+									<xs:annotation>
+										<xs:documentation>Type of sub locality</xs:documentation>
+									</xs:annotation>
+								</xs:attribute>
+								<xs:attributeGroup ref="ct:grDataQuality"/>
+								<xs:anyAttribute namespace="##other" processContents="lax"/>
+							</xs:complexType>
+						</xs:element>
+					</xs:sequence>
+					<xs:attribute name="Type" type="LocalityTypeList">
+						<xs:annotation>
+							<xs:documentation>Type of locality. e.g. suburb, area, zone, village, etc</xs:documentation>
+						</xs:annotation>
+					</xs:attribute>
+					<xs:attributeGroup ref="ct:grDataQuality"/>
+					<xs:anyAttribute namespace="##other" processContents="lax"/>
+				</xs:complexType>
+			</xs:element>
+			<xs:element name="Thoroughfare" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>Details of the Access route along which buildings/lot/land are located, such as street, road, channel, crescent, avenue, etc. This also includes canals/banks on which houses/boat houses are located where people live</xs:documentation>
+				</xs:annotation>
+				<xs:complexType>
+					<xs:complexContent>
+						<xs:extension base="ThoroughfareType">
+							<xs:sequence>
+								<xs:element name="SubThoroughfare" minOccurs="0" maxOccurs="5">
+									<xs:annotation>
+										<xs:documentation>Another thoroughfare that is required to uniquely identify the location, such as an access route, intersection, corner, adjacent, boundary, etc</xs:documentation>
+									</xs:annotation>
+									<xs:complexType>
+										<xs:complexContent>
+											<xs:extension base="ThoroughfareType"/>
+										</xs:complexContent>
+									</xs:complexType>
+								</xs:element>
+							</xs:sequence>
+						</xs:extension>
+					</xs:complexContent>
+				</xs:complexType>
+			</xs:element>
+			<xs:element name="Premises" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>Details of the Premises (could be building(s), site, loaction, property, premise, place) which is a landmark place which has a main address such as large mail user (e.g. Airport, Hospital, University) or could be a building (e.g. apartment, house)  or a building or complex of buildings (e.g. an apartment complex or shopping centre) or even a vacant land (e.g. LOT). A premises can have many sub-addresses such as apartments in a building having its own addresses or buildings within an airport having its own addresses including its own thoroughfares</xs:documentation>
+				</xs:annotation>
+				<xs:complexType>
+					<xs:complexContent>
+						<xs:extension base="PremisesType">
+							<xs:sequence>
+								<xs:element name="SubPremises" minOccurs="0" maxOccurs="unbounded">
+									<xs:annotation>
+										<xs:documentation>Examples of sub-premises are apartments and suites in buildings, shops in malls, etc.  or sub-addresses in a land mark place such as airports, military bases, hospitals, etc. Some countries have blocks within blocks</xs:documentation>
+									</xs:annotation>
+									<xs:complexType>
+										<xs:complexContent>
+											<xs:extension base="PremisesType">
+												<xs:attribute name="Type" type="SubPremisesTypeList"/>
+												<xs:attribute name="TypeCode" type="ct:String">
+													<xs:annotation>
+														<xs:documentation>Type of code used for sub premises type attribute</xs:documentation>
+													</xs:annotation>
+												</xs:attribute>
+											</xs:extension>
+										</xs:complexContent>
+									</xs:complexType>
+								</xs:element>
+							</xs:sequence>
+							<xs:attribute name="Type" type="PremisesTypeList"/>
+							<xs:attribute name="TypeCode" type="ct:String">
+								<xs:annotation>
+									<xs:documentation>Type of code use for Premises Type attribute</xs:documentation>
+								</xs:annotation>
+							</xs:attribute>
+						</xs:extension>
+					</xs:complexContent>
+				</xs:complexType>
+			</xs:element>
+			<xs:element name="PostCode" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>A container for a single free text or structured postcode. Note that not all countries have post codes</xs:documentation>
+				</xs:annotation>
+				<xs:complexType>
+					<xs:sequence>
+						<xs:element name="Identifier" type="IdentifierType" maxOccurs="unbounded">
+							<xs:annotation>
+								<xs:documentation>The postcode is formatted according to country-specific rules. Example: SW3 0A8-1A, 600074, 2067. This element can also be used to define the semantics of what each code in the post code means</xs:documentation>
+							</xs:annotation>
+						</xs:element>
+					</xs:sequence>
+					<xs:attributeGroup ref="ct:grDataQuality"/>
+					<xs:anyAttribute namespace="##other" processContents="lax"/>
+				</xs:complexType>
+			</xs:element>
+			<xs:element name="RuralDelivery" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>A container for postal-specific delivery identifier for remote communities. Note that not all countries have RuralDelivery</xs:documentation>
+				</xs:annotation>
+				<xs:complexType>
+					<xs:sequence>
+						<xs:element name="Identifier" type="IdentifierType" maxOccurs="unbounded">
+							<xs:annotation>
+								<xs:documentation>Free text or structured description of rural delivery route. e.g. RD 6, </xs:documentation>
+							</xs:annotation>
+						</xs:element>
+					</xs:sequence>
+					<xs:attribute name="Type" type="RuralDeliveryTypeList">
+						<xs:annotation>
+							<xs:documentation>Type of rural delivery. For some addresses, delivery to rural areas happens via water, air or road</xs:documentation>
+						</xs:annotation>
+					</xs:attribute>
+					<xs:attributeGroup ref="ct:grDataQuality"/>
+					<xs:anyAttribute namespace="##other" processContents="lax"/>
+				</xs:complexType>
+			</xs:element>
+			<xs:element name="PostalDeliveryPoint" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>Final mail delivery point where the mail is dropped off for recipients to pick them up directly. E.g. POBox, Private Bag,  pigeon hole, free mail numbers, etc.</xs:documentation>
+				</xs:annotation>
+				<xs:complexType>
+					<xs:sequence>
+						<xs:element name="Identifier" type="IdentifierType" maxOccurs="unbounded">
+							<xs:annotation>
+								<xs:documentation>Free text or structured description of a postal delivery point.</xs:documentation>
+							</xs:annotation>
+						</xs:element>
+					</xs:sequence>
+					<xs:attribute name="Type" type="PostalDeliveryPointTypeList"/>
+					<xs:attributeGroup ref="ct:grDataQuality"/>
+					<xs:anyAttribute namespace="##other" processContents="lax"/>
+				</xs:complexType>
+			</xs:element>
+			<xs:element name="PostOffice" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>A delivery point/installation where all mails are delivered and the post man/delivery service picks up the mails and delivers it to the recipients through a delivery mode. Examples are a rural post office where post is delivered, a post office containing post office boxes/personal mail boxes. Note that not all countries have PostOffice. Can be used to represent overseas military addresses also along with PostalDeliveryPoint element</xs:documentation>
+				</xs:annotation>
+				<xs:complexType>
+					<xs:sequence>
+						<xs:element name="Identifier" type="IdentifierType" maxOccurs="unbounded">
+							<xs:annotation>
+								<xs:documentation>Name or number of the post office in free text or structured form.</xs:documentation>
+							</xs:annotation>
+						</xs:element>
+					</xs:sequence>
+					<xs:attribute name="Type" type="PostOfficeTypeList">
+						<xs:annotation>
+							<xs:documentation>Indicates the type of postal delivery office from where the mail will be distributed to the final delivery point by a delivery mode.  Example: Post Office, Mail Collection Centre, Letter Carrier Depot,  Station, etc. </xs:documentation>
+						</xs:annotation>
+					</xs:attribute>
+					<xs:attributeGroup ref="ct:grDataQuality"/>
+					<xs:anyAttribute namespace="##other" processContents="lax"/>
+				</xs:complexType>
+			</xs:element>
+			<xs:element name="GeoRSS" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>GeoRSS GML from Open Geospatial Consortium (www.opengeospatial.net) is a formal GML Application Profile, and supports a greater range of features than Simple, notably coordinate reference systems other than WGS84 latitude/longitude. It is designed for use with Atom 1.0, RSS 2.0 and RSS 1.0, although it can be used just as easily in non-RSS XML encodings. </xs:documentation>
+				</xs:annotation>
+				<xs:complexType>
+					<xs:sequence>
+						<xs:any namespace="http://www.georss.org/georss" maxOccurs="unbounded">
+							<xs:annotation>
+								<xs:documentation>Could be GeoRSS Simple or GeoRSS GML versions. Refer to http://georss.org/ and http://georss.org/gml for further documentation</xs:documentation>
+							</xs:annotation>
+						</xs:any>
+					</xs:sequence>
+					<xs:anyAttribute namespace="##other" processContents="lax"/>
+				</xs:complexType>
+			</xs:element>
+			<xs:element name="LocationByCoordinates" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>Simple Geo-coordinates of the address/location</xs:documentation>
+				</xs:annotation>
+				<xs:complexType>
+					<xs:sequence>
+						<xs:element name="Latitude" minOccurs="0">
+							<xs:annotation>
+								<xs:documentation>Latitude details</xs:documentation>
+							</xs:annotation>
+							<xs:complexType>
+								<xs:attribute name="DegreesMeasure" type="ct:String">
+									<xs:annotation>
+										<xs:documentation>Measure of the latitude in degrees</xs:documentation>
+									</xs:annotation>
+								</xs:attribute>
+								<xs:attribute name="MinutesMeasure" type="ct:String">
+									<xs:annotation>
+										<xs:documentation>Measure of the latitude in minutes</xs:documentation>
+									</xs:annotation>
+								</xs:attribute>
+								<xs:attribute name="SecondsMeasure" type="ct:String">
+									<xs:annotation>
+										<xs:documentation>Measure of the latitude in seconds</xs:documentation>
+									</xs:annotation>
+								</xs:attribute>
+								<xs:attribute name="Direction" type="DirectionTypeList">
+									<xs:annotation>
+										<xs:documentation>The direction of latitude measurement offset from the equator</xs:documentation>
+									</xs:annotation>
+								</xs:attribute>
+								<xs:anyAttribute namespace="##other" processContents="lax"/>
+							</xs:complexType>
+						</xs:element>
+						<xs:element name="Longitude" minOccurs="0">
+							<xs:annotation>
+								<xs:documentation>Longitude details</xs:documentation>
+							</xs:annotation>
+							<xs:complexType>
+								<xs:attribute name="DegreesMeasure" type="ct:String">
+									<xs:annotation>
+										<xs:documentation>Measure of the longitude in degrees</xs:documentation>
+									</xs:annotation>
+								</xs:attribute>
+								<xs:attribute name="MinutesMeasure" type="ct:String">
+									<xs:annotation>
+										<xs:documentation>Measure of the longitude in minutes</xs:documentation>
+									</xs:annotation>
+								</xs:attribute>
+								<xs:attribute name="SecondsMeasure" type="ct:String">
+									<xs:annotation>
+										<xs:documentation>Measure of the longitude in seconds</xs:documentation>
+									</xs:annotation>
+								</xs:attribute>
+								<xs:attribute name="Direction" type="DirectionTypeList">
+									<xs:annotation>
+										<xs:documentation>The direction of  longitude measurement offset from the equator</xs:documentation>
+									</xs:annotation>
+								</xs:attribute>
+								<xs:anyAttribute namespace="##other" processContents="lax"/>
+							</xs:complexType>
+						</xs:element>
+					</xs:sequence>
+					<xs:attribute name="Meridian" type="MeridianCodeList">
+						<xs:annotation>
+							<xs:documentation>The collection of the coordinate numeric values for latitude amd longtitude depends on the agreed position of the meridian. Declaration of the meridian is necessary as it cannot be assumed in the data</xs:documentation>
+						</xs:annotation>
+					</xs:attribute>
+					<xs:attribute name="MeridianCodeType" type="ct:String">
+						<xs:annotation>
+							<xs:documentation>Type of code used. e.g. EPSG Code</xs:documentation>
+						</xs:annotation>
+					</xs:attribute>
+					<xs:attribute name="Datum" type="DatumCodeList">
+						<xs:annotation>
+							<xs:documentation>The collection of the coordinate numeric values depends on the agreed datum within which the measurement was taken. Declaration of the datum is necessary as it cannot be assumed in the data</xs:documentation>
+						</xs:annotation>
+					</xs:attribute>
+					<xs:attribute name="DatumCodeType" type="ct:String">
+						<xs:annotation>
+							<xs:documentation>Type of code used. e.g. EPSG Code, WGS-84</xs:documentation>
+						</xs:annotation>
+					</xs:attribute>
+					<xs:attribute name="Projection" type="ProjectionCodeList">
+						<xs:annotation>
+							<xs:documentation>Coordinates have limited utility and application depending on the projection required for visualisation in a map. Declaration of projection is necessary as it cannot be assumed in data</xs:documentation>
+						</xs:annotation>
+					</xs:attribute>
+					<xs:attribute name="ProjectionCodeType" type="ct:String">
+						<xs:annotation>
+							<xs:documentation>Type of code used. e.g. EPSG Code</xs:documentation>
+						</xs:annotation>
+					</xs:attribute>
+					<xs:attributeGroup ref="ct:grDataQuality"/>
+					<xs:anyAttribute namespace="##other" processContents="lax"/>
+				</xs:complexType>
+			</xs:element>
+		</xs:sequence>
+		<xs:attribute name="Type" type="AddressTypeList">
+			<xs:annotation>
+				<xs:documentation>Defines the type of address. An address type can be" Primary Address, Secondary Address, Rural Address, Military Address, etc.</xs:documentation>
+			</xs:annotation>
+		</xs:attribute>
+		<xs:attribute name="AddressID" type="ct:String">
+			<xs:annotation>
+				<xs:documentation>A unique address identifier such as postal delivery idetifier assigned to the address by local postal authority, e.g. DPID in Australia.</xs:documentation>
+			</xs:annotation>
+		</xs:attribute>
+		<xs:attribute name="AddressIDType" type="AddressIDTypeList">
+			<xs:annotation>
+				<xs:documentation>Type of address ID used. e.g. DPID, etc</xs:documentation>
+			</xs:annotation>
+		</xs:attribute>
+		<xs:attribute name="ID" type="ct:String">
+			<xs:annotation>
+				<xs:documentation>A globally unique identifier assigned to the address</xs:documentation>
+			</xs:annotation>
+		</xs:attribute>
+		<xs:attribute name="Usage" type="AddressUsageList">
+			<xs:annotation>
+				<xs:documentation>The purpose the address is used for. E.g.  Postal, residential, business,  exchange, update, create, delete, etc</xs:documentation>
+			</xs:annotation>
+		</xs:attribute>
+		<xs:attribute name="DeliveryMode" type="DeliveryModeList">
+			<xs:annotation>
+				<xs:documentation>Mode of delivery of address. For example: rural route, normal delivery, post office box, etc. </xs:documentation>
+			</xs:annotation>
+		</xs:attribute>
+		<xs:attribute name="Status" type="ct:StatusList">
+			<xs:annotation>
+				<xs:documentation>Status of the entity. e.g. Old, Current, Inactive, Active, etc</xs:documentation>
+			</xs:annotation>
+		</xs:attribute>
+		<xs:attributeGroup ref="ct:grValidityDate"/>
+		<xs:attribute name="AddressKey" type="ct:String">
+			<xs:annotation>
+				<xs:documentation>A primary key to reference Address.</xs:documentation>
+			</xs:annotation>
+		</xs:attribute>
+		<xs:attribute name="AddressKeyRef" type="ct:String">
+			<xs:annotation>
+				<xs:documentation>A foreign key to reference attribute Key of Address.</xs:documentation>
+			</xs:annotation>
+		</xs:attribute>
+		<xs:attribute ref="xlink:type"/>
+		<xs:attribute ref="xlink:label"/>
+		<xs:attribute ref="xlink:href"/>
+		<xs:attributeGroup ref="ct:grDataQuality"/>
+		<xs:attributeGroup ref="ct:grLanguageCode"/>
+		<xs:anyAttribute namespace="##other" processContents="lax"/>
+	</xs:complexType>
+	<xs:complexType name="CountryType">
+		<xs:annotation>
+			<xs:documentation>Complex type that defines the name of the country and is reused in other CIQ specs</xs:documentation>
+		</xs:annotation>
+		<xs:sequence>
+			<xs:element name="NameElement" maxOccurs="unbounded">
+				<xs:annotation>
+					<xs:documentation>Data associated with the name of the country in whatever form available, e.g. full, abbreviation, common use, code of the country, etc.</xs:documentation>
+				</xs:annotation>
+				<xs:complexType>
+					<xs:simpleContent>
+						<xs:extension base="ct:String">
+							<xs:attributeGroup ref="ct:grAbbreviation"/>
+							<xs:attribute name="NameType" type="CountryNameTypeList">
+								<xs:annotation>
+									<xs:documentation>Semantics of data associated with name. </xs:documentation>
+								</xs:annotation>
+							</xs:attribute>
+							<xs:attribute name="NameCode" type="CountryNameCodeList">
+								<xs:annotation>
+									<xs:documentation>Name of the country represented as a code</xs:documentation>
+								</xs:annotation>
+							</xs:attribute>
+							<xs:attribute name="NameCodeType" type="ct:String">
+								<xs:annotation>
+									<xs:documentation>Type of code used to represent name of country, e.g. iso-3166</xs:documentation>
+								</xs:annotation>
+							</xs:attribute>
+							<xs:anyAttribute namespace="##other"/>
+						</xs:extension>
+					</xs:simpleContent>
+				</xs:complexType>
+			</xs:element>
+		</xs:sequence>
+		<xs:anyAttribute namespace="##other" processContents="lax"/>
+	</xs:complexType>
+	<xs:complexType name="IdentifierType">
+		<xs:annotation>
+			<xs:documentation>Complex type for internal reuse</xs:documentation>
+		</xs:annotation>
+		<xs:simpleContent>
+			<xs:extension base="ct:String">
+				<xs:attribute name="Type" type="IdentifierElementTypeList">
+					<xs:annotation>
+						<xs:documentation>Indicates which part of number or identifier this element contains. Some "numbers" are as simple as 42 and some "numbers" are more like complex aplhanumberic identifiers as Postcodes in UK or Canada, e.g. M2H 2S5. It may be necessary to separate the "number" into sub-elements and indicate what type of information each of them contains.</xs:documentation>
+					</xs:annotation>
+				</xs:attribute>
+				<xs:attributeGroup ref="ct:grAbbreviation"/>
+				<xs:anyAttribute namespace="##other" processContents="lax"/>
+			</xs:extension>
+		</xs:simpleContent>
+	</xs:complexType>
+	<xs:complexType name="PremisesType">
+		<xs:annotation>
+			<xs:documentation>Complex type for internal reuse</xs:documentation>
+		</xs:annotation>
+		<xs:choice maxOccurs="unbounded">
+			<xs:element name="NameElement">
+				<xs:annotation>
+					<xs:documentation>Data associated with the name of the Premises. e.g. Full name of premises or part of the name. E.g. Westfield shopping center, reference data to support the premises location, street in the premises</xs:documentation>
+				</xs:annotation>
+				<xs:complexType>
+					<xs:simpleContent>
+						<xs:extension base="ct:String">
+							<xs:attributeGroup ref="ct:grAbbreviation"/>
+							<xs:attribute name="NameType" type="PremisesElementTypeList">
+								<xs:annotation>
+									<xs:documentation>Describes the type / part of name this element contains.</xs:documentation>
+								</xs:annotation>
+							</xs:attribute>
+							<xs:anyAttribute namespace="##other"/>
+						</xs:extension>
+					</xs:simpleContent>
+				</xs:complexType>
+			</xs:element>
+			<xs:element name="Number" type="IdentifierType">
+				<xs:annotation>
+					<xs:documentation>Data associated with the number of the premises. E.g.House 15, number range, number suffix</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+		</xs:choice>
+		<xs:anyAttribute namespace="##other" processContents="lax"/>
+	</xs:complexType>
+	<xs:complexType name="ThoroughfareType">
+		<xs:annotation>
+			<xs:documentation>Complex type for internal reuse</xs:documentation>
+		</xs:annotation>
+		<xs:choice maxOccurs="unbounded">
+			<xs:element name="NameElement">
+				<xs:annotation>
+					<xs:documentation>Data associated with the thoroughfare details. e.g. Full thoroughfare name or part of it, type of thoroughfare, old name, new name, reference data in support of the thoroughfare</xs:documentation>
+				</xs:annotation>
+				<xs:complexType>
+					<xs:simpleContent>
+						<xs:extension base="ct:String">
+							<xs:attributeGroup ref="ct:grAbbreviation"/>
+							<xs:attribute name="NameType" type="ThoroughfareNameTypeList">
+								<xs:annotation>
+									<xs:documentation>Describes the type / part of name this element contains.</xs:documentation>
+								</xs:annotation>
+							</xs:attribute>
+							<xs:anyAttribute namespace="##other"/>
+						</xs:extension>
+					</xs:simpleContent>
+				</xs:complexType>
+			</xs:element>
+			<xs:element name="Number" type="IdentifierType">
+				<xs:annotation>
+					<xs:documentation>Data associated with the number of the thoroughfare. E.g. 39 in 39 Baker Street, street range, street suffix</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+		</xs:choice>
+		<xs:attribute name="Type" type="ThoroughfareTypeList">
+			<xs:annotation>
+				<xs:documentation>Type of thoroughfare. eg. primary road, secondary road, road branch (e.g. Lane 14), road sub branch (e.g. Alley 21), adjourning street, cross street, closest street, etc</xs:documentation>
+			</xs:annotation>
+		</xs:attribute>
+		<xs:attribute name="TypeCode" type="ct:String">
+			<xs:annotation>
+				<xs:documentation>Type of code use for thoroughfare</xs:documentation>
+			</xs:annotation>
+		</xs:attribute>
+		<xs:attributeGroup ref="ct:grDataQuality"/>
+		<xs:anyAttribute namespace="##other" processContents="lax"/>
+	</xs:complexType>
+</xs:schema>
diff --git a/stix_validator/schema/external/oasis_ciq_3.0/xNAL-types.xsd b/stix_validator/schema/external/oasis_ciq_3.0/xNAL-types.xsd
new file mode 100755
index 0000000..d66079f
--- /dev/null
+++ b/stix_validator/schema/external/oasis_ciq_3.0/xNAL-types.xsd
@@ -0,0 +1,36 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<xs:schema xmlns="urn:oasis:names:tc:ciq:xnal:3" xmlns:xs="http://www.w3.org/2001/XMLSchema" targetNamespace="urn:oasis:names:tc:ciq:xnal:3" elementFormDefault="qualified" attributeFormDefault="qualified">
+	<xs:annotation>
+		<xs:documentation> 
+		Specification Name: OASIS CIQ TC - extensible Name and Address Language Types (xNAL-types)
+		Description: Defines the W3C schema that provides enumeration lists to support xNAL v3.0
+		(Using XML Schema based standard code list/enumeration mechanism - OPTION 1 AND DEFAULT)
+		Produced by: OASIS Customer Information Quality Technical Committee
+		URL: http://www.oasis-open.org/committees/ciq
+		Version: 3.0  
+		Status: Committee Specification CS02
+		Copyright: 2007-09, OASIS, http://www.oasis-open.org
+		Last Modified: 20 September 2008
+		Last Modified by: Ram Kumar, Chair, OASIS CIQ TC 
+		
+		NOTE: This is the schema that users can customise the enumeration lists to meet their
+		exchange requirements. The enumeration values provided are ONLY SAMPLES and 
+		is not complete. It is upto the application to decide what the values should be.  To achieve 
+		interoperability between applications using this specification, it is recommended that an
+		SLA/agreement is in place as to what the enumeration values will be used in this file 
+		</xs:documentation>
+		<xs:documentation>Please note: These schemas have been modified by the STIX team to support remote validation. The only change made is to the schemaLocation attribute(s).</xs:documentation>
+	</xs:annotation>
+	<xs:simpleType name="DependencyTypeList">
+		<xs:annotation>
+			<xs:documentation>A list of possible values for dependency name type</xs:documentation>
+		</xs:annotation>
+		<xs:restriction base="xs:normalizedString"/>
+	</xs:simpleType>
+	<xs:simpleType name="RecordIDTypeList">
+		<xs:annotation>
+			<xs:documentation>A list of all types of Record IDs</xs:documentation>
+		</xs:annotation>
+		<xs:restriction base="xs:normalizedString"/>
+	</xs:simpleType>
+</xs:schema>
diff --git a/stix_validator/schema/external/oasis_ciq_3.0/xNAL.xsd b/stix_validator/schema/external/oasis_ciq_3.0/xNAL.xsd
new file mode 100755
index 0000000..c09c6bc
--- /dev/null
+++ b/stix_validator/schema/external/oasis_ciq_3.0/xNAL.xsd
@@ -0,0 +1,126 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<xs:schema xmlns:xs="http://www.w3.org/2001/XMLSchema" xmlns:xal="urn:oasis:names:tc:ciq:xal:3" xmlns:xnl="urn:oasis:names:tc:ciq:xnl:3" xmlns="urn:oasis:names:tc:ciq:xnal:3" xmlns:ct="urn:oasis:names:tc:ciq:ct:3" targetNamespace="urn:oasis:names:tc:ciq:xnal:3" elementFormDefault="qualified" attributeFormDefault="qualified">
+	<xs:annotation>
+		<xs:documentation> 
+		Specification Name: OASIS CIQ TC - extensible Name and Address Language (xNAL) 
+		Description: Defines the W3C schema for representing name and address together
+		(Using XML Schema based standard code list/enumeration mechanism - OPTION 1 AND DEFAULT)
+		Produced by: OASIS Customer Information Quality Technical Committee
+		URL: http://www.oasis-open.org/committees/ciq
+		Version: 3.0  
+		Status: Committee Specification CS02
+		Copyright: 2007-09, OASIS, http://www.oasis-open.org
+		Last Modified: 20 September 2008
+		Last Modified by: Ram Kumar, Chair, OASIS CIQ TC 
+		
+		NOTE: Do not modify this schema as it will break specifications compatibility 
+		</xs:documentation>
+		<xs:documentation>Please note: These schemas have been modified by the STIX team to support remote validation. The only change made is to the schemaLocation attribute(s).</xs:documentation>
+	</xs:annotation>
+	<xs:include schemaLocation="xNAL-types.xsd"/>
+	<xs:import namespace="urn:oasis:names:tc:ciq:xnl:3" schemaLocation="xNL.xsd"/>
+	<xs:import namespace="urn:oasis:names:tc:ciq:xal:3" schemaLocation="xAL.xsd"/>
+	<xs:import namespace="urn:oasis:names:tc:ciq:ct:3" schemaLocation="CommonTypes.xsd"/>
+	<xs:element name="Record">
+		<xs:annotation>
+			<xs:documentation>This is a generic contianer to combine name and address. Any cardinality of names and addresses is permitted.</xs:documentation>
+		</xs:annotation>
+		<xs:complexType>
+			<xs:sequence>
+				<xs:element ref="xnl:PartyName" maxOccurs="unbounded"/>
+				<xs:element ref="xal:Address" maxOccurs="unbounded"/>
+			</xs:sequence>
+			<xs:attribute name="RecordID" type="ct:String">
+				<xs:annotation>
+					<xs:documentation>A unique identifier of a record</xs:documentation>
+				</xs:annotation>
+			</xs:attribute>
+			<xs:attribute name="RecordIDType" type="RecordIDTypeList">
+				<xs:annotation>
+					<xs:documentation>Type of Record ID</xs:documentation>
+				</xs:annotation>
+			</xs:attribute>
+			<xs:attribute name="Status" type="ct:StatusList">
+				<xs:annotation>
+					<xs:documentation>Status of the entity. e.g. Old, Current, Inactive, Active, etc</xs:documentation>
+				</xs:annotation>
+			</xs:attribute>
+			<xs:attributeGroup ref="ct:grValidityDate"/>
+			<xs:attribute name="RecordKey" type="ct:String">
+				<xs:annotation>
+					<xs:documentation>Primary key for referencing record</xs:documentation>
+				</xs:annotation>
+			</xs:attribute>
+			<xs:attribute name="RecordKeyRef" type="ct:String">
+				<xs:annotation>
+					<xs:documentation>Foreign key to reference record</xs:documentation>
+				</xs:annotation>
+			</xs:attribute>
+			<xs:attributeGroup ref="ct:grDataQuality"/>
+			<xs:attributeGroup ref="ct:grLanguageCode"/>
+			<xs:anyAttribute namespace="##other" processContents="lax"/>
+		</xs:complexType>
+	</xs:element>
+	<xs:element name="PostalLabel">
+		<xs:annotation>
+			<xs:documentation>This is a specialised container to combine name and address for postal purposes, e.g. a label on an envelope that has two parts, an addressee and the address.</xs:documentation>
+		</xs:annotation>
+		<xs:complexType>
+			<xs:sequence>
+				<xs:element name="Addressee" minOccurs="0" maxOccurs="unbounded">
+					<xs:annotation>
+						<xs:documentation>Addressee is the party that is the recipient of the postal mail delivery.  </xs:documentation>
+					</xs:annotation>
+					<xs:complexType>
+						<xs:sequence>
+							<xs:element name="Designation" minOccurs="0" maxOccurs="unbounded">
+								<xs:annotation>
+									<xs:documentation>When the name of the recipient is not known or the designation is still required to appear on the label.
+E.g. Attention CEO, General Manager, the household owner, etc.</xs:documentation>
+								</xs:annotation>
+								<xs:complexType>
+									<xs:simpleContent>
+										<xs:extension base="ct:String">
+											<xs:anyAttribute namespace="##other" processContents="lax"/>
+										</xs:extension>
+									</xs:simpleContent>
+								</xs:complexType>
+							</xs:element>
+							<xs:element ref="xnl:PartyName" minOccurs="0"/>
+							<xs:element name="DependencyName" minOccurs="0" maxOccurs="unbounded">
+								<xs:annotation>
+									<xs:documentation>The main name has a relationship with a dependant name.
+The dependant name should be put under this element and the relationship described.
+E.g. Eastbourne Goats Trust in care of Wellingon Lawers Ltd., Ram Kumar, C/O Sakthisoft, etc</xs:documentation>
+								</xs:annotation>
+								<xs:complexType>
+									<xs:complexContent>
+										<xs:extension base="xnl:PartyNameType">
+											<xs:attribute name="Type" type="DependencyTypeList" use="required">
+												<xs:annotation>
+													<xs:documentation>This attribute describes the nature/type of  relationship between the main name and the dependency. E.g. 'C/O', 'in care of' or 'a son of'.</xs:documentation>
+												</xs:annotation>
+											</xs:attribute>
+										</xs:extension>
+									</xs:complexContent>
+								</xs:complexType>
+							</xs:element>
+						</xs:sequence>
+						<xs:attributeGroup ref="ct:grLanguageCode"/>
+						<xs:anyAttribute namespace="##other" processContents="lax"/>
+					</xs:complexType>
+				</xs:element>
+				<xs:element ref="xal:Address"/>
+			</xs:sequence>
+			<xs:attribute name="Status" type="ct:StatusList">
+				<xs:annotation>
+					<xs:documentation>Status of the entity. e.g. Old, Current, Inactive, Active, etc</xs:documentation>
+				</xs:annotation>
+			</xs:attribute>
+			<xs:attributeGroup ref="ct:grValidityDate"/>
+			<xs:attributeGroup ref="ct:grDataQuality"/>
+			<xs:attributeGroup ref="ct:grLanguageCode"/>
+			<xs:anyAttribute namespace="##other" processContents="lax"/>
+		</xs:complexType>
+	</xs:element>
+</xs:schema>
diff --git a/stix_validator/schema/external/oasis_ciq_3.0/xNL-types.xsd b/stix_validator/schema/external/oasis_ciq_3.0/xNL-types.xsd
new file mode 100755
index 0000000..6210448
--- /dev/null
+++ b/stix_validator/schema/external/oasis_ciq_3.0/xNL-types.xsd
@@ -0,0 +1,222 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<xs:schema xmlns="urn:oasis:names:tc:ciq:xnl:3" xmlns:xs="http://www.w3.org/2001/XMLSchema" targetNamespace="urn:oasis:names:tc:ciq:xnl:3" elementFormDefault="qualified" attributeFormDefault="qualified">
+	<xs:annotation>
+		<xs:documentation> 
+		Specification Name: OASIS CIQ TC - extensible Name Language Types (xNL-types)
+		Description: Defines the W3C schema that provides enumeration lists to support xNL v3.0
+		(Using XML Schema based standard code list/enumeration mechanism - OPTION 1 AND DEFAULT)
+		Produced by: OASIS Customer Information Quality Technical Committee
+		URL: http://www.oasis-open.org/committees/ciq
+		Version: 3.0  
+		Status: Committee Specification CS02
+		Copyright: 2007-09, OASIS, http://www.oasis-open.org
+		Last Modified: 20 September 2008
+		Last Modified by: Ram Kumar, Chair, OASIS CIQ TC 
+		
+		NOTE: This is the schema that users can customise the enumeration lists to meet their
+		exchange requirements. The enumeration values provided are ONLY SAMPLES and 
+		is not complete. It is upto the application to decide what the values should be.  To achieve 
+		interoperability between applications using this specification, it is recommended that an
+		SLA/agreement is in place as to what the enumeration values will be used in this file 
+		</xs:documentation>
+		<xs:documentation>Please note: These schemas have been modified by the STIX team to support remote validation. The only change made is to the schemaLocation attribute(s).</xs:documentation>
+	</xs:annotation>
+	<xs:simpleType name="JointNameConnectorList">
+		<xs:annotation>
+			<xs:documentation>A list of possible values for joint name connector</xs:documentation>
+		</xs:annotation>
+		<xs:restriction base="xs:normalizedString"/>
+	</xs:simpleType>
+	<xs:simpleType name="NameLineTypeList">
+		<xs:annotation>
+			<xs:documentation>A list of possible values for types of name lines</xs:documentation>
+		</xs:annotation>
+		<xs:restriction base="xs:normalizedString"/>
+	</xs:simpleType>
+	<xs:simpleType name="PartyNameIDTypeList">
+		<xs:annotation>
+			<xs:documentation>A list of all types of Party Name IDs</xs:documentation>
+		</xs:annotation>
+		<xs:restriction base="xs:normalizedString"/>
+	</xs:simpleType>
+	<xs:simpleType name="PartyNameUsageList">
+		<xs:annotation>
+			<xs:documentation>A list of usage types of party name</xs:documentation>
+		</xs:annotation>
+		<xs:restriction base="xs:string"/>
+	</xs:simpleType>
+	<xs:simpleType name="PersonNameElementList">
+		<xs:annotation>
+			<xs:documentation>A list of person name element types, e.g. First Name, Last Name, Title, etc.</xs:documentation>
+		</xs:annotation>
+		<xs:restriction base="xs:normalizedString">
+			<xs:enumeration value="PrecedingTitle">
+				<xs:annotation>
+					<xs:documentation>His Excellency, Honorable, etc.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Title">
+				<xs:annotation>
+					<xs:documentation>A title signifies some sort of status, such as Mr, Miss, Ms (marriage status), or education such as Professor, PhD, Dr, etc.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="FirstName">
+				<xs:annotation>
+					<xs:documentation>The most important name element by which this particular individual is identified in the group. E.g. John, Sam, Brian for Anglo-Saxon cultures.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="MiddleName">
+				<xs:annotation>
+					<xs:documentation>Name elements related to additional identification of the individual, such as names are parents or places.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="LastName">
+				<xs:annotation>
+					<xs:documentation>Name element that identifies the group the individual belongs to and is identified by, such as Last Name, Surname, Family Name, etc. </xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="OtherName">
+				<xs:annotation>
+					<xs:documentation>Any other additional names that are not directly used to identify or call the individual, such as names of ancestors, saints, etc.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Alias">
+				<xs:annotation>
+					<xs:documentation>A simple nick name that is commonly used as part of the name. E.g. a fancy kick-boxer can be commonly known as Bill "Storm" Bababoons, where "Storm" is obviously an alias.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="GenerationIdentifier">
+				<xs:annotation>
+					<xs:documentation>Junior, Senior, The Second, IV,  etc.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Degree"/>
+		</xs:restriction>
+	</xs:simpleType>
+	<xs:simpleType name="PersonNameUsageList">
+		<xs:annotation>
+			<xs:documentation>A list of usage types of person name</xs:documentation>
+		</xs:annotation>
+		<xs:restriction base="xs:normalizedString"/>
+	</xs:simpleType>
+	<xs:simpleType name="PersonIDTypeList">
+		<xs:annotation>
+			<xs:documentation>A list of all types of person name IDs</xs:documentation>
+		</xs:annotation>
+		<xs:restriction base="xs:normalizedString"/>
+	</xs:simpleType>
+	<xs:simpleType name="OrganisationIDTypeList">
+		<xs:annotation>
+			<xs:documentation>A list of all types of organisation name IDs</xs:documentation>
+		</xs:annotation>
+		<xs:restriction base="xs:normalizedString"/>
+	</xs:simpleType>
+	<xs:simpleType name="OrganisationNameElementList">
+		<xs:annotation>
+			<xs:documentation>A list of organisation name element types, e.g. Name, propriety type, liability type, etc.</xs:documentation>
+		</xs:annotation>
+		<xs:restriction base="xs:normalizedString">
+			<xs:enumeration value="NameOnly">
+				<xs:annotation>
+					<xs:documentation>"Sakthisoft" in "Sakthisoft Pty. Ltd". "Pty.Ltd" is the legal entity for the organisation name "Sakthisoft"</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="TypeOnly">
+				<xs:annotation>
+					<xs:documentation>"Pty. Ltd" in Sakthisoft Pty.Ltd, where "Sakthisoft" is the name of the organisation.
+
+""Inc" in ABC Inc, where "ABC" is organisation name</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="FullName">
+				<xs:annotation>
+					<xs:documentation>Full Name of the organisation. e.g. Sakthisoft Pty. Ltd</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+		</xs:restriction>
+	</xs:simpleType>
+	<xs:simpleType name="OrganisationNameUsageList">
+		<xs:annotation>
+			<xs:documentation>A list of usage types for organisation name</xs:documentation>
+		</xs:annotation>
+		<xs:restriction base="xs:normalizedString"/>
+	</xs:simpleType>
+	<xs:simpleType name="PersonNameTypeList">
+		<xs:annotation>
+			<xs:documentation>A list of common types for person names</xs:documentation>
+		</xs:annotation>
+		<xs:restriction base="xs:normalizedString">
+			<xs:enumeration value="Alias"/>
+			<xs:enumeration value="LegalName"/>
+			<xs:enumeration value="KnownAs"/>
+			<xs:enumeration value="MaidenName">
+				<xs:annotation>
+					<xs:documentation>Name of an individual before marriage.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="FormerName">
+				<xs:annotation>
+					<xs:documentation>Former name of the person</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="CommonUse">
+				<xs:annotation>
+					<xs:documentation>Name that is commonly used by others, e.g. a simplified form of the official name.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="NameAtBirth">
+				<xs:annotation>
+					<xs:documentation>A name given to an individual at birth, but later changed (common in some cultures)</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="PreferredName">
+				<xs:annotation>
+					<xs:documentation>Indicates that the party prefers to be called by this name</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="OfficialName">
+				<xs:annotation>
+					<xs:documentation>An official name of the person, e.g. as in the passport. incorporation certificate, etc.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="UnofficialName"/>
+			<xs:enumeration value="NickName"/>
+			<xs:enumeration value="PetName"/>
+		</xs:restriction>
+	</xs:simpleType>
+	<xs:simpleType name="OrganisationNameTypeList">
+		<xs:annotation>
+			<xs:documentation>A list of common types for organisation names</xs:documentation>
+		</xs:annotation>
+		<xs:restriction base="xs:normalizedString">
+			<xs:enumeration value="LegalName"/>
+			<xs:enumeration value="FormerName">
+				<xs:annotation>
+					<xs:documentation>Former name of the organisation</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="CommonUse"/>
+			<xs:enumeration value="PublishingName"/>
+			<xs:enumeration value="OfficialName"/>
+			<xs:enumeration value="UnofficialName"/>
+			<xs:enumeration value="Undefined">
+				<xs:annotation>
+					<xs:documentation>unknown</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+		</xs:restriction>
+	</xs:simpleType>
+	<xs:simpleType name="SubDivisionTypeList">
+		<xs:annotation>
+			<xs:documentation>A list of common types for subdivisions</xs:documentation>
+		</xs:annotation>
+		<xs:restriction base="xs:normalizedString">
+			<xs:enumeration value="Department"/>
+			<xs:enumeration value="Division"/>
+			<xs:enumeration value="Branch"/>
+			<xs:enumeration value="BusinessUnit"/>
+			<xs:enumeration value="School"/>
+			<xs:enumeration value="Section"/>
+		</xs:restriction>
+	</xs:simpleType>
+</xs:schema>
diff --git a/stix_validator/schema/external/oasis_ciq_3.0/xNL.xsd b/stix_validator/schema/external/oasis_ciq_3.0/xNL.xsd
new file mode 100755
index 0000000..e5b44c0
--- /dev/null
+++ b/stix_validator/schema/external/oasis_ciq_3.0/xNL.xsd
@@ -0,0 +1,284 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<xs:schema xmlns="urn:oasis:names:tc:ciq:xnl:3" xmlns:xs="http://www.w3.org/2001/XMLSchema" xmlns:xlink="http://www.w3.org/1999/xlink" xmlns:ct="urn:oasis:names:tc:ciq:ct:3" targetNamespace="urn:oasis:names:tc:ciq:xnl:3" elementFormDefault="qualified" attributeFormDefault="qualified">
+	<xs:annotation>
+		<xs:documentation> 
+		Specification Name: OASIS CIQ TC - extensible Name Language (xNL) 
+		Description: Defines the W3C schema for representing party names (Person or Organisation)
+		(Using XML Schema based standard code list/enumeration mechanism - OPTION 1 AND DEFAULT)
+		Produced by: OASIS Customer Information Quality Technical Committee
+		URL: http://www.oasis-open.org/committees/ciq
+		Version: 3.0  
+		Status: Committee Specification CS02
+		Copyright: 2007-09, OASIS, http://www.oasis-open.org
+		Last Modified: 20 September 2008
+		Last Modified by: Ram Kumar, Chair, OASIS CIQ TC 
+		
+		NOTE: Do not modify this schema as it will break specifications compatibility 
+		</xs:documentation>
+		<xs:documentation>Please note: These schemas have been modified by the STIX team to support remote validation. The only change made is to the schemaLocation attribute(s).</xs:documentation>
+	</xs:annotation>
+	<xs:include schemaLocation="xNL-types.xsd"/>
+	<xs:import namespace="urn:oasis:names:tc:ciq:ct:3" schemaLocation="CommonTypes.xsd"/>
+	<xs:import namespace="http://www.w3.org/1999/xlink" schemaLocation="xlink-2003-12-31.xsd"/>
+	<xs:attributeGroup name="grNameKey">
+		<xs:annotation>
+			<xs:documentation>Reference to another Person Name or Organisation Name with primary and foreign key reinforcement. </xs:documentation>
+		</xs:annotation>
+		<xs:attribute name="NameKey" type="ct:String">
+			<xs:annotation>
+				<xs:documentation>A primary key to reference Party Name.</xs:documentation>
+			</xs:annotation>
+		</xs:attribute>
+		<xs:attribute name="NameKeyRef" type="ct:String">
+			<xs:annotation>
+				<xs:documentation>A foreign key to reference attribute Key of Party Name.</xs:documentation>
+			</xs:annotation>
+		</xs:attribute>
+	</xs:attributeGroup>
+	<xs:complexType name="PartyNameType">
+		<xs:annotation>
+			<xs:documentation>Reusable complex type for a party. A party is a person or an organisation</xs:documentation>
+		</xs:annotation>
+		<xs:sequence>
+			<xs:element ref="NameLine" minOccurs="0" maxOccurs="unbounded"/>
+			<xs:element name="PersonName" minOccurs="0" maxOccurs="unbounded">
+				<xs:annotation>
+					<xs:documentation>Container for person name details. Same person with many types (e.g. alias, pet name, nick name)  of names can be used by this container.  </xs:documentation>
+				</xs:annotation>
+				<xs:complexType>
+					<xs:complexContent>
+						<xs:extension base="PersonNameType"/>
+					</xs:complexContent>
+				</xs:complexType>
+			</xs:element>
+			<xs:element name="OrganisationName" minOccurs="0" maxOccurs="unbounded">
+				<xs:annotation>
+					<xs:documentation>A container for organisation name details. Same organisaion with many types of names can be used by this container</xs:documentation>
+				</xs:annotation>
+				<xs:complexType>
+					<xs:complexContent>
+						<xs:extension base="OrganisationNameType"/>
+					</xs:complexContent>
+				</xs:complexType>
+			</xs:element>
+		</xs:sequence>
+		<xs:attribute name="PartyNameID" type="ct:String">
+			<xs:annotation>
+				<xs:documentation>A unique identifier of a party</xs:documentation>
+			</xs:annotation>
+		</xs:attribute>
+		<xs:attribute name="PartyNameIDType" type="PartyNameIDTypeList">
+			<xs:annotation>
+				<xs:documentation>Type of Party Name ID</xs:documentation>
+			</xs:annotation>
+		</xs:attribute>
+		<xs:attribute name="ID" type="ct:String">
+			<xs:annotation>
+				<xs:documentation>Globally unique identifier</xs:documentation>
+			</xs:annotation>
+		</xs:attribute>
+		<xs:attribute name="Usage" type="PartyNameUsageList">
+			<xs:annotation>
+				<xs:documentation>Tye of use of this data. e.g. data exchange, contact, update, create</xs:documentation>
+			</xs:annotation>
+		</xs:attribute>
+		<xs:attribute name="Status" type="ct:StatusList">
+			<xs:annotation>
+				<xs:documentation>Status of the entity. e.g. Old, Current, Inactive, Active, etc</xs:documentation>
+			</xs:annotation>
+		</xs:attribute>
+		<xs:attribute name="JointNameConnector" type="JointNameConnectorList">
+			<xs:annotation>
+				<xs:documentation>The connector used to join more than one person name. Example: Mr Hunt AND Mrs Clark, where AND is the JointNameConnector. The flow is from the preceding to the following. If there is more than 2 names then all names are connected using this connector in the natural order.</xs:documentation>
+			</xs:annotation>
+		</xs:attribute>
+		<xs:attributeGroup ref="ct:grValidityDate"/>
+		<xs:attributeGroup ref="grNameKey"/>
+		<xs:attribute ref="xlink:type"/>
+		<xs:attribute ref="xlink:label"/>
+		<xs:attribute ref="xlink:href"/>
+		<xs:attributeGroup ref="ct:grDataQuality"/>
+		<xs:attributeGroup ref="ct:grLanguageCode"/>
+		<xs:anyAttribute namespace="##other" processContents="lax"/>
+	</xs:complexType>
+	<xs:complexType name="PersonNameType">
+		<xs:annotation>
+			<xs:documentation>Reusable complex type</xs:documentation>
+		</xs:annotation>
+		<xs:sequence>
+			<xs:element name="NameElement" minOccurs="0" maxOccurs="unbounded">
+				<xs:annotation>
+					<xs:documentation>Name or part of a name. </xs:documentation>
+				</xs:annotation>
+				<xs:complexType>
+					<xs:simpleContent>
+						<xs:extension base="ct:String">
+							<xs:attribute name="ElementType" type="PersonNameElementList">
+								<xs:annotation>
+									<xs:documentation>Clarifies the meaning of the element.Could be first name, middle name, etc. that is defined in the List list. Omit this attribute if the type of the name element is not known.</xs:documentation>
+								</xs:annotation>
+							</xs:attribute>
+							<xs:attributeGroup ref="ct:grAbbreviation"/>
+							<xs:anyAttribute namespace="##other" processContents="lax"/>
+						</xs:extension>
+					</xs:simpleContent>
+				</xs:complexType>
+			</xs:element>
+		</xs:sequence>
+		<xs:attribute name="Type" type="PersonNameTypeList">
+			<xs:annotation>
+				<xs:documentation>Enumerated list of type of name.  example: Alias, Nick Name, former name, known as, etc</xs:documentation>
+			</xs:annotation>
+		</xs:attribute>
+		<xs:attribute name="PersonID" type="ct:String">
+			<xs:annotation>
+				<xs:documentation>A unique identifier of a person</xs:documentation>
+			</xs:annotation>
+		</xs:attribute>
+		<xs:attribute name="PersonIDType" type="PersonIDTypeList">
+			<xs:annotation>
+				<xs:documentation>Type of identifier</xs:documentation>
+			</xs:annotation>
+		</xs:attribute>
+		<xs:attribute name="ID" type="ct:String">
+			<xs:annotation>
+				<xs:documentation>Globally unique identifier</xs:documentation>
+			</xs:annotation>
+		</xs:attribute>
+		<xs:attribute name="Usage" type="PersonNameUsageList">
+			<xs:annotation>
+				<xs:documentation>Usage of a person name. How is it used and for what purpose. Allows user which name in a set of names to select for a given purpose.
+e.g. used for legal purposes</xs:documentation>
+			</xs:annotation>
+		</xs:attribute>
+		<xs:attribute name="Status" type="ct:StatusList">
+			<xs:annotation>
+				<xs:documentation>Status of the entity. e.g. Old, Current, Inactive, Active, etc</xs:documentation>
+			</xs:annotation>
+		</xs:attribute>
+		<xs:attributeGroup ref="ct:grValidityDate"/>
+		<xs:attributeGroup ref="grNameKey"/>
+		<xs:attribute ref="xlink:type"/>
+		<xs:attribute ref="xlink:label"/>
+		<xs:attribute ref="xlink:href"/>
+		<xs:attributeGroup ref="ct:grDataQuality"/>
+		<xs:attributeGroup ref="ct:grLanguageCode"/>
+		<xs:anyAttribute namespace="##other" processContents="lax"/>
+	</xs:complexType>
+	<xs:complexType name="OrganisationNameType">
+		<xs:annotation>
+			<xs:documentation>Reusable complex type</xs:documentation>
+		</xs:annotation>
+		<xs:sequence>
+			<xs:element name="NameElement" minOccurs="0" maxOccurs="unbounded">
+				<xs:annotation>
+					<xs:documentation>Name of the organisation. E.g. ACME Inc.</xs:documentation>
+				</xs:annotation>
+				<xs:complexType>
+					<xs:simpleContent>
+						<xs:extension base="ct:String">
+							<xs:attribute name="ElementType" type="OrganisationNameElementList">
+								<xs:annotation>
+									<xs:documentation>Clarifies the meaning of the element. Example: name, type . Omit this attribute if the type of the name element is not known.</xs:documentation>
+								</xs:annotation>
+							</xs:attribute>
+							<xs:attributeGroup ref="ct:grAbbreviation"/>
+							<xs:anyAttribute namespace="##other" processContents="lax"/>
+						</xs:extension>
+					</xs:simpleContent>
+				</xs:complexType>
+			</xs:element>
+			<xs:element name="SubDivisionName" minOccurs="0" maxOccurs="unbounded">
+				<xs:annotation>
+					<xs:documentation>Name of a subdivision of an organisation (e.g. department) </xs:documentation>
+				</xs:annotation>
+				<xs:complexType>
+					<xs:simpleContent>
+						<xs:extension base="ct:String">
+							<xs:attribute name="Type" type="SubDivisionTypeList">
+								<xs:annotation>
+									<xs:documentation>Type of sub division. e.g. department, warehouse, branch</xs:documentation>
+								</xs:annotation>
+							</xs:attribute>
+							<xs:attributeGroup ref="ct:grAbbreviation"/>
+							<xs:anyAttribute namespace="##other" processContents="lax"/>
+						</xs:extension>
+					</xs:simpleContent>
+				</xs:complexType>
+			</xs:element>
+		</xs:sequence>
+		<xs:attribute name="Type" type="OrganisationNameTypeList">
+			<xs:annotation>
+				<xs:documentation>Enumerated list of common types of aliases or name types.</xs:documentation>
+			</xs:annotation>
+		</xs:attribute>
+		<xs:attribute name="OrganisationID" type="ct:String">
+			<xs:annotation>
+				<xs:documentation>A unique identifier of an organisation</xs:documentation>
+			</xs:annotation>
+		</xs:attribute>
+		<xs:attribute name="OrganisationIDType" type="OrganisationIDTypeList">
+			<xs:annotation>
+				<xs:documentation>Type of identifier</xs:documentation>
+			</xs:annotation>
+		</xs:attribute>
+		<xs:attribute name="ID" type="ct:String">
+			<xs:annotation>
+				<xs:documentation>Globally unique identifer</xs:documentation>
+			</xs:annotation>
+		</xs:attribute>
+		<xs:attribute name="Usage" type="OrganisationNameUsageList">
+			<xs:annotation>
+				<xs:documentation>Usage of organisation name. How is it used and for what purpose. Allows user which name in a set of names to select for a given purpose.
+e.g. used for legal purposes</xs:documentation>
+			</xs:annotation>
+		</xs:attribute>
+		<xs:attribute name="Status" type="ct:StatusList">
+			<xs:annotation>
+				<xs:documentation>Status of the entity. e.g. Old, Current, Inactive, Active, etc</xs:documentation>
+			</xs:annotation>
+		</xs:attribute>
+		<xs:attributeGroup ref="ct:grValidityDate"/>
+		<xs:attributeGroup ref="grNameKey"/>
+		<xs:attribute ref="xlink:type"/>
+		<xs:attribute ref="xlink:label"/>
+		<xs:attribute ref="xlink:href"/>
+		<xs:attributeGroup ref="ct:grDataQuality"/>
+		<xs:attributeGroup ref="ct:grLanguageCode"/>
+		<xs:anyAttribute namespace="##other" processContents="lax"/>
+	</xs:complexType>
+	<xs:element name="NameLine">
+		<xs:annotation>
+			<xs:documentation>Define name as a free format text. Use this when the type of the entity (person or organisation) is unknown, or is not broken down into individual elements (e.g. unstructured, unparsed) or is beyond the provided types. The name represented may be formatted in the right order or may not be as it is not parsed/broken into atomic fields</xs:documentation>
+		</xs:annotation>
+		<xs:complexType>
+			<xs:simpleContent>
+				<xs:extension base="ct:String">
+					<xs:attribute name="Type" type="NameLineTypeList">
+						<xs:annotation>
+							<xs:documentation>Type define what this free format name line could mean. For example, the Type could be "Unknown" </xs:documentation>
+						</xs:annotation>
+					</xs:attribute>
+					<xs:attributeGroup ref="ct:grAbbreviation"/>
+					<xs:attributeGroup ref="ct:grDataQuality"/>
+					<xs:anyAttribute namespace="##other" processContents="lax"/>
+				</xs:extension>
+			</xs:simpleContent>
+		</xs:complexType>
+	</xs:element>
+	<xs:element name="PartyName" type="PartyNameType">
+		<xs:annotation>
+			<xs:documentation>Container for defining a name of a Person, an Organisation or combination of the above as a joint name.</xs:documentation>
+		</xs:annotation>
+	</xs:element>
+	<xs:element name="PersonName" type="PersonNameType">
+		<xs:annotation>
+			<xs:documentation>Person Name</xs:documentation>
+		</xs:annotation>
+	</xs:element>
+	<xs:element name="OrganisationName" type="OrganisationNameType">
+		<xs:annotation>
+			<xs:documentation>Organisation Name</xs:documentation>
+		</xs:annotation>
+	</xs:element>
+</xs:schema>
diff --git a/stix_validator/schema/external/oasis_ciq_3.0/xPIL-types.xsd b/stix_validator/schema/external/oasis_ciq_3.0/xPIL-types.xsd
new file mode 100755
index 0000000..6a481ab
--- /dev/null
+++ b/stix_validator/schema/external/oasis_ciq_3.0/xPIL-types.xsd
@@ -0,0 +1,854 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<xs:schema xmlns="urn:oasis:names:tc:ciq:xpil:3" xmlns:xs="http://www.w3.org/2001/XMLSchema" targetNamespace="urn:oasis:names:tc:ciq:xpil:3" elementFormDefault="qualified" attributeFormDefault="qualified">
+	<xs:annotation>
+		<xs:documentation> 
+		Specification Name: OASIS CIQ TC - extensible Party Information Language Types (xPIL-types)
+		Description: Defines the W3C schema that provides enumeration lists to support
+		xPIL. 
+		(Using XML Schema based standard code list/enumeration mechanism - OPTION 1 AND DEFAULT)
+		Produced by: OASIS Customer Information Quality Technical Committee
+		URL: http://www.oasis-open.org/committees/ciq
+		Version: 3.0  
+		Status: Committee Specification CS02
+		Copyright: 2007-09, OASIS, http://www.oasis-open.org
+		Last Modified: 20 September 2008
+		Last Modified by: Ram Kumar, Chair, OASIS CIQ TC 
+		
+		NOTE: This is the schema that users can customise the enumeration lists to meet their
+		exchange requirements. The enumeration values provided are ONLY SAMPLES and 
+		is not complete. It is upto the application to decide what the values should be. To achieve 
+		interoperability between applications using this specification, it is recommended that an
+		SLA/agreement is in place as to what the enumeration values will be used in this file 
+		</xs:documentation>
+		<xs:documentation>Please note: These schemas have been modified by the STIX team to support remote validation. The only change made is to the schemaLocation attribute(s).</xs:documentation>
+	</xs:annotation>
+	<xs:simpleType name="AccountElementList">
+		<xs:annotation>
+			<xs:documentation>List of information types used for account details</xs:documentation>
+		</xs:annotation>
+		<xs:restriction base="xs:normalizedString">
+			<xs:enumeration value="AccountID">
+				<xs:annotation>
+					<xs:documentation>The unique name, number or mixed account identifier, e.g. bank account number</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="IssuingAuthority">
+				<xs:annotation>
+					<xs:documentation>The organisation that assigns and manages the account, e.g. a bank, power supplier, etc.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="AccountType">
+				<xs:annotation>
+					<xs:documentation>Commonly recognised names, such as IRD number (for NZ), SSN (for US), ABN (for AU), etc.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="AccountBranch"/>
+			<xs:enumeration value="IssuingCountryName">
+				<xs:annotation>
+					<xs:documentation>The country that issued the account</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+		</xs:restriction>
+	</xs:simpleType>
+	<xs:simpleType name="AccountOwnershipTypeList">
+		<xs:annotation>
+			<xs:documentation>List of types of account ownerships</xs:documentation>
+		</xs:annotation>
+		<xs:restriction base="xs:time"/>
+	</xs:simpleType>
+	<xs:simpleType name="AccountTypeList">
+		<xs:annotation>
+			<xs:documentation>List of types of accounts</xs:documentation>
+		</xs:annotation>
+		<xs:restriction base="xs:normalizedString"/>
+	</xs:simpleType>
+	<xs:simpleType name="BloodGroupList">
+		<xs:annotation>
+			<xs:documentation>List of types of blood groups</xs:documentation>
+		</xs:annotation>
+		<xs:restriction base="xs:normalizedString">
+			<xs:enumeration value="A+"/>
+			<xs:enumeration value="A-"/>
+			<xs:enumeration value="B+"/>
+			<xs:enumeration value="B-"/>
+			<xs:enumeration value="AB+"/>
+			<xs:enumeration value="AB-"/>
+			<xs:enumeration value="O+"/>
+			<xs:enumeration value="O-"/>
+		</xs:restriction>
+	</xs:simpleType>
+	<xs:simpleType name="BodyMarkPartList">
+		<xs:annotation>
+			<xs:documentation>List of body parts for marks</xs:documentation>
+		</xs:annotation>
+		<xs:restriction base="xs:normalizedString"/>
+	</xs:simpleType>
+	<xs:simpleType name="BodyMarkPartLocationList">
+		<xs:annotation>
+			<xs:documentation>List of locations on the body parts where the marks are found</xs:documentation>
+		</xs:annotation>
+		<xs:restriction base="xs:normalizedString"/>
+	</xs:simpleType>
+	<xs:simpleType name="BirthInfoElementList">
+		<xs:annotation>
+			<xs:documentation>List of information types used for birth information</xs:documentation>
+		</xs:annotation>
+		<xs:restriction base="xs:normalizedString">
+			<xs:enumeration value="BirthStar">
+				<xs:annotation>
+					<xs:documentation>Commonly used in some oriental cultures</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="BirthPlace">
+				<xs:annotation>
+					<xs:documentation>A free text descriprion of the birth place, e.g. country name, region, etc.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="BirthSign">
+				<xs:annotation>
+					<xs:documentation>Specific to some cultures</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+		</xs:restriction>
+	</xs:simpleType>
+	<xs:simpleType name="CommunicationMediaTypeList">
+		<xs:annotation>
+			<xs:documentation>List of communication media types used for contact purposes</xs:documentation>
+		</xs:annotation>
+		<xs:restriction base="xs:normalizedString">
+			<xs:enumeration value="Cellphone"/>
+			<xs:enumeration value="Fax"/>
+			<xs:enumeration value="Pager"/>
+			<xs:enumeration value="Telephone"/>
+			<xs:enumeration value="VOIP"/>
+		</xs:restriction>
+	</xs:simpleType>
+	<xs:simpleType name="ContactNumberElementList">
+		<xs:annotation>
+			<xs:documentation>List of information types used for phone number details</xs:documentation>
+		</xs:annotation>
+		<xs:restriction base="xs:normalizedString">
+			<xs:enumeration value="CountryCode">
+				<xs:annotation>
+					<xs:documentation>Code to dial to a country. E.g. 1 for US, 44 for UK</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="AreaCode">
+				<xs:annotation>
+					<xs:documentation>Code to dial an area within a country. For example: "02" for Sydney, "03" for Melbourne</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="LocalNumber">
+				<xs:annotation>
+					<xs:documentation>Local number as would be used by others within the same dialing area.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Extension">
+				<xs:annotation>
+					<xs:documentation>An extension to the number that is usually handled by some PABX</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Pin">
+				<xs:annotation>
+					<xs:documentation>E.g. special access code</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Separator">
+				<xs:annotation>
+					<xs:documentation>Any text that is not part of the phone number, but has some informational content, e.g. Ext. </xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="NationalNumber">
+				<xs:annotation>
+					<xs:documentation>Area code with local number if one line. May include national access numbers.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="InternationalNumber">
+				<xs:annotation>
+					<xs:documentation>Full international number in one line. May include international access numbers.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+		</xs:restriction>
+	</xs:simpleType>
+	<xs:simpleType name="ContactNumberUsageList">
+		<xs:annotation>
+			<xs:documentation>List of types of uses of contact number</xs:documentation>
+		</xs:annotation>
+		<xs:restriction base="xs:normalizedString"/>
+	</xs:simpleType>
+	<xs:simpleType name="DisabilityCauseList">
+		<xs:annotation>
+			<xs:documentation>List of causes of disability</xs:documentation>
+		</xs:annotation>
+		<xs:restriction base="xs:normalizedString"/>
+	</xs:simpleType>
+	<xs:simpleType name="DocumentElementList">
+		<xs:annotation>
+			<xs:documentation>List of information types used for document details</xs:documentation>
+		</xs:annotation>
+		<xs:restriction base="xs:normalizedString">
+			<xs:enumeration value="DocumentID">
+				<xs:annotation>
+					<xs:documentation>Usually the number of the document, which can be alphanumeric</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="DocumentName">
+				<xs:annotation>
+					<xs:documentation>Name of the document.e.g. VISA, MASTERCARD for credit cards</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Privilege">
+				<xs:annotation>
+					<xs:documentation>A privilege the holder of the document was grunted. E.g. security access level</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Restriction">
+				<xs:annotation>
+					<xs:documentation>A restriction imposed on the holder of the document. E.g. learners license</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="GroupName">
+				<xs:annotation>
+					<xs:documentation>A name of a larger group that recognises this document or supports it.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="VerificationCode">
+				<xs:annotation>
+					<xs:documentation>Verirfication/security code as in credit card</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Category">
+				<xs:annotation>
+					<xs:documentation>Category of the document such as Donor Type in License,
+Gold Card, Silver Card, Platinum Card, etc</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="IssuePlace">
+				<xs:annotation>
+					<xs:documentation>Place of issue of the document. e.g.  Sydney, Australia</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="AccessCode">
+				<xs:annotation>
+					<xs:documentation>Access/Security code of the document</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Type">
+				<xs:annotation>
+					<xs:documentation>Use this if the enumeration list for type of document is not used.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+		</xs:restriction>
+	</xs:simpleType>
+	<xs:simpleType name="DocumentTypeList">
+		<xs:annotation>
+			<xs:documentation>List of types of documents </xs:documentation>
+		</xs:annotation>
+		<xs:restriction base="xs:normalizedString">
+			<xs:enumeration value="Passport"/>
+			<xs:enumeration value="DriverLicense"/>
+			<xs:enumeration value="CreditCard"/>
+			<xs:enumeration value="BankCard"/>
+			<xs:enumeration value="KeyCard"/>
+			<xs:enumeration value="AccessCard"/>
+			<xs:enumeration value="IdentificationCard"/>
+			<xs:enumeration value="Certificate"/>
+			<xs:enumeration value="MileageProgram"/>
+		</xs:restriction>
+	</xs:simpleType>
+	<xs:simpleType name="ElectronicAddressIdentifierTypeList">
+		<xs:annotation>
+			<xs:documentation>List of electronic address identifiers</xs:documentation>
+		</xs:annotation>
+		<xs:restriction base="xs:normalizedString">
+			<xs:enumeration value="AIM"/>
+			<xs:enumeration value="EMAIL"/>
+			<xs:enumeration value="GOOGLE"/>
+			<xs:enumeration value="GIZMO"/>
+			<xs:enumeration value="ICQ"/>
+			<xs:enumeration value="JABBER"/>
+			<xs:enumeration value="MSN"/>
+			<xs:enumeration value="SIP"/>
+			<xs:enumeration value="SKYPE"/>
+			<xs:enumeration value="URL"/>
+			<xs:enumeration value="XRI"/>
+			<xs:enumeration value="YAHOO"/>
+		</xs:restriction>
+	</xs:simpleType>
+	<xs:simpleType name="ElectronicAddressIdentifierUsageList">
+		<xs:annotation>
+			<xs:documentation>List of types of use of electronic address identifiers</xs:documentation>
+		</xs:annotation>
+		<xs:restriction base="xs:normalizedString"/>
+	</xs:simpleType>
+	<xs:simpleType name="EventTypeList">
+		<xs:annotation>
+			<xs:documentation>List of type of events</xs:documentation>
+		</xs:annotation>
+		<xs:restriction base="xs:normalizedString"/>
+	</xs:simpleType>
+	<xs:simpleType name="FeatureTypeList">
+		<xs:annotation>
+			<xs:documentation>List of person's physical features </xs:documentation>
+		</xs:annotation>
+		<xs:restriction base="xs:normalizedString">
+			<xs:enumeration value="Weight"/>
+			<xs:enumeration value="Height"/>
+			<xs:enumeration value="HairColour"/>
+			<xs:enumeration value="EyeColour"/>
+			<xs:enumeration value="SkinColour"/>
+			<xs:enumeration value="Waist"/>
+			<xs:enumeration value="Breast"/>
+			<xs:enumeration value="Hip"/>
+		</xs:restriction>
+	</xs:simpleType>
+	<xs:simpleType name="FreeTextLineTypeList">
+		<xs:annotation>
+			<xs:documentation>List of types for free text lines for defining party characteristics as free format text</xs:documentation>
+		</xs:annotation>
+		<xs:restriction base="xs:normalizedString"/>
+	</xs:simpleType>
+	<xs:simpleType name="GenderList">
+		<xs:annotation>
+			<xs:documentation>List of type of gender</xs:documentation>
+		</xs:annotation>
+		<xs:restriction base="xs:normalizedString"/>
+	</xs:simpleType>
+	<xs:simpleType name="HabitTypeList">
+		<xs:annotation>
+			<xs:documentation>List of type/category of habit</xs:documentation>
+		</xs:annotation>
+		<xs:restriction base="xs:normalizedString"/>
+	</xs:simpleType>
+	<xs:simpleType name="HobbyTypeList">
+		<xs:annotation>
+			<xs:documentation>List of type/category of hobby</xs:documentation>
+		</xs:annotation>
+		<xs:restriction base="xs:normalizedString"/>
+	</xs:simpleType>
+	<xs:simpleType name="IndustryCodeList">
+		<xs:annotation>
+			<xs:documentation>List if industry code</xs:documentation>
+		</xs:annotation>
+		<xs:restriction base="xs:normalizedString"/>
+	</xs:simpleType>
+	<xs:simpleType name="IndustryTypeList">
+		<xs:annotation>
+			<xs:documentation>List of industry type</xs:documentation>
+		</xs:annotation>
+		<xs:restriction base="xs:normalizedString"/>
+	</xs:simpleType>
+	<xs:simpleType name="LanguagePreferenceList">
+		<xs:annotation>
+			<xs:documentation>Lit of preference to use the language e.g. speak, read, write</xs:documentation>
+		</xs:annotation>
+		<xs:restriction base="xs:normalizedString"/>
+	</xs:simpleType>
+	<xs:simpleType name="LanguageSkillsList">
+		<xs:annotation>
+			<xs:documentation>List of types of skills on languages</xs:documentation>
+		</xs:annotation>
+		<xs:restriction base="xs:normalizedString">
+			<xs:enumeration value="No"/>
+			<xs:enumeration value="Fluent"/>
+			<xs:enumeration value="Excellent"/>
+			<xs:enumeration value="Good"/>
+			<xs:enumeration value="Bad"/>
+			<xs:enumeration value="Average"/>
+			<xs:enumeration value="Fair"/>
+		</xs:restriction>
+	</xs:simpleType>
+	<xs:simpleType name="LanguageTypeList">
+		<xs:annotation>
+			<xs:documentation>Type of language e.g. by birth, by education</xs:documentation>
+		</xs:annotation>
+		<xs:restriction base="xs:normalizedString"/>
+	</xs:simpleType>
+	<xs:simpleType name="MaritalStatusList">
+		<xs:annotation>
+			<xs:documentation>List of types of marital status</xs:documentation>
+		</xs:annotation>
+		<xs:restriction base="xs:normalizedString"/>
+	</xs:simpleType>
+	<xs:simpleType name="MembershipElementList">
+		<xs:annotation>
+			<xs:documentation>List of information types used for describing a membership</xs:documentation>
+		</xs:annotation>
+		<xs:restriction base="xs:normalizedString">
+			<xs:enumeration value="MembershipNumber">
+				<xs:annotation>
+					<xs:documentation>Membership identifier, e.g. membership number or some other type of ID</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Privilege">
+				<xs:annotation>
+					<xs:documentation>A privilege that the member can enjoy as part of the membership. E.g. access to free events.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Restriction">
+				<xs:annotation>
+					<xs:documentation>A restriction that the membership imposes on the member, e.g. do not smoke.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="GroupName">
+				<xs:annotation>
+					<xs:documentation>Larger group or alliance name the membership provides access to.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Category">
+				<xs:annotation>
+					<xs:documentation>Category of the membership such as Gold, Silver, Platinum, etc</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Type">
+				<xs:annotation>
+					<xs:documentation>Use this if the enumeration list for type of memberhsip is not used.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="IssuingCountryName">
+				<xs:annotation>
+					<xs:documentation>The country that issues the membership</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Role">
+				<xs:annotation>
+					<xs:documentation>Role in membership for a person , e.g. secretary, President, treasurer</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+		</xs:restriction>
+	</xs:simpleType>
+	<xs:simpleType name="MembershipTypeList">
+		<xs:annotation>
+			<xs:documentation>List of types of memberships</xs:documentation>
+		</xs:annotation>
+		<xs:restriction base="xs:normalizedString"/>
+	</xs:simpleType>
+	<xs:simpleType name="NationalityTypeList">
+		<xs:annotation>
+			<xs:documentation>List of types of obtaining nationality</xs:documentation>
+		</xs:annotation>
+		<xs:restriction base="xs:normalizedString"/>
+	</xs:simpleType>
+	<xs:simpleType name="NumberTypeList">
+		<xs:annotation>
+			<xs:documentation>List of name types for commonly used Number type</xs:documentation>
+		</xs:annotation>
+		<xs:restriction base="xs:normalizedString">
+			<xs:enumeration value="RangeFrom">
+				<xs:annotation>
+					<xs:documentation>Indicates that the element contains the lower value of a range, e.g. 25 in 25-37</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Range">
+				<xs:annotation>
+					<xs:documentation>Indicates that the value is a range, e.g. 25-37</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="RangeTo">
+				<xs:annotation>
+					<xs:documentation>Indicates that the element contains the top value of a range, e.g. 25 in 25-37</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Prefix">
+				<xs:annotation>
+					<xs:documentation>Indicates that the element contains some value that is important, but not exactly the number itself. E.g. A250, where A is the prefix to the number 250</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Suffix">
+				<xs:annotation>
+					<xs:documentation>Indocates that the element contains some value that is important, but not exactly the number itself. E.g. 'bis' in '45 bis'</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Number">
+				<xs:annotation>
+					<xs:documentation>Indicates that the value is number, e.g. 2020 in ID 2020. The actual value can be alpha-numeric. </xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Separator">
+				<xs:annotation>
+					<xs:documentation>Indicates that the value is a separator that is expected to be preserved. Examples are / - #, etc.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Extension">
+				<xs:annotation>
+					<xs:documentation>Indicates that the value is an extension number of some identifier, e.g. 01 in ID 2330-01. 01 could be mean a specific semantics</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+		</xs:restriction>
+	</xs:simpleType>
+	<xs:simpleType name="OccupationElementList">
+		<xs:annotation>
+			<xs:documentation>List of information types used for describing an occupation</xs:documentation>
+		</xs:annotation>
+		<xs:restriction base="xs:normalizedString">
+			<xs:enumeration value="Role">
+				<xs:annotation>
+					<xs:documentation>The actual role the person carries out.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="PositionTitle"/>
+			<xs:enumeration value="ReportsTo">
+				<xs:annotation>
+					<xs:documentation>Name, role or position who the person reports to.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="EmploymentType">
+				<xs:annotation>
+					<xs:documentation>E.g. full-time, part-time, temporary, contract, etc.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="CostCentre">
+				<xs:annotation>
+					<xs:documentation>Commonly used identifier for accounting purposes.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Rank">
+				<xs:annotation>
+					<xs:documentation>A rank in some ranking system, e.g. private, major, superintendant, Justice, etc.This is different from role</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+		</xs:restriction>
+	</xs:simpleType>
+	<xs:simpleType name="OrganisationCategoryTypeList">
+		<xs:annotation>
+			<xs:documentation>List of category the oranisation belongs to</xs:documentation>
+		</xs:annotation>
+		<xs:restriction base="xs:normalizedString">
+			<xs:enumeration value="Vendor"/>
+			<xs:enumeration value="GovernmentAgency"/>
+			<xs:enumeration value="University"/>
+			<xs:enumeration value="College"/>
+			<xs:enumeration value="School"/>
+			<xs:enumeration value="Club"/>
+			<xs:enumeration value="Association"/>
+			<xs:enumeration value="Consortium"/>
+			<xs:enumeration value="Company"/>
+		</xs:restriction>
+	</xs:simpleType>
+	<xs:simpleType name="OrganisationInfoNatureList">
+		<xs:annotation>
+			<xs:documentation>List of organisation nature of business</xs:documentation>
+		</xs:annotation>
+		<xs:restriction base="xs:normalizedString"/>
+	</xs:simpleType>
+	<xs:simpleType name="OrganisationInfoTypeList">
+		<xs:annotation>
+			<xs:documentation>List of type of organisation</xs:documentation>
+		</xs:annotation>
+		<xs:restriction base="xs:normalizedString"/>
+	</xs:simpleType>
+	<xs:simpleType name="OrganisationRelationshipTypeList">
+		<xs:annotation>
+			<xs:documentation>List of relationship types with an organisation</xs:documentation>
+		</xs:annotation>
+		<xs:restriction base="xs:normalizedString"/>
+	</xs:simpleType>
+	<xs:simpleType name="OrganisationDetailsUsageList">
+		<xs:annotation>
+			<xs:documentation>Type of use of organisation details data</xs:documentation>
+		</xs:annotation>
+		<xs:restriction base="xs:string"/>
+	</xs:simpleType>
+	<xs:simpleType name="PartyIDTypeList">
+		<xs:annotation>
+			<xs:documentation>List of types of party identifiers</xs:documentation>
+		</xs:annotation>
+		<xs:restriction base="xs:normalizedString"/>
+	</xs:simpleType>
+	<xs:simpleType name="PartyIdentifierElementList">
+		<xs:annotation>
+			<xs:documentation>List of information types used for describing party identifiers</xs:documentation>
+		</xs:annotation>
+		<xs:restriction base="xs:normalizedString">
+			<xs:enumeration value="Identifier"/>
+			<xs:enumeration value="IssuingCountryName"/>
+		</xs:restriction>
+	</xs:simpleType>
+	<xs:simpleType name="PartyIdentifierTypeList">
+		<xs:annotation>
+			<xs:documentation>List of identifier types</xs:documentation>
+		</xs:annotation>
+		<xs:restriction base="xs:normalizedString">
+			<xs:enumeration value="TaxID"/>
+			<xs:enumeration value="CompanyID"/>
+			<xs:enumeration value="NationalID"/>
+			<xs:enumeration value="RegistrationID"/>
+		</xs:restriction>
+	</xs:simpleType>
+	<xs:simpleType name="PartyTypeList">
+		<xs:annotation>
+			<xs:documentation>Organisation or Person</xs:documentation>
+		</xs:annotation>
+		<xs:restriction base="xs:normalizedString"/>
+	</xs:simpleType>
+	<xs:simpleType name="PartyUsageList">
+		<xs:annotation>
+			<xs:documentation>List of type of use of party data</xs:documentation>
+		</xs:annotation>
+		<xs:restriction base="xs:string"/>
+	</xs:simpleType>
+	<xs:simpleType name="PersonCategoryTypeList">
+		<xs:annotation>
+			<xs:documentation>List of category the person belongs to</xs:documentation>
+		</xs:annotation>
+		<xs:restriction base="xs:normalizedString">
+			<xs:enumeration value="ExistingCustomer"/>
+			<xs:enumeration value="PotentialCustomer"/>
+			<xs:enumeration value="Employee"/>
+			<xs:enumeration value="Friend"/>
+		</xs:restriction>
+	</xs:simpleType>
+	<xs:simpleType name="PersonDetailsUsageList">
+		<xs:annotation>
+			<xs:documentation>List of type of use of person details data</xs:documentation>
+		</xs:annotation>
+		<xs:restriction base="xs:string"/>
+	</xs:simpleType>
+	<xs:simpleType name="PersonEthnicityList">
+		<xs:annotation>
+			<xs:documentation>List of ethnicity of person</xs:documentation>
+		</xs:annotation>
+		<xs:restriction base="xs:normalizedString"/>
+	</xs:simpleType>
+	<xs:simpleType name="PersonFavouriteTypeList">
+		<xs:annotation>
+			<xs:documentation>List of favourites of the person</xs:documentation>
+		</xs:annotation>
+		<xs:restriction base="xs:normalizedString"/>
+	</xs:simpleType>
+	<xs:simpleType name="PhysicalInfoFreeTextTypeList">
+		<xs:annotation>
+			<xs:documentation>List of type of physical info for free text</xs:documentation>
+		</xs:annotation>
+		<xs:restriction base="xs:normalizedString"/>
+	</xs:simpleType>
+	<xs:simpleType name="PhysicalStatusList">
+		<xs:annotation>
+			<xs:documentation>List of physical status of a person</xs:documentation>
+		</xs:annotation>
+		<xs:restriction base="xs:normalizedString"/>
+	</xs:simpleType>
+	<xs:simpleType name="PersonRelationshipTypeList">
+		<xs:annotation>
+			<xs:documentation>Type of relationship with a person</xs:documentation>
+		</xs:annotation>
+		<xs:restriction base="xs:normalizedString"/>
+	</xs:simpleType>
+	<xs:simpleType name="PreferenceTypeList">
+		<xs:annotation>
+			<xs:documentation>Type of preferences of a person</xs:documentation>
+		</xs:annotation>
+		<xs:restriction base="xs:normalizedString"/>
+	</xs:simpleType>
+	<xs:simpleType name="QualificationElementList">
+		<xs:annotation>
+			<xs:documentation>List of information types used for describing a qualification</xs:documentation>
+		</xs:annotation>
+		<xs:restriction base="xs:normalizedString">
+			<xs:enumeration value="QualificationName">
+				<xs:annotation>
+					<xs:documentation>Free text name of the qualification</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="MajorSubject">
+				<xs:annotation>
+					<xs:documentation>Name of the major subject of the qualification</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="MinorSubject">
+				<xs:annotation>
+					<xs:documentation>Name of a minor subject of the qualification</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Grade">
+				<xs:annotation>
+					<xs:documentation>Grade (average?, percentage? ) achieved with the qualification.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="CourseDuration">
+				<xs:annotation>
+					<xs:documentation>Free text description of the duration of the course, e.g. 4 years, 1 month, etc.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="CompletionDate">
+				<xs:annotation>
+					<xs:documentation>Free text description of the date when the qualification was completed to the best known precision.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Award">
+				<xs:annotation>
+					<xs:documentation>Award, or distinction that was awarded to the graduate, e.g. honors.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Restriction">
+				<xs:annotation>
+					<xs:documentation>Restrictions imposed on the graduate, e.g. not valid before completion of 2 year practical work under supervision.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Registration">
+				<xs:annotation>
+					<xs:documentation>Details of any professional registration if required for practicing, e.g. for pharmacists, electricians, medical professionals.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="WayOfStudy">
+				<xs:annotation>
+					<xs:documentation>Full time, part time, evening classes, extramural, etc.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+		</xs:restriction>
+	</xs:simpleType>
+	<xs:simpleType name="ReligionList">
+		<xs:annotation>
+			<xs:documentation>List of religions of person</xs:documentation>
+		</xs:annotation>
+		<xs:restriction base="xs:normalizedString"/>
+	</xs:simpleType>
+	<xs:simpleType name="ResidencyTypeList">
+		<xs:annotation>
+			<xs:documentation>List of residency statusof person</xs:documentation>
+		</xs:annotation>
+		<xs:restriction base="xs:normalizedString"/>
+	</xs:simpleType>
+	<xs:simpleType name="RevenueCurrencyCodeList">
+		<xs:annotation>
+			<xs:documentation>Type of currency codes for revienue</xs:documentation>
+		</xs:annotation>
+		<xs:restriction base="xs:normalizedString"/>
+	</xs:simpleType>
+	<xs:simpleType name="RevenueSourceList">
+		<xs:annotation>
+			<xs:documentation>Type of sources of revenue</xs:documentation>
+		</xs:annotation>
+		<xs:restriction base="xs:normalizedString"/>
+	</xs:simpleType>
+	<xs:simpleType name="RevenueTypeList">
+		<xs:annotation>
+			<xs:documentation>Type of revenue </xs:documentation>
+		</xs:annotation>
+		<xs:restriction base="xs:normalizedString"/>
+	</xs:simpleType>
+	<xs:simpleType name="UnitTypeList">
+		<xs:annotation>
+			<xs:documentation>List of type of units for measurement</xs:documentation>
+		</xs:annotation>
+		<xs:restriction base="xs:normalizedString"/>
+	</xs:simpleType>
+	<xs:simpleType name="VehicleInfoElementList">
+		<xs:annotation>
+			<xs:documentation>List of information types used for describing a vehicle</xs:documentation>
+		</xs:annotation>
+		<xs:restriction base="xs:normalizedString">
+			<xs:enumeration value="Make">
+				<xs:annotation>
+					<xs:documentation>Free text make description, e.g. Toyota, Ford</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Model">
+				<xs:annotation>
+					<xs:documentation>Free text model description, e.g. Pajero, Falcon, etc. May include make as in Ford Falcon or Mitsubishi Pajero. If the make information is included then do not put the make as a separate element qualified with Make.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="ManufactureDate">
+				<xs:annotation>
+					<xs:documentation>Free text data which can be a full date or a year.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="EngineNumber">
+				<xs:annotation>
+					<xs:documentation>Free text engine number</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="ChassisNumber">
+				<xs:annotation>
+					<xs:documentation>Free text chassis number</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="BodyNumber">
+				<xs:annotation>
+					<xs:documentation>Free text body number</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="LicensePlateNumber">
+				<xs:annotation>
+					<xs:documentation>Free text license plate number</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="LicensePlateType">
+				<xs:annotation>
+					<xs:documentation>Number plate types are different. e.g. standard, premier, diplomat, etc</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Colour"/>
+			<xs:enumeration value="BodyType">
+				<xs:annotation>
+					<xs:documentation>Type of body. e.g. Sedan, Ute, Station wagon, 2 door, etc</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Type">
+				<xs:annotation>
+					<xs:documentation>Use this if the enumeration list for type of vehicle is not used.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+		</xs:restriction>
+	</xs:simpleType>
+	<xs:simpleType name="VehicleTypeList">
+		<xs:annotation>
+			<xs:documentation>List of types of vehicles</xs:documentation>
+		</xs:annotation>
+		<xs:restriction base="xs:normalizedString"/>
+	</xs:simpleType>
+	<xs:simpleType name="VisaElementList">
+		<xs:annotation>
+			<xs:documentation>List of information types used for describing a visa</xs:documentation>
+		</xs:annotation>
+		<xs:restriction base="xs:normalizedString">
+			<xs:enumeration value="Type">
+				<xs:annotation>
+					<xs:documentation>Type of visa. e.g. Tourist, Visitor, Student</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Number"/>
+			<xs:enumeration value="Code">
+				<xs:annotation>
+					<xs:documentation>Some visas are known by its code number. e.g. B1, E3, H-1, Class X1</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Country">
+				<xs:annotation>
+					<xs:documentation>Name of the country for which the visa is issued to.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="IssuePlace">
+				<xs:annotation>
+					<xs:documentation>Free text description of the issuing place, e.g. country name and office name or country name and the city. For example US Embassy, Prague,
+Australia, Sydney</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="MaximumStay">
+				<xs:annotation>
+					<xs:documentation>Free text description of the length of maximum stay. E.g. 1 week, 2 months, etc.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Restriction">
+				<xs:annotation>
+					<xs:documentation>Any restrictions imposed on the visa holder, e.g. not for employment, cannot work for more than 20 hours</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Privilege">
+				<xs:annotation>
+					<xs:documentation>Any privileges granted to the visa holder, e.g. departure fee waived, etc.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="SpecialCondition">
+				<xs:annotation>
+					<xs:documentation>Any special conditions imposed on the visa holder. e.g. Not allowed to work for more than 10 hours a week</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="EntryType">
+				<xs:annotation>
+					<xs:documentation>Single Entry, Multiple Entry, Double Entry, etc</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+		</xs:restriction>
+	</xs:simpleType>
+</xs:schema>
diff --git a/stix_validator/schema/external/oasis_ciq_3.0/xPIL.xsd b/stix_validator/schema/external/oasis_ciq_3.0/xPIL.xsd
new file mode 100755
index 0000000..3befc5d
--- /dev/null
+++ b/stix_validator/schema/external/oasis_ciq_3.0/xPIL.xsd
@@ -0,0 +1,1621 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<xs:schema xmlns:a="urn:oasis:names:tc:ciq:xal:3" xmlns:n="urn:oasis:names:tc:ciq:xnl:3" xmlns="urn:oasis:names:tc:ciq:xpil:3" xmlns:xs="http://www.w3.org/2001/XMLSchema" xmlns:xlink="http://www.w3.org/1999/xlink" xmlns:ct="urn:oasis:names:tc:ciq:ct:3" targetNamespace="urn:oasis:names:tc:ciq:xpil:3" elementFormDefault="qualified" attributeFormDefault="qualified">
+	<xs:annotation>
+		<xs:documentation> 
+		Specification Name: OASIS CIQ TC - extensible Party Information Language (xPIL) 
+		Description: Defines the W3C schema for representing party information (unique identifiers)
+		including 	party name and address
+		(Using XML Schema based standard code list/enumeration mechanism - OPTION 1 AND DEFAULT)
+		Produced by: OASIS Customer Information Quality Technical Committee
+		URL: http://www.oasis-open.org/committees/ciq
+		Version: 3.0  
+		Status: Committee Specification CS02
+		Copyright: 2007-09, OASIS, http://www.oasis-open.org
+		Last Modified: 20 September 2008
+		Last Modified by: Ram Kumar, Chair, OASIS CIQ TC 
+		
+		NOTE: Do not modify this schema as it will break specifications compatibility 
+		</xs:documentation>
+		<xs:documentation>Please note: These schemas have been modified by the STIX team to support remote validation. The only change made is to the schemaLocation attribute(s).</xs:documentation>
+	</xs:annotation>
+	<xs:import namespace="http://www.w3.org/1999/xlink" schemaLocation="xlink-2003-12-31.xsd"/>
+	<xs:import namespace="urn:oasis:names:tc:ciq:ct:3" schemaLocation="CommonTypes.xsd"/>
+	<xs:import namespace="urn:oasis:names:tc:ciq:xnl:3" schemaLocation="xNL.xsd"/>
+	<xs:import namespace="urn:oasis:names:tc:ciq:xal:3" schemaLocation="xAL.xsd"/>
+	<xs:include schemaLocation="xPIL-types.xsd"/>
+	<!--*************** KEY TOP LEVEL ELEMENTS ********************-->
+	<xs:element name="Party" type="PartyType">
+		<xs:annotation>
+			<xs:documentation>A container for defining the unique characteristics of a party, which can be a person or organisation</xs:documentation>
+		</xs:annotation>
+	</xs:element>
+	<xs:element name="PersonDetails">
+		<xs:annotation>
+			<xs:documentation>A container for defining the unique characteristics of a person only</xs:documentation>
+		</xs:annotation>
+		<xs:complexType>
+			<xs:complexContent>
+				<xs:extension base="PersonDetailsType"/>
+			</xs:complexContent>
+		</xs:complexType>
+	</xs:element>
+	<xs:element name="OrganisationDetails" type="OrganisationDetailsType">
+		<xs:annotation>
+			<xs:documentation>A container for defining the unique characteristics of an organisation only</xs:documentation>
+		</xs:annotation>
+	</xs:element>
+	<!--**************** COMPLEX TYPES ********************************-->
+	<xs:complexType name="PartyType">
+		<xs:annotation>
+			<xs:documentation>A container for defining the unique characteristics of a party, which can be a person or organisation</xs:documentation>
+		</xs:annotation>
+		<xs:sequence>
+			<xs:element ref="FreeTextLines" minOccurs="0"/>
+			<xs:element ref="PartyName" minOccurs="0"/>
+			<xs:element ref="Addresses" minOccurs="0"/>
+			<xs:element ref="Accounts" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>A container to define the accounts details of the party such as utility account, financil accounts</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element ref="ContactNumbers" minOccurs="0"/>
+			<xs:element ref="Documents" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>A container for identification document and cards of the party that are unique to the party. e.g. license, identification card, credit card, etc</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element ref="ElectronicAddressIdentifiers" minOccurs="0"/>
+			<xs:element ref="Events" minOccurs="0"/>
+			<xs:element ref="Identifiers" minOccurs="0"/>
+			<xs:element ref="Memberships" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>A container for memberships of party with other organisations (e.g. industry groups) or social networks (clubs, association, etc)</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element ref="Relationships" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>Relationships with other parties (persons or organisations, and the nature of relationship). Examples:
+- For person: Contacts, blood relatives, friends, referees, customers, etc
+- for Organisation: Subsidiary, Parent company, Branches, Divisions, Partners, etc</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element ref="Revenues" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>Container for income / revenue information of the party (salary/organisation revenue)</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element ref="Stocks" minOccurs="0"/>
+			<xs:element ref="Vehicles" minOccurs="0"/>
+			<xs:element ref="OrganisationInfo" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>Container for other organisation specific details that are not covered in this schema that are common to a party</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element ref="PersonInfo" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>Container for other person specific details that are not covered in this schema elements that are common to a party</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element ref="BirthInfo" minOccurs="0"/>
+			<xs:element ref="CountriesOfResidence" minOccurs="0"/>
+			<xs:element ref="Favourites" minOccurs="0"/>
+			<xs:element ref="Habits" minOccurs="0"/>
+			<xs:element ref="Hobbies" minOccurs="0"/>
+			<xs:element ref="Languages" minOccurs="0"/>
+			<xs:element ref="Nationalities" minOccurs="0"/>
+			<xs:element ref="Occupations" minOccurs="0"/>
+			<xs:element ref="PhysicalInfo" minOccurs="0"/>
+			<xs:element ref="Preferences" minOccurs="0"/>
+			<xs:element ref="Qualifications" minOccurs="0"/>
+			<xs:element ref="Visas" minOccurs="0"/>
+		</xs:sequence>
+		<xs:attribute name="PartyType" type="PartyTypeList">
+			<xs:annotation>
+				<xs:documentation>Type of Party. e.g. Person or an organisation. An organisation could be university, college, club, association, company, etc</xs:documentation>
+			</xs:annotation>
+		</xs:attribute>
+		<xs:attribute name="PartyID" type="ct:String">
+			<xs:annotation>
+				<xs:documentation>A unique identifier for party</xs:documentation>
+			</xs:annotation>
+		</xs:attribute>
+		<xs:attribute name="PartyIDType" type="PartyIDTypeList">
+			<xs:annotation>
+				<xs:documentation>Type of PartyID</xs:documentation>
+			</xs:annotation>
+		</xs:attribute>
+		<xs:attribute name="ID" type="ct:String">
+			<xs:annotation>
+				<xs:documentation>A globally unique identifier assigned to party</xs:documentation>
+			</xs:annotation>
+		</xs:attribute>
+		<xs:attribute name="Usage" type="PartyUsageList">
+			<xs:annotation>
+				<xs:documentation>Type of use of party date. e.g. exchange, update, create</xs:documentation>
+			</xs:annotation>
+		</xs:attribute>
+		<xs:attribute name="Status" type="ct:StatusList">
+			<xs:annotation>
+				<xs:documentation>Status of the entity. e.g. Old, Current, Inactive, Active, etc</xs:documentation>
+			</xs:annotation>
+		</xs:attribute>
+		<xs:attributeGroup ref="ct:grValidityDate"/>
+		<xs:attribute name="PartyKey" type="ct:String">
+			<xs:annotation>
+				<xs:documentation>A primary key to reference Party.</xs:documentation>
+			</xs:annotation>
+		</xs:attribute>
+		<xs:attribute name="PartyKeyRef" type="ct:String">
+			<xs:annotation>
+				<xs:documentation>A foreign key to reference attribute Key of Party.</xs:documentation>
+			</xs:annotation>
+		</xs:attribute>
+		<xs:attribute ref="xlink:type"/>
+		<xs:attribute ref="xlink:label"/>
+		<xs:attribute ref="xlink:href"/>
+		<xs:attributeGroup ref="ct:grDataQuality"/>
+		<xs:attributeGroup ref="ct:grLanguageCode"/>
+		<xs:anyAttribute namespace="##other" processContents="lax"/>
+	</xs:complexType>
+	<xs:complexType name="PersonDetailsType">
+		<xs:annotation>
+			<xs:documentation>A container for defining the unique characteristics of a person only</xs:documentation>
+		</xs:annotation>
+		<xs:sequence>
+			<xs:element ref="FreeTextLines" minOccurs="0"/>
+			<xs:element ref="n:PersonName" maxOccurs="unbounded"/>
+			<xs:element ref="Addresses" minOccurs="0"/>
+			<xs:element ref="Accounts" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>A container to define the accounts details of the party such as utility account, financil accounts</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element ref="ContactNumbers" minOccurs="0"/>
+			<xs:element ref="Documents" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>A container for identification document and cards of the party that are unique to the party. e.g. license, identification card, credit card, etc</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element ref="ElectronicAddressIdentifiers" minOccurs="0"/>
+			<xs:element ref="Events" minOccurs="0"/>
+			<xs:element ref="Identifiers" minOccurs="0"/>
+			<xs:element ref="Memberships" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>A container for memberships of party with other organisations (e.g. industry groups) or social networks (clubs, association, etc)</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element ref="Relationships" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>Relationships with other parties (persons or organisations, and the nature of relationship). Examples:
+- For person: Contacts, blood relatives, friends, referees, customers, etc
+- for Organisation: Subsidiary, Parent company, Branches, Divisions, Partners, etc</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element ref="Revenues" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>Container for income / revenue information of the party (salary/organisation revenue)</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element ref="Stocks" minOccurs="0"/>
+			<xs:element ref="Vehicles" minOccurs="0"/>
+			<xs:element ref="PersonInfo" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>Container for other person specific details that are not covered in this schema elements that are common to a party</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element ref="BirthInfo" minOccurs="0"/>
+			<xs:element ref="CountriesOfResidence" minOccurs="0"/>
+			<xs:element ref="Favourites" minOccurs="0"/>
+			<xs:element ref="Habits" minOccurs="0"/>
+			<xs:element ref="Hobbies" minOccurs="0"/>
+			<xs:element ref="Languages" minOccurs="0"/>
+			<xs:element ref="Nationalities" minOccurs="0"/>
+			<xs:element ref="Occupations" minOccurs="0"/>
+			<xs:element ref="PhysicalInfo" minOccurs="0"/>
+			<xs:element ref="Preferences" minOccurs="0"/>
+			<xs:element ref="Qualifications" minOccurs="0"/>
+			<xs:element ref="Visas" minOccurs="0"/>
+		</xs:sequence>
+		<xs:attribute name="Usage" type="PersonDetailsUsageList">
+			<xs:annotation>
+				<xs:documentation>Type of use of this data. e.g. data exchange, contact, update, create</xs:documentation>
+			</xs:annotation>
+		</xs:attribute>
+		<xs:attribute name="Status" type="ct:StatusList">
+			<xs:annotation>
+				<xs:documentation>Status of the organisation details</xs:documentation>
+			</xs:annotation>
+		</xs:attribute>
+		<xs:attributeGroup ref="ct:grValidityDate"/>
+		<xs:attribute name="PersonDetailsKey" type="ct:String">
+			<xs:annotation>
+				<xs:documentation>A primary key to reference Person Details.</xs:documentation>
+			</xs:annotation>
+		</xs:attribute>
+		<xs:attribute name="PersonDetailsKeyRef" type="ct:String">
+			<xs:annotation>
+				<xs:documentation>A foreign key to reference attribute Key of Person Details.</xs:documentation>
+			</xs:annotation>
+		</xs:attribute>
+		<xs:attributeGroup ref="ct:grDataQuality"/>
+		<xs:attributeGroup ref="ct:grLanguageCode"/>
+		<xs:anyAttribute namespace="##other"/>
+	</xs:complexType>
+	<xs:complexType name="OrganisationDetailsType">
+		<xs:annotation>
+			<xs:documentation>A container for defining the unique characteristics of an organisation only</xs:documentation>
+		</xs:annotation>
+		<xs:sequence>
+			<xs:element ref="FreeTextLines" minOccurs="0"/>
+			<xs:element ref="n:OrganisationName" maxOccurs="unbounded"/>
+			<xs:element ref="Addresses" minOccurs="0"/>
+			<xs:element ref="Accounts" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>A container to define the accounts details of the party such as utility account, financil accounts</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element ref="ContactNumbers" minOccurs="0"/>
+			<xs:element ref="Documents" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>A container for identification document and cards of the party that are unique to the party. e.g. license, identification card, credit card, etc</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element ref="ElectronicAddressIdentifiers" minOccurs="0"/>
+			<xs:element ref="Events" minOccurs="0"/>
+			<xs:element ref="Identifiers" minOccurs="0"/>
+			<xs:element ref="Memberships" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>A container for memberships of party with other organisations (e.g. industry groups) or social networks (clubs, association, etc)</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element ref="Relationships" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>Relationships with other parties (persons or organisations, and the nature of relationship). Examples:
+- For person: Contacts, blood relatives, friends, referees, customers, etc
+- for Organisation: Subsidiary, Parent company, Branches, Divisions, Partners, etc</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element ref="Revenues" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>Container for income / revenue information of the party (salary/organisation revenue)</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element ref="Stocks" minOccurs="0"/>
+			<xs:element ref="Vehicles" minOccurs="0"/>
+			<xs:element ref="OrganisationInfo" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>Container for other person specific details that are not covered in this schema elements that are common to a party</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+		</xs:sequence>
+		<xs:attribute name="Usage" type="OrganisationDetailsUsageList">
+			<xs:annotation>
+				<xs:documentation>Type of use of this data. e.g. data exchange, contact, update, create</xs:documentation>
+			</xs:annotation>
+		</xs:attribute>
+		<xs:attribute name="Status" type="ct:StatusList">
+			<xs:annotation>
+				<xs:documentation>Status of the organisation details</xs:documentation>
+			</xs:annotation>
+		</xs:attribute>
+		<xs:attributeGroup ref="ct:grValidityDate"/>
+		<xs:attribute name="OrganisationDetailsKey" type="ct:String">
+			<xs:annotation>
+				<xs:documentation>A primary key to reference Organisation Details.</xs:documentation>
+			</xs:annotation>
+		</xs:attribute>
+		<xs:attribute name="OrganisationDetailsKeyRef" type="ct:String">
+			<xs:annotation>
+				<xs:documentation>A foreign key to reference attribute Key of Organisation Details.</xs:documentation>
+			</xs:annotation>
+		</xs:attribute>
+		<xs:attribute ref="xlink:type"/>
+		<xs:attribute ref="xlink:label"/>
+		<xs:attribute ref="xlink:href"/>
+		<xs:attributeGroup ref="ct:grDataQuality"/>
+		<xs:attributeGroup ref="ct:grLanguageCode"/>
+		<xs:anyAttribute namespace="##other"/>
+	</xs:complexType>
+	<!--**************** SECOND LEVEL ELEMENTS FOR REUSE - COMMON ELEMENTS VALID AND REUSABLE FOR BOTH PERSON AND ORGANISATION ***************************-->
+	<xs:element name="FreeTextLines">
+		<xs:annotation>
+			<xs:documentation>Free text description of the party as line 1, line 2, line n. </xs:documentation>
+		</xs:annotation>
+		<xs:complexType>
+			<xs:sequence>
+				<xs:element name="FreeTextLine" maxOccurs="unbounded">
+					<xs:complexType>
+						<xs:simpleContent>
+							<xs:extension base="ct:String">
+								<xs:attribute name="Type" type="FreeTextLineTypeList">
+									<xs:annotation>
+										<xs:documentation>Type (semantics or category) of free text data </xs:documentation>
+									</xs:annotation>
+								</xs:attribute>
+								<xs:attributeGroup ref="ct:grDataQuality"/>
+								<xs:anyAttribute namespace="##other" processContents="lax"/>
+							</xs:extension>
+						</xs:simpleContent>
+					</xs:complexType>
+				</xs:element>
+			</xs:sequence>
+			<xs:anyAttribute namespace="##other" processContents="lax"/>
+		</xs:complexType>
+	</xs:element>
+	<xs:element name="Accounts">
+		<xs:annotation>
+			<xs:documentation>A container to define the accounts details of the party</xs:documentation>
+		</xs:annotation>
+		<xs:complexType>
+			<xs:sequence>
+				<xs:element name="Account" maxOccurs="unbounded">
+					<xs:annotation>
+						<xs:documentation>Account details such as bank account, customer account with utilities</xs:documentation>
+					</xs:annotation>
+					<xs:complexType>
+						<xs:sequence>
+							<xs:element name="AccountElement" minOccurs="0" maxOccurs="unbounded">
+								<xs:annotation>
+									<xs:documentation>Information about the account</xs:documentation>
+								</xs:annotation>
+								<xs:complexType>
+									<xs:simpleContent>
+										<xs:extension base="ct:String">
+											<xs:attribute name="Type" type="AccountElementList">
+												<xs:annotation>
+													<xs:documentation>If present, specifies the type of the information provided as text value of the element.</xs:documentation>
+												</xs:annotation>
+											</xs:attribute>
+											<xs:anyAttribute namespace="##other" processContents="lax"/>
+										</xs:extension>
+									</xs:simpleContent>
+								</xs:complexType>
+							</xs:element>
+							<xs:element name="Organisation" minOccurs="0">
+								<xs:annotation>
+									<xs:documentation>Reference to a Party element that describes the organisation where the account is held.</xs:documentation>
+								</xs:annotation>
+								<xs:complexType>
+									<xs:complexContent>
+										<xs:extension base="n:OrganisationNameType"/>
+									</xs:complexContent>
+								</xs:complexType>
+							</xs:element>
+						</xs:sequence>
+						<xs:attribute name="Type" type="AccountTypeList">
+							<xs:annotation>
+								<xs:documentation>Type of account. e.g. bank, customer, employee, etc</xs:documentation>
+							</xs:annotation>
+						</xs:attribute>
+						<xs:attribute name="OwnershipType" type="AccountOwnershipTypeList">
+							<xs:annotation>
+								<xs:documentation>Joint, Individual, corporate, etc.</xs:documentation>
+							</xs:annotation>
+						</xs:attribute>
+						<xs:attribute name="Status" type="ct:StatusList">
+							<xs:annotation>
+								<xs:documentation>Status of the entity. e.g. Old, Current, Inactive, Active, etc</xs:documentation>
+							</xs:annotation>
+						</xs:attribute>
+						<xs:attributeGroup ref="ct:grValidityDate"/>
+						<xs:attributeGroup ref="ct:grDataQuality"/>
+						<xs:anyAttribute namespace="##other" processContents="lax"/>
+					</xs:complexType>
+				</xs:element>
+			</xs:sequence>
+			<xs:anyAttribute namespace="##other" processContents="lax"/>
+		</xs:complexType>
+	</xs:element>
+	<xs:element name="Addresses">
+		<xs:annotation>
+			<xs:documentation>A container for all party addresses</xs:documentation>
+		</xs:annotation>
+		<xs:complexType>
+			<xs:sequence>
+				<xs:element name="Address" maxOccurs="unbounded">
+					<xs:complexType>
+						<xs:complexContent>
+							<xs:extension base="a:AddressType"/>
+						</xs:complexContent>
+					</xs:complexType>
+				</xs:element>
+			</xs:sequence>
+			<xs:anyAttribute namespace="##other" processContents="lax"/>
+		</xs:complexType>
+	</xs:element>
+	<xs:element name="ContactNumbers">
+		<xs:annotation>
+			<xs:documentation>A container for all kinds of telecommunication lines of party used for contact purposes. e.g. phone, fax, mobile, pager, etc.</xs:documentation>
+		</xs:annotation>
+		<xs:complexType>
+			<xs:sequence>
+				<xs:element name="ContactNumber" maxOccurs="unbounded">
+					<xs:annotation>
+						<xs:documentation>Universal telecommunication number structure</xs:documentation>
+					</xs:annotation>
+					<xs:complexType>
+						<xs:sequence>
+							<xs:element name="ContactNumberElement" minOccurs="0" maxOccurs="unbounded">
+								<xs:annotation>
+									<xs:documentation>Full contact number or part of it</xs:documentation>
+								</xs:annotation>
+								<xs:complexType>
+									<xs:simpleContent>
+										<xs:extension base="ct:String">
+											<xs:attribute name="Type" type="ContactNumberElementList">
+												<xs:annotation>
+													<xs:documentation>If present, specifies type of the information provdied as text value of the element.</xs:documentation>
+												</xs:annotation>
+											</xs:attribute>
+											<xs:anyAttribute namespace="##other" processContents="lax"/>
+										</xs:extension>
+									</xs:simpleContent>
+								</xs:complexType>
+							</xs:element>
+						</xs:sequence>
+						<xs:attribute name="CommunicationMediaType" type="CommunicationMediaTypeList">
+							<xs:annotation>
+								<xs:documentation>Free text explanation of the communication line type. e.g. telephone, land line, mobile, fax, pager, etc</xs:documentation>
+							</xs:annotation>
+						</xs:attribute>
+						<xs:attribute name="Status" type="ct:StatusList">
+							<xs:annotation>
+								<xs:documentation>Status of the entity. e.g. Old, Current, Inactive, Active, etc</xs:documentation>
+								<xs:documentation>Current Status of Contact Number</xs:documentation>
+							</xs:annotation>
+						</xs:attribute>
+						<xs:attribute name="Usage" type="ContactNumberUsageList">
+							<xs:annotation>
+								<xs:documentation>Nature of contact. Example: business, personal, free call, toll free, after hours, etc</xs:documentation>
+							</xs:annotation>
+						</xs:attribute>
+						<xs:attribute name="ContactHours" type="ct:String">
+							<xs:annotation>
+								<xs:documentation>Free text expression of contact hours. e.g. 9:00AM-5:00PM</xs:documentation>
+							</xs:annotation>
+						</xs:attribute>
+						<xs:attributeGroup ref="ct:grValidityDate"/>
+						<xs:attributeGroup ref="ct:grDataQuality"/>
+						<xs:anyAttribute namespace="#other" processContents="lax"/>
+					</xs:complexType>
+				</xs:element>
+			</xs:sequence>
+			<xs:anyAttribute namespace="##other" processContents="lax"/>
+		</xs:complexType>
+	</xs:element>
+	<xs:element name="Documents">
+		<xs:annotation>
+			<xs:documentation>A container for identification document and cards of the party that are unique to the party.</xs:documentation>
+		</xs:annotation>
+		<xs:complexType>
+			<xs:sequence>
+				<xs:element name="Document" maxOccurs="unbounded">
+					<xs:annotation>
+						<xs:documentation>Passports, driver licenses, credit cards, certificates, etc.</xs:documentation>
+					</xs:annotation>
+					<xs:complexType>
+						<xs:sequence>
+							<xs:element name="DocumentElement" minOccurs="0" maxOccurs="unbounded">
+								<xs:annotation>
+									<xs:documentation>Full document desctiption or part of it.</xs:documentation>
+								</xs:annotation>
+								<xs:complexType>
+									<xs:simpleContent>
+										<xs:extension base="ct:String">
+											<xs:attribute name="Type" type="DocumentElementList">
+												<xs:annotation>
+													<xs:documentation>If present, specifies the type of the information provided as text value of the element.</xs:documentation>
+												</xs:annotation>
+											</xs:attribute>
+											<xs:anyAttribute namespace="##other" processContents="lax"/>
+										</xs:extension>
+									</xs:simpleContent>
+								</xs:complexType>
+							</xs:element>
+							<xs:element name="NameOnDocument" type="n:PartyNameType" minOccurs="0">
+								<xs:annotation>
+									<xs:documentation>Party Name as on the document if different from the main one.</xs:documentation>
+								</xs:annotation>
+							</xs:element>
+							<xs:element name="AddressOnDocument" type="a:AddressType" minOccurs="0">
+								<xs:annotation>
+									<xs:documentation>Address details on the document</xs:documentation>
+								</xs:annotation>
+							</xs:element>
