mal-toolbox 1.0.3__tar.gz → 1.0.5__tar.gz

{mal_toolbox-1.0.3/mal_toolbox.egg-info → mal_toolbox-1.0.5}/PKG-INFO

@@ -1,8 +1,8 @@
 Metadata-Version: 2.4
 Name: mal-toolbox
-Version: 1.0.3
+Version: 1.0.5
 Summary: A collection of tools used to create MAL models and attack graphs.
-Author-email: Andrei Buhaiu <buhaiu@kth.se>, Joakim Loxdal <loxdal@kth.se>, Nikolaos Kakouros <nkak@kth.se>, Jakob Nyberg <jaknyb@kth.se>, Giuseppe Nebbione <nebbione@kth.se>
+Author-email: Andrei Buhaiu <buhaiu@kth.se>, Joakim Loxdal <loxdal@kth.se>, Nikolaos Kakouros <nkak@kth.se>, Jakob Nyberg <jaknyb@kth.se>, Giuseppe Nebbione <nebbione@kth.se>, Sandor Berglund <sandor@kth.se>
 License: Apache Software License
 Project-URL: Homepage, https://github.com/mal-lang/mal-toolbox
 Project-URL: Bug Tracker, https://github.com/mal-lang/mal-toolbox/issues
@@ -23,6 +23,8 @@ Requires-Dist: antlr4-tools
 Requires-Dist: antlr4-python3-runtime
 Requires-Dist: docopt
 Requires-Dist: PyYAML
+Provides-Extra: dev
+Requires-Dist: pytest; extra == "dev"
 Dynamic: license-file
 
 # MAL Toolbox overview
@@ -30,7 +32,7 @@ Dynamic: license-file
 MAL Toolbox is a collection of python modules to help developers create and work with
 MAL ([Meta Attack Language](https://mal-lang.org/)) models and attack graphs.
 
-Attack graphs can be used to run simulations (see MAL Simulator) or analysis.
+Attack graphs can be used to run simulations in [MAL Simulator](https://github.com/mal-lang/mal-simulator) or run your own custom analysis on.
 
 [Documentation](https://mal-lang.org/mal-toolbox/index.html)(Work in progress)
 
@@ -124,19 +126,23 @@ You can use the maltoolbox cli to:
 Command-line interface for MAL toolbox operations
 
 Usage:
-    maltoolbox attack-graph generate [options] <model_file> <lang_file>
     maltoolbox compile <lang_file> <output_file>
+    maltoolbox generate-attack-graph [--graphviz] <model_file> <lang_file>
     maltoolbox upgrade-model <model_file> <lang_file> <output_file>
+    maltoolbox visualize-model <model_file> <lang_file>
 
 Arguments:
     <model_file>    Path to JSON instance model file.
     <lang_file>     Path to .mar or .mal file containing MAL spec.
     <output_file>   Path to write the result of the compilation (yml/json).
 
+Options:
+  -h --help         Show this screen.
+  -g --graphviz     Visualize with graphviz
+
 Notes:
     - <lang_file> can be either a .mar file (generated by the older MAL
-      compiler) or a .mal file containing the DSL written in MAL.
-```
+      compiler) or a .mal file containing the DSL written in MAL.```
 
 ## Code examples / Tutorial
 

{mal_toolbox-1.0.3 → mal_toolbox-1.0.5}/README.md

@@ -3,7 +3,7 @@
 MAL Toolbox is a collection of python modules to help developers create and work with
 MAL ([Meta Attack Language](https://mal-lang.org/)) models and attack graphs.
 
-Attack graphs can be used to run simulations (see MAL Simulator) or analysis.
+Attack graphs can be used to run simulations in [MAL Simulator](https://github.com/mal-lang/mal-simulator) or run your own custom analysis on.
 
 [Documentation](https://mal-lang.org/mal-toolbox/index.html)(Work in progress)
 
@@ -97,19 +97,23 @@ You can use the maltoolbox cli to:
 Command-line interface for MAL toolbox operations
 
 Usage:
-    maltoolbox attack-graph generate [options] <model_file> <lang_file>
     maltoolbox compile <lang_file> <output_file>
+    maltoolbox generate-attack-graph [--graphviz] <model_file> <lang_file>
     maltoolbox upgrade-model <model_file> <lang_file> <output_file>
+    maltoolbox visualize-model <model_file> <lang_file>
 
 Arguments:
     <model_file>    Path to JSON instance model file.
     <lang_file>     Path to .mar or .mal file containing MAL spec.
     <output_file>   Path to write the result of the compilation (yml/json).
 
