def buildNode(self,dimName,objtName): objtUrl = dimName + '#' + str(objtName) if (dimName == 'persona'): self.theGraph.add_node(pydot.Node(objtName,shape='circle',fontname=self.fontName,fontsize=self.fontSize,URL=objtUrl)) elif (dimName == 'tag'): self.theGraph.add_node(pydot.Node(objtName,shape='note',style='filled',pencolor='black',color='yellow',fontname=self.fontName,fontsize=self.fontSize,URL=objtUrl)) elif (dimName == 'attacker'): self.theGraph.add_node(pydot.Node(objtName,shape='circle',fontname=self.fontName,fontsize=self.fontSize,URL=objtUrl)) elif (dimName == 'asset'): assetObjt = self.dbProxy.dimensionObject(objtName,'asset') borderColour = 'black' if (assetObjt.critical()): borderColour = 'red' self.theGraph.add_node(pydot.Node(objtName,shape='record',color=borderColour,fontname=self.fontName,fontsize=self.fontSize,URL=objtUrl)) elif (dimName == 'threat'): self.theGraph.add_node(pydot.Node(objtName,shape='record',fontname=self.fontName,fontsize=self.fontSize,URL=objtUrl)) elif (dimName == 'vulnerability'): self.theGraph.add_node(pydot.Node(objtName,shape='record',fontname=self.fontName,fontsize=self.fontSize,URL=objtUrl)) elif (dimName == 'risk'): riskObjt = self.dbProxy.dimensionObject(objtName,'risk') riskScores = self.dbProxy.riskScore(riskObjt.threat(),riskObjt.vulnerability(),self.theEnvironmentName,objtName) highestScore = 0 for riskScore in riskScores: currentScore = riskScore[2] if (currentScore > highestScore): highestScore = currentScore self.theGraph.add_node(pydot.Node(objtName,shape='diamond',style='filled',color=threatColourCode(highestScore),fontcolor=riskTextColourCode(highestScore),fontname=self.fontName,fontsize=self.fontSize,URL=objtUrl)) elif (dimName == 'response'): self.theGraph.add_node(pydot.Node(objtName,shape='note',fontname=self.fontName,fontsize=self.fontSize,URL=objtUrl)) elif (dimName == 'countermeasure'): self.theGraph.add_node(pydot.Node(objtName,shape='component',fontname=self.fontName,fontsize=self.fontSize,URL=objtUrl)) elif (dimName == 'component'): self.theGraph.add_node(pydot.Node(objtName,shape='component',fontname=self.fontName,fontsize=self.fontSize,URL=objtUrl)) elif (dimName == 'requirement'): self.theGraph.add_node(pydot.Node(objtName,shape='circle',fontname=self.fontName,fontsize=self.fontSize,URL=objtUrl)) elif (dimName == 'goal'): self.theGraph.add_node(pydot.Node(objtName,shape='parallelogram',fontname=self.fontName,fontsize=self.fontSize,URL=objtUrl)) elif (dimName == 'obstacle'): self.theGraph.add_node(pydot.Node(objtName,shape='polygon',skew='-1',fontname=self.fontName,fontsize=self.fontSize,URL=objtUrl)) elif (dimName == 'role'): self.theGraph.add_node(pydot.Node(objtName,shape='circle',fontname=self.fontName,fontsize=self.fontSize,URL=objtUrl)) elif (dimName == 'responsibility'): self.theGraph.add_node(pydot.Node(objtName,shape='doubleoctagon',fontname=self.fontName,fontsize=self.fontSize,URL=objtUrl)) elif (dimName == 'environment'): self.theGraph.add_node(pydot.Node(objtName,shape='doublecircle',fontname=self.fontName,fontsize=self.fontSize,URL=objtUrl)) elif (dimName == 'domainproperty'): self.theGraph.add_node(pydot.Node(objtName,shape='house',fontname=self.fontName,fontsize=self.fontSize,URL=objtUrl)) elif (dimName == 'inconsistency'): self.theGraph.add_node(pydot.Node(objtName,shape='polygon',fontname=self.fontName,fontsize=self.fontSize,URL=objtUrl)) elif (dimName == 'task'): taskScore = self.dbProxy.taskUsabilityScore(objtName,self.theEnvironmentName) self.theGraph.add_node(pydot.Node(objtName,shape='ellipse',style='filled',color=usabilityColourCode(taskScore),fontcolor=usabilityTextColourCode(taskScore),fontname=self.fontName,fontsize=self.fontSize,URL=objtUrl)) elif (dimName == 'misusecase'): self.theGraph.add_node(pydot.Node(objtName,shape='ellipse',fontname=self.fontName,fontsize=self.fontSize,style='filled',color='black',fontcolor='white',URL=objtUrl)) else: raise ARM.UnknownNodeType(dimName)
def buildNode(self,dimName,objtName): objtUrl = dimName + '#' + objtName if (dimName == 'goal'): self.theGraph.add_node(pydot.Node(objtName,shape='parallelogram',fontname=self.fontName,fontsize=self.fontSize,URL=objtUrl)) # soft-goal attributes self.theGraph.add_node(pydot.Node(objtName,shape='polygon',style='rounded',sides='6',distortion='-0.537997',orientation='52',skew='-0.960726',fontname=self.fontName,fontsize=self.fontSize,URL=objtUrl)) elif (dimName == 'obstacle'): obsId = self.dbProxy.getDimensionId(objtName,'obstacle') envId = self.dbProxy.getDimensionId(self.theEnvironmentName,'environment') self.theGraph.add_node(pydot.Node(objtName,shape='polygon',skew='-0.4',style='filled',pencolor='black',colorscheme='ylorrd9',fillcolor=obstacleColourCode(self.dbProxy.obstacleProbability(obsId,envId)),fontname=self.fontName,fontsize=self.fontSize,URL=objtUrl)) elif (dimName == 'domainproperty'): self.theGraph.add_node(pydot.Node(objtName,shape='house',fontname=self.fontName,fontsize=self.fontSize,URL=objtUrl)) elif (dimName == 'requirement'): self.theGraph.add_node(pydot.Node(objtName,shape='parallelogram',fontname=self.fontName,fontsize=self.fontSize,URL=objtUrl)) elif (dimName == 'countermeasure'): self.theGraph.add_node(pydot.Node(objtName,shape='hexagon',fontname=self.fontName,fontsize=self.fontSize,URL=objtUrl)) elif ((dimName == 'role') and (self.theKaosModel != 'task')): self.theGraph.add_node(pydot.Node(objtName,shape='hexagon',fontname=self.fontName,fontsize=self.fontSize,URL=objtUrl)) elif ((dimName == 'role') and (self.theKaosModel == 'task')): self.theGraph.add_node(pydot.Node(objtName,shape='ellipse',fontname=self.fontName,fontsize=self.fontSize,URL=objtUrl)) elif (dimName == 'usecase'): self.theGraph.add_node(pydot.Node(objtName,shape='ellipse',fontname=self.fontName,fontsize=self.fontSize,URL=objtUrl)) elif (dimName == 'task'): objt = self.dbProxy.dimensionObject(objtName,'task') if (objt.assumption() == True): objtLabel = "<<Assumption>>" + objtName else: objtLabel = objtName taskScore = self.dbProxy.taskUsabilityScore(objtName,self.theEnvironmentName) self.theGraph.add_node(pydot.Node(objtName,label=objtLabel,shape='ellipse',style='filled',color=usabilityColourCode(taskScore),fontcolor=usabilityTextColourCode(taskScore),fontname=self.fontName,fontsize=self.fontSize,URL=objtUrl)) elif (dimName == 'misusecase'): ellipseColour = 'black' if (self.theKaosModel == 'task'): riskName = objtName[8:] riskObjt = self.dbProxy.dimensionObject(riskName,'risk') riskScores = self.dbProxy.riskScore(riskObjt.threat(),riskObjt.vulnerability(),self.theEnvironmentName,riskName) highestScore = 0 for riskScore in riskScores: currentScore = riskScore[2] if (currentScore > highestScore): highestScore = currentScore ellipseColour = threatColourCode(highestScore) ellipseFontColour = 'white' if highestScore < 2: ellipseFontColour = 'black' self.theGraph.add_node(pydot.Node(objtName,shape='ellipse',style='filled',color=ellipseColour,fontcolor=ellipseFontColour,fontname=self.fontName,fontsize=self.fontSize,URL=objtUrl)) elif (dimName == 'persona'): objt = self.dbProxy.dimensionObject(objtName,'persona') if (objt.assumption() == True): objtLabel = "<<Assumption>>" + objtName self.theGraph.add_node(pydot.Node(objtName,label=objtLabel,shape='circle',fontname=self.fontName,fontsize=self.fontSize,URL=objtUrl)) else: self.theGraph.add_node(pydot.Node(objtName,shape='circle',fontname=self.fontName,fontsize=self.fontSize,URL=objtUrl)) elif (dimName == 'attacker'): self.theGraph.add_node(pydot.Node(objtName,shape='circle',style='filled',color='black',fontname=self.fontName,fontsize=self.fontSize,URL=objtUrl)) elif (dimName == 'response'): self.theGraph.add_node(pydot.Node(objtName,shape='note',fontname=self.fontName,fontsize=self.fontSize,URL=objtUrl)) elif (dimName == 'asset'): fontColour = 'black' nodeColour = 'black' if (self.theKaosModel == 'task'): fontColour = 'blue' nodeColour = 'blue' self.theGraph.add_node(pydot.Node(objtName,shape='record',fontname=self.fontName,fontsize=self.fontSize,fontcolor=fontColour,color=nodeColour,URL=objtUrl)) else: raise ARM.UnknownNodeType(dimName)
def graph(self): locs = self.theLocs[2] edgeList = set([]) for location in locs: locName = location[0] assetInstances = location[1] personaInstances = location[2] locLinks = location[3] for linkLoc in locLinks: if ((linkLoc, locName) not in edgeList) and ((locName, linkLoc) not in edgeList): edgeList.add((linkLoc, locName)) locCluster = pydot.Cluster(locName, label=locName, URL='location#' + locName) locCluster.add_node( pydot.Node('point_' + locName, label='', shape="none", fontcolor="white", URL='location#' + locName)) for inst in assetInstances: instName = inst[0] assetName = inst[1] locCluster.add_node( pydot.Node(instName, URL='asset#' + assetName)) for persona in personaInstances: instName = persona[0] personaName = persona[1] locCluster.add_node( pydot.Node(instName, shape='circle', URL='persona#' + personaName)) self.theGraph.add_subgraph(locCluster) for edges in edgeList: self.theGraph.add_edge( pydot.Edge('point_' + edges[0], 'point_' + edges[1], arrowhead='none', arrowtail='none', dir='both')) edgeList.clear() b = Borg() risks = set([]) for trace in self.theOverlayTraces: riskName = trace.fromName() locName = trace.toName() if (riskName, locName) not in edgeList: edgeList.add((riskName, locName)) if riskName not in risks: risks.add(riskName) riskObjt = b.dbProxy.dimensionObject(riskName, 'risk') riskScores = b.dbProxy.riskScore(riskObjt.threat(), riskObjt.vulnerability(), self.theEnvironmentName, riskName) highestScore = 0 for riskScore in riskScores: currentScore = riskScore[2] if (currentScore > highestScore): highestScore = currentScore self.theGraph.add_node( pydot.Node(riskName, shape='diamond', style='filled', color=threatColourCode(highestScore), fontcolor=riskTextColourCode(highestScore), fontname=self.fontName, fontsize=self.fontSize, URL='risk#' + riskName)) for edges in edgeList: self.theGraph.add_edge(pydot.Edge(edges[0], 'point_' + edges[1])) return self.layout()