+							<xs:element name="IssuerName" minOccurs="0">
+								<xs:annotation>
+									<xs:documentation>Reference to a Party element that describes the issuing organisation</xs:documentation>
+								</xs:annotation>
+								<xs:complexType>
+									<xs:complexContent>
+										<xs:extension base="n:OrganisationNameType"/>
+									</xs:complexContent>
+								</xs:complexType>
+							</xs:element>
+						</xs:sequence>
+						<xs:attribute name="Type" type="DocumentTypeList"/>
+						<xs:attribute name="Status" type="ct:StatusList">
+							<xs:annotation>
+								<xs:documentation>Status of the entity. e.g. Old, Current, Inactive, Active, etc</xs:documentation>
+							</xs:annotation>
+						</xs:attribute>
+						<xs:attributeGroup ref="ct:grValidityDate"/>
+						<xs:attributeGroup ref="ct:grDataQuality"/>
+						<xs:anyAttribute namespace="##other" processContents="lax"/>
+					</xs:complexType>
+				</xs:element>
+			</xs:sequence>
+			<xs:anyAttribute namespace="##other" processContents="lax"/>
+		</xs:complexType>
+	</xs:element>
+	<xs:element name="ElectronicAddressIdentifiers">
+		<xs:annotation>
+			<xs:documentation>A container of different types of electronic addresses of party (e.g. email, chat, skype, etc)</xs:documentation>
+		</xs:annotation>
+		<xs:complexType>
+			<xs:sequence>
+				<xs:element name="ElectronicAddressIdentifier" maxOccurs="unbounded">
+					<xs:complexType>
+						<xs:simpleContent>
+							<xs:extension base="ct:String">
+								<xs:attribute name="Type" type="ElectronicAddressIdentifierTypeList">
+									<xs:annotation>
+										<xs:documentation>Type of electronic address identifier</xs:documentation>
+									</xs:annotation>
+								</xs:attribute>
+								<xs:attribute name="Status" type="ct:StatusList">
+									<xs:annotation>
+										<xs:documentation>Status of the entity. e.g. Old, Current, Inactive, Active, etc</xs:documentation>
+									</xs:annotation>
+								</xs:attribute>
+								<xs:attribute name="Usage" type="ElectronicAddressIdentifierUsageList">
+									<xs:annotation>
+										<xs:documentation>Usage of electronic address identifier. e.g. business, personal</xs:documentation>
+									</xs:annotation>
+								</xs:attribute>
+								<xs:attribute name="Label" type="ct:String">
+									<xs:annotation>
+										<xs:documentation>An electronic address identifier is usually stored (and probably exchanged) in conjunction with a label which is typically displayed and the URL/electronic identifier just links that label.</xs:documentation>
+									</xs:annotation>
+								</xs:attribute>
+								<xs:attributeGroup ref="ct:grDataQuality"/>
+								<xs:anyAttribute namespace="##other" processContents="lax"/>
+							</xs:extension>
+						</xs:simpleContent>
+					</xs:complexType>
+				</xs:element>
+			</xs:sequence>
+			<xs:anyAttribute namespace="##other" processContents="lax"/>
+		</xs:complexType>
+	</xs:element>
+	<xs:element name="Events">
+		<xs:annotation>
+			<xs:documentation>A container for a list of key events and dates of the events of the organisation and person</xs:documentation>
+		</xs:annotation>
+		<xs:complexType>
+			<xs:sequence>
+				<xs:element name="Event" maxOccurs="unbounded">
+					<xs:annotation>
+						<xs:documentation>Type of event for a person - e.g. marriage anniversary, death, daughter's birth, spouse birthday, etc. 
+
+Type of event for organisation - date of formation/registration, date of closing down, date of liquidation, data of becoming public limited, etc
+</xs:documentation>
+					</xs:annotation>
+					<xs:complexType>
+						<xs:simpleContent>
+							<xs:extension base="ct:String">
+								<xs:attribute name="Type" type="EventTypeList">
+									<xs:annotation>
+										<xs:documentation>Type of event. e.g. Anniversary. If "Anniversary" is type, then the text for Event could be "20th wedding anniversary"</xs:documentation>
+									</xs:annotation>
+								</xs:attribute>
+								<xs:attributeGroup ref="ct:grValidityDate"/>
+								<xs:attribute name="Date" type="xs:dateTime">
+									<xs:annotation>
+										<xs:documentation>Record the exact date of the event here. For example, deceased date, company closed date, birthday date of spouse, etc</xs:documentation>
+									</xs:annotation>
+								</xs:attribute>
+								<xs:attributeGroup ref="ct:grDataQuality"/>
+								<xs:anyAttribute namespace="##other" processContents="lax"/>
+							</xs:extension>
+						</xs:simpleContent>
+					</xs:complexType>
+				</xs:element>
+			</xs:sequence>
+			<xs:anyAttribute namespace="##other" processContents="lax"/>
+		</xs:complexType>
+	</xs:element>
+	<xs:element name="Identifiers">
+		<xs:annotation>
+			<xs:documentation>A container for a list of Identifiers to recognise the party such as customer identifer, social security number, tax number, etc</xs:documentation>
+		</xs:annotation>
+		<xs:complexType>
+			<xs:sequence>
+				<xs:element name="Identifier" maxOccurs="unbounded">
+					<xs:annotation>
+						<xs:documentation>Identifier to recognise the party such as customer identifer, social security number, National ID Card, tax number, buiness number, company number, company registration, etc</xs:documentation>
+					</xs:annotation>
+					<xs:complexType>
+						<xs:sequence>
+							<xs:element name="IdentifierElement" minOccurs="0" maxOccurs="unbounded">
+								<xs:annotation>
+									<xs:documentation>Information about the identifer</xs:documentation>
+								</xs:annotation>
+								<xs:complexType>
+									<xs:simpleContent>
+										<xs:extension base="ct:String">
+											<xs:attribute name="Type" type="PartyIdentifierElementList"/>
+											<xs:anyAttribute namespace="##other" processContents="lax"/>
+										</xs:extension>
+									</xs:simpleContent>
+								</xs:complexType>
+							</xs:element>
+							<xs:element name="IssuerName" type="n:OrganisationNameType" minOccurs="0">
+								<xs:annotation>
+									<xs:documentation>Reference to a Party element that describes the issuing organisation</xs:documentation>
+								</xs:annotation>
+							</xs:element>
+						</xs:sequence>
+						<xs:attribute name="Type" type="PartyIdentifierTypeList">
+							<xs:annotation>
+								<xs:documentation>Type of identifier. e.g. Tax Number</xs:documentation>
+							</xs:annotation>
+						</xs:attribute>
+						<xs:attribute name="Status" type="ct:StatusList">
+							<xs:annotation>
+								<xs:documentation>Status of the entity. e.g. Old, Current, Inactive, Active, etc</xs:documentation>
+							</xs:annotation>
+						</xs:attribute>
+						<xs:attributeGroup ref="ct:grValidityDate"/>
+						<xs:attributeGroup ref="ct:grDataQuality"/>
+						<xs:anyAttribute namespace="##other" processContents="lax"/>
+					</xs:complexType>
+				</xs:element>
+			</xs:sequence>
+			<xs:anyAttribute namespace="##other" processContents="lax"/>
+		</xs:complexType>
+	</xs:element>
+	<xs:element name="Memberships">
+		<xs:annotation>
+			<xs:documentation>A container for memberships of party with other organisations (e.g. industry groups).</xs:documentation>
+		</xs:annotation>
+		<xs:complexType>
+			<xs:sequence>
+				<xs:element name="Membership" maxOccurs="unbounded">
+					<xs:annotation>
+						<xs:documentation>Membership details</xs:documentation>
+					</xs:annotation>
+					<xs:complexType>
+						<xs:sequence>
+							<xs:element name="MembershipElement" minOccurs="0" maxOccurs="unbounded">
+								<xs:annotation>
+									<xs:documentation>Full description of membership or part of it</xs:documentation>
+								</xs:annotation>
+								<xs:complexType>
+									<xs:simpleContent>
+										<xs:extension base="ct:String">
+											<xs:attribute name="Type" type="MembershipElementList">
+												<xs:annotation>
+													<xs:documentation>If present, specifies the type of the information provided as text value of the element.</xs:documentation>
+												</xs:annotation>
+											</xs:attribute>
+											<xs:anyAttribute namespace="##other" processContents="lax"/>
+										</xs:extension>
+									</xs:simpleContent>
+								</xs:complexType>
+							</xs:element>
+							<xs:element name="Organisation" minOccurs="0">
+								<xs:annotation>
+									<xs:documentation>Reference to a Party element that describes the organisation where the memberships is held.</xs:documentation>
+								</xs:annotation>
+								<xs:complexType>
+									<xs:complexContent>
+										<xs:extension base="n:OrganisationNameType"/>
+									</xs:complexContent>
+								</xs:complexType>
+							</xs:element>
+						</xs:sequence>
+						<xs:attribute name="Type" type="MembershipTypeList">
+							<xs:annotation>
+								<xs:documentation>Type of membership. e.g </xs:documentation>
+								<xs:documentation>Type of membership. e.g IEEE, Rifles Club</xs:documentation>
+							</xs:annotation>
+						</xs:attribute>
+						<xs:attribute name="Status" type="ct:StatusList">
+							<xs:annotation>
+								<xs:documentation>Status of the entity. e.g. Old, Current, Inactive, Active, etc</xs:documentation>
+							</xs:annotation>
+						</xs:attribute>
+						<xs:attributeGroup ref="ct:grValidityDate"/>
+						<xs:attributeGroup ref="ct:grDataQuality"/>
+						<xs:anyAttribute namespace="##other" processContents="lax"/>
+					</xs:complexType>
+				</xs:element>
+			</xs:sequence>
+			<xs:anyAttribute namespace="##other" processContents="lax"/>
+		</xs:complexType>
+	</xs:element>
+	<xs:element name="Relationships">
+		<xs:annotation>
+			<xs:documentation>A container for relationships with other parties (persons or organisations, and the nature of relationship). Can also use this to define an organisation hierarchy (parent and subsidiary organisations or branches/groups of organisations)</xs:documentation>
+		</xs:annotation>
+		<xs:complexType>
+			<xs:sequence>
+				<xs:element name="Relationship" minOccurs="0" maxOccurs="unbounded">
+					<xs:annotation>
+						<xs:documentation>Relationship with a party. e.g. Friend, Wife,  referee. organisation, customer. etc</xs:documentation>
+					</xs:annotation>
+					<xs:complexType>
+						<xs:sequence>
+							<xs:element ref="n:NameLine" minOccurs="0"/>
+							<xs:element ref="n:PersonName" minOccurs="0"/>
+							<xs:element ref="n:OrganisationName" minOccurs="0"/>
+							<xs:element ref="Addresses" minOccurs="0"/>
+							<xs:element ref="ContactNumbers" minOccurs="0"/>
+							<xs:element ref="ElectronicAddressIdentifiers" minOccurs="0"/>
+						</xs:sequence>
+						<xs:attribute name="Status" type="ct:StatusList">
+							<xs:annotation>
+								<xs:documentation>Status of the entity. e.g. Old, Current, Inactive, Active, etc</xs:documentation>
+							</xs:annotation>
+						</xs:attribute>
+						<xs:attribute name="PartyType" type="PartyTypeList">
+							<xs:annotation>
+								<xs:documentation>Type of party involved in the relationship, i.e. person or organisation</xs:documentation>
+							</xs:annotation>
+						</xs:attribute>
+						<xs:attribute name="RelationshipWithPerson" type="PersonRelationshipTypeList">
+							<xs:annotation>
+								<xs:documentation>If tha party is person, then the type of relationship with the person such as Friend, Mother, wife, contact, referee</xs:documentation>
+							</xs:annotation>
+						</xs:attribute>
+						<xs:attribute name="RelationshipWithOrganisation" type="OrganisationRelationshipTypeList">
+							<xs:annotation>
+								<xs:documentation>If tha party is organisation, then the type of relationship with the organisation such as employer, branch, head office, subsidiary, etc</xs:documentation>
+							</xs:annotation>
+						</xs:attribute>
+						<xs:attribute name="RelationshipValidFrom" type="xs:dateTime"/>
+						<xs:attribute name="RelationshipValidTo" type="xs:dateTime"/>
+						<xs:attributeGroup ref="ct:grDataQuality"/>
+						<xs:anyAttribute namespace="##other" processContents="lax"/>
+					</xs:complexType>
+				</xs:element>
+			</xs:sequence>
+			<xs:anyAttribute namespace="##other" processContents="lax"/>
+		</xs:complexType>
+	</xs:element>
+	<xs:element name="Revenues">
+		<xs:annotation>
+			<xs:documentation>Container for income / revenue information of the party</xs:documentation>
+		</xs:annotation>
+		<xs:complexType>
+			<xs:sequence>
+				<xs:element name="Revenue" maxOccurs="unbounded">
+					<xs:annotation>
+						<xs:documentation>Revenue/Income details</xs:documentation>
+					</xs:annotation>
+					<xs:complexType>
+						<xs:simpleContent>
+							<xs:extension base="xs:decimal">
+								<xs:attribute name="CurrencyCode" type="RevenueCurrencyCodeList">
+									<xs:annotation>
+										<xs:documentation>A three-letter currency code as per ISO 4217</xs:documentation>
+									</xs:annotation>
+								</xs:attribute>
+								<xs:attribute name="Status" type="ct:StatusList">
+									<xs:annotation>
+										<xs:documentation>Status of the entity. e.g. Old, Current, Inactive, Active, etc</xs:documentation>
+									</xs:annotation>
+								</xs:attribute>
+								<xs:attribute name="PeriodFrom" type="xs:dateTime">
+									<xs:annotation>
+										<xs:documentation>Begining of the period. Inclusive.</xs:documentation>
+									</xs:annotation>
+								</xs:attribute>
+								<xs:attribute name="PeriodTo" type="xs:dateTime">
+									<xs:annotation>
+										<xs:documentation>End of the period. Inclusive.</xs:documentation>
+									</xs:annotation>
+								</xs:attribute>
+								<xs:attribute name="Type" type="RevenueTypeList">
+									<xs:annotation>
+										<xs:documentation>Defines the type of amount. Example: Total earning, profit, loss, turnover, etc.</xs:documentation>
+									</xs:annotation>
+								</xs:attribute>
+								<xs:attribute name="Precision">
+									<xs:annotation>
+										<xs:documentation>Precision range where the value of the element is in the middle of the range. E.g. </xs:documentation>
+									</xs:annotation>
+									<xs:simpleType>
+										<xs:restriction base="xs:decimal">
+											<xs:minInclusive value="0"/>
+										</xs:restriction>
+									</xs:simpleType>
+								</xs:attribute>
+								<xs:attribute name="Source" type="RevenueSourceList">
+									<xs:annotation>
+										<xs:documentation>Where this revenue / income comes from, e.g. business stream, activity, etc.</xs:documentation>
+									</xs:annotation>
+								</xs:attribute>
+								<xs:attribute name="CountryName" type="ct:String">
+									<xs:annotation>
+										<xs:documentation>Country from where the revenue is generated</xs:documentation>
+									</xs:annotation>
+								</xs:attribute>
+								<xs:attribute name="AfterTax" type="xs:boolean">
+									<xs:annotation>
+										<xs:documentation>If present and set to true indicates that the income / revenue is after tax. </xs:documentation>
+									</xs:annotation>
+								</xs:attribute>
+								<xs:attributeGroup ref="ct:grDataQuality"/>
+								<xs:anyAttribute namespace="##other" processContents="lax"/>
+							</xs:extension>
+						</xs:simpleContent>
+					</xs:complexType>
+				</xs:element>
+			</xs:sequence>
+			<xs:anyAttribute namespace="##other" processContents="lax"/>
+		</xs:complexType>
+	</xs:element>
+	<xs:element name="Stocks">
+		<xs:annotation>
+			<xs:documentation>A container for stocks invested information </xs:documentation>
+		</xs:annotation>
+		<xs:complexType>
+			<xs:sequence>
+				<xs:element name="Stock" maxOccurs="unbounded">
+					<xs:annotation>
+						<xs:documentation>A Stock market listing details. The organisation could be listed on more than one country</xs:documentation>
+					</xs:annotation>
+					<xs:complexType>
+						<xs:attribute name="ListedCode" type="ct:String">
+							<xs:annotation>
+								<xs:documentation>The code name for the organisation as listed in the exchange. E.g. MOT for Motorola Inc</xs:documentation>
+							</xs:annotation>
+						</xs:attribute>
+						<xs:attribute name="MarketName" type="ct:String">
+							<xs:annotation>
+								<xs:documentation>Free text name of the stock exchange or other market. E.g. NYSE or NZX</xs:documentation>
+							</xs:annotation>
+						</xs:attribute>
+						<xs:attribute name="CountryName" type="ct:String">
+							<xs:annotation>
+								<xs:documentation>Name of the country where listed</xs:documentation>
+							</xs:annotation>
+						</xs:attribute>
+						<xs:attribute name="InvestedDate" type="xs:dateTime">
+							<xs:annotation>
+								<xs:documentation>date of investment</xs:documentation>
+							</xs:annotation>
+						</xs:attribute>
+						<xs:attribute name="ShareQuantity" type="ct:String">
+							<xs:annotation>
+								<xs:documentation>Quantity of shares.....1 million shares</xs:documentation>
+							</xs:annotation>
+						</xs:attribute>
+						<xs:attribute name="ListedDate" type="xs:dateTime">
+							<xs:annotation>
+								<xs:documentation>date of listing </xs:documentation>
+							</xs:annotation>
+						</xs:attribute>
+						<xs:attributeGroup ref="ct:grDataQuality"/>
+						<xs:anyAttribute namespace="##other" processContents="lax"/>
+					</xs:complexType>
+				</xs:element>
+			</xs:sequence>
+			<xs:anyAttribute namespace="##other" processContents="lax"/>
+		</xs:complexType>
+	</xs:element>
+	<xs:element name="Vehicles">
+		<xs:annotation>
+			<xs:documentation>A container to define all the vehicles of the party</xs:documentation>
+		</xs:annotation>
+		<xs:complexType>
+			<xs:sequence>
+				<xs:element name="Vehicle" maxOccurs="unbounded">
+					<xs:annotation>
+						<xs:documentation>Vehicle Details</xs:documentation>
+					</xs:annotation>
+					<xs:complexType>
+						<xs:sequence>
+							<xs:element name="VehicleElement" minOccurs="0" maxOccurs="unbounded">
+								<xs:annotation>
+									<xs:documentation>Full vehicle description of part of it</xs:documentation>
+								</xs:annotation>
+								<xs:complexType>
+									<xs:simpleContent>
+										<xs:extension base="ct:String">
+											<xs:attribute name="Type" type="VehicleInfoElementList">
+												<xs:annotation>
+													<xs:documentation>If present, specifies the type of the information provided as text value of the element.</xs:documentation>
+												</xs:annotation>
+											</xs:attribute>
+											<xs:anyAttribute namespace="##other" processContents="lax"/>
+										</xs:extension>
+									</xs:simpleContent>
+								</xs:complexType>
+							</xs:element>
+						</xs:sequence>
+						<xs:attribute name="Type" type="VehicleTypeList">
+							<xs:annotation>
+								<xs:documentation>Type of vehicle. Example: Motorbike, Truck, Car, Bicycle, 4WD, Jeep, etc</xs:documentation>
+							</xs:annotation>
+						</xs:attribute>
+						<xs:attribute name="Status" type="ct:StatusList">
+							<xs:annotation>
+								<xs:documentation>Status of the entity. e.g. Old, Current, Inactive, Active, etc</xs:documentation>
+							</xs:annotation>
+						</xs:attribute>
+						<xs:attributeGroup ref="ct:grDataQuality"/>
+						<xs:anyAttribute namespace="##other" processContents="lax"/>
+					</xs:complexType>
+				</xs:element>
+			</xs:sequence>
+			<xs:anyAttribute namespace="##other" processContents="lax"/>
+		</xs:complexType>
+	</xs:element>
+	<!--***************** SECOND LEVEL ELEMENTS FOR REUSE - FOR ORGANISATION SPECIFIC DATA ONLY ***********************-->
+	<xs:element name="OrganisationInfo">
+		<xs:annotation>
+			<xs:documentation>Container for organisation specific details that are not covered in this schema that is common to a party</xs:documentation>
+		</xs:annotation>
+		<xs:complexType>
+			<xs:attribute name="Type" type="OrganisationInfoTypeList">
+				<xs:annotation>
+					<xs:documentation>Type of organisation. Free text description, e.g. Company, Trust, Bank, Society, Club, etc.</xs:documentation>
+				</xs:annotation>
+			</xs:attribute>
+			<xs:attribute name="CategoryType" type="OrganisationCategoryTypeList">
+				<xs:annotation>
+					<xs:documentation>Type of category the organisation belongs to such as club, association, company, vendor, etc</xs:documentation>
+				</xs:annotation>
+			</xs:attribute>
+			<xs:attribute name="Status" type="ct:StatusList">
+				<xs:annotation>
+					<xs:documentation>Status of the entity. e.g. Old, Current, Inactive, Active, etc</xs:documentation>
+				</xs:annotation>
+			</xs:attribute>
+			<xs:attribute name="Nature" type="OrganisationInfoNatureList">
+				<xs:annotation>
+					<xs:documentation>Nature of the organisation. e.g. Public limited, Commercial, charity, non-commercial, etc.</xs:documentation>
+				</xs:annotation>
+			</xs:attribute>
+			<xs:attribute name="IndustryType" type="IndustryTypeList">
+				<xs:annotation>
+					<xs:documentation>Organisation Industry type such as IT, Manufacturing. </xs:documentation>
+				</xs:annotation>
+			</xs:attribute>
+			<xs:attribute name="IndustryCode" type="IndustryCodeList">
+				<xs:annotation>
+					<xs:documentation>Industry code or classification</xs:documentation>
+				</xs:annotation>
+			</xs:attribute>
+			<xs:attribute name="IndustryCodeType" type="ct:String">
+				<xs:annotation>
+					<xs:documentation>Type of code used for industry code</xs:documentation>
+				</xs:annotation>
+			</xs:attribute>
+			<xs:attribute name="NumberOfEmployees" type="ct:String">
+				<xs:annotation>
+					<xs:documentation>Free text description of organisation size in terms of number of employees</xs:documentation>
+				</xs:annotation>
+			</xs:attribute>
+			<xs:attribute name="OperatingHourStartTime" type="xs:time">
+				<xs:annotation>
+					<xs:documentation>Operating hour start time of the organisation, e.g. 9:00am</xs:documentation>
+				</xs:annotation>
+			</xs:attribute>
+			<xs:attribute name="OperatingHourEndTime" type="xs:time">
+				<xs:annotation>
+					<xs:documentation>Operating hour end time for the organisation. e.g. 5:00pm</xs:documentation>
+				</xs:annotation>
+			</xs:attribute>
+			<xs:attributeGroup ref="ct:grDataQuality"/>
+			<xs:anyAttribute namespace="##other" processContents="lax"/>
+		</xs:complexType>
+	</xs:element>
+	<!--****************** SECOND LEVEL ELEMENTS FOR REUSE - FOR PERSON SPECIFIC DATA ONLY *********************************-->
+	<xs:element name="PersonInfo">
+		<xs:annotation>
+			<xs:documentation>Container for person specific details that are not covered in this schema that is common to a party</xs:documentation>
+		</xs:annotation>
+		<xs:complexType>
+			<xs:attribute name="Age" type="ct:String">
+				<xs:annotation>
+					<xs:documentation>Age of the person as integer</xs:documentation>
+				</xs:annotation>
+			</xs:attribute>
+			<xs:attribute name="CategoryType" type="PersonCategoryTypeList">
+				<xs:annotation>
+					<xs:documentation>Type of category the person belongs such as customer, employee, friend, prospect, etc</xs:documentation>
+				</xs:annotation>
+			</xs:attribute>
+			<xs:attribute name="PhysicalStatus" type="PhysicalStatusList">
+				<xs:annotation>
+					<xs:documentation>Status of the person. e.g. living, deceased, retired. To log the date of the status such as death or retired, use "Events" element</xs:documentation>
+				</xs:annotation>
+			</xs:attribute>
+			<xs:attribute name="MaritalStatus" type="MaritalStatusList">
+				<xs:annotation>
+					<xs:documentation>Free text description of the current marital status, e.g. married, separated, divorced, separated, etc.</xs:documentation>
+				</xs:annotation>
+			</xs:attribute>
+			<xs:attribute name="Ethnicity" type="PersonEthnicityList">
+				<xs:annotation>
+					<xs:documentation>Ethnicity of the person, e.g. Asian, Chinese, African, etc.</xs:documentation>
+				</xs:annotation>
+			</xs:attribute>
+			<xs:attribute name="Gender" type="GenderList">
+				<xs:annotation>
+					<xs:documentation>Free text gender description.</xs:documentation>
+				</xs:annotation>
+			</xs:attribute>
+			<xs:attribute name="Religion" type="ReligionList">
+				<xs:annotation>
+					<xs:documentation>Free text name of the religion</xs:documentation>
+				</xs:annotation>
+			</xs:attribute>
+			<xs:attributeGroup ref="ct:grDataQuality"/>
+			<xs:anyAttribute namespace="##other" processContents="lax"/>
+		</xs:complexType>
+	</xs:element>
+	<xs:element name="BirthInfo">
+		<xs:annotation>
+			<xs:documentation>A container to define the Date of Birth details of a person</xs:documentation>
+		</xs:annotation>
+		<xs:complexType>
+			<xs:sequence>
+				<xs:element name="BirthInfoElement" minOccurs="0" maxOccurs="unbounded">
+					<xs:annotation>
+						<xs:documentation>Birth details of the person</xs:documentation>
+					</xs:annotation>
+					<xs:complexType>
+						<xs:simpleContent>
+							<xs:extension base="ct:String">
+								<xs:attribute name="Type" type="BirthInfoElementList">
+									<xs:annotation>
+										<xs:documentation>If present, specifies the type of the information provided as text value of the element.</xs:documentation>
+									</xs:annotation>
+								</xs:attribute>
+								<xs:anyAttribute namespace="##other" processContents="lax"/>
+							</xs:extension>
+						</xs:simpleContent>
+					</xs:complexType>
+				</xs:element>
+				<xs:element name="BirthPlaceDetails" type="a:AddressType" minOccurs="0">
+					<xs:annotation>
+						<xs:documentation>Full location details (e.g. address) may be required to get the exact geo-cordinates for astrology purposes</xs:documentation>
+					</xs:annotation>
+				</xs:element>
+			</xs:sequence>
+			<xs:attribute name="BirthDateTime" type="xs:dateTime">
+				<xs:annotation>
+					<xs:documentation>Birth data and time to the known precision. Usually, it is only the date that is known. Leave time as 00:00:00 if not known.</xs:documentation>
+				</xs:annotation>
+			</xs:attribute>
+			<xs:attribute name="BirthDateTimePrecision" type="xs:duration">
+				<xs:annotation>
+					<xs:documentation>Specify the duration of the uncertainity period as a range where BirthDateTime is in the middle of the range. Uses xsd:duration as the data type. The time interval is in the format: PnYnMnDTnHnMnS
+P: period (required), nY: number of years, nM: number of months, nD: number of days, T: start of a time section (required if hours, minutes or secords to be specified), nH: number of hours, nM: number of minutes, nS: number of seconds
+
+P5Y -> period of 5 years
+P5Y2M10D -> 5 years, 2 months, 10 days, and 15 hours</xs:documentation>
+				</xs:annotation>
+			</xs:attribute>
+			<xs:attributeGroup ref="ct:grDataQuality"/>
+			<xs:anyAttribute namespace="##other" processContents="lax"/>
+		</xs:complexType>
+	</xs:element>
+	<xs:element name="CountriesOfResidence">
+		<xs:annotation>
+			<xs:documentation>A container for all citizenships and residencies (Permanent/temporary) of a person.</xs:documentation>
+		</xs:annotation>
+		<xs:complexType>
+			<xs:sequence>
+				<xs:element name="Country" maxOccurs="unbounded">
+					<xs:annotation>
+						<xs:documentation>Citizenship and residence information in a free-text form.</xs:documentation>
+					</xs:annotation>
+					<xs:complexType>
+						<xs:complexContent>
+							<xs:extension base="a:CountryType">
+								<xs:attribute name="Type" type="ResidencyTypeList">
+									<xs:annotation>
+										<xs:documentation>Type of residency. e.g. permenant resident, citizen, temporary resident</xs:documentation>
+									</xs:annotation>
+								</xs:attribute>
+								<xs:attribute name="Status" type="ct:StatusList">
+									<xs:annotation>
+										<xs:documentation>Status of the entity. e.g. Old, Current, Inactive, Active, etc</xs:documentation>
+									</xs:annotation>
+								</xs:attribute>
+								<xs:attributeGroup ref="ct:grValidityDate"/>
+							</xs:extension>
+						</xs:complexContent>
+					</xs:complexType>
+				</xs:element>
+			</xs:sequence>
+			<xs:anyAttribute namespace="##other" processContents="lax"/>
+		</xs:complexType>
+	</xs:element>
+	<xs:element name="Favourites">
+		<xs:annotation>
+			<xs:documentation>A container for a list of favourites of a person</xs:documentation>
+		</xs:annotation>
+		<xs:complexType>
+			<xs:sequence>
+				<xs:element name="Favourite" maxOccurs="unbounded">
+					<xs:annotation>
+						<xs:documentation>The favourites of the person</xs:documentation>
+					</xs:annotation>
+					<xs:complexType>
+						<xs:simpleContent>
+							<xs:extension base="ct:String">
+								<xs:attribute name="Type" type="PersonFavouriteTypeList">
+									<xs:annotation>
+										<xs:documentation>Type of favourite. e.g. author, food, book, sport, etc
+
+<Favourite Type="sport">Cricket</Favourite>
+											<Favourite Type="Movie">Back to the Future</Favourite>
+										</xs:documentation>
+									</xs:annotation>
+								</xs:attribute>
+								<xs:attributeGroup ref="ct:grDataQuality"/>
+								<xs:anyAttribute namespace="##other" processContents="lax"/>
+							</xs:extension>
+						</xs:simpleContent>
+					</xs:complexType>
+				</xs:element>
+			</xs:sequence>
+			<xs:anyAttribute namespace="##other" processContents="lax"/>
+		</xs:complexType>
+	</xs:element>
+	<xs:element name="Habits">
+		<xs:annotation>
+			<xs:documentation>A container for a list of habits of a person</xs:documentation>
+		</xs:annotation>
+		<xs:complexType>
+			<xs:sequence>
+				<xs:element name="Habit" maxOccurs="unbounded">
+					<xs:annotation>
+						<xs:documentation>Personal habits. E.g. smoking, drinking, gambling, etc.</xs:documentation>
+					</xs:annotation>
+					<xs:complexType>
+						<xs:simpleContent>
+							<xs:extension base="ct:String">
+								<xs:attribute name="Type" type="HabitTypeList">
+									<xs:annotation>
+										<xs:documentation>Category/type of habit. e.g. sports, food, reading, etc. If "Hot Drinks" is type, then text for Habit could be "Strong Black Coffee"</xs:documentation>
+									</xs:annotation>
+								</xs:attribute>
+								<xs:attributeGroup ref="ct:grDataQuality"/>
+								<xs:anyAttribute namespace="##other" processContents="lax"/>
+							</xs:extension>
+						</xs:simpleContent>
+					</xs:complexType>
+				</xs:element>
+			</xs:sequence>
+			<xs:anyAttribute namespace="##other" processContents="lax"/>
+		</xs:complexType>
+	</xs:element>
+	<xs:element name="Hobbies">
+		<xs:annotation>
+			<xs:documentation>A container for a list of hobbies of a person</xs:documentation>
+		</xs:annotation>
+		<xs:complexType>
+			<xs:sequence>
+				<xs:element name="Hobby" maxOccurs="unbounded">
+					<xs:annotation>
+						<xs:documentation>A hobby of the person. E.g.  craft, sport, recreational activity, etc.</xs:documentation>
+					</xs:annotation>
+					<xs:complexType>
+						<xs:simpleContent>
+							<xs:extension base="ct:String">
+								<xs:attribute name="Type" type="HobbyTypeList">
+									<xs:annotation>
+										<xs:documentation>Type/Category of Hobby. e.g. sports, travelling. If "Sport" is a type/category of hobby, then text for "Hobby" could be "Playing cricket"</xs:documentation>
+									</xs:annotation>
+								</xs:attribute>
+								<xs:attributeGroup ref="ct:grDataQuality"/>
+								<xs:anyAttribute namespace="##other" processContents="lax"/>
+							</xs:extension>
+						</xs:simpleContent>
+					</xs:complexType>
+				</xs:element>
+			</xs:sequence>
+			<xs:anyAttribute namespace="##other" processContents="lax"/>
+		</xs:complexType>
+	</xs:element>
+	<xs:element name="Languages">
+		<xs:annotation>
+			<xs:documentation>A container for a list of languages spoken by a person.</xs:documentation>
+		</xs:annotation>
+		<xs:complexType>
+			<xs:sequence>
+				<xs:element name="Language" maxOccurs="unbounded">
+					<xs:annotation>
+						<xs:documentation>Name of the language spoken by the person</xs:documentation>
+					</xs:annotation>
+					<xs:complexType>
+						<xs:simpleContent>
+							<xs:extension base="ct:String">
+								<xs:attribute name="Type" type="LanguageTypeList">
+									<xs:annotation>
+										<xs:documentation>Mother tongue, by birth, etc</xs:documentation>
+									</xs:annotation>
+								</xs:attribute>
+								<xs:attribute name="Speak" type="LanguageSkillsList">
+									<xs:annotation>
+										<xs:documentation>Indicates ability to speak: yes, no, poor, good, bad, average</xs:documentation>
+									</xs:annotation>
+								</xs:attribute>
+								<xs:attribute name="Read" type="LanguageSkillsList">
+									<xs:annotation>
+										<xs:documentation>Indicates ability to read: yes, no, poor, good, bad, average</xs:documentation>
+									</xs:annotation>
+								</xs:attribute>
+								<xs:attribute name="Write" type="LanguageSkillsList">
+									<xs:annotation>
+										<xs:documentation>Indicates ability to write: yes, no, poor, good, bad, average</xs:documentation>
+									</xs:annotation>
+								</xs:attribute>
+								<xs:attribute name="Understand" type="LanguageSkillsList">
+									<xs:annotation>
+										<xs:documentation>Indicates ability to understand speech: yes, no, poor, good, bad, average</xs:documentation>
+									</xs:annotation>
+								</xs:attribute>
+								<xs:attribute name="Preference" type="LanguagePreferenceList">
+									<xs:annotation>
+										<xs:documentation>Indicates preferred language of communication (read and/or write and/or speak)</xs:documentation>
+									</xs:annotation>
+								</xs:attribute>
+								<xs:attributeGroup ref="ct:grDataQuality"/>
+								<xs:anyAttribute namespace="##other" processContents="lax"/>
+							</xs:extension>
+						</xs:simpleContent>
+					</xs:complexType>
+				</xs:element>
+			</xs:sequence>
+			<xs:anyAttribute namespace="##other" processContents="lax"/>
+		</xs:complexType>
+	</xs:element>
+	<xs:element name="Nationalities">
+		<xs:annotation>
+			<xs:documentation>A container for a list of nationalities of a person</xs:documentation>
+		</xs:annotation>
+		<xs:complexType>
+			<xs:sequence>
+				<xs:element name="Country" maxOccurs="unbounded">
+					<xs:annotation>
+						<xs:documentation>Name of the country of nationality. Could be more than one nationality</xs:documentation>
+					</xs:annotation>
+					<xs:complexType>
+						<xs:complexContent>
+							<xs:extension base="a:CountryType">
+								<xs:attribute name="Type" type="NationalityTypeList">
+									<xs:annotation>
+										<xs:documentation>Type of nationality - By birth, naturalization, citizen</xs:documentation>
+									</xs:annotation>
+								</xs:attribute>
+								<xs:attribute name="Status" type="ct:StatusList">
+									<xs:annotation>
+										<xs:documentation>Status of the entity. e.g. Old, Current, Inactive, Active, etc</xs:documentation>
+									</xs:annotation>
+								</xs:attribute>
+								<xs:attributeGroup ref="ct:grValidityDate"/>
+							</xs:extension>
+						</xs:complexContent>
+					</xs:complexType>
+				</xs:element>
+			</xs:sequence>
+			<xs:anyAttribute namespace="##other" processContents="lax"/>
+		</xs:complexType>
+	</xs:element>
+	<xs:element name="Occupations">
+		<xs:annotation>
+			<xs:documentation>A container for a list of occupations of a person</xs:documentation>
+		</xs:annotation>
+		<xs:complexType>
+			<xs:sequence>
+				<xs:element name="Occupation" maxOccurs="unbounded">
+					<xs:annotation>
+						<xs:documentation>Occupation details</xs:documentation>
+					</xs:annotation>
+					<xs:complexType>
+						<xs:sequence>
+							<xs:element name="OccupationElement" minOccurs="0" maxOccurs="unbounded">
+								<xs:annotation>
+									<xs:documentation>Full description of the occupation or part of it</xs:documentation>
+								</xs:annotation>
+								<xs:complexType>
+									<xs:simpleContent>
+										<xs:extension base="ct:String">
+											<xs:attribute name="Type" type="OccupationElementList">
+												<xs:annotation>
+													<xs:documentation>If present, specifies the type of the information provided as text value of the element.</xs:documentation>
+												</xs:annotation>
+											</xs:attribute>
+											<xs:anyAttribute namespace="##other" processContents="lax"/>
+										</xs:extension>
+									</xs:simpleContent>
+								</xs:complexType>
+							</xs:element>
+							<xs:element name="Employer" minOccurs="0">
+								<xs:annotation>
+									<xs:documentation>Reference to a Party element that describes the employer.</xs:documentation>
+								</xs:annotation>
+								<xs:complexType>
+									<xs:complexContent>
+										<xs:extension base="n:OrganisationNameType"/>
+									</xs:complexContent>
+								</xs:complexType>
+							</xs:element>
+						</xs:sequence>
+						<xs:attribute name="isSelfEmployed" type="xs:boolean">
+							<xs:annotation>
+								<xs:documentation>Is the party self employed? A boolean value expected</xs:documentation>
+							</xs:annotation>
+						</xs:attribute>
+						<xs:attribute name="Status" type="ct:StatusList">
+							<xs:annotation>
+								<xs:documentation>Status of the entity. e.g. Old, Current, Inactive, Active, etc</xs:documentation>
+							</xs:annotation>
+						</xs:attribute>
+						<xs:attributeGroup ref="ct:grValidityDate"/>
+						<xs:attributeGroup ref="ct:grDataQuality"/>
+						<xs:anyAttribute namespace="##other" processContents="lax"/>
+					</xs:complexType>
+				</xs:element>
+			</xs:sequence>
+			<xs:anyAttribute namespace="##other" processContents="lax"/>
+		</xs:complexType>
+	</xs:element>
+	<xs:element name="PhysicalInfo">
+		<xs:annotation>
+			<xs:documentation>A container for physical characteristics of a person</xs:documentation>
+		</xs:annotation>
+		<xs:complexType>
+			<xs:sequence>
+				<xs:element name="FreeTextLine" minOccurs="0" maxOccurs="unbounded">
+					<xs:annotation>
+						<xs:documentation>Any other physical info not covered by elements here</xs:documentation>
+					</xs:annotation>
+					<xs:complexType>
+						<xs:simpleContent>
+							<xs:extension base="ct:String">
+								<xs:attribute name="Type" type="PhysicalInfoFreeTextTypeList">
+									<xs:annotation>
+										<xs:documentation>Category or type of physical info</xs:documentation>
+									</xs:annotation>
+								</xs:attribute>
+								<xs:attributeGroup ref="ct:grDataQuality"/>
+								<xs:anyAttribute namespace="##other" processContents="lax"/>
+							</xs:extension>
+						</xs:simpleContent>
+					</xs:complexType>
+				</xs:element>
+				<xs:element name="Feature" minOccurs="0" maxOccurs="unbounded">
+					<xs:annotation>
+						<xs:documentation>Description of a physical feature such as hair, height, eye color, etc.</xs:documentation>
+					</xs:annotation>
+					<xs:complexType>
+						<xs:simpleContent>
+							<xs:extension base="ct:String">
+								<xs:attribute name="Type" type="FeatureTypeList">
+									<xs:annotation>
+										<xs:documentation>If present, specifies the type of the information provided as text value of the element.</xs:documentation>
+									</xs:annotation>
+								</xs:attribute>
+								<xs:attribute name="UnitType" type="UnitTypeList">
+									<xs:annotation>
+										<xs:documentation>Defines the unit of measurement. Example: Inches, feet, cm, meters, days, months, years, kgs, pounds, etc.</xs:documentation>
+									</xs:annotation>
+								</xs:attribute>
+								<xs:attributeGroup ref="ct:grDataQuality"/>
+								<xs:anyAttribute namespace="##other" processContents="lax"/>
+							</xs:extension>
+						</xs:simpleContent>
+					</xs:complexType>
+				</xs:element>
+				<xs:element name="BodyMark" minOccurs="0" maxOccurs="unbounded">
+					<xs:annotation>
+						<xs:documentation>Description of body marks, such as scars, tatoos, spots, etc.</xs:documentation>
+					</xs:annotation>
+					<xs:complexType>
+						<xs:simpleContent>
+							<xs:extension base="ct:String">
+								<xs:attribute name="Part" type="BodyMarkPartList">
+									<xs:annotation>
+										<xs:documentation>Free text name/description of the body part where the mark is located</xs:documentation>
+									</xs:annotation>
+								</xs:attribute>
+								<xs:attribute name="Location" type="BodyMarkPartLocationList">
+									<xs:annotation>
+										<xs:documentation>Free text description of where on the body part the mark is located. E.g. left hand side, front, back, etc</xs:documentation>
+									</xs:annotation>
+								</xs:attribute>
+								<xs:attributeGroup ref="ct:grDataQuality"/>
+								<xs:anyAttribute namespace="##other" processContents="lax"/>
+							</xs:extension>
+						</xs:simpleContent>
+					</xs:complexType>
+				</xs:element>
+				<xs:element name="Disability" minOccurs="0" maxOccurs="unbounded">
+					<xs:annotation>
+						<xs:documentation>Description of person's disability.</xs:documentation>
+					</xs:annotation>
+					<xs:complexType>
+						<xs:simpleContent>
+							<xs:extension base="ct:String">
+								<xs:attribute name="Cause" type="DisabilityCauseList">
+									<xs:annotation>
+										<xs:documentation>Free text description of the cause of the disability, e.g. birth defect, accident, etc.</xs:documentation>
+									</xs:annotation>
+								</xs:attribute>
+								<xs:attributeGroup ref="ct:grDataQuality"/>
+								<xs:anyAttribute namespace="##other" processContents="lax"/>
+							</xs:extension>
+						</xs:simpleContent>
+					</xs:complexType>
+				</xs:element>
+				<xs:element name="Allergy" minOccurs="0" maxOccurs="unbounded">
+					<xs:annotation>
+						<xs:documentation>Description of the person's allergy. e.g. Allergic to Pencillin, milk products</xs:documentation>
+					</xs:annotation>
+					<xs:complexType>
+						<xs:simpleContent>
+							<xs:extension base="ct:String">
+								<xs:attributeGroup ref="ct:grDataQuality"/>
+								<xs:anyAttribute namespace="##other" processContents="lax"/>
+							</xs:extension>
+						</xs:simpleContent>
+					</xs:complexType>
+				</xs:element>
+				<xs:element name="HealthCondition" minOccurs="0" maxOccurs="unbounded">
+					<xs:annotation>
+						<xs:documentation>Condition of health in terms of medical. e.g. Healthy, diabetic, hgh blood pressure, high cholestrol, etc</xs:documentation>
+					</xs:annotation>
+					<xs:complexType>
+						<xs:simpleContent>
+							<xs:extension base="ct:String">
+								<xs:attributeGroup ref="ct:grDataQuality"/>
+								<xs:anyAttribute namespace="##other" processContents="lax"/>
+							</xs:extension>
+						</xs:simpleContent>
+					</xs:complexType>
+				</xs:element>
+			</xs:sequence>
+			<xs:attribute name="BloodGroup" type="BloodGroupList"/>
+			<xs:attributeGroup ref="ct:grDataQuality"/>
+			<xs:anyAttribute namespace="##other" processContents="lax"/>
+		</xs:complexType>
+	</xs:element>
+	<xs:element name="Preferences">
+		<xs:annotation>
+			<xs:documentation>A container for a list of preferences of a person (e.g. seat position in flight, restuarants)</xs:documentation>
+		</xs:annotation>
+		<xs:complexType>
+			<xs:sequence>
+				<xs:element name="Preference" maxOccurs="unbounded">
+					<xs:annotation>
+						<xs:documentation>Preferences of the person. e.g. seat in non smoking area, holiday with family than alone</xs:documentation>
+					</xs:annotation>
+					<xs:complexType>
+						<xs:simpleContent>
+							<xs:extension base="ct:String">
+								<xs:attribute name="Type" type="PreferenceTypeList">
+									<xs:annotation>
+										<xs:documentation>Type of preference. e.g. seating position</xs:documentation>
+									</xs:annotation>
+								</xs:attribute>
+								<xs:attributeGroup ref="ct:grDataQuality"/>
+								<xs:anyAttribute namespace="##other" processContents="lax"/>
+							</xs:extension>
+						</xs:simpleContent>
+					</xs:complexType>
+				</xs:element>
+			</xs:sequence>
+			<xs:anyAttribute namespace="##other" processContents="lax"/>
+		</xs:complexType>
+	</xs:element>
+	<xs:element name="Qualifications">
+		<xs:annotation>
+			<xs:documentation>A container for a list of  qualifications of a person</xs:documentation>
+		</xs:annotation>
+		<xs:complexType>
+			<xs:sequence>
+				<xs:element name="Qualification" maxOccurs="unbounded">
+					<xs:annotation>
+						<xs:documentation>Educational qualification</xs:documentation>
+					</xs:annotation>
+					<xs:complexType>
+						<xs:sequence>
+							<xs:element name="QualificationElement" minOccurs="0" maxOccurs="unbounded">
+								<xs:annotation>
+									<xs:documentation>Full / partial name or description of person's qualification</xs:documentation>
+								</xs:annotation>
+								<xs:complexType>
+									<xs:simpleContent>
+										<xs:extension base="ct:String">
+											<xs:attribute name="Type" type="QualificationElementList">
+												<xs:annotation>
+													<xs:documentation>If present, specifies the type of the information provided as text value of the element.</xs:documentation>
+												</xs:annotation>
+											</xs:attribute>
+											<xs:anyAttribute namespace="##other" processContents="lax"/>
+										</xs:extension>
+									</xs:simpleContent>
+								</xs:complexType>
+							</xs:element>
+							<xs:element name="Institution" minOccurs="0">
+								<xs:annotation>
+									<xs:documentation>Reference to a Party element that describes the institution.</xs:documentation>
+								</xs:annotation>
+								<xs:complexType>
+									<xs:complexContent>
+										<xs:extension base="n:OrganisationNameType"/>
+									</xs:complexContent>
+								</xs:complexType>
+							</xs:element>
+						</xs:sequence>
+						<xs:attribute name="Status" type="ct:StatusList">
+							<xs:annotation>
+								<xs:documentation>Status of the entity. e.g. Old, Current, Inactive, Active, etc</xs:documentation>
+							</xs:annotation>
+						</xs:attribute>
+						<xs:attributeGroup ref="ct:grValidityDate"/>
+						<xs:attributeGroup ref="ct:grDataQuality"/>
+						<xs:anyAttribute namespace="##other" processContents="lax"/>
+					</xs:complexType>
+				</xs:element>
+			</xs:sequence>
+			<xs:anyAttribute namespace="##other" processContents="lax"/>
+		</xs:complexType>
+	</xs:element>
+	<xs:element name="Visas">
+		<xs:annotation>
+			<xs:documentation>A container to define the VISAs held by a person (e.g. visitor, temporary, permanent resident, work, etc)</xs:documentation>
+		</xs:annotation>
+		<xs:complexType>
+			<xs:sequence>
+				<xs:element name="Visa" maxOccurs="unbounded">
+					<xs:annotation>
+						<xs:documentation>All information about Visa details.</xs:documentation>
+					</xs:annotation>
+					<xs:complexType>
+						<xs:sequence>
+							<xs:element name="VisaElement" minOccurs="0" maxOccurs="unbounded">
+								<xs:annotation>
+									<xs:documentation>Visa category number depending upon the type of visa. Example: H-1 for employment visa as in the USA</xs:documentation>
+								</xs:annotation>
+								<xs:complexType>
+									<xs:simpleContent>
+										<xs:extension base="ct:String">
+											<xs:attribute name="Type" type="VisaElementList">
+												<xs:annotation>
+													<xs:documentation>If present, specifies the type of the information provided as text value of the element.</xs:documentation>
+												</xs:annotation>
+											</xs:attribute>
+											<xs:anyAttribute namespace="##other" processContents="lax"/>
+										</xs:extension>
+									</xs:simpleContent>
+								</xs:complexType>
+							</xs:element>
+						</xs:sequence>
+						<xs:attribute name="Status" type="ct:StatusList">
+							<xs:annotation>
+								<xs:documentation>Status of the entity. e.g. Old, Current, Inactive, Active, etc</xs:documentation>
+							</xs:annotation>
+						</xs:attribute>
+						<xs:attributeGroup ref="ct:grValidityDate"/>
+						<xs:attribute name="EntryByDate" type="xs:dateTime"/>
+						<xs:attributeGroup ref="ct:grDataQuality"/>
+						<xs:anyAttribute namespace="##other" processContents="lax"/>
+					</xs:complexType>
+				</xs:element>
+			</xs:sequence>
+			<xs:anyAttribute namespace="##other" processContents="lax"/>
+		</xs:complexType>
+	</xs:element>
+	<xs:element name="PartyName" type="n:PartyNameType"/>
+</xs:schema>
diff --git a/stix_validator/schema/external/oasis_ciq_3.0/xlink-2003-12-31.xsd b/stix_validator/schema/external/oasis_ciq_3.0/xlink-2003-12-31.xsd
new file mode 100755
index 0000000..dc6b018
--- /dev/null
+++ b/stix_validator/schema/external/oasis_ciq_3.0/xlink-2003-12-31.xsd
@@ -0,0 +1,90 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!-- (c) XBRL International.  See www.xbrl.org/legal  
+ XLink attribute specification - produced by xBRL group with joint design agreement with OASIS CIQ TC
+in December 2006
+    Thanks to xBRL for giving OASIS CIQ TC permission to use this specification
+-->
+<schema xmlns:xlink="http://www.w3.org/1999/xlink" xmlns="http://www.w3.org/2001/XMLSchema" targetNamespace="http://www.w3.org/1999/xlink" elementFormDefault="qualified" attributeFormDefault="qualified">
+	<annotation>
+		<documentation>
+    XLink attribute specification
+    </documentation>
+	</annotation>
+	<attribute name="type">
+		<simpleType>
+			<annotation>
+				<documentation>
+	    Enumeration of values for the type attribute
+	    </documentation>
+			</annotation>
+			<restriction base="string">
+				<enumeration value="simple"/>
+				<enumeration value="extended"/>
+				<enumeration value="locator"/>
+				<enumeration value="arc"/>
+				<enumeration value="resource"/>
+				<enumeration value="title"/>
+			</restriction>
+		</simpleType>
+	</attribute>
+	<attribute name="role">
+		<simpleType>
+			<annotation>
+				<documentation>
+	      A URI with a minimum length of 1 character.
+	      </documentation>
+			</annotation>
+			<restriction base="anyURI">
+				<minLength value="1"/>
+			</restriction>
+		</simpleType>
+	</attribute>
+	<attribute name="arcrole">
+		<simpleType>
+			<annotation>
+				<documentation>
+	      A URI with a minimum length of 1 character.
+	      </documentation>
+			</annotation>
+			<restriction base="anyURI">
+				<minLength value="1"/>
+			</restriction>
+		</simpleType>
+	</attribute>
+	<attribute name="title" type="string"/>
+	<attribute name="show">
+		<simpleType>
+			<annotation>
+				<documentation>
+	      Enumeration of values for the show attribute
+	      </documentation>
+			</annotation>
+			<restriction base="string">
+				<enumeration value="new"/>
+				<enumeration value="replace"/>
+				<enumeration value="embed"/>
+				<enumeration value="other"/>
+				<enumeration value="none"/>
+			</restriction>
+		</simpleType>
+	</attribute>
+	<attribute name="actuate">
+		<simpleType>
+			<annotation>
+				<documentation>
+      Enumeration of values for the actuate attribute
+      </documentation>
+			</annotation>
+			<restriction base="string">
+				<enumeration value="onLoad"/>
+				<enumeration value="onRequest"/>
+				<enumeration value="other"/>
+				<enumeration value="none"/>
+			</restriction>
+		</simpleType>
+	</attribute>
+	<attribute name="label" type="NCName"/>
+	<attribute name="from" type="NCName"/>
+	<attribute name="to" type="NCName"/>
+	<attribute name="href" type="anyURI"/>
+</schema>
diff --git a/stix_validator/schema/external/open_ioc_2010/ioc-TR.xsd b/stix_validator/schema/external/open_ioc_2010/ioc-TR.xsd
new file mode 100755
index 0000000..eb2e2d1
--- /dev/null
+++ b/stix_validator/schema/external/open_ioc_2010/ioc-TR.xsd
@@ -0,0 +1,25 @@
+<?xml version="1.0" encoding="utf-8"?>
+<xs:schema xmlns:tns="http://schemas.mandiant.com/2010/ioc/TR/" elementFormDefault="qualified" targetNamespace="http://schemas.mandiant.com/2010/ioc/TR/" xmlns:xs="http://www.w3.org/2001/XMLSchema">
+  <xs:element name="indicator" nillable="true" type="tns:IocTest" />
+  <xs:complexType name="IocTest">
+    <xs:sequence>
+      <xs:element minOccurs="0" maxOccurs="unbounded" name="param" type="tns:Parameter" />
+      <xs:element minOccurs="0" maxOccurs="1" name="UniqueIdentity" type="xs:string" />
+    </xs:sequence>
+    <xs:attribute name="operator" type="tns:IocOperator" use="required" />
+  </xs:complexType>
+  <xs:complexType name="Parameter">
+    <xs:sequence>
+      <xs:element minOccurs="0" maxOccurs="1" name="value" />
+    </xs:sequence>
+    <xs:attribute name="name" type="xs:string" />
+    <xs:attribute name="title" type="xs:string" />
+  </xs:complexType>
+  <xs:simpleType name="IocOperator">
+    <xs:restriction base="xs:string">
+      <xs:enumeration value="and" />
+      <xs:enumeration value="or" />
+    </xs:restriction>
+  </xs:simpleType>
+  <xs:element name="param" type="tns:Parameter" />
+</xs:schema>
\ No newline at end of file
diff --git a/stix_validator/schema/external/open_ioc_2010/ioc.xsd b/stix_validator/schema/external/open_ioc_2010/ioc.xsd
new file mode 100755
index 0000000..c4223ca
--- /dev/null
+++ b/stix_validator/schema/external/open_ioc_2010/ioc.xsd
@@ -0,0 +1,105 @@
+<?xml version="1.0" encoding="utf-8"?>
+<xs:schema xmlns:tns="http://schemas.mandiant.com/2010/ioc" elementFormDefault="qualified" targetNamespace="http://schemas.mandiant.com/2010/ioc" xmlns:xs="http://www.w3.org/2001/XMLSchema">
+  <xs:import namespace="http://schemas.mandiant.com/2010/ioc/TR/" schemaLocation="ioc-TR.xsd" />
+  <xs:element name="ioctermlist" nillable="true" type="tns:IocTermList" />
+  <xs:complexType name="IocTermList">
+    <xs:sequence>
+      <xs:element minOccurs="0" maxOccurs="unbounded" name="iocterm" type="tns:IocTerm" />
+    </xs:sequence>
+    <xs:attribute name="last-modified" type="xs:dateTime" use="required" />
+  </xs:complexType>
+  <xs:complexType name="IocTerm">
+    <xs:sequence>
+      <xs:any minOccurs="0" maxOccurs="1" />
+    </xs:sequence>
+    <xs:attribute name="title" type="xs:string" />
+    <xs:attribute name="text" type="xs:string" />
+    <xs:attribute name="processor-type" type="xs:string" />
+    <xs:attribute name="display-type" type="xs:string" />
+    <xs:attribute name="data-type" type="xs:string" />
+  </xs:complexType>
+  <xs:element name="metrics" nillable="true" type="tns:MetricList" />
+  <xs:complexType name="MetricList">
+    <xs:sequence>
+      <xs:element minOccurs="0" maxOccurs="unbounded" name="metric" type="tns:Metric" />
+    </xs:sequence>
+  </xs:complexType>
+  <xs:complexType name="Metric">
+    <xs:attribute name="src" type="xs:string" />
+    <xs:attribute name="name" type="xs:string" />
+    <xs:attribute name="value" type="xs:float" use="required" />
+  </xs:complexType>
+  <xs:element name="ioc" nillable="true" type="tns:IndicatorOfCompromise" />
+  <xs:complexType name="IndicatorOfCompromise">
+    <xs:sequence>
+      <xs:element minOccurs="0" maxOccurs="1" name="short_description" type="xs:string" />
+      <xs:element minOccurs="0" maxOccurs="1" name="description" type="xs:string" />
+      <xs:element minOccurs="0" maxOccurs="1" name="keywords" type="xs:string" />
+      <xs:element minOccurs="0" maxOccurs="1" name="authored_by" type="xs:string" />
+      <xs:element minOccurs="1" maxOccurs="1" name="authored_date" nillable="true" type="xs:dateTime" />
+      <xs:element minOccurs="0" maxOccurs="1" name="links" type="tns:ArrayOfLink" />
+      <xs:element minOccurs="0" maxOccurs="1" name="definition" type="tns:ArrayOfIocIndicator" />
+    </xs:sequence>
+    <xs:attribute name="id" type="xs:string" />
+    <xs:attribute name="last-modified" type="xs:dateTime" use="required" />
+  </xs:complexType>
+  <xs:complexType name="ArrayOfLink">
+    <xs:sequence>
+      <xs:element minOccurs="0" maxOccurs="unbounded" name="link" nillable="true" type="tns:Link" />
+    </xs:sequence>
+  </xs:complexType>
+  <xs:complexType name="Link" mixed="true">
+    <xs:complexContent mixed="true">
+      <xs:extension base="tns:Identity">
+        <xs:attribute name="rel" type="xs:string" />
+        <xs:attribute name="title" type="xs:string" />
+        <xs:attribute name="type" type="xs:string" />
+      </xs:extension>
+    </xs:complexContent>
+  </xs:complexType>
+  <xs:complexType name="Identity">
+    <xs:attribute name="href" type="xs:string" />
+  </xs:complexType>
+  <xs:complexType name="ArrayOfIocIndicator">
+    <xs:sequence>
+      <xs:element minOccurs="0" maxOccurs="unbounded" name="Indicator" nillable="true" type="tns:IocIndicator" />
+    </xs:sequence>
+  </xs:complexType>
+  <xs:complexType name="IocIndicator">
+    <xs:sequence>
+      <xs:element minOccurs="0" maxOccurs="unbounded" name="IndicatorItem" type="tns:IndicatorItem" />
+      <xs:element minOccurs="0" maxOccurs="unbounded" name="Indicator" type="tns:IocIndicator" />
+      <xs:element minOccurs="0" maxOccurs="unbounded" xmlns:q1="http://schemas.mandiant.com/2010/ioc/TR/" ref="q1:param" />
+    </xs:sequence>
+    <xs:attribute name="operator" type="tns:IocOperator" use="required" />
+    <xs:attribute name="id" type="xs:string" />
+  </xs:complexType>
+  <xs:complexType name="IndicatorItem">
+    <xs:sequence>
+      <xs:element minOccurs="0" maxOccurs="1" name="Context" type="tns:IndicatorItemContext" />
+      <xs:element minOccurs="0" maxOccurs="1" name="Content" type="tns:IndicatorItemContent" />
+      <xs:element minOccurs="0" maxOccurs="1" name="Comment" type="xs:string" />
+      <xs:element minOccurs="0" maxOccurs="unbounded" xmlns:q2="http://schemas.mandiant.com/2010/ioc/TR/" ref="q2:param" />
+    </xs:sequence>
+    <xs:attribute name="id" type="xs:string" />
+    <xs:attribute name="condition" type="xs:string" />
+  </xs:complexType>
+  <xs:complexType name="IndicatorItemContext">
+    <xs:attribute name="document" type="xs:string" />
+    <xs:attribute name="search" type="xs:string" />
+    <xs:attribute name="type" type="xs:string" />
+  </xs:complexType>
+  <xs:complexType name="IndicatorItemContent">
+    <xs:simpleContent>
+      <xs:extension base="xs:string">
+        <xs:attribute name="type" type="xs:string" />
+      </xs:extension>
+    </xs:simpleContent>
+  </xs:complexType>
+  <xs:simpleType name="IocOperator">
+    <xs:restriction base="xs:string">
+      <xs:enumeration value="OR" />
+      <xs:enumeration value="AND" />
+    </xs:restriction>
+  </xs:simpleType>
+</xs:schema>
\ No newline at end of file
diff --git a/stix_validator/schema/external/oval_5.10/oval-common-schema.xsd b/stix_validator/schema/external/oval_5.10/oval-common-schema.xsd
new file mode 100755
index 0000000..580d279
--- /dev/null
+++ b/stix_validator/schema/external/oval_5.10/oval-common-schema.xsd
@@ -0,0 +1,781 @@
+<?xml version="1.0" encoding="utf-8"?>
+<xsd:schema xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:oval="http://oval.mitre.org/XMLSchema/oval-common-5" xmlns:sch="http://purl.oclc.org/dsdl/schematron" targetNamespace="http://oval.mitre.org/XMLSchema/oval-common-5" elementFormDefault="qualified" version="5.10.1">
+     <xsd:annotation>
+          <xsd:documentation>The following is a description of the common types that are shared across the different schemas within Open Vulnerability and Assessment Language (OVAL). Each type is described in detail and should provide the information necessary to understand what each represents. This document is intended for developers and assumes some familiarity with XML. A high level description of the interaction between these type is not outlined here.</xsd:documentation>
+          <xsd:documentation>The OVAL Schema is maintained by The MITRE Corporation and developed by the public OVAL Community. For more information, including how to get involved in the project and how to submit change requests, please visit the OVAL website at http://oval.mitre.org.</xsd:documentation>
+          <xsd:appinfo>
+               <schema>Core Common</schema>
+               <version>5.10.1</version>
+               <date>1/27/2012 1:22:32 PM</date>
+                <terms_of_use>Copyright (c) 2002-2012, The MITRE Corporation. All rights reserved.  The contents of this file are subject to the terms of the OVAL License located at http://oval.mitre.org/oval/about/termsofuse.html. See the OVAL License for the specific language governing permissions and limitations for use of this schema.  When distributing copies of the OVAL Schema, this license header must be included.</terms_of_use>
+              <sch:ns prefix="oval" uri="http://oval.mitre.org/XMLSchema/oval-common-5"/>
+              <sch:ns prefix="oval-def" uri="http://oval.mitre.org/XMLSchema/oval-definitions-5"/>
+          </xsd:appinfo>
+     </xsd:annotation>
+     <!-- =============================================================================== -->
+     <!-- ===============================  GLOBAL ELEMENTS  ============================= -->
+     <!-- =============================================================================== -->
+     <xsd:element name="deprecated_info" type="oval:DeprecatedInfoType">
+          <xsd:annotation>
+                <xsd:documentation>The deprecated_info element is used in documenting deprecation information for items in the OVAL Language.  It is declared globally as it can be found in any of the OVAL schemas and is used as part of the appinfo documentation and therefore it is not an element that can be declared locally and based off a global type..</xsd:documentation>
+          </xsd:annotation>
+     </xsd:element>
+     <xsd:element name="element_mapping" type="oval:ElementMapType">
+          <xsd:annotation>
+               <xsd:documentation>The element_mapping element is used in documenting which tests, objects, states, and system characteristic items are associated with each other. It provides a way to explicitly and programatically associate the test, object, state, and item definitions.</xsd:documentation>
+          </xsd:annotation>
+     </xsd:element>
+     <!-- =============================================================================== -->
+     <!-- ===============================  GLOBAL TYPES  ================================ -->
+     <!-- =============================================================================== -->
+     <xsd:complexType name="ElementMapType">
+          <xsd:annotation>
+               <xsd:documentation>The ElementMapType is used to document the association between OVAL test, object, state, and item entities.</xsd:documentation>
+          </xsd:annotation>
+          <xsd:sequence>
+               <xsd:element name="test" type="oval:ElementMapItemType" minOccurs="1">
+                    <xsd:annotation>
+                         <xsd:documentation>The local name of an OVAL test.</xsd:documentation>
+                    </xsd:annotation>
+               </xsd:element>
+               <xsd:element name="object" type="oval:ElementMapItemType" minOccurs="0">
+                    <xsd:annotation>
+                         <xsd:documentation>The local name of an OVAL object.</xsd:documentation>
+                    </xsd:annotation>
+               </xsd:element>
+               <xsd:element name="state" type="oval:ElementMapItemType" minOccurs="0">
+                    <xsd:annotation>
+                         <xsd:documentation>The local name of an OVAL state.</xsd:documentation>
+                    </xsd:annotation>
+               </xsd:element>
+               <xsd:element name="item" type="oval:ElementMapItemType" minOccurs="0">
+                    <xsd:annotation>
+                         <xsd:documentation>The local name of an OVAL item.</xsd:documentation>
+                    </xsd:annotation>
+               </xsd:element>
+          </xsd:sequence>
+     </xsd:complexType>
+     <xsd:complexType name="ElementMapItemType">
+          <xsd:annotation>
+               <xsd:documentation>Defines a reference to an OVAL entity using the schema namespace and element name.</xsd:documentation>
+          </xsd:annotation>
+          <xsd:simpleContent>
+               <xsd:extension base="xsd:NCName">
+                    <xsd:attribute name="target_namespace" type="xsd:anyURI" use="optional" >
+                         <xsd:annotation>
+                              <xsd:documentation>The target_namespace attributes indicates what XML namespace the element belongs to. If not present, the namespace is that of the document in which the ElementMapItemType instance element appears.</xsd:documentation>
+                         </xsd:annotation>
+                    </xsd:attribute>
+               </xsd:extension>
+          </xsd:simpleContent>
+     </xsd:complexType>
+     <xsd:complexType name="DeprecatedInfoType">
+          <xsd:annotation>
+                <xsd:documentation>The DeprecatedInfoType complex type defines a structure that will be used to flag schema-defined constructs as deprecated.  It holds information related to the version of OVAL when the construct was deprecated along with a reason and comment.</xsd:documentation>
+          </xsd:annotation>
+          <xsd:sequence>
+               <xsd:element name="version">
+                    <xsd:annotation>
+                         <xsd:documentation>The required version child element details the version of OVAL in which the construct became deprecated.</xsd:documentation>
+                    </xsd:annotation>
+                    <xsd:simpleType>
+                         <xsd:restriction base="xsd:string">
+                              <xsd:pattern value="[0-9]+\.[0-9]+(\.[0-9]+)?"/>
+                         </xsd:restriction>
+                    </xsd:simpleType>
+               </xsd:element>
+               <xsd:element name="reason" type="xsd:string">
+                    <xsd:annotation>
+                         <xsd:documentation>The required reason child element is used to provide an explanation as to why an item was deprecated and to direct a reader to possible alternative structures within OVAL.</xsd:documentation>
+                    </xsd:annotation>
+               </xsd:element>
+               <xsd:element name="comment" type="xsd:string" minOccurs="0" maxOccurs="1">
+                    <xsd:annotation>
+                         <xsd:documentation>The optional comment child element is used to supply additional information regarding the element's deprecated status.</xsd:documentation>
+                    </xsd:annotation>
+               </xsd:element>
+          </xsd:sequence>
+     </xsd:complexType>
+     <xsd:complexType name="GeneratorType">
+          <xsd:annotation>
+               <xsd:documentation>The GeneratorType complex type defines an element that is used to hold information about when a particular OVAL document was compiled, what version of the schema was used, what tool compiled the document, and what version of that tool was used. </xsd:documentation>
+               <xsd:documentation>Additional generator information is also allowed although it is not part of the official OVAL Schema. Individual organizations can place generator information that they feel are important and these will be skipped during the validation. All OVAL really cares about is that the stated generator information is there.</xsd:documentation>
+          </xsd:annotation>
+          <xsd:sequence>
+               <xsd:element name="product_name" type="xsd:string" minOccurs="0" maxOccurs="1">
+                    <xsd:annotation>
+                         <xsd:documentation>The optional product_name specifies the name of the application used to generate the file. Product names SHOULD be expressed as CPE Names according to the Common Platform Enumeration: Name Matching Specification Version 2.3.</xsd:documentation>
+                    </xsd:annotation>
+               </xsd:element>
+               <xsd:element name="product_version" type="xsd:string" minOccurs="0" maxOccurs="1">
+                    <xsd:annotation>
+                         <xsd:documentation>The optional product_version specifies the version of the application used to generate the file.</xsd:documentation>
+                    </xsd:annotation>
+               </xsd:element>
+               <xsd:element name="schema_version">
+                    <xsd:annotation>
+                         <xsd:documentation>The required schema_version specifies the version of the OVAL Schema that the document has been written in and that should be used for validation.</xsd:documentation>
+                    </xsd:annotation>
+                    <xsd:simpleType>
+                         <xsd:restriction base="xsd:string">
+                              <xsd:pattern value="[0-9]+\.[0-9]+(\.[0-9]+)?"/>
+                         </xsd:restriction>
+                    </xsd:simpleType>
+               </xsd:element>
+               <xsd:element name="timestamp" type="xsd:dateTime">
+                    <xsd:annotation>
+                         <!--- TODO - Add schematron to enforce yyyy-mm-ddThh:mm:ss format -->
+                         <xsd:documentation>The required timestamp specifies when the particular OVAL document was compiled. The format for the timestamp is yyyy-mm-ddThh:mm:ss. Note that the timestamp element does not specify when a definition (or set of definitions) was created or modified but rather when the actual XML document that contains the definition was created. For example, the document might have pulled a bunch of existing OVAL Definitions together, each of the definitions having been created at some point in the past. The timestamp in this case would be when the combined document was created.</xsd:documentation>
+                    </xsd:annotation>
+               </xsd:element>
+               <xsd:any minOccurs="0" maxOccurs="unbounded" processContents="lax">
+               <xsd:annotation>
+                    <xsd:documentation>The Asset Identification specification (http://scap.nist.gov/specifications/ai/) provides a standardized way of reporting asset information across different organizations.</xsd:documentation>
+                    <xsd:documentation>Asset Identification elements can hold data useful for identifying what tool, what version of that tool was used, and identify other assets used to compile an OVAL document, such as persons or organizations.</xsd:documentation> 
+                    <xsd:documentation>To support greater interoperability, an ai:assets element describing assets used to produce an OVAL document may appear at this point in an OVAL document.</xsd:documentation>
+               </xsd:annotation>
+               </xsd:any>
+          </xsd:sequence>
+     </xsd:complexType>
+     <xsd:complexType name="MessageType">
+          <xsd:annotation>
+               <xsd:documentation>The MessageType complex type defines the structure for which messages are relayed from the data collection engine. Each message is a text string that has an associated level attribute identifying the type of message being sent. These messages could be error messages, warning messages, debug messages, etc. How the messages are used by tools and whether or not they are displayed to the user is up to the specific implementation. Please refer to the description of the MessageLevelEnumeration for more information about each type of message.</xsd:documentation>
+          </xsd:annotation>
+          <xsd:simpleContent>
+               <xsd:extension base="xsd:string">
+                    <xsd:attribute name="level" type="oval:MessageLevelEnumeration" use="optional" default="info"/>
+               </xsd:extension>
+          </xsd:simpleContent>
+     </xsd:complexType>
+     <!-- =============================================================================== -->
+     <!-- ===============================  ENUMERATIONS  ================================ -->
+     <!-- =============================================================================== -->
+     <xsd:simpleType name="CheckEnumeration">
+          <xsd:annotation>
+               <xsd:documentation>The CheckEnumeration simple type defines acceptable check values, which are used to determine the final result of something based on the results of individual components. When used to define the relationship between objects and states, each check value defines how many of the matching objects (items except those with a status of does not exist) must satisfy the given state for the test to return true. When used to define the relationship between instances of a given entity, the different check values defines how many instances must be true for the entity to return true. When used to define the relationship between entities and multiple variable values, each check value defines how many variable values must be true for the entity to return true.</xsd:documentation>
+               <xsd:appinfo>
+                    <evaluation_documentation>Below are some tables that outline how each check attribute effects evaluation. The far left column identifies the check attribute in question. The middle column specifies the different combinations of individual results that the check attribute may bind together. (T=true, F=false, E=error, U=unknown, NE=not evaluated, NA=not applicable) For example, a 1+ under T means that one or more individual results are true, while a 0 under U means that zero individual results are unknown. The last column specifies what the final result would be according to each combination of individual results. Note that if the individual test is negated, then a true result is false and a false result is true, all other results stay as is.</evaluation_documentation>
+                    <evaluation_chart xml:space="preserve">
+               ||  num of individual results  ||
+ check attr is ||                             ||  final result is
+               || T  | F  | E  | U  | NE | NA ||
+---------------||-----------------------------||------------------
+               || 1+ | 0  | 0  | 0  | 0  | 0+ ||  True
+               || 0+ | 1+ | 0+ | 0+ | 0+ | 0+ ||  False
+     ALL       || 0+ | 0  | 1+ | 0+ | 0+ | 0+ ||  Error
+               || 0+ | 0  | 0  | 1+ | 0+ | 0+ ||  Unknown
+               || 0+ | 0  | 0  | 0  | 1+ | 0+ ||  Not Evaluated
+               || 0  | 0  | 0  | 0  | 0  | 1+ ||  Not Applicable
+---------------||-----------------------------||------------------
+                    </evaluation_chart>
+                    <evaluation_chart xml:space="preserve">
+               ||  num of individual results  ||
+ check attr is ||                             ||  final result is
+               || T  | F  | E  | U  | NE | NA ||
+---------------||-----------------------------||------------------
+               || 1+ | 0+ | 0+ | 0+ | 0+ | 0+ ||  True
+               || 0  | 1+ | 0  | 0  | 0  | 0+ ||  False
+  AT LEAST ONE || 0  | 0+ | 1+ | 0+ | 0+ | 0+ ||  Error
+               || 0  | 0+ | 0  | 1+ | 0+ | 0+ ||  Unknown
+               || 0  | 0+ | 0  | 0  | 1+ | 0+ ||  Not Evaluated
+               || 0  | 0  | 0  | 0  | 0  | 1+ ||  Not Applicable
+---------------||-----------------------------||------------------
+                    </evaluation_chart>
+                    <evaluation_chart xml:space="preserve">
+               ||  num of individual results  ||
+ check attr is ||                             ||  final result is
+               || T  | F  | E  | U  | NE | NA ||
+---------------||-----------------------------||------------------
+               || 1  | 0+ | 0  | 0  | 0  | 0+ ||  True
+               || 2+ | 0+ | 0+ | 0+ | 0+ | 0+ ||  ** False **
+               || 0  | 1+ | 0  | 0  | 0  | 0+ ||  ** False **
+   ONLY ONE    ||0,1 | 0+ | 1+ | 0+ | 0+ | 0+ ||  Error
+               ||0,1 | 0+ | 0  | 1+ | 0+ | 0+ ||  Unknown
+               ||0,1 | 0+ | 0  | 0  | 1+ | 0+ ||  Not Evaluated
+               || 0  | 0  | 0  | 0  | 0  | 1+ ||  Not Applicable
+---------------||-----------------------------||------------------
+                    </evaluation_chart>
+                    <evaluation_chart xml:space="preserve">
+               ||  num of individual results  ||
+ check attr is ||                             ||  final result is
+               || T  | F  | E  | U  | NE | NA ||
+---------------||-----------------------------||------------------
+               || 0  | 1+ | 0  | 0  | 0  | 0+ ||  True
+               || 1+ | 0+ | 0+ | 0+ | 0+ | 0+ ||  False
+  NONE SATISFY || 0  | 0+ | 1+ | 0+ | 0+ | 0+ ||  Error
+               || 0  | 0+ | 0  | 1+ | 0+ | 0+ ||  Unknown
+               || 0  | 0+ | 0  | 0  | 1+ | 0+ ||  Not Evaluated
+               || 0  | 0  | 0  | 0  | 0  | 1+ ||  Not Applicable
+---------------||-----------------------------||------------------
+                    </evaluation_chart>
+               </xsd:appinfo>
+          </xsd:annotation>
+          <xsd:restriction base="xsd:string">
+               <xsd:enumeration value="all">
+                    <xsd:annotation>
+                         <xsd:documentation>A value of 'all' means that a final result of true is given if all the individual results under consideration are true.</xsd:documentation>
+                    </xsd:annotation>
+               </xsd:enumeration>
+               <xsd:enumeration value="at least one">
+                    <xsd:annotation>
+                          <xsd:documentation>A value of 'at least one' means that a final result of true is given if at least one of the individual results under consideration is true.</xsd:documentation>
+                    </xsd:annotation>
+               </xsd:enumeration>
+               <xsd:enumeration value="none exist">
+                    <xsd:annotation>
+                         <xsd:documentation>A value of 'none exists' means that a test evaluates to true if no matching object exists that satisfy the data requirements.</xsd:documentation>
+                         <xsd:appinfo>
+                              <oval:deprecated_info>
+                                   <oval:version>5.3</oval:version>
+                                   <oval:reason>Replaced by the 'none satisfy' value. In version 5.3 of the OVAL Language, the checking of existence and state were separated into two distinct checks CheckEnumeration (state) and ExistenceEnumeration (existence). Since CheckEnumeration is now used to specify how many objects should satisfy a given state for a test to return true, and no longer used for specifying how many objects must exist for a test to return true, a value of 'none exist' is no longer needed. See the 'none satisfy' value.</oval:reason>
+                                   <oval:comment>This value has been deprecated and will be removed in version 6.0 of the language.</oval:comment>
+                              </oval:deprecated_info>
+                              <sch:pattern id="oval_none_exist_value_dep">
+                                   <sch:rule context="oval-def:oval_definitions/oval-def:tests/child::*">
+                                        <sch:report test="@check='none exist'">
+                                             DEPRECATED ATTRIBUTE VALUE IN: <sch:value-of select="name()"/> ATTRIBUTE VALUE:
+                                        </sch:report>
+                                   </sch:rule>
+                              </sch:pattern>                        
+                         </xsd:appinfo>
+                    </xsd:annotation>
+               </xsd:enumeration>
+               <xsd:enumeration value="none satisfy">
+                    <xsd:annotation>
+                          <xsd:documentation>A value of 'none satisfy' means that a final result of true is given if none the individual results under consideration are true.</xsd:documentation>
+                    </xsd:annotation>
+               </xsd:enumeration>
+               <xsd:enumeration value="only one">
+                    <xsd:annotation>
+                          <xsd:documentation>A value of 'only one' means that a final result of true is given if one and only one of the individual results under consideration are true.</xsd:documentation>
+                    </xsd:annotation>
+               </xsd:enumeration>
+          </xsd:restriction>
+     </xsd:simpleType>
+     <xsd:simpleType name="ClassEnumeration">
+          <xsd:annotation>
+               <xsd:documentation>The ClassEnumeration simple type defines the different classes of definitions. Each class defines a certain intent regarding how an OVAL Definition is written and what that definition is describing. The specified class gives a hint about the definition so a user can know what the definition writer is trying to say. Note that the class does not make a statement about whether a true result is good or bad as this depends on the use of an OVAL Definition. These classes are also used to group definitions by the type of system state they are describing. For example, this allows users to find all the vulnerability (or patch, or inventory, etc) definitions.</xsd:documentation>
+          </xsd:annotation>
+          <xsd:restriction base="xsd:string">
+               <xsd:enumeration value="compliance">
+                    <xsd:annotation>
+                         <xsd:documentation>A compliance definition describes the state of a machine as it complies with a specific policy. A definition of this class will evaluate to true when the system is found to be compliant with the stated policy. Another way of thinking about this is that a compliance definition is stating "the system is compliant if ...".</xsd:documentation>
+                    </xsd:annotation>
+               </xsd:enumeration>
+               <xsd:enumeration value="inventory">
+                    <xsd:annotation>
+                         <xsd:documentation>An inventory definition describes whether a specific piece of software is installed on the system. A definition of this class will evaluate to true when the specified software is found on the system. Another way of thinking about this is that an inventory definition is stating "the software is installed if ...".</xsd:documentation>
+                    </xsd:annotation>
+               </xsd:enumeration>
+               <xsd:enumeration value="miscellaneous">
+                    <xsd:annotation>
+                         <xsd:documentation>The 'miscellaneous' class is used to identify definitions that do not fall into any of the other defined classes.</xsd:documentation>
+                    </xsd:annotation>
+               </xsd:enumeration>
+               <xsd:enumeration value="patch">
+                    <xsd:annotation>
+                         <xsd:documentation>A patch definition details the machine state of whether a patch executable should be installed. A definition of this class will evaluate to true when the specified patch is missing from the system. Another way of thinking about this is that a patch definition is stating "the patch should be installed if ...". Note that word SHOULD is intended to mean more than just CAN the patch executable be installed. In other words, if a more recent patch is already installed then the specified patch might not need to be installed.</xsd:documentation>
+                    </xsd:annotation>
+               </xsd:enumeration>
+               <xsd:enumeration value="vulnerability">
+                    <xsd:annotation>
+                         <xsd:documentation>A vulnerability definition describes the conditions under which a machine is vulnerable. A definition of this class will evaluate to true when the system is found to be vulnerable with the stated issue. Another way of thinking about this is that a vulnerability definition is stating "the system is vulnerable if ...".</xsd:documentation>
+                    </xsd:annotation>
+               </xsd:enumeration>
+          </xsd:restriction>
+     </xsd:simpleType>
+     <xsd:simpleType name="SimpleDatatypeEnumeration">
+          <xsd:annotation>
+               <xsd:documentation>The SimpleDatatypeEnumeration simple type defines the legal datatypes that are used to describe the values of individual entities that can be represented in a XML string field. The value may have structure and a pattern, but it is represented as string content.</xsd:documentation>
+          </xsd:annotation>
+          <xsd:restriction base="xsd:string">
+               <xsd:enumeration value="binary">
+                    <xsd:annotation>
+                         <xsd:documentation>The binary datatype is used to represent hex-encoded data that is in raw (non-printable) form. This datatype conforms to the W3C Recommendation for binary data meaning that each binary octet is encoded as a character tuple, consisting of two hexadecimal digits {[0-9a-fA-F]} representing the octet code.  Expected operations within OVAL for binary values are 'equals' and 'not equal'.</xsd:documentation>
+                    </xsd:annotation>
+               </xsd:enumeration>
+               <xsd:enumeration value="boolean">
+                    <xsd:annotation>
+                         <xsd:documentation>The boolean datatype represents standard boolean data, either true or false.  This datatype conforms to the W3C Recommendation for boolean data meaning that the following literals are legal values: {true, false, 1, 0}.  Expected operations within OVAL for boolean values are 'equals' and 'not equal'.</xsd:documentation>
+                    </xsd:annotation>
+               </xsd:enumeration>
+               <xsd:enumeration value="evr_string">
+                    <xsd:annotation>
+                         <xsd:documentation>The evr_string datatype represents the epoch, version, and release fields as a single version string. It has the form "EPOCH:VERSION-RELEASE". Comparisons involving this datatype should follow the algorithm of librpm's rpmvercmp() function. Expected operations within OVAL for evr_string values are 'equals', 'not equal', 'greater than', 'greater than or equal', 'less than', and 'less than or equal'.</xsd:documentation>
+                    </xsd:annotation>
+               </xsd:enumeration>
+               <xsd:enumeration value="fileset_revision">
+                    <xsd:annotation>
+                         <xsd:documentation>The fileset_revision datatype represents the version string related to filesets in HP-UX. An example would be 'A.03.61.00'. For more information, see the HP-UX "Software Distributor Administration Guide" (http://h20000.www2.hp.com/bc/docs/support/SupportManual/c01919399/c01919399.pdf).  Expected operations within OVAL for fileset_version values are 'equals', 'not equal', 'greater than', 'greater than or equal', 'less than', and 'less than or equal'.</xsd:documentation>
+                    </xsd:annotation>
+               </xsd:enumeration>
+               <xsd:enumeration value="float">
+                    <xsd:annotation>
+                         <xsd:documentation>The float datatype describes standard float data.  This datatype conforms to the W3C Recommendation for float data meaning it is patterned after the IEEE single-precision 32-bit floating point type.  The format consists of a decimal followed, optionally, by the character 'E' or 'e', followed by an integer exponent.  The special values positive and negative infinity and not-a-number have are represented by INF, -INF and NaN, respectively.  Expected operations within OVAL for float values are 'equals', 'not equal', 'greater than', 'greater than or equal', 'less than', and 'less than or equal'.</xsd:documentation>
+                    </xsd:annotation>
+               </xsd:enumeration>
+               <xsd:enumeration value="ios_version">
+                    <xsd:annotation>
+                         <xsd:documentation>The ios_version datatype describes Cisco IOS Train strings. These are in essence version strings for IOS. Please refer to Cisco's IOS Reference Guide for information on how to compare different Trains as they follow a very specific pattern. Expected operations within OVAL for ios_version values are 'equals', 'not equal', 'greater than', 'greater than or equal', 'less than', and 'less than or equal'.</xsd:documentation>
+                    </xsd:annotation>
+               </xsd:enumeration>
+               <xsd:enumeration value="int">
+                    <xsd:annotation>
+                         <xsd:documentation>The int datatype describes standard integer data.  This datatype conforms to the W3C Recommendation for integer data which follows the standard mathematical concept of the integer numbers.  (no decimal point and infinite range)  Expected operations within OVAL for int values are 'equals', 'not equal', 'greater than', 'greater than or equal', 'less than', 'less than or equal', 'bitwise and', and 'bitwise or'.</xsd:documentation>
+                    </xsd:annotation>
+               </xsd:enumeration>
+               <xsd:enumeration value="ipv4_address">
+                    <xsd:annotation>
+                         <xsd:documentation>The ipv4_address datatype represents IPv4 addresses and IPv4 address prefixes (using CIDR notation). Legal values are represented in dotted-quad notation ('a.b.c.d' where 'a', 'b', 'c', and 'd' are integers from 0-255), optionally followed by a slash ('/') and either a prefix-length (an integer from 0-32) or a netmask represented in dotted-quad notation ('a.b.c.d' where 'a', 'b', 'c', and 'd' are integers from 0-255). Examples of legal values are '192.0.2.0', '192.0.2.0/32', and '192.0.2.0/255.255.255.255'. Additionally, leading zeros are permitted such that '192.0.2.0' is equal to '192.000.002.000'. Expected operations within OVAL for ipv4_address values are 'equals', 'not equal', 'greater than', 'greater than or equal', 'less than', 'less than or equal', 'subset of', and 'superset of'.</xsd:documentation>
+                         <xsd:documentation>The 'subset of' operation is used to compare sets of IP addresses. When using this operation, an IP address prefix defines the set of IP addresses as specified by CIDR notation and a IP address defines the set of one IP address. The result will be 'true', if the actual set of IP addresses on the system is a subset of the set defined by the stated entity. This means that every IP address in the set of IP addresses on the system must be present in the set of IP addresses defined in the stated entity. Otherwise, the result will be 'false'.</xsd:documentation>
+                         <xsd:documentation>The 'superset of' operation is used to compare sets of IP addresses. When using this operation, an IP address prefix defines the set of IP addresses as specified by CIDR notation and a IP address defines the set of one IP address. The result will be 'true', if the actual set of IP addresses on the system is a superset of the set defined by the stated entity. This means that every IP address in the set of IP addresses defined in the stated entity is present in the set of IP addresses on the system. Otherwise, the result will be 'false'.</xsd:documentation>
+                    </xsd:annotation>
+               </xsd:enumeration>
+               <xsd:enumeration value="ipv6_address">
+                    <xsd:annotation>
+                         <xsd:documentation>The ipv6_address datatype represents IPv6 addresses and IPv6 address prefixes (using CIDR notation). This datatype conforms to the IETF specification RFC 4291 for textual representations of IPv6 addresses and IPv6 address prefixes (See Section 2.2 and 2.3). Expected operations within OVAL for ipv6_address values are 'equals', 'not equal', 'greater than', 'greater than or equal', 'less than', 'less than or equal', 'subset of', and 'superset of'.</xsd:documentation>
+                         <xsd:documentation>The 'subset of' operation is used to compare sets of IP addresses. When using this operation, an IP address prefix defines the set of IP addresses as specified by CIDR notation and a IP address defines the set of one IP address. The result will be 'true', if the actual set of IP addresses on the system is a subset of the set defined by the stated entity. This means that every IP address in the set of IP addresses on the system must be present in the set of IP addresses defined in the stated entity. Otherwise, the result will be 'false'.</xsd:documentation>
+                         <xsd:documentation>The 'superset of' operation is used to compare sets of IP addresses. When using this operation, an IP address prefix defines the set of IP addresses as specified by CIDR notation and a IP address defines the set of one IP address. The result will be 'true', if the actual set of IP addresses on the system is a superset of the set defined by the stated entity. This means that every IP address in the set of IP addresses defined in the stated entity is present in the set of IP addresses on the system. Otherwise, the result will be 'false'.</xsd:documentation>
+                    </xsd:annotation>
+               </xsd:enumeration>
+               <xsd:enumeration value="string">
+                    <xsd:annotation>
+                         <xsd:documentation>The string datatype describes standard string data. This datatype conforms to the W3C Recommendation for string data.  Expected operations within OVAL for string values are 'equals', 'not equal', 'case insensitive equals', 'case insensitive not equal', 'pattern match'.</xsd:documentation>
+                    </xsd:annotation>
+               </xsd:enumeration>
+               <xsd:enumeration value="version">
+                    <xsd:annotation>
+                         <xsd:documentation>The version datatype represents a value that is a hierarchical list of non-negative integers separated by a single character delimiter.  Note that any non-number character can be used as a delimiter and that different characters can be used within the same version string.  So '#.#-#' is the same as '#.#.#' or '#c#c#' where '#' is any non-negative integer.  Expected operations within OVAL for version values are 'equals', 'not equal', 'greater than', 'greater than or equal', 'less than', and 'less than or equal'.</xsd:documentation>
+                         <xsd:documentation>For example '#.#.#' or '#-#-#-#' where the numbers to the left are more significant than the numbers to the right. When performing an 'equals' operation on a version datatype, you should first check the left most number for equality. If that fails, then the values are not equal. If it succeeds, then check the second left most number for equality. Continue checking the numbers from left to right until the last number has been checked. If, after testing all the previous numbers, the last number is equal then the two versions are equal. When performing other operations, such as 'less than', 'less than or equal', 'greater than, or 'greater than or equal', similar logic as above is used. Start with the left most number and move from left to right. For each number, check if it is less than the number you are testing against. If it is, then the version in question is less than the version you are testing against. If the number is equal, then move to check the next number to the right. For example, to test if 5.7.23 is less than or equal to 5.8.0 you first compare 5 to 5. They are equal so you move on to compare 7 to 8. 7 is less than 8 so the entire test succeeds and 5.7.23 is 'less than or equal' to 5.8.0. The difference between the 'less than' and 'less than or equal' operations is how the last number is handled. If the last number is reached, the check should use the given operation (either 'less than' and 'less than or equal') to test the number. For example, to test if 4.23.6 is greater than 4.23.6 you first compare 4 to 4. They are equal so you move on to compare 23 to 23. They are equal so you move on to compare 6 to 6. This is the last number in the version and since 6 is not greater than 6, the entire test fails and 4.23.6 is not greater than 4.23.6.</xsd:documentation>
+                         <xsd:documentation>Version strings with a different number of components shall be padded with zeros to make them the same size. For example, if the version strings '1.2.3' and '6.7.8.9' are being compared, then the short one should be padded to become '1.2.3.0'.</xsd:documentation>
+                    </xsd:annotation>
+               </xsd:enumeration>
+          </xsd:restriction>
+     </xsd:simpleType>
+     <xsd:simpleType name="ComplexDatatypeEnumeration">
+          <xsd:annotation>
+               <xsd:documentation>The ComplexDatatypeEnumeration simple type defines the complex legal datatypes that are supported in OVAL. These datatype describe the values of individual entities where the entity has some complex structure beyond simple string like content.</xsd:documentation>
+          </xsd:annotation>
+          <xsd:restriction base="xsd:string">
+          <xsd:enumeration value="record">
+               <xsd:annotation>
+                    <xsd:documentation>The record datatype describes an entity with structured set of named fields and values as its content. The only allowed operation within OVAL for record values is 'equals'. Note that the record datatype is not currently allowed when using variables.</xsd:documentation>
+               </xsd:annotation>
+          </xsd:enumeration>
+          </xsd:restriction>
+     </xsd:simpleType>
+     <xsd:simpleType name="DatatypeEnumeration">
+          <xsd:annotation>
+               <xsd:documentation>The DatatypeEnumeration simple type defines the legal datatypes that are used to describe the values of individual entities. A value should be interpreted according to the specified type. This is most important during comparisons. For example, is '21' less than '123'? will evaluate to true if the datatypes are 'int', but will evaluate to 'false' if the datatypes are 'string'. Another example is applying the 'equal' operation to '1.0.0.0' and '1.0'. With datatype 'string' they are not equal, with datatype 'version' they are.</xsd:documentation>
+          </xsd:annotation>
+          <xsd:union memberTypes="oval:SimpleDatatypeEnumeration oval:ComplexDatatypeEnumeration"/>
+     </xsd:simpleType>
+     <xsd:simpleType name="ExistenceEnumeration">
+          <xsd:annotation>
+               <xsd:documentation>The ExistenceEnumeration simple type defines acceptable existence values, which are used to determine a result based on the existence of individual components. The main use for this is for a test regarding the existence of objects on the system.</xsd:documentation>
+               <xsd:appinfo>
+                    <evaluation_documentation>Below are some tables that outline how each ExistenceEnumeration value effects evaluation of a given test.  Note that this is related to the existence of an object(s) and not the object(s) compliance with a state.  The left column identifies the ExistenceEnumeration value in question. The middle column specifies the different combinations of individual item status values that have been found in the system characteristics file related to the given object. (EX=exists, DE=does not exist, ER=error, NC=not collected) For example, a 1+ under EX means that one or more individual item status attributes are set to exists, while a 0 under NC means that zero individual item status attributes are set to not collected.  The last column specifies what the result of the existence piece would be according to each combination of individual item status values.</evaluation_documentation>
+                    <evaluation_chart xml:space="preserve">
+               ||  item status value count  ||
+  attr value   ||                           || existence piece is
+               ||  EX  |  DE  |  ER  |  NC  ||
+---------------||---------------------------||------------------
+               ||  1+  |  0   |  0   |  0   ||  True
+               ||  0   |  0   |  0   |  0   ||  False
+               ||  0+  |  1+  |  0+  |  0+  ||  False  
+ all_exist     ||  0+  |  0   |  1+  |  0+  ||  Error
+               ||  0+  |  0   |  0   |  1+  ||  Unknown
+               ||  --  |  --  |  --  |  --  ||  Not Evaluated
+               ||  --  |  --  |  --  |  --  ||  Not Applicable
+---------------||---------------------------||------------------
+                    </evaluation_chart>
+                    <evaluation_chart xml:space="preserve">
+               ||  item status value count  ||
+  attr value   ||                           ||  existence piece is
+               ||  EX  |  DE  |  ER  |  NC  ||
+---------------||---------------------------||------------------
+               ||  0+  |  0+  |  0   |  0+  ||  True 
+               ||  1+  |  0+  |  1+  |  0+  ||  True
+               ||  --  |  --  |  --  |  --  ||  False
+ any_exist     ||  0   |  0+  |  1+  |  0+  ||  Error
+               ||  --  |  --  |  --  |  --  ||  Unknown
+               ||  --  |  --  |  --  |  --  ||  Not Evaluated
+               ||  --  |  --  |  --  |  --  ||  Not Applicable
+---------------||---------------------------||------------------
+                    </evaluation_chart>
+                    <evaluation_chart xml:space="preserve">
+               ||  item status value count  ||
+  attr value   ||                           ||  existence piece is
+               ||  EX  |  DE  |  ER  |  NC  ||
+---------------||---------------------------||------------------
+               ||  1+  |  0+  |  0+  |  0+  ||  True 
+               ||  0   |  1+  |  0   |  0   ||  False
+at_least_one_exists  ||  0   |  0+  |  1+  |  0+  ||  Error
+               ||  0   |  0+  |  0   |  1+  ||  Unknown
+               ||  --  |  --  |  --  |  --  ||  Not Evaluated
+               ||  --  |  --  |  --  |  --  ||  Not Applicable
+---------------||---------------------------||------------------
+                    </evaluation_chart>
+                    <evaluation_chart xml:space="preserve">
+               ||  item status value count  ||
+  attr value   ||                           ||  existence piece is
+               ||  EX  |  DE  |  ER  |  NC  ||
+---------------||---------------------------||------------------
+               ||  0   |  0+  |  0   |  0   ||  True 
+               ||  1+  |  0+  |  0+  |  0+  ||  False
+ none_exist    ||  0   |  0+  |  1+  |  0+  ||  Error
+               ||  0   |  0+  |  0   |  1+  ||  Unknown
+               ||  --  |  --  |  --  |  --  ||  Not Evaluated
+               ||  --  |  --  |  --  |  --  ||  Not Applicable
+---------------||---------------------------||------------------
+                    </evaluation_chart>
+                    <evaluation_chart xml:space="preserve">
+               ||  item status value count  ||
+  attr value   ||                           ||  existence piece is
+               ||  EX  |  DE  |  ER  |  NC  ||
+---------------||---------------------------||------------------
+               ||  1   |  0+  |  0   |  0   ||  True 
+               ||  2+  |  0+  |  0+  |  0+  ||  False
+               ||  0   |  0+  |  0   |  0   ||  False
+ only_one_exists      ||  0,1 |  0+  |  1+  |  0+  ||  Error
+               ||  0,1 |  0+  |  0   |  1+  ||  Unknown
+               ||  --  |  --  |  --  |  --  ||  Not Evaluated
+               ||  --  |  --  |  --  |  --  ||  Not Applicable
+---------------||---------------------------||------------------
+                    </evaluation_chart>
+               </xsd:appinfo>
+          </xsd:annotation>
+          <xsd:restriction base="xsd:string">
+               <xsd:enumeration value="all_exist">
+                    <xsd:annotation>
+                         <xsd:documentation>A value of 'all_exist' means that every object defined by the description exists on the system.</xsd:documentation>
+                    </xsd:annotation>
+               </xsd:enumeration>
+               <xsd:enumeration value="any_exist">
+                    <xsd:annotation>
+                         <xsd:documentation>A value of 'any_exist' means that zero or more objects defined by the description exist on the system.</xsd:documentation>
+                    </xsd:annotation>
+               </xsd:enumeration>
+               <xsd:enumeration value="at_least_one_exists">
+                    <xsd:annotation>
+                         <xsd:documentation>A value of 'at_least_one_exists' means that at least one object defined by the description exists on the system.</xsd:documentation>
+                    </xsd:annotation>
+               </xsd:enumeration>
+               <xsd:enumeration value="none_exist">
+                    <xsd:annotation>
+                         <xsd:documentation>A value of 'none_exist' means that none of the objects defined by the description exist on the system.</xsd:documentation>
+                    </xsd:annotation>
+               </xsd:enumeration>
+               <xsd:enumeration value="only_one_exists">
+                    <xsd:annotation>
+                         <xsd:documentation>A value of 'only_one_exists' means that only one object defined by the description exists on the system.</xsd:documentation>
+                    </xsd:annotation>
+               </xsd:enumeration>
+          </xsd:restriction>
+     </xsd:simpleType>
+     <xsd:simpleType name="FamilyEnumeration">
+          <xsd:annotation>
+               <xsd:documentation>The FamilyEnumeration simple type is a listing of families that OVAL supports at this time.  Since new family values can only be added with new version of the schema, the value of 'undefined' is to be used when the desired family is not available.  Note that use of the undefined family value does not target all families, rather it means that some family other than one of the defined values is targeted.</xsd:documentation>
+          </xsd:annotation>
+          <xsd:restriction base="xsd:string">
+               <xsd:enumeration value="catos">
+                    <xsd:annotation>
+                         <xsd:documentation>The catos value describes the Cisco CatOS operating system.</xsd:documentation>
+                    </xsd:annotation>
+               </xsd:enumeration>
+               <xsd:enumeration value="ios">
+                    <xsd:annotation>
+                         <xsd:documentation>The ios value describes the Cisco IOS operating system.</xsd:documentation>
+                    </xsd:annotation>
+               </xsd:enumeration>
+               <xsd:enumeration value="macos">
+                    <xsd:annotation>
+                         <xsd:documentation>The macos value describes the Mac operating system.</xsd:documentation>
+                    </xsd:annotation>
+               </xsd:enumeration>
+               <xsd:enumeration value="pixos">
+                    <xsd:annotation>
+                         <xsd:documentation>The pixos value describes the Cisco PIX operating system.</xsd:documentation>
+                    </xsd:annotation>
+               </xsd:enumeration>
+               <xsd:enumeration value="undefined">
+                    <xsd:annotation>
+                         <xsd:documentation>The undefined value is to be used when the desired family is not available.</xsd:documentation>
+                    </xsd:annotation>
+               </xsd:enumeration>
+               <xsd:enumeration value="unix">
+                    <xsd:annotation>
+                         <xsd:documentation>The unix value describes the UNIX operating system.</xsd:documentation>
+                    </xsd:annotation>
+               </xsd:enumeration>
+               <xsd:enumeration value="vmware_infrastructure">
+                    <xsd:annotation>
+                         <xsd:documentation>The vmware_infrastructure value describes VMWare Infrastructure.</xsd:documentation>
+                    </xsd:annotation>
+               </xsd:enumeration>
+               <xsd:enumeration value="windows">
+                    <xsd:annotation>
+                         <xsd:documentation>The windows value describes the Microsoft Windows operating system.</xsd:documentation>
+                    </xsd:annotation>
+               </xsd:enumeration>               
+          </xsd:restriction>
+     </xsd:simpleType>
+     <xsd:simpleType name="MessageLevelEnumeration">
+          <xsd:annotation>
+               <xsd:documentation>The MessageLevelEnumeration simple type defines the different levels associated with a message. There is no specific criteria about which messages get assigned which level. This is completely arbitrary and up to the content producer to decide what is an error message and what is a debug message.</xsd:documentation>
+          </xsd:annotation>
+          <xsd:restriction base="xsd:string">
+               <xsd:enumeration value="debug">
+                    <xsd:annotation>
+                         <xsd:documentation>Debug messages should only be displayed by a tool when run in some sort of verbose mode.</xsd:documentation>
+                    </xsd:annotation>
+               </xsd:enumeration>
+               <xsd:enumeration value="error">
+                    <xsd:annotation>
+                         <xsd:documentation>Error messages should be recorded when there was an error that did not allow the collection of specific data.</xsd:documentation>
+                    </xsd:annotation>
+               </xsd:enumeration>
+               <xsd:enumeration value="fatal">
+                    <xsd:annotation>
+                         <xsd:documentation>A fatal message should be recorded when an error causes the failure of more than just a single piece of data.</xsd:documentation>
+                    </xsd:annotation>
+               </xsd:enumeration>
+               <xsd:enumeration value="info">
+                    <xsd:annotation>
+                         <xsd:documentation>Info messages are used to pass useful information about the data collection to a user.</xsd:documentation>
+                    </xsd:annotation>
+               </xsd:enumeration>
+               <xsd:enumeration value="warning">
+                    <xsd:annotation>
+                         <xsd:documentation>A warning message reports something that might not correct but information was still collected.</xsd:documentation>
+                    </xsd:annotation>
+               </xsd:enumeration>
+          </xsd:restriction>
+     </xsd:simpleType>
+     <xsd:simpleType name="OperationEnumeration">
+          <xsd:annotation>
+               <xsd:documentation>The OperationEnumeration simple type defines acceptable operations. Each operation defines how to compare entities against their actual values.</xsd:documentation>
+          </xsd:annotation>
+          <xsd:restriction base="xsd:string">
+               <xsd:enumeration value="equals">
+                    <xsd:annotation>
+                         <xsd:documentation>The 'equals' operation returns true if the actual value on the system is equal to the stated entity.  When the specified datatype is a string, this results in a case-sensitive comparison.</xsd:documentation>
+                    </xsd:annotation>
+               </xsd:enumeration>
+                <xsd:enumeration value="not equal">
