def update_asset_properties(self, props, name, existing_params=None): if existing_params is None: asset = self.get_asset_by_name(name, simplify=False) existing_params = AssetParameters( assetName=asset.theName, shortCode=asset.theShortCode, assetDesc=asset.theDescription, assetSig=asset.theSignificance, assetType=asset.theType, cFlag=asset.isCritical, cRationale=asset.theCriticalRationale, tags=asset.theTags, ifs=asset.theInterfaces, cProperties=[] ) existing_params.setId(asset.theId) existing_params.theEnvironmentProperties = props try: self.db_proxy.updateAsset(existing_params) except DatabaseProxyException as ex: self.close() raise ARMHTTPError(ex) except ARMException as ex: self.close() raise ARMHTTPError(ex)
def testAsset(self): iaeps = [AssetEnvironmentProperties(self.iassets[0]["theEnvironmentProperties"][0][0],self.iassets[0]["theEnvironmentProperties"][0][1],self.iassets[0]["theEnvironmentProperties"][0][2])] iap = AssetParameters(self.iassets[0]["theName"],self.iassets[0]["theShortCode"],self.iassets[0]["theDescription"],self.iassets[0]["theSignificance"],self.iassets[0]["theType"],"0","N/A",[],[],iaeps) b = Borg() b.dbProxy.addAsset(iap) oaps = b.dbProxy.getAssets() oap = oaps[self.iassets[0]["theName"]] self.assertEqual(iap.name(), oap.name()) self.assertEqual(iap.shortCode(),oap.shortCode()) self.assertEqual(iap.description(),oap.description()) self.assertEqual(iap.significance(),oap.significance()) oaeps = oap.environmentProperties() self.assertEqual(iaeps[0].name(), oaeps[0].name()) self.assertEqual(str(iaeps[0].properties()[0]), str(oaeps[0].properties()[0])) self.assertEqual(str(iaeps[0].properties()[1]), str(oaeps[0].properties()[1])) self.assertEqual(str(iaeps[0].properties()[2]), str(oaeps[0].properties()[2])) self.assertEqual(str(iaeps[0].properties()[3]), str(oaeps[0].properties()[3])) self.assertEqual(str(iaeps[0].properties()[4]), str(oaeps[0].properties()[4])) self.assertEqual(str(iaeps[0].properties()[5]), str(oaeps[0].properties()[5])) self.assertEqual(str(iaeps[0].properties()[6]), str(oaeps[0].properties()[6])) self.assertEqual(str(iaeps[0].properties()[7]), str(oaeps[0].properties()[7])) self.assertEqual(iaeps[0].rationale()[0], oaeps[0].rationale()[0]) self.assertEqual(iaeps[0].rationale()[1], oaeps[0].rationale()[1]) self.assertEqual(iaeps[0].rationale()[2], oaeps[0].rationale()[2]) self.assertEqual(iaeps[0].rationale()[3], oaeps[0].rationale()[3]) self.assertEqual(iaeps[0].rationale()[4], oaeps[0].rationale()[4]) self.assertEqual(iaeps[0].rationale()[5], oaeps[0].rationale()[5]) self.assertEqual(iaeps[0].rationale()[6], oaeps[0].rationale()[6]) self.assertEqual(iaeps[0].rationale()[7], oaeps[0].rationale()[7]) oaps = b.dbProxy.deleteAsset(oap.id())
def update_object(self, asset, name): params = AssetParameters(assetName=asset.theName, shortCode=asset.theShortCode, assetDesc=asset.theDescription, assetSig=asset.theSignificance, assetType=asset.theType, cFlag=asset.isCritical, cRationale=asset.theCriticalRationale, tags=asset.theTags, ifs=asset.theInterfaces, cProperties=asset.theEnvironmentProperties) try: assetId = self.db_proxy.getDimensionId(name, 'asset') params.setId(assetId) self.db_proxy.updateAsset(params) return asset.theName except ObjectNotFound as ex: self.close() raise ObjectNotFoundHTTPError(ex) except DatabaseProxyException as ex: self.close() raise ARMHTTPError(ex) except ARMException as ex: self.close() raise ARMHTTPError(ex)
def update_asset(self, asset, name): old_asset = self.get_asset_by_name(name, simplify=False) id = old_asset.theId params = AssetParameters( assetName=asset.theName, shortCode=asset.theShortCode, assetDesc=asset.theDescription, assetSig=asset.theSignificance, assetType=asset.theType, cFlag=asset.isCritical, cRationale=asset.theCriticalRationale, tags=asset.theTags, ifs=asset.theInterfaces, cProperties=asset.theEnvironmentProperties ) params.setId(id) try: self.db_proxy.updateAsset(params) except DatabaseProxyException as ex: self.close() raise ARMHTTPError(ex) except ARMException as ex: self.close() raise ARMHTTPError(ex)
def setUp(self): call([os.environ['CAIRIS_SRC'] + "/test/initdb.sh"]) cairis.core.BorgFactory.initialise() f = open(os.environ['CAIRIS_SRC'] + '/test/vulnerabilities.json') d = json.load(f) f.close() b = Borg() self.iVtypes = d['valuetypes'] self.ivt1 = ValueTypeParameters(self.iVtypes[0]["theName"], self.iVtypes[0]["theDescription"], self.iVtypes[0]["theValueType"]) self.ivt2 = ValueTypeParameters(self.iVtypes[1]["theName"], self.iVtypes[1]["theDescription"], self.iVtypes[1]["theValueType"]) b.dbProxy.addValueType(self.ivt1) b.dbProxy.addValueType(self.ivt2) self.oVtypes = b.dbProxy.getValueTypes('vulnerability_type') ienvs = d['environments'] self.iep1 = EnvironmentParameters(ienvs[0]["theName"],ienvs[0]["theShortCode"],ienvs[0]["theDescription"]) self.iep2 = EnvironmentParameters(ienvs[1]["theName"],ienvs[1]["theShortCode"],ienvs[1]["theDescription"]) self.iep3 = EnvironmentParameters(ienvs[2]["theName"],ienvs[2]["theShortCode"],ienvs[2]["theDescription"]) b.dbProxy.addEnvironment(self.iep1) b.dbProxy.addEnvironment(self.iep2) b.dbProxy.addEnvironment(self.iep3) self.oenvs = b.dbProxy.getEnvironments() self.iassets = d['assets'] self.iaeps = [AssetEnvironmentProperties(self.iassets[0]["theEnvironmentProperties"][0][0],self.iassets[0]["theEnvironmentProperties"][0][1],self.iassets[0]["theEnvironmentProperties"][0][2])] self.iap = AssetParameters(self.iassets[0]["theName"],self.iassets[0]["theShortCode"],self.iassets[0]["theDescription"],self.iassets[0]["theSignificance"],self.iassets[0]["theType"],"0","N/A",[],[],self.iaeps) b.dbProxy.addAsset(self.iap) self.oaps = b.dbProxy.getAssets() self.iVuln = d['vulnerabilities']
def setUp(self): call([os.environ['CAIRIS_SRC'] + "/test/initdb.sh"]) cairis.core.BorgFactory.initialise() f = open(os.environ['CAIRIS_SRC'] + '/test/goals.json') d = json.load(f) f.close() self.ienvs = d['environments'] self.iep1 = EnvironmentParameters(self.ienvs[0]["theName"], self.ienvs[0]["theShortCode"], self.ienvs[0]["theDescription"]) b = Borg() b.dbProxy.addEnvironment(self.iep1) self.oenvs = b.dbProxy.getEnvironments() self.iassets = d['assets'] self.iaeps1 = [ AssetEnvironmentProperties( self.iassets[0]["theEnvironmentProperties"][0][0], self.iassets[0]["theEnvironmentProperties"][0][1], self.iassets[0]["theEnvironmentProperties"][0][2]) ] self.iap1 = AssetParameters(self.iassets[0]["theName"], self.iassets[0]["theShortCode"], self.iassets[0]["theDescription"], self.iassets[0]["theSignificance"], self.iassets[0]["theType"], "0", "N/A", [], [], self.iaeps1) b.dbProxy.addAsset(self.iap1) self.oap = b.dbProxy.getAssets() self.iGoals = d['goals']
def update_asset(self, asset, name): params = AssetParameters( assetName=asset.theName, shortCode=asset.theShortCode, assetDesc=asset.theDescription, assetSig=asset.theSignificance, assetType=asset.theType, cFlag=asset.isCritical, cRationale=asset.theCriticalRationale, tags=asset.theTags, ifs=asset.theInterfaces, cProperties=asset.theEnvironmentProperties ) try: assetId = self.db_proxy.getDimensionId(name,'asset') params.setId(assetId) self.db_proxy.updateAsset(params) return asset.theName except ObjectNotFound as ex: self.close() raise ObjectNotFoundHTTPError(ex) except DatabaseProxyException as ex: self.close() raise ARMHTTPError(ex) except ARMException as ex: self.close() raise ARMHTTPError(ex)
def parameters(self): parameters = AssetParameters( self.theAssetName, self.theShortCode, self.theAssetDescription, self.theAssetSignificance, self.theType, self.theCriticalIndicator, self.theCriticalRationale, self.theTags, self.theInterfaces, self.theEnvironmentProperties) parameters.setId(self.theAssetId) return parameters
def setUp(self): call([os.environ['CAIRIS_SRC'] + "/test/initdb.sh"]) cairis.core.BorgFactory.initialise() f = open(os.environ['CAIRIS_SRC'] + '/test/threats.json') d = json.load(f) f.close() self.ienvs = d['environments'] self.iep = EnvironmentParameters(self.ienvs[0]["theName"],self.ienvs[0]["theShortCode"],self.ienvs[0]["theDescription"]) b = Borg() b.dbProxy.addEnvironment(self.iep) self.oenvs = b.dbProxy.getEnvironments() self.iRoles = d['roles'] self.irp = RoleParameters(self.iRoles[0]["theName"], self.iRoles[0]["theType"], self.iRoles[0]["theShortCode"], self.iRoles[0]["theDescription"],[]) b.dbProxy.addRole(self.irp) self.oRoles = b.dbProxy.getRoles() self.iPersonas = d['personas'] self.ipp = PersonaParameters(self.iPersonas[0]["theName"],self.iPersonas[0]["theActivities"],self.iPersonas[0]["theAttitudes"],self.iPersonas[0]["theAptitudes"],self.iPersonas[0]["theMotivations"],self.iPersonas[0]["theSkills"],self.iPersonas[0]["theIntrinsic"],self.iPersonas[0]["theContextual"],"","0",self.iPersonas[0]["thePersonaType"],[],[PersonaEnvironmentProperties(self.iPersonas[0]["theEnvironmentProperties"][0]["theName"],(self.iPersonas[0]["theEnvironmentProperties"][0]["theDirectFlag"] == "True"),self.iPersonas[0]["theEnvironmentProperties"][0]["theNarrative"],self.iPersonas[0]["theEnvironmentProperties"][0]["theRole"])],[]) b.dbProxy.addPersona(self.ipp) self.opp = b.dbProxy.getPersonas() self.iExternalDocuments = d['external_documents'] self.iec1 = ExternalDocumentParameters(self.iExternalDocuments[0]["theName"],self.iExternalDocuments[0]["theVersion"],self.iExternalDocuments[0]["thePublicationDate"],self.iExternalDocuments[0]["theAuthors"],self.iExternalDocuments[0]["theDescription"]) self.iec2 = ExternalDocumentParameters(self.iExternalDocuments[1]["theName"],self.iExternalDocuments[1]["theVersion"],self.iExternalDocuments[1]["thePublicationDate"],self.iExternalDocuments[1]["theAuthors"],self.iExternalDocuments[1]["theDescription"]) b.dbProxy.addExternalDocument(self.iec1) b.dbProxy.addExternalDocument(self.iec2) self.oecs = b.dbProxy.getExternalDocuments() self.iDocumentReferences = d['document_references'] self.idr1 = DocumentReferenceParameters(self.iDocumentReferences[0]["theName"],self.iDocumentReferences[0]["theDocName"],self.iDocumentReferences[0]["theContributor"],self.iDocumentReferences[0]["theExcerpt"]) self.idr2 = DocumentReferenceParameters(self.iDocumentReferences[1]["theName"],self.iDocumentReferences[1]["theDocName"],self.iDocumentReferences[1]["theContributor"],self.iDocumentReferences[1]["theExcerpt"]) b.dbProxy.addDocumentReference(self.idr1) b.dbProxy.addDocumentReference(self.idr2) self.odrs = b.dbProxy.getDocumentReferences() self.iPersonaCharacteristics = d['persona_characteristics'] self.ipc1 = PersonaCharacteristicParameters(self.iPersonaCharacteristics[0]["thePersonaName"],self.iPersonaCharacteristics[0]["theModQual"],self.iPersonaCharacteristics[0]["theVariable"],self.iPersonaCharacteristics[0]["theCharacteristic"],[(self.iPersonaCharacteristics[0]["ground"],'','document')],[(self.iPersonaCharacteristics[0]["warrant"],'','document')],[],[]) b.dbProxy.addPersonaCharacteristic(self.ipc1) self.opcs = b.dbProxy.getPersonaCharacteristics() self.iAttackers = d['attackers'] self.iatkeps = [AttackerEnvironmentProperties(self.iAttackers[0]["theEnvironmentProperties"][0]["theName"],self.iAttackers[0]["theEnvironmentProperties"][0]["theRoles"],self.iAttackers[0]["theEnvironmentProperties"][0]["theMotives"],self.iAttackers[0]["theEnvironmentProperties"][0]["theCapabilities"])] self.iatk = AttackerParameters(self.iAttackers[0]["theName"], self.iAttackers[0]["theDescription"], self.iAttackers[0]["theImage"],[],self.iatkeps) b.dbProxy.addAttacker(self.iatk) self.oAttackers = b.dbProxy.getAttackers() self.iVtypes = d['valuetypes'] self.ivt = ValueTypeParameters(self.iVtypes[0]["theName"], self.iVtypes[0]["theDescription"], self.iVtypes[0]["theType"]) b.dbProxy.addValueType(self.ivt) self.ovt = b.dbProxy.getValueTypes('threat_type') self.iassets = d['assets'] self.iaeps = [AssetEnvironmentProperties(self.iassets[0]["theEnvironmentProperties"][0][0],self.iassets[0]["theEnvironmentProperties"][0][1],self.iassets[0]["theEnvironmentProperties"][0][2])] self.iap = AssetParameters(self.iassets[0]["theName"],self.iassets[0]["theShortCode"],self.iassets[0]["theDescription"],self.iassets[0]["theSignificance"],self.iassets[0]["theType"],"0","N/A",[],[],self.iaeps) b.dbProxy.addAsset(self.iap) self.oap = b.dbProxy.getAssets() self.iThreats = d['threats']
def setUp(self): call([os.environ['CAIRIS_CFG_DIR'] + "/initdb.sh"]) cairis.core.BorgFactory.initialise() f = open(os.environ['CAIRIS_SRC'] + '/test/policy_statements.json') d = json.load(f) f.close() ienvs = d['environments'] iep1 = EnvironmentParameters(ienvs[0]["theName"], ienvs[0]["theShortCode"], ienvs[0]["theDescription"]) b = Borg() b.dbProxy.addEnvironment(iep1) iassets = d['assets'] iaeps1 = AssetEnvironmentProperties( iassets[0]["theEnvironmentProperties"][0][0], iassets[0]["theEnvironmentProperties"][0][1], iassets[0]["theEnvironmentProperties"][0][2]) iap1 = AssetParameters(iassets[0]["theName"], iassets[0]["theShortCode"], iassets[0]["theDescription"], iassets[0]["theSignificance"], iassets[0]["theType"], "0", "N/A", [], [], [iaeps1]) b.dbProxy.addAsset(iap1) iaeps1 = AssetEnvironmentProperties( iassets[1]["theEnvironmentProperties"][0][0], iassets[1]["theEnvironmentProperties"][0][1], iassets[1]["theEnvironmentProperties"][0][2]) iap2 = AssetParameters(iassets[1]["theName"], iassets[1]["theShortCode"], iassets[1]["theDescription"], iassets[1]["theSignificance"], iassets[1]["theType"], "0", "N/A", [], [], [iaeps1]) b.dbProxy.addAsset(iap2) self.iGoals = d['goals'] igep1d = GoalEnvironmentProperties( self.iGoals[0]["theEnvironmentProperties"][0]["theName"], self.iGoals[0]["theEnvironmentProperties"][0]["theLabel"], self.iGoals[0]["theEnvironmentProperties"][0]["theDefinition"], self.iGoals[0]["theEnvironmentProperties"][0]["theCategory"], self.iGoals[0]["theEnvironmentProperties"][0]["thePriority"], self.iGoals[0]["theEnvironmentProperties"][0]["theFitCriterion"], self.iGoals[0]["theEnvironmentProperties"][0]["theIssue"], [], [], self.iGoals[0]["theEnvironmentProperties"][0]["theConcerns"], []) igp1 = GoalParameters(self.iGoals[0]["theName"], self.iGoals[0]["theOriginator"], [], [igep1d]) b.dbProxy.addGoal(igp1) self.iPs = d['policy_statements']
def setUp(self): call([os.environ['CAIRIS_SRC'] + "/test/initdb.sh"]) cairis.core.BorgFactory.initialise() f = open(os.environ['CAIRIS_SRC'] + '/test/locations.json') d = json.load(f) f.close() self.iEnvironments = d['environments'] iep1 = EnvironmentParameters(self.iEnvironments[0]["theName"],self.iEnvironments[0]["theShortCode"],self.iEnvironments[0]["theDescription"]) b = Borg() b.dbProxy.addEnvironment(iep1) self.theEnvironments = b.dbProxy.getEnvironments() self.iRoles = d['roles'] irp = RoleParameters(self.iRoles[0]["theName"], self.iRoles[0]["theType"], self.iRoles[0]["theShortCode"], self.iRoles[0]["theDescription"],[]) b.dbProxy.addRole(irp) self.theRoles = b.dbProxy.getRoles() self.iPersonas = d['personas'] ipp = PersonaParameters(self.iPersonas[0]["theName"],self.iPersonas[0]["theActivities"],self.iPersonas[0]["theAttitudes"],self.iPersonas[0]["theAptitudes"],self.iPersonas[0]["theMotivations"],self.iPersonas[0]["theSkills"],self.iPersonas[0]["theIntrinsic"],self.iPersonas[0]["theContextual"],"","0",self.iPersonas[0]["thePersonaType"],[],[PersonaEnvironmentProperties(self.iPersonas[0]["theEnvironmentProperties"][0]["theName"],(self.iPersonas[0]["theEnvironmentProperties"][0]["theDirectFlag"] == "True"),self.iPersonas[0]["theEnvironmentProperties"][0]["theNarrative"],self.iPersonas[0]["theEnvironmentProperties"][0]["theRole"])],[]) b.dbProxy.addPersona(ipp) thePersonas = b.dbProxy.getPersonas() self.thePersona = thePersonas[self.iPersonas[0]["theName"]] self.iassets = d['assets'] iaeps = [AssetEnvironmentProperties(self.iassets[0]["theEnvironmentProperties"][0][0],self.iassets[0]["theEnvironmentProperties"][0][1],self.iassets[0]["theEnvironmentProperties"][0][2])] iap = AssetParameters(self.iassets[0]["theName"],self.iassets[0]["theShortCode"],self.iassets[0]["theDescription"],self.iassets[0]["theSignificance"],self.iassets[0]["theType"],"0","N/A",[],[],iaeps) b = Borg() b.dbProxy.addAsset(iap) oaps = b.dbProxy.getAssets() self.theAsset = oaps[self.iassets[0]["theName"]] self.ilocations = d['locations']
def importDiagramsNetAssetModel(importFile,envName,session_id): objts, assocs = importDiagramsNetFile(importFile,'asset') b = Borg() db_proxy = b.get_dbproxy(session_id) newAssetCount = 0 for asset in objts: assetName = asset['name'] assetType = asset['type'].capitalize() if (db_proxy.existingObject(assetName,'asset') == -1): db_proxy.addAsset(AssetParameters(assetName,asset['short_code'],asset['description'],asset['significance'],assetType,0,'',[],[],[AssetEnvironmentProperties(envName,asset['properties'],asset['rationale'])])) newAssetCount += 1 newAssocCount = 0 for assoc in assocs: headAsset = assoc['head'] tailAsset = assoc['tail'] try: db_proxy.checkAssetAssociation(envName,headAsset,tailAsset) db_proxy.addClassAssociation(ClassAssociationParameters(envName,headAsset,'asset',assoc['headNav'],assoc['headType'],'*','','','*',assoc['tailType'],assoc['tailNav'],'asset',tailAsset,'To be defined')) newAssocCount += 1 except DatabaseProxyException as ex: if str(ex.value).find('already exists') == -1: raise ARMException(str(ex.value)) msgStr = 'Imported ' + str(newAssetCount) + ' asset' if (newAssetCount != 1): msgStr += 's' msgStr += ', and ' + str(newAssocCount) + ' asset association' if (newAssocCount != 1): msgStr += 's' msgStr += '.' return msgStr