def graph(self): b = Borg() for location in self.theLocs.locations(): locName = location.name() assetInstances = location.assetInstances() personaInstances = location.personaInstances() locCluster = pydot.Cluster(locName, label=locName) locCluster.add_node( pydot.Node('point_' + locName, label='', shape="none", fontcolor="white")) for inst in assetInstances: instName = inst[0] assetName = inst[1] locCluster.add_node( pydot.Node(instName, URL='asset#' + assetName, margin=0)) for persona in personaInstances: instName = persona[0] personaName = persona[1] actorFile = b.assetDir + '/modelActor.png' locCluster.add_node( pydot.Node(instName, label=instName, shapefile=actorFile, fontname=self.fontName, fontsize=self.fontSize, URL='persona#' + personaName, peripheries='0')) self.theGraph.add_subgraph(locCluster) for edges in self.theLocs.links(): self.theGraph.add_edge( pydot.Edge('point_' + edges[0], 'point_' + edges[1], arrowhead='none', arrowtail='none', dir='both')) edgeList = set([]) b = Borg() risks = set([]) for trace in self.theOverlayTraces: riskName = trace.fromName() locName = trace.toName() if (riskName, locName) not in edgeList: edgeList.add((riskName, locName)) if riskName not in risks: risks.add(riskName) riskObjt = self.dbProxy.dimensionObject(riskName, 'risk') riskScores = self.dbProxy.riskScore(riskObjt.threat(), riskObjt.vulnerability(), self.theEnvironmentName, riskName) highestScore = 0 for riskScore in riskScores: currentScore = riskScore[2] if (currentScore > highestScore): highestScore = currentScore self.theGraph.add_node( pydot.Node(riskName, shape='diamond', margin=0, style='filled', color=threatColourCode(highestScore), fontcolor=riskTextColourCode(highestScore), fontname=self.fontName, fontsize=self.fontSize, URL='risk#' + riskName)) for edges in edgeList: self.theGraph.add_edge(pydot.Edge(edges[0], 'point_' + edges[1])) return self.layout()
def buildNode(self, dimName, objtName): objtUrl = dimName + '#' + objtName if (dimName == 'goal'): self.theGraph.add_node( pydot.Node(objtName, shape='parallelogram', fontname=self.fontName, fontsize=self.fontSize, URL=objtUrl)) # soft-goal attributes self.theGraph.add_node(pydot.Node(objtName,shape='polygon',style='rounded',sides='6',distortion='-0.537997',orientation='52',skew='-0.960726',fontname=self.fontName,fontsize=self.fontSize,URL=objtUrl)) elif (dimName == 'obstacle'): obsId = self.dbProxy.getDimensionId(objtName, 'obstacle') envId = self.dbProxy.getDimensionId(self.theEnvironmentName, 'environment') self.theGraph.add_node( pydot.Node(objtName, shape='polygon', skew='-0.4', style='filled', pencolor='black', colorscheme='ylorrd9', fillcolor=obstacleColourCode( self.dbProxy.obstacleProbability(obsId, envId)), fontname=self.fontName, fontsize=self.fontSize, URL=objtUrl)) elif (dimName == 'domainproperty'): self.theGraph.add_node( pydot.Node(objtName, shape='house', fontname=self.fontName, fontsize=self.fontSize, URL=objtUrl)) elif (dimName == 'requirement'): self.theGraph.add_node( pydot.Node(objtName, shape='parallelogram', fontname=self.fontName, fontsize=self.fontSize, URL=objtUrl)) elif (dimName == 'countermeasure'): self.theGraph.add_node( pydot.Node(objtName, shape='hexagon', fontname=self.fontName, fontsize=self.fontSize, URL=objtUrl)) elif ((dimName == 'role') and (self.theKaosModel != 'task')): self.theGraph.add_node( pydot.Node(objtName, shape='hexagon', fontname=self.fontName, fontsize=self.fontSize, URL=objtUrl)) elif ((dimName == 'role') and (self.theKaosModel == 'task')): self.theGraph.add_node( pydot.Node(objtName, shape='ellipse', fontname=self.fontName, fontsize=self.fontSize, URL=objtUrl)) elif (dimName == 'usecase'): self.theGraph.add_node( pydot.Node(objtName, shape='ellipse', fontname=self.fontName, fontsize=self.fontSize, URL=objtUrl)) elif (dimName == 'task'): objt = self.dbProxy.dimensionObject(objtName, 'task') if (objt.assumption() == True): objtLabel = "<<Assumption>>" + objtName else: objtLabel = objtName taskScore = self.dbProxy.taskUsabilityScore( objtName, self.theEnvironmentName) self.theGraph.add_node( pydot.Node(objtName, label=objtLabel, shape='ellipse', style='filled', color=usabilityColourCode(taskScore), fontcolor=usabilityTextColourCode(taskScore), fontname=self.fontName, fontsize=self.fontSize, URL=objtUrl)) elif (dimName == 'misusecase'): ellipseColour = 'black' if (self.theKaosModel == 'task'): riskName = objtName[8:] riskObjt = self.dbProxy.dimensionObject(riskName, 'risk') riskScores = self.dbProxy.riskScore(riskObjt.threat(), riskObjt.vulnerability(), self.theEnvironmentName, riskName) highestScore = 0 for riskScore in riskScores: currentScore = riskScore[2] if (currentScore > highestScore): highestScore = currentScore ellipseColour = threatColourCode(highestScore) ellipseFontColour = 'white' if highestScore < 2: ellipseFontColour = 'black' self.theGraph.add_node( pydot.Node(objtName, shape='ellipse', style='filled', color=ellipseColour, fontcolor=ellipseFontColour, fontname=self.fontName, fontsize=self.fontSize, URL=objtUrl)) elif (dimName == 'persona'): objt = self.dbProxy.dimensionObject(objtName, 'persona') if (objt.assumption() == True): objtLabel = "<<Assumption>>" + objtName self.theGraph.add_node( pydot.Node(objtName, label=objtLabel, shape='circle', fontname=self.fontName, fontsize=self.fontSize, URL=objtUrl)) else: self.theGraph.add_node( pydot.Node(objtName, shape='circle', fontname=self.fontName, fontsize=self.fontSize, URL=objtUrl)) elif (dimName == 'attacker'): self.theGraph.add_node( pydot.Node(objtName, shape='circle', style='filled', color='black', fontname=self.fontName, fontsize=self.fontSize, URL=objtUrl)) elif (dimName == 'response'): self.theGraph.add_node( pydot.Node(objtName, shape='note', fontname=self.fontName, fontsize=self.fontSize, URL=objtUrl)) elif (dimName == 'asset'): fontColour = 'black' nodeColour = 'black' if (self.theKaosModel == 'task'): fontColour = 'blue' nodeColour = 'blue' self.theGraph.add_node( pydot.Node(objtName, shape='record', fontname=self.fontName, fontsize=self.fontSize, fontcolor=fontColour, color=nodeColour, URL=objtUrl)) else: raise ARM.UnknownNodeType(dimName)