+                    <xsd:annotation>
+                          <xsd:documentation>The 'not equal' operation returns true if the actual value on the system is not equal to the stated entity.  When the specified datatype is a string, this results in a case-sensitive comparison.</xsd:documentation>
+                    </xsd:annotation>
+               </xsd:enumeration>
+                <xsd:enumeration value="case insensitive equals">
+                      <xsd:annotation>
+                            <xsd:documentation>The 'case insensitive equals' operation is meant for string data and returns true if the actual value on the system is equal (using a case insensitive comparison) to the stated entity.</xsd:documentation>
+                      </xsd:annotation>
+                </xsd:enumeration>
+                <xsd:enumeration value="case insensitive not equal">
+                      <xsd:annotation>
+                            <xsd:documentation>The 'case insensitive not equal' operation is meant for string data and returns true if the actual value on the system is not equal (using a case insensitive comparison) to the stated entity.</xsd:documentation>
+                      </xsd:annotation>
+                </xsd:enumeration>
+                <xsd:enumeration value="greater than">
+                    <xsd:annotation>
+                         <xsd:documentation>The 'greater than' operation returns true if the actual value on the system is greater than the stated entity.</xsd:documentation>
+                    </xsd:annotation>
+               </xsd:enumeration>
+               <xsd:enumeration value="less than">
+                    <xsd:annotation>
+                         <xsd:documentation>The 'less than' operation returns true if the actual value on the system is less than the stated entity.</xsd:documentation>
+                    </xsd:annotation>
+               </xsd:enumeration>
+               <xsd:enumeration value="greater than or equal">
+                    <xsd:annotation>
+                         <xsd:documentation>The 'greater than or equal' operation returns true if the actual value on the system is greater than or equal to the stated entity.</xsd:documentation>
+                    </xsd:annotation>
+               </xsd:enumeration>
+               <xsd:enumeration value="less than or equal">
+                    <xsd:annotation>
+                         <xsd:documentation>The 'less than or equal' operation returns true if the actual value on the system is less than or equal to the stated entity.</xsd:documentation>
+                    </xsd:annotation>
+               </xsd:enumeration>
+               <xsd:enumeration value="bitwise and">
+                    <xsd:annotation>
+                         <xsd:documentation>The 'bitwise and' operation is used to determine if a specific bit is set. It returns true if performing a BITWISE AND with the binary representation of the stated entity against the binary representation of the actual value on the system results in a binary value that is equal to the binary representation of the stated entity. For example, assuming a datatype of 'int', if the actual integer value of the setting on your machine is 6 (same as 0110 in binary), then performing a 'bitwise and' with the stated integer 4 (0100) returns 4 (0100). Since the result is the same as the state mask, then the test returns true. If the actual value on your machine is 1 (0001), then the 'bitwise and' with the stated integer 4 (0100) returns 0 (0000). Since the result is not the same as the stated mask, then the test fails.</xsd:documentation>
+                    </xsd:annotation>
+               </xsd:enumeration>
+               <xsd:enumeration value="bitwise or">
+                    <xsd:annotation>
+                         <xsd:documentation>The 'bitwise or' operation is used to determine if a specific bit is not set. It returns true if performing a BITWISE OR with the binary representation of the stated entity against the binary representation of the actual value on the system results in a binary value that is equal to the binary representation of the stated entity. For example, assuming a datatype of 'int', if the actual integer value of the setting on your machine is 6 (same as 0110 in binary), then performing a 'bitwise or' with the stated integer 14 (1110) returns 14 (1110). Since the result is the same as the state mask, then the test returns true. If the actual value on your machine is 1 (0001), then the 'bitwise or' with the stated integer 14 (1110) returns 15 (1111). Since the result is not the same as the stated mask, then the test fails.</xsd:documentation>
+                    </xsd:annotation>
+               </xsd:enumeration>
+               <xsd:enumeration value="pattern match">
+                    <xsd:annotation>
+                         <xsd:documentation>The 'pattern match' operation allows an item to be tested against a regular expression. When used by an entity in an OVAL Object, the regular expression represents the unique set of matching items on the system.  OVAL supports a common subset of the regular expression character classes, operations, expressions and other lexical tokens defined within Perl 5's regular expression specification. For more information on the supported regular expression syntax in OVAL see: http://oval.mitre.org/language/about/re_support_5.6.html</xsd:documentation>
+                    </xsd:annotation>
+               </xsd:enumeration>
+               <xsd:enumeration value="subset of">
+                    <xsd:annotation>
+                         <xsd:documentation>The 'subset of' operation returns true if the actual set on the system is a subset of the set defined by the stated entity.</xsd:documentation>
+                    </xsd:annotation>
+               </xsd:enumeration>
+               <xsd:enumeration value="superset of">
+                    <xsd:annotation>
+                         <xsd:documentation>The 'superset of' operation returns true if the actual set on the system is a superset of the set defined by the stated entity.</xsd:documentation>
+                    </xsd:annotation>
+               </xsd:enumeration>
+          </xsd:restriction>
+     </xsd:simpleType>
+     <xsd:simpleType name="OperatorEnumeration">
+          <xsd:annotation>
+               <xsd:documentation>The OperatorEnumeration simple type defines acceptable operators. Each operator defines how to evaluate multiple arguments.</xsd:documentation>
+               <xsd:appinfo>
+                    <evaluation_documentation>Below are some tables that outline how each operator effects evaluation. The far left column identifies the operator in question. The middle column specifies the different combinations of individual results that the operator may bind together. (T=true, F=false, E=error, U=unknown, NE=not evaluated, NA=not applicable) For example, a 1+ under T means that one or more individual results are true, while a 0 under U means that zero individual results are unknown. The last column specifies what the final result would be according to each combination of individual results. Note that if the individual test is negated, then a true result is false and a false result is true, all other results stay as is.</evaluation_documentation>
+                    <evaluation_chart xml:space="preserve">
+               ||  num of individual results  ||
+  operator is  ||                             ||  final result is
+               || T  | F  | E  | U  | NE | NA ||
+---------------||-----------------------------||------------------
+               || 1+ | 0  | 0  | 0  | 0  | 0+ ||  True
+               || 0+ | 1+ | 0+ | 0+ | 0+ | 0+ ||  False
+      AND      || 0+ | 0  | 1+ | 0+ | 0+ | 0+ ||  Error
+               || 0+ | 0  | 0  | 1+ | 0+ | 0+ ||  Unknown
+               || 0+ | 0  | 0  | 0  | 1+ | 0+ ||  Not Evaluated
+               || 0  | 0  | 0  | 0  | 0  | 1+ ||  Not Applicable
+---------------||-----------------------------||------------------
+                    </evaluation_chart>
+                    <evaluation_chart xml:space="preserve">
+               ||  num of individual results  || 
+  operator is  ||                             ||  final result is
+               || T  | F  | E  | U  | NE | NA ||
+---------------||-----------------------------||------------------
+               || 1  | 0+ | 0  | 0  | 0  | 0+ ||  True
+               || 2+ | 0+ | 0+ | 0+ | 0+ | 0+ ||  ** False **
+               || 0  | 1+ | 0  | 0  | 0  | 0+ ||  ** False **
+      ONE      ||0,1 | 0+ | 1+ | 0+ | 0+ | 0+ ||  Error
+               ||0,1 | 0+ | 0  | 1+ | 0+ | 0+ ||  Unknown
+               ||0,1 | 0+ | 0  | 0  | 1+ | 0+ ||  Not Evaluated
+               || 0  | 0  | 0  | 0  | 0  | 1+ ||  Not Applicable
+---------------||-----------------------------||------------------
+                    </evaluation_chart>
+                    <evaluation_chart xml:space="preserve">
+               ||  num of individual results  || 
+  operator is  ||                             ||  final result is
+               || T  | F  | E  | U  | NE | NA ||
+---------------||-----------------------------||------------------
+               || 1+ | 0+ | 0+ | 0+ | 0+ | 0+ ||  True
+               || 0  | 1+ | 0  | 0  | 0  | 0+ ||  False
+      OR       || 0  | 0+ | 1+ | 0+ | 0+ | 0+ ||  Error
+               || 0  | 0+ | 0  | 1+ | 0+ | 0+ ||  Unknown
+               || 0  | 0+ | 0  | 0  | 1+ | 0+ ||  Not Evaluated
+               || 0  | 0  | 0  | 0  | 0  | 1+ ||  Not Applicable
+---------------||-----------------------------||------------------
+                    </evaluation_chart>
+                    <evaluation_chart xml:space="preserve">
+               ||  num of individual results  ||
+  operator is  ||                             ||  final result is
+               || T  | F  | E  | U  | NE | NA ||
+---------------||-----------------------------||------------------
+               ||odd | 0+ | 0  | 0  | 0  | 0+ ||  True
+               ||even| 0+ | 0  | 0  | 0  | 0+ ||  False
+      XOR      || 0+ | 0+ | 1+ | 0+ | 0+ | 0+ ||  Error
+               || 0+ | 0+ | 0  | 1+ | 0+ | 0+ ||  Unknown
+               || 0+ | 0+ | 0  | 0  | 1+ | 0+ ||  Not Evaluated
+               || 0  | 0  | 0  | 0  | 0  | 1+ ||  Not Applicable
+---------------||-----------------------------||------------------
+                    </evaluation_chart>
+               </xsd:appinfo>
+          </xsd:annotation>
+          <xsd:restriction base="xsd:string">
+               <xsd:enumeration value="AND">
+                    <xsd:annotation>
+                         <xsd:documentation>The AND operator produces a true result if every argument is true. If one or more arguments are false, the result of the AND is false. If one or more of the arguments are unknown, and if none of the arguments are false, then the AND operator produces a result of unknown.</xsd:documentation>
+                    </xsd:annotation>
+               </xsd:enumeration>
+               <xsd:enumeration value="ONE">
+                    <xsd:annotation>
+                         <xsd:documentation>The ONE operator produces a true result if one and only one argument is true. If there are more than argument is true (or if there are no true arguments), the result of the ONE is false. If one or more of the arguments are unknown, then the ONE operator produces a result of unknown.</xsd:documentation>
+                    </xsd:annotation>
+               </xsd:enumeration>
+               <xsd:enumeration value="OR">
+                    <xsd:annotation>
+                         <xsd:documentation>The OR operator produces a true result if one or more arguments is true. If every argument is false, the result of the OR is false. If one or more of the arguments are unknown and if none of arguments are true, then the OR operator produces a result of unknown.</xsd:documentation>
+                    </xsd:annotation>
+               </xsd:enumeration>
+               <xsd:enumeration value="XOR">
+                    <xsd:annotation>
+                         <xsd:documentation>XOR is defined to be true if an odd number of its arguments are true, and false otherwise. If any of the arguments are unknown, then the XOR operator produces a result of unknown.</xsd:documentation>
+                    </xsd:annotation>
+               </xsd:enumeration>
+          </xsd:restriction>
+     </xsd:simpleType>
+     <!-- =============================================================================== -->
+     <!-- ================================  ID PATTERNS  ================================ -->
+     <!-- =============================================================================== -->
+     <xsd:simpleType name="DefinitionIDPattern">
+          <xsd:annotation>
+               <xsd:documentation>Define the format for acceptable OVAL Definition ids. An urn format is used with the id starting with the word oval followed by a unique string, followed by the three letter code 'def', and ending with an integer.</xsd:documentation>
+          </xsd:annotation>
+          <xsd:restriction base="xsd:string">
+               <xsd:pattern value="oval:[A-Za-z0-9_\-\.]+:def:[1-9][0-9]*"/>
+          </xsd:restriction>
+     </xsd:simpleType>
+     <xsd:simpleType name="ObjectIDPattern">
+          <xsd:annotation>
+               <xsd:documentation>Define the format for acceptable OVAL Object ids. An urn format is used with the id starting with the word oval followed by a unique string, followed by the three letter code 'obj', and ending with an integer.</xsd:documentation>
+          </xsd:annotation>
+          <xsd:restriction base="xsd:string">
+               <xsd:pattern value="oval:[A-Za-z0-9_\-\.]+:obj:[1-9][0-9]*"/>
+          </xsd:restriction>
+     </xsd:simpleType>
+     <xsd:simpleType name="StateIDPattern">
+          <xsd:annotation>
+               <xsd:documentation>Define the format for acceptable OVAL State ids. An urn format is used with the id starting with the word oval followed by a unique string, followed by the three letter code 'ste', and ending with an integer.</xsd:documentation>
+          </xsd:annotation>
+          <xsd:restriction base="xsd:string">
+               <xsd:pattern value="oval:[A-Za-z0-9_\-\.]+:ste:[1-9][0-9]*"/>
+          </xsd:restriction>
+     </xsd:simpleType>
+     <xsd:simpleType name="TestIDPattern">
+          <xsd:annotation>
+               <xsd:documentation>Define the format for acceptable OVAL Test ids. An urn format is used with the id starting with the word oval followed by a unique string, followed by the three letter code 'tst', and ending with an integer.</xsd:documentation>
+          </xsd:annotation>
+          <xsd:restriction base="xsd:string">
+               <xsd:pattern value="oval:[A-Za-z0-9_\-\.]+:tst:[1-9][0-9]*"/>
+          </xsd:restriction>
+     </xsd:simpleType>
+     <xsd:simpleType name="VariableIDPattern">
+          <xsd:annotation>
+               <xsd:documentation>Define the format for acceptable OVAL Variable ids. An urn format is used with the id starting with the word oval followed by a unique string, followed by the three letter code 'var', and ending with an integer.</xsd:documentation>
+          </xsd:annotation>
+          <xsd:restriction base="xsd:string">
+               <xsd:pattern value="oval:[A-Za-z0-9_\-\.]+:var:[1-9][0-9]*"/>
+          </xsd:restriction>
+     </xsd:simpleType>
+     <xsd:simpleType name="ItemIDPattern">
+          <xsd:annotation>
+               <xsd:documentation>Define the format for acceptable OVAL Item ids. The format is an integer. An item id is used to identify the different items found in an OVAL System Characteristics file.</xsd:documentation>
+          </xsd:annotation>
+          <xsd:restriction base="xsd:integer"/>
+     </xsd:simpleType>
+     <!-- =============================================================================== -->
+     <!-- ================================  OTHER TYPES  ================================ -->
+     <!-- =============================================================================== -->
+     <xsd:simpleType name="EmptyStringType">
+          <xsd:annotation>
+               <xsd:documentation>The EmptyStringType simple type is a restriction of the built-in string simpleType. The only allowed string is the empty string with a length of zero. This type is used by certain elements to allow empty content when non-string data is accepted. See the EntityIntType in the OVAL Definition Schema for an example of its use.</xsd:documentation>
+          </xsd:annotation>
+          <xsd:restriction base="xsd:string">
+               <xsd:maxLength value="0"/>
+          </xsd:restriction>
+     </xsd:simpleType>
+     <xsd:simpleType name="NonEmptyStringType">
+          <xsd:annotation>
+               <xsd:documentation>The NonEmptyStringType simple type is a restriction of the built-in string simpleType. Empty strings are not allowed. This type is used by comment attributes where an empty value is not allowed.</xsd:documentation>
+          </xsd:annotation>
+          <xsd:restriction base="xsd:string">
+               <xsd:minLength value="1"/>
+          </xsd:restriction>
+     </xsd:simpleType>
+     <!-- =============================================================================== -->
+     <!-- =============================================================================== -->
+     <!-- =============================================================================== -->
+</xsd:schema>
diff --git a/stix_validator/schema/external/oval_5.10/oval-definitions-schema.xsd b/stix_validator/schema/external/oval_5.10/oval-definitions-schema.xsd
new file mode 100755
index 0000000..b81b5cf
--- /dev/null
+++ b/stix_validator/schema/external/oval_5.10/oval-definitions-schema.xsd
@@ -0,0 +1,1608 @@
+<?xml version="1.0" encoding="utf-8"?>
+<xsd:schema xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:oval="http://oval.mitre.org/XMLSchema/oval-common-5" xmlns:oval-def="http://oval.mitre.org/XMLSchema/oval-definitions-5" xmlns:ds="http://www.w3.org/2000/09/xmldsig#" xmlns:sch="http://purl.oclc.org/dsdl/schematron" targetNamespace="http://oval.mitre.org/XMLSchema/oval-definitions-5" elementFormDefault="qualified" version="5.10.1">
+    <xsd:import namespace="http://oval.mitre.org/XMLSchema/oval-common-5" schemaLocation="oval-common-schema.xsd"/>
+    <xsd:import namespace="http://www.w3.org/2000/09/xmldsig#" schemaLocation="xmldsig-core-schema.xsd"/>
+    <xsd:annotation>
+        <xsd:documentation>The following is a description of the elements, types, and attributes that compose the core schema for encoding Open Vulnerability and Assessment Language (OVAL) Definitions. Some of the objects defined here are extended and enhanced by individual component schemas, which are described in separate documents. Each of the elements, types, and attributes that make up the Core Definition Schema are described in detail and should provide the information necessary to understand what each represents. This document is intended for developers and assumes some familiarity with XML. A high level description of the interaction between these objects is not outlined here.</xsd:documentation>
+        <xsd:documentation>The OVAL Schema is maintained by The MITRE Corporation and developed by the public OVAL Community. For more information, including how to get involved in the project and how to submit change requests, please visit the OVAL website at http://oval.mitre.org.</xsd:documentation>
+        <xsd:appinfo>
+            <schema>Core Definition</schema>
+            <version>5.10.1</version>
+            <date>1/27/2012 1:22:32 PM</date>
+            <terms_of_use>Copyright (c) 2002-2012, The MITRE Corporation. All rights reserved. The contents of this file are subject to the terms of the OVAL License located at http://oval.mitre.org/oval/about/termsofuse.html. See the OVAL License for the specific language governing permissions and limitations for use of this schema. When distributing copies of the OVAL Schema, this license header must be included.</terms_of_use>
+            <sch:ns prefix="oval-def" uri="http://oval.mitre.org/XMLSchema/oval-definitions-5"/>
+            <sch:ns prefix="xsi" uri="http://www.w3.org/2001/XMLSchema-instance"/>
+        </xsd:appinfo>
+    </xsd:annotation>
+    <!-- =============================================================================== -->
+    <!-- =============================================================================== -->
+    <!-- =============================================================================== -->
+    <xsd:element name="oval_definitions">
+        <xsd:annotation>
+            <xsd:documentation>The oval_definitions element is the root of an OVAL Definition Document. Its purpose is to bind together the major sections of a document - generator, definitions, tests, objects, states, and variables - which are the children of the root element.</xsd:documentation>
+            <xsd:appinfo>
+                <sch:pattern id="oval-def_empty_def_doc">
+                    <sch:rule context="oval-def:oval_definitions">
+                        <sch:assert test="oval-def:definitions or oval-def:tests or oval-def:objects or oval-def:states or oval-def:variables">A valid OVAL Definition document must contain at least one definitions, tests, objects, states, or variables element. The optional definitions, tests, objects, states, and variables sections define the specific characteristics that should be evaluated on a system to determine the truth values of the OVAL Definition Document. To be valid though, at least one definitions, tests, objects, states, or variables element must be present.</sch:assert>
+                    </sch:rule>
+                </sch:pattern>
+            </xsd:appinfo>
+        </xsd:annotation>
+        <xsd:complexType>
+            <xsd:sequence>
+                <xsd:element name="generator" type="oval:GeneratorType">
+                    <xsd:annotation>
+                        <xsd:documentation>The required generator section provides information about when the definition file was compiled and under what version.</xsd:documentation>
+                    </xsd:annotation>
+                </xsd:element>
+                <xsd:element name="definitions" type="oval-def:DefinitionsType" minOccurs="0" maxOccurs="1">
+                    <xsd:annotation>
+                        <xsd:documentation>The optional definitions section contains 1 or more definitions.</xsd:documentation>
+                    </xsd:annotation>
+                </xsd:element>
+                <xsd:element name="tests" type="oval-def:TestsType" minOccurs="0" maxOccurs="1">
+                    <xsd:annotation>
+                        <xsd:documentation>The optional tests section contains 1 or more tests.</xsd:documentation>
+                    </xsd:annotation>
+                </xsd:element>
+                <xsd:element name="objects" type="oval-def:ObjectsType" minOccurs="0" maxOccurs="1">
+                    <xsd:annotation>
+                        <xsd:documentation>The optional objects section contains 1 or more objects.</xsd:documentation>
+                    </xsd:annotation>
+                </xsd:element>
+                <xsd:element name="states" type="oval-def:StatesType" minOccurs="0" maxOccurs="1">
+                    <xsd:annotation>
+                        <xsd:documentation>The optional states section contains 1 or more states.</xsd:documentation>
+                    </xsd:annotation>
+                </xsd:element>
+                <xsd:element name="variables" type="oval-def:VariablesType" minOccurs="0" maxOccurs="1">
+                    <xsd:annotation>
+                        <xsd:documentation>The optional variables section contains 1 or more variables.</xsd:documentation>
+                    </xsd:annotation>
+                </xsd:element>
+                <xsd:element ref="ds:Signature" minOccurs="0" maxOccurs="1">
+                    <xsd:annotation>
+                        <xsd:documentation>The optional Signature element allows an XML Signature as defined by the W3C to be attached to the document. This allows authentication and data integrity to be provided to the user. Enveloped signatures are supported. More information about the official W3C Recommendation regarding XML digital signatures can be found at http://www.w3.org/TR/xmldsig-core/.</xsd:documentation>
+                    </xsd:annotation>
+                </xsd:element>
+            </xsd:sequence>
+        </xsd:complexType>
+        <xsd:key name="definitionKey">
+            <xsd:annotation>
+                <xsd:documentation>Enforce uniqueness amongst the ids differentiating the individual definition elements.</xsd:documentation>
+            </xsd:annotation>
+            <xsd:selector xpath="oval-def:definitions/oval-def:definition"/>
+            <xsd:field xpath="@id"/>
+        </xsd:key>
+        <xsd:key name="testKey">
+            <xsd:annotation>
+                <xsd:documentation>Enforce uniqueness amongst the ids differentiating the individual test elements.</xsd:documentation>
+            </xsd:annotation>
+            <xsd:selector xpath="oval-def:tests/*"/>
+            <xsd:field xpath="@id"/>
+        </xsd:key>
+        <xsd:key name="objectKey">
+            <xsd:annotation>
+                <xsd:documentation>Enforce uniqueness amongst the ids differentiating the individual object elements.</xsd:documentation>
+            </xsd:annotation>
+            <xsd:selector xpath="oval-def:objects/*"/>
+            <xsd:field xpath="@id"/>
+        </xsd:key>
+        <xsd:key name="stateKey">
+            <xsd:annotation>
+                <xsd:documentation>Enforce uniqueness amongst the ids differentiating the individual state elements.</xsd:documentation>
+            </xsd:annotation>
+            <xsd:selector xpath="oval-def:states/*"/>
+            <xsd:field xpath="@id"/>
+        </xsd:key>
+        <xsd:key name="variableKey">
+            <xsd:annotation>
+                <xsd:documentation>Enforce uniqueness amongst the ids differentiating the individual variable elements.</xsd:documentation>
+            </xsd:annotation>
+            <xsd:selector xpath="oval-def:variables/*"/>
+            <xsd:field xpath="@id"/>
+        </xsd:key>
+        <xsd:keyref name="extendKeyRef" refer="oval-def:definitionKey">
+            <xsd:annotation>
+                <xsd:documentation>Requires each definition reference to refer to a valid definition id.</xsd:documentation>
+            </xsd:annotation>
+            <xsd:selector xpath=".//*"/>
+            <xsd:field xpath="@definition_ref"/>
+        </xsd:keyref>
+        <xsd:keyref name="testKeyRef" refer="oval-def:testKey">
+            <xsd:annotation>
+                <xsd:documentation>Requires each test reference to refer to a valid test id.</xsd:documentation>
+            </xsd:annotation>
+            <xsd:selector xpath=".//*"/>
+            <xsd:field xpath="@test_ref"/>
+        </xsd:keyref>
+        <xsd:keyref name="objectKeyRef" refer="oval-def:objectKey">
+            <xsd:annotation>
+                <xsd:documentation>Requires each object reference to refer to a valid object id.</xsd:documentation>
+            </xsd:annotation>
+            <xsd:selector xpath=".//*"/>
+            <xsd:field xpath="@object_ref"/>
+        </xsd:keyref>
+        <xsd:keyref name="stateKeyRef" refer="oval-def:stateKey">
+            <xsd:annotation>
+                <xsd:documentation>Requires each state reference to refer to a valid state id.</xsd:documentation>
+            </xsd:annotation>
+            <xsd:selector xpath=".//*"/>
+            <xsd:field xpath="@state_ref"/>
+        </xsd:keyref>
+        <xsd:keyref name="variableKeyRef" refer="oval-def:variableKey">
+            <xsd:annotation>
+                <xsd:documentation>Requires each variable reference to refer to a valid variable id.</xsd:documentation>
+            </xsd:annotation>
+            <xsd:selector xpath=".//*"/>
+            <xsd:field xpath="@var_ref"/>
+        </xsd:keyref>
+        <xsd:keyref name="object_referenceKeyRef" refer="oval-def:objectKey">
+            <xsd:annotation>
+                <xsd:documentation>Require each object reference in a set element to refer to a valid object id.</xsd:documentation>
+            </xsd:annotation>
+            <xsd:selector xpath=".//oval-def:object_reference"/>
+            <xsd:field xpath="."/>
+        </xsd:keyref>
+        <xsd:keyref name="filterKeyRef" refer="oval-def:stateKey">
+            <xsd:annotation>
+                <xsd:documentation>Require each filter in a set element to refer to a valid state id.</xsd:documentation>
+            </xsd:annotation>
+            <xsd:selector xpath=".//oval-def:filter"/>
+            <xsd:field xpath="."/>
+        </xsd:keyref>
+    </xsd:element>
+    <!-- =============================================================================== -->
+    <!-- =================================  GENERATOR  ================================= -->
+    <!-- =============================================================================== -->
+    <!--
+		The GeneratorType is defined by the oval common schema.  Please refer to
+		that documentation for a description of the complex type.
+	 -->
+    <!-- =============================================================================== -->
+    <!-- ================================  DEFINITIONS  ================================ -->
+    <!-- =============================================================================== -->
+    <xsd:complexType name="DefinitionsType">
+        <xsd:annotation>
+            <xsd:documentation>The DefinitionsType complex type is a container for one or more definition elements. Each definition element describes a single OVAL Definition. Please refer to the description of the DefinitionType for more information about an individual definition.</xsd:documentation>
+        </xsd:annotation>
+        <xsd:sequence>
+            <xsd:element ref="oval-def:definition" minOccurs="1" maxOccurs="unbounded"/>
+        </xsd:sequence>
+    </xsd:complexType>
+    <xsd:element name="definition" type="oval-def:DefinitionType">
+        <xsd:annotation>
+            <xsd:documentation>The definition element represents the globally defined element of type DefinitionType. For more information please see the documentation on the DefinitionType.</xsd:documentation>
+        </xsd:annotation>
+    </xsd:element>
+    <xsd:complexType name="DefinitionType">
+        <xsd:annotation>
+            <xsd:documentation>The DefinitionType defines a single OVAL Definition. A definition is the key structure in OVAL. It is analogous to the logical sentence or proposition: if a computer's state matches the configuration parameters laid out in the criteria, then that computer exhibits the state described. The DefinitionType contains a section for various metadata related elements that describe the definition. This includes a description, version, affected system types, and reference information. The notes section of a definition should be used to hold information that might be helpful to someone examining the technical aspects of the definition. For example, why certain tests have been included in the criteria, or maybe a link to where further information can be found. The DefinitionType also (unless the definition is deprecated) contains a criteria child element that joins individual tests together with a logical operator to specify the specific computer state being described.</xsd:documentation>
+            <xsd:documentation>The required id attribute is the OVAL-ID of the Definition. The form of an OVAL-ID must follow the specific format described by the oval:DefinitionIDPattern. The required version attribute holds the current version of the definition. Versions are integers, starting at 1 and incrementing every time a definition is modified. The required class attribute indicates the specific class to which the definition belongs. The class gives a hint to a user so they can know what the definition writer is trying to say. See the definition of oval-def:ClassEnumeration for more information about the different valid classes. The optional deprecated attribute signifies that an id is no longer to be used or referenced but the information has been kept around for historic purposes.</xsd:documentation>
+            <xsd:documentation>When the deprecated attribute is set to true, the definition is considered to be deprecated. The criteria child element of a deprecated definition is optional. If a deprecated definition does not contain a criteria child element, the definition must evaluate to "not evaluated". If a deprecated definition contains a criteria child element, an interpreter should evaluate the definition as if it were not deprecated, but an interpreter may evaluate the definition to "not evaluated".</xsd:documentation>
+            <xsd:appinfo>
+                <sch:pattern id="oval-def_required_criteria">
+                    <sch:rule context="oval-def:oval_definitions/oval-def:definitions/oval-def:definition[(@deprecated='false' or @deprecated='0') or not(@deprecated)]">
+                        <sch:assert test="oval-def:criteria">A valid OVAL Definition must contain a criteria unless the definition is a deprecated definition.</sch:assert>
+                    </sch:rule>
+                </sch:pattern>
+            </xsd:appinfo>
+        </xsd:annotation>
+        <xsd:sequence>
+            <xsd:element ref="ds:Signature" minOccurs="0" maxOccurs="1"/>
+            <xsd:element name="metadata" type="oval-def:MetadataType">
+                <xsd:unique name="UniqueAffectedFamily">
+                    <xsd:annotation>
+                        <xsd:documentation>Each affected element must have a unique family attribute value.</xsd:documentation>
+                    </xsd:annotation>
+                    <xsd:selector xpath="oval-def:affected"/>
+                    <xsd:field xpath="@family"/>
+                </xsd:unique>            
+            </xsd:element>
+            <xsd:element name="notes" type="oval-def:NotesType" minOccurs="0" maxOccurs="1"/>
+            <xsd:element name="criteria" type="oval-def:CriteriaType" minOccurs="0" maxOccurs="1"/>
+        </xsd:sequence>
+        <xsd:attribute name="id" type="oval:DefinitionIDPattern" use="required"/>
+        <xsd:attribute name="version" type="xsd:nonNegativeInteger" use="required"/>
+        <xsd:attribute name="class" type="oval:ClassEnumeration" use="required"/>
+        <xsd:attribute name="deprecated" type="xsd:boolean" use="optional" default="false"/>
+    </xsd:complexType>
+    <xsd:complexType name="MetadataType">
+        <xsd:annotation>
+            <xsd:documentation>The MetadataType complex type contains all the metadata available to an OVAL Definition. This metadata is for informational purposes only and is not part of the criteria used to evaluate machine state. The required title child element holds a short string that is used to quickly identify the definition to a human user. The affected metadata item contains information about the system(s) for which the definition has been written. Remember that this is just metadata and not part of the criteria. Please refer to the AffectedType description for more information. The required description element contains a textual description of the configuration state being addressed by the OVAL Definition. In the case of a definition from the vulnerability class, the reference is usually the Common Vulnerability and Exposures (CVE) Identifier, and this description field corresponds with the CVE description.</xsd:documentation>
+            <xsd:documentation>Additional metadata is also allowed although it is not part of the official OVAL Schema. Individual organizations can place metadata items that they feel are important and these will be skipped during the validation. All OVAL really cares about is that the stated metadata items are there.</xsd:documentation>
+        </xsd:annotation>
+        <xsd:sequence>
+            <xsd:element name="title" type="xsd:string"/>
+            <xsd:element name="affected" type="oval-def:AffectedType" minOccurs="0" maxOccurs="unbounded">
+                <xsd:unique name="UniqueAffectedPlatform">
+                    <xsd:annotation>
+                        <xsd:documentation>Each affected platform element must have a unique value.</xsd:documentation>
+                    </xsd:annotation>
+                    <xsd:selector xpath="oval-def:platform"/>
+                    <xsd:field xpath="."/>
+                </xsd:unique>
+                <xsd:unique name="UniqueAffectedProduct">
+                    <xsd:annotation>
+                        <xsd:documentation>Each affected product element must have a unique value.</xsd:documentation>
+                    </xsd:annotation>
+                    <xsd:selector xpath="oval-def:product"/>
+                    <xsd:field xpath="."/>
+                </xsd:unique>
+            </xsd:element>
+            <xsd:element name="reference" type="oval-def:ReferenceType" minOccurs="0" maxOccurs="unbounded"/>
+            <xsd:element name="description" type="xsd:string"/>
+            <xsd:any minOccurs="0" maxOccurs="unbounded" processContents="lax"/>
+            <!-- For the next major release of OVAL, the xsd:any tag above will be modified to
+		         only allow elements from namespaces other than the default namespace.  This
+		         fixes a bug in the current schema where the affected or reference element can
+		         appear after the description element and still produce a vailid document.
+
+		        <xsd:any minOccurs="0" maxOccurs="unbounded" namespace="##other" processContents="lax"/>
+		    -->
+        </xsd:sequence>
+    </xsd:complexType>
+    <xsd:complexType name="AffectedType">
+        <xsd:annotation>
+            <xsd:documentation>Each OVAL Definition is written to evaluate a certain type of system(s). The family, platform(s), and product(s) of this target are described by the AffectedType whose main purpose is to provide hints for tools using OVAL Definitions. For instance, to help a reporting tool only use Windows definitions, or to preselect only Red Hat definitions to be evaluated. Note, the inclusion of a particular platform or product does not mean the definition is physically checking for the existence of the platform or product. For the actual test to be performed, the correct test must still be included in the definition's criteria section.</xsd:documentation>
+            <xsd:documentation>The AffectedType complex type details the specific system, application, subsystem, library, etc. for which a definition has been written. If a definition is not tied to a specific product, then this element should not be included. The absence of the platform or product element can be thought of as definition applying to all platforms or products. The inclusion of a particular platform or product does not mean the definition is physically checking for the existence of the platform or product. For the actual test to be performed, the correct test must still be included in the definition's criteria section. To increase the utility of this element, care should be taken when assigning and using strings for product names. The schema places no restrictions on the values that can be assigned, potentially leading to many different representations of the same value. For example, 'Internet Explorer' and 'IE' might be used to refer to the same product. The current convention is to fully spell out all terms, and avoid the use of abbreviations at all costs.</xsd:documentation>
+            <xsd:documentation>Please note that the AffectedType will change in future versions of OVAL in order to support the Common Platform Enumeration (CPE).</xsd:documentation>
+        </xsd:annotation>
+        <xsd:sequence>
+            <xsd:element name="platform" type="xsd:string" minOccurs="0" maxOccurs="unbounded"/>
+            <xsd:element name="product" type="xsd:string" minOccurs="0" maxOccurs="unbounded"/>
+        </xsd:sequence>
+        <xsd:attribute name="family" type="oval:FamilyEnumeration" use="required"/>
+    </xsd:complexType>
+    <xsd:complexType name="ReferenceType">
+        <xsd:annotation>
+            <xsd:documentation>The ReferenceType complex type links the OVAL Definition to a definitive external reference. For example, CVE Identifiers are used for referencing vulnerabilities. The intended purpose for this reference is to link the definition to a variety of other sources that address the same issue being specified by the OVAL Definition.</xsd:documentation>
+            <xsd:documentation>The required source attribute specifies where the reference is coming from. In other words, it identifies the reference repository being used. The required ref_id attribute is the external id of the reference. The optional ref_url attribute is the URL to the reference.</xsd:documentation>
+        </xsd:annotation>
+        <xsd:attribute name="source" type="xsd:string" use="required"/>
+        <xsd:attribute name="ref_id" type="xsd:string" use="required"/>
+        <xsd:attribute name="ref_url" type="xsd:anyURI" use="optional"/>
+    </xsd:complexType>
+    <xsd:complexType name="NotesType">
+        <xsd:annotation>
+            <xsd:documentation>The NotesType complex type is a container for one or more note child elements. Each note contains some information about the definition or tests that it references. A note may record an unresolved question about the definition or test or present the reason as to why a particular approach was taken.</xsd:documentation>
+        </xsd:annotation>
+        <xsd:sequence>
+            <xsd:element name="note" type="xsd:string" minOccurs="1" maxOccurs="unbounded"/>
+        </xsd:sequence>
+    </xsd:complexType>
+    <xsd:complexType name="CriteriaType">
+        <xsd:annotation>
+            <xsd:documentation>The CriteriaType complex type describes a container for a set of sub criteria, criteria, criterion, or extend_definition elements allowing complex logical trees to be constructed. Each referenced test is represented by a criterion element. Please refer to the description of the CriterionType for more information about and individual criterion element. The optional extend_definition element allows existing definitions to be included in the criteria. Refer to the description of the ExtendDefinitionType for more information.</xsd:documentation>
+            <xsd:documentation>The required operator attribute provides the logical operator that binds the different statements inside a criteria together. The optional negate attribute signifies that the result of the criteria as a whole should be negated during analysis. For example, consider a criteria that evaluates to TRUE if certain software is installed. By negating this test, it now evaluates to TRUE if the software is NOT installed. The optional comment attribute provides a short description of the criteria.</xsd:documentation>
+            <xsd:documentation>The optional applicability_check attribute provides a Boolean flag that when true indicates that the criteria is being used to determine whether the OVAL Definition applies to a given system.</xsd:documentation>
+        </xsd:annotation>
+        <xsd:choice minOccurs="1" maxOccurs="unbounded">
+            <xsd:element name="criteria" type="oval-def:CriteriaType"/>
+            <xsd:element name="criterion" type="oval-def:CriterionType"/>
+            <xsd:element name="extend_definition" type="oval-def:ExtendDefinitionType"/>
+        </xsd:choice>
+        <xsd:attribute name="applicability_check" type="xsd:boolean" use="optional"/>
+        <xsd:attribute name="operator" type="oval:OperatorEnumeration" use="optional" default="AND"/>
+        <xsd:attribute name="negate" type="xsd:boolean" use="optional" default="false"/>
+        <xsd:attribute name="comment" type="oval:NonEmptyStringType" use="optional"/>
+    </xsd:complexType>
+    <xsd:complexType name="CriterionType">
+        <xsd:annotation>
+            <xsd:documentation>The CriterionType complex type identifies a specific test to be included in the definition's criteria.</xsd:documentation>
+            <xsd:documentation>The required test_ref attribute is the actual id of the test being referenced. The optional negate attribute signifies that the result of an individual test should be negated during analysis. For example, consider a test that evaluates to TRUE if a specific patch is installed. By negating this test, it now evaluates to TRUE if the patch is NOT installed. The optional comment attribute provides a short description of the specified test and should mirror the comment attribute of the actual test.</xsd:documentation>
+            <xsd:documentation>The optional applicability_check attribute provides a Boolean flag that when true indicates that the criterion is being used to determine whether the OVAL Definition applies to a given system.</xsd:documentation>
+        </xsd:annotation>
+        <xsd:attribute name="applicability_check" type="xsd:boolean" use="optional"/>
+        <xsd:attribute name="test_ref" type="oval:TestIDPattern" use="required"/>
+        <xsd:attribute name="negate" type="xsd:boolean" use="optional" default="false"/>
+        <xsd:attribute name="comment" type="oval:NonEmptyStringType" use="optional"/>
+    </xsd:complexType>
+    <xsd:complexType name="ExtendDefinitionType">
+        <xsd:annotation>
+            <xsd:documentation>The ExtendDefinitionType complex type allows existing definitions to be extended by another definition. This works by evaluating the extended definition and then using the result within the logical context of the extending definition.</xsd:documentation>
+            <xsd:documentation>The required definition_ref attribute is the actual id of the definition being extended. The optional negate attribute signifies that the result of an extended definition should be negated during analysis. For example, consider a definition that evaluates TRUE if certainsoftware is installed. By negating the definition, it now evaluates to TRUE if the software is NOT installed. The optional comment attribute provides a short description of the specified definition and should mirror the title metadata of the extended definition.</xsd:documentation>
+            <xsd:documentation>The optional applicability_check attribute provides a Boolean flag that when true indicates that the extend_definition is being used to determine whether the OVAL Definition applies to a given system.</xsd:documentation>
+        </xsd:annotation>
+        <xsd:attribute name="applicability_check" type="xsd:boolean" use="optional"/>
+        <xsd:attribute name="definition_ref" type="oval:DefinitionIDPattern" use="required"/>
+        <xsd:attribute name="negate" type="xsd:boolean" use="optional" default="false"/>
+        <xsd:attribute name="comment" type="oval:NonEmptyStringType" use="optional"/>
+    </xsd:complexType>
+    <!-- =============================================================================== -->
+    <!-- ===================================  TESTS  =================================== -->
+    <!-- =============================================================================== -->
+    <xsd:complexType name="TestsType">
+        <xsd:annotation>
+            <xsd:documentation>The TestsType complex type is a container for one or more test child elements. Each test element describes a single OVAL Test. Please refer to the description of the TestType for more information about an individual test.</xsd:documentation>
+        </xsd:annotation>
+        <xsd:sequence>
+            <xsd:element ref="oval-def:test" minOccurs="1" maxOccurs="unbounded"/>
+        </xsd:sequence>
+    </xsd:complexType>
+    <xsd:element name="test" type="oval-def:TestType" abstract="true">
+        <xsd:annotation>
+            <xsd:documentation>The test element is an abstract element that is meant to be extended (via substitution groups) by the individual tests found in the component schemas. An OVAL Test is used to compare an object(s) against a defined state. An actual test element is not valid. The use of this abstract class simplifies the OVAL schema by allowing individual tests to inherit the optional notes child element, and the id and comment attributes from the base TestType. Please refer to the description of the TestType complex type for more information.</xsd:documentation>
+        </xsd:annotation>
+    </xsd:element>
+    <xsd:complexType name="TestType">
+        <xsd:annotation>
+            <xsd:documentation>The base type of every test includes an optional notes element and several attributes. The notes section of a test should be used to hold information that might be helpful to someone examining the technical aspects of the test. For example, why certain values have been used by the test, or maybe a link to where further information can be found. Please refer to the description of the NotesType complex type for more information about the notes element. The required comment attribute provides a short description of the test. The optional deprecated attribute signifies that an id is no longer to be used or referenced but the information has been kept around for historic purposes.</xsd:documentation>
+            <xsd:documentation>The required id attribute uniquely identifies each test, and must conform to the format specified by the TestIdPattern simple type. The required version attribute holds the current version of the test. Versions are integers, starting at 1 and incrementing every time a test is modified.</xsd:documentation> 
+            <xsd:documentation>The optional check_existence attribute specifies how many items in the set defined by the OVAL Object must exist for the test to evaluate to true. The default value for this attribute is 'at_least_one_exists' indicating that by default the test may evaluate to true if at least one item defined by the OVAL Object exists on the system. For example, if a value of 'all_exist' is given, every item defined by the OVAL Object must exist on the system for the test to evaluate to true. If the OVAL Object uses a variable reference, then every value of that variable must exist. Note that a pattern match defines a unique set of matching items found on a system. So when check_existence = 'all_exist' and a regex matches anything on a system the test will evaluate to true (since all matching objects on the system were found on the system). When check_existence = 'all_exist' and a regex does not match anything on a system the test will evaluate to false.</xsd:documentation>
+            <xsd:documentation>The required check attribute specifies how many items in the set defined by the OVAL Object (ignoring items with a status of Does Not Exist) must satisfy the state requirements.  For example, should the test check that all matching files have a specified version or that at least one file has the specified version?  The valid check values are explained in the description of the CheckEnumeration simple type. Note that if the test does not contain any references to OVAL States, then the check attribute has no meaning and can be ignored during evaluation.</xsd:documentation>
+            <xsd:documentation>An OVAL Test evaluates to true if both the check_existence  and check attributes are satisfied during evaluation. The evaluation result for a test is determined by first evaluating the check_existence attribute. If the result of evaluating the check_existence attribute is true then the check attribute is evaluated. An interpreter may choose to always evaluate both the check_existence and the check attributes, but once the check_existence attribute evaluation has resulted in false the overall test result after evaluating the check attribute will not be affected.</xsd:documentation>
+            <xsd:documentation>The optional state_operator attribute provides the logical operator that combines the evaluation results from each referenced state on a per item basis.  Each matching item is compared to each referenced state. The result of comparing each state to a single item is combined based on the specified state_operator value to determine one result for each item. Finally, the results for each item are combined based on the specified check value.  Note that if the test does not contain any references to OVAL States, then the state_operator attribute has no meaning and can be ignored during evaluation. Referencing multiple states in one test allows ranges of possible values to be expressed. For example, one state can check that a value greater than 8 is found and another state can check that a value of less than 16 is found.  In this example the referenced states are combined with a state_operator = 'AND' indicating that the conditions of all referenced states must be satisfied and that the value must be between 8 AND 16.  The valid state_operation values are explained in the description of the OperatorEnumeration simple type.</xsd:documentation>
+            <xsd:appinfo>
+                <sch:pattern id="oval-def_test_type">
+                    <sch:rule context="oval-def:oval_definitions/oval-def:tests/*[@check_existence='none_exist']">
+                        <sch:assert test="not(*[local-name()='state'])"><sch:value-of select="@id"/> - No state should be referenced when check_existence has a value of 'none_exist'.</sch:assert>
+                    </sch:rule>
+                </sch:pattern>
+            </xsd:appinfo>
+        </xsd:annotation>
+        <xsd:sequence>
+            <xsd:element ref="ds:Signature" minOccurs="0" maxOccurs="1"/>
+            <xsd:element name="notes" type="oval-def:NotesType" minOccurs="0" maxOccurs="1"/>
+        </xsd:sequence>
+        <xsd:attribute name="id" type="oval:TestIDPattern" use="required"/>
+        <xsd:attribute name="version" type="xsd:nonNegativeInteger" use="required"/>
+        <xsd:attribute name="check_existence" type="oval:ExistenceEnumeration" use="optional" default="at_least_one_exists"/>
+        <xsd:attribute name="check" type="oval:CheckEnumeration" use="required"/>
+        <xsd:attribute name="state_operator" type="oval:OperatorEnumeration" use="optional" default="AND"/>
+        <xsd:attribute name="comment" type="oval:NonEmptyStringType" use="required"/>
+        <xsd:attribute name="deprecated" type="xsd:boolean" use="optional" default="false"/>        
+    </xsd:complexType>
+    <xsd:complexType name="ObjectRefType">
+        <xsd:annotation>
+            <xsd:documentation>The ObjectRefType complex type defines an object reference to be used by OVAL Tests that are defined in the component schemas. The required object_ref attribute specifies the id of the OVAL Object being referenced.</xsd:documentation>
+        </xsd:annotation>
+        <xsd:attribute name="object_ref" type="oval:ObjectIDPattern" use="required"/>
+    </xsd:complexType>
+    <xsd:complexType name="StateRefType">
+        <xsd:annotation>
+            <xsd:documentation>The StateRefType complex type defines a state reference to be used by OVAL Tests that are defined in the component schemas. The required state_ref attribute specifies the id of the OVAL State being referenced.</xsd:documentation>
+        </xsd:annotation>
+        <xsd:attribute name="state_ref" type="oval:StateIDPattern" use="required"/>
+    </xsd:complexType>
+    <!-- =============================================================================== -->
+    <!-- ==================================  OBJECTS  ================================== -->
+    <!-- =============================================================================== -->
+    <xsd:complexType name="ObjectsType">
+        <xsd:annotation>
+            <xsd:documentation>The ObjectsType complex type is a container for one or more object child elements. Each object element provides details that define a unique set of matching items to be used by an OVAL Test. Please refer to the description of the object element for more information about an individual object.</xsd:documentation>
+        </xsd:annotation>
+        <xsd:sequence>
+            <xsd:element ref="oval-def:object" minOccurs="1" maxOccurs="unbounded"/>
+        </xsd:sequence>
+    </xsd:complexType>
+    <xsd:element name="object" type="oval-def:ObjectType" abstract="true">
+        <xsd:annotation>
+            <xsd:documentation>The object element is an abstract element that is meant to be extended (via substitution groups) by the objects found in the component schemas. An actual object element is not valid. The use of this abstract element simplifies the OVAL schema by allowing individual objects to inherit any common elements and attributes from the base ObjectType.  Please refer to the description of the ObjectType complex type for more information.</xsd:documentation>
+            <xsd:documentation>An object is used to identify a set of items to collect.  The author of a schema object must define sufficient object entities to allow a user to identify a unique item to be collected.</xsd:documentation>
+            <xsd:documentation>A simple object typically results in a single file, process, etc being identified.  But through the use of pattern matches, sets, and variables, multiple matching items can be identified.  The set of items matching the object can then be used by an OVAL test and compared against an OVAL state.</xsd:documentation>
+        </xsd:annotation>
+    </xsd:element>
+    <xsd:complexType name="ObjectType">
+        <xsd:annotation>
+            <xsd:documentation>The base type of every object includes an optional notes element. The notes element of an object should be used to hold information that might be helpful to someone examining the technical aspects of the object. For example, why certain values have been used, or maybe a link to where further information can be found. Please refer to the description of the NotesType complex type for more information about the notes element.</xsd:documentation>
+            <xsd:documentation>The required id attribute uniquely identifies each object, and must conform to the format specified by the ObjectIdPattern simple type. The required version attribute holds the current version of the object element. Versions are integers, starting at 1 and incrementing every time an object is modified. The optional comment attribute provides a short description of the object. The optional deprecated attribute signifies that an id is no longer to be used or referenced but the information has been kept around for historic purposes.</xsd:documentation>
+        </xsd:annotation>
+        <xsd:sequence>
+            <xsd:element ref="ds:Signature" minOccurs="0" maxOccurs="1"/>
+            <xsd:element name="notes" type="oval-def:NotesType" minOccurs="0" maxOccurs="1"/>
+        </xsd:sequence>
+        <xsd:attribute name="id" type="oval:ObjectIDPattern" use="required"/>
+        <xsd:attribute name="version" type="xsd:nonNegativeInteger" use="required"/>
+        <xsd:attribute name="comment" type="oval:NonEmptyStringType" use="optional"/>
+        <xsd:attribute name="deprecated" type="xsd:boolean" use="optional" default="false"/>
+    </xsd:complexType>
+    <xsd:element name="set">
+        <xsd:annotation>
+            <xsd:documentation>The set element enables complex objects to be described. It is a recursive element in that each set element can contain additional set elements as children. Each set element defines characteristics that produce a matching unique set of items. This set of items is defined by one or two references to OVAL Objects that provide the criteria needed to collect a set of system items. These items can have one or more filters applied to allow a subset of those items to be specifically included or excluded from the overall set of items.</xsd:documentation>
+            <xsd:documentation>The set element's object_reference refers to an existing OVAL Object. The set element's filter element provides a reference to an existing OVAL State and includes an optional action attribute. The filter's action attribute allows the author to specify whether matching items should be included or excluded from the overall set. The default filter action is to exclude all matching items. In other words, the filter can be thought of filtering items out by default.</xsd:documentation>
+            <xsd:documentation>Each filter is applied to the items identified by each OVAL Object before the set_operator is applied. For example, if an object_reference points to an OVAL Object that identifies every file in a certain directory, a filter might be set up to limit the object set to only those files with a size less than 10 KB. If multiple filters are provided, then each filter is applied to the set of items identified by the OVAL Object. Care must be taken to ensure that conflicting filters are not applied. It is possible to exclude all items with a size of 10 KB and then include only items with a size of 10 KB. This example would result in the empty set.</xsd:documentation>
+            <xsd:documentation>The required set_operator attribute defines how different child sets are combined to form the overall unique set of objects. For example, does one take the union of different sets or the intersection? For a description of the valid values please refer to the SetOperatorEnumeration simple type.</xsd:documentation>
+            <xsd:appinfo>
+                <sch:pattern id="oval-def_setobjref">
+                    <sch:rule context="oval-def:oval_definitions/oval-def:objects/*/oval-def:set/oval-def:object_reference">
+                        <sch:assert test="name(./../..) = name(ancestor::oval-def:oval_definitions/oval-def:objects/*[@id=current()])"><sch:value-of select="../../@id"/> - Each object referenced by the set must be of the same type as parent object</sch:assert>
+                    </sch:rule>
+                    <sch:rule context="oval-def:oval_definitions/oval-def:objects/*/oval-def:set/oval-def:set/oval-def:object_reference">
+                        <sch:assert test="name(./../../..) = name(ancestor::oval-def:oval_definitions/oval-def:objects/*[@id=current()])"><sch:value-of select="../../../@id"/> - Each object referenced by the set must be of the same type as parent object</sch:assert>
+                    </sch:rule>
+                    <sch:rule context="oval-def:oval_definitions/oval-def:objects/*/oval-def:set/oval-def:set/oval-def:set/oval-def:object_reference">
+                        <sch:assert test="name(./../../../..) = name(ancestor::oval-def:oval_definitions/oval-def:objects/*[@id=current()])"><sch:value-of select="../../../../@id"/> - Each object referenced by the set must be of the same type as parent object</sch:assert>
+                    </sch:rule>
+                </sch:pattern>
+            </xsd:appinfo>
+        </xsd:annotation>
+        <xsd:complexType>
+            <xsd:choice>
+                <xsd:sequence>
+                    <xsd:element ref="oval-def:set" minOccurs="1" maxOccurs="2"/>
+                </xsd:sequence>
+                <xsd:sequence>
+                    <xsd:element name="object_reference" type="oval:ObjectIDPattern" minOccurs="1" maxOccurs="2"/>
+                    <xsd:element ref="oval-def:filter" minOccurs="0" maxOccurs="unbounded"/>
+                </xsd:sequence>
+            </xsd:choice>
+            <xsd:attribute name="set_operator" type="oval-def:SetOperatorEnumeration" use="optional" default="UNION"/>
+        </xsd:complexType>
+    </xsd:element>
+    <xsd:element name="filter">
+        <xsd:annotation>
+            <xsd:documentation>The filter element provides a reference to an existing OVAL State and includes an optional action attribute. The action attribute is used to specify whether items that match the referenced OVAL State will be included in the resulting set or excluded from the resulting set.</xsd:documentation>
+        </xsd:annotation>
+        <xsd:complexType>
+            <xsd:simpleContent>
+                <xsd:extension base="oval:StateIDPattern">
+                    <xsd:attribute name="action" type="oval-def:FilterActionEnumeration" use="optional" default="exclude"/>
+                </xsd:extension>
+            </xsd:simpleContent>
+        </xsd:complexType>
+    </xsd:element>
+    <!-- =============================================================================== -->
+    <!-- ==================================  STATES  =================================== -->
+    <!-- =============================================================================== -->
+    <xsd:complexType name="StatesType">
+        <xsd:annotation>
+            <xsd:documentation>The StatesType complex type is a container for one or more state child elements. Each state provides details about specific characteristics that can be used during an evaluation of an object. Please refer to the description of the state element for more information about an individual state.</xsd:documentation>
+        </xsd:annotation>
+        <xsd:sequence>
+            <xsd:element ref="oval-def:state" minOccurs="1" maxOccurs="unbounded"/>
+        </xsd:sequence>
+    </xsd:complexType>
+    <xsd:element name="state" type="oval-def:StateType" abstract="true">
+        <xsd:annotation>
+            <xsd:documentation>The state element is an abstract element that is meant to be extended (via substitution groups) by the states found in the component schemas. An actual state element is not valid. The use of this abstract class simplifies the OVAL schema by allowing individual states to inherit the optional notes child element, and the id and operator attributes from the base StateType. Please refer to the description of the StateType complex type for more information.</xsd:documentation>
+            <xsd:documentation>An OVAL State is a collection of one or more characteristics pertaining to a specific object type. The OVAL State is used by an OVAL Test to determine if a unique set of items identified on a system meet certain characteristics.</xsd:documentation>
+        </xsd:annotation>
+    </xsd:element>
+    <xsd:complexType name="StateType">
+        <xsd:annotation>
+            <xsd:documentation>The base type of every state includes an optional notes element and two attributes. The notes section of a state should be used to hold information that might be helpful to someone examining the technical aspects of the state. For example, why certain values have been used by the state, or maybe a link to where further information can be found. Please refer to the description of the NotesType complex type for more information about the notes element.</xsd:documentation>
+            <xsd:documentation>The required id attribute uniquely identifies each state, and must conform to the format specified by the StateIdPattern simple type. The required version attribute holds the current version of the state. Versions are integers, starting at 1 and incrementing every time a state is modified. The required operator attribute provides the logical operator that binds the different characteristics inside a state together. The optional comment attribute provides a short description of the state. The optional deprecated attribute signifies that an id is no longer to be used or referenced but the information has been kept around for historic purposes.</xsd:documentation>
+            <xsd:documentation>When evaluating a particular state against an object, one should evaluate each individual entity separately. The individual results are then combined by the operator to produce an overall result. This process holds true even when there are multiple instances of the same entity. Evaluate each instance separately, taking the entity check attribute into account, and then combine everything using the operator.</xsd:documentation>
+        </xsd:annotation>
+        <xsd:sequence>
+            <xsd:element ref="ds:Signature" minOccurs="0" maxOccurs="1"/>
+            <xsd:element name="notes" type="oval-def:NotesType" minOccurs="0" maxOccurs="1"/>
+        </xsd:sequence>
+        <xsd:attribute name="id" type="oval:StateIDPattern" use="required"/>
+        <xsd:attribute name="version" type="xsd:nonNegativeInteger" use="required"/>
+        <xsd:attribute name="operator" type="oval:OperatorEnumeration" use="optional" default="AND"/>
+        <xsd:attribute name="comment" type="oval:NonEmptyStringType" use="optional"/>
+        <xsd:attribute name="deprecated" type="xsd:boolean" use="optional" default="false"/>
+    </xsd:complexType>
+    <!-- =============================================================================== -->
+    <!-- =================================  VARIABLES  ================================= -->
+    <!-- =============================================================================== -->
+    <xsd:complexType name="VariablesType">
+        <xsd:annotation>
+            <xsd:documentation>The VariablesType complex type is a container for one or more variable child elements. Each variable element is a way to define one or more values to be obtained at the time a definition is evaluated.</xsd:documentation>
+        </xsd:annotation>
+        <xsd:sequence>
+            <xsd:element ref="oval-def:variable" minOccurs="1" maxOccurs="unbounded"/>
+        </xsd:sequence>
+    </xsd:complexType>
+    <xsd:element name="variable" type="oval-def:VariableType" abstract="true">
+        <xsd:annotation>
+            <xsd:documentation>The variable element is an abstract element that is meant to be extended (via substitution groups) by the different types of variables. An actual variable element is not valid. The different variable types describe different sources for obtaining a value(s) for the variable. There are currently three types of variables; local, external, and constant. Please refer to the description of each one for more specific information. The value(s) of a variable is treated as if it were inserted where referenced. One of the main benefits of variables is that they allow tests to evaluate user-defined policy. For example, an OVAL Test might check to see if a password is at least a certain number of characters long, but this number depends upon the individual policy of the user. To solve this, the test for password length can be written to refer to a variable element that defines the length.</xsd:documentation>
+            <xsd:documentation>If a variable defines an array of values, any entity that references the variable will evaluate to true depending on the value of the var_check attribute. For example, if an entity 'size' with an operation of 'less than' references a variable that returns five different integers, and the var_check attribute has a value of 'all', then the 'size' entity returns true only if the actual size is less than each of the five integers defined by the variable. If a variable does not return any value, then an error should be reported during OVAL analysis.</xsd:documentation>
+        </xsd:annotation>
+    </xsd:element>
+    <xsd:complexType name="VariableType">
+        <xsd:annotation>
+            <xsd:documentation>The VariableType complex type defines attributes associated with each OVAL Variable. The required id attribute uniquely identifies each variable, and must conform to the format specified by the VariableIDPattern simple type. The required version attribute holds the current version of the variable. Versions are integers, starting at 1 and incrementing every time a variable is modified.  The required comment attribute provides a short description of the variable. The optional deprecated attribute signifies that an id is no longer to be used or referenced but the information has been kept around for historic purposes.</xsd:documentation>
+            <xsd:documentation>The required datatype attribute specifies the type of value being defined.  The set of values identified by a variable must comply with the specified datatype, otherwise an error should be reported.  Please see the DatatypeEnumeration for details about each valid datatype.  For example, if the datatype of the variable is specified as boolean then the value(s) returned by the component / function should be "true", "false", "1", or "0".</xsd:documentation>
+            <xsd:documentation>Note that the 'record' datatype is not permitted on variables.</xsd:documentation>
+        </xsd:annotation>
+        <xsd:sequence>
+            <xsd:element ref="ds:Signature" minOccurs="0" maxOccurs="1"/>
+        </xsd:sequence>
+        <xsd:attribute name="id" type="oval:VariableIDPattern" use="required"/>
+        <xsd:attribute name="version" type="xsd:nonNegativeInteger" use="required"/>
+        <xsd:attribute name="datatype" use="required" type="oval:SimpleDatatypeEnumeration">
+            <xsd:annotation>
+                <xsd:documentation>Note that the 'record' datatype is not permitted on variables.</xsd:documentation>
+            </xsd:annotation>
+        </xsd:attribute>
+        <xsd:attribute name="comment" type="oval:NonEmptyStringType" use="required"/>
+        <xsd:attribute name="deprecated" type="xsd:boolean" use="optional" default="false"/>
+    </xsd:complexType>
+    <xsd:element name="external_variable" substitutionGroup="oval-def:variable">
+        <xsd:annotation>
+            <xsd:documentation>The external_variable element extends the VariableType and defines a variable with some external source. The actual value(s) for the variable is not provided within the OVAL file, but rather it is retrieved during the evaluation of the OVAL Definition from an external source. An unbounded set of possible-value and possible_restriction child elements can be specified that together specify the list of all possible values that an external source is allowed to supply for the external variable. In other words, the value assigned by an external source must match one of the possible_value or possible_restriction elements specified. Each possible_value element contains a single value that could be assigned to the given external_variable while each possible_restriction element outlines a range of possible values. Note that it is not necessary to declare a variable's possible values, but the option is available if desired. If no possible child elements are specified, then the valid values are only bound to the specified datatype of the external variable. Please refer to the description of the PossibleValueType and PossibleRestrictionType complex types for more information.</xsd:documentation>
+        </xsd:annotation>
+        <xsd:complexType>
+            <xsd:complexContent>
+                <xsd:extension base="oval-def:VariableType">
+                    <xsd:choice minOccurs="0" maxOccurs="unbounded">
+                        <xsd:element name="possible_value" type="oval-def:PossibleValueType"/>
+                        <xsd:element name="possible_restriction" type="oval-def:PossibleRestrictionType"/>
+                    </xsd:choice>
+                </xsd:extension>
+            </xsd:complexContent>
+        </xsd:complexType>
+    </xsd:element>
+    <xsd:complexType name="PossibleValueType">
+        <xsd:annotation>
+            <xsd:documentation>The PossibleValueType complex type is used to outline a single expected value of an external variable. The required hint attribute gives a short description of what the value means or represents.</xsd:documentation>
+        </xsd:annotation>
+        <xsd:simpleContent>
+            <xsd:extension base="xsd:anySimpleType">
+                <xsd:attribute name="hint" type="xsd:string" use="required"/>
+            </xsd:extension>
+        </xsd:simpleContent>
+    </xsd:complexType>
+    <xsd:complexType name="PossibleRestrictionType">
+        <xsd:annotation>
+            <xsd:documentation>The PossibleRestrictionType complex type outlines a range of possible expected value of an external variable. Each possible_restriction element contains an unbounded list of child restriction elements that each specify a range that an actual value may fall in. For example, a restriction element may specify that a value must be less than 10. When multiple restriction elements are present, a valid possible value would have to meet every restriction. One can think of the possible_value and possible_restriction elements as an OR'd list of possible values, and the restriction elements as an AND'd list of value descriptions. Please refer to the description of the RestrictionType complex type for more information. The required hint attribute gives a short description of what the value means or represents.</xsd:documentation>
+        </xsd:annotation>
+        <xsd:choice>
+            <xsd:element name="restriction" type="oval-def:RestrictionType" minOccurs="1" maxOccurs="unbounded"/>
+        </xsd:choice>
+        <xsd:attribute name="hint" type="xsd:string" use="required"/>
+    </xsd:complexType>
+    <xsd:complexType name="RestrictionType">
+        <xsd:annotation>
+            <xsd:documentation>The RestrictionType complex type outlines a restriction that is placed on expected values for an external variable. For example, a possible value may be restricted to a integer less than 10. Please refer to the operationEnumeration simple type for a description of the valid operations. The required hint attribute gives a short description of what the value means or represents.</xsd:documentation>
+        </xsd:annotation>
+        <xsd:simpleContent>
+            <xsd:extension base="xsd:anySimpleType">
+                <xsd:attribute name="operation" type="oval:OperationEnumeration" use="required"/>
+            </xsd:extension>
+        </xsd:simpleContent>
+    </xsd:complexType>
+    <xsd:element name="constant_variable" substitutionGroup="oval-def:variable">
+        <xsd:annotation>
+            <xsd:documentation>The constant_variable element extends the VariableType and defines a variable with a constant value(s). Each constant_variable defines either a single value or an array of values to be used throughout the evaluation of the OVAL Definition File in which it has been defined. Constant variables cannot be over-ridden by an external source. The actual value of a constant variable is defined by the required value child element. An array of values can be specified by including multiple instances of the value element. Please refer to the description of the ValueType complex type for more information.</xsd:documentation>
+        </xsd:annotation>
+        <xsd:complexType>
+            <xsd:complexContent>
+                <xsd:extension base="oval-def:VariableType">
+                    <xsd:sequence>
+                        <xsd:element name="value" type="oval-def:ValueType" minOccurs="1" maxOccurs="unbounded"/>
+                    </xsd:sequence>
+                </xsd:extension>
+            </xsd:complexContent>
+        </xsd:complexType>
+    </xsd:element>
+    <xsd:complexType name="ValueType">
+        <xsd:annotation>
+            <xsd:documentation>The ValueType complex type holds the actual value of the variable when dealing with a constant variable. This value should be used by all tests that reference this variable. The value cannot be over-ridden by an external source.</xsd:documentation>
+        </xsd:annotation>
+        <xsd:simpleContent>
+            <xsd:extension base="xsd:anySimpleType"/>
+        </xsd:simpleContent>
+    </xsd:complexType>
+    <xsd:element name="local_variable" substitutionGroup="oval-def:variable">
+        <xsd:annotation>
+            <xsd:documentation>The local_variable element extends the VariableType and defines a variable with some local source. The actual value(s) for the variable is not provided in the OVAL Definition document but rather it is retrieved during the evaluation of the OVAL Definition. Each local variable is defined by either a single component or a complex function, meaning that a value can be as simple as a literal string or as complex as multiple registry keys concatenated together. Note that if an individual component is used and it returns multiple values, then there will be multiple values associated with the local_variable. For example, if an object_component is used and it references a file object that identifies a set of 5 files, then the local variable would represent these 5 values. Please refer to the description of the ComponentGroup for more information.</xsd:documentation>
+        </xsd:annotation>
+        <xsd:complexType>
+            <xsd:complexContent>
+                <xsd:extension base="oval-def:VariableType">
+                    <xsd:sequence>
+                        <xsd:group ref="oval-def:ComponentGroup" />
+                    </xsd:sequence>
+                </xsd:extension>
+            </xsd:complexContent>
+        </xsd:complexType>
+    </xsd:element>
+    <xsd:group name="ComponentGroup">
+        <xsd:annotation>
+            <xsd:documentation>Any value that is pulled directly off the local system is defined by the basic component element. For example, the name of a user or the value of a registry key. Please refer to the definition of the ObjectComponentType for more information. A value can also be obtained from another variable. The variable element identifies a variable id to pull a value(s) from. Please refer to the definition of the VariableComponentType for more information. Literal values can also be specified.</xsd:documentation>
+        </xsd:annotation>
+        <xsd:choice>
+            <xsd:element name="object_component" type="oval-def:ObjectComponentType"/>
+            <xsd:element name="variable_component" type="oval-def:VariableComponentType"/>
+            <xsd:element name="literal_component" type="oval-def:LiteralComponentType"/>
+            <xsd:group ref="oval-def:FunctionGroup"/>
+        </xsd:choice>
+    </xsd:group>
+    <xsd:complexType name="LiteralComponentType">
+        <xsd:annotation>
+            <xsd:documentation>The LiteralComponentType complex type defines a literal value to be used as a component.  The optional datatype attribute defines the type of data expected.  The default datatype is 'string'.</xsd:documentation>
+            <xsd:appinfo>
+                <sch:pattern id="oval-def_literal_component">
+                    <sch:rule context="oval-def:literal_component">
+                        <sch:assert test="not(@datatype='record')"><sch:value-of select="ancestor::*/@id"/> - The 'record' datatype is prohibited on variables.</sch:assert>
+                    </sch:rule>
+                    <!--
+                        <sch:rule context="oval-def:literal_component/*/*[not(@datatype)]">
+                        </sch:rule>
+                        <sch:rule context="oval-def:literal_component[@datatype='binary']">
+                        <sch:assert test="matches(., '^[0-9a-fA-F]*$')"><sch:value-of select="../@id"/> - A value of '<sch:value-of select="."/>' for the <sch:value-of select="name()"/> entity is not valid given a datatype of binary.</sch:assert>
+                        </sch:rule>
+                        <sch:rule context="oval-def:literal_component[@datatype='boolean']">
+                        <sch:assert test="matches(., '^true$|^false$|^1$|^0$')"><sch:value-of select="../@id"/> - A value of '<sch:value-of select="."/>' for the <sch:value-of select="name()"/> entity is not valid given a datatype of boolean.</sch:assert>
+                        </sch:rule>
+                        <sch:rule context="oval-def:literal_component[@datatype='evr_string']">
+                        <sch:assert test="matches(., '^[^:\-]*:[^:\-]*-[^:\-]*$')"><sch:value-of select="../@id"/> - A value of '<sch:value-of select="."/>' for the <sch:value-of select="name()"/> entity is not valid given a datatype of evr_string.</sch:assert>
+                        </sch:rule>
+                        <sch:rule context="oval-def:literal_component[@datatype='fileset_revision']">
+                        </sch:rule>
+                        <sch:rule context="oval-def:literal_component[@datatype='float']">
+                        <sch:assert test="matches(., '^[+\-]?[0-9]+([\.][0-9]+)?([eE][+\-]?[0-9]+)?$|^NaN$|^INF$|^\-INF$')"><sch:value-of select="../@id"/> - A value of '<sch:value-of select="."/>' for the <sch:value-of select="name()"/> entity is not valid given a datatype of float.</sch:assert>
+                        </sch:rule>
+                        <sch:rule context="oval-def:literal_component[@datatype='ios_version']">
+                        </sch:rule>
+                        <sch:rule context="oval-def:literal_component[@datatype='int']">
+                        <sch:assert test="matches(., '^[+\-]?[0-9]+$')"><sch:value-of select="../@id"/> - A value of '<sch:value-of select="."/>' for the <sch:value-of select="name()"/> entity is not valid given a datatype of int.</sch:assert>
+                        </sch:rule>
+                        <sch:rule context="oval-def:literal_component[@datatype='string']">
+                        </sch:rule>
+                        <sch:rule context="oval-def:literal_component[@datatype='version']">
+                        </sch:rule>
+                    -->
+                </sch:pattern>
+            </xsd:appinfo>
+        </xsd:annotation>
+        <xsd:simpleContent>
+            <xsd:extension base="xsd:anySimpleType">
+                <xsd:attribute name="datatype" type="oval:SimpleDatatypeEnumeration" use="optional" default="string"/>
+            </xsd:extension>
+        </xsd:simpleContent>
+    </xsd:complexType>
+    <xsd:complexType name="ObjectComponentType">
+        <xsd:annotation>
+            <xsd:documentation>The ObjectComponentType complex type defines a specific value or set of values on the local system to obtain.</xsd:documentation>
+            <xsd:documentation>The required object_ref attribute provides a reference to an existing OVAL Object declaration. The referenced OVAL Object specifies a set of OVAL Items to collect. Note that an OVAL Object might identify 0, 1, or many OVAL Items on a system. If no items are found on the system then an error should be reported when determining the value of an ObjectComponentType. If 1 or more OVAL Items are found then each OVAL Item will be considered and the ObjectComponentType may have one or more values.</xsd:documentation>
+            <xsd:documentation>The required item_field attribute specifies the name of the entity whose value will be retrieved from each OVAL Item collected by the referenced OVAL Object. For example, if the object_ref references a win-def:file_object, the item_field may specify the 'version' entity as the field to use as the value of the ObjectComponentType. Note that an OVAL Item may have 0, 1, or many entities whose name matches the specified item_field value. If an entity is not found with a name that matches the value of the item_field an error should be reported when determining the value of an ObjectComponentType. If 1 or more matching entities are found in a single OVAL Item the value of the ObjectComponentType is the list of the values from each of the matching entities.</xsd:documentation>
+            <xsd:documentation>The optional record_field attribute specifies the name of a field in a record entity in an OVAL Item. The record_field attribute allows the value of a specific field to be retrieved from an entity with a datatype of 'record'. If a field with a matching name attribute value is not found in the referenced OVAL Item entity an error should be reported when determining the value of the ObjectComponentType.</xsd:documentation>
+        </xsd:annotation>
+        <xsd:attribute name="object_ref" type="oval:ObjectIDPattern" use="required"/>
+        <xsd:attribute name="item_field" type="oval:NonEmptyStringType" use="required"/>
+        <xsd:attribute name="record_field" type="oval:NonEmptyStringType" use="optional"/>
+    </xsd:complexType>
+    <xsd:complexType name="VariableComponentType">
+        <xsd:annotation>
+            <xsd:documentation>The VariableComponentType complex type defines a specific value obtained by looking at the value of another OVAL Variable. The required var_ref attribute provides a reference to the variable. One must make sure that the variable reference does not point to the parent variable that uses this component to avoid a race condition.</xsd:documentation>
+        </xsd:annotation>
+        <xsd:attribute name="var_ref" type="oval:VariableIDPattern" use="required"/>
+    </xsd:complexType>
+    <xsd:group name="FunctionGroup">
+        <xsd:annotation>
+            <xsd:documentation>Complex functions have been defined that help determine how to manipulate specific values. These functions can be nested together to form complex statements. Each function is designed to work on a specific type of data. If the data being worked on is not of the correct type, a cast should be attempted before reporting an error. For example, if a concat function includes a registry component that returns an integer, then the integer should be cast as a string in order to work with the concat function. Note that if the operation being applied to the variable by the calling entity is "pattern match", then all the functions are performed before the regular expression is evaluated. In short, the variable would produce a value as normal and then any pattern match operation would be performed. It is also important to note that when using these functions with sub-components that return multiple values that the operation will be performed on the Cartesian product of the components and the result is an array of values.  For example, assume a local_variable specifies the arithmetic function with an arithmetic_operation of "add" and has two sub-components under this function: the first component returns multiple values "1" and "2", and the second component returns multiple values "3" and "4" and "5". The local_variable element would be evaluated to have six values:  1+3, 1+4, 1+5, 2+3, 2+4, and 2+5.   Please refer to the description of a specific function for more details about it.</xsd:documentation>
+        </xsd:annotation>
+        <xsd:choice>
+            <xsd:element name="arithmetic" type="oval-def:ArithmeticFunctionType"/>
+            <xsd:element name="begin" type="oval-def:BeginFunctionType"/>
+            <xsd:element name="concat" type="oval-def:ConcatFunctionType"/>
+            <xsd:element name="end" type="oval-def:EndFunctionType"/>
+            <xsd:element name="escape_regex" type="oval-def:EscapeRegexFunctionType"/>
+            <xsd:element name="split" type="oval-def:SplitFunctionType"/>
+            <xsd:element name="substring" type="oval-def:SubstringFunctionType"/>
+            <xsd:element name="time_difference" type="oval-def:TimeDifferenceFunctionType"/>
+            <xsd:element name="regex_capture" type="oval-def:RegexCaptureFunctionType"/>
+            <xsd:element name="unique" type="oval-def:UniqueFunctionType"/>
+            <xsd:element name="count" type="oval-def:CountFunctionType"/>
+        </xsd:choice>
+    </xsd:group>
+    <xsd:complexType name="ArithmeticFunctionType">
+        <xsd:annotation>
+              <xsd:documentation>The arithmetic function takes two or more integer or float components and performs a basic mathematical function on them.  The result of this function is a single integer or float unless one of the components returns multiple values. In this case the specified arithmetic function would be performed multiple times and the end result would be an array of values for the local variable. For example assume a local_variable specifies the arithmetic function with an arithmetic_operation of "add" and has two sub-components under this function: the first component returns multiple values "1" and "2", and the second component returns multiple values "3" and "4" and "5". The local_variable element would be evaluated to have six values: 1+3, 1+4, 1+5, 2+3, 2+4, and 2+5.</xsd:documentation>
+            <xsd:documentation>Note that if both an integer and float components are used then the result is a float.</xsd:documentation>
+            <xsd:appinfo>
+                <sch:pattern id="oval-def_arithmeticfunctionrules">
+                    <sch:rule context="oval-def:arithmetic/oval-def:literal_component">
+                        <sch:assert test="@datatype='float' or @datatype='int'">A literal_component used by an arithmetic function must have a datatype of float or int.</sch:assert>
+                    </sch:rule>
+                    <sch:rule context="oval-def:arithmetic/oval-def:variable_component">
+                        <sch:let name="var_ref" value="@var_ref"/>
+                        <sch:assert test="ancestor::oval-def:oval_definitions/oval-def:variables/*[@id=$var_ref]/@datatype='float' or ancestor::oval-def:oval_definitions/oval-def:variables/*[@id=$var_ref]/@datatype='int'">The variable referenced by the arithmetic function must have a datatype of float or int.</sch:assert>
+                    </sch:rule>
+                </sch:pattern>
+            </xsd:appinfo>
+        </xsd:annotation>
+        <xsd:sequence minOccurs="2" maxOccurs="unbounded">
+            <xsd:group ref="oval-def:ComponentGroup"/>
+        </xsd:sequence>
+        <xsd:attribute name="arithmetic_operation" type="oval-def:ArithmeticEnumeration" use="required"/>
+    </xsd:complexType>
+    <xsd:complexType name="BeginFunctionType">
+        <xsd:annotation>
+            <xsd:documentation>The begin function takes a single string component and defines a character (or string) that the component string should start with. The character attribute defines the specific character (or string). The character (or string) is only added to the component string if the component string does not already start with the specified character (or string). If the component string does not start with the specified character (or string) the entire character (or string) will be prepended to the component string..</xsd:documentation>
+            <xsd:appinfo>
+                <sch:pattern id="oval-def_beginfunctionrules">
+                    <sch:rule context="oval-def:begin/oval-def:literal_component">
+                        <sch:assert test="not(@datatype) or @datatype='string'">A literal_component used by the begin function must have a datatype of string.</sch:assert>
+                    </sch:rule>
+                    <sch:rule context="oval-def:begin/oval-def:variable_component">
+                        <sch:let name="var_ref" value="@var_ref"/>
+                        <sch:assert test="ancestor::oval-def:oval_definitions/oval-def:variables/*[@id=$var_ref]/@datatype = 'string'">The variable referenced by the begin function must have a datatype of string.</sch:assert>
+                    </sch:rule>
+                </sch:pattern>
+            </xsd:appinfo>
+        </xsd:annotation>
+        <xsd:sequence>
+            <xsd:group ref="oval-def:ComponentGroup"/>
+        </xsd:sequence>
+        <xsd:attribute name="character" type="xsd:string" use="required"/>
+    </xsd:complexType>
+    <xsd:complexType name="ConcatFunctionType">
+        <xsd:annotation>
+            <xsd:documentation>The concat function takes two or more components and concatenates them together to form a single string. The first component makes up the beginning of the resulting string and any following components are added to the end it. If one of the components returns multiple values then the concat function would be performed multiple times and the end result would be an array of values for the local variable. For example assume a local variable has two sub-components: a basic component element returns the values "abc" and "def", and a literal component element that has a value of "xyz". The local_variable element would be evaluated to have two values, "abcxyz" and "defxyz". If one of the components does not exist, then the result of the concat operation should be does not exist.</xsd:documentation>
+            <xsd:appinfo>
+                <evaluation_documentation>Below is a chart that specifies how to classify the flag status of a variable using the concat function during evaluation when multiple components are supplied. Both the object and variable component are indirectly associated with collected objects in a system characteristics file. These objects could have been completely collected from the system, or there might have been some type of error that led to the object not being collected, or maybe only a part of the object set was collected. This flag status is important as OVAL Objects or OVAL States that are working with a variable (through the var_ref attribute on an entity) can use this information to report more accurate results. For example, an OVAL Test with a check attribute of 'at least one' that specifies an object with a variable reference, might be able to produce a valid result based on an incomplete object set as long as one of the objects in the set is true.</evaluation_documentation>
+                <evaluation_chart  xml:space="preserve">
+      ||  num of components with flag      || 
+      ||                                   || resulting flag is 
+      || E  | C  | I  | DNE | NC | NA      || 
+------||-----------------------------------||------------------
+      || 1+ | 0+ | 0+ | 0+  | 0+ | 0+      || Error
+      || 0  | 1+ | 0  | 0   | 0  | 0       || Complete 
+      || 0  | 0+ | 1+ | 0   | 0  | 0       || Incomplete 
+      || 0  | 0+ | 0+ | 1+  | 0  | 0       || Does Not Exist 
+      || 0  | 0+ | 0+ | 0+  | 1+ | 0       || Not Collected 
+      || 0  | 0+ | 0+ | 0+  | 0+ | 1+      || Not Applicable
+------||-----------------------------------||------------------
+                </evaluation_chart>
+                    <sch:pattern id="oval-def_concatfunctionrules">
+                        <sch:rule context="oval-def:concat/oval-def:literal_component">
+                            <sch:assert test="not(@datatype) or @datatype='string'">A literal_component used by the concat function must have a datatype of string.</sch:assert>
+                        </sch:rule>
+                        <sch:rule context="oval-def:concat/oval-def:variable_component">
+                            <sch:let name="var_ref" value="@var_ref"/>
+                            <sch:assert test="ancestor::oval-def:oval_definitions/oval-def:variables/*[@id=$var_ref]/@datatype = 'string'">The variable referenced by the concat function must have a datatype of string.</sch:assert>
+                        </sch:rule>
+                    </sch:pattern>
+            </xsd:appinfo>
+        </xsd:annotation>
+        <xsd:sequence minOccurs="2" maxOccurs="unbounded">
+            <xsd:group ref="oval-def:ComponentGroup"/>
+        </xsd:sequence>
+    </xsd:complexType>
+    <xsd:complexType name="EndFunctionType">
+        <xsd:annotation>
+            <xsd:documentation>The end function takes a single string component and defines a character (or string) that the component string should end with. The character attribute defines the specific character (or string). The character (or string) is only added to the component string if the component string does not already end with the specified character (or string). If the desired end character is a string, then the entire end string must exist at the end if the component string. If the entire end string is not present then the entire end string is appended to the component string.</xsd:documentation>
+            <xsd:appinfo>
+                <sch:pattern id="oval-def_endfunctionrules">
+                    <sch:rule context="oval-def:end/oval-def:literal_component">
+                        <sch:assert test="not(@datatype) or @datatype='string'">A literal_component used by the end function must have a datatype of string.</sch:assert>
+                    </sch:rule>
+                    <sch:rule context="oval-def:end/oval-def:variable_component">
+                        <sch:let name="var_ref" value="@var_ref"/>
+                        <sch:assert test="ancestor::oval-def:oval_definitions/oval-def:variables/*[@id=$var_ref]/@datatype = 'string'">The variable referenced by the end function must have a datatype of string.</sch:assert>
+                    </sch:rule>
+                </sch:pattern>
+            </xsd:appinfo>
+        </xsd:annotation>
+        <xsd:sequence>
+            <xsd:group ref="oval-def:ComponentGroup"/>
+        </xsd:sequence>
+        <xsd:attribute name="character" type="xsd:string" use="required"/>
+    </xsd:complexType>
+    <xsd:complexType name="EscapeRegexFunctionType">
+        <xsd:annotation>
+            <xsd:documentation>The escape_regex function takes a single string component and escapes all of the regular expression characters. For example, the string '(\.test_string*)?' will evaluate to '\(\\\.test_string\*\)\?'. The purpose for this is that many times, a component used in pattern match needs to be treated as a literal string and not a regular expression. For example, assume a basic component element that identifies a file path that is held in the Windows registry. This path is a string that might contain regular expression characters. These characters are likely not intended to be treated as regular expression characters and need to be escaped. This function allows a definition writer to mark convert the values of components to regular expression format.</xsd:documentation>
+            <xsd:documentation>Note that when using regular expressions, OVAL supports a common subset of the regular expression character classes, operations, expressions and other lexical tokens defined within Perl 5's regular expression specification. For more information on the supported regular expression syntax in OVAL see: http://oval.mitre.org/language/about/re_support_5.6.html.</xsd:documentation>
+            <xsd:appinfo>
+                <sch:pattern id="oval-def_escaperegexfunctionrules">
+                    <sch:rule context="oval-def:escape_regex/oval-def:literal_component">
+                        <sch:assert test="not(@datatype) or @datatype='string'">A literal_component used by the escape_regex function must have a datatype of string.</sch:assert>
+                    </sch:rule>
+                    <sch:rule context="oval-def:escape_regex/oval-def:variable_component">
+                        <sch:let name="var_ref" value="@var_ref"/>
+                        <sch:assert test="ancestor::oval-def:oval_definitions/oval-def:variables/*[@id=$var_ref]/@datatype = 'string'">The variable referenced by the escape_regex function must have a datatype of string.</sch:assert>
+                    </sch:rule>
+                </sch:pattern>
+            </xsd:appinfo>
+        </xsd:annotation>
+        <xsd:sequence>
+            <xsd:group ref="oval-def:ComponentGroup"/>
+        </xsd:sequence>
+    </xsd:complexType>
+    <xsd:complexType name="SplitFunctionType">
+        <xsd:annotation>
+            <xsd:documentation>The split function takes a single string component and turns it into multiple values based on a delimiter string. For example, assume that a basic component element returns the value "a-b-c-d" to the split function with the delimiter set to "-". The local_variable element would be evaluated to have four values "a", "b", "c", and "d". If the basic component returns a value that begins, or ends, with a delimiter, the local_variable element would contain empty string values at the beginning, or end, of the set of values returned for that string component. For example, if the delimiter is "-", and the basic component element returns the value "-a-a-", the local_variable element would be evaluated to have four values "", "a", "a", and "". Likewise, if the basic component element returns a value that contains adjacent delimiters such as "---", the local_variable element would be evaluated to have four values "", "", "", and "". Lastly, if the basic component element used by the split function returns multiple values, then the split function is performed multiple times, and all of the results, from each of the split functions, are returned.</xsd:documentation>
+            <xsd:appinfo>
+                <sch:pattern id="oval-def_splitfunctionrules">
+                    <sch:rule context="oval-def:split/oval-def:literal_component">
+                        <sch:assert test="not(@datatype) or @datatype='string'">A literal_component used by the split function must have a datatype of string.</sch:assert>
+                    </sch:rule>
+                    <sch:rule context="oval-def:split/oval-def:variable_component">
+                        <sch:let name="var_ref" value="@var_ref"/>
+                        <sch:assert test="ancestor::oval-def:oval_definitions/oval-def:variables/*[@id=$var_ref]/@datatype = 'string'">The variable referenced by the split function must have a datatype of string.</sch:assert>
+                    </sch:rule>
+                </sch:pattern>
+            </xsd:appinfo>
+        </xsd:annotation>
+        <xsd:sequence>
+            <xsd:group ref="oval-def:ComponentGroup"/>
+        </xsd:sequence>
+        <xsd:attribute name="delimiter" type="xsd:string" use="required"/>
+    </xsd:complexType>
+    <xsd:complexType name="SubstringFunctionType">
+        <xsd:annotation>
+            <xsd:documentation>The substring function takes a single string component and produces a single value that contains a portion of the original string. The substring_start attribute defines the starting position in the original string. To include the first character of the string, the start position would be 1. A value less than 1 also means that the start position would be 1. If the substring_start attribute has value greater than the length of the original string an error should be reported. The substring_length attribute defines how many characters after, and including, the starting character to include. A substring_length value greater than the actual length of the string, or a negative value, means to include all of the characters after the starting character. For example, assume a basic component element that returns the value "abcdefg" with a substring_start value of 3 and a substring_length value of 2. The local_variable element would evaluate to have a single value of "cd". If the string component used by the substring function returns multiple values, then the substring operation is performed multiple times and results in multiple values for the component.</xsd:documentation>
+            <xsd:appinfo>
+                <sch:pattern id="oval-def_substringfunctionrules">
+                    <sch:rule context="oval-def:substring/oval-def:literal_component">
+                        <sch:assert test="not(@datatype) or @datatype='string'">A literal_component used by the substring function must have a datatype of string.</sch:assert>
+                    </sch:rule>
+                    <sch:rule context="oval-def:substring/oval-def:variable_component">
+                        <sch:let name="var_ref" value="@var_ref"/>
+                        <sch:assert test="ancestor::oval-def:oval_definitions/oval-def:variables/*[@id=$var_ref]/@datatype = 'string'">The variable referenced by the substring function must have a datatype of string.</sch:assert>
+                    </sch:rule>
+                </sch:pattern>
+            </xsd:appinfo>
+        </xsd:annotation>
+        <xsd:sequence>
+            <xsd:group ref="oval-def:ComponentGroup"/>
+        </xsd:sequence>
+        <xsd:attribute name="substring_start" type="xsd:int" use="required"/>
+        <xsd:attribute name="substring_length" type="xsd:int" use="required"/>
+    </xsd:complexType>
+    <xsd:complexType name="TimeDifferenceFunctionType">
+        <xsd:annotation>
+            <xsd:documentation>The time_difference function calculates the difference in seconds between date-time values. If one component is specified, the values of that component are subtracted from the current time (UTC). If two components are specified, the value of the second component is subtracted from the value of the first component. If the component(s) contain multiple values, the operation is performed multiple times on the Cartesian product of the component(s) and the result is an array of time difference values. For example, assume a local_variable specifies the time_difference function and has two sub-components under this function: the first component returns multiple values "04/02/2009" and "04/03/2009", and the second component returns multiple values "02/02/2005" and "02/03/2005" and "02/04/2005". The local_variable element would be evaluated to have six values:  (ToSeconds("04/02/2009") - ToSeconds("02/02/2005")), (ToSeconds("04/02/2009") - ToSeconds("02/03/2005")), (ToSeconds("04/02/2009") - ToSeconds("02/04/2005")), (ToSeconds("04/03/2009") - ToSeconds("02/02/2005")), (ToSeconds("04/03/2009") - ToSeconds("02/03/2005")), and (ToSeconds("04/03/2009") - ToSeconds("02/04/2005")).</xsd:documentation>
+            <xsd:documentation>The date-time format of each component is determined by the two format attributes. The format1 attribute applies to the first component, and the format2 attribute applies to the second component. Valid values for the attributes are 'win_filetime', 'seconds_since_epoch', 'day_month_year', 'year_month_day', and 'month_day_year'. Please see the DateTimeFormatEnumeration for more information about each of these values. If an input value is not understood, the result is an error. If only one input is specified, specify the format with the format2 attribute, as the first input is considered to be the implied 'current time' input.</xsd:documentation>
+            <xsd:documentation>Note that the datatype associated with the components should be 'string' or 'int' depending on which date time format is specified.  The result of this function though is always an integer.</xsd:documentation>
+            <xsd:appinfo>
+                <sch:pattern id="oval-def_timedifferencefunctionrules">
+                    <sch:rule context="oval-def:time_difference/oval-def:literal_component">
+                        <sch:assert test="not(@datatype) or @datatype='string' or @datatype='int'">A literal_component used by the time_difference function must have a datatype of string or int.</sch:assert>
+                    </sch:rule>