def setUpClass(cls): call([os.environ['CAIRIS_CFG_DIR'] + "/initdb.sh"]) cairis.core.BorgFactory.initialise() f = open(os.environ['CAIRIS_SRC'] + '/test/dataflow.json') d = json.load(f) f.close() iEnvironments = d['environments'] iep1 = EnvironmentParameters(iEnvironments[0]["theName"], iEnvironments[0]["theShortCode"], iEnvironments[0]["theDescription"]) b = Borg() b.dbProxy.addEnvironment(iep1) iRoles = d['roles'] irp = RoleParameters(iRoles[0]["theName"], iRoles[0]["theType"], iRoles[0]["theShortCode"], iRoles[0]["theDescription"], []) b.dbProxy.addRole(irp) iUseCases = d['use_cases'] ucName = iUseCases[0]["theName"] ucAuthor = iUseCases[0]["theAuthor"] ucCode = iUseCases[0]["theCode"] ucDesc = iUseCases[0]["theDescription"] ucActor = iUseCases[0]["theActor"] ucEnv = iUseCases[0]["theEnvironments"][0] ucEnvName = ucEnv["theName"] ucPre = ucEnv["thePreconditions"] ucPost = ucEnv["thePostconditions"] ss = Steps() for ucStep in ucEnv["theFlow"]: ss.append(Step(ucStep["theDescription"])) ucep = UseCaseEnvironmentProperties(ucEnvName, ucPre, ss, ucPost) iuc = UseCaseParameters(ucName, ucAuthor, ucCode, [ucActor], ucDesc, [], [ucep]) b = Borg() b.dbProxy.addUseCase(iuc) for iAsset in d['assets']: iaeps = [ AssetEnvironmentProperties( iAsset["theEnvironmentProperties"][0][0], iAsset["theEnvironmentProperties"][0][1], iAsset["theEnvironmentProperties"][0][2]) ] iap = AssetParameters(iAsset["theName"], iAsset["theShortCode"], iAsset["theDescription"], iAsset["theSignificance"], iAsset["theType"], "0", "N/A", [], [], iaeps) b.dbProxy.addAsset(iap)
def testAsset(self): iaeps = [AssetEnvironmentProperties(self.iassets[0]["theEnvironmentProperties"][0][0],self.iassets[0]["theEnvironmentProperties"][0][1],self.iassets[0]["theEnvironmentProperties"][0][2])] iap = AssetParameters(self.iassets[0]["theName"],self.iassets[0]["theShortCode"],self.iassets[0]["theDescription"],self.iassets[0]["theSignificance"],self.iassets[0]["theType"],"0","N/A",[],[],iaeps) b = Borg() b.dbProxy.addAsset(iap) oaps = b.dbProxy.getAssets() oap = oaps[self.iassets[0]["theName"]] self.assertEqual(iap.name(), oap.name()) self.assertEqual(iap.shortCode(),oap.shortCode()) self.assertEqual(iap.description(),oap.description()) self.assertEqual(iap.significance(),oap.significance()) oaeps = oap.environmentProperties() self.assertEqual(iaeps[0].name(), oaeps[0].name()) self.assertEqual(str(iaeps[0].properties()[0]), str(oaeps[0].properties()[0])) self.assertEqual(str(iaeps[0].properties()[1]), str(oaeps[0].properties()[1])) self.assertEqual(str(iaeps[0].properties()[2]), str(oaeps[0].properties()[2])) self.assertEqual(str(iaeps[0].properties()[3]), str(oaeps[0].properties()[3])) self.assertEqual(str(iaeps[0].properties()[4]), str(oaeps[0].properties()[4])) self.assertEqual(str(iaeps[0].properties()[5]), str(oaeps[0].properties()[5])) self.assertEqual(str(iaeps[0].properties()[6]), str(oaeps[0].properties()[6])) self.assertEqual(str(iaeps[0].properties()[7]), str(oaeps[0].properties()[7])) self.assertEqual(iaeps[0].rationale()[0], oaeps[0].rationale()[0]) self.assertEqual(iaeps[0].rationale()[1], oaeps[0].rationale()[1]) self.assertEqual(iaeps[0].rationale()[2], oaeps[0].rationale()[2]) self.assertEqual(iaeps[0].rationale()[3], oaeps[0].rationale()[3]) self.assertEqual(iaeps[0].rationale()[4], oaeps[0].rationale()[4]) self.assertEqual(iaeps[0].rationale()[5], oaeps[0].rationale()[5]) self.assertEqual(iaeps[0].rationale()[6], oaeps[0].rationale()[6]) self.assertEqual(iaeps[0].rationale()[7], oaeps[0].rationale()[7]) envName = self.iassets[0]["theEnvironmentProperties"][0][0] self.assertEqual(str(iaeps[0].properties()[0]), str(oap.securityProperties(envName,'',envName)[0])) self.assertEqual(str(iaeps[0].properties()[1]), str(oap.securityProperties(envName,'',envName)[1])) self.assertEqual(str(iaeps[0].properties()[2]), str(oap.securityProperties(envName,'',envName)[2])) self.assertEqual(str(iaeps[0].properties()[3]), str(oap.securityProperties(envName,'',envName)[3])) self.assertEqual(str(iaeps[0].properties()[4]), str(oap.securityProperties(envName,'',envName)[4])) self.assertEqual(str(iaeps[0].properties()[5]), str(oap.securityProperties(envName,'',envName)[5])) self.assertEqual(str(iaeps[0].properties()[6]), str(oap.securityProperties(envName,'',envName)[6])) self.assertEqual(str(iaeps[0].properties()[7]), str(oap.securityProperties(envName,'',envName)[7])) oap.theShortCode = 'TESTCODE' oap.theAssetPropertyDictionary['Psychosis'].theSecurityProperties[0] = 1; b.dbProxy.updateAsset(oap) oaps2 = b.dbProxy.getAssets(oap.id()) oap2 = oaps[self.iassets[0]["theName"]] self.assertEqual(oap2.shortCode(),'TESTCODE') oaps = b.dbProxy.deleteAsset(oap.id())
def testAsset(self): iaeps = [ AssetEnvironmentProperties( self.iassets[0]["theEnvironmentProperties"][0][0], self.iassets[0]["theEnvironmentProperties"][0][1], self.iassets[0]["theEnvironmentProperties"][0][2]) ] iap = AssetParameters(self.iassets[0]["theName"], self.iassets[0]["theShortCode"], self.iassets[0]["theDescription"], self.iassets[0]["theSignificance"], self.iassets[0]["theType"], "0", "N/A", [], [], iaeps) b = Borg() b.dbProxy.addAsset(iap) oaps = b.dbProxy.getAssets() oap = oaps[self.iassets[0]["theName"]] self.assertEqual(iap.name(), oap.name()) self.assertEqual(iap.shortCode(), oap.shortCode()) self.assertEqual(iap.description(), oap.description()) self.assertEqual(iap.significance(), oap.significance()) oaeps = oap.environmentProperties() self.assertEqual(iaeps[0].name(), oaeps[0].name()) self.assertEqual(str(iaeps[0].properties()[0]), str(oaeps[0].properties()[0])) self.assertEqual(str(iaeps[0].properties()[1]), str(oaeps[0].properties()[1])) self.assertEqual(str(iaeps[0].properties()[2]), str(oaeps[0].properties()[2])) self.assertEqual(str(iaeps[0].properties()[3]), str(oaeps[0].properties()[3])) self.assertEqual(str(iaeps[0].properties()[4]), str(oaeps[0].properties()[4])) self.assertEqual(str(iaeps[0].properties()[5]), str(oaeps[0].properties()[5])) self.assertEqual(str(iaeps[0].properties()[6]), str(oaeps[0].properties()[6])) self.assertEqual(str(iaeps[0].properties()[7]), str(oaeps[0].properties()[7])) self.assertEqual(iaeps[0].rationale()[0], oaeps[0].rationale()[0]) self.assertEqual(iaeps[0].rationale()[1], oaeps[0].rationale()[1]) self.assertEqual(iaeps[0].rationale()[2], oaeps[0].rationale()[2]) self.assertEqual(iaeps[0].rationale()[3], oaeps[0].rationale()[3]) self.assertEqual(iaeps[0].rationale()[4], oaeps[0].rationale()[4]) self.assertEqual(iaeps[0].rationale()[5], oaeps[0].rationale()[5]) self.assertEqual(iaeps[0].rationale()[6], oaeps[0].rationale()[6]) self.assertEqual(iaeps[0].rationale()[7], oaeps[0].rationale()[7]) oaps = b.dbProxy.deleteAsset(oap.id())
def setUp(self): call([os.environ['CAIRIS_SRC'] + "/test/initdb.sh"]) cairis.core.BorgFactory.initialise() f = open(os.environ['CAIRIS_SRC'] + '/test/goals.json') d = json.load(f) f.close() self.ienvs = d['environments'] self.iep1 = EnvironmentParameters(self.ienvs[0]["theName"],self.ienvs[0]["theShortCode"],self.ienvs[0]["theDescription"]) b = Borg() b.dbProxy.addEnvironment(self.iep1) self.oenvs = b.dbProxy.getEnvironments() self.iassets = d['assets'] self.iaeps1 = [AssetEnvironmentProperties(self.iassets[0]["theEnvironmentProperties"][0][0],self.iassets[0]["theEnvironmentProperties"][0][1],self.iassets[0]["theEnvironmentProperties"][0][2])] self.iap1 = AssetParameters(self.iassets[0]["theName"],self.iassets[0]["theShortCode"],self.iassets[0]["theDescription"],self.iassets[0]["theSignificance"],self.iassets[0]["theType"],"0","N/A",[],[],self.iaeps1) b.dbProxy.addAsset(self.iap1) self.oap = b.dbProxy.getAssets() self.iGoals = d['goals']
def setUp(self): call([os.environ['CAIRIS_CFG_DIR'] + "/initdb.sh"]) cairis.core.BorgFactory.initialise() f = open(os.environ['CAIRIS_SRC'] + '/test/requirements.json') d = json.load(f) f.close() ienvs = d['environments'] iep1 = EnvironmentParameters(ienvs[0]["theName"],ienvs[0]["theShortCode"],ienvs[0]["theDescription"]) iep2 = EnvironmentParameters(ienvs[1]["theName"],ienvs[1]["theShortCode"],ienvs[1]["theDescription"]) iep3 = EnvironmentParameters(ienvs[2]["theName"],ienvs[2]["theShortCode"],ienvs[2]["theDescription"]) b = Borg() b.dbProxy.addEnvironment(iep1) b.dbProxy.addEnvironment(iep2) b.dbProxy.addEnvironment(iep3) self.iassets = d['assets'] iaeps = [AssetEnvironmentProperties(self.iassets[0]["theEnvironmentProperties"][0][0],self.iassets[0]["theEnvironmentProperties"][0][1],self.iassets[0]["theEnvironmentProperties"][0][2])] iap = AssetParameters(self.iassets[0]["theName"],self.iassets[0]["theShortCode"],self.iassets[0]["theDescription"],self.iassets[0]["theSignificance"],self.iassets[0]["theType"],"0","N/A",[],[],iaeps) b.dbProxy.addAsset(iap) self.irequirements = d['requirements']
class GoalTest(unittest.TestCase): def setUp(self): call([os.environ['CAIRIS_SRC'] + "/test/initdb.sh"]) cairis.core.BorgFactory.initialise() f = open(os.environ['CAIRIS_SRC'] + '/test/goals.json') d = json.load(f) f.close() self.ienvs = d['environments'] self.iep1 = EnvironmentParameters(self.ienvs[0]["theName"],self.ienvs[0]["theShortCode"],self.ienvs[0]["theDescription"]) b = Borg() b.dbProxy.addEnvironment(self.iep1) self.oenvs = b.dbProxy.getEnvironments() self.iassets = d['assets'] self.iaeps1 = [AssetEnvironmentProperties(self.iassets[0]["theEnvironmentProperties"][0][0],self.iassets[0]["theEnvironmentProperties"][0][1],self.iassets[0]["theEnvironmentProperties"][0][2])] self.iap1 = AssetParameters(self.iassets[0]["theName"],self.iassets[0]["theShortCode"],self.iassets[0]["theDescription"],self.iassets[0]["theSignificance"],self.iassets[0]["theType"],"0","N/A",[],[],self.iaeps1) b.dbProxy.addAsset(self.iap1) self.oap = b.dbProxy.getAssets() self.iGoals = d['goals'] def testGoal(self): b = Borg() igep1 = GoalEnvironmentProperties(self.iGoals[0]["theEnvironmentProperties"][0],self.iGoals[0]["theEnvironmentProperties"][1],self.iGoals[0]["theEnvironmentProperties"][2],self.iGoals[0]["theEnvironmentProperties"][3],self.iGoals[0]["theEnvironmentProperties"][4],self.iGoals[0]["theEnvironmentProperties"][5],self.iGoals[0]["theEnvironmentProperties"][6],[],[],[self.iGoals[0]["theEnvironmentProperties"][7]],[]) igp1 = GoalParameters(self.iGoals[0]["theName"],self.iGoals[0]["theOriginator"],[],[igep1]) b.dbProxy.addGoal(igp1) oGoals = b.dbProxy.getGoals() og = oGoals[self.iGoals[0]["theName"]] self.assertEqual(igp1.name(), og.name()) self.assertEqual(igp1.originator(), og.originator()) b.dbProxy.deleteGoal(og.id()) def tearDown(self): b = Borg() b.dbProxy.deleteAsset(self.oap[self.iap1.name()].id()) b.dbProxy.deleteEnvironment(self.oenvs[self.iep1.name()].id()) b.dbProxy.close() call([os.environ['CAIRIS_SRC'] + "/test/dropdb.sh"])
def add_asset(self, asset, asset_props=None): try: self.db_proxy.nameCheck(asset.theName, 'asset') except ARMException as ex: self.close() raise ARMHTTPError(ex) assetParams = AssetParameters( assetName=asset.theName, shortCode=asset.theShortCode, assetDesc=asset.theDescription, assetSig=asset.theSignificance, assetType=asset.theType, cFlag=asset.isCritical, cRationale=asset.theCriticalRationale, tags=asset.theTags, ifs=asset.theInterfaces, cProperties=asset.theEnvironmentProperties) asset_id = self.db_proxy.addAsset(assetParams) return asset_id
def endElement(self, name): if name == 'role': p = RoleParameters(self.theName, self.theType, unescape(self.theShortCode), unescape(self.theDescription), []) self.theRoleParameters.append(p) self.resetRoleAttributes() elif name == 'asset': envDict = {} for sp in self.theSecurityProperties: envName = sp[0] spName = sp[1] spValue = a2i(sp[2]) spRationale = sp[3] if envName in envDict: (envDict[envName])[spName] = (spValue, spRationale) else: spDict = {} spDict['confidentiality'] = (0, 'None') spDict['integrity'] = (0, 'None') spDict['availability'] = (0, 'None') spDict['accountability'] = (0, 'None') spDict['anonymity'] = (0, 'None') spDict['pseudonymity'] = (0, 'None') spDict['unlinkability'] = (0, 'None') spDict['unobservability'] = (0, 'None') spDict[spName] = (spValue, spRationale) envDict[envName] = spDict for envName in envDict: spDict = envDict[envName] cProperty, cRationale = spDict['confidentiality'] iProperty, iRationale = spDict['integrity'] avProperty, avRationale = spDict['availability'] acProperty, acRationale = spDict['accountability'] anProperty, anRationale = spDict['anonymity'] panProperty, panRationale = spDict['pseudonymity'] unlProperty, unlRationale = spDict['unlinkability'] unoProperty, unoRationale = spDict['unobservability'] ep = AssetEnvironmentProperties(envName, [ cProperty, iProperty, avProperty, acProperty, anProperty, panProperty, unlProperty, unoProperty ], [ cRationale, iRationale, avRationale, acRationale, anRationale, panRationale, unlRationale, unoRationale ]) self.theEnvironmentProperties.append(ep) p = AssetParameters(self.theName, unescape(self.theShortCode), unescape(self.theDescription), unescape(self.theSignificance), self.theAssetType, self.isCritical, self.theCriticalRationale, self.theTags, self.theInterfaces, self.theEnvironmentProperties) self.theAssetParameters.append(p) self.resetAssetAttributes() elif name == 'security_property': self.theSecurityProperties.append( (self.theEnvironmentName, self.thePropertyName, self.thePropertyValue, unescape(self.theRationale))) self.resetSecurityPropertyAttributes() elif name == 'threatened_property': self.theSpDict[self.thePropertyName] = (self.thePropertyValue, unescape( self.theRationale)) self.resetThreatenedPropertyAttributes() elif name == 'vulnerability': p = VulnerabilityParameters(self.theName, unescape(self.theDescription), self.theType, self.theTags, self.theEnvironmentProperties) self.theVulnerabilities.append(p) self.resetVulnerabilityAttributes() elif name == 'vulnerability_environment': p = VulnerabilityEnvironmentProperties(self.theEnvironmentName, self.theSeverity, self.theAssets) self.theEnvironmentProperties.append(p) self.resetVulnerabilityEnvironmentAttributes() elif name == 'attacker': p = AttackerParameters(self.theName, unescape(self.theDescription), self.theImage, self.theTags, self.theEnvironmentProperties) self.theAttackerParameters.append(p) self.resetAttackerAttributes() elif name == 'attacker_environment': p = AttackerEnvironmentProperties(self.theEnvironmentName, self.theRoles, self.theMotivations, self.theCapabilities) self.theEnvironmentProperties.append(p) self.resetAttackerEnvironmentAttributes() elif name == 'threat': p = ThreatParameters(self.theName, self.theType, unescape(self.theMethod), self.theTags, self.theEnvironmentProperties) self.theThreats.append(p) self.resetThreatAttributes() elif name == 'threat_environment': cProperty, cRationale = self.theSpDict['confidentiality'] iProperty, iRationale = self.theSpDict['integrity'] avProperty, avRationale = self.theSpDict['availability'] acProperty, acRationale = self.theSpDict['accountability'] anProperty, anRationale = self.theSpDict['anonymity'] panProperty, panRationale = self.theSpDict['pseudonymity'] unlProperty, unlRationale = self.theSpDict['unlinkability'] unoProperty, unoRationale = self.theSpDict['unobservability'] p = ThreatEnvironmentProperties( self.theEnvironmentName, self.theLikelihood, self.theAssets, self.theAttackers, [ cProperty, iProperty, avProperty, acProperty, anProperty, panProperty, unlProperty, unoProperty ], [ cRationale, iRationale, avRationale, acRationale, anRationale, panRationale, unlRationale, unoRationale ]) self.theEnvironmentProperties.append(p) self.resetThreatEnvironmentAttributes() elif name == 'risk': mc = MisuseCase(-1, 'Exploit ' + self.theName, self.theEnvironmentProperties, self.theName) p = RiskParameters(self.theName, self.theThreat, self.theVulnerability, mc, self.theTags) self.theRisks.append(p) self.resetRiskAttributes() elif name == 'misusecase': p = MisuseCaseEnvironmentProperties(self.theEnvironmentName, unescape(self.theDescription)) self.theEnvironmentProperties.append(p) self.resetRiskEnvironmentAttributes() elif name == 'response': p = ResponseParameters(self.theType + ' ' + self.theRisk, self.theRisk, self.theTags, self.theEnvironmentProperties, self.theType) self.theResponses.append(p) self.resetResponseAttributes() elif name == 'accept_environment': p = AcceptEnvironmentProperties(self.theEnvironmentName, self.theCost, unescape(self.theDescription)) self.theEnvironmentProperties.append(p) self.resetResponseEnvironmentAttributes() elif name == 'transfer_environment': p = TransferEnvironmentProperties(self.theEnvironmentName, unescape(self.theDescription), self.theResponseRoles) self.theEnvironmentProperties.append(p) self.resetResponseEnvironmentAttributes() elif name == 'deter_environment': p = MitigateEnvironmentProperties(self.theEnvironmentName, 'Deter') self.theEnvironmentProperties.append(p) self.resetResponseEnvironmentAttributes() elif name == 'prevent_environment': p = MitigateEnvironmentProperties(self.theEnvironmentName, 'Prevent') self.theEnvironmentProperties.append(p) self.resetResponseEnvironmentAttributes() elif name == 'detect_environment': p = MitigateEnvironmentProperties(self.theEnvironmentName, 'Detect', self.theDetectionPoint) self.theEnvironmentProperties.append(p) self.resetResponseEnvironmentAttributes() elif name == 'react_environment': p = MitigateEnvironmentProperties(self.theEnvironmentName, 'React', '', self.theDetectionMechanisms) self.theEnvironmentProperties.append(p) self.resetResponseEnvironmentAttributes() elif name == 'asset_association': p = ClassAssociationParameters( self.theEnvironmentName, self.theHeadName, 'asset', self.theHeadNav, self.theHeadAdornment, self.theHeadNry, self.theHeadRole, self.theTailRole, self.theTailNry, self.theTailAdornment, self.theTailNav, 'asset', self.theTailName, unescape(self.theRationale)) self.theAssociations.append(p) self.resetAssociationAttributes() elif name == 'description': self.inDescription = 0 elif name == 'method': self.inMethod = 0 elif name == 'narrative': self.inDescription = 0 elif name == 'rationale': self.inRationale = 0 elif name == 'significance': self.inSignificance = 0 elif name == 'critical': self.inCritical = 0