+Options:
+  -h --help         Show this screen.
+  -g --graphviz     Visualize with graphviz
+
 Notes:
     - <lang_file> can be either a .mar file (generated by the older MAL
-      compiler) or a .mal file containing the DSL written in MAL.
-```
+      compiler) or a .mal file containing the DSL written in MAL.```
 
 ## Code examples / Tutorial
 

{mal_toolbox-1.0.3 → mal_toolbox-1.0.5/mal_toolbox.egg-info}/PKG-INFO

@@ -1,8 +1,8 @@
 Metadata-Version: 2.4
 Name: mal-toolbox
-Version: 1.0.3
+Version: 1.0.5
 Summary: A collection of tools used to create MAL models and attack graphs.
-Author-email: Andrei Buhaiu <buhaiu@kth.se>, Joakim Loxdal <loxdal@kth.se>, Nikolaos Kakouros <nkak@kth.se>, Jakob Nyberg <jaknyb@kth.se>, Giuseppe Nebbione <nebbione@kth.se>
+Author-email: Andrei Buhaiu <buhaiu@kth.se>, Joakim Loxdal <loxdal@kth.se>, Nikolaos Kakouros <nkak@kth.se>, Jakob Nyberg <jaknyb@kth.se>, Giuseppe Nebbione <nebbione@kth.se>, Sandor Berglund <sandor@kth.se>
 License: Apache Software License
 Project-URL: Homepage, https://github.com/mal-lang/mal-toolbox
 Project-URL: Bug Tracker, https://github.com/mal-lang/mal-toolbox/issues
@@ -23,6 +23,8 @@ Requires-Dist: antlr4-tools
 Requires-Dist: antlr4-python3-runtime
 Requires-Dist: docopt
 Requires-Dist: PyYAML
+Provides-Extra: dev
+Requires-Dist: pytest; extra == "dev"
 Dynamic: license-file
 
 # MAL Toolbox overview
@@ -30,7 +32,7 @@ Dynamic: license-file
 MAL Toolbox is a collection of python modules to help developers create and work with
 MAL ([Meta Attack Language](https://mal-lang.org/)) models and attack graphs.
 
-Attack graphs can be used to run simulations (see MAL Simulator) or analysis.
+Attack graphs can be used to run simulations in [MAL Simulator](https://github.com/mal-lang/mal-simulator) or run your own custom analysis on.
 
 [Documentation](https://mal-lang.org/mal-toolbox/index.html)(Work in progress)
 
@@ -124,19 +126,23 @@ You can use the maltoolbox cli to:
 Command-line interface for MAL toolbox operations
 
 Usage:
-    maltoolbox attack-graph generate [options] <model_file> <lang_file>
     maltoolbox compile <lang_file> <output_file>
+    maltoolbox generate-attack-graph [--graphviz] <model_file> <lang_file>
     maltoolbox upgrade-model <model_file> <lang_file> <output_file>
+    maltoolbox visualize-model <model_file> <lang_file>
 
 Arguments:
     <model_file>    Path to JSON instance model file.
     <lang_file>     Path to .mar or .mal file containing MAL spec.
     <output_file>   Path to write the result of the compilation (yml/json).
 
+Options:
+  -h --help         Show this screen.
+  -g --graphviz     Visualize with graphviz
+
 Notes:
     - <lang_file> can be either a .mar file (generated by the older MAL
-      compiler) or a .mal file containing the DSL written in MAL.
-```
+      compiler) or a .mal file containing the DSL written in MAL.```
 
 ## Code examples / Tutorial
 

{mal_toolbox-1.0.3 → mal_toolbox-1.0.5}/mal_toolbox.egg-info/requires.txt

@@ -3,3 +3,6 @@ antlr4-tools
 antlr4-python3-runtime
 docopt
 PyYAML
+
+[dev]
+pytest

{mal_toolbox-1.0.3 → mal_toolbox-1.0.5}/maltoolbox/__init__.py

@@ -1,5 +1,5 @@
 # -*- encoding: utf-8 -*-
-# MAL Toolbox v1.0.3
+# MAL Toolbox v1.0.5
 # Copyright 2025, Andrei Buhaiu.
 #
 # Licensed under the Apache License, Version 2.0 (the "License");
@@ -21,7 +21,7 @@ MAL-Toolbox Framework
 """
 
 __title__ = "maltoolbox"
-__version__ = "1.0.3"
+__version__ = "1.0.5"
 __authors__ = [
     "Andrei Buhaiu",
     "Giuseppe Nebbione",

{mal_toolbox-1.0.3 → mal_toolbox-1.0.5}/maltoolbox/attackgraph/attackgraph.py

@@ -192,7 +192,10 @@ class AttackGraph():
                 node_id = node_dict['id'],
                 model_asset = node_asset,
                 ttc_dist = node_dict['ttc'],
-                existence_status = node_dict.get('existence_status', None)
+                existence_status = (
+                    bool(node_dict['existence_status'])
+                    if 'existence_status' in node_dict else None
+                )
             )
             ag_node.tags = list(node_dict.get('tags', []))
             ag_node.extras = node_dict.get('extras', {})