+                    <sch:rule context="oval-def:time_difference/oval-def:variable_component">
+                        <sch:let name="var_ref" value="@var_ref"/>
+                        <sch:assert test="ancestor::oval-def:oval_definitions/oval-def:variables/*[@id=$var_ref]/@datatype='string' or ancestor::oval-def:oval_definitions/oval-def:variables/*[@id=$var_ref]/@datatype='int'">The variable referenced by the time_difference function must have a datatype of string or int.</sch:assert>
+                    </sch:rule>
+                </sch:pattern>
+            </xsd:appinfo>
+        </xsd:annotation>
+        <xsd:sequence minOccurs="1" maxOccurs="2">
+            <xsd:group ref="oval-def:ComponentGroup"/>
+        </xsd:sequence>
+        <xsd:attribute name="format_1" type="oval-def:DateTimeFormatEnumeration" use="optional" default="year_month_day"/>
+        <xsd:attribute name="format_2" type="oval-def:DateTimeFormatEnumeration" use="optional" default="year_month_day"/>
+    </xsd:complexType>
+    <xsd:complexType name="RegexCaptureFunctionType">
+        <xsd:annotation>
+            <xsd:documentation>The regex_capture function captures a single substring from a string component. The 'pattern' attribute provides a regular expression that must contain a single subexpression (using parentheses). The first match of the subexpression is considered the captured substring. For example, the pattern ^abc(.*)xyz$ would capture a substring from each of the string component's values if the value starts with abc and ends with xyz. In this case the subexpression would be all the characters that exist in between the abc and the xyz. If more than one subexpression is supplied only the first match is considered. If more than one match is identified by a single subexpression only the first match is considered. If no matches are found or a subexpression is not supplied the function will evaluate to an empty string. Note that subexpressions match the longest possible substrings.</xsd:documentation>
+            <xsd:documentation>Note that when using regular expressions, OVAL supports a common subset of the regular expression character classes, operations, expressions and other lexical tokens defined within Perl 5's regular expression specification. For more information on the supported regular expression syntax in OVAL see: http://oval.mitre.org/language/about/re_support_5.6.html.</xsd:documentation>
+            <xsd:appinfo>
+                <sch:pattern id="oval-def_regexcapturefunctionrules">
+                    <sch:rule context="oval-def:regex_capture/oval-def:literal_component">
+                        <sch:assert test="not(@datatype) or @datatype='string'">A literal_component used by the regex_capture function must have a datatype of string.</sch:assert>
+                    </sch:rule>
+                    <sch:rule context="oval-def:regex_capture/oval-def:variable_component">
+                        <sch:let name="var_ref" value="@var_ref"/>
+                        <sch:assert test="ancestor::oval-def:oval_definitions/oval-def:variables/*[@id=$var_ref]/@datatype = 'string'">The variable referenced by the regex_capture function must have a datatype of string.</sch:assert>
+                    </sch:rule>
+                </sch:pattern>
+            </xsd:appinfo>
+        </xsd:annotation>
+        <xsd:sequence>
+            <xsd:group ref="oval-def:ComponentGroup"/>
+        </xsd:sequence>
+        <xsd:attribute name="pattern" type="xsd:string"/>
+    </xsd:complexType>
+    <xsd:complexType name="UniqueFunctionType">
+        <xsd:annotation>
+            <xsd:documentation>The unique function takes one or more components and removes any duplicate value from the set of components.  All components used in the unique function will be treated as strings.  For example, assume that three components exist, one that contains a string value of 'foo', and two of which both resolve to the string value 'bar'.  Applying the unique function to these three components resolves to a local_variable with two string values, 'foo' and 'bar'.  Additionally, if any of the components referenced by the unique function evaluate to multiple values, then those values are used in the unique calculation.  For example, assume that there are two components, one of which resolves to a single string value, 'foo', the other of which resolves to two string values, 'foo' and 'bar'.  If the unique function is used to remove duplicates from these two components, the function will resolve to a local_variable with two string values, 'foo' and 'bar'.</xsd:documentation>
+        </xsd:annotation>
+        <xsd:sequence maxOccurs="unbounded">
+            <xsd:group ref="oval-def:ComponentGroup"/>
+        </xsd:sequence>
+    </xsd:complexType>
+    <xsd:complexType name="CountFunctionType">
+        <xsd:annotation>
+            <xsd:documentation>The count function takes one or more components and returns the count of all of the values represented by the components.  For example, assume that two variables exist, each with a single value.  By applying the count function against two variable components that resolve to the two variables, the resulting local_variable would have a value of '2'.  Additionally, if any of the components referenced by the count function evaluate to multiple values, then those values are used in the count calculation.  For example, assume that there are two components, one of which resolves to a single value, the other of which resolves to two values.  If the count function is used to provide a count of these two components, the function will resolve to a local_variable with the values '3'.</xsd:documentation>
+        </xsd:annotation>
+        <xsd:sequence maxOccurs="unbounded">
+            <xsd:group ref="oval-def:ComponentGroup"/>
+        </xsd:sequence>
+    </xsd:complexType>
+    <!-- =============================================================================== -->
+    <!-- =================================  SIGNATURE  ================================= -->
+    <!-- =============================================================================== -->
+    <!--
+		The signature element is defined by the xmldsig schema.  Please refer to that
+		documentation for a description of the valid elements and types.  More
+		information about the official W3C Recommendation regarding XML digital
+		signatures can be found at http://www.w3.org/TR/xmldsig-core/.
+	 -->
+    <!-- =============================================================================== -->
+    <!-- ===============================  ENUMERATIONS  ================================ -->
+    <!-- =============================================================================== -->
+    <xsd:simpleType name="ArithmeticEnumeration">
+        <xsd:annotation>
+            <xsd:documentation>The ArithmeticEnumeration simple type defines basic arithmetic operations.  Currently add and multiply are defined.</xsd:documentation>
+        </xsd:annotation>
+        <xsd:restriction base="xsd:string">
+            <xsd:enumeration value="add"/>
+            <xsd:enumeration value="multiply"/>
+            <!--
+                NOTE - we need to add a required position attribute to the components before we
+                can have a subtract or divide function.  This will have to wait for the next
+                major release
+                
+                <xsd:enumeration value="divide"/>
+                <xsd:enumeration value="subtract"/>
+            -->
+        </xsd:restriction>
+    </xsd:simpleType>
+    <xsd:simpleType name="DateTimeFormatEnumeration">
+        <xsd:annotation>
+            <xsd:documentation>The DateTimeFormatEnumeration simple type defines the different date-time formats that are understood by OVAL. Note that in some cases there are a few different possibilities within a given format. Each of these possibilities is unique though and can be distinguished from each other. The different formats are used to clarify the higher level structure of the date-time string being used.</xsd:documentation>
+        </xsd:annotation>
+        <xsd:restriction base="xsd:string">
+            <xsd:enumeration value="year_month_day">
+                <xsd:annotation>
+                    <xsd:documentation>The year_month_day value specifies date-time strings that follow the formats: 'yyyymmdd', 'yyyymmddThhmmss', 'yyyy/mm/dd hh:mm:ss', 'yyyy/mm/dd', 'yyyy-mm-dd hh:mm:ss', or 'yyyy-mm-dd'</xsd:documentation>
+                </xsd:annotation>
+            </xsd:enumeration>
+            <xsd:enumeration value="month_day_year">
+                <xsd:annotation>
+                    <xsd:documentation>The month_day_year value specifies date-time strings that follow the formats: 'mm/dd/yyyy hh:mm:ss', 'mm/dd/yyyy', 'mm-dd-yyyy hh:mm:ss', 'mm-dd-yyyy', 'NameOfMonth, dd yyyy hh:mm:ss' or 'NameOfMonth, dd yyyy', 'AbreviatedNameOfMonth, dd yyyy hh:mm:ss', or 'AbreviatedNameOfMonth, dd yyyy'</xsd:documentation>
+                </xsd:annotation>
+            </xsd:enumeration>
+            <xsd:enumeration value="day_month_year">
+                <xsd:annotation>
+                    <xsd:documentation>The day_month_year value specifies date-time strings that follow the formats: 'dd/mm/yyyy hh:mm:ss', 'dd/mm/yyyy', 'dd-mm-yyyy hh:mm:ss', or 'dd-mm-yyyy'</xsd:documentation>
+                </xsd:annotation>
+            </xsd:enumeration>
+            <xsd:enumeration value="win_filetime">
+                <xsd:annotation>
+                    <xsd:documentation>The win_filetime value specifies date-time strings that follow the windows file time format.</xsd:documentation>
+                </xsd:annotation>
+            </xsd:enumeration>
+            <xsd:enumeration value="seconds_since_epoch">
+                <xsd:annotation>
+                    <xsd:documentation>The seconds_since_epoch value specifies date-time values that represent the time in seconds since the UNIX epoch.  The Unix epoch is the time 00:00:00 UTC on January 1, 1970.</xsd:documentation>
+                </xsd:annotation>
+            </xsd:enumeration>
+        </xsd:restriction>
+    </xsd:simpleType>
+    <xsd:simpleType name="FilterActionEnumeration">
+        <xsd:annotation>
+            <xsd:documentation>The FilterActionEnumeration simple type defines the different options for filtering sets of items.</xsd:documentation>
+        </xsd:annotation>
+        <xsd:restriction base="xsd:string">
+            <xsd:enumeration value="exclude">
+                <xsd:annotation>
+                    <xsd:documentation>The exclude value specifies that all items that match the filter shall be excluded from set that the filter is applied to.</xsd:documentation>
+                </xsd:annotation>
+            </xsd:enumeration>
+            <xsd:enumeration value="include">
+                <xsd:annotation>
+                    <xsd:documentation>The include value specifies that only items that match the filter shall be included in the set that the filter is applied to.</xsd:documentation>
+                </xsd:annotation>
+            </xsd:enumeration>
+        </xsd:restriction>
+    </xsd:simpleType>
+    <xsd:simpleType name="SetOperatorEnumeration">
+        <xsd:annotation>
+            <xsd:documentation>The SetOperatorEnumeration simple type defines acceptable set operations. Set operations are used to take multiple different sets of objects within OVAL and merge them into a single unique set. The different operators that guide this merge are defined below. For each operator, if only a single object has been supplied, then the resulting set is simply that complete object.</xsd:documentation>
+            <xsd:appinfo>
+                <evaluation_documentation>Below are some tables that outline how different flags are combined with a given set_operator to return a new flag. These tables are needed when computing the flag for collected objects that represent object sets in an OVAL Definition. The top row identifies the flag associated with the first set or object reference. The left column identifies the flag associated with the second set or object reference. The matrix inside the table represent the resulting flag when the given set_operator is applied. (E=error, C=complete, I=incomplete, DNE=does not exist, NC=not collected, NA=not applicable)</evaluation_documentation>
+                <evaluation_chart xml:space="preserve">
+                 ||                                   ||
+ set_operator is ||            obj 1 flag             || 
+      union      ||                                   ||
+                 ||  E  |  C  |  I  | DNE | NC  | NA  ||
+-----------------||-----------------------------------||
+               E ||  E  |  E  |  E  |  E  |  E  |  E  || 
+  obj          C ||  E  |  C  |  I  |  C  |  I  |  C  ||
+   2           I ||  E  |  I  |  I  |  I  |  I  |  I  || 
+  flag       DNE ||  E  |  C  |  I  | DNE |  I  | DNE ||
+              NC ||  E  |  I  |  I  |  I  |  NC |  NC || 
+              NA ||  E  |  C  |  I  | DNE |  NC |  NA ||
+-----------------||-----------------------------------||
+                      </evaluation_chart>
+                <evaluation_chart xml:space="preserve">
+                 ||                                   ||
+ set_operator is ||             obj 1 flag            ||
+  intersection   ||                                   ||
+                 ||  E  |  C  |  I  | DNE | NC  | NA  ||
+-----------------||-----------------------------------||
+               E ||  E  |  E  |  E  | DNE |  E  |  E  ||
+   obj         C ||  E  |  C  |  I  | DNE |  NC |  C  ||
+    2          I ||  E  |  I  |  I  | DNE |  NC |  I  ||
+   flag      DNE || DNE | DNE | DNE | DNE | DNE | DNE ||
+              NC ||  E  |  NC |  NC | DNE |  NC |  NC ||
+              NA ||  E  |  C  |  I  | DNE |  NC |  NA ||
+-----------------||-----------------------------------||
+                      </evaluation_chart>
+                <evaluation_chart xml:space="preserve">
+                 ||                                   ||
+ set_operator is ||             obj 1 flag            ||
+    complement   ||                                   ||
+                 ||  E  |  C  |  I  | DNE | NC  | NA  ||
+-----------------||-----------------------------------||
+               E ||  E  |  E  |  E  | DNE |  E  |  E  ||
+   obj         C ||  E  |  C  |  I  | DNE |  NC |  E  ||
+    2          I ||  E  |  E  |  E  | DNE |  NC |  E  ||
+   flag      DNE ||  E  |  C  |  I  | DNE |  NC |  E  ||
+              NC ||  E  |  NC |  NC | DNE |  NC |  E  ||
+              NA ||  E  |  E  |  E  |  E  |  E  |  E  ||
+-----------------||-----------------------------------||
+                      </evaluation_chart>
+            </xsd:appinfo>
+        </xsd:annotation>
+        <xsd:restriction base="xsd:string">
+            <xsd:enumeration value="COMPLEMENT">
+                <xsd:annotation>
+                    <xsd:documentation>The complement operator is defined in OVAL as a relative complement. The resulting unique set contains everything that belongs to the first declared set that is not part of the second declared set. If A and B are sets (with A being the first declared set), then the relative complement is the set of elements in A, but not in B, with the duplicates removed.</xsd:documentation>
+                </xsd:annotation>
+            </xsd:enumeration>
+            <xsd:enumeration value="INTERSECTION">
+                <xsd:annotation>
+                    <xsd:documentation>The intersection of two sets in OVAL results in a unique set that contains everything that belongs to both sets in the collection, but nothing else. If A and B are sets, then the intersection of A and B contains all the elements of A that also belong to B, but no other elements, with the duplicates removed.</xsd:documentation>
+                </xsd:annotation>
+            </xsd:enumeration>
+            <xsd:enumeration value="UNION">
+                <xsd:annotation>
+                    <xsd:documentation>The union of two sets in OVAL results in a unique set that contains everything that belongs to either of the original sets. If A and B are sets, then the union of A and B contains all the elements of A and all elements of B, with the duplicates removed.</xsd:documentation>
+                </xsd:annotation>
+            </xsd:enumeration>
+        </xsd:restriction>
+    </xsd:simpleType>
+    <!-- =============================================================================== -->
+    <!-- ===============================  ENTITY TYPES  ================================ -->
+    <!-- =============================================================================== -->
+    
+    <xsd:attributeGroup name="EntityAttributeGroup">
+        <xsd:annotation>
+            <xsd:documentation>The EntityAttributeGroup is a collection of attributes that are common to all entities. This group defines these attributes and their default values. Individual entities may limit allowed values for these attributes, but all entities will support these attributes.</xsd:documentation>
+            <xsd:appinfo>
+                <sch:pattern id="oval-def_definition_entity_rules">
+                    <!-- These schematron rules are written to look at object and state entities as well as fields in states. -->
+                    <!-- var_ref and var_check rules --> 
+                    <sch:rule context="oval-def:objects/*/*[@var_ref]|oval-def:objects/*/*/*[@var_ref]|oval-def:states/*/*[@var_ref]|oval-def:states/*/*/*[@var_ref]">
+                        <sch:let name="var_ref" value="@var_ref"/>
+                        <sch:assert test=".=''"><sch:value-of select="../@id"/> - a var_ref has been supplied for the <sch:value-of select="name()"/> entity so no value should be provided</sch:assert>
+                        <sch:assert test="( (not(@datatype)) and ('string' = ancestor::oval-def:oval_definitions/oval-def:variables/*[@id=$var_ref]/@datatype) ) or (@datatype = ancestor::oval-def:oval_definitions/oval-def:variables/*[@id=$var_ref]/@datatype)"><sch:value-of select="$var_ref"/> - inconsistent datatype between the variable and an associated var_ref</sch:assert>
+                    </sch:rule>
+                    <sch:rule context="oval-def:objects/*/*[@var_ref]|oval-def:objects/*/*/*[@var_ref]">
+                        <sch:report test="not(@var_check)"><sch:value-of select="../@id"/> - a var_ref has been supplied for the <sch:value-of select="name()"/> entity so a var_check should also be provided</sch:report>
+                    </sch:rule>
+                    <sch:rule context="oval-def:objects/*/*[@var_check]|oval-def:objects/*/*/*[@var_check]">
+                        <sch:assert test="@var_ref"><sch:value-of select="../@id"/> - a var_check has been supplied for the <sch:value-of select="name()"/> entity so a var_ref must also be provided</sch:assert>
+                    </sch:rule>
+                    <sch:rule context="oval-def:states/*/*[@var_ref]|oval-def:states/*/*/*[@var_ref]">
+                        <sch:report test="not(@var_check)"><sch:value-of select="../@id"/> - a var_ref has been supplied for the <sch:value-of select="name()"/> entity so a var_check should also be provided</sch:report>
+                    </sch:rule>
+                    <sch:rule context="oval-def:states/*/*[@var_check]|oval-def:states/*/*/*[@var_check]">
+                        <sch:assert test="@var_ref"><sch:value-of select="../@id"/> - a var_check has been supplied for the <sch:value-of select="name()"/> entity so a var_ref must also be provided</sch:assert>
+                    </sch:rule>
+                    <!-- datatype and operation rules -->
+                    <sch:rule context="oval-def:objects/*/*[not(@datatype)]|oval-def:objects/*/*/*[not(@datatype)]|oval-def:states/*/*[not(@datatype)]|oval-def:states/*/*/*[not(@datatype)]">
+                        <sch:assert test="not(@operation) or @operation='equals' or @operation='not equal' or @operation='case insensitive equals' or @operation='case insensitive not equal' or @operation='pattern match'"><sch:value-of select="../@id"/> - The use of '<sch:value-of select="@operation"/>' for the operation attribute of the <sch:value-of select="name()"/> entity is not valid given the lack of a declared datatype (hence a default datatype of string).</sch:assert>
+                    </sch:rule>
+                    <sch:rule context="oval-def:objects/*/*[@datatype='binary']|oval-def:objects/*/*/*[@datatype='binary']|oval-def:states/*/*[@datatype='binary']|oval-def:states/*/*/*[@datatype='binary']">
+                        <sch:assert test="not(@operation) or @operation='equals' or @operation='not equal'"><sch:value-of select="../@id"/> - The use of '<sch:value-of select="@operation"/>' for the operation attribute of the <sch:value-of select="name()"/> entity is not valid given a datatype of binary.</sch:assert>
+                        <!--<sch:assert test="matches(., '^[0-9a-fA-F]*$')"><sch:value-of select="../@id"/> - A value of '<sch:value-of select="."/>' for the <sch:value-of select="name()"/> entity is not valid given a datatype of binary.</sch:assert>-->
+                    </sch:rule>
+                    <sch:rule context="oval-def:objects/*/*[@datatype='boolean']|oval-def:objects/*/*/*[@datatype='boolean']|oval-def:states/*/*[@datatype='boolean']|oval-def:states/*/*/*[@datatype='boolean']">
+                        <sch:assert test="not(@operation) or @operation='equals' or @operation='not equal'"><sch:value-of select="../@id"/> - The use of '<sch:value-of select="@operation"/>' for the operation attribute of the <sch:value-of select="name()"/> entity is not valid given a datatype of boolean.</sch:assert>
+                        <!--<sch:assert test="matches(., '^true$|^false$|^1$|^0$')"><sch:value-of select="../@id"/> - A value of '<sch:value-of select="."/>' for the <sch:value-of select="name()"/> entity is not valid given a datatype of boolean.</sch:assert>-->
+                    </sch:rule>
+                    <sch:rule context="oval-def:objects/*/*[@datatype='evr_string']|oval-def:objects/*/*/*[@datatype='evr_string']|oval-def:states/*/*[@datatype='evr_string']|oval-def:states/*/*/*[@datatype='evr_string']">
+                        <sch:assert test="not(@operation) or @operation='equals' or @operation='not equal' or  @operation='greater than' or @operation='greater than or equal' or @operation='less than' or @operation='less than or equal'"><sch:value-of select="../@id"/> - The use of '<sch:value-of select="@operation"/>' for the operation attribute of the <sch:value-of select="name()"/> entity is not valid given a datatype of evr_string.</sch:assert>
+                        <!--<sch:assert test="matches(., '^[^:\-]*:[^:\-]*-[^:\-]*$')"><sch:value-of select="../@id"/> - A value of '<sch:value-of select="."/>' for the <sch:value-of select="name()"/> entity is not valid given a datatype of evr_string.</sch:assert>-->
+                    </sch:rule>
+                    <sch:rule context="oval-def:objects/*/*[@datatype='fileset_revision']|oval-def:objects/*/*/*[@datatype='fileset_revision']|oval-def:states/*/*[@datatype='fileset_revision']|oval-def:states/*/*/*[@datatype='fileset_revision']">
+                        <sch:assert test="not(@operation) or @operation='equals' or @operation='not equal' or  @operation='greater than' or @operation='greater than or equal' or @operation='less than' or @operation='less than or equal'"><sch:value-of select="../@id"/> - The use of '<sch:value-of select="@operation"/>' for the operation attribute of the <sch:value-of select="name()"/> entity is not valid given a datatype of fileset_revision.</sch:assert>
+                    </sch:rule>
+                    <sch:rule context="oval-def:objects/*/*[@datatype='float']|oval-def:objects/*/*/*[@datatype='float']|oval-def:states/*/*[@datatype='float']|oval-def:states/*/*/*[@datatype='float']">
+                        <sch:assert test="not(@operation) or @operation='equals' or @operation='not equal' or @operation='greater than' or @operation='greater than or equal' or @operation='less than' or @operation='less than or equal'"><sch:value-of select="../@id"/> - The use of '<sch:value-of select="@operation"/>' for the operation attribute of the <sch:value-of select="name()"/> entity is not valid given a datatype of float.</sch:assert>
+                        <!--<sch:assert test="matches(., '^[+\-]?[0-9]+([\.][0-9]+)?([eE][+\-]?[0-9]+)?$|^NaN$|^INF$|^\-INF$')"><sch:value-of select="../@id"/> - A value of '<sch:value-of select="."/>' for the <sch:value-of select="name()"/> entity is not valid given a datatype of float.</sch:assert>-->
+                    </sch:rule>
+                    <sch:rule context="oval-def:objects/*/*[@datatype='ios_version']|oval-def:objects/*/*/*[@datatype='ios_version']|oval-def:states/*/*[@datatype='ios_version']|oval-def:states/*/*/*[@datatype='ios_version']">
+                        <sch:assert test="not(@operation) or @operation='equals' or @operation='not equal' or @operation='greater than' or @operation='greater than or equal' or @operation='less than' or @operation='less than or equal'"><sch:value-of select="../@id"/> - The use of '<sch:value-of select="@operation"/>' for the operation attribute of the <sch:value-of select="name()"/> entity is not valid given a datatype of ios_version.</sch:assert>
+                    </sch:rule>
+                    <sch:rule context="oval-def:objects/*/*[@datatype='int']|oval-def:objects/*/*/*[@datatype='int']|oval-def:states/*/*[@datatype='int']|oval-def:states/*/*/*[@datatype='int']">
+                        <sch:assert test="not(@operation) or @operation='equals' or @operation='not equal' or @operation='greater than' or @operation='greater than or equal' or @operation='less than' or @operation='less than or equal' or @operation='bitwise and' or @operation='bitwise or'"><sch:value-of select="../@id"/> - The use of '<sch:value-of select="@operation"/>' for the operation attribute of the <sch:value-of select="name()"/> entity is not valid given a datatype of int.</sch:assert>
+                        <!--<sch:assert test="matches(., '^[+\-]?[0-9]+$')"><sch:value-of select="../@id"/> - A value of '<sch:value-of select="."/>' for the <sch:value-of select="name()"/> entity is not valid given a datatype of int.</sch:assert>-->
+                    </sch:rule>
+                    <sch:rule context="oval-def:objects/*/*[@datatype='ipv4_address']|oval-def:objects/*/*/*[@datatype='ipv4_address']|oval-def:states/*/*[@datatype='ipv4_address']|oval-def:states/*/*/*[@datatype='ipv4_address']">
+                        <sch:assert test="not(@operation) or @operation='equals' or @operation='not equal' or @operation='greater than' or @operation='greater than or equal' or @operation='less than' or @operation='less than or equal' or @operation='subset of' or @operation='superset of'"><sch:value-of select="../@id"/> - The use of '<sch:value-of select="@operation"/>' for the operation attribute of the <sch:value-of select="name()"/> entity is not valid given a datatype of ipv4_address.</sch:assert>
+                        <!-- TODO <sch:assert test="matches(we_need_regex_for_ipv4)"><sch:value-of select="../@id"/> - A value of '<sch:value-of select="."/>' for the <sch:value-of select="name()"/> entity is not valid given a datatype of ipv4_address.</sch:assert>-->
+                    </sch:rule>
+                    <sch:rule context="oval-def:objects/*/*[@datatype='ipv6_address']|oval-def:objects/*/*/*[@datatype='ipv6_address']|oval-def:states/*/*[@datatype='ipv6_address']|oval-def:states/*/*/*[@datatype='ipv6_address']">
+                        <sch:assert test="not(@operation) or @operation='equals' or @operation='not equal' or @operation='greater than' or @operation='greater than or equal' or @operation='less than' or @operation='less than or equal' or @operation='subset of' or @operation='superset of'"><sch:value-of select="../@id"/> - The use of '<sch:value-of select="@operation"/>' for the operation attribute of the <sch:value-of select="name()"/> entity is not valid given a datatype of ipv6_address.</sch:assert>
+                        <!-- TODO <sch:assert test="matches(we_need_regex_for_ipv6)"><sch:value-of select="../@id"/> - A value of '<sch:value-of select="."/>' for the <sch:value-of select="name()"/> entity is not valid given a datatype of ipv6_address.</sch:assert>-->
+                    </sch:rule>
+                    <sch:rule context="oval-def:objects/*/*[@datatype='string']|oval-def:objects/*/*/*[@datatype='string']|oval-def:states/*/*[@datatype='string']|oval-def:states/*/*/*[@datatype='string']">
+                        <sch:assert test="not(@operation) or @operation='equals' or @operation='not equal' or @operation='case insensitive equals' or @operation='case insensitive not equal' or @operation='pattern match'"><sch:value-of select="../@id"/> - The use of '<sch:value-of select="@operation"/>' for the operation attribute of the <sch:value-of select="name()"/> entity is not valid given a datatype of string.</sch:assert>
+                    </sch:rule>
+                    <sch:rule context="oval-def:objects/*/*[@datatype='version']|oval-def:objects/*/*/*[@datatype='version']|oval-def:states/*/*[@datatype='version']|oval-def:states/*/*/*[@datatype='version']">
+                        <sch:assert test="not(@operation) or @operation='equals' or @operation='not equal' or @operation='greater than' or @operation='greater than or equal' or @operation='less than' or @operation='less than or equal'"><sch:value-of select="../@id"/> - The use of '<sch:value-of select="@operation"/>' for the operation attribute of the <sch:value-of select="name()"/> entity is not valid given a datatype of version.</sch:assert>
+                    </sch:rule>
+                    <sch:rule context="oval-def:objects/*/*[@datatype='record']|oval-def:states/*/*[@datatype='record']">
+                        <sch:assert test="not(@operation) or @operation='equals'"><sch:value-of select="../@id"/> - The use of '<sch:value-of select="@operation"/>' for the operation attribute of the <sch:value-of select="name()"/> entity is not valid given a datatype of record.</sch:assert>
+                    </sch:rule>
+                </sch:pattern>
+                <sch:pattern id="oval-def_no_var_ref_with_records">
+                    <sch:rule context="oval-def:objects/*/*[@datatype='record']|oval-def:states/*/*[@datatype='record']">
+                        <sch:assert test="not(@var_ref)"><sch:value-of select="../@id"/> - The use of var_ref is prohibited when the datatype is 'record'.</sch:assert>
+                    </sch:rule>
+                </sch:pattern>
+                <sch:pattern id="oval-def_definition_entity_type_check_rules">
+                    <sch:rule context="oval-def:objects/*/*[not((@xsi:nil='1' or @xsi:nil='true')) and not(@var_ref) and @datatype='int']|oval-def:objects/*/*/*[not(@var_ref) and @datatype='int']|oval-def:states/*/*[not((@xsi:nil='1' or @xsi:nil='true')) and not(@var_ref) and @datatype='int']|oval-def:states/*/*/*[not(@var_ref) and @datatype='int']">
+                        <sch:assert test="(not(contains(.,'.'))) and (number(.) = floor(.))"><sch:value-of select="../@id"/> - The datatype for the <sch:value-of select="name()"/> entity is 'int' but the value is not an integer.</sch:assert>
+                        <!--  Must test for decimal point because number(x.0) = floor(x.0) is true -->
+                    </sch:rule>
+                </sch:pattern>
+            </xsd:appinfo>
+        </xsd:annotation>
+        <xsd:attribute name="datatype" type="oval:DatatypeEnumeration" use="optional" default="string">
+            <xsd:annotation>
+                <xsd:documentation>The optional datatype attribute specifies how the given operation should be applied to the data. Since we are dealing with XML everything is technically a string, but often the value is meant to represent some other datatype and this affects the way an operation is performed. For example, with the statement 'is 123 less than 98'. If the data is treated as integers the answer is no, but if the data is treated as strings, then the answer is yes. Specifying a datatype defines how the less than operation should be performed. Another way of thinking of things is that the datatype attribute specifies how the data should be cast before performing the operation (note that the default datatype is 'string'). In the previous example, if the datatype is set to int, then '123' and '98' should be cast as integers. Another example is applying the 'equals' operation to '1.0.0.0' and '1.0'. With datatype 'string' they are not equal, with datatype 'version' they are. Note that there are certain cases where a cast from one datatype to another is not possible. If a cast cannot be made, (trying to cast 'abc' to an integer) then an error should be reported. For example, if the datatype is set to 'integer' and the value is the empty string. There is no way to cast the empty string (or NULL) to an integer, and in cases like this an error should be reported.</xsd:documentation>
+            </xsd:annotation>
+        </xsd:attribute>
+        <xsd:attribute name="operation" type="oval:OperationEnumeration" use="optional" default="equals">
+            <xsd:annotation>
+                <xsd:documentation>The optional operation attribute determines how the individual entities should be evaluated (the default operation is 'equals').</xsd:documentation>
+            </xsd:annotation>
+        </xsd:attribute>
+        <xsd:attribute name="mask" type="xsd:boolean" use="optional" default="false">
+            <xsd:annotation>
+                <xsd:documentation>The optional mask attribute is used to identify values that have been hidden for sensitivity concerns. This is used by the result file which uses the system characteristic schema to format the information found on a specific system. If the mask attribute is set to 'true', then the observed value of this field must not be presented in the results file. A system characteristics file that is not held within a results file must not use the mask attribute.  It is possible for masking conflicts to occur where one entity has mask set to true and another entity has mask set to false. A conflict will occur when the mask attribute is set differently on an OVAL Object and matching OVAL State or when more than one OVAL Objects identify the same OVAL Item(s). When such a conflict occurs the result is always to mask the entity.</xsd:documentation>
+            </xsd:annotation>
+        </xsd:attribute>
+        <xsd:attribute name="var_ref" type="oval:VariableIDPattern" use="optional">
+            <xsd:annotation>
+                <xsd:documentation>The optional var_ref attribute refers the value of the element to a variable element. When supplied, the value(s) associated with the OVAL Variable should be used as the value(s) of the element. If there is an error computing the value of the variable, then that error should be passed up to the element referencing it. If the variable being referenced does not have a value (for example, if the variable pertains to the size of a file, but the file does not exist) then one of two results are possible. If the element is part of an object declaration, then the object element referencing it is considered to not exist. If the element is part of a state declaration, then the state element referencing it will evaluate to error.</xsd:documentation>
+            </xsd:annotation>
+        </xsd:attribute>
+        <xsd:attribute name="var_check" type="oval:CheckEnumeration" use="optional">
+            <xsd:annotation>
+                <xsd:documentation>The optional var_check attribute specifies how data collection or state evaluation should proceed when an element uses a var_ref attribute, and the associated variable defines more than one value. For example, if an object entity 'filename' with an operation of 'not equal' references a variable that returns five different values, and the var_check attribute has a value of 'all', then an actual file on the system matches only if the actual filename does not equal any of the variable values. As another example, if a state entity 'size' with an operation of 'less than' references a variable that has five different integer values, and the var_check attribute has a value of 'all', then the 'size' state entity evaluates to true only if the corresponding 'size' item entity is less than each of the five integers defined by the variable. If a variable does not have any value value when referenced by an OVAL Object the object should be considered to not exist. If a variable does not have any value when referenced by an OVAL State an error should be reported during OVAL analysis. When an OVAL State uses a var_ref, if both the state entity and a corresponding item entity have multiple values, the var_check is applied to each value of the item entity individually, and all must evaluate to true for the state entity to evaluate to true.  In this condition, there is no value of var_check which enables an element-wise comparison, and so there is no way to determine whether two multi-valued entities are truly 'equal' in that sense. If var_ref is present but var_check is not, the element should be processed as if var_check has the value "all".</xsd:documentation>        
+            </xsd:annotation>
+        </xsd:attribute>
+    </xsd:attributeGroup>
+    
+    <xsd:complexType name="EntitySimpleBaseType" abstract="true">
+        <xsd:annotation>
+            <xsd:documentation>The EntitySimpleBaseType complex type is an abstract type that defines the default attributes associated with every simple entity. Entities can be found in both OVAL Objects and OVAL States and represent the individual properties associated with items found on a system. An example of a single entity would be the path of a file. Another example would be the version of the file.</xsd:documentation>
+        </xsd:annotation>
+        <xsd:simpleContent>
+            <xsd:extension base="xsd:anySimpleType">
+                <xsd:attributeGroup ref="oval-def:EntityAttributeGroup"/>
+            </xsd:extension>
+        </xsd:simpleContent>
+    </xsd:complexType>
+    
+    <xsd:complexType name="EntityComplexBaseType" abstract="true">
+        <xsd:annotation>
+            <xsd:documentation>The EntityComplexBaseType complex type is an abstract type that defines the default attributes associated with every complex entity. Entities can be found in both OVAL Objects and OVAL States and represent the individual properties associated with items found on a system. An example of a single entity would be the path of a file. Another example would be the version of the file.</xsd:documentation>
+        </xsd:annotation>
+        <xsd:attributeGroup ref="oval-def:EntityAttributeGroup"/>
+    </xsd:complexType>
+
+    <xsd:complexType name="EntityObjectIPAddressType">
+        <xsd:annotation>
+            <xsd:documentation>The EntityObjectIPAddressType type is extended by the entities of an individual OVAL Object. This type provides uniformity to each object entity by including the attributes found in the EntitySimpleBaseType. This specific type describes any IPv4/IPv6 address or address prefix.</xsd:documentation>
+        </xsd:annotation>
+        <xsd:simpleContent>
+            <xsd:restriction base="oval-def:EntitySimpleBaseType">
+                <xsd:simpleType>
+                    <xsd:restriction base="xsd:string"/>
+                </xsd:simpleType>
+                <xsd:attribute name="datatype" use="required">
+                    <xsd:simpleType>
+                        <xsd:restriction base="oval:SimpleDatatypeEnumeration">
+                            <xsd:enumeration value="ipv4_address"/>
+                            <xsd:enumeration value="ipv6_address"/>
+                        </xsd:restriction>
+                    </xsd:simpleType>
+                </xsd:attribute>
+            </xsd:restriction>
+        </xsd:simpleContent>
+    </xsd:complexType>
+    <xsd:complexType name="EntityObjectIPAddressStringType">
+        <xsd:annotation>
+            <xsd:documentation>The EntityObjectIPAddressStringType type is extended by the entities of an individual OVAL Object. This type provides uniformity to each object entity by including the attributes found in the EntitySimpleBaseType. This specific type describes any IPv4/IPv6 address, address prefix, or its string representation.</xsd:documentation>
+        </xsd:annotation>
+        <xsd:simpleContent>
+            <xsd:restriction base="oval-def:EntitySimpleBaseType">
+                <xsd:simpleType>
+                    <xsd:restriction base="xsd:string"/>
+                </xsd:simpleType>
+                <xsd:attribute name="datatype" use="optional" default="string">
+                    <xsd:simpleType>
+                        <xsd:restriction base="oval:SimpleDatatypeEnumeration">
+                            <xsd:enumeration value="ipv4_address"/>
+                            <xsd:enumeration value="ipv6_address"/>
+                            <xsd:enumeration value="string"/>
+                        </xsd:restriction>
+                    </xsd:simpleType>
+                </xsd:attribute>
+            </xsd:restriction>
+        </xsd:simpleContent>
+    </xsd:complexType>
+    <xsd:complexType name="EntityObjectAnySimpleType">
+        <xsd:annotation>
+            <xsd:documentation>The EntityObjectAnySimpleType type is extended by the entities of an individual OVAL Object. This type provides uniformity to each object entity by including the attributes found in the EntitySimpleBaseType. This specific type describes any simple data.</xsd:documentation>
+        </xsd:annotation>
+        <xsd:simpleContent>
+            <xsd:restriction base="oval-def:EntitySimpleBaseType">
+                <xsd:simpleType>
+                    <xsd:restriction base="xsd:string"/>
+                </xsd:simpleType>
+                <xsd:attribute name="datatype" type="oval:SimpleDatatypeEnumeration" use="optional" default="string"/>
+            </xsd:restriction>
+        </xsd:simpleContent>
+    </xsd:complexType>
+    <xsd:complexType name="EntityObjectBinaryType">
+        <xsd:annotation>
+            <xsd:documentation>The EntityBinaryType type is extended by the entities of an individual OVAL Object. This type provides uniformity to each object entity by including the attributes found in the EntitySimpleBaseType. This specific type describes simple binary data. The empty string is also allowed when using a variable reference with an element.</xsd:documentation>
+        </xsd:annotation>
+        <xsd:simpleContent>
+            <xsd:restriction base="oval-def:EntitySimpleBaseType">
+                <xsd:simpleType>
+                    <xsd:union memberTypes="xsd:hexBinary oval:EmptyStringType"/>
+                </xsd:simpleType>
+                <xsd:attribute name="datatype" type="oval:SimpleDatatypeEnumeration" use="required" fixed="binary"/>                                                
+            </xsd:restriction>
+        </xsd:simpleContent>
+    </xsd:complexType>
+    <xsd:complexType name="EntityObjectBoolType">
+        <xsd:annotation>
+            <xsd:documentation>The EntityBoolType type is extended by the entities of an individual OVAL Object. This type provides uniformity to each object entity by including the attributes found in the EntitySimpleBaseType. This specific type describes simple boolean data. The empty string is also allowed when using a variable reference with an element.</xsd:documentation>
+        </xsd:annotation>
+        <xsd:simpleContent>
+            <xsd:restriction base="oval-def:EntitySimpleBaseType">
+                <xsd:simpleType>
+                    <xsd:union memberTypes="xsd:boolean oval:EmptyStringType"/>
+                </xsd:simpleType>
+                <xsd:attribute name="datatype" type="oval:SimpleDatatypeEnumeration" use="required" fixed="boolean"/>                                                
+            </xsd:restriction>
+        </xsd:simpleContent>
+    </xsd:complexType>
+    <xsd:complexType name="EntityObjectFloatType">
+        <xsd:annotation>
+            <xsd:documentation>The EntityObjectFloatType type is extended by the entities of an individual OVAL Object. This type provides uniformity to each object entity by including the attributes found in the EntitySimpleBaseType. This specific type describes simple float data. The empty string is also allowed when using a variable reference with an element.</xsd:documentation>
+        </xsd:annotation>
+        <xsd:simpleContent>
+            <xsd:restriction base="oval-def:EntitySimpleBaseType">
+                <xsd:simpleType>
+                    <xsd:union memberTypes="xsd:float oval:EmptyStringType"/>
+                </xsd:simpleType>
+                <xsd:attribute name="datatype" type="oval:SimpleDatatypeEnumeration" use="required" fixed="float"/>                                                
+            </xsd:restriction>
+        </xsd:simpleContent>
+    </xsd:complexType>
+    <xsd:complexType name="EntityObjectIntType">
+        <xsd:annotation>
+            <xsd:documentation>The EntityIntType type is extended by the entities of an individual OVAL Object. This type provides uniformity to each object entity by including the attributes found in the EntitySimpleBaseType. This specific type describes simple integer data. The empty string is also allowed when using a variable reference with an element.</xsd:documentation>
+        </xsd:annotation>
+        <xsd:simpleContent>
+            <xsd:restriction base="oval-def:EntitySimpleBaseType">
+                <xsd:simpleType>
+                    <xsd:union memberTypes="xsd:integer oval:EmptyStringType"/>
+                </xsd:simpleType>
+                <xsd:attribute name="datatype" type="oval:SimpleDatatypeEnumeration" use="required" fixed="int"/>                                
+            </xsd:restriction>
+        </xsd:simpleContent>
+    </xsd:complexType>
+    <xsd:complexType name="EntityObjectStringType">
+        <xsd:annotation>
+            <xsd:documentation>The EntityStringType type is extended by the entities of an individual OVAL Object. This type provides uniformity to each object entity by including the attributes found in the EntitySimpleBaseType. This specific type describes simple string data.</xsd:documentation>
+        </xsd:annotation>
+        <xsd:simpleContent>
+            <xsd:restriction base="oval-def:EntitySimpleBaseType">
+                <xsd:simpleType>
+                    <xsd:restriction base="xsd:string"/>
+                </xsd:simpleType>
+                <xsd:attribute name="datatype" type="oval:SimpleDatatypeEnumeration" use="optional" fixed="string"/>                                                
+            </xsd:restriction>
+        </xsd:simpleContent>
+    </xsd:complexType>
+    <xsd:complexType name="EntityObjectVersionType">
+        <xsd:annotation>
+            <xsd:documentation>The EntityObjectVersionType type is extended by the entities of an individual OVAL State. This type provides uniformity to each state entity by including the attributes found in the EntityStateSimpleBaseType. This specific type describes simple version data.</xsd:documentation>
+        </xsd:annotation>
+        <xsd:simpleContent>
+            <xsd:restriction base="oval-def:EntitySimpleBaseType">
+                <xsd:simpleType>
+                    <xsd:restriction base="xsd:string"/>
+                </xsd:simpleType>
+                <xsd:attribute name="datatype" type="oval:SimpleDatatypeEnumeration" use="required" fixed="version"/>                
+            </xsd:restriction>
+        </xsd:simpleContent>
+    </xsd:complexType>
+    <xsd:complexType name="EntityObjectRecordType">
+        <xsd:annotation>
+            <xsd:documentation>The EntityObjectRecordType defines an entity that consists of a number of uniquely named fields. This structure is used for representing a record from a database query and other similar structures where multiple related fields must be represented at once. Note that for all entities of this type, the only allowed datatype is 'record' and the only allowed operation is 'equals'. During analysis of a system characteristics item, each field is analyzed and then the overall result for elements of this type is computed by logically anding the results for each field and then applying the entity_check attribute.</xsd:documentation>
+            <xsd:documentation>Note the datatype attribute must be set to 'record'.</xsd:documentation>
+            <!-- 
+                NOTE: The restriction that the only allowed datatype is 'record' is enforced by scheamtron rules placed on each entity that uses this type. 
+                This is due to the fact that this type is developed as an extension of the oval-def:EntityComplexBaseType. This base type declares a datatype attribute. to restrict the 
+                datatype attribute to only alloy 'record' would need a restriction. We cannot do both and xsd:extension and an xsd:restriction at the same time.
+             -->
+            <xsd:documentation>Note the operation attribute must be set to 'equals'.</xsd:documentation>
+            <xsd:documentation>Note the var_ref attribute is not permitted and the var_check attribute does not apply.</xsd:documentation>
+            <xsd:documentation>Note that when the mask attribute is set to 'true', all child field elements must be masked regardless of the child field's mask attribute value.</xsd:documentation>
+        </xsd:annotation>
+        <xsd:complexContent>
+            <xsd:extension base="oval-def:EntityComplexBaseType">
+                <xsd:sequence>
+                    <xsd:element name="field" type="oval-def:EntityObjectFieldType" minOccurs="0" maxOccurs="unbounded"/>
+                </xsd:sequence>
+            </xsd:extension>
+        </xsd:complexContent>
+    </xsd:complexType> 
+    <xsd:complexType name="EntityObjectFieldType">
+        <xsd:annotation>
+            <xsd:documentation>The EntityObjectFieldType defines an element with simple content that represents a named field in a record that may contain any number of named fields. The EntityObjectFieldType is much like all other entities with one significant difference, the EntityObjectFieldType has a name attribute</xsd:documentation>
+            <xsd:documentation>The required name attribute specifies a unique name for the field. Field names are lowercase and must be unique within a given parent record element. When analyzing system characteristics an error should be reported for the result of a field that is present in the OVAL State, but not found in the system characteristics Item.</xsd:documentation>
+            <xsd:documentation>The optional entity_check attribute specifies how to handle multiple record fields with the same name in the OVAL Systems Characteristics file. For example, while collecting group information where one field is the represents the users that are members of the group.  It is very likely that there will be multiple fields with a name of 'user' associated with the group.  If the OVAL State defines the value of the field with name equal 'user' to equal 'Fred', then the entity_check attribute determines if all values for field entities must be equal to 'Fred', or at least one value must be equal to 'Fred', etc.</xsd:documentation>
+            <xsd:documentation>Note that when the mask attribute is set to 'true' on a field's parent element the field must be masked regardless of the field's mask attribute value.</xsd:documentation>
+        </xsd:annotation>
+        <xsd:simpleContent>
+            <xsd:extension base="xsd:anySimpleType">
+                <xsd:attribute name="name" use="required">
+                    <xsd:annotation>
+                        <xsd:documentation>A string restricted to disallow upper case characters.</xsd:documentation>
+                    </xsd:annotation>
+                    <xsd:simpleType>
+                        <xsd:restriction base="xsd:string">
+                            <xsd:pattern value="[^A-Z]+"/>
+                        </xsd:restriction>
+                    </xsd:simpleType>
+                </xsd:attribute>
+                <xsd:attributeGroup ref="oval-def:EntityAttributeGroup"/>
+                <xsd:attribute name="entity_check" type="oval:CheckEnumeration" use="optional" default="all"/>
+            </xsd:extension>
+        </xsd:simpleContent>
+    </xsd:complexType>
+
+    <xsd:complexType name="EntityStateSimpleBaseType" abstract="true">
+        <xsd:annotation>
+            <xsd:documentation>The EntityStateSimpleBaseType complex type is an abstract type that extends the EntitySimpleBaseType and is used by some entities within an OVAL State.</xsd:documentation>
+            <xsd:documentation>The optional entity_check attribute specifies how to handle multiple item entities with the same name in the OVAL Systems Characteristics file. For example, suppose we are dealing with a Group Test and an entity in the state is related to the user.  It is very likely that when the information about the group is collected off of the system (and represented in the OVAL System Characteristics file) that there will be multiple users associated with the group (i.e. multiple 'user' item entities associated with the same 'user' state entity).  If the OVAL State defines the value of the user entity to equal 'Fred', then the entity_check attribute determines if all values for 'user' item entities must be equal to 'Fred', or at least one value must be equal to 'Fred', etc.  Note that with the exception of the 'none_satisfy' check value, the entity_check attribute can only affect the result of the test if the corresponding OVAL Item allows more than one occurrence of the entity (e.g. 'maxOccurs' is some value greater than one).</xsd:documentation>
+            <xsd:documentation>The entity_check and var_check attributes are considered together when evaluating a single state entity. When a variable identifies more than one value and multiple item entities with the same name exist, for a single state entity, a many-to-many comparison must be conducted.  In this situation, there are many values for the state entity that must be compared to many item entities.  Each item entity is compared to the state entity. For each item entity, an interim result is calculated by using the var_check attribute to combine the result of comparing each variable value with a single system value. Then these interim results are combined for each system value using the entity_check attribute.</xsd:documentation>
+        </xsd:annotation>
+        <xsd:simpleContent>
+            <xsd:extension base="oval-def:EntitySimpleBaseType">
+                <xsd:attribute name="entity_check" type="oval:CheckEnumeration" use="optional" default="all"/>
+            </xsd:extension>
+        </xsd:simpleContent>
+    </xsd:complexType>
+    <xsd:complexType name="EntityStateComplexBaseType" abstract="true">
+        <xsd:annotation>
+            <xsd:documentation>The EntityStateComplexBaseType complex type is an abstract type that extends the EntityComplexBaseType and is used by some entities within an OVAL State.</xsd:documentation>
+            <xsd:documentation>The optional entity_check attribute specifies how to handle multiple item entities with the same name in the OVAL Systems Characteristics file. For example, suppose we are dealing with a Group Test and an entity in the state is related to the user.  It is very likely that when the information about the group is collected off of the system (and represented in the OVAL System Characteristics file) that there will be multiple users associated with the group (i.e. multiple 'user' item entities associated with the same 'user' state entity).  If the OVAL State defines the value of the user entity to equal 'Fred', then the entity_check attribute determines if all values for 'user' item entities must be equal to 'Fred', or at least one value must be equal to 'Fred', etc.  Note that with the exception of the 'none_satisfy' check value, the entity_check attribute can only affect the result of the test if the corresponding OVAL Item allows more than one occurrence of the entity (e.g. 'maxOccurs' is some value greater than one).</xsd:documentation>
+            <xsd:documentation>The entity_check and var_check attributes are considered together when evaluating a single state entity. When a variable identifies more than one value and multiple item entities with the same name exist, for a single state entity, a many-to-many comparison must be conducted.  In this situation, there are many values for the state entity that must be compared to many item entities.  Each item entity is compared to the state entity. For each item entity, an interim result is calculated by using the var_check attribute to combine the result of comparing each variable value with a single system value. Then these interim results are combined for each system value using the entity_check attribute.</xsd:documentation>
+        </xsd:annotation>
+        <xsd:complexContent>
+            <xsd:extension base="oval-def:EntityComplexBaseType">
+                <xsd:attribute name="entity_check" type="oval:CheckEnumeration" use="optional" default="all"/>
+            </xsd:extension>
+        </xsd:complexContent>
+    </xsd:complexType>
+    <xsd:complexType name="EntityStateIPAddressType">
+        <xsd:annotation>
+            <xsd:documentation>The EntityStateIPAddressType type is extended by the entities of an individual OVAL State. This type provides uniformity to each object entity by including the attributes found in the EntityStateSimpleBaseType. This specific type describes any IPv4/IPv6 address or address prefix.</xsd:documentation>
+        </xsd:annotation>
+        <xsd:simpleContent>
+            <xsd:restriction base="oval-def:EntityStateSimpleBaseType">
+                <xsd:simpleType>
+                    <xsd:restriction base="xsd:string"/>
+                </xsd:simpleType>
+                <xsd:attribute name="datatype" use="required">
+                    <xsd:simpleType>
+                        <xsd:restriction base="oval:SimpleDatatypeEnumeration">
+                            <xsd:enumeration value="ipv4_address"/>
+                            <xsd:enumeration value="ipv6_address"/>
+                        </xsd:restriction>
+                    </xsd:simpleType>
+                </xsd:attribute>
+            </xsd:restriction>
+        </xsd:simpleContent>
+    </xsd:complexType>
+    <xsd:complexType name="EntityStateIPAddressStringType">
+        <xsd:annotation>
+            <xsd:documentation>The EntityStateIPAddressStringType type is extended by the entities of an individual OVAL State. This type provides uniformity to each object entity by including the attributes found in the EntityStateSimpleBaseType. This specific type describes any IPv4/IPv6 address, address prefix, or its string representation.</xsd:documentation>
+        </xsd:annotation>
+        <xsd:simpleContent>
+            <xsd:restriction base="oval-def:EntityStateSimpleBaseType">
+                <xsd:simpleType>
+                    <xsd:restriction base="xsd:string"/>
+                </xsd:simpleType>
+                <xsd:attribute name="datatype" use="optional" default="string">
+                    <xsd:simpleType>
+                        <xsd:restriction base="oval:SimpleDatatypeEnumeration">
+                            <xsd:enumeration value="ipv4_address"/>
+                            <xsd:enumeration value="ipv6_address"/>
+                            <xsd:enumeration value="string"/>
+                        </xsd:restriction>
+                    </xsd:simpleType>
+                </xsd:attribute>                                
+            </xsd:restriction>
+        </xsd:simpleContent>
+    </xsd:complexType>
+    <xsd:complexType name="EntityStateAnySimpleType">
+        <xsd:annotation>
+            <xsd:documentation>The EntityStateAnySimpleType type is extended by the entities of an individual OVAL State. This type provides uniformity to each state entity by including the attributes found in the EntityStateSimpleBaseType. This specific type describes any simple data.</xsd:documentation>
+        </xsd:annotation>
+        <xsd:simpleContent>
+            <xsd:restriction base="oval-def:EntityStateSimpleBaseType">
+                <xsd:simpleType>
+                    <xsd:restriction base="xsd:string"/>
+                </xsd:simpleType>
+                <xsd:attribute name="datatype" type="oval:SimpleDatatypeEnumeration" use="optional" default="string"/>
+            </xsd:restriction>
+        </xsd:simpleContent>
+    </xsd:complexType>
+    <xsd:complexType name="EntityStateBinaryType">
+        <xsd:annotation>
+            <xsd:documentation>The EntityStateBinaryType type is extended by the entities of an individual OVAL State. This type provides uniformity to each state entity by including the attributes found in the EntityStateSimpleBaseType. This specific type describes simple binary data. The empty string is also allowed when using a variable reference with an element.</xsd:documentation>
+        </xsd:annotation>
+        <xsd:simpleContent>
+            <xsd:restriction base="oval-def:EntityStateSimpleBaseType">
+                <xsd:simpleType>
+                    <xsd:union memberTypes="xsd:hexBinary oval:EmptyStringType"/>
+                </xsd:simpleType>
+                <xsd:attribute name="datatype" type="oval:SimpleDatatypeEnumeration" use="required" fixed="binary"/>                                
+            </xsd:restriction>
+        </xsd:simpleContent>
+    </xsd:complexType>
+    <xsd:complexType name="EntityStateBoolType">
+        <xsd:annotation>
+            <xsd:documentation>The EntityStateBoolType type is extended by the entities of an individual OVAL State. This type provides uniformity to each state entity by including the attributes found in the EntityStateSimpleBaseType. This specific type describes simple boolean data. The empty string is also allowed when using a variable reference with an element.</xsd:documentation>
+        </xsd:annotation>
+        <xsd:simpleContent>
+            <xsd:restriction base="oval-def:EntityStateSimpleBaseType">
+                <xsd:simpleType>
+                    <xsd:union memberTypes="xsd:boolean oval:EmptyStringType"/>
+                </xsd:simpleType>
+                <xsd:attribute name="datatype" type="oval:SimpleDatatypeEnumeration" use="required" fixed="boolean"/>                                
+            </xsd:restriction>
+        </xsd:simpleContent>
+    </xsd:complexType>
+    <xsd:complexType name="EntityStateFloatType">
+        <xsd:annotation>
+            <xsd:documentation>The EntityStateFloatType type is extended by the entities of an individual OVAL State. This type provides uniformity to each state entity by including the attributes found in the EntityStateSimpleBaseType. This specific type describes simple float data. The empty string is also allowed when using a variable reference with an element.</xsd:documentation>
+        </xsd:annotation>
+        <xsd:simpleContent>
+            <xsd:restriction base="oval-def:EntityStateSimpleBaseType">
+                <xsd:simpleType>
+                    <xsd:union memberTypes="xsd:float oval:EmptyStringType"/>
+                </xsd:simpleType>
+                <xsd:attribute name="datatype" type="oval:SimpleDatatypeEnumeration" use="required" fixed="float"/>                                                
+            </xsd:restriction>
+        </xsd:simpleContent>
+    </xsd:complexType>
+    <xsd:complexType name="EntityStateIntType">
+        <xsd:annotation>
+            <xsd:documentation>The EntityStateIntType type is extended by the entities of an individual OVAL State. This type provides uniformity to each state entity by including the attributes found in the EntityStateSimpleBaseType. This specific type describes simple integer data. The empty string is also allowed when using a variable reference with an element.</xsd:documentation>
+        </xsd:annotation>
+        <xsd:simpleContent>
+            <xsd:restriction base="oval-def:EntityStateSimpleBaseType">
+                <xsd:simpleType>
+                    <xsd:union memberTypes="xsd:integer oval:EmptyStringType"/>
+                </xsd:simpleType>
+                <xsd:attribute name="datatype" type="oval:SimpleDatatypeEnumeration" use="required" fixed="int"/>                
+            </xsd:restriction>
+        </xsd:simpleContent>
+    </xsd:complexType>
+    <xsd:complexType name="EntityStateEVRStringType">
+        <xsd:annotation>
+            <xsd:documentation>The EntityStateEVRStringType type is extended by the entities of an individual OVAL State. This type provides uniformity to each state entity by including the attributes found in the EntityStateSimpleBaseType. This type represents the epoch, version, and release fields as a single version string. It has the form "EPOCH:VERSION-RELEASE". Note that a null epoch (or '(none)' as returned by rpm) is equivalent to '0' and would hence have the form 0:VERSION-RELEASE. Comparisons involving this datatype should follow the algorithm of librpm's rpmvercmp() function.</xsd:documentation>
+        </xsd:annotation>
+        <xsd:simpleContent>
+            <xsd:restriction base="oval-def:EntityStateSimpleBaseType">
+                <xsd:simpleType>
+                    <xsd:restriction base="xsd:string"/>
+                    <!-- TODO: Should there be a pattern restriction here to enforce the pattern mentioned above? -->
+                </xsd:simpleType>
+                <xsd:attribute name="datatype" type="oval:SimpleDatatypeEnumeration" use="required" fixed="evr_string"/>                
+            </xsd:restriction>
+        </xsd:simpleContent>
+    </xsd:complexType>
+    <xsd:complexType name="EntityStateVersionType">
+        <xsd:annotation>
+            <xsd:documentation>The EntityStateVersionType type is extended by the entities of an individual OVAL State. This type provides uniformity to each state entity by including the attributes found in the EntityStateSimpleBaseType. This specific type describes simple version data.</xsd:documentation>
+        </xsd:annotation>
+        <xsd:simpleContent>
+            <xsd:restriction base="oval-def:EntityStateSimpleBaseType">
+                <xsd:simpleType>
+                    <xsd:restriction base="xsd:string"/>
+                </xsd:simpleType>
+                <xsd:attribute name="datatype" type="oval:SimpleDatatypeEnumeration" use="required" fixed="version"/>                
+            </xsd:restriction>
+        </xsd:simpleContent>
+    </xsd:complexType>
+    <xsd:complexType name="EntityStateFileSetRevisionType">
+        <xsd:annotation>
+            <xsd:documentation>The EntityStateFileSetRevisionType type is extended by the entities of an individual OVAL State. This type provides uniformity to each state entity by including the attributes found in the EntityStateSimpleBaseType. This specific type represents the version string related to filesets in HP-UX.</xsd:documentation>
+        </xsd:annotation>
+        <xsd:simpleContent>
+            <xsd:restriction base="oval-def:EntityStateSimpleBaseType">
+                <xsd:simpleType>
+                    <xsd:restriction base="xsd:string"/>
+                </xsd:simpleType>
+                <xsd:attribute name="datatype" type="oval:SimpleDatatypeEnumeration" use="required" fixed="fileset_revision"/>                
+            </xsd:restriction>
+        </xsd:simpleContent>
+    </xsd:complexType>
+    <xsd:complexType name="EntityStateIOSVersionType">
+        <xsd:annotation>
+            <xsd:documentation>The EntityStateIOSVersionType type is extended by the entities of an individual OVAL State. This type provides uniformity to each state entity by including the attributes found in the EntityStateSimpleBaseType. This specific type represents the version string related to CISCO IOS.</xsd:documentation>
+        </xsd:annotation>
+        <xsd:simpleContent>
+            <xsd:restriction base="oval-def:EntityStateSimpleBaseType">
+                <xsd:simpleType>
+                    <xsd:restriction base="xsd:string"/>
+                </xsd:simpleType>
+                <xsd:attribute name="datatype" use="optional" default="string">
+                    <xsd:simpleType>
+                        <xsd:restriction base="oval:SimpleDatatypeEnumeration">
+                            <xsd:enumeration value="ios_version"/>
+                            <xsd:enumeration value="string">
+                                <xsd:annotation>
+                                    <xsd:documentation>'string' is included to allow for regular expressions on IOS version strings.</xsd:documentation>
+                                </xsd:annotation>
+                            </xsd:enumeration>
+                        </xsd:restriction>
+                    </xsd:simpleType>
+                </xsd:attribute>
+            </xsd:restriction>
+        </xsd:simpleContent>
+    </xsd:complexType>
+    <xsd:complexType name="EntityStateStringType">
+        <xsd:annotation>
+            <xsd:documentation>The EntityStateStringType type is extended by the entities of an individual OVAL State. This type provides uniformity to each state entity by including the attributes found in the EntityStateSimpleBaseType. This specific type describes simple string data.</xsd:documentation>
+        </xsd:annotation>
+        <xsd:simpleContent>
+            <xsd:restriction base="oval-def:EntityStateSimpleBaseType">
+                <xsd:simpleType>
+                    <xsd:restriction base="xsd:string"/>
+                </xsd:simpleType>
+                <xsd:attribute name="datatype" type="oval:SimpleDatatypeEnumeration" use="optional" fixed="string"/>                                
+            </xsd:restriction>
+        </xsd:simpleContent>
+    </xsd:complexType>
+    <xsd:complexType name="EntityStateRecordType">
+        <xsd:annotation>
+            <xsd:documentation>The EntityStateRecordType defines an entity that consists of a number of uniquely named fields. This structure is used for representing a record from a database query and other similar structures where multiple related fields must be collected at once. Note that for all entities of this type, the only allowed datatype is 'record' and the only allowed operation is 'equals'. During analysis of a system characteristics item, each field is analyzed and then the overall result for elements of this type is computed by logically anding the results for each field and then applying the entity_check attribute.</xsd:documentation>
+            <xsd:documentation>Note the datatype attribute must be set to 'record'.</xsd:documentation>
+            <!-- 
+                NOTE: The restriction that the only allowed datatype is 'record' is enforced by scheamtron rules placed on each entity that uses this type. 
+                This is due to the fact that this type is developed as an extension of the oval-def:EntityStateComplexBaseType. This base type declares a datatype attribute. to restrict the 
+                datatype attribute to only allow 'record' would need a restriction. We cannot do both and xsd:extension and an xsd:restriction at the same time.
+            -->
+            <xsd:documentation>Note the operation attribute must be set to 'equals'.</xsd:documentation>
+            <xsd:documentation>Note the var_ref attribute is not permitted and the var_check attribute does not apply.</xsd:documentation>
+            <xsd:documentation>Note that when the mask attribute is set to 'true', all child field elements must be masked regardless of the child field's mask attribute value.</xsd:documentation>
+        </xsd:annotation>
+        <xsd:complexContent>
+            <xsd:extension base="oval-def:EntityStateComplexBaseType">
+                <xsd:sequence>
+                    <xsd:element name="field" type="oval-def:EntityStateFieldType" minOccurs="0" maxOccurs="unbounded"/>
+                </xsd:sequence>
+            </xsd:extension>
+        </xsd:complexContent>
+    </xsd:complexType> 
+    <xsd:complexType name="EntityStateFieldType">
+        <xsd:annotation>
+            <xsd:documentation>The EntityStateFieldType defines an element with simple content that represents a named field in a record that may contain any number of named fields. The EntityStateFieldType is much like all other entities with one significant difference, the EntityStateFieldType has a name attribute</xsd:documentation>
+            <xsd:documentation>The required name attribute specifies a unique name for the field. Field names are lowercase and must be unique within a given parent record element. When analyzing system characteristics an error should be reported for the result of a field that is present in the OVAL State, but not found in the system characteristics Item.</xsd:documentation>
+            <xsd:documentation>The optional entity_check attribute specifies how to handle multiple record fields with the same name in the OVAL Systems Characteristics file. For example, while collecting group information where one field is the represents the users that are members of the group.  It is very likely that there will be multiple fields with a name of 'user' associated with the group.  If the OVAL State defines the value of the field with name equal 'user' to equal 'Fred', then the entity_check attribute determines if all values for field entities must be equal to 'Fred', or at least one value must be equal to 'Fred', etc.</xsd:documentation>
+            <xsd:documentation>Note that when the mask attribute is set to 'true' on a field's parent element the field must be masked regardless of the field's mask attribute value.</xsd:documentation>
+        </xsd:annotation>
+        <xsd:simpleContent>
+            <xsd:extension base="xsd:anySimpleType">
+                <xsd:attribute name="name" use="required">
+                    <xsd:annotation>
+                        <xsd:documentation>A string restricted to disallow upper case characters.</xsd:documentation>
+                    </xsd:annotation>
+                    <xsd:simpleType>
+                        <xsd:restriction base="xsd:string">
+                            <xsd:pattern value="[^A-Z]+"/>
+                        </xsd:restriction>
+                    </xsd:simpleType>
+                </xsd:attribute>
+                <xsd:attributeGroup ref="oval-def:EntityAttributeGroup"/>
+                <xsd:attribute name="entity_check" type="oval:CheckEnumeration" use="optional" default="all"/>
+            </xsd:extension>
+        </xsd:simpleContent>
+    </xsd:complexType>
+</xsd:schema>
diff --git a/stix_validator/schema/external/oval_5.10/oval-variables-schema.xsd b/stix_validator/schema/external/oval_5.10/oval-variables-schema.xsd
new file mode 100755
index 0000000..52a4588
--- /dev/null
+++ b/stix_validator/schema/external/oval_5.10/oval-variables-schema.xsd
@@ -0,0 +1,84 @@
+<?xml version="1.0" encoding="utf-8"?>
+<xsd:schema xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:oval="http://oval.mitre.org/XMLSchema/oval-common-5" xmlns:oval-var="http://oval.mitre.org/XMLSchema/oval-variables-5" xmlns:ds="http://www.w3.org/2000/09/xmldsig#" xmlns:sch="http://purl.oclc.org/dsdl/schematron" targetNamespace="http://oval.mitre.org/XMLSchema/oval-variables-5" elementFormDefault="qualified" version="5.10.1">
+     <xsd:import namespace="http://oval.mitre.org/XMLSchema/oval-common-5" schemaLocation="oval-common-schema.xsd"/>
+     <xsd:import namespace="http://www.w3.org/2000/09/xmldsig#" schemaLocation="xmldsig-core-schema.xsd"/>
+     <xsd:annotation>
+          <xsd:documentation/>
+          <xsd:documentation>The following is a description of the elements, types, and attributes that compose the core schema for encoding Open Vulnerability and Assessment Language (OVAL) Variables. This schema is provided to give structure to any external variables and their values that an OVAL Definition is expecting.</xsd:documentation>
+          <xsd:documentation>The OVAL Schema is maintained by The MITRE Corporation and developed by the public OVAL Community. For more information, including how to get involved in the project and how to submit change requests, please visit the OVAL website at http://oval.mitre.org.</xsd:documentation>
+          <xsd:appinfo>
+               <schema>Core Variable</schema>
+               <version>5.10.1</version>
+               <date>1/27/2012 1:22:32 PM</date>
+               <terms_of_use>Copyright (c) 2002-2012, The MITRE Corporation. All rights reserved.  The contents of this file are subject to the terms of the OVAL License located at http://oval.mitre.org/oval/about/termsofuse.html. See the OVAL License for the specific language governing permissions and limitations for use of this schema.  When distributing copies of the OVAL Schema, this license header must be included.</terms_of_use>
+              <sch:ns prefix="oval-var" uri="http://oval.mitre.org/XMLSchema/oval-variables-5"/>
+          </xsd:appinfo>
+     </xsd:annotation>
+     <!-- =============================================================================== -->
+     <!-- =============================================================================== -->
+     <!-- =============================================================================== -->
+     <xsd:element name="oval_variables">
+          <xsd:annotation>
+               <xsd:documentation>The oval_variables element is the root of an OVAL Variable Document. Its purpose is to bind together the different variables contained in the document. The generator section must be present and provides information about when the variable file was compiled and under what version. The optional Signature element allows an XML Signature as defined by the W3C to be attached to the document. This allows authentication and data integrity to be provided to the user. Enveloped signatures are supported. More information about the official W3C Recommendation regarding XML digital signatures can be found at http://www.w3.org/TR/xmldsig-core/.</xsd:documentation>
+          </xsd:annotation>
+          <xsd:complexType>
+               <xsd:sequence>
+                    <xsd:element name="generator" type="oval:GeneratorType" />
+                    <xsd:element name="variables" type="oval-var:VariablesType" minOccurs="0" maxOccurs="1"/>
+                    <xsd:element ref="ds:Signature" minOccurs="0" maxOccurs="1"/>
+               </xsd:sequence>
+          </xsd:complexType>
+          <xsd:key name="varKey">
+               <xsd:annotation>
+                    <xsd:documentation>Enforce uniqueness amongst the variable ids found in the variable document.</xsd:documentation>
+               </xsd:annotation>
+               <xsd:selector xpath=".//oval-var:variable"/>
+               <xsd:field xpath="@id"/>
+          </xsd:key>
+     </xsd:element>
+     <!-- =============================================================================== -->
+     <!-- =================================  GENERATOR  ================================= -->
+     <!-- =============================================================================== -->
+     <!--
+		The GeneratorType is defined by the oval common schema.  Please refer to
+		that documentation for a description of the complex type.
+	-->
+     <!-- =============================================================================== -->
+     <!-- ================================  DEFINITIONS  ================================ -->
+     <!-- =============================================================================== -->
+     <xsd:complexType name="VariablesType">
+          <xsd:annotation>
+               <xsd:documentation>The VariablesType complex type is a container for one or more variable elements. Each variable element holds the value of an external variable used in an OVAL Definition. Please refer to the description of the VariableType for more information about an individual variable.</xsd:documentation>
+          </xsd:annotation>
+          <xsd:sequence>
+               <xsd:element name="variable" type="oval-var:VariableType" minOccurs="1" maxOccurs="unbounded"/>
+          </xsd:sequence>
+     </xsd:complexType>
+     <xsd:complexType name="VariableType">
+          <xsd:annotation>
+               <xsd:documentation>Each variable element contains the associated datatype and value which will be substituted into the OVAL Definition that is referencing this specific variable.</xsd:documentation>
+          </xsd:annotation>
+          <xsd:sequence>
+               <xsd:element name="value" type="xsd:anySimpleType" minOccurs="1" maxOccurs="unbounded"/>
+          </xsd:sequence>
+          <xsd:attribute name="id" type="oval:VariableIDPattern" use="required"/>
+          <xsd:attribute name="datatype" use="required" type="oval:SimpleDatatypeEnumeration">
+               <xsd:annotation>
+                    <xsd:documentation>Note that the 'record' datatype is not permitted on variables.</xsd:documentation>
+               </xsd:annotation>
+          </xsd:attribute>
+          <xsd:attribute name="comment" type="xsd:string" use="required"/>
+     </xsd:complexType>
+     <!-- =============================================================================== -->
+     <!-- =================================  SIGNATURE  ================================= -->
+     <!-- =============================================================================== -->
+     <!--
+		The signature element is defined by the xmldsig schema.  Please refer to that
+		documentation for a description of the valid elements and types.  More
+		information about the official W3C Recommendation regarding XML digital
+		signatures can be found at http://www.w3.org/TR/xmldsig-core/.
+	-->
+     <!-- =============================================================================== -->
+     <!-- =============================================================================== -->
+     <!-- =============================================================================== -->
+</xsd:schema>
diff --git a/stix_validator/schema/external/oval_5.10/xmldsig-core-schema.xsd b/stix_validator/schema/external/oval_5.10/xmldsig-core-schema.xsd
new file mode 100755
index 0000000..9f11f60
--- /dev/null
+++ b/stix_validator/schema/external/oval_5.10/xmldsig-core-schema.xsd
@@ -0,0 +1,309 @@
+<?xml version="1.0" encoding="utf-8"?>
+
+<!-- Schema for XML Signatures
+    http://www.w3.org/2000/09/xmldsig#
+    $Revision: 1777 $ on $Date: 2005-11-03 12:33:41 -0400 (Thu, 03 Nov 2005) $ by $Author: abuttner $
+
+    Copyright 2001 The Internet Society and W3C (Massachusetts Institute
+    of Technology, Institut National de Recherche en Informatique et en
+    Automatique, Keio University). All Rights Reserved.
+    http://www.w3.org/Consortium/Legal/
+
+    This document is governed by the W3C Software License [1] as described
+    in the FAQ [2].
+
+    [1] http://www.w3.org/Consortium/Legal/copyright-software-19980720
+    [2] http://www.w3.org/Consortium/Legal/IPR-FAQ-20000620.html#DTD
+-->
+
+
+<schema xmlns="http://www.w3.org/2001/XMLSchema"
+        xmlns:ds="http://www.w3.org/2000/09/xmldsig#"
+        targetNamespace="http://www.w3.org/2000/09/xmldsig#"
+        version="0.1" elementFormDefault="qualified"> 
+
+<!-- Basic Types Defined for Signatures -->
+
+<simpleType name="CryptoBinary">
+  <restriction base="base64Binary">
+  </restriction>
+</simpleType>
+
+<!-- Start Signature -->
+
+<element name="Signature" type="ds:SignatureType"/>
+<complexType name="SignatureType">
+  <sequence> 
+    <element ref="ds:SignedInfo"/> 
+    <element ref="ds:SignatureValue"/> 
+    <element ref="ds:KeyInfo" minOccurs="0"/> 
+    <element ref="ds:Object" minOccurs="0" maxOccurs="unbounded"/> 
+  </sequence>  
+  <attribute name="Id" type="ID" use="optional"/>
+</complexType>
+
+  <element name="SignatureValue" type="ds:SignatureValueType"/> 
+  <complexType name="SignatureValueType">
+    <simpleContent>
+      <extension base="base64Binary">
+        <attribute name="Id" type="ID" use="optional"/>
+      </extension>
+    </simpleContent>
+  </complexType>
+
+<!-- Start SignedInfo -->
+
+<element name="SignedInfo" type="ds:SignedInfoType"/>
+<complexType name="SignedInfoType">
+  <sequence> 
+    <element ref="ds:CanonicalizationMethod"/> 
+    <element ref="ds:SignatureMethod"/> 
+    <element ref="ds:Reference" maxOccurs="unbounded"/> 
+  </sequence>  
+  <attribute name="Id" type="ID" use="optional"/> 
+</complexType>
+
+  <element name="CanonicalizationMethod" type="ds:CanonicalizationMethodType"/> 
+  <complexType name="CanonicalizationMethodType" mixed="true">
+    <sequence>
+      <any namespace="##any" minOccurs="0" maxOccurs="unbounded"/>
+      <!-- (0,unbounded) elements from (1,1) namespace -->
+    </sequence>
+    <attribute name="Algorithm" type="anyURI" use="required"/> 
+  </complexType>
+
+  <element name="SignatureMethod" type="ds:SignatureMethodType"/>
+  <complexType name="SignatureMethodType" mixed="true">
+    <sequence>
+      <element name="HMACOutputLength" minOccurs="0" type="ds:HMACOutputLengthType"/>
+      <any namespace="##other" minOccurs="0" maxOccurs="unbounded"/>
+      <!-- (0,unbounded) elements from (1,1) external namespace -->
+    </sequence>
+    <attribute name="Algorithm" type="anyURI" use="required"/> 
+  </complexType>
+
+<!-- Start Reference -->
+
+<element name="Reference" type="ds:ReferenceType"/>
+<complexType name="ReferenceType">
+  <sequence> 
+    <element ref="ds:Transforms" minOccurs="0"/> 
+    <element ref="ds:DigestMethod"/> 
+    <element ref="ds:DigestValue"/> 
+  </sequence>
+  <attribute name="Id" type="ID" use="optional"/> 
+  <attribute name="URI" type="anyURI" use="optional"/> 
+  <attribute name="Type" type="anyURI" use="optional"/> 
+</complexType>
+
+  <element name="Transforms" type="ds:TransformsType"/>
+  <complexType name="TransformsType">
+    <sequence>
+      <element ref="ds:Transform" maxOccurs="unbounded"/>  
+    </sequence>
+  </complexType>
+
+  <element name="Transform" type="ds:TransformType"/>
+  <complexType name="TransformType" mixed="true">
+    <choice minOccurs="0" maxOccurs="unbounded"> 
+      <any namespace="##other" processContents="lax"/>
+      <!-- (1,1) elements from (0,unbounded) namespaces -->
+      <element name="XPath" type="string"/> 
+    </choice>
+    <attribute name="Algorithm" type="anyURI" use="required"/> 
+  </complexType>
+
+<!-- End Reference -->
+
+<element name="DigestMethod" type="ds:DigestMethodType"/>
+<complexType name="DigestMethodType" mixed="true"> 
+  <sequence>
+    <any namespace="##other" processContents="lax" minOccurs="0" maxOccurs="unbounded"/>
+  </sequence>    
+  <attribute name="Algorithm" type="anyURI" use="required"/> 
+</complexType>
+
+<element name="DigestValue" type="ds:DigestValueType"/>
+<simpleType name="DigestValueType">
+  <restriction base="base64Binary"/>
+</simpleType>
+
+<!-- End SignedInfo -->
+
+<!-- Start KeyInfo -->
+
+<element name="KeyInfo" type="ds:KeyInfoType"/> 
+<complexType name="KeyInfoType" mixed="true">
+  <choice maxOccurs="unbounded">     
+    <element ref="ds:KeyName"/> 
+    <element ref="ds:KeyValue"/> 
+    <element ref="ds:RetrievalMethod"/> 
+    <element ref="ds:X509Data"/> 
+    <element ref="ds:PGPData"/> 
+    <element ref="ds:SPKIData"/>
+    <element ref="ds:MgmtData"/>
+    <any processContents="lax" namespace="##other"/>
+    <!-- (1,1) elements from (0,unbounded) namespaces -->
+  </choice>
+  <attribute name="Id" type="ID" use="optional"/> 
+</complexType>
+
+  <element name="KeyName" type="string"/>
+  <element name="MgmtData" type="string"/>
+
+  <element name="KeyValue" type="ds:KeyValueType"/> 
+  <complexType name="KeyValueType" mixed="true">
+   <choice>
+     <element ref="ds:DSAKeyValue"/>
+     <element ref="ds:RSAKeyValue"/>
+     <any namespace="##other" processContents="lax"/>
+   </choice>
+  </complexType>
+
+  <element name="RetrievalMethod" type="ds:RetrievalMethodType"/> 
+  <complexType name="RetrievalMethodType">
+    <sequence>
+      <element ref="ds:Transforms" minOccurs="0"/> 
+    </sequence>  
+    <attribute name="URI" type="anyURI"/>
+    <attribute name="Type" type="anyURI" use="optional"/>
+  </complexType>
+
+<!-- Start X509Data -->
+
+<element name="X509Data" type="ds:X509DataType"/> 
+<complexType name="X509DataType">
+  <sequence maxOccurs="unbounded">
+    <choice>
+      <element name="X509IssuerSerial" type="ds:X509IssuerSerialType"/>
+      <element name="X509SKI" type="base64Binary"/>
+      <element name="X509SubjectName" type="string"/>
+      <element name="X509Certificate" type="base64Binary"/>
+      <element name="X509CRL" type="base64Binary"/>
+      <any namespace="##other" processContents="lax"/>
+    </choice>
+  </sequence>
+</complexType>
+
+<complexType name="X509IssuerSerialType"> 
+  <sequence> 
+    <element name="X509IssuerName" type="string"/> 
+    <element name="X509SerialNumber" type="integer"/> 
+  </sequence>
+</complexType>
+
+<!-- End X509Data -->
+
+<!-- Begin PGPData -->
+
+<element name="PGPData" type="ds:PGPDataType"/> 
+<complexType name="PGPDataType"> 
+  <choice>
+    <sequence>
+      <element name="PGPKeyID" type="base64Binary"/> 
+      <element name="PGPKeyPacket" type="base64Binary" minOccurs="0"/> 
+      <any namespace="##other" processContents="lax" minOccurs="0"
+       maxOccurs="unbounded"/>
+    </sequence>
+    <sequence>
+      <element name="PGPKeyPacket" type="base64Binary"/> 
+      <any namespace="##other" processContents="lax" minOccurs="0"
+       maxOccurs="unbounded"/>
+    </sequence>
+  </choice>
+</complexType>
+
+<!-- End PGPData -->
+
+<!-- Begin SPKIData -->
+
+<element name="SPKIData" type="ds:SPKIDataType"/> 
+<complexType name="SPKIDataType">
+  <sequence maxOccurs="unbounded">
+    <element name="SPKISexp" type="base64Binary"/>
+    <any namespace="##other" processContents="lax" minOccurs="0"/>
+  </sequence>
+</complexType> 
+
+<!-- End SPKIData -->
+
+<!-- End KeyInfo -->
+
+<!-- Start Object (Manifest, SignatureProperty) -->
+
+<element name="Object" type="ds:ObjectType"/> 
+<complexType name="ObjectType" mixed="true">
+  <sequence minOccurs="0" maxOccurs="unbounded">
+    <any namespace="##any" processContents="lax"/>
+  </sequence>
+  <attribute name="Id" type="ID" use="optional"/> 
+  <attribute name="MimeType" type="string" use="optional"/> <!-- add a grep facet -->
+  <attribute name="Encoding" type="anyURI" use="optional"/> 
+</complexType>
+
+<element name="Manifest" type="ds:ManifestType"/> 
+<complexType name="ManifestType">
+  <sequence>
+    <element ref="ds:Reference" maxOccurs="unbounded"/> 
+  </sequence>
+  <attribute name="Id" type="ID" use="optional"/> 
+</complexType>
+
+<element name="SignatureProperties" type="ds:SignaturePropertiesType"/> 
+<complexType name="SignaturePropertiesType">
+  <sequence>
+    <element ref="ds:SignatureProperty" maxOccurs="unbounded"/> 
+  </sequence>
+  <attribute name="Id" type="ID" use="optional"/> 
+</complexType>
+
+   <element name="SignatureProperty" type="ds:SignaturePropertyType"/> 
+   <complexType name="SignaturePropertyType" mixed="true">
+     <choice maxOccurs="unbounded">
+       <any namespace="##other" processContents="lax"/>
+       <!-- (1,1) elements from (1,unbounded) namespaces -->
+     </choice>
+     <attribute name="Target" type="anyURI" use="required"/> 
+     <attribute name="Id" type="ID" use="optional"/> 
+   </complexType>
+
+<!-- End Object (Manifest, SignatureProperty) -->
+
+<!-- Start Algorithm Parameters -->
+
+<simpleType name="HMACOutputLengthType">
+  <restriction base="integer"/>
+</simpleType>
+
+<!-- Start KeyValue Element-types -->
+
+<element name="DSAKeyValue" type="ds:DSAKeyValueType"/>
+<complexType name="DSAKeyValueType">
+  <sequence>
+    <sequence minOccurs="0">
+      <element name="P" type="ds:CryptoBinary"/>
+      <element name="Q" type="ds:CryptoBinary"/>
+    </sequence>
+    <element name="G" type="ds:CryptoBinary" minOccurs="0"/>
+    <element name="Y" type="ds:CryptoBinary"/>
+    <element name="J" type="ds:CryptoBinary" minOccurs="0"/>
+    <sequence minOccurs="0">
+      <element name="Seed" type="ds:CryptoBinary"/>
+      <element name="PgenCounter" type="ds:CryptoBinary"/>
+    </sequence>
+  </sequence>
+</complexType>
+
+<element name="RSAKeyValue" type="ds:RSAKeyValueType"/>
+<complexType name="RSAKeyValueType">
+  <sequence>
+    <element name="Modulus" type="ds:CryptoBinary"/> 
+    <element name="Exponent" type="ds:CryptoBinary"/> 
+  </sequence>
+</complexType> 
+
+<!-- End KeyValue Element-types -->
+
+<!-- End Signature -->
+
+</schema>
diff --git a/stix_validator/schema/incident.xsd b/stix_validator/schema/incident.xsd
new file mode 100755
index 0000000..63bc6d6
--- /dev/null
+++ b/stix_validator/schema/incident.xsd
@@ -0,0 +1,786 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<xs:schema xmlns:xs="http://www.w3.org/2001/XMLSchema" xmlns:cybox="http://cybox.mitre.org/cybox-2" xmlns:cyboxCommon="http://cybox.mitre.org/common-2" xmlns:stixCommon="http://stix.mitre.org/common-1" xmlns:marking="http://data-marking.mitre.org/Marking-1" xmlns:incident="http://stix.mitre.org/Incident-1" targetNamespace="http://stix.mitre.org/Incident-1" elementFormDefault="qualified" attributeFormDefault="unqualified" version="1.0" xml:lang="English">
+	<xs:annotation>
+		<xs:documentation>This schema was originally developed by The MITRE Corporation. The STIX XML Schema implementation is maintained by The MITRE Corporation and developed by the open STIX Community. For more information, including how to get involved in the effort and how to submit change requests, please visit the STIX website at http://stix.mitre.org. </xs:documentation>
+		<xs:appinfo>
+			<schema>STIX Incident</schema>
+			<version>1.0</version>
+			<date>04/08/2013 9:00:00 AM</date>
+			<short_description>Structured Threat Information eXpression (STIX) - Incident - Schematic implementation for the Incident construct within the STIX structured cyber threat expression language architecture.</short_description>
+			<terms_of_use>Copyright (c) 2012-2013, The MITRE Corporation. All rights reserved. The contents of this file are subject to the terms of the STIX License located at http://stix.mitre.org/about/termsofuse.html. See the STIX License for the specific language governing permissions and limitations for use of this schema. When distributing copies of the STIX Schema, this license header must be included. </terms_of_use>
+		</xs:appinfo>
+	</xs:annotation>
+	<xs:import namespace="http://cybox.mitre.org/cybox-2" schemaLocation="cybox/cybox_core.xsd"/>
+	<xs:import namespace="http://cybox.mitre.org/common-2" schemaLocation="cybox/cybox_common.xsd"/>
+	<xs:import namespace="http://stix.mitre.org/common-1" schemaLocation="stix_common.xsd"/>
+	<xs:import namespace="http://data-marking.mitre.org/Marking-1" schemaLocation="data_marking.xsd"/>
+	<xs:element name="Incident" type="incident:IncidentType">
+		<xs:annotation>
+			<xs:documentation>This field characterizes a single cyber threat Incident.</xs:documentation>
+		</xs:annotation>
+	</xs:element>
+	<xs:complexType name="IncidentType">
+		<xs:annotation>
+			<xs:documentation>The IncidentType characterizes a single cyber threat Incident.</xs:documentation>
+		</xs:annotation>
+		<xs:complexContent>
+			<xs:extension base="stixCommon:IncidentBaseType">
+				<xs:sequence>
+					<xs:element name="Title" type="xs:string" minOccurs="0">
+						<xs:annotation>
+							<xs:documentation>The Title field provides a simple title for this Incident.</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+					<xs:element name="Time" type="incident:TimeType" minOccurs="0">
+						<xs:annotation>
+							<xs:documentation>The Time filed specifies relevant time values associated with this Incident.</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+					<xs:element name="Description" type="stixCommon:StructuredTextType" minOccurs="0">
+						<xs:annotation>
+							<xs:documentation>The Description field provides a description of this Incident.</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+					<xs:element name="Categories" type="incident:CategoriesType" minOccurs="0">
+						<xs:annotation>
+							<xs:documentation>The Categories field provides a set of categories for this incident.</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+					<xs:element name="Reporter" type="stixCommon:InformationSourceType" minOccurs="0">
+						<xs:annotation>
+							<xs:documentation>The Reporter field details information about the reporting source of this Incident.</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+					<xs:element name="Responder" type="stixCommon:InformationSourceType" minOccurs="0" maxOccurs="unbounded">
+						<xs:annotation>
+							<xs:documentation>The Responder field is optional and details information about the assigned responder for this Incident.</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+					<xs:element name="Coordinator" type="stixCommon:InformationSourceType" minOccurs="0" maxOccurs="unbounded">
+						<xs:annotation>
+							<xs:documentation>The Coordinator field is optional and details information about the assigned coordinator for this Incident.</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+					<xs:element name="Victim" type="stixCommon:IdentityType" minOccurs="0" maxOccurs="unbounded">
+						<xs:annotation>
+							<xs:documentation>
+								The Victim field is optional and details information about a victim of this Incident.
+
+								This field is implemented through the xsi:type extension mechanism. The default type is CIQIdentity3.0InstanceType in the http://stix.mitre.org/extensions/Identity#CIQIdentity3.0-1 namespace. This type is defined in the extensions/identity/ciq_identity.xsd file or at the URL http://stix.mitre.org/XMLSchema/extensions/identity/ciq_identity/1.0/ciq_identity.xsd.
+				
+								Those who wish to express a simple name may also do so by not specifying an xsi:type and using the Name field.
+							</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+					<xs:element name="Affected_Assets" type="incident:AffectedAssetsType" minOccurs="0">
+						<xs:annotation>
+							<xs:documentation>The Affected_Assets field is optional and characterizes the particular assets affected during the Incident.</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+					<xs:element name="Impact_Assessment" type="incident:ImpactAssessmentType" minOccurs="0">
+						<xs:annotation>
+							<xs:documentation>The Impact_Assessment field specifies a summary assessment of impact for this cyber threat Incident. </xs:documentation>
+						</xs:annotation>
+					</xs:element>
+					<xs:element name="Status" type="stixCommon:ControlledVocabularyStringType" minOccurs="0">
+						<xs:annotation>
+							<xs:documentation>
+								Status describes the current status (sometimes called "state" or "disposition") of the incident.
+							
+								This field is implemented through the xsi:type controlled vocabulary extension mechanism. The default vocabulary type is IncidentStatusVocab-1.0 in the http://stix.mitre.org/default_vocabularies-1 namespace. This type is defined in the stix_default_vocabularies.xsd file or at the URL http://stix.mitre.org/XMLSchema/default_vocabularies/1.0.0/stix_default_vocabularies.xsd .
+
+								Users may also define their own vocabulary using the type extension mechanism, specify a vocabulary name and reference using the attributes, or simply use this as a string field.
+							</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+					<xs:element name="Related_Indicators" type="incident:RelatedIndicatorsType" minOccurs="0">
+						<xs:annotation>
+							<xs:documentation>The Related_Indicators field identifies or characterizes one or more cyber threat Indicators related to this cyber threat Incident.</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+					<xs:element name="Related_Observables" type="incident:RelatedObservablesType" minOccurs="0">
+						<xs:annotation>
+							<xs:documentation>The Related_Observables field identifies or characterizes one or more cyber observables related to this cyber threat incident.</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+					<xs:element name="Leveraged_TTPs" type="incident:LeveragedTTPsType" minOccurs="0">
+						<xs:annotation>
+							<xs:documentation>The Leveraged_TTPs field specifies TTPs asserted to be related to this cyber threat Incident.</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+					<xs:element name="Attributed_Threat_Actors" type="incident:AttributedThreatActorsType" minOccurs="0">
+						<xs:annotation>
+							<xs:documentation>The Attributed_Threat_Actors field identifies ThreatActors asserted to be attributed for this Incident.</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+					<xs:element name="Intended_Effect" type="stixCommon:StatementType" minOccurs="0" maxOccurs="unbounded">
+						<xs:annotation>
+							<xs:documentation>
+								The Intended_Effect field specifies the suspected intended effect of this incident.
+								
+								It is implemented through the StatementType, which allows for the expression of a statement in a vocabulary (Value), a description of the statement (Description), a confidence in the statement (Confidence), and the source of the statement (Source). The default vocabulary type for the Value is IntendedEffectVocab-1.0 in the http://stix.mitre.org/default_vocabularies-1 namespace. This type is defined in the stix_default_vocabularies.xsd file or at the URL http://stix.mitre.org/XMLSchema/default_vocabularies/1.0.0/stix_default_vocabularies.xsd .
+
+								Users may also define their own vocabulary using the type extension mechanism, specify a vocabulary name and reference using the attributes, or simply use this as a string field.
+							</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+					<xs:element name="Security_Compromise" type="stixCommon:ControlledVocabularyStringType" minOccurs="0">
+						<xs:annotation>
+							<xs:documentation>
+								Specifies knowledge of whether the Incident involved a compromise of security properties.
+							
+								This field is implemented through the xsi:type controlled vocabulary extension mechanism. The default vocabulary type is SecurityCompromiseVocab-1.0 in the http://stix.mitre.org/default_vocabularies-1 namespace. This type is defined in the stix_default_vocabularies.xsd file or at the URL http://stix.mitre.org/XMLSchema/default_vocabularies/1.0.0/stix_default_vocabularies.xsd .
+
+								Users may also define their own vocabulary using the type extension mechanism, specify a vocabulary name and reference using the attributes, or simply use this as a string field.
+							</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+					<xs:element name="Discovery_Method" type="stixCommon:ControlledVocabularyStringType" minOccurs="0" maxOccurs="unbounded">
+						<xs:annotation>
+							<xs:documentation>
+								The Discovery_Method field identifies how the incident was discovered.
+							
+								This field is implemented through the xsi:type controlled vocabulary extension mechanism. The default vocabulary type is DiscoveryMethodVocab-1.0 in the http://stix.mitre.org/default_vocabularies-1 namespace. This type is defined in the stix_default_vocabularies.xsd file or at the URL http://stix.mitre.org/XMLSchema/default_vocabularies/1.0.0/stix_default_vocabularies.xsd .
+
+								Users may also define their own vocabulary using the type extension mechanism, specify a vocabulary name and reference using the attributes, or simply use this as a string field.
+							</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+					<xs:element name="Related_Incidents" type="incident:RelatedIncidentsType" minOccurs="0">
+						<xs:annotation>
+							<xs:documentation>The Related_Incidents field identifies or characterizes one or more other Incidents related to this cyber threat Incident. </xs:documentation>
+						</xs:annotation>
+					</xs:element>
+					<xs:element name="COA_Requested" type="incident:COARequestedType" minOccurs="0">
+						<xs:annotation>
+							<xs:documentation>The COA_Requested field specifies and characterizes a requested CourseOfAction for this Incident as specified by the Producer for the Consumer of the Incident Report</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+					<xs:element name="COA_Taken" type="incident:COATakenType" minOccurs="0">
+						<xs:annotation>
+							<xs:documentation>The COA_Taken field specifies and characterizes a CourseOfAction taken for this Incident.</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+					<xs:element name="Confidence" type="stixCommon:ConfidenceType" minOccurs="0">
+						<xs:annotation>
+							<xs:documentation>The Confidence field characterizes the level of confidence held in the characterization of this Incident.</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+					<xs:element name="Contact" type="stixCommon:InformationSourceType" minOccurs="0" maxOccurs="unbounded">
+						<xs:annotation>
+							<xs:documentation>The Contact field identifies and characterizes organizations or personnel involved in this Incident.</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+					<xs:element name="History" type="incident:HistoryType" minOccurs="0">
+						<xs:annotation>
+							<xs:documentation>The History field provides a log of events or actions taken during the handling of the Incident. </xs:documentation>
+						</xs:annotation>
+					</xs:element>
+					<xs:element name="Handling" type="marking:MarkingType" minOccurs="0">
+						<xs:annotation>
+							<xs:documentation>The Handling field specifies the appropriate data handling markings for the elements of this Incident. The valid marking scope is the nearest IncidentBaseType ancestor of this Handling element and all its descendants.</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+				</xs:sequence>
+				<xs:attribute name="version" type="incident:IncidentVersionType" default="1.0">
+					<xs:annotation>
+						<xs:documentation>Specifies the relevant STIX-Incident schema version for this content.</xs:documentation>
+					</xs:annotation>
+				</xs:attribute>
+				<xs:attribute name="URL">
+					<xs:annotation>
+						<xs:documentation>Specifies a URL referencing the location for the Incident specification.</xs:documentation>
+					</xs:annotation>
+				</xs:attribute>
+			</xs:extension>
+		</xs:complexContent>
+	</xs:complexType>
+	<!---->
+	<xs:simpleType name="IncidentVersionType">
+		<xs:annotation>
+			<xs:documentation>An enumeration of all versions of the Incident type valid in the current release of STIX.</xs:documentation>
+		</xs:annotation>
+		<xs:restriction base="xs:string">
+			<xs:enumeration value="1.0"/>
+		</xs:restriction>
+	</xs:simpleType>
+	<xs:complexType name="PropertyAffectedType">
+		<xs:sequence>
+			<xs:element name="Property" type="stixCommon:ControlledVocabularyStringType" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>
+						The security property that was affected by the incident.
+
+						This field is implemented through the xsi:type controlled vocabulary extension mechanism. The default vocabulary type is LossPropertyVocab-1.0 in the http://stix.mitre.org/default_vocabularies-1 namespace. This type is defined in the stix_default_vocabularies.xsd file or at the URL http://stix.mitre.org/XMLSchema/default_vocabularies/1.0.0/stix_default_vocabularies.xsd .
+
+						Users may also define their own vocabulary using the type extension mechanism, specify a vocabulary name and reference using the attributes, or simply use this as a string field.
+					</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="Description_Of_Effect" type="stixCommon:StructuredTextType" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>The Description_Of_Effect field is optional and provides a brief prose description of how the security property was affected.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="Type_Of_Availability_Loss" type="stixCommon:ControlledVocabularyStringType" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>
+						The Type_Of_Availability_Loss field is optional and characterizes in what manner the availability of this asset was affected (e.g. Destruction, Deletion, Interruption).
+						
+						This field is implemented through the xsi:type controlled vocabulary extension mechanism. The default vocabulary type is AvailabilityLossTypeVocab-1.0 in the http://stix.mitre.org/default_vocabularies-1 namespace. This type is defined in the stix_default_vocabularies.xsd file or at the URL http://stix.mitre.org/XMLSchema/default_vocabularies/1.0.0/stix_default_vocabularies.xsd .
+
+						Users may also define their own vocabulary using the type extension mechanism, specify a vocabulary name and reference using the attributes, or simply use this as a string field.						
+					</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="Duration_Of_Availability_Loss" type="stixCommon:ControlledVocabularyStringType" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>
+						The Duration_Of_Availability_Loss field is optional and specifies the approximate length of time availability was affected (e.g. Permanent, Seconds, Minutes, Hours, Days).
+					
+					This field is implemented through the xsi:type controlled vocabulary extension mechanism. The default vocabulary type is LossDurationVocab-1.0 in the http://stix.mitre.org/default_vocabularies-1 namespace. This type is defined in the stix_default_vocabularies.xsd file or at the URL http://stix.mitre.org/XMLSchema/default_vocabularies/1.0.0/stix_default_vocabularies.xsd .
+
+						Users may also define their own vocabulary using the type extension mechanism, specify a vocabulary name and reference using the attributes, or simply use this as a string field.
+					</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="Non_Public_Data_Compromised" type="stixCommon:ControlledVocabularyStringType" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>
+						This field specifies whether non-public data was compromised or exposed.
+