def testAsset(self): iaeps = [ AssetEnvironmentProperties( self.iassets[0]["theEnvironmentProperties"][0][0], self.iassets[0]["theEnvironmentProperties"][0][1], self.iassets[0]["theEnvironmentProperties"][0][2]) ] iap = AssetParameters(self.iassets[0]["theName"], self.iassets[0]["theShortCode"], self.iassets[0]["theDescription"], self.iassets[0]["theSignificance"], self.iassets[0]["theType"], "0", "N/A", [], [], iaeps) b = Borg() iap.theShortCode = 'TESTCODE123456789012345678901234567890' with self.assertRaises(AttributeTooBig): b.dbProxy.addAsset(iap) iap.theShortCode = 'TESTCODE' b.dbProxy.addAsset(iap) oaps = b.dbProxy.getAssets() oap = oaps[self.iassets[0]["theName"]] self.assertEqual(iap.name(), oap.name()) self.assertEqual(iap.shortCode(), oap.shortCode()) self.assertEqual(iap.description(), oap.description()) self.assertEqual(iap.significance(), oap.significance()) oaeps = oap.environmentProperties() self.assertEqual(iaeps[0].name(), oaeps[0].name()) self.assertEqual(str(iaeps[0].properties()[0]), str(oaeps[0].properties()[0])) self.assertEqual(str(iaeps[0].properties()[1]), str(oaeps[0].properties()[1])) self.assertEqual(str(iaeps[0].properties()[2]), str(oaeps[0].properties()[2])) self.assertEqual(str(iaeps[0].properties()[3]), str(oaeps[0].properties()[3])) self.assertEqual(str(iaeps[0].properties()[4]), str(oaeps[0].properties()[4])) self.assertEqual(str(iaeps[0].properties()[5]), str(oaeps[0].properties()[5])) self.assertEqual(str(iaeps[0].properties()[6]), str(oaeps[0].properties()[6])) self.assertEqual(str(iaeps[0].properties()[7]), str(oaeps[0].properties()[7])) self.assertEqual(iaeps[0].rationale()[0], oaeps[0].rationale()[0]) self.assertEqual(iaeps[0].rationale()[1], oaeps[0].rationale()[1]) self.assertEqual(iaeps[0].rationale()[2], oaeps[0].rationale()[2]) self.assertEqual(iaeps[0].rationale()[3], oaeps[0].rationale()[3]) self.assertEqual(iaeps[0].rationale()[4], oaeps[0].rationale()[4]) self.assertEqual(iaeps[0].rationale()[5], oaeps[0].rationale()[5]) self.assertEqual(iaeps[0].rationale()[6], oaeps[0].rationale()[6]) self.assertEqual(iaeps[0].rationale()[7], oaeps[0].rationale()[7]) envName = self.iassets[0]["theEnvironmentProperties"][0][0] self.assertEqual(str(iaeps[0].properties()[0]), str(oap.securityProperties(envName, '', envName)[0])) self.assertEqual(str(iaeps[0].properties()[1]), str(oap.securityProperties(envName, '', envName)[1])) self.assertEqual(str(iaeps[0].properties()[2]), str(oap.securityProperties(envName, '', envName)[2])) self.assertEqual(str(iaeps[0].properties()[3]), str(oap.securityProperties(envName, '', envName)[3])) self.assertEqual(str(iaeps[0].properties()[4]), str(oap.securityProperties(envName, '', envName)[4])) self.assertEqual(str(iaeps[0].properties()[5]), str(oap.securityProperties(envName, '', envName)[5])) self.assertEqual(str(iaeps[0].properties()[6]), str(oap.securityProperties(envName, '', envName)[6])) self.assertEqual(str(iaeps[0].properties()[7]), str(oap.securityProperties(envName, '', envName)[7])) self.assertEqual( [['Confidentiality', 'High'], ['Availability', 'Medium']], oap.propertyList('Psychosis', '', '')) self.assertEqual( [['Confidentiality', 'High'], ['Availability', 'Medium']], oap.propertyList('', 'Maximise', '')) self.assertEqual( [['Confidentiality', 'High'], ['Availability', 'Medium']], oap.propertyList('', 'Override', 'Psychosis')) oap.theShortCode = 'TESTCODE' oap.theAssetPropertyDictionary['Psychosis'].theSecurityProperties[ 0] = 1 b.dbProxy.updateAsset(oap) oaps2 = b.dbProxy.getAssets(oap.id()) oap2 = oaps[self.iassets[0]["theName"]] self.assertEqual(oap2.shortCode(), 'TESTCODE') oaps = b.dbProxy.deleteAsset(oap.id())
def setUp(self): call([os.environ['CAIRIS_CFG_DIR'] + "/initdb.sh"]) cairis.core.BorgFactory.initialise() f = open(os.environ['CAIRIS_SRC'] + '/test/responses.json') d = json.load(f) f.close() ienvs = d['environments'] iep1 = EnvironmentParameters(ienvs[0]["theName"], ienvs[0]["theShortCode"], ienvs[0]["theDescription"]) b = Borg() b.dbProxy.addEnvironment(iep1) iRoles = d['roles'] irp = RoleParameters(iRoles[0]["theName"], iRoles[0]["theType"], iRoles[0]["theShortCode"], iRoles[0]["theDescription"], []) b.dbProxy.addRole(irp) iAttackers = d['attackers'] iatkeps = [ AttackerEnvironmentProperties( iAttackers[0]["theEnvironmentProperties"][0]["theName"], iAttackers[0]["theEnvironmentProperties"][0]["theRoles"], iAttackers[0]["theEnvironmentProperties"][0]["theMotives"], iAttackers[0]["theEnvironmentProperties"][0] ["theCapabilities"]) ] iatk = AttackerParameters(iAttackers[0]["theName"], iAttackers[0]["theDescription"], iAttackers[0]["theImage"], [], iatkeps) b.dbProxy.addAttacker(iatk) iVtypes = d['valuetypes'] ivt1 = ValueTypeParameters(iVtypes[0]["theName"], iVtypes[0]["theDescription"], iVtypes[0]["theType"]) ivt2 = ValueTypeParameters(iVtypes[1]["theName"], iVtypes[1]["theDescription"], iVtypes[1]["theType"]) b.dbProxy.addValueType(ivt1) b.dbProxy.addValueType(ivt2) iassets = d['assets'] iaeps1 = [ AssetEnvironmentProperties( iassets[0]["theEnvironmentProperties"][0][0], iassets[0]["theEnvironmentProperties"][0][1], iassets[0]["theEnvironmentProperties"][0][2]) ] iaeps2 = [ AssetEnvironmentProperties( iassets[1]["theEnvironmentProperties"][0][0], iassets[1]["theEnvironmentProperties"][0][1], iassets[1]["theEnvironmentProperties"][0][2]) ] iaeps3 = [ AssetEnvironmentProperties( iassets[2]["theEnvironmentProperties"][0][0], iassets[2]["theEnvironmentProperties"][0][1], iassets[2]["theEnvironmentProperties"][0][2]) ] iap1 = AssetParameters(iassets[0]["theName"], iassets[0]["theShortCode"], iassets[0]["theDescription"], iassets[0]["theSignificance"], iassets[0]["theType"], "0", "N/A", [], [], iaeps1) iap2 = AssetParameters(iassets[1]["theName"], iassets[1]["theShortCode"], iassets[1]["theDescription"], iassets[1]["theSignificance"], iassets[1]["theType"], "0", "N/A", [], [], iaeps2) iap3 = AssetParameters(iassets[2]["theName"], iassets[2]["theShortCode"], iassets[2]["theDescription"], iassets[2]["theSignificance"], iassets[2]["theType"], "0", "N/A", [], [], iaeps3) b.dbProxy.addAsset(iap1) b.dbProxy.addAsset(iap2) b.dbProxy.addAsset(iap3) iThreats = d['threats'] iteps = [ ThreatEnvironmentProperties( iThreats[0]["theEnvironmentProperties"][0]["theName"], iThreats[0]["theEnvironmentProperties"][0]["theLikelihood"], iThreats[0]["theEnvironmentProperties"][0]["theAssets"], iThreats[0]["theEnvironmentProperties"][0]["theAttackers"], iThreats[0]["theEnvironmentProperties"][0]["theProperties"][0] [1], iThreats[0]["theEnvironmentProperties"][0] ["theProperties"][0][1]) ] itps = ThreatParameters(iThreats[0]["theName"], iThreats[0]["theType"], iThreats[0]["theMethod"], [], iteps) b.dbProxy.addThreat(itps) iVuln = d['vulnerabilities'] iveps = [ VulnerabilityEnvironmentProperties( iVuln[0]["theEnvironmentProperties"][0]["theName"], iVuln[0]["theEnvironmentProperties"][0]["theSeverity"], iVuln[0]["theEnvironmentProperties"][0]["theAssets"]) ] ivp = VulnerabilityParameters(iVuln[0]["theName"], iVuln[0]["theDescription"], iVuln[0]["theType"], [], iveps) b.dbProxy.addVulnerability(ivp) imc = d['misuseCase'] iRisks = d['risks'] imcep = [ MisuseCaseEnvironmentProperties( imc[0]["theEnvironmentProperties"][0]["theName"], imc[0]["theEnvironmentProperties"][0]["theDescription"]) ] imcp = MisuseCase(int(0), imc[0]["theName"], imcep, imc[0]["theRisk"]) irp = RiskParameters(iRisks[0]["theName"], iRisks[0]["threatName"], iRisks[0]["vulName"], imcp, []) b.dbProxy.addRisk(irp) self.iResponses = d['responses']
class VulnerabilityTest(unittest.TestCase): def setUp(self): call([os.environ['CAIRIS_SRC'] + "/test/initdb.sh"]) cairis.core.BorgFactory.initialise() f = open(os.environ['CAIRIS_SRC'] + '/test/vulnerabilities.json') d = json.load(f) f.close() b = Borg() self.iVtypes = d['valuetypes'] self.ivt1 = ValueTypeParameters(self.iVtypes[0]["theName"], self.iVtypes[0]["theDescription"], self.iVtypes[0]["theValueType"]) self.ivt2 = ValueTypeParameters(self.iVtypes[1]["theName"], self.iVtypes[1]["theDescription"], self.iVtypes[1]["theValueType"]) b.dbProxy.addValueType(self.ivt1) b.dbProxy.addValueType(self.ivt2) self.oVtypes = b.dbProxy.getValueTypes('vulnerability_type') ienvs = d['environments'] self.iep1 = EnvironmentParameters(ienvs[0]["theName"], ienvs[0]["theShortCode"], ienvs[0]["theDescription"]) self.iep2 = EnvironmentParameters(ienvs[1]["theName"], ienvs[1]["theShortCode"], ienvs[1]["theDescription"]) self.iep3 = EnvironmentParameters(ienvs[2]["theName"], ienvs[2]["theShortCode"], ienvs[2]["theDescription"]) b.dbProxy.addEnvironment(self.iep1) b.dbProxy.addEnvironment(self.iep2) b.dbProxy.addEnvironment(self.iep3) self.oenvs = b.dbProxy.getEnvironments() self.iassets = d['assets'] self.iaeps = [ AssetEnvironmentProperties( self.iassets[0]["theEnvironmentProperties"][0][0], self.iassets[0]["theEnvironmentProperties"][0][1], self.iassets[0]["theEnvironmentProperties"][0][2]) ] self.iap = AssetParameters(self.iassets[0]["theName"], self.iassets[0]["theShortCode"], self.iassets[0]["theDescription"], self.iassets[0]["theSignificance"], self.iassets[0]["theType"], "0", "N/A", [], [], self.iaeps) b.dbProxy.addAsset(self.iap) self.oaps = b.dbProxy.getAssets() self.iVuln = d['vulnerabilities'] def testStandardVulnerability(self): iveps1 = [ VulnerabilityEnvironmentProperties( self.iVuln[0]["theEnvironmentProperties"][0]["theName"], self.iVuln[0]["theEnvironmentProperties"][0]["theSeverity"], self.iVuln[0]["theEnvironmentProperties"][0]["theAssets"]) ] iveps2 = [ VulnerabilityEnvironmentProperties( self.iVuln[1]["theEnvironmentProperties"][0]["theName"], self.iVuln[1]["theEnvironmentProperties"][0]["theSeverity"], self.iVuln[1]["theEnvironmentProperties"][0]["theAssets"]) ] iveps3 = [ VulnerabilityEnvironmentProperties( self.iVuln[2]["theEnvironmentProperties"][0]["theName"], self.iVuln[2]["theEnvironmentProperties"][0]["theSeverity"], self.iVuln[2]["theEnvironmentProperties"][0]["theAssets"]) ] ivp1 = VulnerabilityParameters(self.iVuln[0]["theName"], self.iVuln[0]["theDescription"], self.iVuln[0]["theType"], [], iveps1) ivp2 = VulnerabilityParameters(self.iVuln[1]["theName"], self.iVuln[1]["theDescription"], self.iVuln[1]["theType"], [], iveps2) ivp3 = VulnerabilityParameters(self.iVuln[2]["theName"], self.iVuln[2]["theDescription"], self.iVuln[2]["theType"], [], iveps3) b = Borg() b.dbProxy.addVulnerability(ivp1) b.dbProxy.addVulnerability(ivp2) b.dbProxy.addVulnerability(ivp3) ovps = b.dbProxy.getVulnerabilities() ovp1 = ovps[self.iVuln[0]["theName"]] ovep1 = ovp1.environmentProperties() self.assertEqual(ivp1.name(), ovp1.name()) self.assertEqual(ivp1.type(), ovp1.type()) self.assertEqual(ivp1.description(), ovp1.description()) self.assertEqual( self.iVuln[0]["theEnvironmentProperties"][0]["theSeverity"], ovep1[0].severity()) self.assertEqual( str(self.iVuln[0]["theEnvironmentProperties"][0]["theAssets"][0]), str(ovep1[0].assets()[0])) ovp2 = ovps[self.iVuln[1]["theName"]] ovep2 = ovp2.environmentProperties() self.assertEqual(ivp2.name(), ovp2.name()) self.assertEqual(ivp2.type(), ovp2.type()) self.assertEqual(ivp2.description(), ovp2.description()) self.assertEqual( self.iVuln[1]["theEnvironmentProperties"][0]["theSeverity"], ovp2.environmentProperties()[0].severity()) self.assertEqual( str(self.iVuln[1]["theEnvironmentProperties"][0]["theAssets"][0]), str(ovep2[0].assets()[0])) ovp3 = ovps[self.iVuln[2]["theName"]] ovep3 = ovp3.environmentProperties() self.assertEqual(ivp3.name(), ovp3.name()) self.assertEqual(ivp3.type(), ovp3.type()) self.assertEqual(ivp3.description(), ovp3.description()) self.assertEqual( self.iVuln[2]["theEnvironmentProperties"][0]["theSeverity"], ovep3[0].severity()) self.assertEqual( str(self.iVuln[2]["theEnvironmentProperties"][0]["theAssets"][0]), str(ovep3[0].assets()[0])) ovp3.theVulnerabilityName = 'updated name' ovp3.theVulnerabilityDescription = 'updated description' b.dbProxy.updateVulnerability(ovp3) ovps = b.dbProxy.getVulnerabilities() ovp4 = ovps['updated name'] self.assertEqual(ovp3.name(), ovp4.name()) self.assertEqual(ovp3.type(), ovp4.type()) self.assertEqual(ovp3.description(), ovp4.description()) b.dbProxy.deleteVulnerability(ovp1.id()) b.dbProxy.deleteVulnerability(ovp2.id()) b.dbProxy.deleteVulnerability(ovp3.id()) def tearDown(self): b = Borg() b.dbProxy.deleteVulnerabilityType(self.oVtypes[0].id()) b.dbProxy.deleteVulnerabilityType(self.oVtypes[1].id()) b.dbProxy.deleteAsset(self.oaps[self.iap.name()].id()) b.dbProxy.deleteEnvironment(self.oenvs[self.iep1.name()].id()) b.dbProxy.deleteEnvironment(self.oenvs[self.iep2.name()].id()) b.dbProxy.deleteEnvironment(self.oenvs[self.iep3.name()].id()) b.dbProxy.close() call([os.environ['CAIRIS_SRC'] + "/test/dropdb.sh"])
def setUp(self): call([os.environ['CAIRIS_CFG_DIR'] + "/initdb.sh"]) cairis.core.BorgFactory.initialise() f = open(os.environ['CAIRIS_SRC'] + '/test/threats.json') d = json.load(f) f.close() ienvs = d['environments'] iep = EnvironmentParameters(ienvs[0]["theName"], ienvs[0]["theShortCode"], ienvs[0]["theDescription"]) iep1 = EnvironmentParameters(ienvs[1]["theName"], ienvs[1]["theShortCode"], ienvs[1]["theDescription"]) b = Borg() b.dbProxy.addEnvironment(iep) b.dbProxy.addEnvironment(iep1) iRoles = d['roles'] irp = RoleParameters(iRoles[0]["theName"], iRoles[0]["theType"], iRoles[0]["theShortCode"], iRoles[0]["theDescription"], []) b.dbProxy.addRole(irp) iAttackers = d['attackers'] iatkeps = [ AttackerEnvironmentProperties( iAttackers[0]["theEnvironmentProperties"][0]["theName"], iAttackers[0]["theEnvironmentProperties"][0]["theRoles"], iAttackers[0]["theEnvironmentProperties"][0]["theMotives"], iAttackers[0]["theEnvironmentProperties"][0] ["theCapabilities"]), AttackerEnvironmentProperties( iAttackers[0]["theEnvironmentProperties"][1]["theName"], iAttackers[0]["theEnvironmentProperties"][1]["theRoles"], iAttackers[0]["theEnvironmentProperties"][1]["theMotives"], iAttackers[0]["theEnvironmentProperties"][1] ["theCapabilities"]) ] iatk = AttackerParameters(iAttackers[0]["theName"], iAttackers[0]["theDescription"], iAttackers[0]["theImage"], [], iatkeps) b.dbProxy.addAttacker(iatk) iVtypes = d['valuetypes'] ivt = ValueTypeParameters(iVtypes[0]["theName"], iVtypes[0]["theDescription"], iVtypes[0]["theType"]) b.dbProxy.addValueType(ivt) iassets = d['assets'] iaeps = [ AssetEnvironmentProperties( iassets[0]["theEnvironmentProperties"][0][0], iassets[0]["theEnvironmentProperties"][0][1], iassets[0]["theEnvironmentProperties"][0][2]), AssetEnvironmentProperties( iassets[0]["theEnvironmentProperties"][1][0], iassets[0]["theEnvironmentProperties"][1][1], iassets[0]["theEnvironmentProperties"][1][2]) ] iap = AssetParameters(iassets[0]["theName"], iassets[0]["theShortCode"], iassets[0]["theDescription"], iassets[0]["theSignificance"], iassets[0]["theType"], "0", "N/A", [], [], iaeps) b.dbProxy.addAsset(iap) self.iThreats = d['threats']
class VulnerabilityTest(unittest.TestCase): def setUp(self): call([os.environ['CAIRIS_SRC'] + "/test/initdb.sh"]) cairis.core.BorgFactory.initialise() f = open(os.environ['CAIRIS_SRC'] + '/test/vulnerabilities.json') d = json.load(f) f.close() b = Borg() self.iVtypes = d['valuetypes'] self.ivt1 = ValueTypeParameters(self.iVtypes[0]["theName"], self.iVtypes[0]["theDescription"], self.iVtypes[0]["theValueType"]) self.ivt2 = ValueTypeParameters(self.iVtypes[1]["theName"], self.iVtypes[1]["theDescription"], self.iVtypes[1]["theValueType"]) b.dbProxy.addValueType(self.ivt1) b.dbProxy.addValueType(self.ivt2) self.oVtypes = b.dbProxy.getValueTypes('vulnerability_type') ienvs = d['environments'] self.iep1 = EnvironmentParameters(ienvs[0]["theName"],ienvs[0]["theShortCode"],ienvs[0]["theDescription"]) self.iep2 = EnvironmentParameters(ienvs[1]["theName"],ienvs[1]["theShortCode"],ienvs[1]["theDescription"]) self.iep3 = EnvironmentParameters(ienvs[2]["theName"],ienvs[2]["theShortCode"],ienvs[2]["theDescription"]) b.dbProxy.addEnvironment(self.iep1) b.dbProxy.addEnvironment(self.iep2) b.dbProxy.addEnvironment(self.iep3) self.oenvs = b.dbProxy.getEnvironments() self.iassets = d['assets'] self.iaeps = [AssetEnvironmentProperties(self.iassets[0]["theEnvironmentProperties"][0][0],self.iassets[0]["theEnvironmentProperties"][0][1],self.iassets[0]["theEnvironmentProperties"][0][2])] self.iap = AssetParameters(self.iassets[0]["theName"],self.iassets[0]["theShortCode"],self.iassets[0]["theDescription"],self.iassets[0]["theSignificance"],self.iassets[0]["theType"],"0","N/A",[],[],self.iaeps) b.dbProxy.addAsset(self.iap) self.oaps = b.dbProxy.getAssets() self.iVuln = d['vulnerabilities'] def testStandardVulnerability(self): iveps1 = [VulnerabilityEnvironmentProperties(self.iVuln[0]["theEnvironmentProperties"][0]["theName"],self.iVuln[0]["theEnvironmentProperties"][0]["theSeverity"],self.iVuln[0]["theEnvironmentProperties"][0]["theAssets"])] iveps2 = [VulnerabilityEnvironmentProperties(self.iVuln[1]["theEnvironmentProperties"][0]["theName"],self.iVuln[1]["theEnvironmentProperties"][0]["theSeverity"],self.iVuln[1]["theEnvironmentProperties"][0]["theAssets"])] iveps3 = [VulnerabilityEnvironmentProperties(self.iVuln[2]["theEnvironmentProperties"][0]["theName"],self.iVuln[2]["theEnvironmentProperties"][0]["theSeverity"],self.iVuln[2]["theEnvironmentProperties"][0]["theAssets"])] ivp1 = VulnerabilityParameters(self.iVuln[0]["theName"],self.iVuln[0]["theDescription"],self.iVuln[0]["theType"], [], iveps1) ivp2 = VulnerabilityParameters(self.iVuln[1]["theName"],self.iVuln[1]["theDescription"],self.iVuln[1]["theType"], [], iveps2) ivp3 = VulnerabilityParameters(self.iVuln[2]["theName"],self.iVuln[2]["theDescription"],self.iVuln[2]["theType"], [], iveps3) b = Borg() b.dbProxy.addVulnerability(ivp1) b.dbProxy.addVulnerability(ivp2) b.dbProxy.addVulnerability(ivp3) ovps = b.dbProxy.getVulnerabilities() ovp1 = ovps[self.iVuln[0]["theName"]] ovep1 = ovp1.environmentProperties() self.assertEqual(ivp1.name(), ovp1.name()) self.assertEqual(ivp1.type(),ovp1.type()) self.assertEqual(ivp1.description(),ovp1.description()) self.assertEqual(self.iVuln[0]["theEnvironmentProperties"][0]["theSeverity"], ovep1[0].severity()) self.assertEqual(str(self.iVuln[0]["theEnvironmentProperties"][0]["theAssets"][0]), str(ovep1[0].assets()[0])) ovp2 = ovps[self.iVuln[1]["theName"]] ovep2 = ovp2.environmentProperties() self.assertEqual(ivp2.name(), ovp2.name()) self.assertEqual(ivp2.type(),ovp2.type()) self.assertEqual(ivp2.description(),ovp2.description()) self.assertEqual(self.iVuln[1]["theEnvironmentProperties"][0]["theSeverity"], ovp2.environmentProperties()[0].severity()) self.assertEqual(str(self.iVuln[1]["theEnvironmentProperties"][0]["theAssets"][0]), str(ovep2[0].assets()[0])) ovp3 = ovps[self.iVuln[2]["theName"]] ovep3 = ovp3.environmentProperties() self.assertEqual(ivp3.name(), ovp3.name()) self.assertEqual(ivp3.type(),ovp3.type()) self.assertEqual(ivp3.description(),ovp3.description()) self.assertEqual(self.iVuln[2]["theEnvironmentProperties"][0]["theSeverity"], ovep3[0].severity()) self.assertEqual(str(self.iVuln[2]["theEnvironmentProperties"][0]["theAssets"][0]), str(ovep3[0].assets()[0])) ovp3.theVulnerabilityName = 'updated name' ovp3.theVulnerabilityDescription = 'updated description' b.dbProxy.updateVulnerability(ovp3) ovps = b.dbProxy.getVulnerabilities() ovp4 = ovps['updated name'] self.assertEqual(ovp3.name(), ovp4.name()) self.assertEqual(ovp3.type(),ovp4.type()) self.assertEqual(ovp3.description(),ovp4.description()) b.dbProxy.deleteVulnerability(ovp1.id()) b.dbProxy.deleteVulnerability(ovp2.id()) b.dbProxy.deleteVulnerability(ovp3.id()) def tearDown(self): b = Borg() b.dbProxy.deleteVulnerabilityType(self.oVtypes[0].id()) b.dbProxy.deleteVulnerabilityType(self.oVtypes[1].id()) b.dbProxy.deleteAsset( self.oaps[self.iap.name()].id()) b.dbProxy.deleteEnvironment(self.oenvs[self.iep1.name()].id()) b.dbProxy.deleteEnvironment(self.oenvs[self.iep2.name()].id()) b.dbProxy.deleteEnvironment(self.oenvs[self.iep3.name()].id()) b.dbProxy.close() call([os.environ['CAIRIS_SRC'] + "/test/dropdb.sh"])