def buildNode(self, dimName, objtName): b = Borg() actorFile = b.assetDir + '/modelActor.png' attackerFile = b.assetDir + '/modelAttacker.png' roleFile = b.assetDir + '/modelRole.png' objtUrl = dimName + '#' + str(objtName) if (dimName == 'persona'): self.theGraph.add_node( pydot.Node(objtName, label='', xlabel=objtName, shapefile=actorFile, fontname=self.fontName, fontsize=self.fontSize, URL=objtUrl, peripheries='0')) elif (dimName == 'tag'): self.theGraph.add_node( pydot.Node(objtName, shape='note', style='filled', margin=0, pencolor='black', color='yellow', fontname=self.fontName, fontsize=self.fontSize, URL=objtUrl)) elif (dimName == 'attacker'): self.theGraph.add_node( pydot.Node(objtName, label='', xlabel=objtName, shapefile=attackerFile, fontname=self.fontName, fontsize=self.fontSize, URL=objtUrl, peripheries='0')) elif (dimName == 'asset'): assetObjt = self.dbProxy.dimensionObject(objtName, 'asset') borderColour = 'black' if (assetObjt.critical()): borderColour = 'red' self.theGraph.add_node( pydot.Node(objtName, shape='record', color=borderColour, margin=0, fontname=self.fontName, fontsize=self.fontSize, URL=objtUrl, width='0', height='0', style='filled', pencolor='black', fillcolor='white', label=arrayToAssetSecurityPropertiesTable( assetObjt.securityProperties( self.theEnvironmentName), objtName))) elif (dimName == 'threat'): thrObjt = self.dbProxy.dimensionObject(objtName, 'threat') thrLhood = thrObjt.likelihood( self.theEnvironmentName, self.theEnvironmentObject.duplicateProperty(), self.theEnvironmentObject.overridingEnvironment()) self.theGraph.add_node( pydot.Node(objtName, shape='record', style='filled', margin=0, color='black', fontcolor=threatTextColour(thrLhood), fillcolor=threatLikelihoodColourCode(thrLhood), fontname=self.fontName, fontsize=self.fontSize, URL=objtUrl, label=arrayToThreatSecurityPropertiesTable( thrObjt.securityProperties( self.theEnvironmentName), objtName))) elif (dimName == 'vulnerability'): vulObjt = self.dbProxy.dimensionObject(objtName, 'vulnerability') vulSev = vulObjt.severity( self.theEnvironmentName, self.theEnvironmentObject.duplicateProperty(), self.theEnvironmentObject.overridingEnvironment()) self.theGraph.add_node( pydot.Node(objtName, shape='record', style='filled', margin=0, colorscheme='orrd4', fontcolor=vulnerabilityTextColour(vulSev), fillcolor=vulnerabilitySeverityColourCode(vulSev), fontname=self.fontName, fontsize=self.fontSize, URL=objtUrl)) elif (dimName == 'risk'): riskObjt = self.dbProxy.dimensionObject(objtName, 'risk') riskScores = self.dbProxy.riskScore(riskObjt.threat(), riskObjt.vulnerability(), self.theEnvironmentName, objtName) highestScore = 0 for riskScore in riskScores: currentScore = riskScore[2] if (currentScore > highestScore): highestScore = currentScore self.theGraph.add_node( pydot.Node(objtName, shape='diamond', style='filled', margin=0, color='black', fillcolor=threatColourCode(highestScore), fontcolor=riskTextColourCode(highestScore), fontname=self.fontName, fontsize=self.fontSize, URL=objtUrl)) elif (dimName == 'response'): self.theGraph.add_node( pydot.Node(objtName, shape='note', margin=0, fontname=self.fontName, fontsize=self.fontSize, URL=objtUrl)) elif (dimName == 'countermeasure'): self.theGraph.add_node( pydot.Node(objtName, shape='component', margin=0, fontname=self.fontName, fontsize=self.fontSize, URL=objtUrl)) elif (dimName == 'component'): self.theGraph.add_node( pydot.Node(objtName, shape='component', margin=0, fontname=self.fontName, fontsize=self.fontSize, URL=objtUrl)) elif (dimName == 'requirement'): self.theGraph.add_node( pydot.Node(objtName, shape='circle', margin=0, fontname=self.fontName, fontsize=self.fontSize, URL=objtUrl)) elif (dimName == 'goal'): self.theGraph.add_node( pydot.Node(objtName, shape='parallelogram', margin=0, fontname=self.fontName, fontsize=self.fontSize, URL=objtUrl)) elif (dimName == 'obstacle'): obsId = self.dbProxy.getDimensionId(objtName, 'obstacle') envId = self.dbProxy.getDimensionId(self.theEnvironmentName, 'environment') obsProb, obsRationale = self.dbProxy.obstacleProbability( obsId, envId) self.theGraph.add_node( pydot.Node(objtName, shape='polygon', margin=0, skew='-0.4', style='filled', pencolor='black', colorscheme='ylorrd9', fillcolor=obstacleColourCode(obsProb), fontname=self.fontName, fontsize=self.fontSize, fontcolor=probabilityTextColourCode(obsProb), URL=objtUrl)) elif (dimName == 'role'): self.theGraph.add_node( pydot.Node(objtName, label='', xlabel=objtName, shapefile=roleFile, fontname=self.fontName, fontsize=self.fontSize, URL=objtUrl, peripheries='0')) elif (dimName == 'responsibility'): self.theGraph.add_node( pydot.Node(objtName, shape='doubleoctagon', margin=0, fontname=self.fontName, fontsize=self.fontSize, URL=objtUrl)) elif (dimName == 