+						This field is implemented through the xsi:type controlled vocabulary extension mechanism. The default vocabulary type is SecurityCompromiseVocab-1.0 in the http://stix.mitre.org/default_vocabularies-1 namespace. This type is defined in the stix_default_vocabularies.xsd file or at the URL http://stix.mitre.org/XMLSchema/default_vocabularies/1.0.0/stix_default_vocabularies.xsd .
+
+						Users may also define their own vocabulary using the type extension mechanism, specify a vocabulary name and reference using the attributes, or simply use this as a string field.
+					</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+		</xs:sequence>
+	</xs:complexType>
+	<xs:complexType name="AffectedAssetType">
+		<xs:sequence>
+			<xs:element name="Type" type="incident:AssetTypeType" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>The Type field is optional and specifies the type of the asset impacted by the incident (a security attribute was negatively affected).</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="Description" type="stixCommon:StructuredTextType" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>The Description field is optional and provides a brief prose description of the asset.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="Business_Function_Or_Role" type="stixCommon:StructuredTextType" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>The Business_Function_Or_Role field is optional and provides a brief description of the asset's role, mission, and importance within the organization.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="Ownership_Class" type="stixCommon:ControlledVocabularyStringType" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>
+						The Ownership_Class field is optional and gives a high-level characterization of who owns (or controls) this asset (e.g. Internally-owned, Employee-owned, Partner-owned, Customer-owned).
+					
+						This field is implemented through the xsi:type controlled vocabulary extension mechanism. The default vocabulary type is OwnershipClassVocab-1.0 in the http://stix.mitre.org/default_vocabularies-1 namespace. This type is defined in the stix_default_vocabularies.xsd file or at the URL http://stix.mitre.org/XMLSchema/default_vocabularies/1.0.0/stix_default_vocabularies.xsd .
+
+						Users may also define their own vocabulary using the type extension mechanism, specify a vocabulary name and reference using the attributes, or simply use this as a string field.
+					</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="Management_Class" type="stixCommon:ControlledVocabularyStringType" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>
+						The Management_Class field is optional and gives a high-level characterization of who is responsible for the day-to-day management and administration of this asset (e.g. Managed Internally, Managed by External Party, Co-managed).
+					
+						This field is implemented through the xsi:type controlled vocabulary extension mechanism. The default vocabulary type is ManagementClassVocab-1.0 in the http://stix.mitre.org/default_vocabularies-1 namespace. This type is defined in the stix_default_vocabularies.xsd file or at the URL http://stix.mitre.org/XMLSchema/default_vocabularies/1.0.0/stix_default_vocabularies.xsd .
+
+						Users may also define their own vocabulary using the type extension mechanism, specify a vocabulary name and reference using the attributes, or simply use this as a string field.
+					</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="Location_Class" type="stixCommon:ControlledVocabularyStringType" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>The Location_Class field is optional and gives a high-level characterization of where this asset is physically located (e.g. Internal location, External location, Co-located, Mobile).
+					
+					This field is implemented through the xsi:type controlled vocabulary extension mechanism. The default vocabulary type is LocationClassVocab-1.0 in the http://stix.mitre.org/default_vocabularies-1 namespace. This type is defined in the stix_default_vocabularies.xsd file or at the URL http://stix.mitre.org/XMLSchema/default_vocabularies/1.0.0/stix_default_vocabularies.xsd .
+
+						Users may also define their own vocabulary using the type extension mechanism, specify a vocabulary name and reference using the attributes, or simply use this as a string field.
+					</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="Location" type="stixCommon:AddressAbstractType" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>
+						The Location field specifies the physical location of the affected asset.
+
+						This field is implemented through the xsi:type extension mechanism. The default type is CIQAddressInstanceType in the http://stix.mitre.org/extensions/Identity#CIQAddress-1 namespace. This type is defined in the extensions/address/ciq_address_3.0.xsd file or at the URL http://stix.mitre.org/XMLSchema/extensions/address/ciq_address/1.0/ciq_address_3.0.xsd.
+				
+						Those who wish to express a simple name may also do so by not specifying an xsi:type and using the Name field.
+					</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="Nature_Of_Security_Effect" type="incident:NatureOfSecurityEffectType" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>The Nature_Of_Security_Effect field is optional and characterizes how the security properties of the Asset were affected.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="Structured_Description" type="cybox:ObservablesType" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>The Structured_Description field is optional and provides a structured description of the asset.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+		</xs:sequence>
+	</xs:complexType>
+	<!---->
+	<xs:complexType name="ImpactAssessmentType">
+		<xs:annotation>
+			<xs:documentation>The ImpactAssessmentType specifies a summary assessment of impact for this cyber threat Incident. </xs:documentation>
+		</xs:annotation>
+		<xs:sequence>
+			<xs:element name="Direct_Impact_Summary" type="incident:DirectImpactSummaryType" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>The Direct_Impact_Summary field is optional and characterizes (at a high level) losses directly resulting from the ThreatActor's actions against organizational assets within the Incident.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="Indirect_Impact_Summary" type="incident:IndirectImpactSummaryType" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>The Indirect_Impact_Summary field is optional and characterizes (at a high level) losses from other stakeholder reactions to the Incident.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="Total_Loss_Estimation" type="incident:TotalLossEstimationType" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>The Total_Loss_Estimation field is optional and specifies the total estimated financial loss for the Incident.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="Impact_Qualification" type="stixCommon:ControlledVocabularyStringType" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>
+						The Impact_Qualification field is optional and summarizes the subjective level of impact of the Incident.
+					
+						This field is implemented through the xsi:type controlled vocabulary extension mechanism. The default vocabulary type is ImpactQualificationVocab-1.0 in the http://stix.mitre.org/default_vocabularies-1 namespace. This type is defined in the stix_default_vocabularies.xsd file or at the URL http://stix.mitre.org/XMLSchema/default_vocabularies/1.0.0/stix_default_vocabularies.xsd .
+
+						Users may also define their own vocabulary using the type extension mechanism, specify a vocabulary name and reference using the attributes, or simply use this as a string field.
+					</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="Effects" type="incident:EffectsType" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>The Effects field captures a list of effects of this incident from a controlled vocabulary.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="External_Impact_Assessment_Model" type="incident:ExternalImpactAssessmentModelType" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>The External_Impact_Assessment_Model field is optional and characterizes impact assessment details utilizing impact assessment characterization models defined external to STIX. It is defined utilizing an abstract type enabling the definition through extension of incident impact assessment models external to STIX.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+		</xs:sequence>
+	</xs:complexType>
+	<xs:complexType name="ExternalImpactAssessmentModelType" abstract="true">
+		<xs:annotation>
+			<xs:documentation>The ExternalImpactAssessmentModelType is an abstract type enabling the definition through extension of incident impact assessment models external to STIX.</xs:documentation>
+		</xs:annotation>
+		<xs:attribute name="model_name" type="xs:string">
+			<xs:annotation>
+				<xs:documentation>Specifies the name of the externally defined impact assessment model.</xs:documentation>
+			</xs:annotation>
+		</xs:attribute>
+		<xs:attribute name="model_reference" type="xs:anyURI">
+			<xs:annotation>
+				<xs:documentation>Specifies a URL reference for the externally defined impact assessment model.</xs:documentation>
+			</xs:annotation>
+		</xs:attribute>
+	</xs:complexType>
+	<!---->
+	<xs:complexType name="COATakenType">
+		<xs:sequence>
+			<xs:element name="Time" type="incident:COATimeType" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>The Time field specifies the relative time criteria for this taken CourseOfAction.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="Contributors" type="incident:ContributorsType" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>The Contributors field specifies contributing actors for the CourseOfAction taken.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="Course_Of_Action" type="stixCommon:CourseOfActionBaseType" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>
+						The Course_Of_Action field specifies the actual CourseOfAction taken.
+
+						This field is implemented through the xsi:type extension mechanism. The default and strongly recommended type is CourseOfActionType in the http://stix.mitre.org/CourseOfAction-1 namespace. This type is defined in the course_of_action.xsd file or at the URL http://stix.mitre.org/XMLSchema/course_of_action/1.0/course_of_action.xsd.
+					</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+		</xs:sequence>
+	</xs:complexType>
+	<xs:complexType name="JournalEntryType">
+		<xs:annotation>
+			<xs:documentation>The JournalEntryType is optional and provides journal notes for information discovered during the handling of the Incident.</xs:documentation>
+		</xs:annotation>
+		<xs:simpleContent>
+			<xs:extension base="xs:string">
+				<xs:attribute name="author" type="xs:string">
+					<xs:annotation>
+						<xs:documentation>Specifies the author of the JournalEntry note.</xs:documentation>
+					</xs:annotation>
+				</xs:attribute>
+				<xs:attribute name="time" type="xs:dateTime">
+					<xs:annotation>
+						<xs:documentation>Specifies the date and time that the JournalEntry note was written.</xs:documentation>
+					</xs:annotation>
+				</xs:attribute>
+			</xs:extension>
+		</xs:simpleContent>
+	</xs:complexType>
+	<xs:complexType name="COARequestedType">
+		<xs:complexContent>
+			<xs:extension base="incident:COATakenType">
+				<xs:attribute name="priority">
+					<xs:annotation>
+						<xs:documentation>Specifies a suggested level of priority to be applied to this requested COA.</xs:documentation>
+					</xs:annotation>
+				</xs:attribute>
+			</xs:extension>
+		</xs:complexContent>
+	</xs:complexType>
+	<xs:complexType name="ContributorsType">
+		<xs:sequence>
+			<xs:element name="Contributor" type="cyboxCommon:ContributorType"/>
+		</xs:sequence>
+	</xs:complexType>
+	<xs:complexType name="COATimeType">
+		<xs:sequence>
+			<xs:element name="Start" type="xs:dateTime" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>The Start field specifies the time at which the CourseOfAction was begun.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="End" type="xs:dateTime" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>The End field specifies the time at which the CourseOfAction was completed.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+		</xs:sequence>
+	</xs:complexType>
+	<xs:complexType name="LossEstimationType">
+		<xs:attribute name="amount">
+			<xs:annotation>
+				<xs:documentation>Specifies the estimated financial loss for the Incident.</xs:documentation>
+			</xs:annotation>
+		</xs:attribute>
+		<xs:attribute name="iso_currency_code">
+			<xs:annotation>
+				<xs:documentation>Specifies the ISO 4217 currency code if other than USD </xs:documentation>
+			</xs:annotation>
+		</xs:attribute>
+	</xs:complexType>
+	<xs:complexType name="TotalLossEstimationType">
+		<xs:sequence>
+			<xs:element name="Initial_Reported_Total_Loss_Estimation" type="incident:LossEstimationType" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>The Initial_Reported_Total_Loss_Estimation field is optional and specifies the initially reported level of total estimated financial loss for the Incident.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="Actual_Total_Loss_Estimation" type="incident:LossEstimationType" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>The Actual_Total_Loss_Estimation field is optional and specifies the actual level of total estimated financial loss for the Incident.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+		</xs:sequence>
+	</xs:complexType>
+	<xs:complexType name="IndirectImpactSummaryType">
+		<xs:sequence>
+			<xs:element name="Loss_Of_Competitive_Advantage" type="stixCommon:ControlledVocabularyStringType" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>
+						The Loss_Of_Competitive_Advantage field is optional and characterizes (at a high level) the level of impact based on loss of competitive advantage that occured in the Incident including loss/damage/exposure of IP, corporate wisdom, ability to compete, key personnel, etc.
+					
+						This field is implemented through the xsi:type controlled vocabulary extension mechanism. The default vocabulary type is SecurityCompromiseVocab-1.0 in the http://stix.mitre.org/default_vocabularies-1 namespace. This type is defined in the stix_default_vocabularies.xsd file or at the URL http://stix.mitre.org/XMLSchema/default_vocabularies/1.0.0/stix_default_vocabularies.xsd .
+
+						Users may also define their own vocabulary using the type extension mechanism, specify a vocabulary name and reference using the attributes, or simply use this as a string field.
+					</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="Brand_And_Market_Damage" type="stixCommon:ControlledVocabularyStringType" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>
+						The Brand_And_Market_Damage field is optional and characterizes (at a high level) the level of impact based on brand or market damage that occured in the Incident including lost customers or partners, decrease in market value or share, advertising, rebranding, etc.
+					
+						This field is implemented through the xsi:type controlled vocabulary extension mechanism. The default vocabulary type is SecurityCompromiseVocab-1.0 in the http://stix.mitre.org/default_vocabularies-1 namespace. This type is defined in the stix_default_vocabularies.xsd file or at the URL http://stix.mitre.org/XMLSchema/default_vocabularies/1.0.0/stix_default_vocabularies.xsd .
+
+						Users may also define their own vocabulary using the type extension mechanism, specify a vocabulary name and reference using the attributes, or simply use this as a string field.
+					</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="Increased_Operating_Costs" type="stixCommon:ControlledVocabularyStringType" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>
+						The Increased_Operating_Costs field is optional and characterizes (at a high level) the level of impact based on increased operating costs that occured in the Incident including cost of additional audits, new hires or training, mandatory action, higher insurance, etc.
+					
+						This field is implemented through the xsi:type controlled vocabulary extension mechanism. The default vocabulary type is SecurityCompromiseVocab-1.0 in the http://stix.mitre.org/default_vocabularies-1 namespace. This type is defined in the stix_default_vocabularies.xsd file or at the URL http://stix.mitre.org/XMLSchema/default_vocabularies/1.0.0/stix_default_vocabularies.xsd .
+
+						Users may also define their own vocabulary using the type extension mechanism, specify a vocabulary name and reference using the attributes, or simply use this as a string field.
+					</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="Legal_And_Regulatory_Costs" type="stixCommon:ControlledVocabularyStringType" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>
+						The Legal_And_Regulatory_Costs field is optional and characterizes (at a high level) the level of impact based on legal and regulatory costs that occured in the Incident including legal fees, lawsuits, customer damages, contract violations, etc.
+					
+						This field is implemented through the xsi:type controlled vocabulary extension mechanism. The default vocabulary type is SecurityCompromiseVocab-1.0 in the http://stix.mitre.org/default_vocabularies-1 namespace. This type is defined in the stix_default_vocabularies.xsd file or at the URL http://stix.mitre.org/XMLSchema/default_vocabularies/1.0.0/stix_default_vocabularies.xsd .
+
+						Users may also define their own vocabulary using the type extension mechanism, specify a vocabulary name and reference using the attributes, or simply use this as a string field.
+					</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+		</xs:sequence>
+	</xs:complexType>
+	<xs:complexType name="DirectImpactSummaryType">
+		<xs:sequence>
+			<xs:element name="Asset_Losses" type="stixCommon:ControlledVocabularyStringType" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>
+						The Asset_Losses field is optional and characterizes (at a high level) the level of asset-related losses that occured in the Incident, including lost or damaged assets, stolen funds, cash outlays, etc.
+					
+						This field is implemented through the xsi:type controlled vocabulary extension mechanism. The default vocabulary type is ImpactRatingVocab-1.0 in the http://stix.mitre.org/default_vocabularies-1 namespace. This type is defined in the stix_default_vocabularies.xsd file or at the URL http://stix.mitre.org/XMLSchema/default_vocabularies/1.0.0/stix_default_vocabularies.xsd .
+
+						Users may also define their own vocabulary using the type extension mechanism, specify a vocabulary name and reference using the attributes, or simply use this as a string field.
+					</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="Business-Mission_Disruption" type="stixCommon:ControlledVocabularyStringType" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>
+						The Business-Mission_Disruption field is optional and characterizes (at a high level) the level of business or mission disruption impact that occured in the Incident including unproductive man-hours, lost revenue from system downtime, etc.
+					
+						This field is implemented through the xsi:type controlled vocabulary extension mechanism. The default vocabulary type is ImpactRatingVocab-1.0 in the http://stix.mitre.org/default_vocabularies-1 namespace. This type is defined in the stix_default_vocabularies.xsd file or at the URL http://stix.mitre.org/XMLSchema/default_vocabularies/1.0.0/stix_default_vocabularies.xsd .
+
+						Users may also define their own vocabulary using the type extension mechanism, specify a vocabulary name and reference using the attributes, or simply use this as a string field.
+					</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="Response_And_Recovery_Costs" type="stixCommon:ControlledVocabularyStringType" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>
+						The Response_And_Recovery_Costs field is optional and characterizes (at a high level) the level of response and recovery related costs that occured in the Incident including cost of response, investigation, remediation, restoration, etc.	
+						
+						This field is implemented through the xsi:type controlled vocabulary extension mechanism. The default vocabulary type is ImpactRatingVocab-1.0 in the http://stix.mitre.org/default_vocabularies-1 namespace. This type is defined in the stix_default_vocabularies.xsd file or at the URL http://stix.mitre.org/XMLSchema/default_vocabularies/1.0.0/stix_default_vocabularies.xsd .
+
+						Users may also define their own vocabulary using the type extension mechanism, specify a vocabulary name and reference using the attributes, or simply use this as a string field.
+					</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+		</xs:sequence>
+	</xs:complexType>
+	<xs:complexType name="NatureOfSecurityEffectType">
+		<xs:sequence>
+			<xs:element name="Property_Affected" type="incident:PropertyAffectedType" minOccurs="0" maxOccurs="unbounded">
+				<xs:annotation>
+					<xs:documentation>The Property_Affected field is optional and characterizes how a particular security property of the Asset was affected.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+		</xs:sequence>
+	</xs:complexType>
+	<xs:complexType name="AssetTypeType">
+		<xs:simpleContent>
+			<xs:extension base="stixCommon:ControlledVocabularyStringType">
+				<xs:attribute name="count_affected">
+					<xs:annotation>
+						<xs:documentation>
+							This field specifies the number of assets of this type affected.
+						
+							This field is implemented through the xsi:type controlled vocabulary extension mechanism. The default vocabulary type is AssetTypeVocab-1.0 in the http://stix.mitre.org/default_vocabularies-1 namespace. This type is defined in the stix_default_vocabularies.xsd file or at the URL http://stix.mitre.org/XMLSchema/default_vocabularies/1.0.0/stix_default_vocabularies.xsd .
+
+							Users may also define their own vocabulary using the type extension mechanism, specify a vocabulary name and reference using the attributes, or simply use this as a string field.
+						</xs:documentation>
+					</xs:annotation>
+				</xs:attribute>
+			</xs:extension>
+		</xs:simpleContent>
+	</xs:complexType>
+	<xs:complexType name="HistoryItemType">
+		<xs:choice>
+			<xs:element name="Action_Entry" type="incident:COATakenType" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>The Action_Entry field is optional and provides a record of actions taken during the handling of the Incident.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="Journal_Entry" type="incident:JournalEntryType" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>The Journal_Entry field is optional and provides journal notes for information discovered during the handling of the Incident.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+		</xs:choice>
+	</xs:complexType>
+	<xs:complexType name="HistoryType">
+		<xs:sequence>
+			<xs:element name="History_Item" type="incident:HistoryItemType" minOccurs="0" maxOccurs="unbounded">
+				<xs:annotation>
+					<xs:documentation>The History_Item field provides a log entry of an event or action taken during the handling of the Incident. </xs:documentation>
+				</xs:annotation>
+			</xs:element>
+		</xs:sequence>
+	</xs:complexType>
+	<xs:complexType name="RelatedIncidentsType">
+		<xs:complexContent>
+			<xs:extension base="stixCommon:GenericRelationshipListType">
+				<xs:sequence>
+					<xs:element name="Related_Incident" type="stixCommon:RelatedIncidentType" maxOccurs="unbounded">
+						<xs:annotation>
+							<xs:documentation>The Related_Incident field identifies or characterizes another Incident related to this Incident. </xs:documentation>
+						</xs:annotation>
+					</xs:element>
+				</xs:sequence>
+			</xs:extension>
+		</xs:complexContent>
+	</xs:complexType>
+	<xs:complexType name="LeveragedTTPsType">
+		<xs:complexContent>
+			<xs:extension base="stixCommon:GenericRelationshipListType">
+				<xs:sequence>
+					<xs:element name="Leveraged_TTP" type="stixCommon:RelatedTTPType" maxOccurs="unbounded">
+						<xs:annotation>
+							<xs:documentation>The Leveraged_TTP field specifies a single TTP asserted to be related to this cyber threat Incident.</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+				</xs:sequence>
+			</xs:extension>
+		</xs:complexContent>
+	</xs:complexType>
+	<xs:complexType name="RelatedObservablesType">
+		<xs:complexContent>
+			<xs:extension base="stixCommon:GenericRelationshipListType">
+				<xs:sequence>
+					<xs:element name="Related_Observable" type="stixCommon:RelatedObservableType" maxOccurs="unbounded">
+						<xs:annotation>
+							<xs:documentation>The Related_Observable field identifies or characterizes a cyber threat observable related to this Incident. </xs:documentation>
+						</xs:annotation>
+					</xs:element>
+				</xs:sequence>
+			</xs:extension>
+		</xs:complexContent>
+	</xs:complexType>
+	<xs:complexType name="RelatedIndicatorsType">
+		<xs:complexContent>
+			<xs:extension base="stixCommon:GenericRelationshipListType">
+				<xs:sequence>
+					<xs:element name="Related_Indicator" type="stixCommon:RelatedIndicatorType" maxOccurs="unbounded">
+						<xs:annotation>
+							<xs:documentation>The Related_Indicator field identifies or characterizes a cyber threat Indicator related to this Incident. </xs:documentation>
+						</xs:annotation>
+					</xs:element>
+				</xs:sequence>
+			</xs:extension>
+		</xs:complexContent>
+	</xs:complexType>
+	<xs:complexType name="AttributedThreatActorsType">
+		<xs:annotation>
+			<xs:documentation>The AttributedThreatActorsType specifies a Threat Actor asserted to be attributed for this Incident.</xs:documentation>
+		</xs:annotation>
+		<xs:complexContent>
+			<xs:extension base="stixCommon:GenericRelationshipListType">
+				<xs:sequence>
+					<xs:element name="Threat_Actor" type="stixCommon:RelatedThreatActorType" maxOccurs="unbounded">
+						<xs:annotation>
+							<xs:documentation>The Threat_Actor field specifies details of a Threat Actor asserted to be attributed for this Incident.</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+				</xs:sequence>
+			</xs:extension>
+		</xs:complexContent>
+	</xs:complexType>
+	<xs:complexType name="AffectedAssetsType">
+		<xs:sequence>
+			<xs:element name="Affected_Asset" type="incident:AffectedAssetType" minOccurs="0" maxOccurs="unbounded">
+				<xs:annotation>
+					<xs:documentation>The Affected_Asset field is optional and characterizes a particular asset affected during the Incident.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+		</xs:sequence>
+	</xs:complexType>
+	<xs:complexType name="TimeType">
+		<xs:sequence>
+			<xs:element name="First_Malicious_Action" type="xs:dateTime" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>The First_Malicious_Action field specifies the time that the first malicious action related to this Incident occured.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="Initial_Compromise" type="xs:dateTime" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>The Initial_Compromise field specifies the time that the initial compromise occured for this Incident.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="First_Data_Exfiltration" type="xs:dateTime" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>The First_Data_Exfiltration field specifies the first time at which non-public data was taken from the victim environment</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="Incident_Discovery" type="xs:dateTime" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>The Incident_Discovery field specifies the first time at which the organization learned the incident had occurred.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="Incident_Opened" type="xs:dateTime" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>The Incident_Opened field specifies the time at which the Incident was officially opened.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="Containment_Achieved" type="xs:dateTime" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>The Containment_Achieved field specifies the first time at which the incident is contained (e.g., the “bleeding is stopped”).</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="Restoration_Achieved" type="xs:dateTime" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>The Restoration_Achieved field specifies the first time at which the incident's assets are restored (e.g., fully functional)”.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="Incident_Reported" type="xs:dateTime" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>The Incident_Reported field specifies the time at which the Incident was reported.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="Incident_Closed" type="xs:dateTime" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>The Incident_Closed field specifies the time at which the Incident was officially closed.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+		</xs:sequence>
+	</xs:complexType>
+	<xs:complexType name="CategoriesType">
+		<xs:annotation>
+			<xs:documentation>Represents a list of incident categories that an incident is tagged with.</xs:documentation>
+		</xs:annotation>
+		<xs:sequence>
+			<xs:element name="Category" type="stixCommon:ControlledVocabularyStringType" minOccurs="1" maxOccurs="unbounded">
+				<xs:annotation>
+					<xs:documentation>
+						Represents a single category that this incident is tagged with.
+					
+						This field is implemented through the xsi:type controlled vocabulary extension mechanism. The default vocabulary type is IncidentCategoryVocab-1.0 in the http://stix.mitre.org/default_vocabularies-1 namespace. This type is defined in the stix_default_vocabularies.xsd file or at the URL http://stix.mitre.org/XMLSchema/default_vocabularies/1.0.0/stix_default_vocabularies.xsd .
+
+						Users may also define their own vocabulary using the type extension mechanism, specify a vocabulary name and reference using the attributes, or simply use this as a string field.
+					</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+		</xs:sequence>
+	</xs:complexType>
+	<xs:complexType name="EffectsType">
+		<xs:annotation>
+			<xs:documentation>Represents a list of incident effects that an incident is tagged with.</xs:documentation>
+		</xs:annotation>
+		<xs:sequence>
+			<xs:element name="Effect" type="stixCommon:ControlledVocabularyStringType" minOccurs="1" maxOccurs="unbounded">
+				<xs:annotation>
+					<xs:documentation>
+						Represents a single effect that this incident is tagged with.
+						
+						This field is implemented through the xsi:type controlled vocabulary extension mechanism. The default vocabulary type is IncidentEffectVocab-1.0 in the http://stix.mitre.org/default_vocabularies-1 namespace. This type is defined in the stix_default_vocabularies.xsd file or at the URL http://stix.mitre.org/XMLSchema/default_vocabularies/1.0.0/stix_default_vocabularies.xsd .
+
+						Users may also define their own vocabulary using the type extension mechanism, specify a vocabulary name and reference using the attributes, or simply use this as a string field.
+					</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+		</xs:sequence>
+	</xs:complexType>
+</xs:schema>
diff --git a/stix_validator/schema/indicator.xsd b/stix_validator/schema/indicator.xsd
new file mode 100755
index 0000000..1254b1a
--- /dev/null
+++ b/stix_validator/schema/indicator.xsd
@@ -0,0 +1,309 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<xs:schema xmlns:xs="http://www.w3.org/2001/XMLSchema" xmlns:indicator="http://stix.mitre.org/Indicator-2" xmlns:cybox="http://cybox.mitre.org/cybox-2" xmlns:stixCommon="http://stix.mitre.org/common-1" xmlns:marking="http://data-marking.mitre.org/Marking-1" targetNamespace="http://stix.mitre.org/Indicator-2" elementFormDefault="qualified" attributeFormDefault="unqualified" version="2.0" xml:lang="English">
+	<xs:annotation>
+		<xs:documentation>This schema was originally developed by The MITRE Corporation. The STIX XML Schema implementation is maintained by The MITRE Corporation and developed by the open STIX Community. For more information, including how to get involved in the effort and how to submit change requests, please visit the STIX website at http://stix.mitre.org. </xs:documentation>
+		<xs:appinfo>
+			<schema>STIX Indicator</schema>
+			<version>2.0</version>
+			<date>04/08/2013 9:00:00 AM</date>
+			<short_description>Structured Threat Information eXpression (STIX) - Indicator - Schematic implementation for the Indicator construct within the STIX structured cyber threat expression language architecture.</short_description>
+			<terms_of_use>Copyright (c) 2012-2013, The MITRE Corporation. All rights reserved. The contents of this file are subject to the terms of the STIX License located at http://stix.mitre.org/about/termsofuse.html. See the STIX License for the specific language governing permissions and limitations for use of this schema. When distributing copies of the STIX Schema, this license header must be included. </terms_of_use>
+		</xs:appinfo>
+	</xs:annotation>
+	<xs:import namespace="http://cybox.mitre.org/cybox-2" schemaLocation="cybox/cybox_core.xsd"/>
+	<xs:import namespace="http://stix.mitre.org/common-1" schemaLocation="stix_common.xsd"/>
+	<xs:import namespace="http://data-marking.mitre.org/Marking-1" schemaLocation="data_marking.xsd"/>
+	<xs:element name="Indicator" type="indicator:IndicatorType"/>
+	<xs:complexType name="IndicatorType">
+		<xs:annotation>
+			<xs:documentation>The IndicatorType characterizes a cyber threat indicator made up of a pattern identifying certain observable conditions as well as contextual information about the patterns meaning, how and when it should be acted on, etc. </xs:documentation>
+		</xs:annotation>
+		<xs:complexContent>
+			<xs:extension base="stixCommon:IndicatorBaseType">
+				<xs:sequence>
+					<xs:element name="Title" type="xs:string" minOccurs="0">
+						<xs:annotation>
+							<xs:documentation>The Title field provides a simple title for this Indicator.</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+					<xs:element name="Type" type="stixCommon:ControlledVocabularyStringType" minOccurs="0">
+						<xs:annotation>
+							<xs:documentation>
+								Specifies the type for this Indicator.
+							
+								This field is implemented through the xsi:type controlled vocabulary extension mechanism. The default vocabulary type is IndicatorTypeVocabularyType in the http://stix.mitre.org/default_vocabularies-1 namespace. This type is defined in the stix_default_vocabularies.xsd file or at the URL http://stix.mitre.org/XMLSchema/default_vocabularies/1.0.0/stix_default_vocabularies.xsd .
+
+								Users may also define their own vocabulary using the type extension mechanism, specify a vocabulary name and reference using the attributes, or simply use this as a string field.							
+							</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+					<xs:element name="Alternative_ID" type="xs:string" minOccurs="0" maxOccurs="unbounded">
+						<xs:annotation>
+							<xs:documentation>Specifies an alternative identifier (or alias) for the cyber threat Indicator.</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+					<xs:element name="Description" type="stixCommon:StructuredTextType" minOccurs="0">
+						<xs:annotation>
+							<xs:documentation>Specifies a description for this Indicator.</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+					<xs:element name="Valid_Time_Position" type="indicator:ValidTimeType" minOccurs="0" maxOccurs="unbounded">
+						<xs:annotation>
+							<xs:documentation>Specifies the time window for which this Indicator is valid.</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+					<xs:choice>
+						<xs:annotation>
+							<xs:documentation>Content creators should either create a "simple indicator" containing one observable, or a "composite indicator" containing multiple indicators.</xs:documentation>
+						</xs:annotation>
+						<xs:element name="Observable" type="cybox:ObservableType" minOccurs="0">
+							<xs:annotation>
+								<xs:documentation>Specifies a relevant cyber observable for this Indicator.</xs:documentation>
+							</xs:annotation>
+						</xs:element>
+						<xs:element name="Composite_Indicator_Expression" type="indicator:CompositeIndicatorExpressionType" minOccurs="0">
+							<xs:annotation>
+								<xs:documentation>Specifies a multipartite composite Indicator.</xs:documentation>
+							</xs:annotation>
+						</xs:element>
+					</xs:choice>
+					<xs:element name="Indicated_TTP" type="stixCommon:RelatedTTPType" minOccurs="0" maxOccurs="unbounded">
+						<xs:annotation>
+							<xs:documentation>Specifies the relevant TTP indicated by this Indicator.</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+					<xs:element name="Kill_Chain_Phases" type="stixCommon:KillChainPhasesReferenceType" minOccurs="0">
+						<xs:annotation>
+							<xs:documentation>Specifies relevant kill chain phases indicated by this Indicator.</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+					<xs:element name="Test_Mechanisms" type="indicator:TestMechanismsType" minOccurs="0">
+						<xs:annotation>
+							<xs:documentation>The TestMechanisms field specifies Test Mechanisms effective at identifying the cyber Observables specified in this cyber threat Indicator.</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+					<xs:element name="Likely_Impact" type="stixCommon:StatementType" minOccurs="0">
+						<xs:annotation>
+							<xs:documentation>Specifies the likely potential impact within the relevant context if this Indicator were to occur. This is typically local to an Indicator consumer and not typically shared. This field includes a Description of the likely potential impact within the relevant context if this Indicator were to occur and a Confidence held in the accuracy of this assertion. NOTE: This structure potentially still needs to be fleshed out more for structured characterization of impact. </xs:documentation>
+						</xs:annotation>
+					</xs:element>
+					<xs:element name="Suggested_COAs" type="indicator:SuggestedCOAsType" minOccurs="0">
+						<xs:annotation>
+							<xs:documentation>The Suggested_COAs field specifies suggested Courses of Action for this cyber threat Indicator.</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+					<xs:element name="Handling" type="marking:MarkingType" minOccurs="0">
+						<xs:annotation>
+							<xs:documentation>Specifies the relevant handling guidance for this Indicator. The valid marking scope is the nearest IndicatorBaseType ancestor of this Handling element and all its descendants.</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+					<xs:element name="Confidence" type="stixCommon:ConfidenceType" minOccurs="0">
+						<xs:annotation>
+							<xs:documentation>Specifies a level of confidence held in the accuracy of this Indicator.</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+					<xs:element name="Sightings" type="indicator:SightingsType" minOccurs="0">
+						<xs:annotation>
+							<xs:documentation>Characterizes a set of sighting reports for this Indicator.</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+					<xs:element name="Related_Indicators" type="indicator:RelatedIndicatorsType" minOccurs="0">
+						<xs:annotation>
+							<xs:documentation>The Related_Indicators field is optional and enables content producers to express a relationship between the enclosing indicator (i.e., the subject of the relationship) and a disparate indicator (i.e., the object side of the relationship).</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+					<xs:element name="Producer" type="stixCommon:InformationSourceType" minOccurs="0">
+						<xs:annotation>
+							<xs:documentation>The Producer field details the source of this entry.</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+				</xs:sequence>
+				<xs:attribute name="version" type="indicator:IndicatorVersionType" default="2.0">
+					<xs:annotation>
+						<xs:documentation>Specifies the relevant STIX-Indicator schema version for this content.</xs:documentation>
+					</xs:annotation>
+				</xs:attribute>
+				<xs:attribute name="negate" type="xs:boolean" default="false">
+					<xs:annotation>
+						<xs:documentation>The negate field applies when using an Indicator as a pattern and specifies the absence of the pattern.</xs:documentation>
+					</xs:annotation>
+				</xs:attribute>
+			</xs:extension>
+		</xs:complexContent>
+	</xs:complexType>
+	<xs:simpleType name="IndicatorVersionType">
+		<xs:annotation>
+			<xs:documentation>An enumeration of all versions of the Indicator type valid in the current release of STIX.</xs:documentation>
+		</xs:annotation>
+		<xs:restriction base="xs:string">
+			<xs:enumeration value="2.0"/>
+		</xs:restriction>
+	</xs:simpleType>
+	<xs:complexType name="ValidTimeType">
+		<xs:annotation>
+			<!-- NOTE: this is a very simple representation, if desired, the schema could import something more expressive like gml temporal semantics (see gml:timeposition here: http://schemas.opengis.net/gml/3.1.1/base/temporal.xsd). -->
+			<xs:documentation>A basic representation of a temporal window when the thing (e.g., indicator) is valid. </xs:documentation>
+		</xs:annotation>
+		<xs:sequence>
+			<xs:element name="Start_Time" type="xs:dateTime" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>If not present, then client should assume infinity (i.e., temporal window is only bounded by the end-time). </xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="End_Time" type="xs:dateTime" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>If not present, then client should assume infinity (i.e., temporal window is only bounded by the start-time). </xs:documentation>
+				</xs:annotation>
+			</xs:element>
+		</xs:sequence>
+	</xs:complexType>
+	<!-- *************************************************************************** -->
+	<!-- *  definitions to allow for relationships (both logical boolean           * -->
+	<!-- *  combinations and custom relationships) of indicators                   * -->
+	<!-- *************************************************************************** -->
+	<xs:complexType name="CompositeIndicatorExpressionType">
+		<xs:annotation>
+			<xs:documentation>Type for allowing content creators to create composite indicator expressions using basic boolean logic. </xs:documentation>
+		</xs:annotation>
+		<xs:sequence>
+			<xs:element ref="indicator:Indicator" minOccurs="0" maxOccurs="unbounded">
+				<xs:annotation>
+					<xs:documentation>The indicator field specifies one cyber threat indicator asserting a relationship between a cyber observable and a TTP.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+		</xs:sequence>
+		<xs:attribute name="operator" type="indicator:OperatorTypeEnum" use="required">
+			<xs:annotation>
+				<xs:documentation>Specifies the logical composition operator for this composite cyber threat Indicator.</xs:documentation>
+			</xs:annotation>
+		</xs:attribute>
+	</xs:complexType>
+	<xs:simpleType name="OperatorTypeEnum">
+		<xs:annotation>
+			<xs:documentation>OperatorTypeEnum is an enumeration of valid operators.</xs:documentation>
+		</xs:annotation>
+		<xs:restriction base="xs:string">
+			<xs:enumeration value="AND"/>
+			<xs:enumeration value="OR"/>
+		</xs:restriction>
+	</xs:simpleType>
+	<!---->
+	<xs:complexType name="TestMechanismType" abstract="true">
+		<xs:annotation>
+			<xs:documentation>
+				The TestMechanismType specifies a non-standard Test Mechanism effective at identifying the cyber Observables specified in this cyber threat Indicator.
+
+				This type is defined as abstract and is intended to be extended to enable the expression of any structured or unstructured test mechanism. STIX provides five default options, Generic, OpenIOC, OVAL, Snort, and YARA. Additionally, those who wish to use another format may do so by using either the existing Generic test mechanism and putting the mechanism specification in the CDATA block or by defining a new extension to this type. The information for the STIX-provided extensions is:
+
+				1. Generic: The Generic test mechanism allows for the specification of any generic test mechanism through the use of a raw CDATA section. The type is named GenericTestMechanismType and is in the http://stix.mitre.org/extensions/TestMechanism#Generic-1 namespace. The extension is defined in the file extensions/test_mechanism/generic.xsd or at the URL http://stix.mitre.org/XMLSchema/extensions/test_mechanism/generic/1.0/generic.xsd.
+
+				2. OpenIOC: The OpenIOC test mechanism allows for the specification of an OpenIOC test by importing the OpenIOC schema. The type is named IOCTestMechanismType and is in the http://stix.mitre.org/extensions/TestMechanism#OpenIOC-1 namespace. The extension is defined in the file extensions/test_mechanism/openioc-1.0.xsd or at the URL http://stix.mitre.org/XMLSchema/extensions/test_mechanism/openioc-1.0/1.0/openioc-1.0.xsd.
+
+				3. OVAL: The OVAL test mechanism allows for the specification of an OVAL definition through importing the OVAL schemas. The type is named OVALTestMechanismType and is in the http://stix.mitre.org/extensions/TestMechanism#OVAL-1 namespace. The extension is defined in the file extensions/test_mechanism/oval-5.10.1.xsd or at the URL http://stix.mitre.org/XMLSchema/extensions/test_mechanism/oval-5.10.1/1.0/oval-5.10.1.xsd.
+
+				4. Snort: The Snort test mechanism allows for the specification of a snort signature through the use of a raw CDATA section. The type is named SnortTestMechanismType and is in the http://stix.mitre.org/extensions/TestMechanism#Snort-1 namespace. The extension is defined in the file extensions/test_mechanism/snort.xsd or at the URL http://stix.mitre.org/XMLSchema/extensions/test_mechanism/snort/1.0/snort.xsd.
+
+				5. YARA: The YARA test mechanism allows for the specification of a YARA test through the use of a raw CDATA section. The type is named YaraTestMechanismType and is in the http://stix.mitre.org/extensions/TestMechanism#YARA-1 namespace. The extension is defined in the file extensions/test_mechanism/yara.xsd or at the URL http://stix.mitre.org/XMLSchema/extensions/test_mechanism/yara/1.0/yara.xsd.
+			</xs:documentation>
+		</xs:annotation>
+		<xs:sequence>
+			<xs:element name="Efficacy" type="stixCommon:StatementType" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>The Efficacy field provides an assertion of likely effectiveness of this TestMechanism to detect the targeted cyber Observables. The field includes a description of the asserted efficacy of this TestMechanism and a confidence held in the asserted efficacy of this TestMechanism to detect the targeted cyber Observables.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="Producer" type="stixCommon:InformationSourceType" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>The Producer field details the source of this entry.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+		</xs:sequence>
+		<xs:attribute name="id" type="xs:QName">
+			<xs:annotation>
+				<xs:documentation>Specifies a unique ID for this Test Mechanism.</xs:documentation>
+			</xs:annotation>
+		</xs:attribute>
+		<xs:attribute name="idref" type="xs:QName">
+			<xs:annotation>
+				<xs:documentation>Specifies a reference to the ID of a Test Mechanism specified elsewhere.</xs:documentation>
+			</xs:annotation>
+		</xs:attribute>
+	</xs:complexType>
+	<!---->
+	<xs:complexType name="SightingsType">
+		<xs:sequence>
+			<xs:element name="Sighting" type="indicator:SightingType" maxOccurs="unbounded">
+				<xs:annotation>
+					<xs:documentation>This field characterizes a single sighting report for this Indicator.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+		</xs:sequence>
+		<xs:attribute name="sightings_count" type="xs:integer">
+			<xs:annotation>
+				<xs:documentation>The total number of times this Indicator was reported as sighted.</xs:documentation>
+			</xs:annotation>
+		</xs:attribute>
+	</xs:complexType>
+	<xs:complexType name="SightingType">
+		<xs:annotation>
+			<xs:documentation>Describes a single sighting of an indicator.</xs:documentation>
+		</xs:annotation>
+		<xs:sequence>
+			<xs:element name="Source" type="stixCommon:StructuredTextType" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>This field provides a name or description of the sighting source.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="Reference" type="xs:anyURI" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>This field provides a formal reference to the sighting source.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="Confidence" type="stixCommon:ConfidenceType" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>This field provides a confidence assertion in the accuracy of this sighting.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+		</xs:sequence>
+		<xs:attribute name="timestamp" type="xs:dateTime">
+			<xs:annotation>
+				<xs:documentation>This field provides the date and time of the Indicator sighting.</xs:documentation>
+			</xs:annotation>
+		</xs:attribute>
+	</xs:complexType>
+	<xs:complexType name="RelatedIndicatorsType">
+		<xs:complexContent>
+			<xs:extension base="stixCommon:GenericRelationshipListType">
+				<xs:sequence>
+					<xs:element name="Related_Indicator" type="stixCommon:RelatedIndicatorType" maxOccurs="unbounded">
+						<xs:annotation>
+							<xs:documentation>The Related_Indicator field is optional and enables content producers to express a relationship between the enclosing indicator (i.e., the subject of the relationship) and a disparate indicator (i.e., the object side of the relationship).</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+				</xs:sequence>
+			</xs:extension>
+		</xs:complexContent>
+	</xs:complexType>
+	<xs:complexType name="SuggestedCOAsType">
+		<xs:complexContent>
+			<xs:extension base="stixCommon:GenericRelationshipListType">
+				<xs:sequence>
+					<xs:element name="Suggested_COA" type="stixCommon:RelatedCourseOfActionType" maxOccurs="unbounded">
+						<xs:annotation>
+							<xs:documentation>The Suggested_COA field specifies a suggested Course of Action for this cyber threat Indicator.</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+				</xs:sequence>
+			</xs:extension>
+		</xs:complexContent>
+	</xs:complexType>
+	<xs:complexType name="TestMechanismsType">
+		<xs:sequence>
+			<xs:element name="Test_Mechanism" type="indicator:TestMechanismType" maxOccurs="unbounded">
+				<xs:annotation>
+					<xs:documentation>The TestMechanism field specifies a non-standard Test Mechanism effective at identifying the cyber Observables specified in this cyber threat Indicator. This field is defined as of type TestMechanismType which is an abstract type enabling the extension and inclusion of various formats of Test Mechanism specifications.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+		</xs:sequence>
+	</xs:complexType>
+</xs:schema>
diff --git a/stix_validator/schema/stix_common.xsd b/stix_validator/schema/stix_common.xsd
new file mode 100755
index 0000000..3c61a0d
--- /dev/null
+++ b/stix_validator/schema/stix_common.xsd
@@ -0,0 +1,762 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<xs:schema xmlns:xs="http://www.w3.org/2001/XMLSchema" xmlns:cyboxCommon="http://cybox.mitre.org/common-2" xmlns:cybox="http://cybox.mitre.org/cybox-2" xmlns:stixCommon="http://stix.mitre.org/common-1" targetNamespace="http://stix.mitre.org/common-1" elementFormDefault="qualified" attributeFormDefault="unqualified" version="1.0" xml:lang="English">
+	<xs:annotation>
+		<xs:documentation>This schema was originally developed by The MITRE Corporation. The STIX XML Schema implementation is maintained by The MITRE Corporation and developed by the open STIX Community. For more information, including how to get involved in the effort and how to submit change requests, please visit the STIX website at http://stix.mitre.org. </xs:documentation>
+		<xs:appinfo>
+			<schema>STIX Common</schema>
+			<version>1.0</version>
+			<date>04/08/2013 9:00:00 AM</date>
+			<short_description>Structured Threat Information eXpression (STIX) - Common - Schematic implementation for the common types of a structured cyber threat expression language architecture.</short_description>
+			<terms_of_use>Copyright (c) 2012-2013, The MITRE Corporation. All rights reserved. The contents of this file are subject to the terms of the STIX License located at http://stix.mitre.org/about/termsofuse.html. See the STIX License for the specific language governing permissions and limitations for use of this schema. When distributing copies of the STIX Schema, this license header must be included. </terms_of_use>
+		</xs:appinfo>
+	</xs:annotation>
+	<xs:import namespace="http://cybox.mitre.org/common-2" schemaLocation="cybox/cybox_common.xsd"/>
+	<xs:import namespace="http://cybox.mitre.org/cybox-2" schemaLocation="cybox/cybox_core.xsd"/>
+	<xs:complexType name="InformationSourceType">
+		<xs:annotation>
+			<xs:documentation>The InformationSourceType details the source of a given data entry.</xs:documentation>
+		</xs:annotation>
+		<xs:sequence>
+			<xs:element name="Identity" type="stixCommon:IdentityType" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>
+						The Identity field is optional and specifies the identity of the information source.
+
+						This field is implemented through the xsi:type extension mechanism. The default type is CIQIdentity3.0InstanceType in the http://stix.mitre.org/extensions/Identity#CIQIdentity3.0-1 namespace. This type is defined in the extensions/identity/ciq_identity.xsd file or at the URL http://stix.mitre.org/XMLSchema/extensions/identity/ciq_identity/1.0/ciq_identity.xsd.
+				
+						Those who wish to express a simple name may also do so by not specifying an xsi:type and using the Name field.
+					</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="Contributors" type="stixCommon:ContributorsType" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>The Contributors field is optional and enables description of the individual contributors involved in this instance.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="Time" type="cyboxCommon:TimeType" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>The Time element is optional and enables description of various time-related attributes for this instance.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="Tools" type="cyboxCommon:ToolsInformationType" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>The Tools element is optional and enables description of the tools utilized for this instance.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="References" type="stixCommon:ReferencesType" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>The References field is optional and enables specification of references to information source material for this instance.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+		</xs:sequence>
+	</xs:complexType>
+	<!---->
+	<xs:complexType name="ConfidenceType">
+		<xs:annotation>
+			<xs:documentation>The ConfidenceType specifies a level of Confidence held in some assertion.</xs:documentation>
+		</xs:annotation>
+		<xs:sequence>
+			<xs:element name="Value" type="stixCommon:ControlledVocabularyStringType" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>
+						Specifies the level of confidence held in this direct assertion.
+						
+						This field is implemented through the xsi:type controlled vocabulary extension mechanism. The default vocabulary type is HighMediumLowVocab-1.0 in the http://stix.mitre.org/default_vocabularies-1 namespace. This type is defined in the stix_default_vocabularies.xsd file or at the URL http://stix.mitre.org/XMLSchema/default_vocabularies/1.0.0/stix_default_vocabularies.xsd .
+
+						Users may also define their own vocabulary using the type extension mechanism, specify a vocabulary name and reference using the attributes, or simply use this as a string field.
+					</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="Description" type="stixCommon:StructuredTextType" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>The Description field provides a description of the confidence value and how it was derived.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="Source" type="stixCommon:ControlledVocabularyStringType" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>
+						The Source field specifies the source of this confidence assertion. An optional vocabulary name and reference allows the expression of the source name in some given vocabulary context.
+						
+						This field is implemented through the xsi:type controlled vocabulary extension mechanism. No default vocabulary type has been defined for STIX 1.0. Users may either define their own vocabulary using the type extension mechanism, specify a vocabulary name and reference using the attributes, or simply use this as a free string field.
+					</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="Confidence_Assertion_Chain" type="stixCommon:ConfidenceAssertionChainType" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>The Confidence_Assertion_Chain field specifies a set of related confidence levels in this assertion along with who made them, when they were made and how they were made.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+		</xs:sequence>
+		<xs:attribute name="timestamp" type="xs:dateTime">
+			<xs:annotation>
+				<xs:documentation>Specifies the time of this Confidence assertion.</xs:documentation>
+			</xs:annotation>
+		</xs:attribute>
+	</xs:complexType>
+	<!---->
+	<xs:complexType name="ActivityType" abstract="true">
+		<xs:sequence>
+			<xs:element name="Date_Time">
+				<xs:annotation>
+					<xs:documentation>The Date_Time field specifies the date and time at which the activity occured.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="Description" type="stixCommon:StructuredTextType" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>The Description field provides a description of the activity.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+		</xs:sequence>
+	</xs:complexType>
+	<!---->
+	<xs:complexType name="KillChainsType">
+		<xs:sequence>
+			<xs:element name="Kill_Chain" type="stixCommon:KillChainType" maxOccurs="unbounded">
+				<xs:annotation>
+					<xs:documentation>This field specifies a single kill chain definition for reference within specific TTP entries, Indicators and elsewhere.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+		</xs:sequence>
+	</xs:complexType>
+	<xs:complexType name="KillChainType">
+		<xs:annotation>
+			<xs:documentation>The KillChainType characterizes a specific Kill Chain definition for reference within specific TTP entries, Indicators and elsewhere.</xs:documentation>
+		</xs:annotation>
+		<xs:sequence>
+			<xs:element name="Kill_Chain_Phase" type="stixCommon:KillChainPhaseType" maxOccurs="unbounded">
+				<xs:annotation>
+					<xs:documentation>This field specifies the name of an individual phase within this kill chain definition.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+		</xs:sequence>
+		<xs:attribute name="id" type="xs:QName">
+			<xs:annotation>
+				<xs:documentation>A globally unique identifier for this kill chain definition.</xs:documentation>
+			</xs:annotation>
+		</xs:attribute>
+		<xs:attribute name="name" type="xs:string">
+			<xs:annotation>
+				<xs:documentation>A descriptive name for this kill chain definition.</xs:documentation>
+			</xs:annotation>
+		</xs:attribute>
+		<xs:attribute name="definer">
+			<xs:annotation>
+				<xs:documentation>The organization or individual responsible for this kill chain definition.</xs:documentation>
+			</xs:annotation>
+		</xs:attribute>
+		<xs:attribute name="reference" type="xs:anyURI">
+			<xs:annotation>
+				<xs:documentation>A resource reference for this kill chain definition.</xs:documentation>
+			</xs:annotation>
+		</xs:attribute>
+		<xs:attribute name="number_of_phases">
+			<xs:annotation>
+				<xs:documentation>The number of phases in this kill chain definition.</xs:documentation>
+			</xs:annotation>
+		</xs:attribute>
+	</xs:complexType>
+	<xs:complexType name="KillChainPhaseType">
+		<xs:annotation>
+			<xs:documentation>The KillChainPhaseType characterizes an individual phase within a kill chain definition.</xs:documentation>
+		</xs:annotation>
+		<xs:attribute name="phase_id" type="xs:QName">
+			<xs:annotation>
+				<xs:documentation>This field specifies the ID for the relevant kill chain phase.</xs:documentation>
+			</xs:annotation>
+		</xs:attribute>
+		<xs:attribute name="name" type="xs:string">
+			<xs:annotation>
+				<xs:documentation>This field specifies the descriptive name of the relevant kill chain phase.</xs:documentation>
+			</xs:annotation>
+		</xs:attribute>
+		<xs:attribute name="ordinality" type="xs:int">
+			<xs:annotation>
+				<xs:documentation>This field specifies the ordinality (e.g. 1, 2 or 3) of this phase within this kill chain definition.</xs:documentation>
+			</xs:annotation>
+		</xs:attribute>
+	</xs:complexType>
+	<!---->
+	<xs:complexType name="KillChainPhasesReferenceType">
+		<xs:sequence>
+			<xs:element name="Kill_Chain_Phase" type="stixCommon:KillChainPhaseReferenceType" maxOccurs="unbounded">
+				<xs:annotation>
+					<xs:documentation>The Kill_Chain_Phase field specifies a single Kill Chain phase associated with this item.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+		</xs:sequence>
+	</xs:complexType>
+	<xs:complexType name="KillChainPhaseReferenceType">
+		<xs:complexContent>
+			<xs:extension base="stixCommon:KillChainPhaseType">
+				<xs:attribute name="kill_chain_id" type="xs:QName">
+					<xs:annotation>
+						<xs:documentation>This field specifies the ID for the relevant defined kill chain.</xs:documentation>
+					</xs:annotation>
+				</xs:attribute>
+				<xs:attribute name="kill_chain_name" type="xs:string">
+					<xs:annotation>
+						<xs:documentation>This field specifies the descriptive name of the relevant kill chain.</xs:documentation>
+					</xs:annotation>
+				</xs:attribute>
+			</xs:extension>
+		</xs:complexContent>
+	</xs:complexType>
+	<!---->
+	<xs:complexType name="IdentityType">
+		<xs:annotation>
+			<xs:documentation>
+				The IdentityType is used to express identity information for both individuals and organizations.
+				
+				This type is extended through the xsi:type mechanism. The default type is CIQIdentity3.0InstanceType in the http://stix.mitre.org/extensions/Identity#CIQIdentity3.0-1 namespace. This type is defined in the extensions/identity/ciq_identity_3.0.xsd file or at the URL http://stix.mitre.org/XMLSchema/extensions/identity/ciq_identity_3.0/1.0/ciq_identity_3.0.xsd.
+				
+				Those who wish to express a simple name may also do so by not specifying an xsi:type and using the Name field of this type.			
+			</xs:documentation>
+		</xs:annotation>
+		<xs:sequence>
+			<xs:element name="Name" type="xs:string" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>The Name field allows for expression of an identity through a simple name.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="Related_Identities" type="stixCommon:RelatedIdentitiesType" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>The Related_Identities field identifies other entity Identities related to this entity Identity.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+		</xs:sequence>
+		<xs:attribute name="id" type="xs:QName">
+			<xs:annotation>
+				<xs:documentation>Specifies a unique ID for this Identity.</xs:documentation>
+			</xs:annotation>
+		</xs:attribute>
+		<xs:attribute name="idref" type="xs:QName">
+			<xs:annotation>
+				<xs:documentation>Specifies a reference to a unique ID defined elsewhere.</xs:documentation>
+			</xs:annotation>
+		</xs:attribute>
+	</xs:complexType>
+	<!-- Relationships -->
+	<xs:complexType name="GenericRelationshipListType" abstract="true">
+		<xs:annotation>
+			<xs:documentation>Allows the expression of a list of relationships between STIX components. It's extended throughout STIX and should not be used directly. </xs:documentation>
+		</xs:annotation>
+		<xs:attribute name="scope" type="stixCommon:RelationshipScopeEnum" default="exclusive">
+			<xs:annotation>
+				<xs:documentation>Indicates how multiple related items should be interpreted in this relationship. If "inclusive" is specified, then a single conceptual relationship is being defined between the subject and the collection of objects indicated by the related items (i.e. the relationship is not necessarily relevant for any one particular object being referenced, but for the aggregated collection of objects referenced). If "exclusive" is specified, then multiple relationships are being defined between the specific subject and each object individually. </xs:documentation>
+			</xs:annotation>
+		</xs:attribute>
+	</xs:complexType>
+	<xs:simpleType name="RelationshipScopeEnum">
+		<xs:annotation>
+			<xs:documentation>ScopeEnum is an enumeration of potential assertions on how a group of relationships should be treated.</xs:documentation>
+		</xs:annotation>
+		<xs:restriction base="xs:string">
+			<xs:enumeration value="inclusive">
+				<xs:annotation>
+					<xs:documentation>A single relationship is being defined between the subject and the collection of objects indicated by the related items.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="exclusive">
+				<xs:annotation>
+					<xs:documentation>Multiple relationships are being defined between the specific subject and each object individually.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+		</xs:restriction>
+	</xs:simpleType>
+	<xs:complexType name="GenericRelationshipType" abstract="true">
+		<xs:annotation>
+			<xs:documentation>Allows the expression of relationships between STIX components. It is extended by each component relationship type to add the component itself.</xs:documentation>
+		</xs:annotation>
+		<xs:sequence>
+			<xs:element name="Confidence" type="stixCommon:ConfidenceType" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>The confidence field specifies the level of confidence in the assertion of the relationship between the two components.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="Information_Source" type="stixCommon:InformationSourceType" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>The Information_Source field specifies the source of the information about the relationship between the two components.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="Relationship" type="stixCommon:ControlledVocabularyStringType" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>
+						The relationship field characterizes the type of the relationship between the two components.
+					
+						This field is implemented through the xsi:type controlled vocabulary extension mechanism. No default vocabulary type has been defined for STIX 1.0. Users may either define their own vocabulary using the type extension mechanism, specify a vocabulary name and reference using the attributes, or simply use this as a free string field.
+					</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+		</xs:sequence>
+	</xs:complexType>
+	<xs:complexType name="RelatedCampaignType">
+		<xs:annotation>
+			<xs:documentation>Identifies or characterizes a relationship to a campaign.</xs:documentation>
+		</xs:annotation>
+		<xs:complexContent>
+			<xs:extension base="stixCommon:GenericRelationshipType">
+				<xs:sequence>
+					<xs:element name="Campaign" type="stixCommon:CampaignBaseType" minOccurs="1">
+						<xs:annotation>
+							<xs:documentation>
+								A reference to or representation of the related campaign.
+
+								This field is implemented through the xsi:type extension mechanism. The default and strongly recommended type is CampaignType in the http://stix.mitre.org/Campaign-1 namespace. This type is defined in the campaign.xsd file or at the URL http://stix.mitre.org/XMLSchema/campaign/1.0/campaign.xsd.
+							</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+				</xs:sequence>
+			</xs:extension>
+		</xs:complexContent>
+	</xs:complexType>
+	<xs:complexType name="RelatedCourseOfActionType">
+		<xs:annotation>
+			<xs:documentation>Identifies or characterizes a relationship to a course of action.</xs:documentation>
+		</xs:annotation>
+		<xs:complexContent>
+			<xs:extension base="stixCommon:GenericRelationshipType">
+				<xs:sequence>
+					<xs:element name="Course_Of_Action" type="stixCommon:CourseOfActionBaseType" minOccurs="1">
+						<xs:annotation>
+							<xs:documentation>
+								A reference or representation of the related course of action.
+
+								This field is implemented through the xsi:type extension mechanism. The default and strongly recommended type is CourseOfActionType in the http://stix.mitre.org/CourseOfAction-1 namespace. This type is defined in the course_of_action.xsd file or at the URL http://stix.mitre.org/XMLSchema/course_of_action/1.0/course_of_action.xsd.
+							</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+				</xs:sequence>
+			</xs:extension>
+		</xs:complexContent>
+	</xs:complexType>
+	<xs:complexType name="RelatedExploitTargetType">
+		<xs:annotation>
+			<xs:documentation>Identifies or characterizes a relationship to an exploit target.</xs:documentation>
+		</xs:annotation>
+		<xs:complexContent>
+			<xs:extension base="stixCommon:GenericRelationshipType">
+				<xs:sequence>
+					<xs:element name="Exploit_Target" type="stixCommon:ExploitTargetBaseType" minOccurs="1">
+						<xs:annotation>
+							<xs:documentation>
+								A reference to or representation of the related exploit target.
+
+								This field is implemented through the xsi:type extension mechanism. The default and strongly recommended type is ExploitTargetType in the http://stix.mitre.org/ExploitTarget-1 namespace. This type is defined in the exploit_target.xsd file or at the URL http://stix.mitre.org/XMLSchema/exploit_target/1.0/exploit_target.xsd.
+							</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+				</xs:sequence>
+			</xs:extension>
+		</xs:complexContent>
+	</xs:complexType>
+	<xs:complexType name="RelatedIncidentType">
+		<xs:annotation>
+			<xs:documentation>Identifies or characterizes a relationship to an incident.</xs:documentation>
+		</xs:annotation>
+		<xs:complexContent>
+			<xs:extension base="stixCommon:GenericRelationshipType">
+				<xs:sequence>
+					<xs:element name="Incident" type="stixCommon:IncidentBaseType" minOccurs="1">
+						<xs:annotation>
+							<xs:documentation>
+								A reference to or representation of the related incident.
+
+								This field is implemented through the xsi:type extension mechanism. The default and strongly recommended type is IncidentType in the http://stix.mitre.org/Incident-1 namespace. This type is defined in the incident.xsd file or at the URL http://stix.mitre.org/XMLSchema/incident/1.0/incident.xsd.
+							</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+				</xs:sequence>
+			</xs:extension>
+		</xs:complexContent>
+	</xs:complexType>
+	<xs:complexType name="RelatedIndicatorType">
+		<xs:annotation>
+			<xs:documentation>Identifies or characterizes a relationship to an indicator.</xs:documentation>
+		</xs:annotation>
+		<xs:complexContent>
+			<xs:extension base="stixCommon:GenericRelationshipType">
+				<xs:sequence>
+					<xs:element name="Indicator" type="stixCommon:IndicatorBaseType" minOccurs="1">
+						<xs:annotation>
+							<xs:documentation>
+								A reference to or representation of the related indicator.
+
+								This field is implemented through the xsi:type extension mechanism. The default and strongly recommended type is IndicatorType in the http://stix.mitre.org/Indicator-2 namespace. This type is defined in the indicator.xsd file or at the URL http://stix.mitre.org/XMLSchema/indicator/2.0/indicator.xsd.
+							</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+				</xs:sequence>
+			</xs:extension>
+		</xs:complexContent>
+	</xs:complexType>
+	<xs:complexType name="RelatedObservableType">
+		<xs:annotation>
+			<xs:documentation>Identifies or characterizes a relationship to a cyber observable.</xs:documentation>
+		</xs:annotation>
+		<xs:complexContent>
+			<xs:extension base="stixCommon:GenericRelationshipType">
+				<xs:sequence>
+					<xs:element name="Observable" type="cybox:ObservableType" minOccurs="1">
+						<xs:annotation>
+							<xs:documentation>A reference to or representation of the related cyber observable.</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+				</xs:sequence>
+			</xs:extension>
+		</xs:complexContent>
+	</xs:complexType>
+	<xs:complexType name="RelatedThreatActorType">
+		<xs:annotation>
+			<xs:documentation>Identifies or characterizes a relationship to a threat actor.</xs:documentation>
+		</xs:annotation>
+		<xs:complexContent>
+			<xs:extension base="stixCommon:GenericRelationshipType">
+				<xs:sequence>
+					<xs:element name="Threat_Actor" type="stixCommon:ThreatActorBaseType" minOccurs="1">
+						<xs:annotation>
+							<xs:documentation>
+								A reference or representation of the related threat actor.
+
+								This field is implemented through the xsi:type extension mechanism. The default and strongly recommended type is ThreatActorType in the http://stix.mitre.org/ThreatActor-1 namespace. This type is defined in the threat_actor.xsd file or at the URL http://stix.mitre.org/XMLSchema/threat_actor/1.0/threat_actor.xsd.
+							</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+				</xs:sequence>
+			</xs:extension>
+		</xs:complexContent>
+	</xs:complexType>
+	<xs:complexType name="RelatedTTPType">
+		<xs:annotation>
+			<xs:documentation>Identifies or characterizes a relationship to an TTP.</xs:documentation>
+		</xs:annotation>
+		<xs:complexContent>
+			<xs:extension base="stixCommon:GenericRelationshipType">
+				<xs:sequence>
+					<xs:element name="TTP" type="stixCommon:TTPBaseType" minOccurs="1">
+						<xs:annotation>
+							<xs:documentation>
+								A reference to or representation of the related TTP.
+
+								This field is implemented through the xsi:type extension mechanism. The default and strongly recommended type is TTPType in the http://stix.mitre.org/TTP-1 namespace. This type is defined in the ttp.xsd file or at the URL http://stix.mitre.org/XMLSchema/ttp/1.0/ttp.xsd.
+							</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+				</xs:sequence>
+			</xs:extension>
+		</xs:complexContent>
+	</xs:complexType>
+	<xs:complexType name="RelatedIdentityType">
+		<xs:annotation>
+			<xs:documentation>Identifies or characterizes a relationship to an Identity.</xs:documentation>
+		</xs:annotation>
+		<xs:complexContent>
+			<xs:extension base="stixCommon:GenericRelationshipType">
+				<xs:sequence>
+					<xs:element name="Identity" type="stixCommon:IdentityType" minOccurs="1">
+						<xs:annotation>
+							<xs:documentation>
+								A reference to or representation of the related Identity.
+
+								This field is implemented through the xsi:type extension mechanism. The default type is CIQIdentity3.0InstanceType in the http://stix.mitre.org/extensions/Identity#CIQIdentity3.0-1 namespace. This type is defined in the extensions/identity/ciq_identity_3.0.xsd file or at the URL http://stix.mitre.org/XMLSchema/extensions/identity/ciq_identity_3.0/1.0/ciq_identity_3.0.xsd.
+							</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+				</xs:sequence>
+			</xs:extension>
+		</xs:complexContent>
+	</xs:complexType>
+	<!-- End of relationships -->
+	<!---->
+	<!--The following are a set of base, stub types defined for the decoupling of the different STIX component schemas. Each individual component schema type is defined as an extension of the relevant base type defined here. Inline usages of the main component structures will leverage these base types and instance content can simply include that structured content with the appropriate xsi:type reference. Alternatively, instances can use the base types themselves to reference using the @idref attribute -->
+	<xs:complexType name="IndicatorBaseType">
+		<xs:annotation>
+			<xs:documentation>
+				This type represents the STIX Indicator component. It is extended using the XML Schema Extension feature by the STIX Indicator type itself. Users of this type who wish to express a full indicator using STIX must do so using the xsi:type extension feature. The STIX-defined Indicator type is IndicatorType in the http://stix.mitre.org/Indicator-1 namespace. This type is defined in the indicator.xsd file or at the URL http://stix.mitre.org/XMLSchema/indicator/1.2/indicator.xsd.
+
+				Alternatively, uses that require simply specifying an idref as a reference to an indicator defined elsewhere can do so without specifying an xsi:type.
+			</xs:documentation>
+		</xs:annotation>
+		<xs:attribute name="id" type="xs:QName" use="optional">
+			<xs:annotation>
+				<xs:documentation>Specifies a unique ID for this Indicator.</xs:documentation>
+			</xs:annotation>
+		</xs:attribute>
+		<xs:attribute name="idref" type="xs:QName">
+			<xs:annotation>
+				<xs:documentation>Specifies a reference to the ID of an Indicator specified elsewhere.</xs:documentation>
+			</xs:annotation>
+		</xs:attribute>
+	</xs:complexType>
+	<xs:complexType name="IncidentBaseType">
+		<xs:annotation>
+			<xs:documentation>
+				This type represents the STIX Incident component. It is extended using the XML Schema Extension feature by the STIX Incident type itself. Users of this type who wish to express a full incident using STIX must do so using the xsi:type extension feature. The STIX-defined Incident type is IncidentType in the http://stix.mitre.org/Incident-1 namespace. This type is defined in the incident.xsd file or at the URL http://stix.mitre.org/XMLSchema/incident/1.0/incident.xsd.
+
+				Alternatively, uses that require simply specifying an idref as a reference to an incident defined elsewhere can do so without specifying an xsi:type.
+			</xs:documentation>
+		</xs:annotation>
+		<xs:attribute name="id" type="xs:QName">
+			<xs:annotation>
+				<xs:documentation>Specifies a globally unique identifier for this cyber threat Incident.</xs:documentation>
+			</xs:annotation>
+		</xs:attribute>
+		<xs:attribute name="idref" type="xs:QName">
+			<xs:annotation>
+				<xs:documentation>Specifies a globally unique identifier for a cyber threat Incident specified elsewhere.</xs:documentation>
+			</xs:annotation>
+		</xs:attribute>
+	</xs:complexType>
+	<xs:complexType name="TTPBaseType">
+		<xs:annotation>
+			<xs:documentation>
+				This type represents the STIX TTP component. It is extended using the XML Schema Extension feature by the STIX TTP type itself. Users of this type who wish to express a full TTP using STIX must do so using the xsi:type extension feature. The STIX-defined TTP type is TTPType in the http://stix.mitre.org/TTP-1 namespace. This type is defined in the ttp.xsd file or at the URL http://stix.mitre.org/XMLSchema/ttp/1.0/ttp.xsd.
+
+				Alternatively, uses that require simply specifying an idref as a reference to a TTP defined elsewhere can do so without specifying an xsi:type.
+			</xs:documentation>
+		</xs:annotation>
+		<xs:attribute name="id" type="xs:QName">
+			<xs:annotation>
+				<xs:documentation>Specifies a globally unique identifier for this TTP item. </xs:documentation>
+			</xs:annotation>
+		</xs:attribute>
+		<xs:attribute name="idref" type="xs:QName">
+			<xs:annotation>
+				<xs:documentation>Specifies a globally unique identifier of a TTP item specified elsewhere.</xs:documentation>
+			</xs:annotation>
+		</xs:attribute>
+	</xs:complexType>
+	<xs:complexType name="ExploitTargetBaseType">
+		<xs:annotation>
+			<xs:documentation>
+				This type represents the STIX Exploit Target component. It is extended using the XML Schema Extension feature by the STIX Exploit Target type itself. Users of this type who wish to express a full exploit target using STIX must do so using the xsi:type extension feature. The STIX-defined Exploit Target type is ExploitTargetType in the http://stix.mitre.org/ExploitTarget-1 namespace. This type is defined in the exploit_target.xsd file or at the URL http://stix.mitre.org/XMLSchema/exploit_target/1.0/exploit_target.xsd.
+
+				Alternatively, uses that require simply specifying an idref as a reference to an exploit target defined elsewhere can do so without specifying an xsi:type.
+			</xs:documentation>
+		</xs:annotation>
+		<xs:attribute name="id" type="xs:QName">
+			<xs:annotation>
+				<xs:documentation>Specifies a globally unique identifier for this ExploitTarget. </xs:documentation>
+			</xs:annotation>
+		</xs:attribute>
+		<xs:attribute name="idref" type="xs:QName">
+			<xs:annotation>
+				<xs:documentation>Specifies a globally unique identifier of an ExploitTarget specified elsewhere.</xs:documentation>
+			</xs:annotation>
+		</xs:attribute>
+	</xs:complexType>
+	<xs:complexType name="CourseOfActionBaseType">
+		<xs:annotation>
+			<xs:documentation>
+				This type represents the STIX Course of Action component. It is extended using the XML Schema Extension feature by the STIX Course of Action type itself. Users of this type who wish to express a full course of action using STIX must do so using the xsi:type extension feature. The STIX-defined Course of Action type is CourseOfActionType in the http://stix.mitre.org/CourseOfAction-1 namespace. This type is defined in the course_of_action.xsd file or at the URL http://stix.mitre.org/XMLSchema/course_of_action/1.0/course_of_action.xsd.
+
+				Alternatively, uses that require simply specifying an idref as a reference to a course of action defined elsewhere can do so without specifying an xsi:type.
+			</xs:documentation>
+		</xs:annotation>
+		<xs:attribute name="id" type="xs:QName">
+			<xs:annotation>
+				<xs:documentation>Specifies a globally unique identifier for this COA. </xs:documentation>
+			</xs:annotation>
+		</xs:attribute>
+		<xs:attribute name="idref" type="xs:QName">
+			<xs:annotation>
+				<xs:documentation>Specifies a globally unique identifier of a COA specified elsewhere.</xs:documentation>
+			</xs:annotation>
+		</xs:attribute>
+	</xs:complexType>
+	<xs:complexType name="CampaignBaseType">
+		<xs:annotation>
+			<xs:documentation>
+				This type represents the STIX Campaign component. It is extended using the XML Schema Extension feature by the STIX Campaign type itself. Users of this type who wish to express a full campaign using STIX must do so using the xsi:type extension feature. The STIX-defined Campaign type is CampaignType in the http://stix.mitre.org/Campaign-1 namespace. This type is defined in the campaign.xsd file or at the URL http://stix.mitre.org/XMLSchema/campaign/1.0/campaign.xsd.
+
+				Alternatively, uses that require simply specifying an idref as a reference to a campaign defined elsewhere can do so without specifying an xsi:type.
+			</xs:documentation>
+		</xs:annotation>
+		<xs:attribute name="id" type="xs:QName">
+			<xs:annotation>
+				<xs:documentation>Specifies a globally unique identifier for this cyber threat Campaign.</xs:documentation>
+			</xs:annotation>
+		</xs:attribute>
+		<xs:attribute name="idref" type="xs:QName">
+			<xs:annotation>
+				<xs:documentation>Specifies a globally unique identifier for a cyber threat Campaign specified elsewhere.</xs:documentation>
+			</xs:annotation>
+		</xs:attribute>
+	</xs:complexType>
+	<xs:complexType name="ThreatActorBaseType">
+		<xs:annotation>
+			<xs:documentation>
+				This type represents the STIX Threat Actor component. It is extended using the XML Schema Extension feature by the STIX Threat Actor type itself. Users of this type who wish to express a full threat actor using STIX must do so using the xsi:type extension feature. The STIX-defined Threat Actor type is ThreatActorType in the http://stix.mitre.org/ThreatActor-1 namespace. This type is defined in the threat_actor.xsd file or at the URL http://stix.mitre.org/XMLSchema/threat_actor/1.0/threat_actor.xsd.
+
+				Alternatively, uses that require simply specifying an idref as a reference to a threat actor defined elsewhere can do so without specifying an xsi:type.
+			</xs:documentation>
+		</xs:annotation>
+		<xs:attribute name="id" type="xs:QName">
+			<xs:annotation>
+				<xs:documentation>Specifies a globally unique identifier for this ThreatActor. </xs:documentation>
+			</xs:annotation>
+		</xs:attribute>
+		<xs:attribute name="idref" type="xs:QName">
+			<xs:annotation>
+				<xs:documentation>Specifies a globally unique identifier of a ThreatActor specified elsewhere.</xs:documentation>
+			</xs:annotation>
+		</xs:attribute>
+	</xs:complexType>
+	<!-- End of component base types -->
+	<xs:complexType name="ExploitTargetsType">
+		<xs:sequence>
+			<xs:element name="Exploit_Target" type="stixCommon:ExploitTargetBaseType" minOccurs="0" maxOccurs="unbounded">
+				<xs:annotation>
+					<xs:documentation>
+						The Exploit_Target field characterizes a potential vulnerability, weakness or configuration target for exploitation.
+
+						This field is implemented through the xsi:type extension mechanism. The default and strongly recommended type is ExploitTargetType in the http://stix.mitre.org/ExploitTarget-1 namespace. This type is defined in the exploit_target.xsd file or at the URL http://stix.mitre.org/XMLSchema/exploit_target/1.0/exploit_target.xsd.
+					</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+		</xs:sequence>
+	</xs:complexType>
+	<xs:complexType name="AddressAbstractType" abstract="true">
+		<xs:annotation>
+			<xs:documentation>
+				The AddressAbstractType is used to express geographic address information.
+				
+				This type is intended to be extended through the xsi:type mechanism. The default type is CIQAddress3.0InstanceType in the http://stix.mitre.org/extensions/Address#CIQAddress3.0-1 namespace. This type is defined in the extensions/identity/ciq_address_3.0.xsd file or at the URL http://stix.mitre.org/XMLSchema/extensions/address/ciq_address_3.0/1.0/ciq_address_3.0.xsd.	
+			</xs:documentation>
+		</xs:annotation>
+	</xs:complexType>
+	<xs:complexType name="ContributorsType">
+		<xs:sequence>
+			<xs:element name="Contributor" type="stixCommon:IdentityType" minOccurs="0" maxOccurs="unbounded">
+				<xs:annotation>
+					<xs:documentation>
+						This field contains information describing the identity, resources and timing of involvement for a single contributor.
+
+						This field is implemented through the xsi:type extension mechanism. The default type is CIQIdentity3.0InstanceType in the http://stix.mitre.org/extensions/Identity#CIQIdentity3.0-1 namespace. This type is defined in the extensions/identity/ciq_identity.xsd file or at the URL http://stix.mitre.org/XMLSchema/extensions/identity/ciq_identity/1.0/ciq_identity.xsd.
+				
+						Those who wish to express a simple name may also do so by not specifying an xsi:type and using the Name field.
+					</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+		</xs:sequence>
+	</xs:complexType>
+	<xs:complexType name="ReferencesType">
+		<xs:sequence>
+			<xs:element name="Reference" type="xs:anyURI" maxOccurs="unbounded">
+				<xs:annotation>
+					<xs:documentation>The Reference field is optional and enables specification of a reference to an information source material.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+		</xs:sequence>
+	</xs:complexType>
+	<xs:complexType name="RelatedIdentitiesType">
+		<xs:sequence>
+			<xs:element name="Related_Identity" type="stixCommon:RelatedIdentityType" maxOccurs="unbounded">
+				<xs:annotation>
+					<xs:documentation>The Related_Identity field identifies a single other entity Identity related to this entity Identity.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+		</xs:sequence>
+	</xs:complexType>
+	<xs:complexType name="ConfidenceAssertionChainType">
+		<xs:sequence>
+			<xs:element name="Confidence_Assertion" type="stixCommon:ConfidenceType" maxOccurs="unbounded">
+				<xs:annotation>
+					<xs:documentation>The Confidence_Assertion field specifies a related confidence level in this assertion along with who made it, when it was made and how it was made.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+		</xs:sequence>
+	</xs:complexType>
+	<xs:complexType name="StatementType">
+		<xs:annotation>
+			<xs:documentation>
+				StatementType allows the expression of a statement with an associated value, description, source, confidence, and timestamp.
+			</xs:documentation>
+		</xs:annotation>
+		<xs:sequence>
+			<xs:element name="Value" type="stixCommon:ControlledVocabularyStringType" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>
+						Specifies a value characterizing the statement within some vocabulary.
+					
+						This field is implemented through the xsi:type controlled vocabulary extension mechanism. The default vocabulary may be provided by the field using this construct. If that's the case, the schema annotations on that element will describe which vocabulary to use. If not, the default vocabulary is HighMediumLowVocab-1.0 in the http://stix.mitre.org/default_vocabularies-1 namespace. This type is defined in the stix_default_vocabularies.xsd file or at the URL http://stix.mitre.org/XMLSchema/default_vocabularies/1.0.0/stix_default_vocabularies.xsd .
+
+						Users may also define their own vocabulary using the type extension mechanism, specify a vocabulary name and reference using the attributes, or simply use this as a string field.
+					</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="Description" type="stixCommon:StructuredTextType" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>Specifies a prose description of the statement.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="Source" type="stixCommon:ControlledVocabularyStringType" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>
+						The Source field captures the source of this statement. An optional vocabulary name and reference allows the expression of the source name in some given vocabulary context.
+					
+						This field is implemented through the xsi:type controlled vocabulary extension mechanism. No default vocabulary type has been defined for STIX 1.0. Users may either define their own vocabulary using the type extension mechanism, specify a vocabulary name and reference using the attributes, or simply use this as a free string field.					
+					</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="Confidence" type="stixCommon:ConfidenceType" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>The Confidence field characterizes the level of confidence held in the statement.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+		</xs:sequence>
+		<xs:attribute name="timestamp" type="xs:dateTime">
+			<xs:annotation>
+				<xs:documentation>Specifies the time this statement was asserted.</xs:documentation>
+			</xs:annotation>
+		</xs:attribute>
+	</xs:complexType>
+	<xs:complexType name="StructuredTextType">
+		<xs:annotation>
+			<xs:documentation>The StructuredTextType is a type representing a generalized structure for capturing structured or unstructured textual information such as descriptions of things. It mirrors a similar type in CybOX 2.0</xs:documentation>
+		</xs:annotation>
+		<xs:simpleContent>
+			<xs:extension base="xs:string">
+				<xs:attribute name="structuring_format" type="xs:string" use="optional">
+					<xs:annotation>
+						<xs:documentation>Used to indicate a particular structuring format (e.g., HTML5) used within an instance of StructuredTextType. Note that if the markup tags used by this format would be interpreted as XML information (such as the bracket-based tags of HTML) the text area should be enclosed in a CDATA section to prevent the markup from interferring with XML validation of the CybOX document. If this attribute is absent, the implication is that no markup is being used.</xs:documentation>
+					</xs:annotation>
+				</xs:attribute>
+			</xs:extension>
+		</xs:simpleContent>
+	</xs:complexType>
+	<xs:complexType name="EncodedCDATAType">
+		<xs:annotation>
+			<xs:documentation>
+				This type is used to represent data in an XML CDATA block. Data in a CDATA block may either be represented as-is or, in cases where it may contain characters that are not valid in CDATA, it may be encoded in Base64 per RFC4648. Data encoded in Base64 must be denoted as such using the encoded attribute.
+			</xs:documentation>
+		</xs:annotation>
+		<xs:simpleContent>
+			<xs:extension base="xs:string">
+				<xs:attribute name="encoded" type="xs:boolean" default="false">
+					<xs:annotation>
+						<xs:documentation>If true, specifies that the content encoded in the element is encoded using Base64 per RFC4648.</xs:documentation>
+					</xs:annotation>
+				</xs:attribute>
+			</xs:extension>
+		</xs:simpleContent>
+	</xs:complexType>
+	<xs:complexType name="ControlledVocabularyStringType">
+		<xs:annotation>
+			<xs:documentation>The ControlledVocabularyStringType is used as the basis for defining controlled vocabularies.</xs:documentation>
+		</xs:annotation>
+		<xs:simpleContent>
+			<xs:extension base="xs:anySimpleType">
+				<xs:attribute name="vocab_name" type="xs:string" use="optional">
+					<xs:annotation>
+						<xs:documentation>The vocab_name field specifies the name of the controlled vocabulary.</xs:documentation>
+					</xs:annotation>
+				</xs:attribute>
+				<xs:attribute name="vocab_reference" type="xs:anyURI" use="optional">
+					<xs:annotation>
+						<xs:documentation>The vocab_reference field specifies the URI to the location of where the controlled vocabulary is defined, e.g., in an externally located XML schema file.</xs:documentation>
+					</xs:annotation>
+				</xs:attribute>
+			</xs:extension>
+		</xs:simpleContent>
+	</xs:complexType>
+</xs:schema>
diff --git a/stix_validator/schema/stix_core.xsd b/stix_validator/schema/stix_core.xsd
new file mode 100755
index 0000000..46ed679
--- /dev/null
+++ b/stix_validator/schema/stix_core.xsd
@@ -0,0 +1,217 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<xs:schema xmlns:xs="http://www.w3.org/2001/XMLSchema" xmlns:cybox="http://cybox.mitre.org/cybox-2" xmlns:stix="http://stix.mitre.org/stix-1" xmlns:marking="http://data-marking.mitre.org/Marking-1" xmlns:stixCommon="http://stix.mitre.org/common-1" targetNamespace="http://stix.mitre.org/stix-1" elementFormDefault="qualified" attributeFormDefault="unqualified" version="1.0" xml:lang="English">
+	<xs:annotation>
+		<xs:documentation>This schema was originally developed by The MITRE Corporation. The STIX XML Schema implementation is maintained by The MITRE Corporation and developed by the open STIX Community. For more information, including how to get involved in the effort and how to submit change requests, please visit the STIX website at http://stix.mitre.org. </xs:documentation>
+		<xs:appinfo>
+			<version>1.0</version>
+			<date>04/08/2013 9:00:00 AM</date>
+			<short_description>Structured Threat Information eXpression (STIX) - Schematic implementation for a structured cyber threat expression language architecture.</short_description>
+			<terms_of_use>Copyright (c) 2012-2013, The MITRE Corporation. All rights reserved. The contents of this file are subject to the terms of the STIX License located at http://stix.mitre.org/about/termsofuse.html. See the STIX License for the specific language governing permissions and limitations for use of this schema. When distributing copies of the STIX Schema, this license header must be included. </terms_of_use>
+		</xs:appinfo>
+	</xs:annotation>
+	<xs:import namespace="http://stix.mitre.org/common-1" schemaLocation="stix_common.xsd"/>
+	<xs:import namespace="http://cybox.mitre.org/cybox-2" schemaLocation="cybox/cybox_core.xsd"/>
+	<xs:import namespace="http://data-marking.mitre.org/Marking-1" schemaLocation="data_marking.xsd"/>
+	<xs:element name="STIX_Package" type="stix:STIXType">
+		<xs:annotation>
+			<xs:documentation>The STIX_Package field contains a bundle of information characterized in the Structured Threat Information eXpression (STIX) language.</xs:documentation>
+		</xs:annotation>
+	</xs:element>
+	<xs:complexType name="STIXType">
+		<xs:annotation>
+			<xs:documentation>STIXType defines a bundle of information characterized in the Structured Threat Information eXpression (STIX) language.</xs:documentation>
+		</xs:annotation>
+		<xs:sequence>
+			<xs:element name="STIX_Header" type="stix:STIXHeaderType" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>The STIX_Header field provides information characterizing this package of STIX content.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="Observables" type="cybox:ObservablesType" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>Characterizes one or more cyber observables.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="Indicators" type="stix:IndicatorsType" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>Characterizes one or more cyber threat Indicators.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="TTPs" type="stix:TTPsType" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>Characterizes one or more cyber threat adversary Tactics, Techniques or Procedures.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="Exploit_Targets" type="stixCommon:ExploitTargetsType" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>Characterizes one or more potential targets for exploitation.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="Incidents" type="stix:IncidentsType" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>Characterizes one or more cyber threat Incidents.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="Courses_Of_Action" type="stix:CoursesOfActionType" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>Characterizes Courses of Action to be taken in regards to one of more cyber threats.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="Campaigns" type="stix:CampaignsType" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>Characterizes one or more cyber threat Campaigns.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="Threat_Actors" type="stix:ThreatActorsType" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>Characterizes one or more cyber Threat Actors.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+		</xs:sequence>
+		<xs:attribute name="id" type="xs:QName">
+			<xs:annotation>
+				<xs:documentation>Specifies a globally unique identifier for this STIX Package. </xs:documentation>
+			</xs:annotation>
+		</xs:attribute>
+		<xs:attribute name="idref" type="xs:QName">
+			<xs:annotation>
+				<xs:documentation>Specifies a globally unique identifier of a STIX Package specified elsewhere.</xs:documentation>
+			</xs:annotation>
+		</xs:attribute>
+		<xs:attribute name="version" type="stix:STIXPackageVersionEnum" default="1.0">
+			<xs:annotation>
+				<xs:documentation>Specifies the relevant STIX schema version for this content.</xs:documentation>
+			</xs:annotation>
+		</xs:attribute>
+	</xs:complexType>
+	<xs:simpleType name="STIXPackageVersionEnum">
+		<xs:annotation>
+			<xs:documentation>An enumeration of all versions of STIX package types valid in the current release of STIX.</xs:documentation>
+		</xs:annotation>
+		<xs:restriction base="xs:string">
+			<xs:enumeration value="1.0"/>
+		</xs:restriction>
+	</xs:simpleType>
+	<xs:complexType name="STIXHeaderType">
+		<xs:annotation>
+			<xs:documentation>The STIXHeaderType provides a structure for characterizing a package of STIX content.</xs:documentation>
+		</xs:annotation>
+		<xs:sequence>
+			<xs:element name="Title" type="xs:string" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>The Title field provides a simple title for this STIX Package.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="Package_Intent" type="stixCommon:ControlledVocabularyStringType" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>
+						The Package_Intent field characterizes the intended purpose or use for this package of STIX content.
+					
+						This field is implemented through the xsi:type controlled vocabulary extension mechanism. The default vocabulary type is PackageIntentVocab-1.0 in the http://stix.mitre.org/default_vocabularies-1 namespace. This type is defined in the stix_default_vocabularies.xsd file or at the URL http://stix.mitre.org/XMLSchema/default_vocabularies/1.0.0/stix_default_vocabularies.xsd .
+
+						Users may also define their own vocabulary using the type extension mechanism, specify a vocabulary name and reference using the attributes, or simply use this as a string field.
+					</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="Description" type="stixCommon:StructuredTextType" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>The Description field provides a description of this package of STIX content.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="Handling" type="marking:MarkingType" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>Specifies the relevant handling guidance for this STIX_Package. The valid marking scope is the nearest STIXPackageType ancestor of this Handling element and all its descendants.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="Information_Source" type="stixCommon:InformationSourceType" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>The Information_Source field details the source of this entry, including time information as well as information about the producer, contributors, tools, and references.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+		</xs:sequence>
+	</xs:complexType>
+	<!---->
+	<xs:complexType name="IndicatorsType">
+		<xs:sequence>
+			<xs:element name="Indicator" type="stixCommon:IndicatorBaseType" maxOccurs="unbounded">
+				<xs:annotation>
+					<xs:documentation>
+						Characterizes a single cyber threat Indicator.
+
+						This field is implemented through the xsi:type extension mechanism. The default and strongly recommended type is IndicatorType in the http://stix.mitre.org/Indicator-2 namespace. This type is defined in the indicator.xsd file or at the URL http://stix.mitre.org/XMLSchema/indicator/2.0/indicator.xsd.
+					</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+		</xs:sequence>
+	</xs:complexType>
+	<xs:complexType name="TTPsType">
+		<xs:sequence>
+			<xs:element name="TTP" type="stixCommon:TTPBaseType" minOccurs="0" maxOccurs="unbounded">
+				<xs:annotation>
+					<xs:documentation>
+						Characterizes a single cyber threat adversary Tactic, Technique or Procedure.
+
+						This field is implemented through the xsi:type extension mechanism. The default and strongly recommended type is TTPType in the http://stix.mitre.org/TTP-1 namespace. This type is defined in the ttp.xsd file or at the URL http://stix.mitre.org/XMLSchema/ttp/1.0/ttp.xsd.
+					</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="Kill_Chains" type="stixCommon:KillChainsType" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>The Kill_Chains field characterizes specific Kill Chain definitions for reference within specific TTP entries, Indicators and elsewhere.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+		</xs:sequence>
+	</xs:complexType>
+	<xs:complexType name="IncidentsType">
+		<xs:sequence>
+			<xs:element name="Incident" type="stixCommon:IncidentBaseType" maxOccurs="unbounded">
+				<xs:annotation>
+					<xs:documentation>
+						Identifies or characterizes a single cyber threat Incident.
+
+						This field is implemented through the xsi:type extension mechanism. The default and strongly recommended type is IncidentType in the http://stix.mitre.org/Incident-1 namespace. This type is defined in the incident.xsd file or at the URL http://stix.mitre.org/XMLSchema/incident/1.0/incident.xsd.
+					</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+		</xs:sequence>
+	</xs:complexType>
+	<xs:complexType name="CoursesOfActionType">
+		<xs:sequence>
+			<xs:element name="Course_Of_Action" type="stixCommon:CourseOfActionBaseType" maxOccurs="unbounded">
+				<xs:annotation>
+					<xs:documentation>
+						The Course_Of_Action field characterizes a Course of Action to be taken in regards to one of more cyber threats. 
+
+						This field is implemented through the xsi:type extension mechanism. The default and strongly recommended type is CourseOfActionType in the http://stix.mitre.org/CourseOfAction-1 namespace. This type is defined in the course_of_action.xsd file or at the URL http://stix.mitre.org/XMLSchema/course_of_action/1.0/course_of_action.xsd.
+					</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+		</xs:sequence>
+	</xs:complexType>
+	<xs:complexType name="CampaignsType">
+		<xs:sequence>
+			<xs:element name="Campaign" type="stixCommon:CampaignBaseType" maxOccurs="unbounded">
+				<xs:annotation>
+					<xs:documentation>
+						Characterizes a single cyber threat Campaign.
+
+						This field is implemented through the xsi:type extension mechanism. The default and strongly recommended type is CampaignType in the http://stix.mitre.org/Campaign-1 namespace. This type is defined in the campaign.xsd file or at the URL http://stix.mitre.org/XMLSchema/campaign/1.0/campaign.xsd.
+					</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+		</xs:sequence>
+	</xs:complexType>
+	<xs:complexType name="ThreatActorsType">
+		<xs:sequence>
+			<xs:element name="Threat_Actor" type="stixCommon:ThreatActorBaseType" maxOccurs="unbounded">
+				<xs:annotation>
+					<xs:documentation>
+						Characterizes a single cyber Threat Actor.
+
+						This field is implemented through the xsi:type extension mechanism. The default and strongly recommended type is ThreatActorType in the http://stix.mitre.org/ThreatActor-1 namespace. This type is defined in the threat_actor.xsd file or at the URL http://stix.mitre.org/XMLSchema/threat_actor/1.0/threat_actor.xsd.
+					</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+		</xs:sequence>
+	</xs:complexType>
+</xs:schema>
diff --git a/stix_validator/schema/stix_default_vocabularies.xsd b/stix_validator/schema/stix_default_vocabularies.xsd
new file mode 100755
index 0000000..513c905
--- /dev/null
+++ b/stix_validator/schema/stix_default_vocabularies.xsd
@@ -0,0 +1,1578 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<xs:schema xmlns:xs="http://www.w3.org/2001/XMLSchema" xmlns:stixVocabs="http://stix.mitre.org/default_vocabularies-1" xmlns:stixCommon="http://stix.mitre.org/common-1" targetNamespace="http://stix.mitre.org/default_vocabularies-1" elementFormDefault="qualified" version="1.0.0" xml:lang="English">
+	<xs:annotation>
+		<xs:documentation>This schema was originally developed by The MITRE Corporation. The STIX XML Schema implementation is maintained by The MITRE Corporation and developed by the open STIX Community. For more information, including how to get involved in the effort and how to submit change requests, please visit the STIX website at http://stix.mitre.org. </xs:documentation>
+		<xs:appinfo>
+			<schema>STIX Default Vocabularies</schema>
+			<version>1.0.0</version>
+			<date>04/08/2013 9:00:00 AM</date>
+			<short_description>Structured Threat Information eXpression (STIX) - Schematic implementation for controlled vocabularies used in the Structured Threat Information eXchange format.</short_description>
+			<terms_of_use>Copyright (c) 2012-2013, The MITRE Corporation. All rights reserved. The contents of this file are subject to the terms of the STIX License located at http://stix.mitre.org/about/termsofuse.html. See the STIX License for the specific language governing permissions and limitations for use of this schema. When distributing copies of the STIX Schema, this license header must be included. </terms_of_use>
+		</xs:appinfo>
+	</xs:annotation>
+	<xs:import namespace="http://stix.mitre.org/common-1" schemaLocation="stix_common.xsd"/>
+	<!-- Package Intent Vocabulary -->
+	<xs:complexType name="PackageIntentVocab-1.0">
+		<xs:annotation>
+			<xs:documentation>
+                The PackageIntentVocabType is the default STIX vocabulary for Package Intent.
+            
+                Note that this vocabulary is under development. Feedback is appreciated and should be sent to the STIX discussion list.
+            </xs:documentation>
+		</xs:annotation>
+		<xs:simpleContent>
+			<xs:restriction base="stixCommon:ControlledVocabularyStringType">
+				<xs:simpleType>
+					<xs:union memberTypes="stixVocabs:PackageIntentEnum-1.0"/>
+				</xs:simpleType>
+				<xs:attribute name="vocab_name" type="xs:string" use="optional" fixed="STIX Default Package Intent Vocabulary"/>
+				<xs:attribute name="vocab_reference" type="xs:anyURI" use="optional" fixed="http://stix.mitre.org/XMLSchema/default_vocabularies/1.0.0/stix_default_vocabularies.xsd#PackageIntentVocab-1.0"/>
+			</xs:restriction>
+		</xs:simpleContent>
+	</xs:complexType>
+	<xs:simpleType name="PackageIntentEnum-1.0">
+		<xs:annotation>
+			<xs:documentation>The default set of values to use for a package intent in STIX.</xs:documentation>
+			<xs:appinfo>
+				<version>1.0</version>
+			</xs:appinfo>
+		</xs:annotation>
+		<xs:restriction base="xs:string">
+			<xs:enumeration value="Collective Threat Intelligence">
+				<xs:annotation>
+					<xs:documentation>Package is intended to convey a broad characterization of a threat across multiple facets.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Threat Report">
+				<xs:annotation>
+					<xs:documentation>Package is intended to convey a broad characterization of a threat across multiple facets expressed as a cohesive report.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Indicators">
+				<xs:annotation>
+					<xs:documentation>Package is intended to convey mainly indicators.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Indicators - Phishing">
+				<xs:annotation>
+					<xs:documentation>Package is intended to convey mainly phishing indicators.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Indicators - Watchlist">
+				<xs:annotation>
+					<xs:documentation>Package is intended to convey mainly network watchlist indicators.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Indicators - Malware Artifacts">
+				<xs:annotation>
+					<xs:documentation>Package is intended to convey mainly malware artifact indicators.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Indicators - Network Activity">
+				<xs:annotation>