class GoalTest(unittest.TestCase): def setUp(self): call([os.environ['CAIRIS_SRC'] + "/test/initdb.sh"]) cairis.core.BorgFactory.initialise() f = open(os.environ['CAIRIS_SRC'] + '/test/goals.json') d = json.load(f) f.close() self.ienvs = d['environments'] self.iep1 = EnvironmentParameters(self.ienvs[0]["theName"],self.ienvs[0]["theShortCode"],self.ienvs[0]["theDescription"]) b = Borg() b.dbProxy.addEnvironment(self.iep1) self.oenvs = b.dbProxy.getEnvironments() self.iassets = d['assets'] self.iaeps1 = [AssetEnvironmentProperties(self.iassets[0]["theEnvironmentProperties"][0][0],self.iassets[0]["theEnvironmentProperties"][0][1],self.iassets[0]["theEnvironmentProperties"][0][2])] self.iap1 = AssetParameters(self.iassets[0]["theName"],self.iassets[0]["theShortCode"],self.iassets[0]["theDescription"],self.iassets[0]["theSignificance"],self.iassets[0]["theType"],"0","N/A",[],[],self.iaeps1) b.dbProxy.addAsset(self.iap1) self.oap = b.dbProxy.getAssets() self.iGoals = d['goals'] def testGoal(self): b = Borg() igep1 = GoalEnvironmentProperties(self.iGoals[0]["theEnvironmentProperties"][0],self.iGoals[0]["theEnvironmentProperties"][1],self.iGoals[0]["theEnvironmentProperties"][2],self.iGoals[0]["theEnvironmentProperties"][3],self.iGoals[0]["theEnvironmentProperties"][4],self.iGoals[0]["theEnvironmentProperties"][5],self.iGoals[0]["theEnvironmentProperties"][6],[],[],[self.iGoals[0]["theEnvironmentProperties"][7]],[]) igep2 = GoalEnvironmentProperties(self.iGoals[1]["theEnvironmentProperties"][0],self.iGoals[1]["theEnvironmentProperties"][1],self.iGoals[1]["theEnvironmentProperties"][2],self.iGoals[1]["theEnvironmentProperties"][3],self.iGoals[1]["theEnvironmentProperties"][4],self.iGoals[1]["theEnvironmentProperties"][5],self.iGoals[1]["theEnvironmentProperties"][6],[],[],[self.iGoals[1]["theEnvironmentProperties"][7]],[]) igep3 = GoalEnvironmentProperties(self.iGoals[2]["theEnvironmentProperties"][0],self.iGoals[2]["theEnvironmentProperties"][1],self.iGoals[2]["theEnvironmentProperties"][2],self.iGoals[2]["theEnvironmentProperties"][3],self.iGoals[2]["theEnvironmentProperties"][4],self.iGoals[2]["theEnvironmentProperties"][5],self.iGoals[2]["theEnvironmentProperties"][6],[],[],[self.iGoals[2]["theEnvironmentProperties"][7]],[]) igp1 = GoalParameters(self.iGoals[0]["theName"],self.iGoals[0]["theOriginator"],[],[igep1]) igp2 = GoalParameters(self.iGoals[1]["theName"],self.iGoals[1]["theOriginator"],[],[igep2]) igp3 = GoalParameters(self.iGoals[2]["theName"],self.iGoals[2]["theOriginator"],[],[igep3]) b.dbProxy.addGoal(igp1) b.dbProxy.addGoal(igp2) b.dbProxy.addGoal(igp3) b.dbProxy.relabelGoals(igep1.name()) oGoals = b.dbProxy.getGoals() og1 = oGoals[self.iGoals[0]["theName"]] og2 = oGoals[self.iGoals[1]["theName"]] og3 = oGoals[self.iGoals[2]["theName"]] self.assertEqual(igp1.name(), og1.name()) self.assertEqual(igp1.originator(), og1.originator()) ogep1 = og1.environmentProperty(igep1.name()) ogep2 = og2.environmentProperty(igep1.name()) self.assertEqual(igep1.label(), ogep1.label()) self.assertEqual(igep1.definition(), ogep1.definition()) self.assertEqual(igep1.category(), ogep1.category()) self.assertEqual(igep1.priority(), ogep1.priority()) self.assertEqual(igep1.fitCriterion(), ogep1.fitCriterion()) self.assertEqual(igep1.issue(), ogep1.issue()) self.assertEqual(igep1.goalRefinements(), ogep1.goalRefinements()) self.assertEqual(igep1.subGoalRefinements(), ogep1.subGoalRefinements()) self.assertEqual(igep1.concerns(), ogep1.concerns()) self.assertEqual(igep1.concernAssociations(), ogep1.concernAssociations()) envName = self.iGoals[0]["theEnvironmentProperties"][0] self.assertEqual(igep1.label(), og1.label(envName)) self.assertEqual(igep1.definition(), og1.definition(envName,'')) self.assertEqual(igep1.category(), og1.category(envName,'')) self.assertEqual(igep1.priority(), og1.priority(envName,'')) self.assertEqual(igep1.fitCriterion(), og1.fitCriterion(envName,'')) self.assertEqual(igep1.issue(), og1.issue(envName,'')) self.assertEqual(igep2.label(), ogep2.label()) self.assertEqual(igep2.definition(), ogep2.definition()) self.assertEqual(igep2.category(), ogep2.category()) self.assertEqual(igep2.priority(), ogep2.priority()) self.assertEqual(igep2.fitCriterion(), ogep2.fitCriterion()) self.assertEqual(igep2.issue(), ogep2.issue()) self.assertEqual(igep2.goalRefinements(), ogep2.goalRefinements()) self.assertEqual(igep2.subGoalRefinements(), ogep2.subGoalRefinements()) self.assertEqual(igep2.concerns(), ogep2.concerns()) self.assertEqual(igep2.concernAssociations(), ogep2.concernAssociations()) igop1 = GoalAssociationParameters(igep1.name(),igp1.name(),'goal','and',igp2.name(),'goal',0,'None') igop2 = GoalAssociationParameters(igep1.name(),igp1.name(),'goal','and',igp3.name(),'goal',0,'None') b.dbProxy.addGoalAssociation(igop1) b.dbProxy.addGoalAssociation(igop2) ogops = b.dbProxy.getGoalAssociations() ogop1 = ogops[igep1.name() + '/' + igp1.name() + '/' + igp2.name() + '/and'] ogop2 = ogops[igep2.name() + '/' + igp1.name() + '/' + igp3.name() + '/and'] self.assertEqual(igop1.environment(), ogop1.environment()) self.assertEqual(igop1.goal(), ogop1.goal()) self.assertEqual(igop1.goalDimension(), ogop1.goalDimension()) self.assertEqual(igop1.type(), ogop1.type()) self.assertEqual(igop1.subGoal(), ogop1.subGoal()) self.assertEqual(igop1.subGoalDimension(), ogop1.subGoalDimension()) self.assertEqual(igop1.alternative(), ogop1.alternative()) self.assertEqual(igop1.rationale(), ogop1.rationale()) self.assertEqual(igop2.environment(), ogop2.environment()) self.assertEqual(igop2.goal(), ogop2.goal()) self.assertEqual(igop2.goalDimension(), ogop2.goalDimension()) self.assertEqual(igop2.type(), ogop2.type()) self.assertEqual(igop2.subGoal(), ogop2.subGoal()) self.assertEqual(igop2.subGoalDimension(), ogop2.subGoalDimension()) self.assertEqual(igop2.alternative(), ogop2.alternative()) self.assertEqual(igop2.rationale(), ogop2.rationale()) b.dbProxy.deleteGoalAssociation(ogop1.id(),ogop1.goal(),ogop1.subGoal()) b.dbProxy.deleteGoalAssociation(ogop2.id(),ogop2.goal(),ogop2.subGoal()) b.dbProxy.deleteGoal(og1.id()) b.dbProxy.deleteGoal(og2.id()) b.dbProxy.deleteGoal(og3.id()) def tearDown(self): b = Borg() b.dbProxy.deleteAsset(self.oap[self.iap1.name()].id()) b.dbProxy.deleteEnvironment(self.oenvs[self.iep1.name()].id()) b.dbProxy.close() call([os.environ['CAIRIS_SRC'] + "/test/dropdb.sh"])
class ResponseTest(unittest.TestCase): def setUp(self): call([os.environ['CAIRIS_SRC'] + "/test/initdb.sh"]) cairis.core.BorgFactory.initialise() f = open(os.environ['CAIRIS_SRC'] + '/test/responses.json') d = json.load(f) f.close() self.ienvs = d['environments'] self.iep1 = EnvironmentParameters(self.ienvs[0]["theName"], self.ienvs[0]["theShortCode"], self.ienvs[0]["theDescription"]) b = Borg() b.dbProxy.addEnvironment(self.iep1) self.oenvs = b.dbProxy.getEnvironments() self.iRoles = d['roles'] self.irp = RoleParameters(self.iRoles[0]["theName"], self.iRoles[0]["theType"], self.iRoles[0]["theShortCode"], self.iRoles[0]["theDescription"], []) b.dbProxy.addRole(self.irp) self.oRoles = b.dbProxy.getRoles() self.iPersonas = d['personas'] self.ipp = PersonaParameters( self.iPersonas[0]["theName"], self.iPersonas[0]["theActivities"], self.iPersonas[0]["theAttitudes"], self.iPersonas[0]["theAptitudes"], self.iPersonas[0]["theMotivations"], self.iPersonas[0]["theSkills"], self.iPersonas[0]["theIntrinsic"], self.iPersonas[0]["theContextual"], "", "0", self.iPersonas[0]["thePersonaType"], [], [ PersonaEnvironmentProperties( self.iPersonas[0]["theEnvironmentProperties"][0] ["theName"], (self.iPersonas[0]["theEnvironmentProperties"] [0]["theDirectFlag"] == "True"), self.iPersonas[0]["theEnvironmentProperties"][0] ["theNarrative"], self.iPersonas[0] ["theEnvironmentProperties"][0]["theRole"]) ], []) b.dbProxy.addPersona(self.ipp) self.opp = b.dbProxy.getPersonas() self.iExternalDocuments = d['external_documents'] self.iec1 = ExternalDocumentParameters( self.iExternalDocuments[0]["theName"], self.iExternalDocuments[0]["theVersion"], self.iExternalDocuments[0]["thePublicationDate"], self.iExternalDocuments[0]["theAuthors"], self.iExternalDocuments[0]["theDescription"]) self.iec2 = ExternalDocumentParameters( self.iExternalDocuments[1]["theName"], self.iExternalDocuments[1]["theVersion"], self.iExternalDocuments[1]["thePublicationDate"], self.iExternalDocuments[1]["theAuthors"], self.iExternalDocuments[1]["theDescription"]) b.dbProxy.addExternalDocument(self.iec1) b.dbProxy.addExternalDocument(self.iec2) self.oecs = b.dbProxy.getExternalDocuments() self.iDocumentReferences = d['document_references'] self.idr1 = DocumentReferenceParameters( self.iDocumentReferences[0]["theName"], self.iDocumentReferences[0]["theDocName"], self.iDocumentReferences[0]["theContributor"], self.iDocumentReferences[0]["theExcerpt"]) self.idr2 = DocumentReferenceParameters( self.iDocumentReferences[1]["theName"], self.iDocumentReferences[1]["theDocName"], self.iDocumentReferences[1]["theContributor"], self.iDocumentReferences[1]["theExcerpt"]) b.dbProxy.addDocumentReference(self.idr1) b.dbProxy.addDocumentReference(self.idr2) self.odrs = b.dbProxy.getDocumentReferences() self.iPersonaCharacteristics = d['persona_characteristics'] self.ipc1 = PersonaCharacteristicParameters( self.iPersonaCharacteristics[0]["thePersonaName"], self.iPersonaCharacteristics[0]["theModQual"], self.iPersonaCharacteristics[0]["theVariable"], self.iPersonaCharacteristics[0]["theCharacteristic"], [(self.iPersonaCharacteristics[0]["ground"], '', 'document')], [(self.iPersonaCharacteristics[0]["warrant"], '', 'document')], [], []) b.dbProxy.addPersonaCharacteristic(self.ipc1) self.opcs = b.dbProxy.getPersonaCharacteristics() self.iAttackers = d['attackers'] self.iatkeps = [ AttackerEnvironmentProperties( self.iAttackers[0]["theEnvironmentProperties"][0]["theName"], self.iAttackers[0]["theEnvironmentProperties"][0]["theRoles"], self.iAttackers[0]["theEnvironmentProperties"][0] ["theMotives"], self.iAttackers[0]["theEnvironmentProperties"] [0]["theCapabilities"]) ] self.iatk = AttackerParameters(self.iAttackers[0]["theName"], self.iAttackers[0]["theDescription"], self.iAttackers[0]["theImage"], [], self.iatkeps) b.dbProxy.addAttacker(self.iatk) self.oAttackers = b.dbProxy.getAttackers() self.iVtypes = d['valuetypes'] self.ivt1 = ValueTypeParameters(self.iVtypes[0]["theName"], self.iVtypes[0]["theDescription"], self.iVtypes[0]["theType"]) self.ivt2 = ValueTypeParameters(self.iVtypes[1]["theName"], self.iVtypes[1]["theDescription"], self.iVtypes[1]["theType"]) b.dbProxy.addValueType(self.ivt1) b.dbProxy.addValueType(self.ivt2) self.ovtt = b.dbProxy.getValueTypes('threat_type') self.ovtv = b.dbProxy.getValueTypes('vulnerability_type') self.iassets = d['assets'] self.iaeps1 = [ AssetEnvironmentProperties( self.iassets[0]["theEnvironmentProperties"][0][0], self.iassets[0]["theEnvironmentProperties"][0][1], self.iassets[0]["theEnvironmentProperties"][0][2]) ] self.iaeps2 = [ AssetEnvironmentProperties( self.iassets[1]["theEnvironmentProperties"][0][0], self.iassets[1]["theEnvironmentProperties"][0][1], self.iassets[1]["theEnvironmentProperties"][0][2]) ] self.iaeps3 = [ AssetEnvironmentProperties( self.iassets[2]["theEnvironmentProperties"][0][0], self.iassets[2]["theEnvironmentProperties"][0][1], self.iassets[2]["theEnvironmentProperties"][0][2]) ] self.iap1 = AssetParameters(self.iassets[0]["theName"], self.iassets[0]["theShortCode"], self.iassets[0]["theDescription"], self.iassets[0]["theSignificance"], self.iassets[0]["theType"], "0", "N/A", [], [], self.iaeps1) self.iap2 = AssetParameters(self.iassets[1]["theName"], self.iassets[1]["theShortCode"], self.iassets[1]["theDescription"], self.iassets[1]["theSignificance"], self.iassets[1]["theType"], "0", "N/A", [], [], self.iaeps2) self.iap3 = AssetParameters(self.iassets[2]["theName"], self.iassets[2]["theShortCode"], self.iassets[2]["theDescription"], self.iassets[2]["theSignificance"], self.iassets[2]["theType"], "0", "N/A", [], [], self.iaeps3) b.dbProxy.addAsset(self.iap1) b.dbProxy.addAsset(self.iap2) b.dbProxy.addAsset(self.iap3) self.oap = b.dbProxy.getAssets() self.iThreats = d['threats'] self.iteps = [ ThreatEnvironmentProperties( self.iThreats[0]["theEnvironmentProperties"][0]["theName"], self.iThreats[0]["theEnvironmentProperties"][0] ["theLikelihood"], self.iThreats[0]["theEnvironmentProperties"][0]["theAssets"], self.iThreats[0]["theEnvironmentProperties"][0] ["theAttackers"], self.iThreats[0]["theEnvironmentProperties"] [0]["theProperties"][0][1], self.iThreats[0] ["theEnvironmentProperties"][0]["theProperties"][0][1]) ] self.itps = ThreatParameters(self.iThreats[0]["theName"], self.iThreats[0]["theType"], self.iThreats[0]["theMethod"], [], self.iteps) b.dbProxy.addThreat(self.itps) self.otps = b.dbProxy.getThreats() self.iVuln = d['vulnerabilities'] self.iveps = [ VulnerabilityEnvironmentProperties( self.iVuln[0]["theEnvironmentProperties"][0]["theName"], self.iVuln[0]["theEnvironmentProperties"][0]["theSeverity"], self.iVuln[0]["theEnvironmentProperties"][0]["theAssets"]) ] self.ivp = VulnerabilityParameters(self.iVuln[0]["theName"], self.iVuln[0]["theDescription"], self.iVuln[0]["theType"], [], self.iveps) b.dbProxy.addVulnerability(self.ivp) self.ovp = b.dbProxy.getVulnerabilities() self.imc = d['misuseCase'] self.iRisks = d['risks'] imcep = [ MisuseCaseEnvironmentProperties( self.imc[0]["theEnvironmentProperties"][0]["theName"], self.imc[0]["theEnvironmentProperties"][0]["theDescription"]) ] imcp = MisuseCase(int(0), self.imc[0]["theName"], imcep, self.imc[0]["theRisk"]) irp = RiskParameters(self.iRisks[0]["theName"], self.iRisks[0]["threatName"], self.iRisks[0]["vulName"], imcp, []) b.dbProxy.addRisk(irp) oRisks = b.dbProxy.getRisks() self.r = oRisks[self.iRisks[0]["theName"]] self.iResponses = d['responses'] def testResponse(self): iar1Name = self.iResponses[0]["theType"] + " " + self.iResponses[0][ "theRisk"] iaep1 = AcceptEnvironmentProperties( self.iResponses[0]["theEnvironmentProperties"][0], self.iResponses[0]["theEnvironmentProperties"][1], self.iResponses[0]["theEnvironmentProperties"][2]) iar1 = ResponseParameters(iar1Name, self.iResponses[0]["theRisk"], [], [iaep1], self.iResponses[0]["theType"]) iar2Name = self.iResponses[1]["theType"] + " " + self.iResponses[1][ "theRisk"] iaep2 = MitigateEnvironmentProperties( self.iResponses[1]["theEnvironmentProperties"], self.iResponses[1]["theType"]) iar2 = ResponseParameters(iar2Name, self.iResponses[1]["theRisk"], [], [iaep2], self.iResponses[1]["theType"]) b = Borg() b.dbProxy.addResponse(iar1) b.dbProxy.addResponse(iar2) self.ors = b.dbProxy.getResponses() self.oar1 = self.ors[iar1Name] self.oar2 = self.ors[iar2Name] self.assertEqual(iar1.name(), self.oar1.name()) self.assertEqual(iar1.risk(), self.oar1.risk()) self.assertEqual(iar1.responseType(), self.oar1.responseType()) self.assertEqual(iar1.environmentProperties()[0].cost(), self.oar1.environmentProperties()[0].cost()) self.assertEqual(iar1.environmentProperties()[0].description(), self.oar1.environmentProperties()[0].description()) self.assertEqual(iar2.name(), self.oar2.name()) self.assertEqual(iar2.risk(), self.oar2.risk()) self.assertEqual(iar2.responseType(), self.oar2.responseType()) rgp = cairis.core.GoalFactory.build(self.oar2) riskParameters = rgp[0] riskGoalId = b.dbProxy.addGoal(riskParameters) b.dbProxy.addTrace('response_goal', self.oar2.id(), riskGoalId) if (rgp > 1): threatParameters = rgp[1] vulnerabilityParameters = rgp[2] b.dbProxy.addGoal(vulnerabilityParameters) b.dbProxy.addGoal(threatParameters) b.dbProxy.relabelGoals(iaep2.name()) oGoals = b.dbProxy.getGoals() print oGoals rg = oGoals['Deter' + self.oar2.risk()] vg = oGoals[vulnerabilityParameters.name()] tg = oGoals[threatParameters.name()] ogops = b.dbProxy.getGoalAssociations() ogop1 = ogops[iaep2.name() + '/' + riskParameters.name() + '/' + threatParameters.name() + '/or'] ogop2 = ogops[iaep2.name() + '/' + riskParameters.name() + '/' + vulnerabilityParameters.name() + '/or'] b.dbProxy.deleteGoalAssociation(ogop1.id(), ogop1.goal(), ogop1.subGoal()) b.dbProxy.deleteGoalAssociation(ogop2.id(), ogop2.goal(), ogop2.subGoal()) b.dbProxy.deleteTrace('response', self.oar2.name(), 'goal', rg.name()) b.dbProxy.deleteGoal(tg.id()) b.dbProxy.deleteGoal(vg.id()) b.dbProxy.deleteGoal(rg.id()) b.dbProxy.deleteResponse(self.oar2.id()) b.dbProxy.deleteResponse(self.oar1.id()) def tearDown(self): b = Borg() b.dbProxy.deleteRisk(self.r.id()) b.dbProxy.deleteVulnerability(self.ovp[self.ivp.name()].id()) b.dbProxy.deleteThreat(self.otps[self.itps.name()].id()) b.dbProxy.deleteAsset(self.oap[self.iap3.name()].id()) b.dbProxy.deleteAsset(self.oap[self.iap2.name()].id()) b.dbProxy.deleteAsset(self.oap[self.iap1.name()].id()) b.dbProxy.deleteVulnerabilityType(0) b.dbProxy.deleteThreatType(0) b.dbProxy.deleteAttacker(self.oAttackers[self.iatk.name()].id()) b.dbProxy.deleteDocumentReference(self.odrs[self.idr1.name()].id()) b.dbProxy.deleteDocumentReference(self.odrs[self.idr2.name()].id()) b.dbProxy.deleteExternalDocument(self.oecs[self.iec1.name()].id()) b.dbProxy.deleteExternalDocument(self.oecs[self.iec2.name()].id()) b.dbProxy.deletePersona(self.opp[self.ipp.name()].id()) b.dbProxy.deleteRole(self.oRoles[self.irp.name()].id()) b.dbProxy.deleteEnvironment(self.oenvs[self.iep1.name()].id()) b.dbProxy.close() call([os.environ['CAIRIS_SRC'] + "/test/dropdb.sh"])
