def parameters(self): parameters = ObstacleParameters(self.theObstacleName, self.theObstacleOriginator, self.theTags, self.theEnvironmentProperties) parameters.setId(self.theObstacleId) return parameters
def newObstacleParameters(self): obsName = self.decorator.getText("obstacleNameCtrl") envProperties = self.environmentProperties() parameters = ObstacleParameters(obsName, 'Obstacle refinement', [], [envProperties]) parameters.setId(self.theObstacleId) return parameters
def existingObstacleParameters(self): obsName = self.decorator.getText("obstacleNameCtrl") modifiedProperties = self.environmentProperties() envProperties = self.dbProxy.obstacleEnvironmentProperties(self.theObstacleId) for idx, p in enumerate(envProperties): if p.name() == self.theEnvironmentName: envProperties[idx] = modifiedProperties parameters = ObstacleParameters(obsName, "Obstacle refinement", [], envProperties) parameters.setId(self.theObstacleId) return parameters
def existingObstacleParameters(self): obsName = self.decorator.getText("obstacleNameCtrl") modifiedProperties = self.environmentProperties() envProperties = self.dbProxy.obstacleEnvironmentProperties(self.theObstacleId) for idx,p in enumerate(envProperties): if (p.name() == self.theEnvironmentName): envProperties[idx] = modifiedProperties parameters = ObstacleParameters(obsName,'Obstacle refinement',[],envProperties) parameters.setId(self.theObstacleId) return parameters
def update_obstacle(self, obstacle, name): old_obstacle = self.get_obstacle_by_name(name, simplify=False) id = old_obstacle.theId params = ObstacleParameters(obsName=obstacle.theName,obsOrig=obstacle.theOriginator,tags=obstacle.theTags,properties=obstacle.theEnvironmentProperties) params.setId(id) try: self.db_proxy.updateObstacle(params) except DatabaseProxyException as ex: self.close() raise ARMHTTPError(ex)
def add_obstacle(self, obstacle): obsParams = ObstacleParameters(obsName=obstacle.theName,obsOrig=obstacle.theOriginator,tags=obstacle.theTags,properties=obstacle.theEnvironmentProperties) if not self.check_existing_obstacle(obstacle.theName): obstacle_id = self.db_proxy.addObstacle(obsParams) else: self.close() raise OverwriteNotAllowedHTTPError('The provided obstacle name') return obstacle_id
def build(envName,excDetails): obsName = excDetails[0] excDim = excDetails[1] excVal = excDetails[2] excDef = excDetails[4] excCat = excDetails[3] sgRef = [(excVal,excDim,'obstruct','No','use case exception')] envProperties = [ObstacleEnvironmentProperties(envName,'',excDef,excCat,sgRef,[])] parameters = ObstacleParameters(obsName,[],envProperties) return parameters
def testObstacle(self): b = Borg() igep1 = ObstacleEnvironmentProperties(self.iObstacle[0]["theEnvironmentProperties"][0],self.iObstacle[0]["theEnvironmentProperties"][1],self.iObstacle[0]["theEnvironmentProperties"][2],self.iObstacle[0]["theEnvironmentProperties"][3]) igp1 = ObstacleParameters(self.iObstacle[0]["theName"],self.iObstacle[0]["theOriginator"],[],[igep1]) b.dbProxy.addObstacle(igp1) b.dbProxy.relabelObstacles(igep1.name()) oObstacle = b.dbProxy.getObstacles() og1 = oObstacle[self.iObstacle[0]["theName"]] self.assertEqual(igp1.name(), og1.name()) self.assertEqual(igp1.originator(), og1.originator()) ogep1 = og1.environmentProperty(igep1.name()) self.assertEqual(igep1.definition(), ogep1.definition()) self.assertEqual(igep1.category(), ogep1.category()) b.dbProxy.deleteObstacle(og1.id())