+					<xs:documentation>Package is intended to convey mainly network activity indicators.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Indicators - Endpoint Characteristics">
+				<xs:annotation>
+					<xs:documentation>Package is intended to convey mainly endpoint characteristics (hashes, registry values, installed software, known vulnerabilities, etc.) indicators.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Campaign Characterization">
+				<xs:annotation>
+					<xs:documentation>Package is intended to convey mainly a characterization of one or more campaigns.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Threat Actor Characterization">
+				<xs:annotation>
+					<xs:documentation>Package is intended to convey mainly a characterization of one or more threat actors.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Exploit Characterization">
+				<xs:annotation>
+					<xs:documentation>Package is intended to convey mainly a characterization of one or more exploits.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Attack Pattern Characterization">
+				<xs:annotation>
+					<xs:documentation>Package is intended to convey mainly a characterization of one or more attack patterns.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Malware Characterization">
+				<xs:annotation>
+					<xs:documentation>Package is intended to convey mainly a characterization of one or more malware instances.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="TTP - Infrastructure">
+				<xs:annotation>
+					<xs:documentation>Package is intended to convey mainly a characterization of attacker infrastructure.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="TTP - Tools">
+				<xs:annotation>
+					<xs:documentation>Package is intended to convey mainly a characterization of attacker tools.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Courses of Action">
+				<xs:annotation>
+					<xs:documentation>Package is intended to convey mainly a set of courses of action.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Incident">
+				<xs:annotation>
+					<xs:documentation>Package is intended to convey mainly information about one or more incidents.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Observations">
+				<xs:annotation>
+					<xs:documentation>Package is intended to convey mainly information about instantial observations (cyber observables).</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Observations - Email">
+				<xs:annotation>
+					<xs:documentation>Package is intended to convey mainly information about instantial email observations (email cyber observables).</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Malware Samples">
+				<xs:annotation>
+					<xs:documentation>Package is intended to convey a set of malware samples.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+		</xs:restriction>
+	</xs:simpleType>
+	<!-- Confidence Vocabulary -->
+	<xs:complexType name="HighMediumLowVocab-1.0">
+		<xs:annotation>
+			<xs:documentation>The HighMediumLowVocabType is the default STIX vocabulary for expressing basic values that may be high, medium, low, none, or unknown.</xs:documentation>
+		</xs:annotation>
+		<xs:simpleContent>
+			<xs:restriction base="stixCommon:ControlledVocabularyStringType">
+				<xs:simpleType>
+					<xs:union memberTypes="stixVocabs:HighMediumLowEnum-1.0"/>
+				</xs:simpleType>
+				<xs:attribute name="vocab_name" type="xs:string" use="optional" fixed="STIX Default High/Medium/Low Vocabulary"/>
+				<xs:attribute name="vocab_reference" type="xs:anyURI" use="optional" fixed="http://stix.mitre.org/XMLSchema/default_vocabularies/1.0.0/stix_default_vocabularies.xsd#HighMediumLowVocab-1.0"/>
+			</xs:restriction>
+		</xs:simpleContent>
+	</xs:complexType>
+	<xs:simpleType name="HighMediumLowEnum-1.0">
+		<xs:annotation>
+			<xs:documentation>The default set of values to use for expressing a high/medium/low statement in STIX.</xs:documentation>
+			<xs:appinfo>
+				<version>1.0</version>
+			</xs:appinfo>
+		</xs:annotation>
+		<xs:restriction base="xs:string">
+			<xs:enumeration value="High"/>
+			<xs:enumeration value="Medium"/>
+			<xs:enumeration value="Low"/>
+			<xs:enumeration value="None"/>
+			<xs:enumeration value="Unknown"/>
+		</xs:restriction>
+	</xs:simpleType>
+	<!-- Malware Type Vocabulary -->
+	<xs:complexType name="MalwareTypeVocab-1.0">
+		<xs:annotation>
+			<xs:documentation>
+				The MalwareTypeVocabType is the default STIX vocabulary for expressing types of malware instances.
+			
+                Note that this vocabulary is under development. Feedback is appreciated and should be sent to the STIX discussion list.</xs:documentation>
+		</xs:annotation>
+		<xs:simpleContent>
+			<xs:restriction base="stixCommon:ControlledVocabularyStringType">
+				<xs:simpleType>
+					<xs:union memberTypes="stixVocabs:MalwareTypeEnum-1.0"/>
+				</xs:simpleType>
+				<xs:attribute name="vocab_name" type="xs:string" use="optional" fixed="STIX Default Malware Type Vocabulary"/>
+				<xs:attribute name="vocab_reference" type="xs:anyURI" use="optional" fixed="http://stix.mitre.org/XMLSchema/default_vocabularies/1.0.0/stix_default_vocabularies.xsd#MalwareTypeVocab-1.0"/>
+			</xs:restriction>
+		</xs:simpleContent>
+	</xs:complexType>
+	<xs:simpleType name="MalwareTypeEnum-1.0">
+		<xs:annotation>
+			<xs:documentation>
+                The default set of malware types to use for characterizing a malware instance in STIX.
+            </xs:documentation>
+			<xs:appinfo>
+				<version>1.0</version>
+				<source>The initial version of this enumeration was contributed by iSight Partners, Inc. and is used with their permission.</source>
+			</xs:appinfo>
+		</xs:annotation>
+		<xs:restriction base="xs:string">
+			<xs:enumeration value="Automated Transfer Scripts"/>
+			<xs:enumeration value="Adware"/>
+			<xs:enumeration value="Dialer"/>
+			<xs:enumeration value="Bot"/>
+			<xs:enumeration value="Bot - Credential Theft"/>
+			<xs:enumeration value="Bot - DDoS"/>
+			<xs:enumeration value="Bot - Loader"/>
+			<xs:enumeration value="Bot - Spam"/>
+			<xs:enumeration value="DoS / DDoS"/>
+			<xs:enumeration value="DoS / DDoS - Participatory"/>
+			<xs:enumeration value="DoS / DDoS - Script"/>
+			<xs:enumeration value="DoS / DDoS - Stress Test Tools"/>
+			<xs:enumeration value="Exploit Kits"/>
+			<xs:enumeration value="POS / ATM Malware"/>
+			<xs:enumeration value="Ransomware"/>
+			<xs:enumeration value="Remote Access Trojan"/>
+			<xs:enumeration value="Rogue Antivirus"/>
+			<xs:enumeration value="Rootkit"/>
+		</xs:restriction>
+	</xs:simpleType>
+	<!-- Indicator Type Vocabulary -->
+	<xs:complexType name="IndicatorTypeVocab-1.0">
+		<xs:annotation>
+			<xs:documentation>
+                The IndicatorTypeVocabType is the default STIX vocabulary for expressing indicator types.
+            
+                Note that this vocabulary is under development. Feedback is appreciated and should be sent to the STIX discussion list.
+            </xs:documentation>
+		</xs:annotation>
+		<xs:simpleContent>
+			<xs:restriction base="stixCommon:ControlledVocabularyStringType">
+				<xs:simpleType>
+					<xs:union memberTypes="stixVocabs:IndicatorTypeEnum-1.0"/>
+				</xs:simpleType>
+				<xs:attribute name="vocab_name" type="xs:string" use="optional" fixed="STIX Default Indicator Type Vocabulary"/>
+				<xs:attribute name="vocab_reference" type="xs:anyURI" use="optional" fixed="http://stix.mitre.org/XMLSchema/default_vocabularies/1.0.0/stix_default_vocabularies.xsd#IndicatorTypeVocab-1.0"/>
+			</xs:restriction>
+		</xs:simpleContent>
+	</xs:complexType>
+	<xs:simpleType name="IndicatorTypeEnum-1.0">
+		<xs:annotation>
+			<xs:documentation>The default set of Indicator types to use for characterizing Indicators in STIX.</xs:documentation>
+			<xs:appinfo>
+				<version>1.0</version>
+			</xs:appinfo>
+		</xs:annotation>
+		<xs:restriction base="xs:string">
+			<xs:enumeration value="Malicious E-mail">
+				<xs:annotation>
+					<xs:documentation>Indicator describes suspected malicious e-mail (phishing, spear phishing, infected, etc.).</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="IP Watchlist">
+				<xs:annotation>
+					<xs:documentation>Indicator describes a set of suspected malicious IP addresses or IP blocks.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="File Hash Watchlist">
+				<xs:annotation>
+					<xs:documentation>Indicator describes a set of hashes for suspected malicious files.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Domain Watchlist">
+				<xs:annotation>
+					<xs:documentation>Indicator describes a set of suspected malicious domains.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="URL Watchlist">
+				<xs:annotation>
+					<xs:documentation>Indicator describes a set of suspected malicious URLS.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Malware Artifacts">
+				<xs:annotation>
+					<xs:documentation>Indicator describes the effects of suspected malware.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="C2">
+				<xs:annotation>
+					<xs:documentation>Indicator describes suspected command and control activity or static indications.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Anonymization">
+				<xs:annotation>
+					<xs:documentation>Indicator describes suspected anonymization techniques (Proxy, TOR, VPN, etc.).</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Exfiltration">
+				<xs:annotation>
+					<xs:documentation>Indicator describes suspected exfiltration techniques or behavior.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Host Characteristics">
+				<xs:annotation>
+					<xs:documentation>Indicator describes suspected malicious host characteristics.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+		</xs:restriction>
+	</xs:simpleType>
+	<!-- COA Stage Vocabulary -->
+	<xs:complexType name="COAStageVocab-1.0">
+		<xs:annotation>
+			<xs:documentation>The COAStageVocabType is the default STIX vocabulary for expressing the stages of the threat management lifecycle that a COA is applicable to.</xs:documentation>
+		</xs:annotation>
+		<xs:simpleContent>
+			<xs:restriction base="stixCommon:ControlledVocabularyStringType">
+				<xs:simpleType>
+					<xs:union memberTypes="stixVocabs:COAStageEnum-1.0"/>
+				</xs:simpleType>
+				<xs:attribute name="vocab_name" type="xs:string" use="optional" fixed="STIX Default COA Stages Vocabulary"/>
+				<xs:attribute name="vocab_reference" type="xs:anyURI" use="optional" fixed="http://stix.mitre.org/XMLSchema/default_vocabularies/1.0.0/stix_default_vocabularies.xsd#COAStageVocab-1.0"/>
+			</xs:restriction>
+		</xs:simpleContent>
+	</xs:complexType>
+	<xs:simpleType name="COAStageEnum-1.0">
+		<xs:annotation>
+			<xs:documentation>The default set of stages of the threat management lifecycle that a COA may be applicable to.</xs:documentation>
+			<xs:appinfo>
+				<version>1.0</version>
+			</xs:appinfo>
+		</xs:annotation>
+		<xs:restriction base="xs:string">
+			<xs:enumeration value="Remedy">
+				<xs:annotation>
+					<xs:documentation>This COA is applicable to the "Remedy" stage of the threat management lifecycle, meaning it may be applied proactively to prevent future threats.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Response">
+				<xs:annotation>
+					<xs:documentation>This COA is applicable to the "Response" stage of the threat management lifecycle, meaning it may be applied as an immediate reaction to an ongoing threat.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+		</xs:restriction>
+	</xs:simpleType>
+	<!-- Campaign Status Vocabulary -->
+	<xs:complexType name="CampaignStatusVocab-1.0">
+		<xs:annotation>
+			<xs:documentation>The CampaignStatusVocabType is the default STIX vocabulary for expressing the status of a campaign.</xs:documentation>
+		</xs:annotation>
+		<xs:simpleContent>
+			<xs:restriction base="stixCommon:ControlledVocabularyStringType">
+				<xs:simpleType>
+					<xs:union memberTypes="stixVocabs:CampaignStatusEnum-1.0"/>
+				</xs:simpleType>
+				<xs:attribute name="vocab_name" type="xs:string" use="optional" fixed="STIX Default Campaign Status Vocabulary"/>
+				<xs:attribute name="vocab_reference" type="xs:anyURI" use="optional" fixed="http://stix.mitre.org/XMLSchema/default_vocabularies/1.0.0/stix_default_vocabularies.xsd#CampaignStatusVocab-1.0"/>
+			</xs:restriction>
+		</xs:simpleContent>
+	</xs:complexType>
+	<xs:simpleType name="CampaignStatusEnum-1.0">
+		<xs:annotation>
+			<xs:documentation>The default list of possible statuses that a campaign might have.</xs:documentation>
+			<xs:appinfo>
+				<version>1.0</version>
+			</xs:appinfo>
+		</xs:annotation>
+		<xs:restriction base="xs:string">
+			<xs:enumeration value="Ongoing">
+				<xs:annotation>
+					<xs:documentation>This campaign is currently taking place.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Historic">
+				<xs:annotation>
+					<xs:documentation>This campaign occurred in the past and is currently not taking place.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Future">
+				<xs:annotation>
+					<xs:documentation>This campaign is expected to take place in the future.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+		</xs:restriction>
+	</xs:simpleType>
+	<!-- Incident Status Vocabulary -->
+	<xs:complexType name="IncidentStatusVocab-1.0">
+		<xs:annotation>
+			<xs:documentation>The IncidentStatusVocabType is the default STIX vocabulary for expressing the status of an incident.</xs:documentation>
+		</xs:annotation>
+		<xs:simpleContent>
+			<xs:restriction base="stixCommon:ControlledVocabularyStringType">
+				<xs:simpleType>
+					<xs:union memberTypes="stixVocabs:IncidentStatusEnum-1.0"/>
+				</xs:simpleType>
+				<xs:attribute name="vocab_name" type="xs:string" use="optional" fixed="STIX Default Incident Status Vocabulary"/>
+				<xs:attribute name="vocab_reference" type="xs:anyURI" use="optional" fixed="http://stix.mitre.org/XMLSchema/default_vocabularies/1.0.0/stix_default_vocabularies.xsd#IncidentStatusVocab-1.0"/>
+			</xs:restriction>
+		</xs:simpleContent>
+	</xs:complexType>
+	<xs:simpleType name="IncidentStatusEnum-1.0">
+		<xs:annotation>
+			<xs:documentation>The default list of possible statuses that an incident might have.</xs:documentation>
+			<xs:appinfo>
+				<version>1.0</version>
+			</xs:appinfo>
+		</xs:annotation>
+		<xs:restriction base="xs:string">
+			<xs:enumeration value="New"/>
+			<xs:enumeration value="Open"/>
+			<xs:enumeration value="Stalled"/>
+			<xs:enumeration value="Containment Achieved"/>
+			<xs:enumeration value="Restoration Achieved"/>
+			<xs:enumeration value="Incident Reported"/>
+			<xs:enumeration value="Closed"/>
+			<xs:enumeration value="Rejected"/>
+			<xs:enumeration value="Deleted"/>
+		</xs:restriction>
+	</xs:simpleType>
+	<!-- Enumerations from VERIS -->
+	<!-- Security Compromise Vocabulary -->
+	<xs:complexType name="SecurityCompromiseVocab-1.0">
+		<xs:annotation>
+			<xs:documentation>The SecurityCompromiseVocabType is the default STIX vocabulary for expressing whether or not an incident resulted in a security compromise.</xs:documentation>
+		</xs:annotation>
+		<xs:simpleContent>
+			<xs:restriction base="stixCommon:ControlledVocabularyStringType">
+				<xs:simpleType>
+					<xs:union memberTypes="stixVocabs:SecurityCompromiseEnum-1.0"/>
+				</xs:simpleType>
+				<xs:attribute name="vocab_name" type="xs:string" use="optional" fixed="STIX Default Security Compromise Vocabulary"/>
+				<xs:attribute name="vocab_reference" type="xs:anyURI" use="optional" fixed="http://stix.mitre.org/XMLSchema/default_vocabularies/1.0.0/stix_default_vocabularies.xsd#SecurityCompromiseVocab-1.0"/>
+			</xs:restriction>
+		</xs:simpleContent>
+	</xs:complexType>
+	<xs:simpleType name="SecurityCompromiseEnum-1.0">
+		<xs:annotation>
+			<xs:documentation>
+                The possible values for expressing whether an incident resulted in a security compromise.
+            </xs:documentation>
+			<xs:appinfo>
+				<version>1.0</version>
+				<source>This vocabulary is a part of the VERIS framework and is used with their permission.</source>
+			</xs:appinfo>
+		</xs:annotation>
+		<xs:restriction base="xs:string">
+			<xs:enumeration value="Yes">
+				<xs:annotation>
+					<xs:documentation>It has been confirmed that this incident resulted in a security compromise.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Suspected">
+				<xs:annotation>
+					<xs:documentation>It is suspected that this incident resulted in a security compromise.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="No">
+				<xs:annotation>
+					<xs:documentation>It has been confirmed that this incident did not result in a security compromise.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Unknown">
+				<xs:annotation>
+					<xs:documentation>It is not known whether this incident resulted in a security compromise.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+		</xs:restriction>
+	</xs:simpleType>
+	<!-- Discovery Method Vocabulary -->
+	<xs:complexType name="DiscoveryMethodVocab-1.0">
+		<xs:annotation>
+			<xs:documentation>The DiscoveryMethodVocabType is the default STIX vocabulary for expressing how an incident was discovered.</xs:documentation>
+		</xs:annotation>
+		<xs:simpleContent>
+			<xs:restriction base="stixCommon:ControlledVocabularyStringType">
+				<xs:simpleType>
+					<xs:union memberTypes="stixVocabs:DiscoveryMethodEnum-1.0"/>
+				</xs:simpleType>
+				<xs:attribute name="vocab_name" type="xs:string" use="optional" fixed="STIX Default Discovery Method Vocabulary"/>
+				<xs:attribute name="vocab_reference" type="xs:anyURI" use="optional" fixed="http://stix.mitre.org/XMLSchema/default_vocabularies/1.0.0/stix_default_vocabularies.xsd#DiscoveryMethodVocab-1.0"/>
+			</xs:restriction>
+		</xs:simpleContent>
+	</xs:complexType>
+	<xs:simpleType name="DiscoveryMethodEnum-1.0">
+		<xs:annotation>
+			<xs:documentation>
+                The possible values for expressing how an incident was discovered.
+            </xs:documentation>
+			<xs:appinfo>
+				<version>1.0</version>
+				<source>This vocabulary is a part of the VERIS framework and is used with their permission.</source>
+			</xs:appinfo>
+		</xs:annotation>
+		<xs:restriction base="xs:string">
+			<xs:enumeration value="Agent Disclosure">
+				<xs:annotation>
+					<xs:documentation>This incident was disclosed by the threat agent (e.g. public brag, private blackmail).</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Fraud Detection">
+				<xs:annotation>
+					<xs:documentation>This incident was discovered through external fraud detection means (e.g. CPP).</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Monitoring Service">
+				<xs:annotation>
+					<xs:documentation>This incident was reported by a managed security event monitoring service.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Law Enforcement">
+				<xs:annotation>
+					<xs:documentation>This incident was reported by law enforcement.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Customer">
+				<xs:annotation>
+					<xs:documentation>This incident was reported by a customer or partner affected by the incident.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Unrelated Party">
+				<xs:annotation>
+					<xs:documentation>This incident was reported by an unrelated third party.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Audit">
+				<xs:annotation>
+					<xs:documentation>This incident was discovered during an external security audit or scan.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Antivirus">
+				<xs:annotation>
+					<xs:documentation>This incident was discovered by an antivirus system.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Incident Response">
+				<xs:annotation>
+					<xs:documentation>This incident was discovered in the course of investigating a separate incident.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Financial Audit">
+				<xs:annotation>
+					<xs:documentation>This incident was discovered in the course of a financial audit and/or reconciliation process.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Fraud Detection">
+				<xs:annotation>
+					<xs:documentation>This incident was discovered through internal fraud detection means.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="HIPS">
+				<xs:annotation>
+					<xs:documentation>This incident was discovered a host-based IDS or file integrity monitoring.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="IT Audit">
+				<xs:annotation>
+					<xs:documentation>This incident was discovered by an internal IT audit or scan.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Log Review">
+				<xs:annotation>
+					<xs:documentation>This incident was discovered during a log review process or by a SIEM.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="NIDS">
+				<xs:annotation>
+					<xs:documentation>This incident was discovered by a network-based intrustion detection/prevention system.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Security Alarm">
+				<xs:annotation>
+					<xs:documentation>This incident was discovered by a physical security alarm.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="User">
+				<xs:annotation>
+					<xs:documentation>This incident was reported by a user.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Unknown">
+				<xs:annotation>
+					<xs:documentation>It is not known how this incident was discovered.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+		</xs:restriction>
+	</xs:simpleType>
+	<!-- Availability Loss Type Vocabulary -->
+	<xs:complexType name="AvailabilityLossTypeVocab-1.0">
+		<xs:annotation>
+			<xs:documentation>The AvailabilityLossTypeVocabType is the default STIX vocabulary for expressing the type of availability that was lost due to an incident.</xs:documentation>
+		</xs:annotation>
+		<xs:simpleContent>
+			<xs:restriction base="stixCommon:ControlledVocabularyStringType">
+				<xs:simpleType>
+					<xs:union memberTypes="stixVocabs:AvailabilityLossTypeEnum-1.0"/>
+				</xs:simpleType>
+				<xs:attribute name="vocab_name" type="xs:string" use="optional" fixed="STIX Default Availability Loss Type Vocabulary"/>
+				<xs:attribute name="vocab_reference" type="xs:anyURI" use="optional" fixed="http://stix.mitre.org/XMLSchema/default_vocabularies/1.0.0/stix_default_vocabularies.xsd#AvailabilityLossTypeVocab-1.0"/>
+			</xs:restriction>
+		</xs:simpleContent>
+	</xs:complexType>
+	<xs:simpleType name="AvailabilityLossTypeEnum-1.0">
+		<xs:annotation>
+			<xs:documentation>
+                The possible values for expressing the type of availability that was lost due to an incident.
+            </xs:documentation>
+			<xs:appinfo>
+				<version>1.0</version>
+				<source>This vocabulary is a part of the VERIS framework and is used with their permission.</source>
+			</xs:appinfo>
+		</xs:annotation>
+		<xs:restriction base="xs:string">
+			<xs:enumeration value="Destruction">
+				<xs:annotation>
+					<xs:documentation>The information was destroyed or wiped.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Loss">
+				<xs:annotation>
+					<xs:documentation>Availability to the information was lost.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Interruption">
+				<xs:annotation>
+					<xs:documentation>Availability to the information was interrupted.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Degredation">
+				<xs:annotation>
+					<xs:documentation>Availability to the information was degraded.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Acceleration">
+				<xs:annotation>
+					<xs:documentation>Availability loss type is acceleration.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Obscuration">
+				<xs:annotation>
+					<xs:documentation>Availability to the information is obscured.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Unknown">
+				<xs:annotation>
+					<xs:documentation>The availability loss type is not known.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+		</xs:restriction>
+	</xs:simpleType>
+	<!-- Loss Duration Vocabulary -->
+	<xs:complexType name="LossDurationVocab-1.0">
+		<xs:annotation>
+			<xs:documentation>The LossDurationVocabType is the default STIX vocabulary for expressing the approximate length of time of a loss due to an incident.</xs:documentation>
+		</xs:annotation>
+		<xs:simpleContent>
+			<xs:restriction base="stixCommon:ControlledVocabularyStringType">
+				<xs:simpleType>
+					<xs:union memberTypes="stixVocabs:LossDurationEnum-1.0"/>
+				</xs:simpleType>
+				<xs:attribute name="vocab_name" type="xs:string" use="optional" fixed="STIX Default Loss Duration Vocabulary"/>
+				<xs:attribute name="vocab_reference" type="xs:anyURI" use="optional" fixed="http://stix.mitre.org/XMLSchema/default_vocabularies/1.0.0/stix_default_vocabularies.xsd#LossDurationVocab-1.0"/>
+			</xs:restriction>
+		</xs:simpleContent>
+	</xs:complexType>
+	<xs:simpleType name="LossDurationEnum-1.0">
+		<xs:annotation>
+			<xs:documentation>
+                The possible values for expressing the type of availability that was lost due to an incident.
+            </xs:documentation>
+			<xs:appinfo>
+				<version>1.0</version>
+			</xs:appinfo>
+		</xs:annotation>
+		<xs:restriction base="xs:string">
+			<xs:enumeration value="Permanent">
+				<xs:annotation>
+					<xs:documentation>The loss is permanent.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Weeks">
+				<xs:annotation>
+					<xs:documentation>The loss lasted for weeks.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Days">
+				<xs:annotation>
+					<xs:documentation>The loss lasted for days.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Hours">
+				<xs:annotation>
+					<xs:documentation>The loss lasted for hours.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Minutes">
+				<xs:annotation>
+					<xs:documentation>The loss lasted for minutes.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Seconds">
+				<xs:annotation>
+					<xs:documentation>The loss lasted for seconds.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Unknown">
+				<xs:annotation>
+					<xs:documentation>The loss duration is not known.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+		</xs:restriction>
+	</xs:simpleType>
+	<!-- Ownership Class Vocabulary -->
+	<xs:complexType name="OwnershipClassVocab-1.0">
+		<xs:annotation>
+			<xs:documentation>The OwnershipClassVocabType is the default STIX vocabulary for expressing the type of ownership of an asset.</xs:documentation>
+		</xs:annotation>
+		<xs:simpleContent>
+			<xs:restriction base="stixCommon:ControlledVocabularyStringType">
+				<xs:simpleType>
+					<xs:union memberTypes="stixVocabs:OwnershipClassEnum-1.0"/>
+				</xs:simpleType>
+				<xs:attribute name="vocab_name" type="xs:string" use="optional" fixed="STIX Default Ownership Class Vocabulary"/>
+				<xs:attribute name="vocab_reference" type="xs:anyURI" use="optional" fixed="http://stix.mitre.org/XMLSchema/default_vocabularies/1.0.0/stix_default_vocabularies.xsd#OwnershipClassVocab-1.0"/>
+			</xs:restriction>
+		</xs:simpleContent>
+	</xs:complexType>
+	<xs:simpleType name="OwnershipClassEnum-1.0">
+		<xs:annotation>
+			<xs:documentation>
+                The possible values for expressing the ownership class of an object.
+            </xs:documentation>
+			<xs:appinfo>
+				<version>1.0</version>
+			</xs:appinfo>
+		</xs:annotation>
+		<xs:restriction base="xs:string">
+			<xs:enumeration value="Internally-Owned">
+				<xs:annotation>
+					<xs:documentation>The asset is owned internally.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Employee-Owned">
+				<xs:annotation>
+					<xs:documentation>The asset is owned by an employee.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Partner-Owned">
+				<xs:annotation>
+					<xs:documentation>The asset is owned by a partner.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Customer-Owned">
+				<xs:annotation>
+					<xs:documentation>The asset is owned by a customer.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Unknown">
+				<xs:annotation>
+					<xs:documentation>The asset ownership class is unknown.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+		</xs:restriction>
+	</xs:simpleType>
+	<!-- Management Class Vocabulary -->
+	<xs:complexType name="ManagementClassVocab-1.0">
+		<xs:annotation>
+			<xs:documentation>The ManagementClassVocabType is the default STIX vocabulary for expressing the type of management of an asset.</xs:documentation>
+		</xs:annotation>
+		<xs:simpleContent>
+			<xs:restriction base="stixCommon:ControlledVocabularyStringType">
+				<xs:simpleType>
+					<xs:union memberTypes="stixVocabs:ManagementClassEnum-1.0"/>
+				</xs:simpleType>
+				<xs:attribute name="vocab_name" type="xs:string" use="optional" fixed="STIX Default Management Class Vocabulary"/>
+				<xs:attribute name="vocab_reference" type="xs:anyURI" use="optional" fixed="http://stix.mitre.org/XMLSchema/default_vocabularies/1.0.0/stix_default_vocabularies.xsd#ManagementClassVocab-1.0"/>
+			</xs:restriction>
+		</xs:simpleContent>
+	</xs:complexType>
+	<xs:simpleType name="ManagementClassEnum-1.0">
+		<xs:annotation>
+			<xs:documentation>
+                The possible values for expressing the management class of an object.
+            </xs:documentation>
+			<xs:appinfo>
+				<version>1.0</version>
+			</xs:appinfo>
+		</xs:annotation>
+		<xs:restriction base="xs:string">
+			<xs:enumeration value="Internally-Managed">
+				<xs:annotation>
+					<xs:documentation>The asset is managed internally.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Externally-Management">
+				<xs:annotation>
+					<xs:documentation>The asset is managed externally.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Co-Management">
+				<xs:annotation>
+					<xs:documentation>The asset is co-managed.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Unknown">
+				<xs:annotation>
+					<xs:documentation>The asset management class is unknown.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+		</xs:restriction>
+	</xs:simpleType>
+	<!-- Location Class Vocabulary -->
+	<xs:complexType name="LocationClassVocab-1.0">
+		<xs:annotation>
+			<xs:documentation>The LocationClassVocabType is the default STIX vocabulary for expressing the location of an asset.</xs:documentation>
+		</xs:annotation>
+		<xs:simpleContent>
+			<xs:restriction base="stixCommon:ControlledVocabularyStringType">
+				<xs:simpleType>
+					<xs:union memberTypes="stixVocabs:LocationClassEnum-1.0"/>
+				</xs:simpleType>
+				<xs:attribute name="vocab_name" type="xs:string" use="optional" fixed="STIX Default Location Class Vocabulary"/>
+				<xs:attribute name="vocab_reference" type="xs:anyURI" use="optional" fixed="http://stix.mitre.org/XMLSchema/default_vocabularies/1.0.0/stix_default_vocabularies.xsd#LocationClassVocab-1.0"/>
+			</xs:restriction>
+		</xs:simpleContent>
+	</xs:complexType>
+	<xs:simpleType name="LocationClassEnum-1.0">
+		<xs:annotation>
+			<xs:documentation>
+                The possible values for expressing the location class of an object.
+            </xs:documentation>
+			<xs:appinfo>
+				<version>1.0</version>
+			</xs:appinfo>
+		</xs:annotation>
+		<xs:restriction base="xs:string">
+			<xs:enumeration value="Internally-Located">
+				<xs:annotation>
+					<xs:documentation>The asset is located internally.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Externally-Located">
+				<xs:annotation>
+					<xs:documentation>The asset is located externally.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Co-Located">
+				<xs:annotation>
+					<xs:documentation>The asset is co-located.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Mobile">
+				<xs:annotation>
+					<xs:documentation>The asset is mobile.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Unknown">
+				<xs:annotation>
+					<xs:documentation>The asset location is unknown.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+		</xs:restriction>
+	</xs:simpleType>
+	<!-- Impact Qualification Vocabulary -->
+	<xs:complexType name="ImpactQualificationVocab-1.0">
+		<xs:annotation>
+			<xs:documentation>The ImpactQualificationVocabType is the default STIX vocabulary for expressing the subjective level of impact of an incident.</xs:documentation>
+		</xs:annotation>
+		<xs:simpleContent>
+			<xs:restriction base="stixCommon:ControlledVocabularyStringType">
+				<xs:simpleType>
+					<xs:union memberTypes="stixVocabs:ImpactQualificationEnum-1.0"/>
+				</xs:simpleType>
+				<xs:attribute name="vocab_name" type="xs:string" use="optional" fixed="STIX Default Impact Qualification Vocabulary"/>
+				<xs:attribute name="vocab_reference" type="xs:anyURI" use="optional" fixed="http://stix.mitre.org/XMLSchema/default_vocabularies/1.0.0/stix_default_vocabularies.xsd#ImpactQualificationVocab-1.0"/>
+			</xs:restriction>
+		</xs:simpleContent>
+	</xs:complexType>
+	<xs:simpleType name="ImpactQualificationEnum-1.0">
+		<xs:annotation>
+			<xs:documentation>
+                The possible values for expressing the impact level of an incident.
+            </xs:documentation>
+			<xs:appinfo>
+				<version>1.0</version>
+				<source>This vocabulary is a part of the VERIS framework and is used with their permission.</source>
+			</xs:appinfo>
+		</xs:annotation>
+		<xs:restriction base="xs:string">
+			<xs:enumeration value="Insignificant">
+				<xs:annotation>
+					<xs:documentation>The impact is absorbed by normal activities.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Distracting">
+				<xs:annotation>
+					<xs:documentation>There are limited “hard costs”, but the impact is felt through having to deal with the incident rather than conducting normal duties.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Painful">
+				<xs:annotation>
+					<xs:documentation>Real, somewhat serious effect on the "bottom line".</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Damaging">
+				<xs:annotation>
+					<xs:documentation>Real and serious effect on the “bottom line” and/or long-term ability to generate revenue.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Catastrophic">
+				<xs:annotation>
+					<xs:documentation>A business-ending event.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Unknown">
+				<xs:annotation>
+					<xs:documentation>The impact qualification is unknown.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+		</xs:restriction>
+	</xs:simpleType>
+	<!-- Impact Rating Vocabulary -->
+	<xs:complexType name="ImpactRatingVocab-1.0">
+		<xs:annotation>
+			<xs:documentation>The ImpactRatingVocabType is the default STIX vocabulary for expressing the level of impact due to an incident.</xs:documentation>
+		</xs:annotation>
+		<xs:simpleContent>
+			<xs:restriction base="stixCommon:ControlledVocabularyStringType">
+				<xs:simpleType>
+					<xs:union memberTypes="stixVocabs:ImpactRatingEnum-1.0"/>
+				</xs:simpleType>
+				<xs:attribute name="vocab_name" type="xs:string" use="optional" fixed="STIX Default Impact Rating Vocabulary"/>
+				<xs:attribute name="vocab_reference" type="xs:anyURI" use="optional" fixed="http://stix.mitre.org/XMLSchema/default_vocabularies/1.0.0/stix_default_vocabularies.xsd#ImpactRatingVocab-1.0"/>
+			</xs:restriction>
+		</xs:simpleContent>
+	</xs:complexType>
+	<xs:simpleType name="ImpactRatingEnum-1.0">
+		<xs:annotation>
+			<xs:documentation>
+                The possible values for expressing the level of impact due to a loss.
+            </xs:documentation>
+			<xs:appinfo>
+				<version>1.0</version>
+				<source>This vocabulary is a part of the VERIS framework and is used with their permission.</source>
+			</xs:appinfo>
+		</xs:annotation>
+		<xs:restriction base="xs:string">
+			<xs:enumeration value="None">
+				<xs:annotation>
+					<xs:documentation>There was no impact.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Minor">
+				<xs:annotation>
+					<xs:documentation>There was a minor impact.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Moderate">
+				<xs:annotation>
+					<xs:documentation>There was a moderate impact.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Major">
+				<xs:annotation>
+					<xs:documentation>There was a major impact.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Unknown">
+				<xs:annotation>
+					<xs:documentation>The impact is not known.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+		</xs:restriction>
+	</xs:simpleType>
+	<!-- Asset Type Vocabulary -->
+	<xs:complexType name="AssetTypeVocab-1.0">
+		<xs:annotation>
+			<xs:documentation>The AssetTypeVocabType is the default STIX vocabulary for expressing the type of an asset.</xs:documentation>
+		</xs:annotation>
+		<xs:simpleContent>
+			<xs:restriction base="stixCommon:ControlledVocabularyStringType">
+				<xs:simpleType>
+					<xs:union memberTypes="stixVocabs:AssetTypeEnum-1.0"/>
+				</xs:simpleType>
+				<xs:attribute name="vocab_name" type="xs:string" use="optional" fixed="STIX Default Asset Type Vocabulary"/>
+				<xs:attribute name="vocab_reference" type="xs:anyURI" use="optional" fixed="http://stix.mitre.org/XMLSchema/default_vocabularies/1.0.0/stix_default_vocabularies.xsd#AssetTypeVocab-1.0"/>
+			</xs:restriction>
+		</xs:simpleContent>
+	</xs:complexType>
+	<xs:simpleType name="AssetTypeEnum-1.0">
+		<xs:annotation>
+			<xs:documentation>
+                The possible values for types of assets.
+            </xs:documentation>
+			<xs:appinfo>
+				<version>1.0</version>
+				<source>This vocabulary is a part of the VERIS framework and is used with their permission.</source>
+			</xs:appinfo>
+		</xs:annotation>
+		<xs:restriction base="xs:string">
+			<xs:enumeration value="Backup"/>
+			<xs:enumeration value="Database"/>
+			<xs:enumeration value="DHCP"/>
+			<xs:enumeration value="Directory"/>
+			<xs:enumeration value="DCS"/>
+			<xs:enumeration value="DNS"/>
+			<xs:enumeration value="File"/>
+			<xs:enumeration value="Log"/>
+			<xs:enumeration value="Mail"/>
+			<xs:enumeration value="Mainframe"/>
+			<xs:enumeration value="Payment switch"/>
+			<xs:enumeration value="POS controller"/>
+			<xs:enumeration value="Print"/>
+			<xs:enumeration value="Proxy"/>
+			<xs:enumeration value="Remote access"/>
+			<xs:enumeration value="SCADA"/>
+			<xs:enumeration value="Web application"/>
+			<xs:enumeration value="Server"/>
+			<xs:enumeration value="Access reader"/>
+			<xs:enumeration value="Camera"/>
+			<xs:enumeration value="Firewall"/>
+			<xs:enumeration value="HSM"/>
+			<xs:enumeration value="IDS"/>
+			<xs:enumeration value="Broadband"/>
+			<xs:enumeration value="PBX"/>
+			<xs:enumeration value="Private WAN"/>
+			<xs:enumeration value="PLC"/>
+			<xs:enumeration value="Public WAN"/>
+			<xs:enumeration value="RTU"/>
+			<xs:enumeration value="Router or switch"/>
+			<xs:enumeration value="SAN"/>
+			<xs:enumeration value="Telephone"/>
+			<xs:enumeration value="VoIP adapter"/>
+			<xs:enumeration value="LAN"/>
+			<xs:enumeration value="WLAN"/>
+			<xs:enumeration value="Network"/>
+			<xs:enumeration value="Auth token"/>
+			<xs:enumeration value="ATM"/>
+			<xs:enumeration value="Desktop"/>
+			<xs:enumeration value="PED pad"/>
+			<xs:enumeration value="Gas terminal"/>
+			<xs:enumeration value="Laptop"/>
+			<xs:enumeration value="Media"/>
+			<xs:enumeration value="Mobile phone"/>
+			<xs:enumeration value="Peripheral"/>
+			<xs:enumeration value="POS terminal"/>
+			<xs:enumeration value="Kiosk"/>
+			<xs:enumeration value="Tablet"/>
+			<xs:enumeration value="Telephone"/>
+			<xs:enumeration value="VoIP phone"/>
+			<xs:enumeration value="User Device"/>
+			<xs:enumeration value="Tapes"/>
+			<xs:enumeration value="Disk media"/>
+			<xs:enumeration value="Documents"/>
+			<xs:enumeration value="Flash drive"/>
+			<xs:enumeration value="Disk drive"/>
+			<xs:enumeration value="Smart card"/>
+			<xs:enumeration value="Payment card"/>
+			<xs:enumeration value="Media"/>
+			<xs:enumeration value="Administrator"/>
+			<xs:enumeration value="Auditor"/>
+			<xs:enumeration value="Call center"/>
+			<xs:enumeration value="Cashier"/>
+			<xs:enumeration value="Customer"/>
+			<xs:enumeration value="Developer"/>
+			<xs:enumeration value="End-user"/>
+			<xs:enumeration value="Executive"/>
+			<xs:enumeration value="Finance"/>
+			<xs:enumeration value="Former employee"/>
+			<xs:enumeration value="Guard"/>
+			<xs:enumeration value="Helpdesk"/>
+			<xs:enumeration value="Human resources"/>
+			<xs:enumeration value="Maintenance"/>
+			<xs:enumeration value="Manager"/>
+			<xs:enumeration value="Partner"/>
+			<xs:enumeration value="Person"/>
+			<xs:enumeration value="Unknown"/>
+		</xs:restriction>
+	</xs:simpleType>
+	<!-- Attacker Infrastructure Vocabulary -->
+	<xs:complexType name="AttackerInfrastructureTypeVocab-1.0">
+		<xs:annotation>
+			<xs:documentation>The AttackerInfrastructureTypeVocabType is the default STIX vocabulary for expressing the type of infrastructure an attacker uses.</xs:documentation>
+		</xs:annotation>
+		<xs:simpleContent>
+			<xs:restriction base="stixCommon:ControlledVocabularyStringType">
+				<xs:simpleType>
+					<xs:union memberTypes="stixVocabs:AttackerInfrastructureTypeEnum-1.0"/>
+				</xs:simpleType>
+				<xs:attribute name="vocab_name" type="xs:string" use="optional" fixed="STIX Default Attacker Infastructure Type Vocabulary"/>
+				<xs:attribute name="vocab_reference" type="xs:anyURI" use="optional" fixed="http://stix.mitre.org/XMLSchema/default_vocabularies/1.0.0/stix_default_vocabularies.xsd#AttackerInfrastructureTypeVocab-1.0"/>
+			</xs:restriction>
+		</xs:simpleContent>
+	</xs:complexType>
+	<xs:simpleType name="AttackerInfrastructureTypeEnum-1.0">
+		<xs:annotation>
+			<xs:documentation>
+                The possible values for types of attacker infrastructure.
+            </xs:documentation>
+			<xs:appinfo>
+				<version>1.0</version>
+				<source>The initial version of this enumeration was contributed by iSight Partners, Inc. and is used with their permission.</source>
+			</xs:appinfo>
+		</xs:annotation>
+		<xs:restriction base="xs:string">
+			<xs:enumeration value="Anonymization"/>
+			<xs:enumeration value="Anonymization - Proxy"/>
+			<xs:enumeration value="Anonymization - TOR Network"/>
+			<xs:enumeration value="Anonymization - VPN"/>
+			<xs:enumeration value="Communications"/>
+			<xs:enumeration value="Communications - Blogs"/>
+			<xs:enumeration value="Communications - Forums"/>
+			<xs:enumeration value="Communications - Internet Relay Chat"/>
+			<xs:enumeration value="Communications - Micro-Blogs"/>
+			<xs:enumeration value="Communications - Mobile Communications"/>
+			<xs:enumeration value="Communications - Social Networks"/>
+			<xs:enumeration value="Communications - User-Generated Content Websites"/>
+			<xs:enumeration value="Domain Registration"/>
+			<xs:enumeration value="Domain Registration - Dynamic DNS Services"/>
+			<xs:enumeration value="Domain Registration - Legitimate Domain Registration Services"/>
+			<xs:enumeration value="Domain Registration - Malicious Domain Registrars"/>
+			<xs:enumeration value="Domain Registration - Top-Level Domain Registrars"/>
+			<xs:enumeration value="Hosting"/>
+			<xs:enumeration value="Hosting - Bulletproof / Rogue Hosting"/>
+			<xs:enumeration value="Hosting - Cloud Hosting"/>
+			<xs:enumeration value="Hosting - Compromised Server"/>
+			<xs:enumeration value="Hosting - Fast Flux Botnet Hosting"/>
+			<xs:enumeration value="Hosting - Legitimate Hosting"/>
+			<xs:enumeration value="Electronic Payment Methods"/>
+		</xs:restriction>
+	</xs:simpleType>
+	<!-- System Type Vocabulary -->
+	<xs:complexType name="SystemTypeVocab-1.0">
+		<xs:annotation>
+			<xs:documentation>The SystemTypeVocabType is the default STIX vocabulary for expressing the type of a system.</xs:documentation>
+		</xs:annotation>
+		<xs:simpleContent>
+			<xs:restriction base="stixCommon:ControlledVocabularyStringType">
+				<xs:simpleType>
+					<xs:union memberTypes="stixVocabs:SystemTypeEnum-1.0"/>
+				</xs:simpleType>
+				<xs:attribute name="vocab_name" type="xs:string" use="optional" fixed="STIX Default System Type Vocabulary"/>
+				<xs:attribute name="vocab_reference" type="xs:anyURI" use="optional" fixed="http://stix.mitre.org/XMLSchema/default_vocabularies/1.0.0/stix_default_vocabularies.xsd#SystemTypeVocab-1.0"/>
+			</xs:restriction>
+		</xs:simpleContent>
+	</xs:complexType>
+	<xs:simpleType name="SystemTypeEnum-1.0">
+		<xs:annotation>
+			<xs:documentation>
+                The possible values for types of systems.
+            </xs:documentation>
+			<xs:appinfo>
+				<version>1.0</version>
+				<source>The initial version of this enumeration was contributed by iSight Partners, Inc. and is used with their permission.</source>
+			</xs:appinfo>
+		</xs:annotation>
+		<xs:restriction base="xs:string">
+			<xs:enumeration value="Enterprise Systems"/>
+			<xs:enumeration value="Enterprise Systems - Application Layer"/>
+			<xs:enumeration value="Enterprise Systems - Database Layer"/>
+			<xs:enumeration value="Enterprise Systems - Enterprise Technologies and Support Infrastructure"/>
+			<xs:enumeration value="Enterprise Systems - Network Systems"/>
+			<xs:enumeration value="Enterprise Systems - Networking Devices"/>
+			<xs:enumeration value="Enterprise Systems - Web Layer"/>
+			<xs:enumeration value="Enterprise Systems - VoIP"/>
+			<xs:enumeration value="Industrial Control Systems"/>
+			<xs:enumeration value="Industrial Control Systems - Equipment Under Control"/>
+			<xs:enumeration value="Industrial Control Systems - Operations Management"/>
+			<xs:enumeration value="Industrial Control Systems - Safety, Protection and Local Control"/>
+			<xs:enumeration value="Industrial Control Systems - Supervisory Control"/>
+			<xs:enumeration value="Mobile Systems"/>
+			<xs:enumeration value="Mobile Systems - Mobile Operating Systems"/>
+			<xs:enumeration value="Mobile Systems - Near Field Communications"/>
+			<xs:enumeration value="Mobile Systems - Mobile Devices"/>
+			<xs:enumeration value="Third-Party Services"/>
+			<xs:enumeration value="Third-Party Services - Application Stores"/>
+			<xs:enumeration value="Third-Party Services - Cloud Services"/>
+			<xs:enumeration value="Third-Party Services - Security Vendors"/>
+			<xs:enumeration value="Third-Party Services - Social Media"/>
+			<xs:enumeration value="Third-Party Services - Software Update"/>
+			<xs:enumeration value="Users"/>
+			<xs:enumeration value="Users - Application And Software"/>
+			<xs:enumeration value="Users - Workstation"/>
+			<xs:enumeration value="Users - Removable Media"/>
+		</xs:restriction>
+	</xs:simpleType>
+	<!-- Information Type Vocabulary -->
+	<xs:complexType name="InformationTypeVocab-1.0">
+		<xs:annotation>
+			<xs:documentation>The InformationTypeVocabType is the default STIX vocabulary for expressing the type of information.</xs:documentation>
+		</xs:annotation>
+		<xs:simpleContent>
+			<xs:restriction base="stixCommon:ControlledVocabularyStringType">
+				<xs:simpleType>
+					<xs:union memberTypes="stixVocabs:InformationTypeEnum-1.0"/>
+				</xs:simpleType>
+				<xs:attribute name="vocab_name" type="xs:string" use="optional" fixed="STIX Default Information Type Vocabulary"/>
+				<xs:attribute name="vocab_reference" type="xs:anyURI" use="optional" fixed="http://stix.mitre.org/XMLSchema/default_vocabularies/1.0.0/stix_default_vocabularies.xsd#InformationTypeVocab-1.0"/>
+			</xs:restriction>
+		</xs:simpleContent>
+	</xs:complexType>
+	<xs:simpleType name="InformationTypeEnum-1.0">
+		<xs:annotation>
+			<xs:documentation>
+                The possible values for types of information.
+            </xs:documentation>
+			<xs:appinfo>
+				<version>1.0</version>
+				<source>The initial version of this enumeration was contributed by iSight Partners, Inc. and is used with their permission.</source>
+			</xs:appinfo>
+		</xs:annotation>
+		<xs:restriction base="xs:string">
+			<xs:enumeration value="Information Assets"/>
+			<xs:enumeration value="Information Assets - Corporate Employee Information"/>
+			<xs:enumeration value="Information Assets - Customer PII"/>
+			<xs:enumeration value="Information Assets - Email Lists / Archives"/>
+			<xs:enumeration value="Information Assets - Financial Data"/>
+			<xs:enumeration value="Information Assets - Intellectual Property"/>
+			<xs:enumeration value="Information Assets - Mobile Phone Contacts"/>
+			<xs:enumeration value="Information Assets - User Credentials"/>
+			<xs:enumeration value="Authentication Cookies"/>
+		</xs:restriction>
+	</xs:simpleType>
+	<!-- Threat Actor Type Vocabulary -->
+	<xs:complexType name="ThreatActorTypeVocab-1.0">
+		<xs:annotation>
+			<xs:documentation>The ThreatActorTypeVocabType is the default STIX vocabulary for expressing the type of a threat actor.</xs:documentation>
+		</xs:annotation>
+		<xs:simpleContent>
+			<xs:restriction base="stixCommon:ControlledVocabularyStringType">
+				<xs:simpleType>
+					<xs:union memberTypes="stixVocabs:ThreatActorTypeEnum-1.0"/>
+				</xs:simpleType>
+				<xs:attribute name="vocab_name" type="xs:string" use="optional" fixed="STIX Default Threat Actor Type Vocabulary"/>
+				<xs:attribute name="vocab_reference" type="xs:anyURI" use="optional" fixed="http://stix.mitre.org/XMLSchema/default_vocabularies/1.0.0/stix_default_vocabularies.xsd#ThreatActorTypeVocab-1.0"/>
+			</xs:restriction>
+		</xs:simpleContent>
+	</xs:complexType>
+	<xs:simpleType name="ThreatActorTypeEnum-1.0">
+		<xs:annotation>
+			<xs:documentation>
+                The possible values for types of threat actors.
+            </xs:documentation>
+			<xs:appinfo>
+				<version>1.0</version>
+				<source>The initial version of this enumeration was contributed by iSight Partners, Inc. and is used with their permission.</source>
+			</xs:appinfo>
+		</xs:annotation>
+		<xs:restriction base="xs:string">
+			<xs:enumeration value="Cyber Espionage Operations"/>
+			<xs:enumeration value="Hacker"/>
+			<xs:enumeration value="Hacker - White hat"/>
+			<xs:enumeration value="Hacker - Gray hat"/>
+			<xs:enumeration value="Hacker - Black hat"/>
+			<xs:enumeration value="Hacktivist"/>
+			<xs:enumeration value="State Actor / Agency"/>
+			<xs:enumeration value="eCrime Actor - Credential Theft Botnet Operator"/>
+			<xs:enumeration value="eCrime Actor - Credential Theft Botnet Service"/>
+			<xs:enumeration value="eCrime Actor - Malware Developer"/>
+			<xs:enumeration value="eCrime Actor - Money Laundering Network"/>
+			<xs:enumeration value="eCrime Actor - Organized Crime Actor"/>
+			<xs:enumeration value="eCrime Actor - Spam Service"/>
+			<xs:enumeration value="eCrime Actor - Traffic Service"/>
+			<xs:enumeration value="eCrime Actor - Underground Call Service"/>
+			<xs:enumeration value="Insider Threat"/>
+			<xs:enumeration value="Disgruntled Customer / User"/>
+		</xs:restriction>
+	</xs:simpleType>
+	<!-- Motivation Vocabulary -->
+	<xs:complexType name="MotivationVocab-1.0">
+		<xs:annotation>
+			<xs:documentation>The MotivationVocabType is the default STIX vocabulary for expressing the motivation of a threat actor.</xs:documentation>
+		</xs:annotation>
+		<xs:simpleContent>
+			<xs:restriction base="stixCommon:ControlledVocabularyStringType">
+				<xs:simpleType>
+					<xs:union memberTypes="stixVocabs:MotivationEnum-1.0"/>
+				</xs:simpleType>
+				<xs:attribute name="vocab_name" type="xs:string" use="optional" fixed="STIX Default Motivation Vocabulary"/>
+				<xs:attribute name="vocab_reference" type="xs:anyURI" use="optional" fixed="http://stix.mitre.org/XMLSchema/default_vocabularies/1.0.0/stix_default_vocabularies.xsd#MotivationVocab-1.0"/>
+			</xs:restriction>
+		</xs:simpleContent>
+	</xs:complexType>
+	<xs:simpleType name="MotivationEnum-1.0">
+		<xs:annotation>
+			<xs:documentation>
+                The possible values for motivations of a threat actor.
+            </xs:documentation>
+			<xs:appinfo>
+				<version>1.0</version>
+				<source>The initial version of this enumeration was contributed by iSight Partners, Inc. and is used with their permission.</source>
+			</xs:appinfo>
+		</xs:annotation>
+		<xs:restriction base="xs:string">
+			<xs:enumeration value="Ideological"/>
+			<xs:enumeration value="Ideological - Anti-Corruption"/>
+			<xs:enumeration value="Ideological - Anti-Establisment"/>
+			<xs:enumeration value="Ideological - Environmental"/>
+			<xs:enumeration value="Ideological - Ethnic / Nationalist"/>
+			<xs:enumeration value="Ideological - Information Freedom"/>
+			<xs:enumeration value="Ideological - Religious"/>
+			<xs:enumeration value="Ideological - Security Awareness"/>
+			<xs:enumeration value="Ideological - Human Rights"/>
+			<xs:enumeration value="Ego"/>
+			<xs:enumeration value="Financial or Economic"/>
+			<xs:enumeration value="Military"/>
+			<xs:enumeration value="Opportunistic"/>
+			<xs:enumeration value="Policital"/>
+		</xs:restriction>
+	</xs:simpleType>
+	<!-- Intended Effect Vocabulary -->
+	<xs:complexType name="IntendedEffectVocab-1.0">
+		<xs:annotation>
+			<xs:documentation>The IntendedEffectVocabType is the default STIX vocabulary for expressing the intended effect of a threat actor.</xs:documentation>
+		</xs:annotation>
+		<xs:simpleContent>
+			<xs:restriction base="stixCommon:ControlledVocabularyStringType">
+				<xs:simpleType>
+					<xs:union memberTypes="stixVocabs:IntendedEffectEnum-1.0"/>
+				</xs:simpleType>
+				<xs:attribute name="vocab_name" type="xs:string" use="optional" fixed="STIX Default Intended Effect Vocabulary"/>
+				<xs:attribute name="vocab_reference" type="xs:anyURI" use="optional" fixed="http://stix.mitre.org/XMLSchema/default_vocabularies/1.0.0/stix_default_vocabularies.xsd#IntendedEffectVocab-1.0"/>
+			</xs:restriction>
+		</xs:simpleContent>
+	</xs:complexType>
+	<xs:simpleType name="IntendedEffectEnum-1.0">
+		<xs:annotation>
+			<xs:documentation>
+                The possible values for effects intended by a threat actor.
+            </xs:documentation>
+			<xs:appinfo>
+				<version>1.0</version>
+				<source>The initial version of this enumeration was contributed by iSight Partners, Inc. and is used with their permission.</source>
+			</xs:appinfo>
+		</xs:annotation>
+		<xs:restriction base="xs:string">
+			<xs:enumeration value="Advantage"/>
+			<xs:enumeration value="Advantage - Economic"/>
+			<xs:enumeration value="Advantage - Military"/>
+			<xs:enumeration value="Advantage - Political"/>
+			<xs:enumeration value="Theft"/>
+			<xs:enumeration value="Theft - Intellectual Property"/>
+			<xs:enumeration value="Theft - Credential Theft"/>
+			<xs:enumeration value="Theft - Identity Theft"/>
+			<xs:enumeration value="Theft - Theft of Proprietary Information"/>
+			<xs:enumeration value="Account Takeover"/>
+			<xs:enumeration value="Brand Damage"/>
+			<xs:enumeration value="Competitive Advantage"/>
+			<xs:enumeration value="Degradation of Service"/>
+			<xs:enumeration value="Denial and Deception"/>
+			<xs:enumeration value="Destruction"/>
+			<xs:enumeration value="Disruption"/>
+			<xs:enumeration value="Embarrassment"/>
+			<xs:enumeration value="Exposure"/>
+			<xs:enumeration value="Extortion"/>
+			<xs:enumeration value="Fraud"/>
+			<xs:enumeration value="Harassment"/>
+			<xs:enumeration value="ICS Control"/>
+			<xs:enumeration value="Traffic Diversion"/>
+			<xs:enumeration value="Unauthorized Access"/>
+		</xs:restriction>
+	</xs:simpleType>
+	<!-- Intended Effect Vocabulary -->
+	<xs:complexType name="PlanningAndOperationalSupportVocab-1.0">
+		<xs:annotation>
+			<xs:documentation>The PlanningAndOperationalSupportVocabType is the default STIX vocabulary for expressing the planning and operational support functions of a threat actor.</xs:documentation>
+		</xs:annotation>
+		<xs:simpleContent>
+			<xs:restriction base="stixCommon:ControlledVocabularyStringType">
+				<xs:simpleType>
+					<xs:union memberTypes="stixVocabs:PlanningAndOperationalSupportEnum-1.0"/>
+				</xs:simpleType>
+				<xs:attribute name="vocab_name" type="xs:string" use="optional" fixed="STIX Default Planning and Operational Support Vocabulary"/>
+				<xs:attribute name="vocab_reference" type="xs:anyURI" use="optional" fixed="http://stix.mitre.org/XMLSchema/default_vocabularies/1.0.0/stix_default_vocabularies.xsd#PlanningAndOperationalSupportVocab-1.0"/>
+			</xs:restriction>
+		</xs:simpleContent>
+	</xs:complexType>
+	<xs:simpleType name="PlanningAndOperationalSupportEnum-1.0">
+		<xs:annotation>
+			<xs:documentation>
+                The possible values for types of planning and operational support functions of a threat actor.
+            </xs:documentation>
+			<xs:appinfo>
+				<version>1.0</version>
+				<source>The initial version of this enumeration was contributed by iSight Partners, Inc. and is used with their permission.</source>
+			</xs:appinfo>
+		</xs:annotation>
+		<xs:restriction base="xs:string">
+			<xs:enumeration value="Data Exploitation"/>
+			<xs:enumeration value="Data Exploitation - Analytic Support"/>
+			<xs:enumeration value="Data Exploitation - Translation Support"/>
+			<xs:enumeration value="Financial Resources"/>
+			<xs:enumeration value="Financial Resources - Academic"/>
+			<xs:enumeration value="Financial Resources - Commercial"/>
+			<xs:enumeration value="Financial Resources - Government"/>
+			<xs:enumeration value="Financial Resources - Hacktivist or Grassroot"/>
+			<xs:enumeration value="Financial Resources - Non-Attributable Finance"/>
+			<xs:enumeration value="Skill Development / Recruitment"/>
+			<xs:enumeration value="Skill Development / Recruitment - Contracting and Hiring"/>
+			<xs:enumeration value="Skill Development / Recruitment - Document Exploitation (DOCEX) Training"/>
+			<xs:enumeration value="Skill Development / Recruitment - Internal Training"/>
+			<xs:enumeration value="Skill Development / Recruitment - Military Programs"/>
+			<xs:enumeration value="Skill Development / Recruitment - Security / Hacker Conferences"/>
+			<xs:enumeration value="Skill Development / Recruitment - Underground Forums"/>
+			<xs:enumeration value="Skill Development / Recruitment - University Programs"/>
+			<xs:enumeration value="Planning "/>
+			<xs:enumeration value="Planning - Operational Cover Plan"/>
+			<xs:enumeration value="Planning - Open-Source Intelligence (OSINT) Gethering"/>
+			<xs:enumeration value="Planning - Pre-Operational Surveillance and Reconnaissance"/>
+			<xs:enumeration value="Planning - Target Selection"/>
+		</xs:restriction>
+	</xs:simpleType>
+	<!-- Incident Effect Vocabulary -->
+	<xs:complexType name="IncidentEffectVocab-1.0">
+		<xs:annotation>
+			<xs:documentation>The IncidentEffectVocabType is the default STIX vocabulary for expressing the possible effects of an incident.</xs:documentation>
+		</xs:annotation>
+		<xs:simpleContent>
+			<xs:restriction base="stixCommon:ControlledVocabularyStringType">
+				<xs:simpleType>
+					<xs:union memberTypes="stixVocabs:IncidentEffectEnum-1.0"/>
+				</xs:simpleType>
+				<xs:attribute name="vocab_name" type="xs:string" use="optional" fixed="STIX Default Incident Effect Vocabulary"/>
+				<xs:attribute name="vocab_reference" type="xs:anyURI" use="optional" fixed="http://stix.mitre.org/XMLSchema/default_vocabularies/1.0.0/stix_default_vocabularies.xsd#IncidentEffectVocab-1.0"/>
+			</xs:restriction>
+		</xs:simpleContent>
+	</xs:complexType>
+	<xs:simpleType name="IncidentEffectEnum-1.0">
+		<xs:annotation>
+			<xs:documentation>
+                The possible values for types of possible effects of an incident.
+            </xs:documentation>
+			<xs:appinfo>
+				<version>1.0</version>
+				<source>The initial version of this enumeration was contributed by iSight Partners, Inc. and is used with their permission.</source>
+			</xs:appinfo>
+		</xs:annotation>
+		<xs:restriction base="xs:string">
+			<xs:enumeration value="Brand or Image Degradation"/>
+			<xs:enumeration value="Loss of Competitive Advantage"/>
+			<xs:enumeration value="Loss of Competitive Advantage - Economic"/>
+			<xs:enumeration value="Loss of Competitive Advantage - Military"/>
+			<xs:enumeration value="Loss of Competitive Advantage - Political"/>
+			<xs:enumeration value="Data Breach or Compromise"/>
+			<xs:enumeration value="Degradation of Service"/>
+			<xs:enumeration value="Destruction"/>
+			<xs:enumeration value="Disruption of Service / Operations"/>
+			<xs:enumeration value="Financial Loss"/>
+			<xs:enumeration value="Loss of Confidential / Proprietary Information or Intellectual Property"/>
+			<xs:enumeration value="Regulatory, Compliance or Legal Impact"/>
+			<xs:enumeration value="Unintended Access"/>
+			<xs:enumeration value="User Data Loss"/>
+		</xs:restriction>
+	</xs:simpleType>
+	<!-- Attacker Tool Type Vocabulary -->
+	<xs:complexType name="AttackerToolTypeVocab-1.0">
+		<xs:annotation>
+			<xs:documentation>
+				The AttackerToolTypeVocab-1.0 is the default STIX vocabulary for expressing types of attacker tools.
+				
+                Note that this vocabulary is under development. Feedback is appreciated and should be sent to the STIX discussion list.
+			</xs:documentation>
+		</xs:annotation>
+		<xs:simpleContent>
+			<xs:restriction base="stixCommon:ControlledVocabularyStringType">
+				<xs:simpleType>
+					<xs:union memberTypes="stixVocabs:AttackerToolTypeEnum-1.0"/>
+				</xs:simpleType>
+				<xs:attribute name="vocab_name" type="xs:string" use="optional" fixed="STIX Default Attacker Tool Type Vocabulary"/>
+				<xs:attribute name="vocab_reference" type="xs:anyURI" use="optional" fixed="http://stix.mitre.org/XMLSchema/default_vocabularies/1.0.0/stix_default_vocabularies.xsd#AttackerToolTypeVocab-1.0"/>
+			</xs:restriction>
+		</xs:simpleContent>
+	</xs:complexType>
+	<xs:simpleType name="AttackerToolTypeEnum-1.0">
+		<xs:annotation>
+			<xs:documentation>
+                The possible values for types of attacker tools.
+            </xs:documentation>
+			<xs:appinfo>
+				<version>1.0</version>
+				<source>The initial version of this enumeration was contributed by iSight Partners, Inc. and is used with their permission.</source>
+			</xs:appinfo>
+		</xs:annotation>
+		<xs:restriction base="xs:string">
+			<xs:enumeration value="Malware"/>
+			<xs:enumeration value="Penetration Testing"/>
+			<xs:enumeration value="Port Scanner"/>
+			<xs:enumeration value="Traffic Scanner"/>
+			<xs:enumeration value="Vulnerability Scanner"/>
+			<xs:enumeration value="Application Scanner"/>
+			<xs:enumeration value="Password Cracking"/>
+		</xs:restriction>
+	</xs:simpleType>
+	<!-- Incident Category Vocabulary -->
+	<xs:complexType name="IncidentCategoryVocab-1.0">
+		<xs:annotation>
+			<xs:documentation>The IncidentCategoryVocabType is the default STIX vocabulary for expressing the possible categories of an incident.</xs:documentation>
+		</xs:annotation>
+		<xs:simpleContent>
+			<xs:restriction base="stixCommon:ControlledVocabularyStringType">
+				<xs:simpleType>
+					<xs:union memberTypes="stixVocabs:IncidentCategoryEnum-1.0"/>
+				</xs:simpleType>
+				<xs:attribute name="vocab_name" type="xs:string" use="optional" fixed="STIX Default Incident Category Vocabulary"/>
+				<xs:attribute name="vocab_reference" type="xs:anyURI" use="optional" fixed="http://stix.mitre.org/XMLSchema/default_vocabularies/1.0.0/stix_default_vocabularies.xsd#IncidentCategoryVocab-1.0"/>
+			</xs:restriction>
+		</xs:simpleContent>
+	</xs:complexType>
+	<xs:simpleType name="IncidentCategoryEnum-1.0">
+		<xs:annotation>
+			<xs:documentation>
+                The possible values for types of possible categories of an incident.
+            </xs:documentation>
+			<xs:appinfo>
+				<version>1.0</version>
+				<source>This vocabulary is taken from the US-CERT Federal Incident Reporting Guidelines Incident Categories.</source>
+			</xs:appinfo>
+		</xs:annotation>
+		<xs:restriction base="xs:string">
+			<xs:enumeration value="Exercise/Network Defense Testing">
+				<xs:annotation>
+					<xs:documentation>This category is used during state, federal, national, international exercises and approved activity testing of internal/external network defenses or responses.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Unauthorized Access">
+				<xs:annotation>
+					<xs:documentation>In this category an individual gains logical or physical access without permission to a federal agency network, system, application, data, or other resource.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Denial of Service">
+				<xs:annotation>
+					<xs:documentation>An attack that successfully prevents or impairs the normal authorized functionality of networks, systems or applications by exhausting resources. This activity includes being the victim or participating in the DoS.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Malicious Code">
+				<xs:annotation>
+					<xs:documentation>Installation of malicious software (e.g., virus, worm, Trojan horse, or other code-based malicious entity) that infects an operating system or application. Agencies are NOT required to report malicious logic that has been successfully quarantined by antivirus (AV) software.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Improper Usage">
+				<xs:annotation>
+					<xs:documentation>A person violates acceptable computing use policies.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Scans/Probes/Attempted Access">
+				<xs:annotation>
+					<xs:documentation>This category includes any activity that seeks to access or identify a federal agency computer, open ports, protocols, service, or any combination for later exploit. This activity does not directly result in a compromise or denial of service.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+			<xs:enumeration value="Investigation">
+				<xs:annotation>
+					<xs:documentation>Unconfirmed incidents that are potentially malicious or anomalous activity deemed by the reporting entity to warrant further review.</xs:documentation>
+				</xs:annotation>
+			</xs:enumeration>
+		</xs:restriction>
+	</xs:simpleType>
+	<!-- Loss Property Vocabulary -->
+	<xs:complexType name="LossPropertyVocab-1.0">
+		<xs:annotation>
+			<xs:documentation>The LossPropertyVocabType is the default STIX vocabulary for expressing the possible properties of a loss.</xs:documentation>
+		</xs:annotation>
+		<xs:simpleContent>
+			<xs:restriction base="stixCommon:ControlledVocabularyStringType">
+				<xs:simpleType>
+					<xs:union memberTypes="stixVocabs:LossPropertyEnum-1.0"/>
+				</xs:simpleType>
+				<xs:attribute name="vocab_name" type="xs:string" use="optional" fixed="STIX Default Loss Property Vocabulary"/>
+				<xs:attribute name="vocab_reference" type="xs:anyURI" use="optional" fixed="http://stix.mitre.org/XMLSchema/default_vocabularies/1.0.0/stix_default_vocabularies.xsd#LossPropertyVocab-1.0"/>
+			</xs:restriction>
+		</xs:simpleContent>
+	</xs:complexType>
+	<xs:simpleType name="LossPropertyEnum-1.0">
+		<xs:annotation>
+			<xs:documentation>
+                The possible values for properties of a loss.
+            </xs:documentation>
+			<xs:appinfo>
+				<version>1.0</version>
+			</xs:appinfo>
+		</xs:annotation>
+		<xs:restriction base="xs:string">
+			<xs:enumeration value="Confidentiality"/>
+			<xs:enumeration value="Integrity"/>
+			<xs:enumeration value="Availability"/>
+			<xs:enumeration value="Accountability"/>
+			<xs:enumeration value="Non-Repudiation"/>
+		</xs:restriction>
+	</xs:simpleType>
+</xs:schema>
diff --git a/stix_validator/schema/test.xsd b/stix_validator/schema/test.xsd
new file mode 100755
index 0000000..b38f883
--- /dev/null
+++ b/stix_validator/schema/test.xsd
@@ -0,0 +1,15 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<xs:schema xmlns:xs="http://www.w3.org/2001/XMLSchema" elementFormDefault="qualified" targetNamespace="http://bryan.mitre.org/Foo">
+    <xs:element name="Foo">
+        <xs:complexType>
+            <xs:sequence>
+                <xs:element name="Bar" type="xs:string"/>
+            </xs:sequence>
+        </xs:complexType>
+    </xs:element>
+    <xs:complexType name="SomeType">
+        <xs:sequence>
+            <xs:element name="Blah" type="xs:string" minOccurs="1" maxOccurs="unbounded"/>
+        </xs:sequence>
+    </xs:complexType>
+</xs:schema>
diff --git a/stix_validator/schema/threat_actor.xsd b/stix_validator/schema/threat_actor.xsd
new file mode 100755
index 0000000..cd66ccc
--- /dev/null
+++ b/stix_validator/schema/threat_actor.xsd
@@ -0,0 +1,173 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<xs:schema xmlns:xs="http://www.w3.org/2001/XMLSchema" xmlns:cybox="http://cybox.mitre.org/cybox-2" xmlns:stixCommon="http://stix.mitre.org/common-1" xmlns:ta="http://stix.mitre.org/ThreatActor-1" xmlns:marking="http://data-marking.mitre.org/Marking-1" targetNamespace="http://stix.mitre.org/ThreatActor-1" elementFormDefault="qualified" attributeFormDefault="unqualified" version="1.0" xml:lang="English">
+	<xs:annotation>
+		<xs:documentation>This schema was originally developed by The MITRE Corporation. The STIX XML Schema implementation is maintained by The MITRE Corporation and developed by the open STIX Community. For more information, including how to get involved in the effort and how to submit change requests, please visit the STIX website at http://stix.mitre.org. </xs:documentation>
+		<xs:appinfo>
+			<schema>STIX Threat Actor</schema>
+			<version>1.0</version>
+			<date>04/08/2013 9:00:00 AM</date>
+			<short_description>Structured Threat Information eXpression (STIX) - ThreatActor - Schematic implementation for the Threat Actor construct within the STIX structured cyber threat expression language architecture.</short_description>
+			<terms_of_use>Copyright (c) 2012-2013, The MITRE Corporation. All rights reserved. The contents of this file are subject to the terms of the STIX License located at http://stix.mitre.org/about/termsofuse.html. See the STIX License for the specific language governing permissions and limitations for use of this schema. When distributing copies of the STIX Schema, this license header must be included. </terms_of_use>
+		</xs:appinfo>
+	</xs:annotation>
+	<xs:import namespace="http://cybox.mitre.org/cybox-2" schemaLocation="cybox/cybox_core.xsd"/>
+	<xs:import namespace="http://stix.mitre.org/common-1" schemaLocation="stix_common.xsd"/>
+	<xs:import namespace="http://data-marking.mitre.org/Marking-1" schemaLocation="data_marking.xsd"/>
+	<xs:element name="Threat_Actor" type="ta:ThreatActorType">
+		<xs:annotation>
+			<xs:documentation>Identification or characterization of the adversary</xs:documentation>
+		</xs:annotation>
+	</xs:element>
+	<!---->
+	<xs:complexType name="ThreatActorType">
+		<xs:complexContent>
+			<xs:extension base="stixCommon:ThreatActorBaseType">
+				<xs:sequence>
+					<xs:element name="Title" type="xs:string" minOccurs="0">
+						<xs:annotation>
+							<xs:documentation>The Title field provides a simple title for this ThreatActor.</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+					<xs:element name="Identity" type="stixCommon:IdentityType" minOccurs="0">
+						<xs:annotation>
+							<xs:documentation>
+								The Identity field characterizes the identity of this Threat Actor.
+
+								This field is implemented through the xsi:type extension mechanism. The default type is CIQIdentity3.0InstanceType in the http://stix.mitre.org/extensions/Identity#CIQIdentity3.0-1 namespace. This type is defined in the extensions/identity/ciq_identity.xsd file or at the URL http://stix.mitre.org/XMLSchema/extensions/identity/ciq_identity/1.0/ciq_identity.xsd.
+				
+								Those who wish to express a simple name may also do so by not specifying an xsi:type and using the Name field.
+							</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+					<xs:element name="Type" type="stixCommon:StatementType" minOccurs="0" maxOccurs="unbounded">
+						<xs:annotation>
+							<xs:documentation>
+								The Type field characterizes the type(s) of this threat actor. It may be used multiple times to capture multiple types.							
+							
+								It is implemented through the StatementType, which allows for the expression of a statement in a vocabulary (Value), a description of the statement (Description), a confidence in the statement (Confidence), and the source of the statement (Source). The default vocabulary type for the Value is ThreatActorTypeVocab-1.0 in the http://stix.mitre.org/default_vocabularies-1 namespace. This type is defined in the stix_default_vocabularies.xsd file or at the URL http://stix.mitre.org/XMLSchema/default_vocabularies/1.0.0/stix_default_vocabularies.xsd .
+
+								Users may also define their own vocabulary using the type extension mechanism, specify a vocabulary name and reference using the attributes, or simply use this as a string field.
+							</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+					<xs:element name="Motivation" type="stixCommon:StatementType" minOccurs="0" maxOccurs="unbounded">
+						<xs:annotation>
+							<xs:documentation>
+								The Type field characterizes the motivations of this threat actor. It may be used multiple times to capture multiple motivations.							
+								
+								It is implemented through the StatementType, which allows for the expression of a statement in a vocabulary (Value), a description of the statement (Description), a confidence in the statement (Confidence), and the source of the statement (Source). The default vocabulary type for the Value is MotivationVocab-1.0 in the http://stix.mitre.org/default_vocabularies-1 namespace. This type is defined in the stix_default_vocabularies.xsd file or at the URL http://stix.mitre.org/XMLSchema/default_vocabularies/1.0.0/stix_default_vocabularies.xsd .
+
+								Users may also define their own vocabulary using the type extension mechanism, specify a vocabulary name and reference using the attributes, or simply use this as a string field.
+							</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+					<xs:element name="Intended_Effect" type="stixCommon:StatementType" minOccurs="0" maxOccurs="unbounded">
+						<xs:annotation>
+							<xs:documentation>
+								The Intended_Effect field specifies the suspected intended effect for this Threat Actor.
+							
+								It is implemented through the StatementType, which allows for the expression of a statement in a vocabulary (Value), a description of the statement (Description), a confidence in the statement (Confidence), and the source of the statement (Source). The default vocabulary type for the Value is IntendedEffectVocab-1.0 in the http://stix.mitre.org/default_vocabularies-1 namespace. This type is defined in the stix_default_vocabularies.xsd file or at the URL http://stix.mitre.org/XMLSchema/default_vocabularies/1.0.0/stix_default_vocabularies.xsd .
+
+								Users may also define their own vocabulary using the type extension mechanism, specify a vocabulary name and reference using the attributes, or simply use this as a string field.
+							</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+					<xs:element name="Planning_And_Operational_Support" type="stixCommon:StatementType" minOccurs="0" maxOccurs="unbounded">
+						<xs:annotation>
+							<xs:documentation>
+								The Planning_And_Operational_Support field specifies the suspected planning and operational support performed by this threat actor.
+								
+								It is implemented through the StatementType, which allows for the expression of a statement in a vocabulary (Value), a description of the statement (Description), a confidence in the statement (Confidence), and the source of the statement (Source). The default vocabulary type for the Value is PlanningAndOperationalSupportVocab-1.0 in the http://stix.mitre.org/default_vocabularies-1 namespace. This type is defined in the stix_default_vocabularies.xsd file or at the URL http://stix.mitre.org/XMLSchema/default_vocabularies/1.0.0/stix_default_vocabularies.xsd .
+
+								Users may also define their own vocabulary using the type extension mechanism, specify a vocabulary name and reference using the attributes, or simply use this as a string field.
+							</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+					<xs:element name="Observed_TTPs" type="ta:ObservedTTPsType" minOccurs="0">
+						<xs:annotation>
+							<xs:documentation>The Observed_TTPs field specifies the TTPs that this Threat Actor has been observed to leverage.</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+					<xs:element name="Associated_Campaigns" type="ta:AssociatedCampaignsType" minOccurs="0">
+						<xs:annotation>
+							<xs:documentation>The Associated_Campaigns field specifies any known Campaigns attributed to this Threat Actor.</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+					<xs:element name="Associated_Actors" type="ta:AssociatedActorsType" minOccurs="0">
+						<xs:annotation>
+							<xs:documentation>The Associated_Actors field specifies other Threat Actors asserted to be associated with this Threat Actor.</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+					<xs:element name="Handling" type="marking:MarkingType" minOccurs="0">
+						<xs:annotation>
+							<xs:documentation>The Handling field specifies the appropriate data handling markings for the elements of this Threat Actor characterization. The valid marking scope is the nearest ThreatActorBaseType ancestor of this Handling element and all its descendants.</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+					<xs:element name="Confidence" type="stixCommon:ConfidenceType" minOccurs="0">
+						<xs:annotation>
+							<xs:documentation>The Confidence field characterizes the level of confidence held in the characterization of this Threat Actor.</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+					<xs:element name="Information_Source" type="stixCommon:InformationSourceType" minOccurs="0">
+						<xs:annotation>
+							<xs:documentation>The Information_Source field details the source of this entry.</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+				</xs:sequence>
+				<xs:attribute name="version" type="ta:ThreatActorVersionType" default="1.0">
+					<xs:annotation>
+						<xs:documentation>Specifies the relevant STIX-ThreatActor schema version for this content.</xs:documentation>
+					</xs:annotation>
+				</xs:attribute>
+			</xs:extension>
+		</xs:complexContent>
+	</xs:complexType>
+	<!---->
+	<xs:simpleType name="ThreatActorVersionType">
+		<xs:annotation>
+			<xs:documentation>An enumeration of all versions of the Threat Actor type valid in the current release of STIX.</xs:documentation>
+		</xs:annotation>
+		<xs:restriction base="xs:string">
+			<xs:enumeration value="1.0"/>
+		</xs:restriction>
+	</xs:simpleType>
+	<xs:complexType name="AssociatedActorsType">
+		<xs:complexContent>
+			<xs:extension base="stixCommon:GenericRelationshipListType">
+				<xs:sequence>
+					<xs:element name="Associated_Actor" type="stixCommon:RelatedThreatActorType" maxOccurs="unbounded">
+						<xs:annotation>
+							<xs:documentation>The Associated_Actor field specifies another Threat Actor asserted to be associated with this Threat Actor.</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+				</xs:sequence>
+			</xs:extension>
+		</xs:complexContent>
+	</xs:complexType>
+	<xs:complexType name="AssociatedCampaignsType">
+		<xs:complexContent>
+			<xs:extension base="stixCommon:GenericRelationshipListType">
+				<xs:sequence>
+					<xs:element name="Associated_Campaign" type="stixCommon:RelatedCampaignType" maxOccurs="unbounded">
+						<xs:annotation>
+							<xs:documentation>The Associated_Campaign field specifies a known Campaign attributed to this Threat Actor.</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+				</xs:sequence>
+			</xs:extension>
+		</xs:complexContent>
+	</xs:complexType>
+	<xs:complexType name="ObservedTTPsType">
+		<xs:complexContent>
+			<xs:extension base="stixCommon:GenericRelationshipListType">
+				<xs:sequence>
+					<xs:element name="Observed_TTP" type="stixCommon:RelatedTTPType" maxOccurs="unbounded">
+						<xs:annotation>
+							<xs:documentation>The Observed_TTP field specifies a TTP that this Threat Actor has been observed to leverage.</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+				</xs:sequence>
+			</xs:extension>
+		</xs:complexContent>
+	</xs:complexType>
+</xs:schema>
diff --git a/stix_validator/schema/ttp.xsd b/stix_validator/schema/ttp.xsd
new file mode 100755
index 0000000..3bae460
--- /dev/null
+++ b/stix_validator/schema/ttp.xsd
@@ -0,0 +1,340 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<xs:schema xmlns:xs="http://www.w3.org/2001/XMLSchema" xmlns:cybox="http://cybox.mitre.org/cybox-2" xmlns:cyboxCommon="http://cybox.mitre.org/common-2" xmlns:stixCommon="http://stix.mitre.org/common-1" xmlns:ttp="http://stix.mitre.org/TTP-1" xmlns:marking="http://data-marking.mitre.org/Marking-1" targetNamespace="http://stix.mitre.org/TTP-1" elementFormDefault="qualified" attributeFormDefault="unqualified" version="1.0" xml:lang="English">
+	<xs:annotation>
+		<xs:documentation>This schema was originally developed by The MITRE Corporation. The STIX XML Schema implementation is maintained by The MITRE Corporation and developed by the open STIX Community. For more information, including how to get involved in the effort and how to submit change requests, please visit the STIX website at http://stix.mitre.org. </xs:documentation>
+		<xs:appinfo>
+			<schema>STIX TTP</schema>
+			<version>1.0</version>
+			<date>04/08/2013 9:00:00 AM</date>
+			<short_description>Structured Threat Information eXpression (STIX) - TTP - Schematic implementation for the TTP construct within the STIX structured cyber threat expression language architecture.</short_description>
+			<terms_of_use>Copyright (c) 2012-2013, The MITRE Corporation. All rights reserved. The contents of this file are subject to the terms of the STIX License located at http://stix.mitre.org/about/termsofuse.html. See the STIX License for the specific language governing permissions and limitations for use of this schema. When distributing copies of the STIX Schema, this license header must be included. </terms_of_use>
+		</xs:appinfo>
+	</xs:annotation>
+	<xs:import namespace="http://cybox.mitre.org/cybox-2" schemaLocation="cybox/cybox_core.xsd"/>
+	<xs:import namespace="http://cybox.mitre.org/common-2" schemaLocation="cybox/cybox_common.xsd"/>
+	<xs:import namespace="http://stix.mitre.org/common-1" schemaLocation="stix_common.xsd"/>
+	<xs:import namespace="http://data-marking.mitre.org/Marking-1" schemaLocation="data_marking.xsd"/>
+	<xs:element name="TTP" type="ttp:TTPType">
+		<xs:annotation>
+			<xs:documentation>The TTP field characterizes specific details of observed or potential attacker Tactics, Techniques and Procedures.</xs:documentation>
+		</xs:annotation>
+	</xs:element>
+	<!---->
+	<xs:complexType name="TTPType">
+		<xs:annotation>
+			<xs:documentation>TTPType characterizes an individual adversary TTP.</xs:documentation>
+		</xs:annotation>
+		<xs:complexContent>
+			<xs:extension base="stixCommon:TTPBaseType">
+				<xs:sequence>
+					<xs:element name="Title" type="xs:string" minOccurs="0">
+						<xs:annotation>
+							<xs:documentation>The Title field provides a simple title for this TTP.</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+					<xs:element name="Description" type="stixCommon:StructuredTextType" minOccurs="0">
+						<xs:annotation>
+							<xs:documentation>The Description field provides an unstructured description of the TTP.</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+					<xs:element name="Intended_Effect" type="stixCommon:StatementType" minOccurs="0" maxOccurs="unbounded">
+						<xs:annotation>
+							<xs:documentation>
+								The Intended_Effect field specifies the suspected intended effect for this TTP.
+								
+								It is implemented through the StatementType, which allows for the expression of a statement in a vocabulary (Value), a description of the statement (Description), a confidence in the statement (Confidence), and the source of the statement (Source). The default vocabulary type for the Value is IntendedEffectVocab-1.0 in the http://stix.mitre.org/default_vocabularies-1 namespace. This type is defined in the stix_default_vocabularies.xsd file or at the URL http://stix.mitre.org/XMLSchema/default_vocabularies/1.0.0/stix_default_vocabularies.xsd .
+
+						Users may also define their own vocabulary using the type extension mechanism, specify a vocabulary name and reference using the attributes, or simply use this as a string field.
+							</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+					<xs:element name="Behavior" type="ttp:BehaviorType" minOccurs="0">
+						<xs:annotation>
+							<xs:documentation>Behavior describes the attack patterns, malware, or exploits that the attacker leverages to execute this TTP.</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+					<xs:element name="Resources" type="ttp:ResourceType" minOccurs="0">
+						<xs:annotation>
+							<xs:documentation> Resources describe the infrastructure or tools that the adversary uses to execute this TTP. </xs:documentation>
+						</xs:annotation>
+					</xs:element>
+					<xs:element name="Victim_Targeting" type="ttp:VictimTargetingType" minOccurs="0">
+						<xs:annotation>
+							<xs:documentation>The Victim_Targeting field characterizes the people, organizations, information or access being targeted.</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+					<xs:element name="Exploit_Targets" type="stixCommon:ExploitTargetsType" minOccurs="0">
+						<xs:annotation>
+							<xs:documentation>The Exploit_Targets field characterizes potential vulnerability, weakness or configuration targets for exploitation by this TTP.</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+					<xs:element name="Related_TTPs" type="ttp:RelatedTTPsType" minOccurs="0">
+						<xs:annotation>
+							<xs:documentation>The Related_TTPs field specifies other TTPs asserted to be related to this cyber threat TTP.</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+					<xs:element name="Kill_Chain_Phases" type="stixCommon:KillChainPhasesReferenceType" minOccurs="0">
+						<xs:annotation>
+							<xs:documentation>The Kill_Chain_Phases field specifies one or more Kill Chain phases associated with this TTP item.</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+					<xs:element name="Information_Source" type="stixCommon:InformationSourceType" minOccurs="0">
+						<xs:annotation>
+							<xs:documentation>The Information_Source field details the source of this entry.</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+					<xs:element name="Kill_Chains" type="stixCommon:KillChainsType" minOccurs="0">
+						<xs:annotation>
+							<xs:documentation>The Kill_Chains field characterizes specific Kill Chain definitions for reference within specific TTP entries, Indicators and elsewhere.</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+					<xs:element name="Handling" type="marking:MarkingType" minOccurs="0">
+						<xs:annotation>
+							<xs:documentation>Specifies the relevant handling guidance for this TTP. The valid marking scope is the nearest TTPBaseType ancestor of this Handling element and all its descendants.</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+				</xs:sequence>
+				<xs:attribute name="version" type="ttp:TTPVersionType" default="1.0">
+					<xs:annotation>
+						<xs:documentation>Specifies the relevant STIX-TTP schema version for this content.</xs:documentation>
+					</xs:annotation>
+				</xs:attribute>
+			</xs:extension>
+		</xs:complexContent>
+	</xs:complexType>
+	<!---->
+	<xs:simpleType name="TTPVersionType">
+		<xs:annotation>
+			<xs:documentation>An enumeration of all versions of the TTP type valid in the current release of STIX.</xs:documentation>
+		</xs:annotation>
+		<xs:restriction base="xs:string">
+			<xs:enumeration value="1.0"/>
+		</xs:restriction>
+	</xs:simpleType>
+	<xs:complexType name="AttackPatternType">
+		<xs:annotation>
+			<xs:documentation>
+				Captures prose information about an individual attack pattern as well as a CAPEC reference.
+
+				In addition to capturing basic information, this type is intended to be extended to enable the structured description of an attack pattern instance using the XML Schema extension feature. The STIX default extension uses the Common Attack Pattern Enumeration and Classification (CAPEC) schema to do so. The extension that defines this is captured in the CAPEC2.5InstanceType in the http://stix.mitre.org/extensions/AP#CAPEC2.5-1 namespace. This type is defined in the extensions/attack_pattern/capec_2.5.xsd file or at the URL http://stix.mitre.org/XMLSchema/extensions/attack_pattern/capec_2.5/1.0/capec_2.5.xsd.
+			</xs:documentation>
+		</xs:annotation>
+		<xs:sequence>
+			<xs:element name="Description" type="stixCommon:StructuredTextType" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>The Description field provides an unstructured description of an individual Attack Pattern.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+		</xs:sequence>
+		<xs:attribute name="capec_id">
+			<xs:annotation>
+				<xs:documentation>This field specifies a reference to a particular entry within the Common Attack Pattern Enumeration and Classification (CAPEC)</xs:documentation>
+			</xs:annotation>
+			<xs:simpleType>
+				<xs:restriction base="xs:string">
+					<xs:pattern value="CAPEC-\d+"/>
+				</xs:restriction>
+			</xs:simpleType>
+		</xs:attribute>
+	</xs:complexType>
+	<xs:complexType name="MalwareInstanceType">
+		<xs:annotation>
+			<xs:documentation>
+				Captures basic information about an individual malware instance.
+				
+				In addition to capturing basic information, this type is intended to be extended to enable the structured description of a malware instance using the XML Schema extension feature. The STIX default extension uses the Malware Attribute Enumeration and Classification (MAEC) schema to do so. The extension that defines this is captured in the MAECInstanceType in the http://stix.mitre.org/extensions/Malware#MAEC-1 namespace. This type is defined in the extensions/malware/maec-4.0.xsd file or at the URL http://stix.mitre.org/XMLSchema/extensions/malware/maec-4.0/1.0/maec-4.0.xsd.
+			</xs:documentation>
+		</xs:annotation>
+		<xs:sequence>
+			<xs:element name="Type" type="stixCommon:ControlledVocabularyStringType" minOccurs="0" maxOccurs="unbounded">
+				<xs:annotation>
+					<xs:documentation>
+						The Type field provides a characterization of what type of malware this MalwareInstance is.
+					
+						This field is implemented through the xsi:type controlled vocabulary extension mechanism. The default vocabulary type is MalwareTypeVocab-1.0 in the http://stix.mitre.org/default_vocabularies-1 namespace. This type is defined in the stix_default_vocabularies.xsd file or at the URL http://stix.mitre.org/XMLSchema/default_vocabularies/1.0.0/stix_default_vocabularies.xsd .
+
+						Users may also define their own vocabulary using the type extension mechanism, specify a vocabulary name and reference using the attributes, or simply use this as a string field.
+					</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="Name" type="stixCommon:ControlledVocabularyStringType" minOccurs="0" maxOccurs="unbounded">
+				<xs:annotation>
+					<xs:documentation>
+						The Name field specifies a name associated with this MalwareInstance.
+					
+						This field is implemented through the xsi:type controlled vocabulary extension mechanism. No default vocabulary type has been defined for STIX 1.0. Users may either define their own vocabulary using the type extension mechanism, specify a vocabulary name and reference using the attributes, or simply use this as a free string field.
+					</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="Description" type="stixCommon:StructuredTextType" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>The Description field provides an unstructured description of an individual Malware instance.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+		</xs:sequence>
+	</xs:complexType>
+	<xs:complexType name="ExploitType">
+		<xs:annotation>
+			<xs:documentation>
+				Characterizes a description of an individual exploit.
+
+				In addition to capturing basic information, this type is intended to be extended to enable the structured description of an exploit using the XML Schema extension feature. No extension is provided by STIX to support this, however those wishing to represent structured exploit information may develop such an extension.
+			</xs:documentation>
+		</xs:annotation>
+		<xs:sequence>
+			<xs:element name="Description" type="stixCommon:StructuredTextType" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>The Description field provides an unstructured description of an individual Exploit instance.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+		</xs:sequence>
+	</xs:complexType>
+	<xs:complexType name="RelatedTTPsType">
+		<xs:complexContent>
+			<xs:extension base="stixCommon:GenericRelationshipListType">
+				<xs:sequence>
+					<xs:element name="Related_TTP" type="stixCommon:RelatedTTPType" maxOccurs="unbounded">
+						<xs:annotation>
+							<xs:documentation>The Related_TTP field specifies a single other TTP asserted to be related to this cyber threat TTP.</xs:documentation>
+						</xs:annotation>
+					</xs:element>
+				</xs:sequence>
+			</xs:extension>
+		</xs:complexContent>
+	</xs:complexType>
+	<xs:complexType name="InfrastructureType">
+		<xs:sequence>
+			<xs:element name="Type" type="stixCommon:ControlledVocabularyStringType" minOccurs="0" maxOccurs="unbounded">
+				<xs:annotation>
+					<xs:documentation>
+						The Type field represents the type of infrastructure being described.
+						
+						This field is implemented through the xsi:type controlled vocabulary extension mechanism. The default vocabulary type is AttackerInfrastructureTypeVocab-1.0 in the http://stix.mitre.org/default_vocabularies-1 namespace. This type is defined in the stix_default_vocabularies.xsd file or at the URL http://stix.mitre.org/XMLSchema/default_vocabularies/1.0.0/stix_default_vocabularies.xsd .
+
+						Users may also define their own vocabulary using the type extension mechanism, specify a vocabulary name and reference using the attributes, or simply use this as a string field.
+					</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="Description" type="stixCommon:StructuredTextType" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>The Description field generally describes specific classes or instances of infrastructure utilized for cyber attack.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="Observable_Characterization" type="cybox:ObservablesType" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>The Observable_Characterization field provides structured characterization of the cyber observables detailing specific classes or instances of infrastructure utilized for cyber attack.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+		</xs:sequence>
+	</xs:complexType>
+	<xs:complexType name="ToolsType">
+		<xs:sequence>
+			<xs:element name="Tool" type="cyboxCommon:ToolInformationType" maxOccurs="unbounded">
+				<xs:annotation>
+					<xs:documentation>
+						The Tool field specifies a single Tool leveraged by this TTP item.
+					
+						The Type field under this field is implemented through the xsi:type controlled vocabulary extension mechanism. The default vocabulary type is AttackerToolTypeVocab-1.0 in the http://stix.mitre.org/default_vocabularies-1 namespace. This type is defined in the stix_default_vocabularies.xsd file or at the URL http://stix.mitre.org/XMLSchema/default_vocabularies/1.0.0/stix_default_vocabularies.xsd .
+
+						Users may also define their own vocabulary using the type extension mechanism, specify a vocabulary name and reference using the attributes, or simply use this as a string field.
+					</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+		</xs:sequence>
+	</xs:complexType>
+	<xs:complexType name="ExploitsType">
+		<xs:sequence>
+			<xs:element name="Exploit" type="ttp:ExploitType" maxOccurs="unbounded">
+				<xs:annotation>
+					<xs:documentation>The Exploit field specifies a single Exploit for this TTP item.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+		</xs:sequence>
+	</xs:complexType>
+	<xs:complexType name="MalwareType">
+		<xs:sequence>
+			<xs:element name="Malware_Instance" type="ttp:MalwareInstanceType" maxOccurs="unbounded">
+				<xs:annotation>
+					<xs:documentation>The Malware_Instance field specifies a single instance of Malware for this TTP item.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+		</xs:sequence>
+	</xs:complexType>
+	<xs:complexType name="AttackPatternsType">
+		<xs:sequence>
+			<xs:element name="Attack_Pattern" type="ttp:AttackPatternType" maxOccurs="unbounded">
+				<xs:annotation>
+					<xs:documentation>The Attack_Pattern field specifies a single Attack Pattern for this TTP item.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+		</xs:sequence>
+	</xs:complexType>
+	<xs:complexType name="ResourceType">
+		<xs:sequence>
+			<xs:element name="Tools" type="ttp:ToolsType" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>The Tools field specifies one or more Tools leveraged by this TTP item.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="Infrastructure" type="ttp:InfrastructureType" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>The Infrastructure field characterizes specific classes or instances of infrastructure observed to have been utilized for cyber attack.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+		</xs:sequence>
+	</xs:complexType>
+	<xs:complexType name="BehaviorType">
+		<xs:sequence>
+			<xs:element name="Attack_Patterns" type="ttp:AttackPatternsType" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>The Attack_Patterns field specifies one or more Attack Patterns for this TTP item.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="Malware" type="ttp:MalwareType" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>The Malware field specifies one or more instances of Malware for this TTP item.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="Exploits" type="ttp:ExploitsType" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>The Exploits field specifies one or more Exploits for this TTP item.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+		</xs:sequence>
+	</xs:complexType>
+	<xs:complexType name="VictimTargetingType">
+		<xs:sequence>
+			<xs:element name="Identity" type="stixCommon:IdentityType" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>
+						The Identity field characterizes information about the identity or characteristics of the targeted people or organizations.
+					
+						This field is implemented through the xsi:type extension mechanism. The default type is CIQIdentity3.0InstanceType in the http://stix.mitre.org/extensions/Identity#CIQIdentity3.0-1 namespace. This type is defined in the extensions/identity/ciq_identity_3.0.xsd file or at the URL http://stix.mitre.org/XMLSchema/extensions/identity/ciq_identity_3.0/1.0/ciq_identity_3.0.xsd.					
+					</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="Targeted_Systems" type="stixCommon:ControlledVocabularyStringType" minOccurs="0" maxOccurs="unbounded">
+				<xs:annotation>
+					<xs:documentation>
+						The Targeted_Systems field characterizes a type of system that is targeted. It may be included multiple times to specify multiple types of targeted systems.
+					
+						This field is implemented through the xsi:type controlled vocabulary extension mechanism. The default vocabulary type is SystemTypeVocab-1.0 in the http://stix.mitre.org/default_vocabularies-1 namespace. This type is defined in the stix_default_vocabularies.xsd file or at the URL http://stix.mitre.org/XMLSchema/default_vocabularies/1.0.0/stix_default_vocabularies.xsd .
+
+						Users may also define their own vocabulary using the type extension mechanism, specify a vocabulary name and reference using the attributes, or simply use this as a string field.					
+					</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="Targeted_Information" type="stixCommon:ControlledVocabularyStringType" minOccurs="0" maxOccurs="unbounded">
+				<xs:annotation>
+					<xs:documentation>
+						The Targeted_Systems field characterizes a type of information that is targeted. It may be included multiple times to specify multiple types of targeted information.
+					
+						This field is implemented through the xsi:type controlled vocabulary extension mechanism. The default vocabulary type is InformationTypeVocab-1.0 in the http://stix.mitre.org/default_vocabularies-1 namespace. This type is defined in the stix_default_vocabularies.xsd file or at the URL http://stix.mitre.org/XMLSchema/default_vocabularies/1.0.0/stix_default_vocabularies.xsd .
+
+						Users may also define their own vocabulary using the type extension mechanism, specify a vocabulary name and reference using the attributes, or simply use this as a string field.		
+					</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+		</xs:sequence>
+	</xs:complexType>
+</xs:schema>
diff --git a/stix_validator/sdv.py b/stix_validator/sdv.py
new file mode 100755
index 0000000..6bd8fac
--- /dev/null
+++ b/stix_validator/sdv.py
@@ -0,0 +1,69 @@
+#!/usr/bin/env python
+
+# Copyright (c) 2013, The MITRE Corporation. All rights reserved.
+# See LICENSE.txt for complete terms.
+'''
+STIX Document Validator (sdv) - validates STIX v1.0 instance documents.
+'''
+
+import os
+import argparse
+from validator import XmlValidator 
+
+def get_files_to_validate(dir):
+    '''Return a list of xml files under a directory'''
+    to_validate = []
+    for top, dirs, files in os.walk(dir):
+        for fn in files:
+            if fn.endswith('.xml'):
+                fp = os.path.join(top, fn)
+                to_validate.append(fp)
+    
+    return to_validate
+
+def error(msg):
+    '''Print the error message and exit(1)'''
+    print "[!] %s" % (msg)
+    exit(1)
+
+def main():
+    parser = argparse.ArgumentParser(description="STIX Document Validator (sdv) - validated STIX v1.0 instance documents")
+    parser.add_argument("--schema-dir", dest="schema_dir", default=None, help="Path to directory containing all necessary schemas for validation")
+    parser.add_argument("--input-file", dest="infile", default=None, help="Path to STIX instance document to validate")
+    parser.add_argument("--input-dir", dest="indir", default=None, help="Path to directory containing STIX instance documents to validate")
+    parser.add_argument("--use-schemaloc", dest="use_schemaloc", action='http://github.com/store_true', default=False, help="Use schemaLocation attribute to determine schema locations.")
+    
+    args = parser.parse_args()
+    
+    if not(args.infile or args.indir):
+        error("Must provide either --input-file or --input-dir argument")
+    
+    if args.infile and args.indir:
+        error('Must provide either --input-file or --input-dir argument, but not both')
+    
+    if not(args.schema_dir or args.use_schemaloc):
+        error("Must provide either --use-schemaloc or --schema-dir")
+        
+    if args.schema_dir and args.use_schemaloc:
+        error("Most provide either --use-schemaloc or --schema-dir, but not both")
+         
+    if args.infile:
+        to_validate = [args.infile]
+    else:
+        to_validate = get_files_to_validate(args.indir)
+    
+    if len(to_validate) > 0:
+        print "[-] Processing %s files" % (len(to_validate))
+        ssv = XmlValidator(schema_dir=args.schema_dir, use_schemaloc=args.use_schemaloc)
+        for fp in to_validate:
+            with open(fp, 'rb') as f:
+                (result, msg) = ssv.validate(f)
+                if result:
+                    print "[+] %s : VALID" % (fp)
+                else:
+                    print "[!] %s : INVALID : %s" % (fp, msg)
+
+if __name__ == '__main__':
+    main()
+
+    
diff --git a/stix_validator/validator.py b/stix_validator/validator.py
new file mode 100755
index 0000000..791f728
--- /dev/null
+++ b/stix_validator/validator.py
@@ -0,0 +1,154 @@
+# Copyright (c) 2013, The MITRE Corporation. All rights reserved.
+# See LICENSE.txt for complete terms.
+
+import os
+from collections import defaultdict
+from lxml import etree as et
+
+NS_XML_SCHEMA_INSTANCE = "http://www.w3.org/2001/XMLSchema-instance"
+NS_XML_SCHEMA = "http://www.w3.org/2001/XMLSchema"
+
+class XmlValidator(object):
+    
+    def __init__(self, schema_dir=None, use_schemaloc=False):
+        self.__imports = self._build_imports(schema_dir)
+        self.__use_schemaloc = use_schemaloc
+    
+    def _get_target_ns(self, fp):
+        '''Returns the target namespace for a schema file
+        
+        Keyword Arguments
+        fp - the path to the schema file
+        '''
+        tree = et.parse(fp)
+        root = tree.getroot()
+        return root.attrib['targetNamespace'] # throw an error if it doesn't exist...we can't validate
+        
+    def _get_include_base_schema(self, list_schemas):
+        '''Returns the root schema which defines a namespace.
+        
+        Certain schemas, such as OASIS CIQ use xs:include statements in their schemas, where two schemas
+        define a namespace (e.g., XAL.xsd and XAL-types.xsd). This makes validation difficult, when we
+        must refer to one schema for a given namespace.
+        
+        To fix this, we attempt to find the root schema which includes the others. We do this by seeing
+        if a schema has an xs:include element, and if it does we assume that it is the parent. This is
+        totally wrong and needs to be fixed. Ideally this would build a tree of includes and return the
+        root node.
+        
+        Keyword Arguments:
+        list_schemas - a list of schema file paths that all belong to the same namespace
+        '''
+        parent_schema = None
+        tag_include = "{%s}include" % (NS_XML_SCHEMA)
+        
+        for fn in list_schemas:
+            tree = et.parse(fn)
+            root = tree.getroot()
+            includes = root.findall(tag_include)
+            
+            if len(includes) > 0: # this is a hack that assumes if the schema includes others, it is the base schema for the namespace
+                return fn
+                
+        return parent_schema
+    
+    def _build_imports(self, schema_dir):
+        '''Given a directory of schemas, this builds a dictionary of schemas that need to be imported
+        under a wrapper schema in order to enable validation. This returns a dictionary of the form
+        {namespace : path to schema}.
+        
+        Keyword Arguments
+        schema_dir - a directory of schema files
+        '''
+        if not schema_dir:
+            return None
+        
+        imports = defaultdict(list)
+        for top, dirs, files in os.walk(schema_dir):
+            for f in files:
+                if f.endswith('.xsd'):
+                    fp = os.path.join(top, f)
+                    target_ns = self._get_target_ns(fp)
+                    imports[target_ns].append(fp)
+        
+        for k,v in imports.iteritems():
+            if len(v) > 1:
+                base_schema = self._get_include_base_schema(v)
+                imports[k] = base_schema
+            else:
+                imports[k] = v[0]
+    
+        return imports
+    
+    def _build_wrapper_schema(self, import_dict):
+        '''Creates a wrapper schema that imports all namespaces defined by the input dictionary. This enables
+        validation of instance documents that refer to multiple namespaces and schemas
+        
+        Keyword Arguments
+        import_dict - a dictionary of the form {namespace : path to schema} that will be used to build the list of xs:import statements
+        '''
+        schema_txt = '''<xs:schema xmlns:xs="http://www.w3.org/2001/XMLSchema" targetNamespace="http://stix.mitre.org/tools/validator" elementFormDefault="qualified" attributeFormDefault="qualified"/>'''
+        root = et.fromstring(schema_txt)
+        
+        tag_import = "{%s}import" % (NS_XML_SCHEMA)
+        for ns, list_schemaloc in import_dict.iteritems():
+            schemaloc = list_schemaloc
+            schemaloc = schemaloc.replace("\\", "/")
+            attrib = {'namespace' : ns, 'schemaLocation' : schemaloc}
+            el_import = et.Element(tag_import, attrib=attrib)
+            root.append(el_import)
+    
+        return root
+
+    def _extract_schema_locations(self, root):
+        schemaloc_dict = {}
+        
+        tag_schemaloc = "{%s}schemaLocation" % (NS_XML_SCHEMA_INSTANCE)
+        schemaloc = root.attrib[tag_schemaloc].split()
+        schemaloc_pairs = zip(schemaloc[::2], schemaloc[1::2])
+        
+        for ns, loc in schemaloc_pairs:
+            schemaloc_dict[ns] = loc
+        
+        return schemaloc_dict
+    
+    def validate(self, instance_doc):
+        '''Validates an instance documents.
+        
+        Returns a tuple of where the first item is the boolean validation
+        result and the second is the validation error if there was one.
+        
+        Keyword Arguments
+        instance_doc - a file-like object to be validated
+        '''
+        if not(self.__use_schemaloc or self.__imports):
+            return (False, "No schemas to validate against! Try instantiating XmlValidator with use_schemaloc=True or setting the schema_dir")
+        
+        instance_doc = et.parse(instance_doc)
+        instance_root = instance_doc.getroot()
+        
+        if self.__use_schemaloc:
+            try:
+                required_imports = self._extract_schema_locations(instance_root)
+            except KeyError as e:
+                return (False, "No schemaLocation attribute set on instance document. Unable to validate")
+        else:
+            required_imports = {}
+            for prefix, ns in instance_root.nsmap.iteritems():
+                schemaloc = self.__imports.get(ns)
+                if schemaloc:
+                    required_imports[ns] = schemaloc
+
+        if not required_imports:
+            return (False, "Unable to determine schemas to validate against")
+
+        wrapper_schema_doc = self._build_wrapper_schema(import_dict=required_imports)
+        xmlschema = et.XMLSchema(wrapper_schema_doc)
+        
+        try: 
+            xmlschema.assertValid(instance_doc)
+            return (True, None)
+        except Exception as e:
+            return (False, str(e))
+
+ 
\ No newline at end of file