def parameters(self): parameters = AssetParameters(self.theAssetName,self.theShortCode,self.theAssetDescription,self.theAssetSignificance,self.theType,self.theCriticalIndicator,self.theCriticalRationale,self.theTags,self.theInterfaces,self.theEnvironmentProperties) parameters.setId(self.theAssetId) return parameters
class RiskTest(unittest.TestCase): def setUp(self): call([os.environ['CAIRIS_SRC'] + "/test/initdb.sh"]) cairis.core.BorgFactory.initialise() f = open(os.environ['CAIRIS_SRC'] + '/test/risks.json') d = json.load(f) f.close() self.ienvs = d['environments'] self.iep1 = EnvironmentParameters(self.ienvs[0]["theName"],self.ienvs[0]["theShortCode"],self.ienvs[0]["theDescription"]) b = Borg() b.dbProxy.addEnvironment(self.iep1) self.oenvs = b.dbProxy.getEnvironments() self.iRoles = d['roles'] self.irp = RoleParameters(self.iRoles[0]["theName"], self.iRoles[0]["theType"], self.iRoles[0]["theShortCode"], self.iRoles[0]["theDescription"],[]) b.dbProxy.addRole(self.irp) self.oRoles = b.dbProxy.getRoles() self.iPersonas = d['personas'] self.ipp = PersonaParameters(self.iPersonas[0]["theName"],self.iPersonas[0]["theActivities"],self.iPersonas[0]["theAttitudes"],self.iPersonas[0]["theAptitudes"],self.iPersonas[0]["theMotivations"],self.iPersonas[0]["theSkills"],self.iPersonas[0]["theIntrinsic"],self.iPersonas[0]["theContextual"],"","0",self.iPersonas[0]["thePersonaType"],[],[PersonaEnvironmentProperties(self.iPersonas[0]["theEnvironmentProperties"][0]["theName"],(self.iPersonas[0]["theEnvironmentProperties"][0]["theDirectFlag"] == "True"),self.iPersonas[0]["theEnvironmentProperties"][0]["theNarrative"],self.iPersonas[0]["theEnvironmentProperties"][0]["theRole"])],[]) b.dbProxy.addPersona(self.ipp) self.opp = b.dbProxy.getPersonas() self.iExternalDocuments = d['external_documents'] self.iec1 = ExternalDocumentParameters(self.iExternalDocuments[0]["theName"],self.iExternalDocuments[0]["theVersion"],self.iExternalDocuments[0]["thePublicationDate"],self.iExternalDocuments[0]["theAuthors"],self.iExternalDocuments[0]["theDescription"]) self.iec2 = ExternalDocumentParameters(self.iExternalDocuments[1]["theName"],self.iExternalDocuments[1]["theVersion"],self.iExternalDocuments[1]["thePublicationDate"],self.iExternalDocuments[1]["theAuthors"],self.iExternalDocuments[1]["theDescription"]) b.dbProxy.addExternalDocument(self.iec1) b.dbProxy.addExternalDocument(self.iec2) self.oecs = b.dbProxy.getExternalDocuments() self.iDocumentReferences = d['document_references'] self.idr1 = DocumentReferenceParameters(self.iDocumentReferences[0]["theName"],self.iDocumentReferences[0]["theDocName"],self.iDocumentReferences[0]["theContributor"],self.iDocumentReferences[0]["theExcerpt"]) self.idr2 = DocumentReferenceParameters(self.iDocumentReferences[1]["theName"],self.iDocumentReferences[1]["theDocName"],self.iDocumentReferences[1]["theContributor"],self.iDocumentReferences[1]["theExcerpt"]) b.dbProxy.addDocumentReference(self.idr1) b.dbProxy.addDocumentReference(self.idr2) self.odrs = b.dbProxy.getDocumentReferences() self.iPersonaCharacteristics = d['persona_characteristics'] self.ipc1 = PersonaCharacteristicParameters(self.iPersonaCharacteristics[0]["thePersonaName"],self.iPersonaCharacteristics[0]["theModQual"],self.iPersonaCharacteristics[0]["theVariable"],self.iPersonaCharacteristics[0]["theCharacteristic"],[(self.iPersonaCharacteristics[0]["ground"],'','document')],[(self.iPersonaCharacteristics[0]["warrant"],'','document')],[],[]) b.dbProxy.addPersonaCharacteristic(self.ipc1) self.opcs = b.dbProxy.getPersonaCharacteristics() self.iAttackers = d['attackers'] self.iatkeps = [AttackerEnvironmentProperties(self.iAttackers[0]["theEnvironmentProperties"][0]["theName"],self.iAttackers[0]["theEnvironmentProperties"][0]["theRoles"],self.iAttackers[0]["theEnvironmentProperties"][0]["theMotives"],self.iAttackers[0]["theEnvironmentProperties"][0]["theCapabilities"])] self.iatk = AttackerParameters(self.iAttackers[0]["theName"], self.iAttackers[0]["theDescription"], self.iAttackers[0]["theImage"],[],self.iatkeps) b.dbProxy.addAttacker(self.iatk) self.oAttackers = b.dbProxy.getAttackers() self.iVtypes = d['valuetypes'] self.ivt1 = ValueTypeParameters(self.iVtypes[0]["theName"], self.iVtypes[0]["theDescription"], self.iVtypes[0]["theType"]) self.ivt2 = ValueTypeParameters(self.iVtypes[1]["theName"], self.iVtypes[1]["theDescription"], self.iVtypes[1]["theType"]) b.dbProxy.addValueType(self.ivt1) b.dbProxy.addValueType(self.ivt2) self.ovtt = b.dbProxy.getValueTypes('threat_type') self.ovtv = b.dbProxy.getValueTypes('vulnerability_type') self.iassets = d['assets'] self.iaeps1 = [AssetEnvironmentProperties(self.iassets[0]["theEnvironmentProperties"][0][0],self.iassets[0]["theEnvironmentProperties"][0][1],self.iassets[0]["theEnvironmentProperties"][0][2])] self.iap1 = AssetParameters(self.iassets[0]["theName"],self.iassets[0]["theShortCode"],self.iassets[0]["theDescription"],self.iassets[0]["theSignificance"],self.iassets[0]["theType"],"0","N/A",[],[],self.iaeps1) self.iap2 = AssetParameters(self.iassets[1]["theName"],self.iassets[1]["theShortCode"],self.iassets[1]["theDescription"],self.iassets[1]["theSignificance"],self.iassets[1]["theType"],"0","N/A",[],[],self.iaeps1) self.iap3 = AssetParameters(self.iassets[2]["theName"],self.iassets[2]["theShortCode"],self.iassets[2]["theDescription"],self.iassets[2]["theSignificance"],self.iassets[2]["theType"],"0","N/A",[],[],self.iaeps1) b.dbProxy.addAsset(self.iap1) b.dbProxy.addAsset(self.iap2) b.dbProxy.addAsset(self.iap3) self.oap = b.dbProxy.getAssets() self.iThreats = d['threats'] self.iteps = [ThreatEnvironmentProperties(self.iThreats[0]["theEnvironmentProperties"][0]["theName"],self.iThreats[0]["theEnvironmentProperties"][0]["theLikelihood"],self.iThreats[0]["theEnvironmentProperties"][0]["theAssets"],self.iThreats[0]["theEnvironmentProperties"][0]["theAttackers"],self.iThreats[0]["theEnvironmentProperties"][0]["theProperties"][0][1],self.iThreats[0]["theEnvironmentProperties"][0]["theProperties"][0][1])] self.itps = ThreatParameters(self.iThreats[0]["theName"],self.iThreats[0]["theType"],self.iThreats[0]["theMethod"],[],self.iteps) b.dbProxy.addThreat(self.itps) self.otps = b.dbProxy.getThreats() self.iVuln = d['vulnerabilities'] self.iveps = [VulnerabilityEnvironmentProperties(self.iVuln[0]["theEnvironmentProperties"][0]["theName"],self.iVuln[0]["theEnvironmentProperties"][0]["theSeverity"],self.iVuln[0]["theEnvironmentProperties"][0]["theAssets"])] self.ivp = VulnerabilityParameters(self.iVuln[0]["theName"],self.iVuln[0]["theDescription"],self.iVuln[0]["theType"], [], self.iveps) b.dbProxy.addVulnerability(self.ivp) self.ovp = b.dbProxy.getVulnerabilities() self.imc = d['misuseCase'] self.iRisks = d['risks'] def testRisk(self): imcep = [MisuseCaseEnvironmentProperties(self.imc[0]["theEnvironmentProperties"][0]["theName"],self.imc[0]["theEnvironmentProperties"][0]["theDescription"])] imcp = MisuseCase(int(0), self.imc[0]["theName"], imcep,self.imc[0]["theRisk"]) irp = RiskParameters(self.iRisks[0]["theName"],self.iRisks[0]["threatName"],self.iRisks[0]["vulName"], imcp,[]) b = Borg() b.dbProxy.addRisk(irp) oRisks = b.dbProxy.getRisks() o = oRisks[self.iRisks[0]["theName"]] self.assertEqual(irp.name(), o.name()) self.assertEqual(irp.threat(),o.threat()) self.assertEqual(irp.vulnerability(),o.vulnerability()) # scoreDetails = b.dbProxy.riskScore(self.iRisks[0]["threatName"],self.iRisks[0]["vulName"],self.iaeps1[0].name()) # preScore = scoreDetails[0][1] # postScore = scoreDetails[0][2] # self.assertEqual(preScore,9) # self.assertEqual(postScore,9) imcp.theName = 'Updated risk' imcp.theId = o.misuseCase().id() irp.theRiskName = 'Updated risk' irp.theMisuseCase = imcp irp.setId(o.id()) b.dbProxy.updateRisk(irp) oRisks = b.dbProxy.getRisks() o = oRisks['Updated risk'] self.assertEqual(o.name(),'Updated risk') self.assertEqual(irp.threat(),o.threat()) self.assertEqual(irp.vulnerability(),o.vulnerability()) b.dbProxy.deleteRisk(o.id()) def tearDown(self): b = Borg() b.dbProxy.deleteVulnerability(self.ovp[self.ivp.name()].id()) b.dbProxy.deleteThreat(self.otps[self.itps.name()].id()) b.dbProxy.deleteAsset(self.oap[self.iap3.name()].id()) b.dbProxy.deleteAsset(self.oap[self.iap2.name()].id()) b.dbProxy.deleteAsset(self.oap[self.iap1.name()].id()) b.dbProxy.deleteVulnerabilityType(0) b.dbProxy.deleteThreatType(0) b.dbProxy.deleteAttacker(self.oAttackers[self.iatk.name()].id()) b.dbProxy.deleteDocumentReference(self.odrs[self.idr1.name()].id()) b.dbProxy.deleteDocumentReference(self.odrs[self.idr2.name()].id()) b.dbProxy.deleteExternalDocument(self.oecs[self.iec1.name()].id()) b.dbProxy.deleteExternalDocument(self.oecs[self.iec2.name()].id()) b.dbProxy.deletePersona(self.opp[self.ipp.name()].id()) b.dbProxy.deleteRole(self.oRoles[self.irp.name()].id()) b.dbProxy.deleteEnvironment(self.oenvs[self.iep1.name()].id()) b.dbProxy.close() call([os.environ['CAIRIS_SRC'] + "/test/dropdb.sh"])
def setUp(self): call([os.environ['CAIRIS_CFG_DIR'] + "/initdb.sh"]) cairis.core.BorgFactory.initialise() f = open(os.environ['CAIRIS_SRC'] + '/test/tasks.json') d = json.load(f) f.close() iEnvironments = d['environments'] iep1 = EnvironmentParameters(iEnvironments[0]["theName"], iEnvironments[0]["theShortCode"], iEnvironments[0]["theDescription"]) iep2 = EnvironmentParameters(iEnvironments[1]["theName"], iEnvironments[1]["theShortCode"], iEnvironments[1]["theDescription"]) b = Borg() b.dbProxy.addEnvironment(iep1) b.dbProxy.addEnvironment(iep2) iRoles = d['roles'] irp = RoleParameters(iRoles[0]["theName"], iRoles[0]["theType"], iRoles[0]["theShortCode"], iRoles[0]["theDescription"], []) b.dbProxy.addRole(irp) iPersonas = d['personas'] ipp = PersonaParameters( iPersonas[0]["theName"], iPersonas[0]["theActivities"], iPersonas[0]["theAttitudes"], iPersonas[0]["theAptitudes"], iPersonas[0]["theMotivations"], iPersonas[0]["theSkills"], iPersonas[0]["theIntrinsic"], iPersonas[0]["theContextual"], "", "0", iPersonas[0]["thePersonaType"], [], [ PersonaEnvironmentProperties( iPersonas[0]["theEnvironmentProperties"][0]["theName"], (iPersonas[0]["theEnvironmentProperties"][0] ["theDirectFlag"] == "True"), iPersonas[0] ["theEnvironmentProperties"][0]["theNarrative"], iPersonas[0]["theEnvironmentProperties"][0]["theRole"]), PersonaEnvironmentProperties( iPersonas[0]["theEnvironmentProperties"][1]["theName"], (iPersonas[0]["theEnvironmentProperties"][1] ["theDirectFlag"] == "True"), iPersonas[0] ["theEnvironmentProperties"][1]["theNarrative"], iPersonas[0]["theEnvironmentProperties"][1]["theRole"]) ], []) b.dbProxy.addPersona(ipp) iAssets = d['assets'] iaeps = [ AssetEnvironmentProperties( iAssets[0]["theEnvironmentProperties"][0][0], iAssets[0]["theEnvironmentProperties"][0][1], iAssets[0]["theEnvironmentProperties"][0][2]), AssetEnvironmentProperties( iAssets[0]["theEnvironmentProperties"][1][0], iAssets[0]["theEnvironmentProperties"][1][1], iAssets[0]["theEnvironmentProperties"][1][2]) ] iap = AssetParameters(iAssets[0]["theName"], iAssets[0]["theShortCode"], iAssets[0]["theDescription"], iAssets[0]["theSignificance"], iAssets[0]["theType"], "0", "N/A", [], [], iaeps) b = Borg() b.dbProxy.addAsset(iap) self.iTasks = d['tasks']
def testAsset(self): iaeps = [ AssetEnvironmentProperties( self.iassets[0]["theEnvironmentProperties"][0][0], self.iassets[0]["theEnvironmentProperties"][0][1], self.iassets[0]["theEnvironmentProperties"][0][2]) ] iap = AssetParameters(self.iassets[0]["theName"], self.iassets[0]["theShortCode"], self.iassets[0]["theDescription"], self.iassets[0]["theSignificance"], self.iassets[0]["theType"], "0", "N/A", [], [], iaeps) b = Borg() iap.theShortCode = 'TESTCODE123456789012345678901234567890' with self.assertRaises(AttributeTooBig): b.dbProxy.addAsset(iap) iap.theShortCode = 'TESTCODE' b.dbProxy.addAsset(iap) oaps = b.dbProxy.getAssets() oap = oaps[self.iassets[0]["theName"]] self.assertEqual(iap.name(), oap.name()) self.assertEqual(iap.shortCode(), oap.shortCode()) self.assertEqual(iap.description(), oap.description()) self.assertEqual(iap.significance(), oap.significance()) oaeps = oap.environmentProperties() self.assertEqual(iaeps[0].name(), oaeps[0].name()) self.assertEqual(str(iaeps[0].properties()[0]), str(oaeps[0].properties()[0])) self.assertEqual(str(iaeps[0].properties()[1]), str(oaeps[0].properties()[1])) self.assertEqual(str(iaeps[0].properties()[2]), str(oaeps[0].properties()[2])) self.assertEqual(str(iaeps[0].properties()[3]), str(oaeps[0].properties()[3])) self.assertEqual(str(iaeps[0].properties()[4]), str(oaeps[0].properties()[4])) self.assertEqual(str(iaeps[0].properties()[5]), str(oaeps[0].properties()[5])) self.assertEqual(str(iaeps[0].properties()[6]), str(oaeps[0].properties()[6])) self.assertEqual(str(iaeps[0].properties()[7]), str(oaeps[0].properties()[7])) self.assertEqual(iaeps[0].rationale()[0], oaeps[0].rationale()[0]) self.assertEqual(iaeps[0].rationale()[1], oaeps[0].rationale()[1]) self.assertEqual(iaeps[0].rationale()[2], oaeps[0].rationale()[2]) self.assertEqual(iaeps[0].rationale()[3], oaeps[0].rationale()[3]) self.assertEqual(iaeps[0].rationale()[4], oaeps[0].rationale()[4]) self.assertEqual(iaeps[0].rationale()[5], oaeps[0].rationale()[5]) self.assertEqual(iaeps[0].rationale()[6], oaeps[0].rationale()[6]) self.assertEqual(iaeps[0].rationale()[7], oaeps[0].rationale()[7]) envName = self.iassets[0]["theEnvironmentProperties"][0][0] self.assertEqual(str(iaeps[0].properties()[0]), str(oap.securityProperties(envName, '', envName)[0])) self.assertEqual(str(iaeps[0].properties()[1]), str(oap.securityProperties(envName, '', envName)[1])) self.assertEqual(str(iaeps[0].properties()[2]), str(oap.securityProperties(envName, '', envName)[2])) self.assertEqual(str(iaeps[0].properties()[3]), str(oap.securityProperties(envName, '', envName)[3])) self.assertEqual(str(iaeps[0].properties()[4]), str(oap.securityProperties(envName, '', envName)[4])) self.assertEqual(str(iaeps[0].properties()[5]), str(oap.securityProperties(envName, '', envName)[5])) self.assertEqual(str(iaeps[0].properties()[6]), str(oap.securityProperties(envName, '', envName)[6])) self.assertEqual(str(iaeps[0].properties()[7]), str(oap.securityProperties(envName, '', envName)[7])) self.assertEqual([ [ 'Confidentiality', 'High', 'Researchers very worried about the disclosure of partially anonymised patient data.' ], [ 'Availability', 'Medium', 'Availability of NeuroGrid is quite important, but prepared to sacrifice this if doing so safeguards clinical data.' ] ], oap.propertyList('Psychosis', '', '')) self.assertEqual([['Confidentiality', 'High', 'None'], ['Availability', 'Medium', 'None']], oap.propertyList('', 'Maximise', '')) self.assertEqual([['Confidentiality', 'High', 'None'], ['Availability', 'Medium', 'None']], oap.propertyList('', 'Override', 'Psychosis')) oap.theShortCode = 'TESTCODE' oap.theAssetPropertyDictionary['Psychosis'].theSecurityProperties[ 0] = 1 b.dbProxy.updateAsset(oap) oaps2 = b.dbProxy.getAssets(oap.id()) oap2 = oaps[self.iassets[0]["theName"]] self.assertEqual(oap2.shortCode(), 'TESTCODE') oaps = b.dbProxy.deleteAsset(oap.id())
