From 6280ac35a832a3f1a6b63eb25b665f3e65e29f38 Mon Sep 17 00:00:00 2001 From: martiivGylden <martin.iversen@gyldendal.no> Date: Thu, 7 Mar 2024 11:12:43 +0100 Subject: [PATCH] Created classes for BowTie components and added some documentation --- ERFormatConstants.py | 39 ++++++++ components.py | 91 +++++++++++++++++-- diagramParser.py | 4 +- .../SchemaCSVtoComponent.txt | 5 - .../requirements.txt | 0 5 files changed, 125 insertions(+), 14 deletions(-) create mode 100644 ERFormatConstants.py rename SchemaCSVtoComponent.txt => documentation/SchemaCSVtoComponent.txt (92%) rename requirements.txt => documentation/requirements.txt (100%) diff --git a/ERFormatConstants.py b/ERFormatConstants.py new file mode 100644 index 0000000..697f7b0 --- /dev/null +++ b/ERFormatConstants.py @@ -0,0 +1,39 @@ +#File contains constants from the CSV export format of the entity relationship tool + +#Generic fields for all entities +componentID = "Id" # LucidChart ID +Id = "Id" # The id of the entity +Description = "Description" # The description of the entity + + +textArea1 = "Text Area 1" +textArea2 = "Text Area 2" +textArea3 = "Text Area 3" +textArea4 = "Text Area 4" +textArea5 = "Text Area 5" +textArea6 = "Text Area 6" +textArea7 = "Text Area 7" +textArea8 = "Text Area 8" +textArea9 = "Text Area 9" +textArea10 = "Text Area 10" +textArea11 = "Text Area 11" +textArea12 = "Text Area 12" +textArea13 = "Text Area 13" +textArea14 = "Text Area 14" +textArea15 = "Text Area 15" +textArea16 = "Text Area 16" + +#Threats +Threat = "Threat" # The threat -> Text area 1 +ThreatSource = "Threat source" # The threat source -> Text area 4 +Likelihood = "Likelihood" # The likelihood of the threat -> Text area 6 +Vulnerability = "Vulnerability" # The vulnerability -> Text area 7 + +#Attack +Type = "Type" # The type of the consequence -> Text area 2 +Component = "Component" # The component related to the attack -> Text area 4 + +#Consequence +Consequence = "Consequence" # The consequence score of the area -> Text area 6 +AffectedComponents = "Affected components" # The affected components -> Text area 7 + diff --git a/components.py b/components.py index 2517571..8338d53 100644 --- a/components.py +++ b/components.py @@ -1,17 +1,92 @@ class Threat: - def __init__(self, id, description, threatSource, likelihood, vulnerability) -> None: - self.id = id - self.description = description - self.threatSource = threatSource - self.likelihood = likelihood - self.vulnerability = vulnerability + """_summary_ + The class threat is used to classify a threat in the ER model. + Fields are parsed from the exported CSV file + Threats have associated consequences, dynamic metrics and a related attack + """ + def __init__(self, id, componentID, threatSource, description, likelihood, vulnerability) -> None: + + self.id = id # The id field in the ER model + self.componentID = componentID # The component ID field provided by LucidChart + + self.description = description # The description of the component + + self.threatSource = threatSource # The threat source, source of the threat ... + self.likelihood = likelihood # The likelihood of the threat to occur + self.vulnerability = vulnerability # The vulnerability associated with the threat + + self.linkedDynamics = [] # List of linked dynamics components + self.linkedConsequences = [] # List of linked consequences def __str__(self) -> str: return f"Threat: {self.id}, {self.description}, {self.threatSource}, {self.likelihood}, {self.vulnerability}" #Function link dynamics will link a threat to a dynamics component when parsing the XML file - def linkDynamics(): + def linkDynamic(): + # Function should link the threat to a dynamics component + pass + + def linkConsequence(): + # Function should link the threat to a consequence + pass + +class Consequence: + """_summary_ + The class consequence should contain information about a consequence + Consequences are linked to threats and attacks and also contain their own dynamic metrics + """ + + def __init__(self, id, componentID, description, consequence, affectedComponents) -> None: + self.id = id # The id field in the ER model + self.componentID = componentID # The component ID field provided by LucidChart + + self.description = description # The description of the component + self.consequence = consequence # The consequence of the component + self.affectedComponents = affectedComponents # List of affected components + + def __str__(self) -> str: + return f"Consequence: {self.id}, {self.description}, {self.consequence}, {self.affectedComponents}" + + #Function link dynamics will link a threat to a dynamics component when parsing the XML file + def linkDynamic(): # Function should link the threat to a dynamics component pass + + def linkThreat(): + # Function should link the consequence to a threat + pass + +class Attack: + """_summary_ + The class attack should contain information about an attack at the center of the bow tie model + Attacks are linked to consequences and threats and contain their own dynamic metrics + """ + + def __init__(self, id, componentID, type, component, description) -> None: + self.id = id # The id field in the ER model + self.componentID = componentID # The component ID field provided by LucidChart + + self.type = type # The type of the attack + self.component = component # The component related to the attack (linked by ID) + self.description = description # The description of the component -class \ No newline at end of file + self.associatedThreats = [] # List of associated threats linked by componentID + self.associatedConsequences = [] # List of associated consequences linked by componentID + self.linkedDynamics = [] # List of linked dynamics components + + + def __str__(self) -> str: + return f"Attack: {self.id}, {self.description}, {self.attackType}" + + #Function link dynamics will link a threat to a dynamics component when parsing the XML file + def linkDynamic(): + # Function should link the threat to a dynamics component + pass + + def linkConsequence(): + # Function should link the consequence to a threat + pass + + def linkThreats(): + # Function should link the attack to a threat + pass \ No newline at end of file diff --git a/diagramParser.py b/diagramParser.py index 31c6b4b..3610a72 100644 --- a/diagramParser.py +++ b/diagramParser.py @@ -1,4 +1,5 @@ import pandas as pd +import ERFormatConstants as const # Function will parse a csv file and extract the necessary information, this is step 1 of the parse def parseDiagramFile(csvFile): @@ -22,7 +23,8 @@ def parseDiagramFile(csvFile): def parseThreats(df): for i in range(len(df)): - if df["Shape Type"][i] == "Threat": + if df[const.textArea1][i] == const.Threat: + threats.append(df["Name"][i]) print(threats) diff --git a/SchemaCSVtoComponent.txt b/documentation/SchemaCSVtoComponent.txt similarity index 92% rename from SchemaCSVtoComponent.txt rename to documentation/SchemaCSVtoComponent.txt index ec9f603..43c5286 100644 --- a/SchemaCSVtoComponent.txt +++ b/documentation/SchemaCSVtoComponent.txt @@ -81,8 +81,3 @@ Necessary info from each component: Text area 5 -> Metric description ... - - - ID -> Necesary for links and identification - Text area 1 -> Main description of the component Basically ID - Text area 2 -> Secondary description of the component diff --git a/requirements.txt b/documentation/requirements.txt similarity index 100% rename from requirements.txt rename to documentation/requirements.txt -- GitLab