mal-toolbox 0.1.11__tar.gz → 0.2.0__tar.gz

{mal_toolbox-0.1.11/mal_toolbox.egg-info → mal_toolbox-0.2.0}/PKG-INFO

@@ -1,6 +1,6 @@
-Metadata-Version: 2.1
+Metadata-Version: 2.2
 Name: mal-toolbox
-Version: 0.1.11
+Version: 0.2.0
 Summary: A collection of tools used to create MAL models and attack graphs.
 Author-email: Andrei Buhaiu <buhaiu@kth.se>, Giuseppe Nebbione <nebbione@kth.se>, Nikolaos Kakouros <nkak@kth.se>, Jakob Nyberg <jaknyb@kth.se>, Joakim Loxdal <loxdal@kth.se>
 License: Apache Software License

{mal_toolbox-0.1.11 → mal_toolbox-0.2.0/mal_toolbox.egg-info}/PKG-INFO

@@ -1,6 +1,6 @@
-Metadata-Version: 2.1
+Metadata-Version: 2.2
 Name: mal-toolbox
-Version: 0.1.11
+Version: 0.2.0
 Summary: A collection of tools used to create MAL models and attack graphs.
 Author-email: Andrei Buhaiu <buhaiu@kth.se>, Giuseppe Nebbione <nebbione@kth.se>, Nikolaos Kakouros <nkak@kth.se>, Jakob Nyberg <jaknyb@kth.se>, Joakim Loxdal <loxdal@kth.se>
 License: Apache Software License

{mal_toolbox-0.1.11 → mal_toolbox-0.2.0}/maltoolbox/__init__.py

@@ -1,5 +1,5 @@
 # -*- encoding: utf-8 -*-
-# MAL Toolbox v0.1.11
+# MAL Toolbox v0.2.0
 # Copyright 2024, Andrei Buhaiu.
 #
 # Licensed under the Apache License, Version 2.0 (the "License");
@@ -21,7 +21,7 @@ MAL-Toolbox Framework
 """
 
 __title__ = 'maltoolbox'
-__version__ = '0.1.11'
+__version__ = '0.2.0'
 __authors__ = ['Andrei Buhaiu',
     'Giuseppe Nebbione',
     'Nikolaos Kakouros',

{mal_toolbox-0.1.11 → mal_toolbox-0.2.0}/maltoolbox/attackgraph/analyzers/apriori.py

@@ -12,6 +12,7 @@ Currently these are:
 """
 
 from __future__ import annotations
+from typing import Optional
 import logging
 
 from ..attackgraph import AttackGraph
@@ -41,6 +42,7 @@ def propagate_viability_from_node(node: AttackGraphNode) -> None:
         if child.is_viable != original_value:
             propagate_viability_from_node(child)
 
+
 def propagate_necessity_from_node(node: AttackGraphNode) -> None:
     """
     Arguments:
@@ -53,11 +55,13 @@ def propagate_necessity_from_node(node: AttackGraphNode) -> None:
     )
 
     if node.ttc and 'name' in node.ttc:
-        if node.ttc['name'] not in ['Enabled', 'Disabled']:
+        if node.ttc['name'] not in ['Enabled', 'Disabled', 'Instant']:
             # Do not propagate unnecessary state from nodes that have a TTC
             # probability distribution associated with them.
             # TODO: Evaluate this more carefully, how do we want to have TTCs
             # impact necessity and viability.
+            # TODO: Have this condition be any probability that has a
+            # Bernoulli component
             return
 
     for child in node.children:
@@ -108,6 +112,7 @@ def evaluate_viability(node: AttackGraphNode) -> None:
             logger.error(msg, node.full_name, node.id, node.type)
             raise ValueError(msg % (node.full_name, node.id, node.type))
 
+
 def evaluate_necessity(node: AttackGraphNode) -> None:
     """
     Arguments:
@@ -141,6 +146,7 @@ def evaluate_necessity(node: AttackGraphNode) -> None:
             logger.error(msg, node.full_name, node.id, node.type)
             raise ValueError(msg % (node.full_name, node.id, node.type))
 
+
 def evaluate_viability_and_necessity(node: AttackGraphNode) -> None:
     """
     Arguments:
@@ -149,6 +155,7 @@ def evaluate_viability_and_necessity(node: AttackGraphNode) -> None:
     evaluate_viability(node)
     evaluate_necessity(node)
 
+
 def calculate_viability_and_necessity(graph: AttackGraph) -> None:
     """
     Arguments:
@@ -163,13 +170,66 @@ def calculate_viability_and_necessity(graph: AttackGraph) -> None:
             if not node.is_necessary:
                 propagate_necessity_from_node(node)
 
+
 def prune_unviable_and_unnecessary_nodes(graph: AttackGraph) -> None:
     """
     Arguments:
     graph       - the attack graph for which we wish to remove the
                   the nodes which are not viable or necessary.
     """
+    logger.debug('Prune unviable and unnecessary nodes from the attack graph.')
     for node in graph.nodes:
         if (node.type == 'or' or node.type == 'and') and \
             (not node.is_viable or not node.is_necessary):
             graph.remove_node(node)
+
+
+def propagate_viability_from_unviable_node(
+        unviable_node: AttackGraphNode,
+    ) -> list[AttackGraphNode]:
+    """
+    Update viability of nodes affected by newly enabled defense
+    `unviable_node` in the graph and return any attack steps
+    that are no longer viable because of it.
+
+    Propagate recursively via children as long as changes occur.
+
+    Arguments:
+    unviable_node               - the node to propagate viability from
+
+    Returns:
+    attack_steps_made_unviable  - list of the attack steps that have been
+                                  made unviable by a defense enabled in the
+                                  current step. Builds up recursively.
+    """
+
+    attack_steps_made_unviable = []
+
+    logger.debug(
+        'Update viability for node "%s"(%d)',
+        unviable_node.full_name,
+        unviable_node.id
+    )
+
+    assert not unviable_node.is_viable, (
+        "propagate_viability_from_unviable_node should not be called"
+       f" on viable node {unviable_node.full_name}"
+    )
+
+    if unviable_node.type in ('and', 'or'):
+        attack_steps_made_unviable.append(unviable_node)
+
+    for child in unviable_node.children:
+        original_value = child.is_viable
+        if child.type == 'or':
+            child.is_viable = False
+            for parent in child.parents:
+                child.is_viable = child.is_viable or parent.is_viable
+        if child.type == 'and':
+            child.is_viable = False
+
+        if child.is_viable != original_value:
+            attack_steps_made_unviable += \
+                propagate_viability_from_unviable_node(child)
+
+    return attack_steps_made_unviable