From c82290991485b2f0926f7cf3a4e639e3ddf8fa17 Mon Sep 17 00:00:00 2001
From: Bryan Worrell <bworrell@mitre.org>
Date: Thu, 12 Sep 2013 13:37:32 -0400
Subject: [PATCH 02/14] added STIXValidator class which performs best practice
 guidance check as well as schema validation

---
 stix_validator/sdv.py       |  84 ++++++++++++++++--
 stix_validator/validator.py | 169 ++++++++++++++++++++++++++++++++++--
 2 files changed, 238 insertions(+), 15 deletions(-)

diff --git a/stix_validator/sdv.py b/stix_validator/sdv.py
index 6bd8fac..09922d3 100755
--- a/stix_validator/sdv.py
+++ b/stix_validator/sdv.py
@@ -8,7 +8,7 @@
 
 import os
 import argparse
-from validator import XmlValidator 
+from validator import STIXValidator 
 
 def get_files_to_validate(dir):
     '''Return a list of xml files under a directory'''
@@ -26,12 +26,81 @@ def error(msg):
     print "[!] %s" % (msg)
     exit(1)
 
+def print_result(fp, isvalid, validation_error, warnings):
+    if isvalid:
+        print "[+] %s : VALID" % (fp)
+        
+        if warnings:
+            duplicate_ids = warnings.get('duplicate_ids')
+            if duplicate_ids:
+                print '    [~] Nodes with duplicate ids'
+                for id_, list_nodes in duplicate_ids.iteritems():
+                    print '    [~] id: [%s]' % (id_)
+                    for node in list_nodes:
+                        print '       [%s] line: [%s]' % (node.tag, node.sourceline)
+                print
+            
+            missing_ids = warnings.get('missing_ids')
+            if missing_ids:
+                print '    [~] Nodes with missing ids'
+                for node in missing_ids:
+                    print '    [~] [%s] line: [%s]' % (node.tag, node.sourceline)
+                print
+            
+            unresolved_idrefs = warnings.get('unresolved_idrefs')
+            if unresolved_idrefs:
+                print '    [~] Nodes with idrefs that do not resolve'
+                for node in unresolved_idrefs:
+                    print '    [~] [%s] idref: [%s] line: [%s]' % (node.tag, node.attrib.get('idref'), node.sourceline)
+                print
+                
+            formatted_ids = warnings.get('id_format')
+            if formatted_ids:
+                print '    [~] Nodes with ids not formatted as [ns_prefix]:[object-type]-[GUID]'
+                for node in formatted_ids:
+                    print '    [~] [%s] id: [%s] line: [%s]' % (node.tag, node.attrib.get('id'), node.sourceline)
+                print
+            
+            idrefs_with_content = warnings.get('idref_with_content')
+            if idrefs_with_content:
+                print '    [~] Nodes that declare idrefs but also contain content'
+                for node in idrefs_with_content:
+                    print '    [~] [%s] idref: [%s] line: [%s]' % (node.tag, node.attrib.get('idref'), node.sourceline)
+                print
+                
+            indicator_suggestions = warnings.get('indicator_suggestions')
+            if indicator_suggestions:
+                print '    [~] Indicator suggestions'
+                for indicator_dict in indicator_suggestions:
+                    node = indicator_dict['node']
+                    list_missing = []
+                    if not indicator_dict.get('title', True):
+                        list_missing.append('Title')
+                    if not indicator_dict.get('description', True):
+                        list_missing.append('Description')
+                    if not indicator_dict.get('type', True):
+                        list_missing.append('Type')
+                    if not indicator_dict.get('valid_time_position', True):
+                        list_missing.append('Valid_Time_Position')
+                    if not indicator_dict.get('indicated_ttp', True):
+                        list_missing.append('Indicated_TTP')
+                    if not indicator_dict.get('confidence', True):
+                        list_missing.append('Confidence')
+                    
+                    print '    [~] id: [%s] line: [%s] missing: %s' % (indicator_dict.get('id'), node.sourceline, list_missing)
+                    
+    else:
+        print "[!] %s : INVALID : [%s]" % (fp, str(validation_error))
+                    
+
+
 def main():
-    parser = argparse.ArgumentParser(description="STIX Document Validator (sdv) - validated STIX v1.0 instance documents")
+    parser = argparse.ArgumentParser(description="STIX Document Validator")
     parser.add_argument("--schema-dir", dest="schema_dir", default=None, help="Path to directory containing all necessary schemas for validation")
     parser.add_argument("--input-file", dest="infile", default=None, help="Path to STIX instance document to validate")
     parser.add_argument("--input-dir", dest="indir", default=None, help="Path to directory containing STIX instance documents to validate")
     parser.add_argument("--use-schemaloc", dest="use_schemaloc", action='http://github.com/store_true', default=False, help="Use schemaLocation attribute to determine schema locations.")
+    parser.add_argument("--best-practices", dest="best_practices", action='http://github.com/store_true', default=False, help="Check that the document follows authoring best practices")
     