def testObstacle(self): b = Borg() igep1 = ObstacleEnvironmentProperties( self.iObstacle[0]["theEnvironmentProperties"][0], self.iObstacle[0]["theEnvironmentProperties"][1], self.iObstacle[0]["theEnvironmentProperties"][2], self.iObstacle[0]["theEnvironmentProperties"][3]) igp1 = ObstacleParameters(self.iObstacle[0]["theName"], self.iObstacle[0]["theOriginator"], [], [igep1]) b.dbProxy.addObstacle(igp1) b.dbProxy.relabelObstacles(igep1.name()) oObstacle = b.dbProxy.getObstacles() og1 = oObstacle[self.iObstacle[0]["theName"]] self.assertEqual(igp1.name(), og1.name()) self.assertEqual(igp1.originator(), og1.originator()) ogep1 = og1.environmentProperty(igep1.name()) self.assertEqual(igep1.definition(), ogep1.definition()) self.assertEqual(igep1.category(), ogep1.category()) igp1.setId(og1.id()) b.dbProxy.updateObstacle(igp1) b.dbProxy.deleteObstacle(og1.id())
def add(self, idx=-1, obsName="", envName="", newDefinition="", newCategory="Vulnerability", newOriginator=""): envName = self.envCombo.GetValue() parentObsName = self.obsCombo.GetValue() ep = ObstacleEnvironmentProperties( envName, '', newDefinition, newCategory, [(parentObsName, 'obstacle', 'and', 'No', 'None')]) o = Obstacle(-1, obsName, newOriginator, [ep]) op = ObstacleParameters(obsName, newOriginator, [ep]) o.setId(self.dbProxy.addObstacle(op)) if (idx != -1): self.obstacles.insert(idx, o) else: self.obstacles.append(o) return o
def endElement(self, name): if name == 'domainproperty': p = DomainPropertyParameters(self.theName, self.theDescription, self.theType, self.theOriginator, self.theTags) self.theDomainProperties.append(p) self.resetDomainPropertyAttributes() elif name == 'goal_environment': p = GoalEnvironmentProperties(self.theEnvironmentName, '', self.theDescription, self.theCategory, self.thePriority, self.theFitCriterion, self.theIssue, [], [], self.theConcerns, self.theConcernAssociations) self.theEnvironmentProperties.append(p) self.resetGoalEnvironmentAttributes() elif name == 'obstacle_environment': p = ObstacleEnvironmentProperties(self.theEnvironmentName, '', self.theDescription, self.theCategory, [], [], self.theConcerns) self.theEnvironmentProperties.append(p) self.resetObstacleEnvironmentAttributes() elif name == 'goal': p = GoalParameters(self.theName, self.theOriginator, self.theTags, self.theEnvironmentProperties) self.theGoals.append(p) self.resetGoalAttributes() elif name == 'obstacle': p = ObstacleParameters(self.theName, self.theOriginator, self.theTags, self.theEnvironmentProperties) self.theObstacles.append(p) self.resetObstacleAttributes() elif name == 'requirement': reqId = self.dbProxy.newId() r = cairis.core.RequirementFactory.build( reqId, self.theLabel, self.theName, self.theDescription, self.thePriority, self.theRationale, self.theFitCriterion, self.theOriginator, self.theType, self.theReference) self.theRequirements.append( (r, self.theReference, self.theReferenceType)) self.resetRequirementAttributes() elif name == 'countermeasure': p = CountermeasureParameters(self.theName, self.theDescription, self.theType, self.theTags, self.theEnvironmentProperties) self.theCountermeasures.append(p) self.resetCountermeasureAttributes() elif name == 'mitigating_property': self.theSpDict[self.thePropertyName] = (self.thePropertyValue, self.theDescription) self.resetMitigatingPropertyAttributes() elif name == 'countermeasure_environment': cProperty, cRationale = self.theSpDict['confidentiality'] iProperty, iRationale = self.theSpDict['integrity'] avProperty, avRationale = self.theSpDict['availability'] acProperty, acRationale = self.theSpDict['accountability'] anProperty, anRationale = self.theSpDict['anonymity'] panProperty, panRationale = self.theSpDict['pseudonymity'] unlProperty, unlRationale = self.theSpDict['unlinkability'] unoProperty, unoRationale = self.theSpDict['unobservability'] p = CountermeasureEnvironmentProperties( self.theEnvironmentName, self.theCmRequirements, self.theTargets, [ cProperty, iProperty, avProperty, acProperty, anProperty, panProperty, unlProperty, unoProperty ], [ cRationale, iRationale, avRationale, acRationale, anRationale, panRationale, unlRationale, unoRationale ], self.theCost, self.theCmRoles, self.theTaskPersonas) self.theEnvironmentProperties.append(p) self.resetCountermeasureEnvironmentAttributes() elif (name == 'target'): self.theTargets.append( Target(self.theTargetName, self.theTargetEffectiveness, self.theRationale)) self.theTargetResponses = [] elif (name == 'description'): self.inDescription = 0 elif (name == 'definition'): self.inDescription = 0 elif name == 'fit_criterion': self.inFitCriterion = 0 elif name == 'issue': self.inIssue = 0 elif name == 'rationale': self.inRationale = 0 elif name == 'originator': self.inOriginator = 0
def endElement(self,name): if name == 'intent': self.inIntent = 0 elif name == 'definition': self.inDefinition = 0 elif name == 'rationale': self.inRationale = 0 elif name == 'motivation': self.theMotivations.append((self.theGoal,self.theValue,self.theDescription)) self.resetMotivationElements() elif name == 'participant': self.theParticipants.append((self.theParticipant,self.theMotives,self.theResponsibilities)) self.resetParticipantElements() elif name == 'description': self.inDescription = 0 if self.inImplementation: self.inImplementation = 0 elif name == 'consequences': self.inConsequences = 0 elif name == 'implementation': self.inImplementation = 0 elif name == 'known_uses': self.inKnownUses = 0 elif name == 'related_patterns': self.inRelatedPatterns = 0 elif name == 'obstacle': self.theObstacles.append( TemplateObstacleParameters(self.theObstacleName,self.theObstacleCategory,self.theDefinition,self.theConcerns,self.theResponsibilities,self.theProbability,self.theRationale)) self.resetObstacleElements() elif name == 'obstacle_association': self.theObstacleAssociations.append((self.theObstacleName,self.theRefType,self.theSubObstacleName,self.theRationale)) self.resetObstacleAssociationElements() elif name == 'attack_pattern': assetList = self.theTargets + self.theExploits for assetName in assetList: self.theAssetParameters.append(cairis.core.AssetParametersFactory.buildFromTemplate(assetName,[self.theEnvironment])) attackerNames = [] for attackerName,attackerMotives,attackerCapabilities in self.theParticipants: attackerRoles = self.dbProxy.dimensionRoles(self.dbProxy.getDimensionId(attackerName,'persona'),self.dbProxy.getDimensionId(self.theEnvironment,'environment'),'persona') ep = AttackerEnvironmentProperties(self.theEnvironment,attackerRoles,attackerMotives,attackerCapabilities) p = AttackerParameters(attackerName,'','',[],[ep]) p.isPersona = True self.theAttackerParameters.append(p) attackerNames.append(attackerName) for tObs in self.theObstacles: sgRefs = [] for resp in tObs.responsibilities(): sgRefs.append((resp,'role','responsible',0,'None')) ep = ObstacleEnvironmentProperties(self.theEnvironment,'',tObs.definition(),tObs.category(),[],sgRefs,tObs.concerns()) ep.theProbability = tObs.probability() ep.theProbabilityRationale = tObs.probabilityRationale() self.theObstacleParameters.append(ObstacleParameters(tObs.name(),self.thePatternName,[],[ep])) for obsAssoc in self.theObstacleAssociations: obsName = obsAssoc[0] refType = obsAssoc[1] subObsName = obsAssoc[2] assocRationale = obsAssoc[3] self.theObstacleAssociationParameters.append(GoalAssociationParameters(self.theEnvironment,obsName,'obstacle',refType,subObsName,'obstacle',0,assocRationale)) vp = VulnerabilityEnvironmentProperties(self.theEnvironment,self.theSeverity,self.theExploits) vulRows = self.dbProxy.getVulnerabilityDirectory(self.theExploit) vulData = vulRows[0] self.theVulnerabilityParameters = VulnerabilityParameters(self.theExploit,vulData[2],vulData[3],[],[vp]) spDict = {} spDict['confidentiality'] = (0,'None') spDict['integrity'] = (0,'None') spDict['availability'] = (0,'None') spDict['accountability'] = (0,'None') spDict['anonymity'] = (0,'None') spDict['pseudonymity'] = (0,'None') spDict['unlinkability'] = (0,'None') spDict['unobservability'] = (0,'None') for thrMotivation in self.theMotivations: spName = thrMotivation[0] spValue = thrMotivation[1] spRationale = thrMotivation[2] spDict[spName] = (a2i(spValue),spRationale) cProperty,cRationale = spDict['confidentiality'] iProperty,iRationale = spDict['integrity'] avProperty,avRationale = spDict['availability'] acProperty,acRationale = spDict['accountability'] anProperty,anRationale = spDict['anonymity'] panProperty,panRationale = spDict['pseudonymity'] unlProperty,unlRationale = spDict['unlinkability'] unoProperty,unoRationale = spDict['unobservability'] tp = ThreatEnvironmentProperties(self.theEnvironment,self.theLikelihood,self.theTargets,attackerNames,[cProperty,iProperty,avProperty,acProperty,anProperty,panProperty,unlProperty,unoProperty],[cRationale,iRationale,avRationale,acRationale,anRationale,panRationale,unlRationale,unoRationale]) thrRows = self.dbProxy.getThreatDirectory(self.theAttack) thrData = thrRows[0] self.theThreatParameters = ThreatParameters(self.theAttack,thrData[3],thrData[2],[],[tp]) if (self.theAttackObstacle != ''): self.theObstacleAssociationParameters.append(GoalAssociationParameters(self.theEnvironment,self.theAttackObstacle,'obstacle','or',self.theAttack,'threat',0,'None')) if (self.theExploitObstacle != ''): self.theObstacleAssociationParameters.append(GoalAssociationParameters(self.theEnvironment,self.theExploitObstacle,'obstacle','or',self.theExploit,'vulnerability',0,'None')) rep = MisuseCaseEnvironmentProperties(self.theEnvironment,self.theImplementation ) mc = MisuseCase(-1,'Exploit ' + self.thePatternName,[rep],self.thePatternName) self.theRiskParameters = RiskParameters(self.thePatternName,self.theAttack,self.theExploit,mc,[],self.theIntent)
def endElement(self, name): if name == 'domainproperty': p = DomainPropertyParameters(unescape(self.theName), unescape(self.theDefinition), self.theType, unescape(self.theOriginator), self.theTags) self.theDomainProperties.append(p) self.resetDomainPropertyAttributes() elif name == 'goal_environment': p = GoalEnvironmentProperties(self.theEnvironmentName, '', unescape(self.theDefinition), self.theCategory, self.thePriority, unescape(self.theFitCriterion), unescape(self.theIssue), [], [], self.theConcerns, self.theConcernAssociations) self.theEnvironmentProperties.append(p) self.resetGoalEnvironmentAttributes() elif name == 'obstacle_environment': p = ObstacleEnvironmentProperties(self.theEnvironmentName, '', unescape(self.theDefinition), self.theCategory, [], [], self.theConcerns) p.theProbability = self.theProbability p.theProbabilityRationale = unescape(self.theRationale) self.theEnvironmentProperties.append(p) self.resetObstacleEnvironmentAttributes() elif name == 'goal': p = GoalParameters(unescape(self.theName), unescape(self.theOriginator), self.theTags, self.theEnvironmentProperties) self.theGoals.append(p) self.resetGoalAttributes() elif name == 'obstacle': p = ObstacleParameters(unescape(self.theName), unescape(self.theOriginator), self.theTags, self.theEnvironmentProperties) self.theObstacles.append(p) self.resetObstacleAttributes() elif name == 'requirement': reqId = self.dbProxy.newId() r = cairis.core.RequirementFactory.build( reqId, self.theLabel, unescape(self.theName), unescape(self.theDescription), self.thePriority, unescape(self.theRationale), unescape(self.theFitCriterion), unescape(self.theOriginator), self.theType, self.theReference) self.theRequirements.append( (r, self.theReference, self.theReferenceType)) self.resetRequirementAttributes() elif name == 'exception': self.theCurrentStep.addException( (self.theExcName, self.theExcType.lower(), self.theExcValue, self.theExcCat, unescape(self.theDefinition))) elif name == 'step': self.theCurrentStep.setTags(self.theTags) self.theSteps.append(self.theCurrentStep) self.theCurrentStep = None elif name == 'usecase_environment': vProperty, vRationale = self.theCognitiveAttribute['vigilance'] saProperty, saRationale = self.theCognitiveAttribute[ 'situation awareness'] sProperty, sRationale = self.theCognitiveAttribute['stress'] wProperty, wRationale = self.theCognitiveAttribute['workload'] raProperty, raRationale = self.theCognitiveAttribute[ 'risk awareness'] p = UseCaseEnvironmentProperties( self.theEnvironmentName, unescape(self.thePreconditions), self.theSteps, unescape(self.thePostconditions), [vProperty, saProperty, sProperty, wProperty, raProperty], [vRationale, saRationale, sRationale, wRationale, raRationale]) self.theEnvironmentProperties.append(p) self.resetUseCaseEnvironmentAttributes() elif name == 'usecase': p = UseCaseParameters(self.theName, self.theAuthor, unescape(self.theCode), self.theActors, unescape(self.theDescription), self.theTags, self.theEnvironmentProperties) self.theUseCases.append(p) self.resetUseCaseAttributes() elif name == 'countermeasure': p = CountermeasureParameters(self.theName, unescape(self.theDescription), self.theType, self.theTags, self.theEnvironmentProperties) self.theCountermeasures.append(p) self.resetCountermeasureAttributes() elif name == 'mitigating_property': self.theSpDict[self.thePropertyName] = (self.thePropertyValue, unescape( self.theDescription)) self.resetMitigatingPropertyAttributes() elif name == 'countermeasure_environment': cProperty, cRationale = self.theSpDict['confidentiality'] iProperty, iRationale = self.theSpDict['integrity'] avProperty, avRationale = self.theSpDict['availability'] acProperty, acRationale = self.theSpDict['accountability'] anProperty, anRationale = self.theSpDict['anonymity'] panProperty, panRationale = self.theSpDict['pseudonymity'] unlProperty, unlRationale = self.theSpDict['unlinkability'] unoProperty, unoRationale = self.theSpDict['unobservability'] p = CountermeasureEnvironmentProperties( self.theEnvironmentName, self.theCmRequirements, self.theTargets, [ cProperty, iProperty, avProperty, acProperty, anProperty, panProperty, unlProperty, unoProperty ], [ cRationale, iRationale, avRationale, acRationale, anRationale, panRationale, unlRationale, unoRationale ], self.theCost, self.theCmRoles, self.theTaskPersonas) self.theEnvironmentProperties.append(p) self.resetCountermeasureEnvironmentAttributes() elif (name == 'target'): self.theTargets.append( Target(self.theTargetName, self.theTargetEffectiveness, unescape(self.theRationale))) self.theTargetResponses = [] elif (name == 'description'): self.inDescription = 0 elif (name == 'definition'): self.inDefinition = 0 elif name == 'fit_criterion': self.inFitCriterion = 0 elif name == 'issue': self.inIssue = 0 elif name == 'rationale': self.inRationale = 0 elif name == 'originator': self.inOriginator = 0 elif name == 'preconditions': self.inPreconditions = 0 elif name == 'postconditions': self.inPostconditions = 0
def parameters(self): properties = ObstacleEnvironmentProperties(self.theEnvironmentName,'',self.theObstacleDefinition,self.theObstacleCategory,self.theAssociations,self.theSubAssociations,self.theConcerns) parameters = ObstacleParameters(self.theObstacleName,[],[properties]) return parameters
def parameters(self): parameters = ObstacleParameters(self.theObstacleName,self.theObstacleOriginator,self.theTags,self.theEnvironmentProperties) parameters.setId(self.theObstacleId) return parameters
def setUpClass(cls): call([os.environ['CAIRIS_CFG_DIR'] + "/initdb.sh"]) cairis.core.BorgFactory.initialise() f = open(os.environ['CAIRIS_SRC'] + '/test/dataflow.json') d = json.load(f) f.close() iEnvironments = d['environments'] iep1 = EnvironmentParameters(iEnvironments[0]["theName"], iEnvironments[0]["theShortCode"], iEnvironments[0]["theDescription"]) b = Borg() b.dbProxy.addEnvironment(iep1) iRoles = d['roles'] irp = RoleParameters(iRoles[0]["theName"], iRoles[0]["theType"], iRoles[0]["theShortCode"], iRoles[0]["theDescription"], []) b.dbProxy.addRole(irp) iUseCases = d['use_cases'] ucName = iUseCases[0]["theName"] ucAuthor = iUseCases[0]["theAuthor"] ucCode = iUseCases[0]["theCode"] ucDesc = iUseCases[0]["theDescription"] ucActor = iUseCases[0]["theActor"] ucEnv = iUseCases[0]["theEnvironments"][0] ucEnvName = ucEnv["theName"] ucPre = ucEnv["thePreconditions"] ucPost = ucEnv["thePostconditions"] ss = Steps() for ucStep in ucEnv["theFlow"]: ss.append(Step(ucStep["theDescription"])) ucep = UseCaseEnvironmentProperties(ucEnvName, ucPre, ss, ucPost) iuc = UseCaseParameters(ucName, ucAuthor, ucCode, [ucActor], ucDesc, [], [ucep]) b = Borg() b.dbProxy.addUseCase(iuc) for iAsset in d['assets']: iaeps = [ AssetEnvironmentProperties( iAsset["theEnvironmentProperties"][0][0], iAsset["theEnvironmentProperties"][0][1], iAsset["theEnvironmentProperties"][0][2]) ] iap = AssetParameters(iAsset["theName"], iAsset["theShortCode"], iAsset["theDescription"], iAsset["theSignificance"], iAsset["theType"], "0", "N/A", [], [], iaeps) b.dbProxy.addAsset(iap) for iObstacle in d['obstacles']: ioep = ObstacleEnvironmentProperties( iObstacle["theEnvironmentProperties"][0], iObstacle["theEnvironmentProperties"][1], iObstacle["theEnvironmentProperties"][2], iObstacle["theEnvironmentProperties"][3]) iop = ObstacleParameters(iObstacle["theName"], iObstacle["theOriginator"], [], [ioep]) b.dbProxy.addObstacle(iop)
def newObstacleParameters(self): obsName = self.decorator.getText("obstacleNameCtrl") envProperties = self.environmentProperties() parameters = ObstacleParameters(obsName, "Obstacle refinement", [], [envProperties]) parameters.setId(self.theObstacleId) return parameters