class RiskTest(unittest.TestCase): def setUp(self): call([os.environ['CAIRIS_SRC'] + "/test/initdb.sh"]) cairis.core.BorgFactory.initialise() f = open(os.environ['CAIRIS_SRC'] + '/test/risks.json') d = json.load(f) f.close() self.ienvs = d['environments'] self.iep1 = EnvironmentParameters(self.ienvs[0]["theName"], self.ienvs[0]["theShortCode"], self.ienvs[0]["theDescription"]) b = Borg() b.dbProxy.addEnvironment(self.iep1) self.oenvs = b.dbProxy.getEnvironments() self.iRoles = d['roles'] self.irp = RoleParameters(self.iRoles[0]["theName"], self.iRoles[0]["theType"], self.iRoles[0]["theShortCode"], self.iRoles[0]["theDescription"], []) b.dbProxy.addRole(self.irp) self.oRoles = b.dbProxy.getRoles() self.iPersonas = d['personas'] self.ipp = PersonaParameters( self.iPersonas[0]["theName"], self.iPersonas[0]["theActivities"], self.iPersonas[0]["theAttitudes"], self.iPersonas[0]["theAptitudes"], self.iPersonas[0]["theMotivations"], self.iPersonas[0]["theSkills"], self.iPersonas[0]["theIntrinsic"], self.iPersonas[0]["theContextual"], "", "0", self.iPersonas[0]["thePersonaType"], [], [ PersonaEnvironmentProperties( self.iPersonas[0]["theEnvironmentProperties"][0] ["theName"], (self.iPersonas[0]["theEnvironmentProperties"] [0]["theDirectFlag"] == "True"), self.iPersonas[0]["theEnvironmentProperties"][0] ["theNarrative"], self.iPersonas[0] ["theEnvironmentProperties"][0]["theRole"]) ], []) b.dbProxy.addPersona(self.ipp) self.opp = b.dbProxy.getPersonas() self.iExternalDocuments = d['external_documents'] self.iec1 = ExternalDocumentParameters( self.iExternalDocuments[0]["theName"], self.iExternalDocuments[0]["theVersion"], self.iExternalDocuments[0]["thePublicationDate"], self.iExternalDocuments[0]["theAuthors"], self.iExternalDocuments[0]["theDescription"]) self.iec2 = ExternalDocumentParameters( self.iExternalDocuments[1]["theName"], self.iExternalDocuments[1]["theVersion"], self.iExternalDocuments[1]["thePublicationDate"], self.iExternalDocuments[1]["theAuthors"], self.iExternalDocuments[1]["theDescription"]) b.dbProxy.addExternalDocument(self.iec1) b.dbProxy.addExternalDocument(self.iec2) self.oecs = b.dbProxy.getExternalDocuments() self.iDocumentReferences = d['document_references'] self.idr1 = DocumentReferenceParameters( self.iDocumentReferences[0]["theName"], self.iDocumentReferences[0]["theDocName"], self.iDocumentReferences[0]["theContributor"], self.iDocumentReferences[0]["theExcerpt"]) self.idr2 = DocumentReferenceParameters( self.iDocumentReferences[1]["theName"], self.iDocumentReferences[1]["theDocName"], self.iDocumentReferences[1]["theContributor"], self.iDocumentReferences[1]["theExcerpt"]) b.dbProxy.addDocumentReference(self.idr1) b.dbProxy.addDocumentReference(self.idr2) self.odrs = b.dbProxy.getDocumentReferences() self.iPersonaCharacteristics = d['persona_characteristics'] self.ipc1 = PersonaCharacteristicParameters( self.iPersonaCharacteristics[0]["thePersonaName"], self.iPersonaCharacteristics[0]["theModQual"], self.iPersonaCharacteristics[0]["theVariable"], self.iPersonaCharacteristics[0]["theCharacteristic"], [(self.iPersonaCharacteristics[0]["ground"], '', 'document')], [(self.iPersonaCharacteristics[0]["warrant"], '', 'document')], [], []) b.dbProxy.addPersonaCharacteristic(self.ipc1) self.opcs = b.dbProxy.getPersonaCharacteristics() self.iAttackers = d['attackers'] self.iatkeps = [ AttackerEnvironmentProperties( self.iAttackers[0]["theEnvironmentProperties"][0]["theName"], self.iAttackers[0]["theEnvironmentProperties"][0]["theRoles"], self.iAttackers[0]["theEnvironmentProperties"][0] ["theMotives"], self.iAttackers[0]["theEnvironmentProperties"] [0]["theCapabilities"]) ] self.iatk = AttackerParameters(self.iAttackers[0]["theName"], self.iAttackers[0]["theDescription"], self.iAttackers[0]["theImage"], [], self.iatkeps) b.dbProxy.addAttacker(self.iatk) self.oAttackers = b.dbProxy.getAttackers() self.iVtypes = d['valuetypes'] self.ivt1 = ValueTypeParameters(self.iVtypes[0]["theName"], self.iVtypes[0]["theDescription"], self.iVtypes[0]["theType"]) self.ivt2 = ValueTypeParameters(self.iVtypes[1]["theName"], self.iVtypes[1]["theDescription"], self.iVtypes[1]["theType"]) b.dbProxy.addValueType(self.ivt1) b.dbProxy.addValueType(self.ivt2) self.ovtt = b.dbProxy.getValueTypes('threat_type') self.ovtv = b.dbProxy.getValueTypes('vulnerability_type') self.iassets = d['assets'] self.iaeps1 = [ AssetEnvironmentProperties( self.iassets[0]["theEnvironmentProperties"][0][0], self.iassets[0]["theEnvironmentProperties"][0][1], self.iassets[0]["theEnvironmentProperties"][0][2]) ] self.iap1 = AssetParameters(self.iassets[0]["theName"], self.iassets[0]["theShortCode"], self.iassets[0]["theDescription"], self.iassets[0]["theSignificance"], self.iassets[0]["theType"], "0", "N/A", [], [], self.iaeps1) self.iap2 = AssetParameters(self.iassets[1]["theName"], self.iassets[1]["theShortCode"], self.iassets[1]["theDescription"], self.iassets[1]["theSignificance"], self.iassets[1]["theType"], "0", "N/A", [], [], self.iaeps1) self.iap3 = AssetParameters(self.iassets[2]["theName"], self.iassets[2]["theShortCode"], self.iassets[2]["theDescription"], self.iassets[2]["theSignificance"], self.iassets[2]["theType"], "0", "N/A", [], [], self.iaeps1) b.dbProxy.addAsset(self.iap1) b.dbProxy.addAsset(self.iap2) b.dbProxy.addAsset(self.iap3) self.oap = b.dbProxy.getAssets() self.iThreats = d['threats'] self.iteps = [ ThreatEnvironmentProperties( self.iThreats[0]["theEnvironmentProperties"][0]["theName"], self.iThreats[0]["theEnvironmentProperties"][0] ["theLikelihood"], self.iThreats[0]["theEnvironmentProperties"][0]["theAssets"], self.iThreats[0]["theEnvironmentProperties"][0] ["theAttackers"], self.iThreats[0]["theEnvironmentProperties"] [0]["theProperties"][0][1], self.iThreats[0] ["theEnvironmentProperties"][0]["theProperties"][0][1]) ] self.itps = ThreatParameters(self.iThreats[0]["theName"], self.iThreats[0]["theType"], self.iThreats[0]["theMethod"], [], self.iteps) b.dbProxy.addThreat(self.itps) self.otps = b.dbProxy.getThreats() self.iVuln = d['vulnerabilities'] self.iveps = [ VulnerabilityEnvironmentProperties( self.iVuln[0]["theEnvironmentProperties"][0]["theName"], self.iVuln[0]["theEnvironmentProperties"][0]["theSeverity"], self.iVuln[0]["theEnvironmentProperties"][0]["theAssets"]) ] self.ivp = VulnerabilityParameters(self.iVuln[0]["theName"], self.iVuln[0]["theDescription"], self.iVuln[0]["theType"], [], self.iveps) b.dbProxy.addVulnerability(self.ivp) self.ovp = b.dbProxy.getVulnerabilities() self.imc = d['misuseCase'] self.iRisks = d['risks'] def testRisk(self): imcep = [ MisuseCaseEnvironmentProperties( self.imc[0]["theEnvironmentProperties"][0]["theName"], self.imc[0]["theEnvironmentProperties"][0]["theDescription"]) ] imcp = MisuseCase(int(0), self.imc[0]["theName"], imcep, self.imc[0]["theRisk"]) irp = RiskParameters(self.iRisks[0]["theName"], self.iRisks[0]["threatName"], self.iRisks[0]["vulName"], imcp, []) b = Borg() b.dbProxy.addRisk(irp) oRisks = b.dbProxy.getRisks() o = oRisks[self.iRisks[0]["theName"]] self.assertEqual(irp.name(), o.name()) self.assertEqual(irp.threat(), o.threat()) self.assertEqual(irp.vulnerability(), o.vulnerability()) # scoreDetails = b.dbProxy.riskScore(self.iRisks[0]["threatName"],self.iRisks[0]["vulName"],self.iaeps1[0].name()) # preScore = scoreDetails[0][1] # postScore = scoreDetails[0][2] # self.assertEqual(preScore,9) # self.assertEqual(postScore,9) imcp.theName = 'Updated risk' imcp.theId = o.misuseCase().id() irp.theRiskName = 'Updated risk' irp.theMisuseCase = imcp irp.setId(o.id()) b.dbProxy.updateRisk(irp) oRisks = b.dbProxy.getRisks() o = oRisks['Updated risk'] self.assertEqual(o.name(), 'Updated risk') self.assertEqual(irp.threat(), o.threat()) self.assertEqual(irp.vulnerability(), o.vulnerability()) b.dbProxy.deleteRisk(o.id()) def tearDown(self): b = Borg() b.dbProxy.deleteVulnerability(self.ovp[self.ivp.name()].id()) b.dbProxy.deleteThreat(self.otps[self.itps.name()].id()) b.dbProxy.deleteAsset(self.oap[self.iap3.name()].id()) b.dbProxy.deleteAsset(self.oap[self.iap2.name()].id()) b.dbProxy.deleteAsset(self.oap[self.iap1.name()].id()) b.dbProxy.deleteVulnerabilityType(0) b.dbProxy.deleteThreatType(0) b.dbProxy.deleteAttacker(self.oAttackers[self.iatk.name()].id()) b.dbProxy.deleteDocumentReference(self.odrs[self.idr1.name()].id()) b.dbProxy.deleteDocumentReference(self.odrs[self.idr2.name()].id()) b.dbProxy.deleteExternalDocument(self.oecs[self.iec1.name()].id()) b.dbProxy.deleteExternalDocument(self.oecs[self.iec2.name()].id()) b.dbProxy.deletePersona(self.opp[self.ipp.name()].id()) b.dbProxy.deleteRole(self.oRoles[self.irp.name()].id()) b.dbProxy.deleteEnvironment(self.oenvs[self.iep1.name()].id()) b.dbProxy.close() call([os.environ['CAIRIS_SRC'] + "/test/dropdb.sh"])
class GoalTest(unittest.TestCase): def setUp(self): call([os.environ['CAIRIS_SRC'] + "/test/initdb.sh"]) cairis.core.BorgFactory.initialise() f = open(os.environ['CAIRIS_SRC'] + '/test/goals.json') d = json.load(f) f.close() self.ienvs = d['environments'] self.iep1 = EnvironmentParameters(self.ienvs[0]["theName"], self.ienvs[0]["theShortCode"], self.ienvs[0]["theDescription"]) b = Borg() b.dbProxy.addEnvironment(self.iep1) self.oenvs = b.dbProxy.getEnvironments() self.iassets = d['assets'] self.iaeps1 = [ AssetEnvironmentProperties( self.iassets[0]["theEnvironmentProperties"][0][0], self.iassets[0]["theEnvironmentProperties"][0][1], self.iassets[0]["theEnvironmentProperties"][0][2]) ] self.iap1 = AssetParameters(self.iassets[0]["theName"], self.iassets[0]["theShortCode"], self.iassets[0]["theDescription"], self.iassets[0]["theSignificance"], self.iassets[0]["theType"], "0", "N/A", [], [], self.iaeps1) b.dbProxy.addAsset(self.iap1) self.oap = b.dbProxy.getAssets() self.iGoals = d['goals'] def testGoal(self): b = Borg() igep1 = GoalEnvironmentProperties( self.iGoals[0]["theEnvironmentProperties"][0], self.iGoals[0]["theEnvironmentProperties"][1], self.iGoals[0]["theEnvironmentProperties"][2], self.iGoals[0]["theEnvironmentProperties"][3], self.iGoals[0]["theEnvironmentProperties"][4], self.iGoals[0]["theEnvironmentProperties"][5], self.iGoals[0]["theEnvironmentProperties"][6], [], [], [self.iGoals[0]["theEnvironmentProperties"][7]], []) igep2 = GoalEnvironmentProperties( self.iGoals[1]["theEnvironmentProperties"][0], self.iGoals[1]["theEnvironmentProperties"][1], self.iGoals[1]["theEnvironmentProperties"][2], self.iGoals[1]["theEnvironmentProperties"][3], self.iGoals[1]["theEnvironmentProperties"][4], self.iGoals[1]["theEnvironmentProperties"][5], self.iGoals[1]["theEnvironmentProperties"][6], [], [], [self.iGoals[1]["theEnvironmentProperties"][7]], []) igep3 = GoalEnvironmentProperties( self.iGoals[2]["theEnvironmentProperties"][0], self.iGoals[2]["theEnvironmentProperties"][1], self.iGoals[2]["theEnvironmentProperties"][2], self.iGoals[2]["theEnvironmentProperties"][3], self.iGoals[2]["theEnvironmentProperties"][4], self.iGoals[2]["theEnvironmentProperties"][5], self.iGoals[2]["theEnvironmentProperties"][6], [], [], [self.iGoals[2]["theEnvironmentProperties"][7]], []) igp1 = GoalParameters(self.iGoals[0]["theName"], self.iGoals[0]["theOriginator"], [], [igep1]) igp2 = GoalParameters(self.iGoals[1]["theName"], self.iGoals[1]["theOriginator"], [], [igep2]) igp3 = GoalParameters(self.iGoals[2]["theName"], self.iGoals[2]["theOriginator"], [], [igep3]) b.dbProxy.addGoal(igp1) b.dbProxy.addGoal(igp2) b.dbProxy.addGoal(igp3) b.dbProxy.relabelGoals(igep1.name()) oGoals = b.dbProxy.getGoals() og1 = oGoals[self.iGoals[0]["theName"]] og2 = oGoals[self.iGoals[1]["theName"]] og3 = oGoals[self.iGoals[2]["theName"]] self.assertEqual(igp1.name(), og1.name()) self.assertEqual(igp1.originator(), og1.originator()) ogep1 = og1.environmentProperty(igep1.name()) ogep2 = og2.environmentProperty(igep1.name()) self.assertEqual(igep1.label(), ogep1.label()) self.assertEqual(igep1.definition(), ogep1.definition()) self.assertEqual(igep1.category(), ogep1.category()) self.assertEqual(igep1.priority(), ogep1.priority()) self.assertEqual(igep1.fitCriterion(), ogep1.fitCriterion()) self.assertEqual(igep1.issue(), ogep1.issue()) self.assertEqual(igep1.goalRefinements(), ogep1.goalRefinements()) self.assertEqual(igep1.subGoalRefinements(), ogep1.subGoalRefinements()) self.assertEqual(igep1.concerns(), ogep1.concerns()) self.assertEqual(igep1.concernAssociations(), ogep1.concernAssociations()) envName = self.iGoals[0]["theEnvironmentProperties"][0] self.assertEqual(igep1.label(), og1.label(envName)) self.assertEqual(igep1.definition(), og1.definition(envName, '')) self.assertEqual(igep1.category(), og1.category(envName, '')) self.assertEqual(igep1.priority(), og1.priority(envName, '')) self.assertEqual(igep1.fitCriterion(), og1.fitCriterion(envName, '')) self.assertEqual(igep1.issue(), og1.issue(envName, '')) self.assertEqual(igep2.label(), ogep2.label()) self.assertEqual(igep2.definition(), ogep2.definition()) self.assertEqual(igep2.category(), ogep2.category()) self.assertEqual(igep2.priority(), ogep2.priority()) self.assertEqual(igep2.fitCriterion(), ogep2.fitCriterion()) self.assertEqual(igep2.issue(), ogep2.issue()) self.assertEqual(igep2.goalRefinements(), ogep2.goalRefinements()) self.assertEqual(igep2.subGoalRefinements(), ogep2.subGoalRefinements()) self.assertEqual(igep2.concerns(), ogep2.concerns()) self.assertEqual(igep2.concernAssociations(), ogep2.concernAssociations()) igop1 = GoalAssociationParameters(igep1.name(), igp1.name(), 'goal', 'and', igp2.name(), 'goal', 0, 'None') igop2 = GoalAssociationParameters(igep1.name(), igp1.name(), 'goal', 'and', igp3.name(), 'goal', 0, 'None') b.dbProxy.addGoalAssociation(igop1) b.dbProxy.addGoalAssociation(igop2) ogops = b.dbProxy.getGoalAssociations() ogop1 = ogops[igep1.name() + '/' + igp1.name() + '/' + igp2.name() + '/and'] ogop2 = ogops[igep2.name() + '/' + igp1.name() + '/' + igp3.name() + '/and'] self.assertEqual(igop1.environment(), ogop1.environment()) self.assertEqual(igop1.goal(), ogop1.goal()) self.assertEqual(igop1.goalDimension(), ogop1.goalDimension()) self.assertEqual(igop1.type(), ogop1.type()) self.assertEqual(igop1.subGoal(), ogop1.subGoal()) self.assertEqual(igop1.subGoalDimension(), ogop1.subGoalDimension()) self.assertEqual(igop1.alternative(), ogop1.alternative()) self.assertEqual(igop1.rationale(), ogop1.rationale()) self.assertEqual(igop2.environment(), ogop2.environment()) self.assertEqual(igop2.goal(), ogop2.goal()) self.assertEqual(igop2.goalDimension(), ogop2.goalDimension()) self.assertEqual(igop2.type(), ogop2.type()) self.assertEqual(igop2.subGoal(), ogop2.subGoal()) self.assertEqual(igop2.subGoalDimension(), ogop2.subGoalDimension()) self.assertEqual(igop2.alternative(), ogop2.alternative()) self.assertEqual(igop2.rationale(), ogop2.rationale()) b.dbProxy.deleteGoalAssociation(ogop1.id(), ogop1.goal(), ogop1.subGoal()) b.dbProxy.deleteGoalAssociation(ogop2.id(), ogop2.goal(), ogop2.subGoal()) b.dbProxy.deleteGoal(og1.id()) b.dbProxy.deleteGoal(og2.id()) b.dbProxy.deleteGoal(og3.id()) def tearDown(self): b = Borg() b.dbProxy.deleteAsset(self.oap[self.iap1.name()].id()) b.dbProxy.deleteEnvironment(self.oenvs[self.iep1.name()].id()) b.dbProxy.close() call([os.environ['CAIRIS_SRC'] + "/test/dropdb.sh"])
class ResponseTest(unittest.TestCase): def setUp(self): call([os.environ['CAIRIS_SRC'] + "/test/initdb.sh"]) cairis.core.BorgFactory.initialise() f = open(os.environ['CAIRIS_SRC'] + '/test/responses.json') d = json.load(f) f.close() self.ienvs = d['environments'] self.iep1 = EnvironmentParameters(self.ienvs[0]["theName"],self.ienvs[0]["theShortCode"],self.ienvs[0]["theDescription"]) b = Borg() b.dbProxy.addEnvironment(self.iep1) self.oenvs = b.dbProxy.getEnvironments() self.iRoles = d['roles'] self.irp = RoleParameters(self.iRoles[0]["theName"], self.iRoles[0]["theType"], self.iRoles[0]["theShortCode"], self.iRoles[0]["theDescription"],[]) b.dbProxy.addRole(self.irp) self.oRoles = b.dbProxy.getRoles() self.iPersonas = d['personas'] self.ipp = PersonaParameters(self.iPersonas[0]["theName"],self.iPersonas[0]["theActivities"],self.iPersonas[0]["theAttitudes"],self.iPersonas[0]["theAptitudes"],self.iPersonas[0]["theMotivations"],self.iPersonas[0]["theSkills"],self.iPersonas[0]["theIntrinsic"],self.iPersonas[0]["theContextual"],"","0",self.iPersonas[0]["thePersonaType"],[],[PersonaEnvironmentProperties(self.iPersonas[0]["theEnvironmentProperties"][0]["theName"],(self.iPersonas[0]["theEnvironmentProperties"][0]["theDirectFlag"] == "True"),self.iPersonas[0]["theEnvironmentProperties"][0]["theNarrative"],self.iPersonas[0]["theEnvironmentProperties"][0]["theRole"])],[]) b.dbProxy.addPersona(self.ipp) self.opp = b.dbProxy.getPersonas() self.iExternalDocuments = d['external_documents'] self.iec1 = ExternalDocumentParameters(self.iExternalDocuments[0]["theName"],self.iExternalDocuments[0]["theVersion"],self.iExternalDocuments[0]["thePublicationDate"],self.iExternalDocuments[0]["theAuthors"],self.iExternalDocuments[0]["theDescription"]) self.iec2 = ExternalDocumentParameters(self.iExternalDocuments[1]["theName"],self.iExternalDocuments[1]["theVersion"],self.iExternalDocuments[1]["thePublicationDate"],self.iExternalDocuments[1]["theAuthors"],self.iExternalDocuments[1]["theDescription"]) b.dbProxy.addExternalDocument(self.iec1) b.dbProxy.addExternalDocument(self.iec2) self.oecs = b.dbProxy.getExternalDocuments() self.iDocumentReferences = d['document_references'] self.idr1 = DocumentReferenceParameters(self.iDocumentReferences[0]["theName"],self.iDocumentReferences[0]["theDocName"],self.iDocumentReferences[0]["theContributor"],self.iDocumentReferences[0]["theExcerpt"]) self.idr2 = DocumentReferenceParameters(self.iDocumentReferences[1]["theName"],self.iDocumentReferences[1]["theDocName"],self.iDocumentReferences[1]["theContributor"],self.iDocumentReferences[1]["theExcerpt"]) b.dbProxy.addDocumentReference(self.idr1) b.dbProxy.addDocumentReference(self.idr2) self.odrs = b.dbProxy.getDocumentReferences() self.iPersonaCharacteristics = d['persona_characteristics'] self.ipc1 = PersonaCharacteristicParameters(self.iPersonaCharacteristics[0]["thePersonaName"],self.iPersonaCharacteristics[0]["theModQual"],self.iPersonaCharacteristics[0]["theVariable"],self.iPersonaCharacteristics[0]["theCharacteristic"],[(self.iPersonaCharacteristics[0]["ground"],'','document')],[(self.iPersonaCharacteristics[0]["warrant"],'','document')],[],[]) b.dbProxy.addPersonaCharacteristic(self.ipc1) self.opcs = b.dbProxy.getPersonaCharacteristics() self.iAttackers = d['attackers'] self.iatkeps = [AttackerEnvironmentProperties(self.iAttackers[0]["theEnvironmentProperties"][0]["theName"],self.iAttackers[0]["theEnvironmentProperties"][0]["theRoles"],self.iAttackers[0]["theEnvironmentProperties"][0]["theMotives"],self.iAttackers[0]["theEnvironmentProperties"][0]["theCapabilities"])] self.iatk = AttackerParameters(self.iAttackers[0]["theName"], self.iAttackers[0]["theDescription"], self.iAttackers[0]["theImage"],[],self.iatkeps) b.dbProxy.addAttacker(self.iatk) self.oAttackers = b.dbProxy.getAttackers() self.iVtypes = d['valuetypes'] self.ivt1 = ValueTypeParameters(self.iVtypes[0]["theName"], self.iVtypes[0]["theDescription"], self.iVtypes[0]["theType"]) self.ivt2 = ValueTypeParameters(self.iVtypes[1]["theName"], self.iVtypes[1]["theDescription"], self.iVtypes[1]["theType"]) b.dbProxy.addValueType(self.ivt1) b.dbProxy.addValueType(self.ivt2) self.ovtt = b.dbProxy.getValueTypes('threat_type') self.ovtv = b.dbProxy.getValueTypes('vulnerability_type') self.iassets = d['assets'] self.iaeps1 = [AssetEnvironmentProperties(self.iassets[0]["theEnvironmentProperties"][0][0],self.iassets[0]["theEnvironmentProperties"][0][1],self.iassets[0]["theEnvironmentProperties"][0][2])] self.iaeps2 = [AssetEnvironmentProperties(self.iassets[1]["theEnvironmentProperties"][0][0],self.iassets[1]["theEnvironmentProperties"][0][1],self.iassets[1]["theEnvironmentProperties"][0][2])] self.iaeps3 = [AssetEnvironmentProperties(self.iassets[2]["theEnvironmentProperties"][0][0],self.iassets[2]["theEnvironmentProperties"][0][1],self.iassets[2]["theEnvironmentProperties"][0][2])] self.iap1 = AssetParameters(self.iassets[0]["theName"],self.iassets[0]["theShortCode"],self.iassets[0]["theDescription"],self.iassets[0]["theSignificance"],self.iassets[0]["theType"],"0","N/A",[],[],self.iaeps1) self.iap2 = AssetParameters(self.iassets[1]["theName"],self.iassets[1]["theShortCode"],self.iassets[1]["theDescription"],self.iassets[1]["theSignificance"],self.iassets[1]["theType"],"0","N/A",[],[],self.iaeps2) self.iap3 = AssetParameters(self.iassets[2]["theName"],self.iassets[2]["theShortCode"],self.iassets[2]["theDescription"],self.iassets[2]["theSignificance"],self.iassets[2]["theType"],"0","N/A",[],[],self.iaeps3) b.dbProxy.addAsset(self.iap1) b.dbProxy.addAsset(self.iap2) b.dbProxy.addAsset(self.iap3) self.oap = b.dbProxy.getAssets() self.iThreats = d['threats'] self.iteps = [ThreatEnvironmentProperties(self.iThreats[0]["theEnvironmentProperties"][0]["theName"],self.iThreats[0]["theEnvironmentProperties"][0]["theLikelihood"],self.iThreats[0]["theEnvironmentProperties"][0]["theAssets"],self.iThreats[0]["theEnvironmentProperties"][0]["theAttackers"],self.iThreats[0]["theEnvironmentProperties"][0]["theProperties"][0][1],self.iThreats[0]["theEnvironmentProperties"][0]["theProperties"][0][1])] self.itps = ThreatParameters(self.iThreats[0]["theName"],self.iThreats[0]["theType"],self.iThreats[0]["theMethod"],[],self.iteps) b.dbProxy.addThreat(self.itps) self.otps = b.dbProxy.getThreats() self.iVuln = d['vulnerabilities'] self.iveps = [VulnerabilityEnvironmentProperties(self.iVuln[0]["theEnvironmentProperties"][0]["theName"],self.iVuln[0]["theEnvironmentProperties"][0]["theSeverity"],self.iVuln[0]["theEnvironmentProperties"][0]["theAssets"])] self.ivp = VulnerabilityParameters(self.iVuln[0]["theName"],self.iVuln[0]["theDescription"],self.iVuln[0]["theType"], [], self.iveps) b.dbProxy.addVulnerability(self.ivp) self.ovp = b.dbProxy.getVulnerabilities() self.imc = d['misuseCase'] self.iRisks = d['risks'] imcep = [MisuseCaseEnvironmentProperties(self.imc[0]["theEnvironmentProperties"][0]["theName"],self.imc[0]["theEnvironmentProperties"][0]["theDescription"])] imcp = MisuseCase(int(0), self.imc[0]["theName"], imcep,self.imc[0]["theRisk"]) irp = RiskParameters(self.iRisks[0]["theName"],self.iRisks[0]["threatName"],self.iRisks[0]["vulName"], imcp,[]) b.dbProxy.addRisk(irp) oRisks = b.dbProxy.getRisks() self.r = oRisks[self.iRisks[0]["theName"]] self.iResponses = d['responses'] def testResponse(self): iar1Name = self.iResponses[0]["theType"] + " " + self.iResponses[0]["theRisk"] iaep1 = AcceptEnvironmentProperties(self.iResponses[0]["theEnvironmentProperties"][0],self.iResponses[0]["theEnvironmentProperties"][1],self.iResponses[0]["theEnvironmentProperties"][2]) iar1 = ResponseParameters(iar1Name,self.iResponses[0]["theRisk"],[],[iaep1], self.iResponses[0]["theType"]) iar2Name = self.iResponses[1]["theType"] + " " + self.iResponses[1]["theRisk"] iaep2 = MitigateEnvironmentProperties(self.iResponses[1]["theEnvironmentProperties"],self.iResponses[1]["theType"]) iar2 = ResponseParameters(iar2Name,self.iResponses[1]["theRisk"],[],[iaep2], self.iResponses[1]["theType"]) b = Borg() b.dbProxy.addResponse(iar1) b.dbProxy.addResponse(iar2) self.ors = b.dbProxy.getResponses() self.oar1 = self.ors[iar1Name] self.oar2 = self.ors[iar2Name] self.assertEqual(iar1.name(),self.oar1.name()) self.assertEqual(iar1.risk(),self.oar1.risk()) self.assertEqual(iar1.responseType(),self.oar1.responseType()) self.assertEqual(iar1.environmentProperties()[0].cost(),self.oar1.environmentProperties()[0].cost()) self.assertEqual(iar1.environmentProperties()[0].description(),self.oar1.environmentProperties()[0].description()) self.assertEqual(iar2.name(),self.oar2.name()) self.assertEqual(iar2.risk(),self.oar2.risk()) self.assertEqual(iar2.responseType(),self.oar2.responseType()) rgp = cairis.core.GoalFactory.build(self.oar2) riskParameters = rgp[0] riskGoalId = b.dbProxy.addGoal(riskParameters) b.dbProxy.addTrace('response_goal',self.oar2.id(),riskGoalId) if (rgp > 1): threatParameters = rgp[1] vulnerabilityParameters = rgp[2] b.dbProxy.addGoal(vulnerabilityParameters) b.dbProxy.addGoal(threatParameters) b.dbProxy.relabelGoals(iaep2.name()) oGoals = b.dbProxy.getGoals() print oGoals rg = oGoals['Deter' + self.oar2.risk()] vg = oGoals[vulnerabilityParameters.name()] tg = oGoals[threatParameters.name()] ogops = b.dbProxy.getGoalAssociations() ogop1 = ogops[iaep2.name() + '/' + riskParameters.name() + '/' + threatParameters.name() + '/or'] ogop2 = ogops[iaep2.name() + '/' + riskParameters.name() + '/' + vulnerabilityParameters.name() + '/or'] b.dbProxy.deleteGoalAssociation(ogop1.id(),ogop1.goal(),ogop1.subGoal()) b.dbProxy.deleteGoalAssociation(ogop2.id(),ogop2.goal(),ogop2.subGoal()) b.dbProxy.deleteTrace('response',self.oar2.name(),'goal',rg.name()) b.dbProxy.deleteGoal(tg.id()) b.dbProxy.deleteGoal(vg.id()) b.dbProxy.deleteGoal(rg.id()) b.dbProxy.deleteResponse(self.oar2.id()) b.dbProxy.deleteResponse(self.oar1.id()) def tearDown(self): b = Borg() b.dbProxy.deleteRisk(self.r.id()) b.dbProxy.deleteVulnerability(self.ovp[self.ivp.name()].id()) b.dbProxy.deleteThreat(self.otps[self.itps.name()].id()) b.dbProxy.deleteAsset(self.oap[self.iap3.name()].id()) b.dbProxy.deleteAsset(self.oap[self.iap2.name()].id()) b.dbProxy.deleteAsset(self.oap[self.iap1.name()].id()) b.dbProxy.deleteVulnerabilityType(0) b.dbProxy.deleteThreatType(0) b.dbProxy.deleteAttacker(self.oAttackers[self.iatk.name()].id()) b.dbProxy.deleteDocumentReference(self.odrs[self.idr1.name()].id()) b.dbProxy.deleteDocumentReference(self.odrs[self.idr2.name()].id()) b.dbProxy.deleteExternalDocument(self.oecs[self.iec1.name()].id()) b.dbProxy.deleteExternalDocument(self.oecs[self.iec2.name()].id()) b.dbProxy.deletePersona(self.opp[self.ipp.name()].id()) b.dbProxy.deleteRole(self.oRoles[self.irp.name()].id()) b.dbProxy.deleteEnvironment(self.oenvs[self.iep1.name()].id()) b.dbProxy.close() call([os.environ['CAIRIS_SRC'] + "/test/dropdb.sh"])
class ThreatTest(unittest.TestCase): def setUp(self): call([os.environ['CAIRIS_SRC'] + "/test/initdb.sh"]) cairis.core.BorgFactory.initialise() f = open(os.environ['CAIRIS_SRC'] + '/test/threats.json') d = json.load(f) f.close() self.ienvs = d['environments'] self.iep = EnvironmentParameters(self.ienvs[0]["theName"],self.ienvs[0]["theShortCode"],self.ienvs[0]["theDescription"]) b = Borg() b.dbProxy.addEnvironment(self.iep) self.oenvs = b.dbProxy.getEnvironments() self.iRoles = d['roles'] self.irp = RoleParameters(self.iRoles[0]["theName"], self.iRoles[0]["theType"], self.iRoles[0]["theShortCode"], self.iRoles[0]["theDescription"],[]) b.dbProxy.addRole(self.irp) self.oRoles = b.dbProxy.getRoles() self.iPersonas = d['personas'] self.ipp = PersonaParameters(self.iPersonas[0]["theName"],self.iPersonas[0]["theActivities"],self.iPersonas[0]["theAttitudes"],self.iPersonas[0]["theAptitudes"],self.iPersonas[0]["theMotivations"],self.iPersonas[0]["theSkills"],self.iPersonas[0]["theIntrinsic"],self.iPersonas[0]["theContextual"],"","0",self.iPersonas[0]["thePersonaType"],[],[PersonaEnvironmentProperties(self.iPersonas[0]["theEnvironmentProperties"][0]["theName"],(self.iPersonas[0]["theEnvironmentProperties"][0]["theDirectFlag"] == "True"),self.iPersonas[0]["theEnvironmentProperties"][0]["theNarrative"],self.iPersonas[0]["theEnvironmentProperties"][0]["theRole"])],[]) b.dbProxy.addPersona(self.ipp) self.opp = b.dbProxy.getPersonas() self.iExternalDocuments = d['external_documents'] self.iec1 = ExternalDocumentParameters(self.iExternalDocuments[0]["theName"],self.iExternalDocuments[0]["theVersion"],self.iExternalDocuments[0]["thePublicationDate"],self.iExternalDocuments[0]["theAuthors"],self.iExternalDocuments[0]["theDescription"]) self.iec2 = ExternalDocumentParameters(self.iExternalDocuments[1]["theName"],self.iExternalDocuments[1]["theVersion"],self.iExternalDocuments[1]["thePublicationDate"],self.iExternalDocuments[1]["theAuthors"],self.iExternalDocuments[1]["theDescription"]) b.dbProxy.addExternalDocument(self.iec1) b.dbProxy.addExternalDocument(self.iec2) self.oecs = b.dbProxy.getExternalDocuments() self.iDocumentReferences = d['document_references'] self.idr1 = DocumentReferenceParameters(self.iDocumentReferences[0]["theName"],self.iDocumentReferences[0]["theDocName"],self.iDocumentReferences[0]["theContributor"],self.iDocumentReferences[0]["theExcerpt"]) self.idr2 = DocumentReferenceParameters(self.iDocumentReferences[1]["theName"],self.iDocumentReferences[1]["theDocName"],self.iDocumentReferences[1]["theContributor"],self.iDocumentReferences[1]["theExcerpt"]) b.dbProxy.addDocumentReference(self.idr1) b.dbProxy.addDocumentReference(self.idr2) self.odrs = b.dbProxy.getDocumentReferences() self.iPersonaCharacteristics = d['persona_characteristics'] self.ipc1 = PersonaCharacteristicParameters(self.iPersonaCharacteristics[0]["thePersonaName"],self.iPersonaCharacteristics[0]["theModQual"],self.iPersonaCharacteristics[0]["theVariable"],self.iPersonaCharacteristics[0]["theCharacteristic"],[(self.iPersonaCharacteristics[0]["ground"],'','document')],[(self.iPersonaCharacteristics[0]["warrant"],'','document')],[],[]) b.dbProxy.addPersonaCharacteristic(self.ipc1) self.opcs = b.dbProxy.getPersonaCharacteristics() self.iAttackers = d['attackers'] self.iatkeps = [AttackerEnvironmentProperties(self.iAttackers[0]["theEnvironmentProperties"][0]["theName"],self.iAttackers[0]["theEnvironmentProperties"][0]["theRoles"],self.iAttackers[0]["theEnvironmentProperties"][0]["theMotives"],self.iAttackers[0]["theEnvironmentProperties"][0]["theCapabilities"])] self.iatk = AttackerParameters(self.iAttackers[0]["theName"], self.iAttackers[0]["theDescription"], self.iAttackers[0]["theImage"],[],self.iatkeps) b.dbProxy.addAttacker(self.iatk) self.oAttackers = b.dbProxy.getAttackers() self.iVtypes = d['valuetypes'] self.ivt = ValueTypeParameters(self.iVtypes[0]["theName"], self.iVtypes[0]["theDescription"], self.iVtypes[0]["theType"]) b.dbProxy.addValueType(self.ivt) self.ovt = b.dbProxy.getValueTypes('threat_type') self.iassets = d['assets'] self.iaeps = [AssetEnvironmentProperties(self.iassets[0]["theEnvironmentProperties"][0][0],self.iassets[0]["theEnvironmentProperties"][0][1],self.iassets[0]["theEnvironmentProperties"][0][2])] self.iap = AssetParameters(self.iassets[0]["theName"],self.iassets[0]["theShortCode"],self.iassets[0]["theDescription"],self.iassets[0]["theSignificance"],self.iassets[0]["theType"],"0","N/A",[],[],self.iaeps) b.dbProxy.addAsset(self.iap) self.oap = b.dbProxy.getAssets() self.iThreats = d['threats'] def testThreat(self): iteps = [ThreatEnvironmentProperties(self.iThreats[0]["theEnvironmentProperties"][0]["theName"],self.iThreats[0]["theEnvironmentProperties"][0]["theLikelihood"],self.iThreats[0]["theEnvironmentProperties"][0]["theAssets"],self.iThreats[0]["theEnvironmentProperties"][0]["theAttackers"],self.iThreats[0]["theEnvironmentProperties"][0]["theProperties"][0][1],self.iThreats[0]["theEnvironmentProperties"][0]["theProperties"][0][1])] itps = ThreatParameters(self.iThreats[0]["theName"],self.iThreats[0]["theType"],self.iThreats[0]["theMethod"],[],iteps) b = Borg() b.dbProxy.addThreat(itps) oThreats = b.dbProxy.getThreats() o = oThreats[self.iThreats[0]["theName"]] self.assertEqual(itps.name(), o.name()) self.assertEqual(itps.type(),o.type()) self.assertEqual(itps.method(),o.method()) oteps = o.environmentProperties() self.assertEqual(iteps[0].name(), oteps[0].name()) self.assertEqual(iteps[0].likelihood()[0], oteps[0].likelihood()[0]) self.assertEqual(str(iteps[0].assets()[0]), str(oteps[0].assets()[0])) self.assertEqual(str(iteps[0].attackers()[0]), str(oteps[0].attackers()[0])) self.assertEqual(str(iteps[0].rationale()[0]), str(oteps[0].rationale()[0])) b.dbProxy.deleteThreat(o.id()) def tearDown(self): b = Borg() # b.dbProxy.deletePersonaCharacteristic(self.opcs[self.ipc1.name()].id()) b.dbProxy.deleteAsset(self.oap[self.iap.name()].id()) b.dbProxy.deleteThreatType(0) b.dbProxy.deleteAttacker(self.oAttackers[self.iatk.name()].id()) b.dbProxy.deleteDocumentReference(self.odrs[self.idr1.name()].id()) b.dbProxy.deleteDocumentReference(self.odrs[self.idr2.name()].id()) b.dbProxy.deleteExternalDocument(self.oecs[self.iec1.name()].id()) b.dbProxy.deleteExternalDocument(self.oecs[self.iec2.name()].id()) b.dbProxy.deletePersona(self.opp[self.ipp.name()].id()) b.dbProxy.deleteRole(self.oRoles[self.irp.name()].id()) b.dbProxy.deleteEnvironment(self.oenvs[self.iep.name()].id()) b.dbProxy.close() call([os.environ['CAIRIS_SRC'] + "/test/dropdb.sh"])
def setUp(self): call([os.environ['CAIRIS_SRC'] + "/test/initdb.sh"]) cairis.core.BorgFactory.initialise() f = open(os.environ['CAIRIS_SRC'] + '/test/responses.json') d = json.load(f) f.close() self.ienvs = d['environments'] self.iep1 = EnvironmentParameters(self.ienvs[0]["theName"],self.ienvs[0]["theShortCode"],self.ienvs[0]["theDescription"]) b = Borg() b.dbProxy.addEnvironment(self.iep1) self.oenvs = b.dbProxy.getEnvironments() self.iRoles = d['roles'] self.irp = RoleParameters(self.iRoles[0]["theName"], self.iRoles[0]["theType"], self.iRoles[0]["theShortCode"], self.iRoles[0]["theDescription"],[]) b.dbProxy.addRole(self.irp) self.oRoles = b.dbProxy.getRoles() self.iPersonas = d['personas'] self.ipp = PersonaParameters(self.iPersonas[0]["theName"],self.iPersonas[0]["theActivities"],self.iPersonas[0]["theAttitudes"],self.iPersonas[0]["theAptitudes"],self.iPersonas[0]["theMotivations"],self.iPersonas[0]["theSkills"],self.iPersonas[0]["theIntrinsic"],self.iPersonas[0]["theContextual"],"","0",self.iPersonas[0]["thePersonaType"],[],[PersonaEnvironmentProperties(self.iPersonas[0]["theEnvironmentProperties"][0]["theName"],(self.iPersonas[0]["theEnvironmentProperties"][0]["theDirectFlag"] == "True"),self.iPersonas[0]["theEnvironmentProperties"][0]["theNarrative"],self.iPersonas[0]["theEnvironmentProperties"][0]["theRole"])],[]) b.dbProxy.addPersona(self.ipp) self.opp = b.dbProxy.getPersonas() self.iExternalDocuments = d['external_documents'] self.iec1 = ExternalDocumentParameters(self.iExternalDocuments[0]["theName"],self.iExternalDocuments[0]["theVersion"],self.iExternalDocuments[0]["thePublicationDate"],self.iExternalDocuments[0]["theAuthors"],self.iExternalDocuments[0]["theDescription"]) self.iec2 = ExternalDocumentParameters(self.iExternalDocuments[1]["theName"],self.iExternalDocuments[1]["theVersion"],self.iExternalDocuments[1]["thePublicationDate"],self.iExternalDocuments[1]["theAuthors"],self.iExternalDocuments[1]["theDescription"]) b.dbProxy.addExternalDocument(self.iec1) b.dbProxy.addExternalDocument(self.iec2) self.oecs = b.dbProxy.getExternalDocuments() self.iDocumentReferences = d['document_references'] self.idr1 = DocumentReferenceParameters(self.iDocumentReferences[0]["theName"],self.iDocumentReferences[0]["theDocName"],self.iDocumentReferences[0]["theContributor"],self.iDocumentReferences[0]["theExcerpt"]) self.idr2 = DocumentReferenceParameters(self.iDocumentReferences[1]["theName"],self.iDocumentReferences[1]["theDocName"],self.iDocumentReferences[1]["theContributor"],self.iDocumentReferences[1]["theExcerpt"]) b.dbProxy.addDocumentReference(self.idr1) b.dbProxy.addDocumentReference(self.idr2) self.odrs = b.dbProxy.getDocumentReferences() self.iPersonaCharacteristics = d['persona_characteristics'] self.ipc1 = PersonaCharacteristicParameters(self.iPersonaCharacteristics[0]["thePersonaName"],self.iPersonaCharacteristics[0]["theModQual"],self.iPersonaCharacteristics[0]["theVariable"],self.iPersonaCharacteristics[0]["theCharacteristic"],[(self.iPersonaCharacteristics[0]["ground"],'','document')],[(self.iPersonaCharacteristics[0]["warrant"],'','document')],[],[]) b.dbProxy.addPersonaCharacteristic(self.ipc1) self.opcs = b.dbProxy.getPersonaCharacteristics() self.iAttackers = d['attackers'] self.iatkeps = [AttackerEnvironmentProperties(self.iAttackers[0]["theEnvironmentProperties"][0]["theName"],self.iAttackers[0]["theEnvironmentProperties"][0]["theRoles"],self.iAttackers[0]["theEnvironmentProperties"][0]["theMotives"],self.iAttackers[0]["theEnvironmentProperties"][0]["theCapabilities"])] self.iatk = AttackerParameters(self.iAttackers[0]["theName"], self.iAttackers[0]["theDescription"], self.iAttackers[0]["theImage"],[],self.iatkeps) b.dbProxy.addAttacker(self.iatk) self.oAttackers = b.dbProxy.getAttackers() self.iVtypes = d['valuetypes'] self.ivt1 = ValueTypeParameters(self.iVtypes[0]["theName"], self.iVtypes[0]["theDescription"], self.iVtypes[0]["theType"]) self.ivt2 = ValueTypeParameters(self.iVtypes[1]["theName"], self.iVtypes[1]["theDescription"], self.iVtypes[1]["theType"]) b.dbProxy.addValueType(self.ivt1) b.dbProxy.addValueType(self.ivt2) self.ovtt = b.dbProxy.getValueTypes('threat_type') self.ovtv = b.dbProxy.getValueTypes('vulnerability_type') self.iassets = d['assets'] self.iaeps1 = [AssetEnvironmentProperties(self.iassets[0]["theEnvironmentProperties"][0][0],self.iassets[0]["theEnvironmentProperties"][0][1],self.iassets[0]["theEnvironmentProperties"][0][2])] self.iaeps2 = [AssetEnvironmentProperties(self.iassets[1]["theEnvironmentProperties"][0][0],self.iassets[1]["theEnvironmentProperties"][0][1],self.iassets[1]["theEnvironmentProperties"][0][2])] self.iaeps3 = [AssetEnvironmentProperties(self.iassets[2]["theEnvironmentProperties"][0][0],self.iassets[2]["theEnvironmentProperties"][0][1],self.iassets[2]["theEnvironmentProperties"][0][2])] self.iap1 = AssetParameters(self.iassets[0]["theName"],self.iassets[0]["theShortCode"],self.iassets[0]["theDescription"],self.iassets[0]["theSignificance"],self.iassets[0]["theType"],"0","N/A",[],[],self.iaeps1) self.iap2 = AssetParameters(self.iassets[1]["theName"],self.iassets[1]["theShortCode"],self.iassets[1]["theDescription"],self.iassets[1]["theSignificance"],self.iassets[1]["theType"],"0","N/A",[],[],self.iaeps2) self.iap3 = AssetParameters(self.iassets[2]["theName"],self.iassets[2]["theShortCode"],self.iassets[2]["theDescription"],self.iassets[2]["theSignificance"],self.iassets[2]["theType"],"0","N/A",[],[],self.iaeps3) b.dbProxy.addAsset(self.iap1) b.dbProxy.addAsset(self.iap2) b.dbProxy.addAsset(self.iap3) self.oap = b.dbProxy.getAssets() self.iThreats = d['threats'] self.iteps = [ThreatEnvironmentProperties(self.iThreats[0]["theEnvironmentProperties"][0]["theName"],self.iThreats[0]["theEnvironmentProperties"][0]["theLikelihood"],self.iThreats[0]["theEnvironmentProperties"][0]["theAssets"],self.iThreats[0]["theEnvironmentProperties"][0]["theAttackers"],self.iThreats[0]["theEnvironmentProperties"][0]["theProperties"][0][1],self.iThreats[0]["theEnvironmentProperties"][0]["theProperties"][0][1])] self.itps = ThreatParameters(self.iThreats[0]["theName"],self.iThreats[0]["theType"],self.iThreats[0]["theMethod"],[],self.iteps) b.dbProxy.addThreat(self.itps) self.otps = b.dbProxy.getThreats() self.iVuln = d['vulnerabilities'] self.iveps = [VulnerabilityEnvironmentProperties(self.iVuln[0]["theEnvironmentProperties"][0]["theName"],self.iVuln[0]["theEnvironmentProperties"][0]["theSeverity"],self.iVuln[0]["theEnvironmentProperties"][0]["theAssets"])] self.ivp = VulnerabilityParameters(self.iVuln[0]["theName"],self.iVuln[0]["theDescription"],self.iVuln[0]["theType"], [], self.iveps) b.dbProxy.addVulnerability(self.ivp) self.ovp = b.dbProxy.getVulnerabilities() self.imc = d['misuseCase'] self.iRisks = d['risks'] imcep = [MisuseCaseEnvironmentProperties(self.imc[0]["theEnvironmentProperties"][0]["theName"],self.imc[0]["theEnvironmentProperties"][0]["theDescription"])] imcp = MisuseCase(int(0), self.imc[0]["theName"], imcep,self.imc[0]["theRisk"]) irp = RiskParameters(self.iRisks[0]["theName"],self.iRisks[0]["threatName"],self.iRisks[0]["vulName"], imcp,[]) b.dbProxy.addRisk(irp) oRisks = b.dbProxy.getRisks() self.r = oRisks[self.iRisks[0]["theName"]] self.iResponses = d['responses']
def setUp(self): call([os.environ['CAIRIS_SRC'] + "/test/initdb.sh"]) cairis.core.BorgFactory.initialise() f = open(os.environ['CAIRIS_SRC'] + '/test/responses.json') d = json.load(f) f.close() self.ienvs = d['environments'] self.iep1 = EnvironmentParameters(self.ienvs[0]["theName"], self.ienvs[0]["theShortCode"], self.ienvs[0]["theDescription"]) b = Borg() b.dbProxy.addEnvironment(self.iep1) self.oenvs = b.dbProxy.getEnvironments() self.iRoles = d['roles'] self.irp = RoleParameters(self.iRoles[0]["theName"], self.iRoles[0]["theType"], self.iRoles[0]["theShortCode"], self.iRoles[0]["theDescription"], []) b.dbProxy.addRole(self.irp) self.oRoles = b.dbProxy.getRoles() self.iPersonas = d['personas'] self.ipp = PersonaParameters( self.iPersonas[0]["theName"], self.iPersonas[0]["theActivities"], self.iPersonas[0]["theAttitudes"], self.iPersonas[0]["theAptitudes"], self.iPersonas[0]["theMotivations"], self.iPersonas[0]["theSkills"], self.iPersonas[0]["theIntrinsic"], self.iPersonas[0]["theContextual"], "", "0", self.iPersonas[0]["thePersonaType"], [], [ PersonaEnvironmentProperties( self.iPersonas[0]["theEnvironmentProperties"][0] ["theName"], (self.iPersonas[0]["theEnvironmentProperties"] [0]["theDirectFlag"] == "True"), self.iPersonas[0]["theEnvironmentProperties"][0] ["theNarrative"], self.iPersonas[0] ["theEnvironmentProperties"][0]["theRole"]) ], []) b.dbProxy.addPersona(self.ipp) self.opp = b.dbProxy.getPersonas() self.iExternalDocuments = d['external_documents'] self.iec1 = ExternalDocumentParameters( self.iExternalDocuments[0]["theName"], self.iExternalDocuments[0]["theVersion"], self.iExternalDocuments[0]["thePublicationDate"], self.iExternalDocuments[0]["theAuthors"], self.iExternalDocuments[0]["theDescription"]) self.iec2 = ExternalDocumentParameters( self.iExternalDocuments[1]["theName"], self.iExternalDocuments[1]["theVersion"], self.iExternalDocuments[1]["thePublicationDate"], self.iExternalDocuments[1]["theAuthors"], self.iExternalDocuments[1]["theDescription"]) b.dbProxy.addExternalDocument(self.iec1) b.dbProxy.addExternalDocument(self.iec2) self.oecs = b.dbProxy.getExternalDocuments() self.iDocumentReferences = d['document_references'] self.idr1 = DocumentReferenceParameters( self.iDocumentReferences[0]["theName"], self.iDocumentReferences[0]["theDocName"], self.iDocumentReferences[0]["theContributor"], self.iDocumentReferences[0]["theExcerpt"]) self.idr2 = DocumentReferenceParameters( self.iDocumentReferences[1]["theName"], self.iDocumentReferences[1]["theDocName"], self.iDocumentReferences[1]["theContributor"], self.iDocumentReferences[1]["theExcerpt"]) b.dbProxy.addDocumentReference(self.idr1) b.dbProxy.addDocumentReference(self.idr2) self.odrs = b.dbProxy.getDocumentReferences() self.iPersonaCharacteristics = d['persona_characteristics'] self.ipc1 = PersonaCharacteristicParameters( self.iPersonaCharacteristics[0]["thePersonaName"], self.iPersonaCharacteristics[0]["theModQual"], self.iPersonaCharacteristics[0]["theVariable"], self.iPersonaCharacteristics[0]["theCharacteristic"], [(self.iPersonaCharacteristics[0]["ground"], '', 'document')], [(self.iPersonaCharacteristics[0]["warrant"], '', 'document')], [], []) b.dbProxy.addPersonaCharacteristic(self.ipc1) self.opcs = b.dbProxy.getPersonaCharacteristics() self.iAttackers = d['attackers'] self.iatkeps = [ AttackerEnvironmentProperties( self.iAttackers[0]["theEnvironmentProperties"][0]["theName"], self.iAttackers[0]["theEnvironmentProperties"][0]["theRoles"], self.iAttackers[0]["theEnvironmentProperties"][0] ["theMotives"], self.iAttackers[0]["theEnvironmentProperties"] [0]["theCapabilities"]) ] self.iatk = AttackerParameters(self.iAttackers[0]["theName"], self.iAttackers[0]["theDescription"], self.iAttackers[0]["theImage"], [], self.iatkeps) b.dbProxy.addAttacker(self.iatk) self.oAttackers = b.dbProxy.getAttackers() self.iVtypes = d['valuetypes'] self.ivt1 = ValueTypeParameters(self.iVtypes[0]["theName"], self.iVtypes[0]["theDescription"], self.iVtypes[0]["theType"]) self.ivt2 = ValueTypeParameters(self.iVtypes[1]["theName"], self.iVtypes[1]["theDescription"], self.iVtypes[1]["theType"]) b.dbProxy.addValueType(self.ivt1) b.dbProxy.addValueType(self.ivt2) self.ovtt = b.dbProxy.getValueTypes('threat_type') self.ovtv = b.dbProxy.getValueTypes('vulnerability_type') self.iassets = d['assets'] self.iaeps1 = [ AssetEnvironmentProperties( self.iassets[0]["theEnvironmentProperties"][0][0], self.iassets[0]["theEnvironmentProperties"][0][1], self.iassets[0]["theEnvironmentProperties"][0][2]) ] self.iaeps2 = [ AssetEnvironmentProperties( self.iassets[1]["theEnvironmentProperties"][0][0], self.iassets[1]["theEnvironmentProperties"][0][1], self.iassets[1]["theEnvironmentProperties"][0][2]) ] self.iaeps3 = [ AssetEnvironmentProperties( self.iassets[2]["theEnvironmentProperties"][0][0], self.iassets[2]["theEnvironmentProperties"][0][1], self.iassets[2]["theEnvironmentProperties"][0][2]) ] self.iap1 = AssetParameters(self.iassets[0]["theName"], self.iassets[0]["theShortCode"], self.iassets[0]["theDescription"], self.iassets[0]["theSignificance"], self.iassets[0]["theType"], "0", "N/A", [], [], self.iaeps1) self.iap2 = AssetParameters(self.iassets[1]["theName"], self.iassets[1]["theShortCode"], self.iassets[1]["theDescription"], self.iassets[1]["theSignificance"], self.iassets[1]["theType"], "0", "N/A", [], [], self.iaeps2) self.iap3 = AssetParameters(self.iassets[2]["theName"], self.iassets[2]["theShortCode"], self.iassets[2]["theDescription"], self.iassets[2]["theSignificance"], self.iassets[2]["theType"], "0", "N/A", [], [], self.iaeps3) b.dbProxy.addAsset(self.iap1) b.dbProxy.addAsset(self.iap2) b.dbProxy.addAsset(self.iap3) self.oap = b.dbProxy.getAssets() self.iThreats = d['threats'] self.iteps = [ ThreatEnvironmentProperties( self.iThreats[0]["theEnvironmentProperties"][0]["theName"], self.iThreats[0]["theEnvironmentProperties"][0] ["theLikelihood"], self.iThreats[0]["theEnvironmentProperties"][0]["theAssets"], self.iThreats[0]["theEnvironmentProperties"][0] ["theAttackers"], self.iThreats[0]["theEnvironmentProperties"] [0]["theProperties"][0][1], self.iThreats[0] ["theEnvironmentProperties"][0]["theProperties"][0][1]) ] self.itps = ThreatParameters(self.iThreats[0]["theName"], self.iThreats[0]["theType"], self.iThreats[0]["theMethod"], [], self.iteps) b.dbProxy.addThreat(self.itps) self.otps = b.dbProxy.getThreats() self.iVuln = d['vulnerabilities'] self.iveps = [ VulnerabilityEnvironmentProperties( self.iVuln[0]["theEnvironmentProperties"][0]["theName"], self.iVuln[0]["theEnvironmentProperties"][0]["theSeverity"], self.iVuln[0]["theEnvironmentProperties"][0]["theAssets"]) ] self.ivp = VulnerabilityParameters(self.iVuln[0]["theName"], self.iVuln[0]["theDescription"], self.iVuln[0]["theType"], [], self.iveps) b.dbProxy.addVulnerability(self.ivp) self.ovp = b.dbProxy.getVulnerabilities() self.imc = d['misuseCase'] self.iRisks = d['risks'] imcep = [ MisuseCaseEnvironmentProperties( self.imc[0]["theEnvironmentProperties"][0]["theName"], self.imc[0]["theEnvironmentProperties"][0]["theDescription"]) ] imcp = MisuseCase(int(0), self.imc[0]["theName"], imcep, self.imc[0]["theRisk"]) irp = RiskParameters(self.iRisks[0]["theName"], self.iRisks[0]["threatName"], self.iRisks[0]["vulName"], imcp, []) b.dbProxy.addRisk(irp) oRisks = b.dbProxy.getRisks() self.r = oRisks[self.iRisks[0]["theName"]] self.iResponses = d['responses']
def setUp(self): call([os.environ['CAIRIS_CFG_DIR'] + "/initdb.sh"]) cairis.core.BorgFactory.initialise() f = open(os.environ['CAIRIS_SRC'] + '/test/countermeasures.json') d = json.load(f) f.close() ienvs = d['environments'] iep1 = EnvironmentParameters(ienvs[0]["theName"],ienvs[0]["theShortCode"],ienvs[0]["theDescription"]) b = Borg() b.dbProxy.addEnvironment(iep1) iRoles = d['roles'] irp = RoleParameters(iRoles[0]["theName"], iRoles[0]["theType"], iRoles[0]["theShortCode"], iRoles[0]["theDescription"],[]) b.dbProxy.addRole(irp) iPersonas = d['personas'] ipp = PersonaParameters(iPersonas[0]["theName"],iPersonas[0]["theActivities"],iPersonas[0]["theAttitudes"],iPersonas[0]["theAptitudes"],iPersonas[0]["theMotivations"],iPersonas[0]["theSkills"],iPersonas[0]["theIntrinsic"],iPersonas[0]["theContextual"],"","0",iPersonas[0]["thePersonaType"],[],[PersonaEnvironmentProperties(iPersonas[0]["theEnvironmentProperties"][0]["theName"],(iPersonas[0]["theEnvironmentProperties"][0]["theDirectFlag"] == "True"),iPersonas[0]["theEnvironmentProperties"][0]["theNarrative"],iPersonas[0]["theEnvironmentProperties"][0]["theRole"])],[]) b.dbProxy.addPersona(ipp) iAttackers = d['attackers'] iatkeps = [AttackerEnvironmentProperties(iAttackers[0]["theEnvironmentProperties"][0]["theName"],iAttackers[0]["theEnvironmentProperties"][0]["theRoles"],iAttackers[0]["theEnvironmentProperties"][0]["theMotives"],iAttackers[0]["theEnvironmentProperties"][0]["theCapabilities"])] iatk = AttackerParameters(iAttackers[0]["theName"], iAttackers[0]["theDescription"], iAttackers[0]["theImage"],[],iatkeps) b.dbProxy.addAttacker(iatk) iVtypes = d['valuetypes'] ivt1 = ValueTypeParameters(iVtypes[0]["theName"], iVtypes[0]["theDescription"], iVtypes[0]["theType"]) ivt2 = ValueTypeParameters(iVtypes[1]["theName"], iVtypes[1]["theDescription"], iVtypes[1]["theType"]) b.dbProxy.addValueType(ivt1) b.dbProxy.addValueType(ivt2) iassets = d['assets'] iaeps1 = [AssetEnvironmentProperties(iassets[0]["theEnvironmentProperties"][0][0],iassets[0]["theEnvironmentProperties"][0][1],iassets[0]["theEnvironmentProperties"][0][2])] iaeps2 = [AssetEnvironmentProperties(iassets[1]["theEnvironmentProperties"][0][0],iassets[1]["theEnvironmentProperties"][0][1],iassets[1]["theEnvironmentProperties"][0][2])] iaeps3 = [AssetEnvironmentProperties(iassets[2]["theEnvironmentProperties"][0][0],iassets[2]["theEnvironmentProperties"][0][1],iassets[2]["theEnvironmentProperties"][0][2])] iap1 = AssetParameters(iassets[0]["theName"],iassets[0]["theShortCode"],iassets[0]["theDescription"],iassets[0]["theSignificance"],iassets[0]["theType"],"0","N/A",[],[],iaeps1) iap2 = AssetParameters(iassets[1]["theName"],iassets[1]["theShortCode"],iassets[1]["theDescription"],iassets[1]["theSignificance"],iassets[1]["theType"],"0","N/A",[],[],iaeps2) iap3 = AssetParameters(iassets[2]["theName"],iassets[2]["theShortCode"],iassets[2]["theDescription"],iassets[2]["theSignificance"],iassets[2]["theType"],"0","N/A",[],[],iaeps3) b.dbProxy.addAsset(iap1) b.dbProxy.addAsset(iap2) b.dbProxy.addAsset(iap3) iThreats = d['threats'] iteps = [ThreatEnvironmentProperties(iThreats[0]["theEnvironmentProperties"][0]["theName"],iThreats[0]["theEnvironmentProperties"][0]["theLikelihood"],iThreats[0]["theEnvironmentProperties"][0]["theAssets"],iThreats[0]["theEnvironmentProperties"][0]["theAttackers"],iThreats[0]["theEnvironmentProperties"][0]["theProperties"][0][1],iThreats[0]["theEnvironmentProperties"][0]["theProperties"][0][1])] itps = ThreatParameters(iThreats[0]["theName"],iThreats[0]["theType"],iThreats[0]["theMethod"],[],iteps) b.dbProxy.addThreat(itps) iVuln = d['vulnerabilities'] iveps = [VulnerabilityEnvironmentProperties(iVuln[0]["theEnvironmentProperties"][0]["theName"],iVuln[0]["theEnvironmentProperties"][0]["theSeverity"],iVuln[0]["theEnvironmentProperties"][0]["theAssets"])] ivp = VulnerabilityParameters(iVuln[0]["theName"],iVuln[0]["theDescription"],iVuln[0]["theType"], [], iveps) b.dbProxy.addVulnerability(ivp) imc = d['misuseCase'] iRisks = d['risks'] imcep = [MisuseCaseEnvironmentProperties(imc[0]["theEnvironmentProperties"][0]["theName"],imc[0]["theEnvironmentProperties"][0]["theDescription"])] imcp = MisuseCase(int(0), imc[0]["theName"], imcep,imc[0]["theRisk"]) irp = RiskParameters(iRisks[0]["theName"],iRisks[0]["threatName"],iRisks[0]["vulName"], imcp,[]) b.dbProxy.addRisk(irp) iResponses = d['responses'] iar1Name = iResponses[0]["theType"] + " " + iResponses[0]["theRisk"] iaep1 = AcceptEnvironmentProperties(iResponses[0]["theEnvironmentProperties"][0],iResponses[0]["theEnvironmentProperties"][1],iResponses[0]["theEnvironmentProperties"][2]) iar1 = ResponseParameters(iar1Name,iResponses[0]["theRisk"],[],[iaep1], iResponses[0]["theType"]) iar2Name = iResponses[1]["theType"] + " " + iResponses[1]["theRisk"] iaep2 = MitigateEnvironmentProperties(iResponses[1]["theEnvironmentProperties"],iResponses[1]["theType"]) iar2 = ResponseParameters(iar2Name,iResponses[1]["theRisk"],[],[iaep2], iResponses[1]["theType"]) b.dbProxy.addResponse(iar1) b.dbProxy.addResponse(iar2) ors = b.dbProxy.getResponses() oar1 = ors[iar1Name] oar2 = ors[iar2Name] rgp = cairis.core.GoalFactory.build(oar2) riskParameters = rgp[0] riskGoalId = b.dbProxy.addGoal(riskParameters) b.dbProxy.addTrace('response_goal',oar2.id(),riskGoalId) if (len(rgp) > 1): threatParameters = rgp[1] vulnerabilityParameters = rgp[2] b.dbProxy.addGoal(vulnerabilityParameters) b.dbProxy.addGoal(threatParameters) b.dbProxy.relabelGoals(iaep2.name()) oGoals = b.dbProxy.getGoals() rg = oGoals['Deter' + oar2.risk()] vg = oGoals[vulnerabilityParameters.name()] tg = oGoals[threatParameters.name()] reqId = b.dbProxy.newId() irequirements = d['requirements'] ireq = cairis.core.RequirementFactory.build(reqId,irequirements[0]["theLabel"],irequirements[0]["theName"],irequirements[0]["theDescription"],irequirements[0]["thePriority"],irequirements[0]["theRationale"],irequirements[0]["theFitCriterion"],irequirements[0]["theOriginator"],irequirements[0]["theType"],irequirements[0]["theReference"],1) b.dbProxy.addRequirement(ireq,irequirements[0]["theReference"],True) oreqs = b.dbProxy.getRequirements() oreq = oreqs[ireq.description()] iga = GoalAssociationParameters(iaep2.name(),vg.name(),'goal','and',oreq.name(),'requirement',0,'None') b.dbProxy.addGoalAssociation(iga) ogops = b.dbProxy.getGoalAssociations() self.ogop3 = ogops[iaep2.name() + '/' + vg.name() + '/' + oreq.name() + '/and'] self.iCountermeasures = d['countermeasures']