     args = parser.parse_args()
     
@@ -54,16 +123,13 @@ def main():
     
     if len(to_validate) > 0:
         print "[-] Processing %s files" % (len(to_validate))
-        ssv = XmlValidator(schema_dir=args.schema_dir, use_schemaloc=args.use_schemaloc)
+        ssv = STIXValidator(schema_dir=args.schema_dir, use_schemaloc=args.use_schemaloc, best_practices=args.best_practices)
         for fp in to_validate:
             with open(fp, 'rb') as f:
-                (result, msg) = ssv.validate(f)
-                if result:
-                    print "[+] %s : VALID" % (fp)
-                else:
-                    print "[!] %s : INVALID : %s" % (fp, msg)
+                (isvalid, validation_error, best_practice_warnings) = ssv.validate(f)
+                print_result(fp, isvalid, validation_error, best_practice_warnings)
 
 if __name__ == '__main__':
     main()
 
-    
+    
\ No newline at end of file
diff --git a/stix_validator/validator.py b/stix_validator/validator.py
index 791f728..6628d98 100755
--- a/stix_validator/validator.py
+++ b/stix_validator/validator.py
@@ -2,13 +2,13 @@
 # See LICENSE.txt for complete terms.
 
 import os
+import re
 from collections import defaultdict
 from lxml import etree as et
 
-NS_XML_SCHEMA_INSTANCE = "http://www.w3.org/2001/XMLSchema-instance"
-NS_XML_SCHEMA = "http://www.w3.org/2001/XMLSchema"
-
 class XmlValidator(object):
+    NS_XML_SCHEMA_INSTANCE = "http://www.w3.org/2001/XMLSchema-instance"
+    NS_XML_SCHEMA = "http://www.w3.org/2001/XMLSchema"
     
     def __init__(self, schema_dir=None, use_schemaloc=False):
         self.__imports = self._build_imports(schema_dir)
@@ -40,7 +40,7 @@ def _get_include_base_schema(self, list_schemas):
         list_schemas - a list of schema file paths that all belong to the same namespace
         '''
         parent_schema = None
-        tag_include = "{%s}include" % (NS_XML_SCHEMA)
+        tag_include = "{%s}include" % (self.NS_XML_SCHEMA)
         
         for fn in list_schemas:
             tree = et.parse(fn)
@@ -90,7 +90,7 @@ def _build_wrapper_schema(self, import_dict):
         schema_txt = '''<xs:schema xmlns:xs="http://www.w3.org/2001/XMLSchema" targetNamespace="http://stix.mitre.org/tools/validator" elementFormDefault="qualified" attributeFormDefault="qualified"/>'''
         root = et.fromstring(schema_txt)
         
-        tag_import = "{%s}import" % (NS_XML_SCHEMA)
+        tag_import = "{%s}import" % (self.NS_XML_SCHEMA)
         for ns, list_schemaloc in import_dict.iteritems():
             schemaloc = list_schemaloc
             schemaloc = schemaloc.replace("\\", "/")
@@ -103,7 +103,7 @@ def _build_wrapper_schema(self, import_dict):
     def _extract_schema_locations(self, root):
         schemaloc_dict = {}
         
-        tag_schemaloc = "{%s}schemaLocation" % (NS_XML_SCHEMA_INSTANCE)
+        tag_schemaloc = "{%s}schemaLocation" % (self.NS_XML_SCHEMA_INSTANCE)
         schemaloc = root.attrib[tag_schemaloc].split()
         schemaloc_pairs = zip(schemaloc[::2], schemaloc[1::2])
         
@@ -151,4 +151,161 @@ def validate(self, instance_doc):
         except Exception as e:
             return (False, str(e))
 
+
+class STIXValidator(XmlValidator):
+    '''Schema validates STIX v1.0 documents and checks best practice guidance'''
+    __stix_version__ = "1.0"
+    
+    PREFIX_STIX_CORE = 'stix'
+    PREFIX_CYBOX_CORE = 'cybox'
+    PREFIX_STIX_INDICATOR = 'indicator'
+    
+    NS_STIX_CORE = "http://stix.mitre.org/stix-1"
+    NS_STIX_INDICATOR = "http://stix.mitre.org/Indicator-2"
+    NS_CYBOX_CORE = "http://cybox.mitre.org/cybox-2"
+    
+    NS_MAP = {PREFIX_CYBOX_CORE : NS_CYBOX_CORE,
+              PREFIX_STIX_CORE : NS_STIX_CORE,
+              PREFIX_STIX_INDICATOR : NS_STIX_INDICATOR}
+    
+    def __init__(self, schema_dir=None, use_schemaloc=False, best_practices=False):
+        super(STIXValidator, self).__init__(schema_dir, use_schemaloc)
+        self.best_practices = best_practices
+        
+    def _check_id_presence_and_format(self, instance_doc):
+        return_dict = {'no_id' : [],
+                       'format' : []}
+        
+        elements_to_check = ['stix:Campaign',
+                             'stix:Course_Of_Action',
+                             'stix:Exploit_Target',
+                             'stix:Incident',
+                             'stix:Indicator',
+                             'stix:STIX_Package',
+                             'stix:Thread_Actor',
+                             'stix:TTP',
+                             'cybox:Observable',
+                             'cybox:Object',
+                             'cybox:Event',
+                             'cybox:Action']
+    
+        for tag in elements_to_check:
+            xpath = ".//%s" % (tag)
+            elements = instance_doc.xpath(xpath, namespaces=self.NS_MAP)
+            
+            for e in elements:
+                try:
+                    if not re.match(r'\w+:\w+-', e.attrib['id']): # not the best regex
+                        return_dict['format'].append(e)
+                except KeyError as ex:
+                    return_dict['no_id'].append(e)
+            
+        return return_dict
+    
+    def _check_duplicate_ids(self, instance_doc):
+        dict_id_nodes = defaultdict(list)
+        dup_dict = {}
+        xpath_all_nodes_with_ids = "//*[@id]"
+        
+        all_nodes_with_ids = instance_doc.xpath(xpath_all_nodes_with_ids)
+        for node in all_nodes_with_ids:
+            dict_id_nodes[node.attrib['id']].append(node)
+        
+        for k,v in dict_id_nodes.iteritems():
+            if len(v) > 1:
+                dup_dict[k] = v
+        
+        return dup_dict
+    
+    def _check_idref_resolution(self, instance_doc):
+        list_unresolved_ids = []
+        xpath_all_idrefs = "//*[@idref]"
+        xpath_all_ids = "//@id"
+        
+        all_idrefs = instance_doc.xpath(xpath_all_idrefs)
+        all_ids = instance_doc.xpath(xpath_all_ids)
+        
+        for node in all_idrefs:
+            if node.attrib['idref'] not in all_ids:
+                list_unresolved_ids.append(node)
+                
+        return list_unresolved_ids
+                
+    def _check_idref_with_content(self, instance_doc):
+        list_nodes = []
+        xpath = "//*[@idref]"
+        nodes = instance_doc.xpath(xpath)
+        
+        for node in nodes:
+            if node.text or len(node) > 0:
+                list_nodes.append(node)
+                
+        return list_nodes
+    
+    def _check_indicator_practices(self, instance_doc):
+        list_indicators = []
+        xpath = "//%s:Indicator | %s:Indicator" % (self.PREFIX_STIX_CORE, self.PREFIX_STIX_INDICATOR)
+        
+        nodes = instance_doc.xpath(xpath, namespaces=self.NS_MAP)
+        for node in nodes:
+            dict_indicator = {}
+            if not node.attrib.get('idref'): # if this is not an idref node, look at its content
+                if node.find('{%s}Title' % (self.NS_STIX_INDICATOR)) is None:
+                    dict_indicator['title'] = False
+                if node.find('{%s}Description' % (self.NS_STIX_INDICATOR)) is None:
+                    dict_indicator['description'] = False
+                if node.find('{%s}Type' % (self.NS_STIX_INDICATOR)) is None:
+                    dict_indicator['type'] = False
+                if node.find('{%s}Valid_Time_Position' % (self.NS_STIX_INDICATOR)) is None:
+                    dict_indicator['valid_time_position'] = False
+                if node.find('{%s}Indicated_TTP' % (self.NS_STIX_INDICATOR)) is None:
+                    dict_indicator['indicated_ttp'] = False
+                if node.find('{%s}Confidence' % (self.NS_STIX_INDICATOR)) is None:
+                    dict_indicator['confidence'] = False
+                
+                if dict_indicator:
+                    dict_indicator['id'] = node.attrib.get('id')
+                    dict_indicator['node'] = node
+                    list_indicators.append(dict_indicator)
+                
+        return list_indicators
+ 
+    def check_best_practices(self, instance_doc):
+        instance_doc.seek(0)
+        tree = et.parse(instance_doc)
+        root = tree.getroot()
+        
+        list_unresolved_idrefs = self._check_idref_resolution(root)
+        dict_duplicate_ids = self._check_duplicate_ids(root)
+        dict_presence_and_format = self._check_id_presence_and_format(root)
+        list_idref_with_content = self._check_idref_with_content(root)
+        list_indicators = self._check_indicator_practices(root)
+        
+        return {'unresolved_idrefs' : list_unresolved_idrefs,
+                'duplicate_ids' : dict_duplicate_ids,
+                'missing_ids' : dict_presence_and_format['no_id'],
+                'id_format' : dict_presence_and_format['format'],
+                'idref_with_content' : list_idref_with_content,
+                'indicator_suggestions' : list_indicators }
+    
+    def validate(self, instance_doc):
+        '''Validates a STIX document and checks best practice guidance if STIXValidator
+        was initialized with best_practices=True.
+        
+        Best practices will not be checked if the document is schema-invalid.
+        
+        Returns a tuple of (bool, str, dict) for (is valid, validation error, best practice suggestions).
+        
+        Keyword Arguments
+        instance_doc - a file-like object for a STIX instance document
+        '''
+        (isvalid, validation_error) = super(STIXValidator, self).validate(instance_doc)
+        
+        if self.best_practices and isvalid:
+            best_practice_warnings = self.check_best_practices(instance_doc)
+        else:
+            best_practice_warnings = None
+            
+        return (isvalid, validation_error, best_practice_warnings)
+        
  
\ No newline at end of file

From 4a27ca81feed40e8b70e816c023f48821585a43e Mon Sep 17 00:00:00 2001
From: Bryan Worrell <bworrell@mitre.org>
Date: Wed, 11 Sep 2013 18:44:13 -0400
Subject: [PATCH 03/14] Update README.md

---
 stix_validator/README.md | 30 ++++++++++++++++++++++++++++++
 1 file changed, 30 insertions(+)

diff --git a/stix_validator/README.md b/stix_validator/README.md
index e69de29..ceaae17 100644
--- a/stix_validator/README.md
+++ b/stix_validator/README.md
@@ -0,0 +1,30 @@
+# STIX Document Validator (sdv) BETA
+A python tool used to validate STIX v1.0 instance documents. For more information about the
+Structured Thread Information eXpression, see http://stix.mitre.org.
+
+## Dependencies
+The STIX Document Validator has the following dependencies:
+* Python v2.7 http://python.org/download
+* lxml >= v3.2.0 http://lxml.de/index.html#download
+  * libxml2 >= v2.9.1 http://www.xmlsoft.org/downloads.html
+
+## Use
+The STIX Document Validator can validate a STIX v1.0 instance document against STIX v1.0 schemas
+found locally or referenced remotely through the schemaLocation attribute.
+
+Validate against local schemas:
+`python sdv.py --input-file stix_foo.xml --schema-dir schema`
+
+Validate using schemaLocation:
+`python sdv.py --input-file <stix_document.xml> --use-schemaloc`
+
+Validate a directory of STIX documents:
+`python sdv.py --input-dir <stix_dir> --schema-dir schema`
+
+
+## Terms
+BY USING THE STIX DOCUMENT VALIDATOR, YOU SIGNIFY YOUR ACCEPTANCE OF THE 
+TERMS AND CONDITIONS OF USE.  IF YOU DO NOT AGREE TO THESE TERMS, DO NOT USE 
+THE STIX DOCUMENT VALIDATOR.
+
+For more information, please refer to the LICENSE.txt file

From cb631113c9b7dd818e5751f6c3f91f1abb645115 Mon Sep 17 00:00:00 2001
From: Bryan Worrell <bworrell@mitre.org>
Date: Wed, 11 Sep 2013 18:49:25 -0400
Subject: [PATCH 04/14] Update README.md

---
 stix_validator/README.md | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/stix_validator/README.md b/stix_validator/README.md
index ceaae17..08d0bf7 100644
--- a/stix_validator/README.md
+++ b/stix_validator/README.md
@@ -21,6 +21,10 @@ Validate using schemaLocation:
 Validate a directory of STIX documents:
 `python sdv.py --input-dir <stix_dir> --schema-dir schema`
 
+## All STIX Documents?
+The STIX Document Validator bundles a schema directory with it, which includes all STIX v1.0 
+schema files. If an instance document uses constructs or languages defined by other schemas
+a user must point the STIX Document Validator at those schemas in order to validate.
 
 ## Terms
 BY USING THE STIX DOCUMENT VALIDATOR, YOU SIGNIFY YOUR ACCEPTANCE OF THE 

From 4d4917b16052e919610b50590ba3c7ee4fd3574a Mon Sep 17 00:00:00 2001
From: Bryan Worrell <bworrell@mitre.org>
Date: Wed, 11 Sep 2013 18:54:32 -0400
Subject: [PATCH 05/14] Update README.md

---
 stix_validator/README.md | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/stix_validator/README.md b/stix_validator/README.md
index 08d0bf7..bd96aca 100644
--- a/stix_validator/README.md
+++ b/stix_validator/README.md
@@ -8,6 +8,10 @@ The STIX Document Validator has the following dependencies:
 * lxml >= v3.2.0 http://lxml.de/index.html#download
   * libxml2 >= v2.9.1 http://www.xmlsoft.org/downloads.html
 
+**NOTE:** Older versions of libxml2 do not work properly and may result in undesirable behavior.
+To see what version of libxml2 you have installed, execute the `xml2-config --version` command
+and make sure you are running at least v2.9.1.
+
 ## Use
 The STIX Document Validator can validate a STIX v1.0 instance document against STIX v1.0 schemas
 found locally or referenced remotely through the schemaLocation attribute.

From 2c2a9200a55c55f38168d0b49f80e5682adc5dca Mon Sep 17 00:00:00 2001
From: Bryan Worrell <bworrell@mitre.org>
Date: Wed, 11 Sep 2013 19:01:20 -0400
Subject: [PATCH 06/14] Update README.md

---
 stix_validator/README.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/stix_validator/README.md b/stix_validator/README.md
index bd96aca..de10adb 100644
--- a/stix_validator/README.md
+++ b/stix_validator/README.md
@@ -17,7 +17,7 @@ The STIX Document Validator can validate a STIX v1.0 instance document against S
 found locally or referenced remotely through the schemaLocation attribute.
 
 Validate against local schemas:
-`python sdv.py --input-file stix_foo.xml --schema-dir schema`
+`python sdv.py --input-file <stix_document.xml> --schema-dir schema`
 
 Validate using schemaLocation:
 `python sdv.py --input-file <stix_document.xml> --use-schemaloc`

From 3f92a0d29a00981244ae4d955484ae4b202b1ac8 Mon Sep 17 00:00:00 2001
From: Bryan Worrell <bworrell@mitre.org>
Date: Thu, 12 Sep 2013 13:47:41 -0400
Subject: [PATCH 07/14] Update README.md

---
 stix_validator/README.md | 6 +++++-
 1 file changed, 5 insertions(+), 1 deletion(-)

diff --git a/stix_validator/README.md b/stix_validator/README.md
index de10adb..ae16e24 100644
--- a/stix_validator/README.md
+++ b/stix_validator/README.md
@@ -14,7 +14,8 @@ and make sure you are running at least v2.9.1.
 
 ## Use
 The STIX Document Validator can validate a STIX v1.0 instance document against STIX v1.0 schemas
-found locally or referenced remotely through the schemaLocation attribute.
+found locally or referenced remotely through the schemaLocation attribute. It can also perform
+some 'best practice' guidance checks.
 
 Validate against local schemas:
 `python sdv.py --input-file <stix_document.xml> --schema-dir schema`
@@ -25,6 +26,9 @@ Validate using schemaLocation:
 Validate a directory of STIX documents:
 `python sdv.py --input-dir <stix_dir> --schema-dir schema`
 
+Check 'best practice' guidance
+`python sdv.py --input-file <stix_document.xml> --best-practices`
+
 ## All STIX Documents?
 The STIX Document Validator bundles a schema directory with it, which includes all STIX v1.0 
 schema files. If an instance document uses constructs or languages defined by other schemas

From 8fe1ad771c42bc79edb95a055258cfd17701f233 Mon Sep 17 00:00:00 2001
From: Bryan Worrell <bworrell@mitre.org>
Date: Thu, 12 Sep 2013 14:03:33 -0400
Subject: [PATCH 08/14] fixed typo in STIXValidator

---
 stix_validator/validator.py | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/stix_validator/validator.py b/stix_validator/validator.py
index 6628d98..6059505 100755
--- a/stix_validator/validator.py
+++ b/stix_validator/validator.py
@@ -182,7 +182,7 @@ def _check_id_presence_and_format(self, instance_doc):
                              'stix:Incident',
                              'stix:Indicator',
                              'stix:STIX_Package',
-                             'stix:Thread_Actor',
+                             'stix:Threat_Actor',
                              'stix:TTP',
                              'cybox:Observable',
                              'cybox:Object',

From 9fff536b4d509d5ab0807bc1b10c38e2f9b5c2c4 Mon Sep 17 00:00:00 2001
From: Bryan Worrell <bworrell@mitre.org>
Date: Thu, 12 Sep 2013 14:25:09 -0400
Subject: [PATCH 09/14] added docstrings to STIXValidator class and changed
 returned dictionary in STIXValidator._check_indicator_practices() method.

---
 stix_validator/sdv.py       | 18 ++--------
 stix_validator/validator.py | 70 +++++++++++++++++++++++++++++++++----
 2 files changed, 65 insertions(+), 23 deletions(-)

diff --git a/stix_validator/sdv.py b/stix_validator/sdv.py
index 09922d3..d6bd7fc 100755
--- a/stix_validator/sdv.py
+++ b/stix_validator/sdv.py
@@ -72,22 +72,8 @@ def print_result(fp, isvalid, validation_error, warnings):
             if indicator_suggestions:
                 print '    [~] Indicator suggestions'
                 for indicator_dict in indicator_suggestions:
-                    node = indicator_dict['node']
-                    list_missing = []
-                    if not indicator_dict.get('title', True):
-                        list_missing.append('Title')
-                    if not indicator_dict.get('description', True):
-                        list_missing.append('Description')
-                    if not indicator_dict.get('type', True):
-                        list_missing.append('Type')
-                    if not indicator_dict.get('valid_time_position', True):
-                        list_missing.append('Valid_Time_Position')
-                    if not indicator_dict.get('indicated_ttp', True):
-                        list_missing.append('Indicated_TTP')
-                    if not indicator_dict.get('confidence', True):
-                        list_missing.append('Confidence')
-                    
-                    print '    [~] id: [%s] line: [%s] missing: %s' % (indicator_dict.get('id'), node.sourceline, list_missing)
+                    node = indicator_dict['node']                    
+                    print '    [~] id: [%s] line: [%s] missing: %s' % (indicator_dict.get('id'), node.sourceline, indicator_dict.get('missing'))
                     
     else:
         print "[!] %s : INVALID : [%s]" % (fp, str(validation_error))
diff --git a/stix_validator/validator.py b/stix_validator/validator.py
index 6059505..a75f6b2 100755
--- a/stix_validator/validator.py
+++ b/stix_validator/validator.py
@@ -173,6 +173,16 @@ def __init__(self, schema_dir=None, use_schemaloc=False, best_practices=False):
         self.best_practices = best_practices
         
     def _check_id_presence_and_format(self, instance_doc):
+        '''Checks that the core STIX/CybOX constructs in the STIX instance document
+        have ids and that each id is formatted as [ns_prefix]:[object-type]-[GUID].
+        
+        Returns a dictionary of lists. Each dictionary has the following keys:
+        no_id - a list of etree Element objects for all nodes without ids
+        format - a list of etree Element objects with ids not formatted as [ns_prefix]:[object-type]-[GUID]
+    
+        Keyword Arguments
+        instance_doc - an etree Element object for a STIX instance document
+        '''
         return_dict = {'no_id' : [],
                        'format' : []}
         
@@ -203,6 +213,15 @@ def _check_id_presence_and_format(self, instance_doc):
         return return_dict
     
     def _check_duplicate_ids(self, instance_doc):
+        '''Looks for duplicate ids in a STIX instance document. 
+        
+        Returns a dictionary of lists. Each dictionary uses the offending
+        id as a key, which points to a list of etree Element nodes which
+        use that id.
+        
+        Keyword Arguments
+        instance_doc - an etree.Element object for a STIX instance document
+        '''
         dict_id_nodes = defaultdict(list)
         dup_dict = {}
         xpath_all_nodes_with_ids = "//*[@id]"
@@ -218,6 +237,12 @@ def _check_duplicate_ids(self, instance_doc):
         return dup_dict
     
     def _check_idref_resolution(self, instance_doc):
+        '''Checks that all idref attributes in the input document resolve to a local element.
+        Returns a list etree.Element nodes with unresolveable idrefs.
+        
+        Keyword Arguments
+        instance_doc - an etree.Element object for a STIX instance document
+        '''
         list_unresolved_ids = []
         xpath_all_idrefs = "//*[@idref]"
         xpath_all_ids = "//@id"
@@ -232,6 +257,12 @@ def _check_idref_resolution(self, instance_doc):
         return list_unresolved_ids
                 
     def _check_idref_with_content(self, instance_doc):
+        '''Looks for elements that have an idref attribute set, but also have content.
+        Returns a list of etree.Element nodes.
+        
+        Keyword Arguments:
+        instance_doc - an etree.Element object for a STIX instance document
+        '''
         list_nodes = []
         xpath = "//*[@idref]"
         nodes = instance_doc.xpath(xpath)
@@ -243,25 +274,36 @@ def _check_idref_with_content(self, instance_doc):
         return list_nodes
     
     def _check_indicator_practices(self, instance_doc):
+        '''Looks for STIX Indicators that are missing a Title, Description, Type, Valid_Time_Position, 
+        Indicated_TTP, and/or Confidence
+        
+        Returns a list of dictionaries. Each dictionary has the following keys:
+        id - the id of the indicator
+        node - the etree.Element object for the indicator
+        missing - a list of constructs missing from the indicator
+        
+        Keyword Arguments
+        instance_doc - etree Element for a STIX instance document
+        '''
         list_indicators = []
         xpath = "//%s:Indicator | %s:Indicator" % (self.PREFIX_STIX_CORE, self.PREFIX_STIX_INDICATOR)
         
         nodes = instance_doc.xpath(xpath, namespaces=self.NS_MAP)
         for node in nodes:
-            dict_indicator = {}
+            dict_indicator = defaultdict(list)
             if not node.attrib.get('idref'): # if this is not an idref node, look at its content
                 if node.find('{%s}Title' % (self.NS_STIX_INDICATOR)) is None:
-                    dict_indicator['title'] = False
+                    dict_indicator['missing'].append('Title')
                 if node.find('{%s}Description' % (self.NS_STIX_INDICATOR)) is None:
-                    dict_indicator['description'] = False
+                    dict_indicator['missing'].append('Description')
                 if node.find('{%s}Type' % (self.NS_STIX_INDICATOR)) is None:
-                    dict_indicator['type'] = False
+                    dict_indicator['missing'].append('Type')
                 if node.find('{%s}Valid_Time_Position' % (self.NS_STIX_INDICATOR)) is None:
-                    dict_indicator['valid_time_position'] = False
+                    dict_indicator['missing'].append('Valid_Time_Position')
                 if node.find('{%s}Indicated_TTP' % (self.NS_STIX_INDICATOR)) is None:
-                    dict_indicator['indicated_ttp'] = False
+                    dict_indicator['missing'].append('TTP')
                 if node.find('{%s}Confidence' % (self.NS_STIX_INDICATOR)) is None:
-                    dict_indicator['confidence'] = False
+                    dict_indicator['missing'].append('Confidence')
                 
                 if dict_indicator:
                     dict_indicator['id'] = node.attrib.get('id')
@@ -271,6 +313,20 @@ def _check_indicator_practices(self, instance_doc):
         return list_indicators
  
     def check_best_practices(self, instance_doc):
+        '''Checks that a STIX instance document is following best practice guidance.
+        
+        Looks for the following:
+        + idrefs that do not resolve locally
+        + elements with duplicate ids
+        + elements without ids
+        + elements with ids not formatted as [ns_prefix]:[object-type]-[GUID]
+        + indicators missing a Title, Description, Type, Valid_Time_Position, Indicated_TTP, and/or Confidence
+        
+        Returns a dictionary of lists and other dictionaries. This is maybe not ideal but workable.
+        
+        Keyword Arguments
+        instance_doc - a file-like object for a STIX instance document
+        '''
         instance_doc.seek(0)
         tree = et.parse(instance_doc)
         root = tree.getroot()

From 9d59ce123e7e703624389058f55b37799906cf2e Mon Sep 17 00:00:00 2001
From: Bryan Worrell <bworrell@mitre.org>
Date: Thu, 12 Sep 2013 15:17:37 -0400
Subject: [PATCH 10/14] Update README.md

---
 stix_validator/README.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/stix_validator/README.md b/stix_validator/README.md
index ae16e24..c68a850 100644
--- a/stix_validator/README.md
+++ b/stix_validator/README.md
@@ -27,7 +27,7 @@ Validate a directory of STIX documents:
 `python sdv.py --input-dir <stix_dir> --schema-dir schema`
 
 Check 'best practice' guidance
-`python sdv.py --input-file <stix_document.xml> --best-practices`
+`python sdv.py --input-file <stix_document.xml> --schema-dir schema --best-practices`
 
 ## All STIX Documents?
 The STIX Document Validator bundles a schema directory with it, which includes all STIX v1.0 

From 46b0fbb8e9f6107af05db5ddda6e1496cc3177b7 Mon Sep 17 00:00:00 2001
From: Bryan Worrell <bworrell@mitre.org>
Date: Thu, 12 Sep 2013 16:07:20 -0400
Subject: [PATCH 11/14] fixed issue where parsing exceptions result in stack
 traces

---
 stix_validator/validator.py | 7 +++++--
 1 file changed, 5 insertions(+), 2 deletions(-)

diff --git a/stix_validator/validator.py b/stix_validator/validator.py
index a75f6b2..e19cde0 100755
--- a/stix_validator/validator.py
+++ b/stix_validator/validator.py
@@ -124,9 +124,12 @@ def validate(self, instance_doc):
         if not(self.__use_schemaloc or self.__imports):
             return (False, "No schemas to validate against! Try instantiating XmlValidator with use_schemaloc=True or setting the schema_dir")
         
-        instance_doc = et.parse(instance_doc)
-        instance_root = instance_doc.getroot()
+        try:
+            instance_doc = et.parse(instance_doc)
+        except et.XMLSyntaxError as e:
+            return (False, str(e))
         
+        instance_root = instance_doc.getroot()
         if self.__use_schemaloc:
             try:
                 required_imports = self._extract_schema_locations(instance_root)

From ebb7b2f44cfce8dbdd8655e55a5b2d0da83a4d19 Mon Sep 17 00:00:00 2001
From: Bryan Worrell <bworrell@mitre.org>
Date: Thu, 12 Sep 2013 16:08:05 -0400
Subject: [PATCH 12/14] changed os.walk() to os.listdir() for when --input-dir
 is used, fixing directory traversal behavior

---
 stix_validator/sdv.py | 9 ++++-----
 1 file changed, 4 insertions(+), 5 deletions(-)

diff --git a/stix_validator/sdv.py b/stix_validator/sdv.py
index d6bd7fc..06c3490 100755
--- a/stix_validator/sdv.py
+++ b/stix_validator/sdv.py
@@ -13,11 +13,10 @@
 def get_files_to_validate(dir):
     '''Return a list of xml files under a directory'''
     to_validate = []
-    for top, dirs, files in os.walk(dir):
-        for fn in files:
-            if fn.endswith('.xml'):
-                fp = os.path.join(top, fn)
-                to_validate.append(fp)
+    for fn in os.listdir(dir):
+        if fn.endswith('.xml'):
+            fp = os.path.join(dir, fn)
+            to_validate.append(fp)
     
     return to_validate
 

From 8625b1f702cfd7dc5782a89bcba7b3125cce4f2e Mon Sep 17 00:00:00 2001
From: Bryan Worrell <bworrell@mitre.org>
Date: Thu, 12 Sep 2013 16:19:49 -0400
Subject: [PATCH 13/14] added best practice validator method that checks if
 root element is STIX_Package

---
 stix_validator/validator.py | 11 ++++++++++-
 1 file changed, 10 insertions(+), 1 deletion(-)

diff --git a/stix_validator/validator.py b/stix_validator/validator.py
index e19cde0..ea6eb56 100755
--- a/stix_validator/validator.py
+++ b/stix_validator/validator.py
@@ -315,6 +315,13 @@ def _check_indicator_practices(self, instance_doc):
                 
         return list_indicators
  
+    def _check_root_element(self, instance_doc):
+        if instance_doc.tag != "{%s}STIX_Package" % (self.NS_STIX_CORE):
+            return instance_doc
+        else:
+            return None
+            
+ 
     def check_best_practices(self, instance_doc):
         '''Checks that a STIX instance document is following best practice guidance.
         
@@ -334,13 +341,15 @@ def check_best_practices(self, instance_doc):
         tree = et.parse(instance_doc)
         root = tree.getroot()
         
+        root_element = self._check_root_element(root)
         list_unresolved_idrefs = self._check_idref_resolution(root)
         dict_duplicate_ids = self._check_duplicate_ids(root)
         dict_presence_and_format = self._check_id_presence_and_format(root)
         list_idref_with_content = self._check_idref_with_content(root)
         list_indicators = self._check_indicator_practices(root)
         
-        return {'unresolved_idrefs' : list_unresolved_idrefs,
+        return {'root_element' : root_element,
+                'unresolved_idrefs' : list_unresolved_idrefs,
                 'duplicate_ids' : dict_duplicate_ids,
                 'missing_ids' : dict_presence_and_format['no_id'],
                 'id_format' : dict_presence_and_format['format'],

From a8c1ae6f869cf757edfd7acb8ff1ab6fc96d4900 Mon Sep 17 00:00:00 2001
From: Bryan Worrell <bworrell@mitre.org>
Date: Thu, 12 Sep 2013 16:20:15 -0400
Subject: [PATCH 14/14] modified output of sdv.py

---
 stix_validator/sdv.py | 29 ++++++++++++++---------------
 1 file changed, 14 insertions(+), 15 deletions(-)

diff --git a/stix_validator/sdv.py b/stix_validator/sdv.py
index 06c3490..523dc5a 100755
--- a/stix_validator/sdv.py
+++ b/stix_validator/sdv.py
@@ -30,46 +30,45 @@ def print_result(fp, isvalid, validation_error, warnings):
         print "[+] %s : VALID" % (fp)
         
         if warnings:
+            root_element = warnings.get('root_element')
+            if root_element is not None:
+                print '    [#] Root element not STIX_Package: [%s]' % (root_element.tag)
+
             duplicate_ids = warnings.get('duplicate_ids')
             if duplicate_ids:
-                print '    [~] Nodes with duplicate ids'
+                print '    [#] Nodes with duplicate ids'
                 for id_, list_nodes in duplicate_ids.iteritems():
                     print '    [~] id: [%s]' % (id_)
                     for node in list_nodes:
                         print '       [%s] line: [%s]' % (node.tag, node.sourceline)
-                print
-            
+      
             missing_ids = warnings.get('missing_ids')
             if missing_ids:
-                print '    [~] Nodes with missing ids'
+                print '    [#] Nodes with missing ids'
                 for node in missing_ids:
                     print '    [~] [%s] line: [%s]' % (node.tag, node.sourceline)
-                print
-            
+    
             unresolved_idrefs = warnings.get('unresolved_idrefs')
             if unresolved_idrefs:
-                print '    [~] Nodes with idrefs that do not resolve'
+                print '    [#] Nodes with idrefs that do not resolve'
                 for node in unresolved_idrefs:
                     print '    [~] [%s] idref: [%s] line: [%s]' % (node.tag, node.attrib.get('idref'), node.sourceline)
-                print
-                
+          
             formatted_ids = warnings.get('id_format')
             if formatted_ids:
-                print '    [~] Nodes with ids not formatted as [ns_prefix]:[object-type]-[GUID]'
+                print '    [#] Nodes with ids not formatted as [ns_prefix]:[object-type]-[GUID]'
                 for node in formatted_ids:
                     print '    [~] [%s] id: [%s] line: [%s]' % (node.tag, node.attrib.get('id'), node.sourceline)
-                print
-            
+
             idrefs_with_content = warnings.get('idref_with_content')
             if idrefs_with_content:
-                print '    [~] Nodes that declare idrefs but also contain content'
+                print '    [#] Nodes that declare idrefs but also contain content'
                 for node in idrefs_with_content:
                     print '    [~] [%s] idref: [%s] line: [%s]' % (node.tag, node.attrib.get('idref'), node.sourceline)
-                print
                 
             indicator_suggestions = warnings.get('indicator_suggestions')
             if indicator_suggestions:
-                print '    [~] Indicator suggestions'
+                print '    [#] Indicator suggestions'
                 for indicator_dict in indicator_suggestions:
                     node = indicator_dict['node']                    
                     print '    [~] id: [%s] line: [%s] missing: %s' % (indicator_dict.get('id'), node.sourceline, indicator_dict.get('missing'))