'environment'): self.theGraph.add_node( pydot.Node(objtName, shape='doublecircle', margin=0, fontname=self.fontName, fontsize=self.fontSize, URL=objtUrl)) elif (dimName == 'domainproperty'): self.theGraph.add_node( pydot.Node(objtName, shape='house', margin=0, fontname=self.fontName, fontsize=self.fontSize, URL=objtUrl)) elif (dimName == 'inconsistency'): self.theGraph.add_node( pydot.Node(objtName, shape='polygon', margin=0, fontname=self.fontName, fontsize=self.fontSize, URL=objtUrl)) elif (dimName == 'task'): taskScore = self.dbProxy.taskUsabilityScore( objtName, self.theEnvironmentName) self.theGraph.add_node( pydot.Node(objtName, shape='ellipse', margin=0, style='filled', color=usabilityColourCode(taskScore), pencolor='black', fontname=self.fontName, fontsize=self.fontSize, fontcolor=usabilityTextColourCode(taskScore), URL=objtUrl)) else: raise UnknownNodeType(dimName)
def buildNode(self,dimName,objtName): b = Borg() actorFile = b.assetDir + '/modelActor.png' attackerFile = b.assetDir + '/modelAttacker.png' roleFile = b.assetDir + '/modelRole.png' objtUrl = dimName + '#' + str(objtName) if (dimName == 'persona'): self.theGraph.add_node(pydot.Node(objtName,shapefile=actorFile,fontname=self.fontName,fontsize=self.fontSize,URL=objtUrl,peripheries='0')) elif (dimName == 'tag'): self.theGraph.add_node(pydot.Node(objtName,shape='note',style='filled',margin=0,pencolor='black',color='yellow',fontname=self.fontName,fontsize=self.fontSize,URL=objtUrl)) elif (dimName == 'attacker'): self.theGraph.add_node(pydot.Node(objtName,shapefile=attackerFile,fontname=self.fontName,fontsize=self.fontSize,URL=objtUrl,peripheries='0')) elif (dimName == 'asset'): assetObjt = self.dbProxy.dimensionObject(objtName,'asset') borderColour = 'black' if (assetObjt.critical()): borderColour = 'red' self.theGraph.add_node(pydot.Node(objtName,shape='record',color=borderColour,margin=0,fontname=self.fontName,fontsize=self.fontSize,URL=objtUrl,width='0',height='0',style='filled',pencolor='black',fillcolor='white',label=arrayToAssetSecurityPropertiesTable(assetObjt.securityProperties(self.theEnvironmentName),objtName))) elif (dimName == 'threat'): thrObjt = self.dbProxy.dimensionObject(objtName,'threat') thrLhood = thrObjt.likelihood(self.theEnvironmentName,self.theEnvironmentObject.duplicateProperty(),self.theEnvironmentObject.overridingEnvironment()) self.theGraph.add_node(pydot.Node(objtName,shape='record',style='filled',margin=0,color='black',fillcolor=threatLikelihoodColourCode(thrLhood),fontname=self.fontName,fontsize=self.fontSize,URL=objtUrl,label=arrayToThreatSecurityPropertiesTable(thrObjt.securityProperties(self.theEnvironmentName),objtName))) elif (dimName == 'vulnerability'): vulObjt = self.dbProxy.dimensionObject(objtName,'vulnerability') vulSev = vulObjt.severity(self.theEnvironmentName,self.theEnvironmentObject.duplicateProperty(),self.theEnvironmentObject.overridingEnvironment()) self.theGraph.add_node(pydot.Node(objtName,shape='record',style='filled',margin=0,colorscheme='orrd4',color='black',fillcolor=vulnerabilitySeverityColourCode(vulSev),fontname=self.fontName,fontsize=self.fontSize,URL=objtUrl)) elif (dimName == 'risk'): riskObjt = self.dbProxy.dimensionObject(objtName,'risk') riskScores = self.dbProxy.riskScore(riskObjt.threat(),riskObjt.vulnerability(),self.theEnvironmentName,objtName) highestScore = 0 for riskScore in riskScores: currentScore = riskScore[2] if (currentScore > highestScore): highestScore = currentScore self.theGraph.add_node(pydot.Node(objtName,shape='diamond',style='filled',margin=0,color='black',fillcolor=threatColourCode(highestScore),fontcolor=riskTextColourCode(highestScore),fontname=self.fontName,fontsize=self.fontSize,URL=objtUrl)) elif (dimName == 'response'): self.theGraph.add_node(pydot.Node(objtName,shape='note',margin=0,fontname=self.fontName,fontsize=self.fontSize,URL=objtUrl)) elif (dimName == 'countermeasure'): self.theGraph.add_node(pydot.Node(objtName,shape='component',margin=0,fontname=self.fontName,fontsize=self.fontSize,URL=objtUrl)) elif (dimName == 'component'): self.theGraph.add_node(pydot.Node(objtName,shape='component',margin=0,fontname=self.fontName,fontsize=self.fontSize,URL=objtUrl)) elif (dimName == 'requirement'): self.theGraph.add_node(pydot.Node(objtName,shape='circle',margin=0,fontname=self.fontName,fontsize=self.fontSize,URL=objtUrl)) elif (dimName == 'goal'): self.theGraph.add_node(pydot.Node(objtName,shape='parallelogram',margin=0,fontname=self.fontName,fontsize=self.fontSize,URL=objtUrl)) elif (dimName == 'obstacle'): obsId = self.dbProxy.getDimensionId(objtName,'obstacle') envId = self.dbProxy.getDimensionId(self.theEnvironmentName,'environment') obsProb,obsRationale = self.dbProxy.obstacleProbability(obsId,envId) self.theGraph.add_node(pydot.Node(objtName,shape='polygon',margin=0,skew='-0.4',style='filled',pencolor='black',colorscheme='ylorrd9',fillcolor=obstacleColourCode(obsProb),fontname=self.fontName,fontsize=self.fontSize,fontcolor=probabilityTextColourCode(obsProb),URL=objtUrl)) elif (dimName == 'role'): self.theGraph.add_node(pydot.Node(objtName,shapefile=roleFile,fontname=self.fontName,fontsize=self.fontSize,URL=objtUrl,peripheries='0')) elif (dimName == 'responsibility'): self.theGraph.add_node(pydot.Node(objtName,shape='doubleoctagon',margin=0,fontname=self.fontName,fontsize=self.fontSize,URL=objtUrl)) elif (dimName == 'environment'): self.theGraph.add_node(pydot.Node(objtName,shape='doublecircle',margin=0,fontname=self.fontName,fontsize=self.fontSize,URL=objtUrl)) elif (dimName == 'domainproperty'): self.theGraph.add_node(pydot.Node(objtName,shape='house',margin=0,fontname=self.fontName,fontsize=self.fontSize,URL=objtUrl)) elif (dimName == 'inconsistency'): self.theGraph.add_node(pydot.Node(objtName,shape='polygon',margin=0,fontname=self.fontName,fontsize=self.fontSize,URL=objtUrl)) elif (dimName == 'task'): taskScore = self.dbProxy.taskUsabilityScore(objtName,self.theEnvironmentName) self.theGraph.add_node(pydot.Node(objtName,shape='ellipse',margin=0,style='filled',color=usabilityColourCode(taskScore),pencolor='black',fontname=self.fontName,fontsize=self.fontSize,fontcolor=usabilityTextColourCode(taskScore),URL=objtUrl)) elif (dimName == 'misusecase'): self.theGraph.add_node(pydot.Node(objtName,shape='ellipse',margin=0,fontname=self.fontName,fontsize=self.fontSize,style='filled',color='black',fontcolor='white',URL=objtUrl)) else: raise UnknownNodeType(dimName)
def graph(self): for location in self.theLocs.locations(): locName = location.name() assetInstances = location.assetInstances() personaInstances = location.personaInstances() locCluster = pydot.Cluster(locName,label=locName,URL='location#' + locName) locCluster.add_node(pydot.Node('point_' + locName,label='',shape="none",fontcolor="white",URL='location#' + locName)) for inst in assetInstances: instName = inst[0] assetName = inst[1] locCluster.add_node(pydot.Node(instName,URL='asset#' + assetName)) for persona in personaInstances: instName = persona[0] personaName = persona[1] locCluster.add_node(pydot.Node(instName,shape='circle',URL='persona#' + personaName)) self.theGraph.add_subgraph(locCluster) for edges in self.theLocs.links(): self.theGraph.add_edge(pydot.Edge('point_' + edges[0],'point_' + edges[1],arrowhead='none',arrowtail='none',dir='both')) edgeList = set([]) b = Borg() risks = set([]) for trace in self.theOverlayTraces: riskName = trace.fromName() locName = trace.toName() if (riskName,locName) not in edgeList: edgeList.add((riskName,locName)) if riskName not in risks: risks.add(riskName) riskObjt = b.dbProxy.dimensionObject(riskName,'risk') riskScores = b.dbProxy.riskScore(riskObjt.threat(),riskObjt.vulnerability(),self.theEnvironmentName,riskName) highestScore = 0 for riskScore in riskScores: currentScore = riskScore[2] if (currentScore > highestScore): highestScore = currentScore self.theGraph.add_node(pydot.Node(riskName,shape='diamond',style='filled',color=threatColourCode(highestScore),fontcolor=riskTextColourCode(highestScore),fontname=self.fontName,fontsize=self.fontSize,URL='risk#'+riskName)) for edges in edgeList: self.theGraph.add_edge(pydot.Edge(edges[0],'point_' + edges[1])) return self.layout()
def buildNode(self, dimName, objtName): if ((self.theKaosModel == 'template_goal') and (dimName == 'goal')): dimName = 'template_goal' objtUrl = dimName + '#' + objtName b = Borg() actorFile = b.assetDir + '/modelActor.png' attackerFile = b.assetDir + '/modelAttacker.png' if ((dimName == 'goal') or (dimName == 'template_goal')): self.theGraph.add_node( pydot.Node(objtName, shape='parallelogram', margin=0, fontname=self.fontName, fontsize=self.fontSize, URL=objtUrl)) elif (dimName == 'obstacle'): obsId = self.dbProxy.getDimensionId(objtName, 'obstacle') envId = self.dbProxy.getDimensionId(self.theEnvironmentName, 'environment') obsProb, obsRationale = self.dbProxy.obstacleProbability( obsId, envId) self.theGraph.add_node( pydot.Node(objtName, shape='polygon', margin=0, skew='-0.4', style='filled', pencolor='black', colorscheme='ylorrd9', fillcolor=obstacleColourCode(obsProb), fontname=self.fontName, fontsize=self.fontSize, fontcolor=probabilityTextColourCode(obsProb), URL=objtUrl)) elif (dimName == 'domainproperty'): self.theGraph.add_node( pydot.Node(objtName, shape='house', margin=0, fontname=self.fontName, fontsize=self.fontSize, URL=objtUrl)) elif (dimName == 'requirement'): self.theGraph.add_node( pydot.Node(objtName, shape='parallelogram', margin=0, fontname=self.fontName, fontsize=self.fontSize, URL=objtUrl)) elif (dimName == 'countermeasure'): self.theGraph.add_node( pydot.Node(objtName, shape='hexagon', margin=0, fontname=self.fontName, fontsize=self.fontSize, URL=objtUrl)) elif ((dimName == 'role') and (self.theKaosModel != 'task')): self.theGraph.add_node( pydot.Node(objtName, shape='hexagon', margin=0, fontname=self.fontName, fontsize=self.fontSize, URL=objtUrl)) elif ((dimName == 'role') and (self.theKaosModel == 'task')): self.theGraph.add_node( pydot.Node(objtName, shapefile=actorFile, fontname=self.fontName, fontsize=self.fontSize, URL=objtUrl, peripheries='0')) elif (dimName == 'usecase'): self.theGraph.add_node( pydot.Node(objtName, shape='ellipse', margin=0, fontname=self.fontName, fontsize=self.fontSize, URL=objtUrl)) elif (dimName == 'task'): objt = self.dbProxy.dimensionObject(objtName, 'task') if (objt.assumption() == True): objtLabel = "<<Assumption>>" + objtName else: objtLabel = objtName taskScore = self.dbProxy.taskUsabilityScore( objtName, self.theEnvironmentName) self.theGraph.add_node( pydot.Node(objtName, label=objtLabel, shape='ellipse', margin=0, style='filled', color=usabilityColourCode(taskScore), fontname=self.fontName, fontsize=self.fontSize, fontcolor=usabilityTextColourCode(taskScore), URL=objtUrl)) elif (dimName == 'misusecase'): ellipseColour = 'black' if (self.theKaosModel == 'task'): riskName = objtName[8:] riskObjt = self.dbProxy.dimensionObject(riskName, 'risk') riskScores = self.dbProxy.riskScore(riskObjt.threat(), riskObjt.vulnerability(), self.theEnvironmentName, riskName) highestScore = 0 for riskScore in riskScores: currentScore = riskScore[2] if (currentScore > highestScore): highestScore = currentScore ellipseColour = threatColourCode(highestScore) self.theGraph.add_node( pydot.Node(objtName, shape='ellipse', margin=0, style='filled', color=ellipseColour, fontcolor=riskTextColourCode(highestScore), fontname=self.fontName, fontsize=self.fontSize, URL=objtUrl)) elif (dimName == 'persona'): objt = self.dbProxy.dimensionObject(objtName, 'persona') if (objt.assumption() == True): objtLabel = "<<Assumption>>" + objtName self.theGraph.add_node( pydot.Node(objtName, label=objtLabel, shapefile=actorFile, fontname=self.fontName, fontsize=self.fontSize, URL=objtUrl, peripheries='0')) else: self.theGraph.add_node( pydot.Node(objtName, shapefile=actorFile, fontname=self.fontName, fontsize=self.fontSize, URL=objtUrl, peripheries='0')) elif (dimName == 'attacker'): self.theGraph.add_node( pydot.Node(objtName, shapefile=attackerFile, fontname=self.fontName, fontsize=self.fontSize, URL=objtUrl, peripheries='0')) elif (dimName == 'response'): self.theGraph.add_node( pydot.Node(objtName, shape='note', margin=0, fontname=self.fontName, fontsize=self.fontSize, URL=objtUrl)) elif (dimName == 'asset'): fontColour = 'black' nodeColour = 'black' if (self.theKaosModel == 'task'): fontColour = 'blue' nodeColour = 'blue' self.theGraph.add_node( pydot.Node(objtName, shape='record', margin=0, fontname=self.fontName, fontsize=self.fontSize, fontcolor=fontColour, color=nodeColour, URL=objtUrl)) else: raise UnknownNodeType(dimName)
def buildNode(self,dimName,objtName): if ((self.theKaosModel == 'template_goal') and (dimName == 'goal')): dimName = 'template_goal' objtUrl = dimName + '#' + objtName b = Borg() actorFile = b.assetDir + '/modelActor.png' attackerFile = b.assetDir + '/modelAttacker.png' if ((dimName == 'goal') or (dimName == 'template_goal')): self.theGraph.add_node(pydot.Node(objtName,shape='parallelogram',margin=0,fontname=self.fontName,fontsize=self.fontSize,URL=objtUrl)) elif (dimName == 'obstacle'): obsId = self.dbProxy.getDimensionId(objtName,'obstacle') envId = self.dbProxy.getDimensionId(self.theEnvironmentName,'environment') obsProb,obsRationale = self.dbProxy.obstacleProbability(obsId,envId) self.theGraph.add_node(pydot.Node(objtName,shape='polygon',margin=0,skew='-0.4',style='filled',pencolor='black',colorscheme='ylorrd9',fillcolor=obstacleColourCode(obsProb),fontname=self.fontName,fontsize=self.fontSize,fontcolor=probabilityTextColourCode(obsProb),URL=objtUrl)) elif (dimName == 'domainproperty'): self.theGraph.add_node(pydot.Node(objtName,shape='house',margin=0,fontname=self.fontName,fontsize=self.fontSize,URL=objtUrl)) elif (dimName == 'requirement'): self.theGraph.add_node(pydot.Node(objtName,shape='parallelogram',margin=0,fontname=self.fontName,fontsize=self.fontSize,URL=objtUrl)) elif (dimName == 'countermeasure'): self.theGraph.add_node(pydot.Node(objtName,shape='hexagon',margin=0,fontname=self.fontName,fontsize=self.fontSize,URL=objtUrl)) elif ((dimName == 'role') and (self.theKaosModel != 'task')): self.theGraph.add_node(pydot.Node(objtName,shape='hexagon',margin=0,fontname=self.fontName,fontsize=self.fontSize,URL=objtUrl)) elif ((dimName == 'role') and (self.theKaosModel == 'task')): self.theGraph.add_node(pydot.Node(objtName,shapefile=actorFile,fontname=self.fontName,fontsize=self.fontSize,URL=objtUrl,peripheries='0')) elif (dimName == 'usecase'): self.theGraph.add_node(pydot.Node(objtName,shape='ellipse',margin=0,fontname=self.fontName,fontsize=self.fontSize,URL=objtUrl)) elif (dimName == 'task'): objt = self.dbProxy.dimensionObject(objtName,'task') if (objt.assumption() == True): objtLabel = "<<Assumption>>" + objtName else: objtLabel = objtName taskScore = self.dbProxy.taskUsabilityScore(objtName,self.theEnvironmentName) self.theGraph.add_node(pydot.Node(objtName,label=objtLabel,shape='ellipse',margin=0,style='filled',color=usabilityColourCode(taskScore),fontname=self.fontName,fontsize=self.fontSize,fontcolor=usabilityTextColourCode(taskScore),URL=objtUrl)) elif (dimName == 'misusecase'): ellipseColour = 'black' if (self.theKaosModel == 'task'): riskName = objtName[8:] riskObjt = self.dbProxy.dimensionObject(riskName,'risk') riskScores = self.dbProxy.riskScore(riskObjt.threat(),riskObjt.vulnerability(),self.theEnvironmentName,riskName) highestScore = 0 for riskScore in riskScores: currentScore = riskScore[2] if (currentScore > highestScore): highestScore = currentScore ellipseColour = threatColourCode(highestScore) self.theGraph.add_node(pydot.Node(objtName,shape='ellipse',margin=0,style='filled',color=ellipseColour,fontcolor=riskTextColourCode(highestScore),fontname=self.fontName,fontsize=self.fontSize,URL=objtUrl)) elif (dimName == 'persona'): objt = self.dbProxy.dimensionObject(objtName,'persona') if (objt.assumption() == True): objtLabel = "<<Assumption>>" + objtName self.theGraph.add_node(pydot.Node(objtName,label=objtLabel,shapefile=actorFile,fontname=self.fontName,fontsize=self.fontSize,URL=objtUrl,peripheries='0')) else: self.theGraph.add_node(pydot.Node(objtName,shapefile=actorFile,fontname=self.fontName,fontsize=self.fontSize,URL=objtUrl,peripheries='0')) elif (dimName == 'attacker'): self.theGraph.add_node(pydot.Node(objtName,shapefile=attackerFile,fontname=self.fontName,fontsize=self.fontSize,URL=objtUrl,peripheries='0')) elif (dimName == 'response'): self.theGraph.add_node(pydot.Node(objtName,shape='note',margin=0,fontname=self.fontName,fontsize=self.fontSize,URL=objtUrl)) elif (dimName == 'asset'): fontColour = 'black' nodeColour = 'black' if (self.theKaosModel == 'task'): fontColour = 'blue' nodeColour = 'blue' self.theGraph.add_node(pydot.Node(objtName,shape='record',margin=0,fontname=self.fontName,fontsize=self.fontSize,fontcolor=fontColour,color=nodeColour,URL=objtUrl)) else: raise UnknownNodeType(dimName)
def buildNode(self, dimName, objtName): objtUrl = dimName + "#" + objtName if dimName == "goal": self.theGraph.add_node( pydot.Node(objtName, shape="parallelogram", fontname=self.fontName, fontsize=self.fontSize, URL=objtUrl) ) # soft-goal attributes self.theGraph.add_node(pydot.Node(objtName,shape='polygon',style='rounded',sides='6',distortion='-0.537997',orientation='52',skew='-0.960726',fontname=self.fontName,fontsize=self.fontSize,URL=objtUrl)) elif dimName == "obstacle": obsId = self.dbProxy.getDimensionId(objtName, "obstacle") envId = self.dbProxy.getDimensionId(self.theEnvironmentName, "environment") self.theGraph.add_node( pydot.Node( objtName, shape="polygon", skew="-0.4", style="filled", pencolor="black", colorscheme="ylorrd9", fillcolor=obstacleColourCode(self.dbProxy.obstacleProbability(obsId, envId)), fontname=self.fontName, fontsize=self.fontSize, URL=objtUrl, ) ) elif dimName == "domainproperty": self.theGraph.add_node( pydot.Node(objtName, shape="house", fontname=self.fontName, fontsize=self.fontSize, URL=objtUrl) ) elif dimName == "requirement": self.theGraph.add_node( pydot.Node(objtName, shape="parallelogram", fontname=self.fontName, fontsize=self.fontSize, URL=objtUrl) ) elif dimName == "countermeasure": self.theGraph.add_node( pydot.Node(objtName, shape="hexagon", fontname=self.fontName, fontsize=self.fontSize, URL=objtUrl) ) elif (dimName == "role") and (self.theKaosModel != "task"): self.theGraph.add_node( pydot.Node(objtName, shape="hexagon", fontname=self.fontName, fontsize=self.fontSize, URL=objtUrl) ) elif (dimName == "role") and (self.theKaosModel == "task"): self.theGraph.add_node( pydot.Node(objtName, shape="ellipse", fontname=self.fontName, fontsize=self.fontSize, URL=objtUrl) ) elif dimName == "usecase": self.theGraph.add_node( pydot.Node(objtName, shape="ellipse", fontname=self.fontName, fontsize=self.fontSize, URL=objtUrl) ) elif dimName == "task": objt = self.dbProxy.dimensionObject(objtName, "task") if objt.assumption() == True: objtLabel = "<<Assumption>>" + objtName else: objtLabel = objtName taskScore = self.dbProxy.taskUsabilityScore(objtName, self.theEnvironmentName) self.theGraph.add_node( pydot.Node( objtName, label=objtLabel, shape="ellipse", style="filled", color=usabilityColourCode(taskScore), fontname=self.fontName, fontsize=self.fontSize, URL=objtUrl, ) ) elif dimName == "misusecase": ellipseColour = "black" if self.theKaosModel == "task": riskName = objtName[8:] riskObjt = self.dbProxy.dimensionObject(riskName, "risk") riskScores = self.dbProxy.riskScore( riskObjt.threat(), riskObjt.vulnerability(), self.theEnvironmentName, riskName ) highestScore = 0 for riskScore in riskScores: currentScore = riskScore[2] if currentScore > highestScore: highestScore = currentScore ellipseColour = threatColourCode(highestScore) self.theGraph.add_node( pydot.Node( objtName, shape="ellipse", style="filled", color=ellipseColour, fontcolor="white", fontname=self.fontName, fontsize=self.fontSize, URL=objtUrl, ) ) elif dimName == "persona": objt = self.dbProxy.dimensionObject(objtName, "persona") if objt.assumption() == True: objtLabel = "<<Assumption>>" + objtName self.theGraph.add_node( pydot.Node( objtName, label=objtLabel, shape="circle", fontname=self.fontName, fontsize=self.fontSize, URL=objtUrl, ) ) else: self.theGraph.add_node( pydot.Node(objtName, shape="circle", fontname=self.fontName, fontsize=self.fontSize, URL=objtUrl) ) elif dimName == "attacker": self.theGraph.add_node( pydot.Node( objtName, shape="circle", style="filled", color="black", fontname=self.fontName, fontsize=self.fontSize, URL=objtUrl, ) ) elif dimName == "response": self.theGraph.add_node( pydot.Node(objtName, shape="note", fontname=self.fontName, fontsize=self.fontSize, URL=objtUrl) ) elif dimName == "asset": fontColour = "black" nodeColour = "black" if self.theKaosModel == "task": fontColour = "blue" nodeColour = "blue" self.theGraph.add_node( pydot.Node( objtName, shape="record", fontname=self.fontName, fontsize=self.fontSize, fontcolor=fontColour, color=nodeColour, URL=objtUrl, ) ) else: raise UnknownNodeType(dimName)