{mal_toolbox-1.0.3 → mal_toolbox-1.0.5}/maltoolbox/attackgraph/node.py

@@ -56,7 +56,7 @@ class AttackGraphNode:
         if self.model_asset is not None:
             node_dict['asset'] = str(self.model_asset.name)
         if self.existence_status is not None:
-            node_dict['existence_status'] = str(self.existence_status)
+            node_dict['existence_status'] = self.existence_status
         if self.tags:
             node_dict['tags'] = list(self.tags)
         if self.extras:

{mal_toolbox-1.0.3 → mal_toolbox-1.0.5}/maltoolbox/language/languagegraph.py

@@ -10,7 +10,7 @@ import zipfile
 
 from dataclasses import dataclass, field
 from functools import cached_property
-from typing import Any, Optional
+from typing import Any, Literal, Optional
 
 from maltoolbox.file_utils import (
     load_dict_from_yaml_file, load_dict_from_json_file,
@@ -26,131 +26,6 @@ from ..exceptions import (
 
 logger = logging.getLogger(__name__)
 
-predef_ttcs: dict[str, dict] = {
-    'EasyAndUncertain':
-    {
-        'arguments': [0.5],
-        'name': 'Bernoulli',
-        'type': 'function'
-    },
-    'HardAndUncertain':
-    {
-        'lhs':
-        {
-            'arguments': [0.1],
-            'name': 'Exponential',
-            'type': 'function'
-        },
-        'rhs':
-        {
-            'arguments': [0.5],
-            'name': 'Bernoulli',
-            'type': 'function'
-        },
-        'type': 'multiplication'
-    },
-    'VeryHardAndUncertain':
-    {
-        'lhs':
-        {
-            'arguments': [0.01],
-            'name': 'Exponential',
-            'type': 'function'
-        },
-        'rhs':
-        {
-            'arguments': [0.5],
-            'name': 'Bernoulli',
-            'type': 'function'
-        },
-        'type': 'multiplication'
-    },
-    'EasyAndCertain':
-    {
-        'arguments': [1.0],
-        'name': 'Exponential',
-        'type': 'function'
-    },
-    'HardAndCertain':
-    {
-        'arguments': [0.1],
-        'name': 'Exponential',
-        'type': 'function'
-    },
-    'VeryHardAndCertain':
-    {
-        'arguments': [0.01],
-        'name': 'Exponential',
-        'type': 'function'
-    },
-    'Enabled':
-    {
-        'arguments': [1.0],
-        'name': 'Bernoulli',
-        'type': 'function'
-    },
-    'Instant':
-    {
-        'arguments': [1.0],
-        'name': 'Bernoulli',
-        'type': 'function'
-    },
-    'Disabled':
-    {
-        'arguments': [0.0],
-        'name': 'Bernoulli',
-        'type': 'function'
-    },
-}
-
-def get_ttc_distribution(
-        step_dict: dict,
-        defense_default_ttc = None,
-        attack_default_ttc = None
-    ) -> Optional[dict]:
-    """Convert step TTC to a TTC distribution if needed
-
-    - If no TTC is set, set return default TTC.
-    - If the TTC provided is a predefined name replace it with the
-    probability distribution it corresponds to.
-    - Otherwise return the TTC distribution as is.
-
-    Arguments:
-    step_dict   - A dict with the attack step data
-    defense_default_ttc - the value to give a defense ttc if none is set
-    attack_default_ttc - the value to give an attack ttc if none is set
-
-    Returns:
-    A dict with the steps TTC distribution, or None if the step is not
-    a defense or attack step
-    """
-
-    if defense_default_ttc is None:
-        defense_default_ttc = predef_ttcs['Disabled'].copy()
-    if attack_default_ttc is None:
-        attack_default_ttc = predef_ttcs['Instant'].copy()
-
-    step_ttc = step_dict['ttc']
-
-    if step_dict['type'] == 'defense':
-        if step_ttc is None:
-            # No step ttc set in language for defense
-            step_ttc = defense_default_ttc
-    elif step_dict['type'] in ('or', 'and'):
-        if step_ttc is None:
-            # No step ttc set in language for attack
-            step_ttc = attack_default_ttc
-    else:
-        # No TTC for other step types
-        return None
-
-    if 'name' in step_ttc and step_ttc['name'] in predef_ttcs:
-        # Predefined step ttc set in language, fetch from dict
-        step_ttc = predef_ttcs[step_ttc['name']].copy()
-
-    return step_ttc
-
-
 
 def disaggregate_attack_step_full_name(
         attack_step_full_name: str) -> list[str]:
@@ -347,7 +222,7 @@ class LanguageGraphAsset:
         return self_superassets.intersection(other_superassets)
 
 
-@dataclass
+@dataclass(frozen=True)
 class LanguageGraphAssociationField:
     """A field in an association"""
     asset: LanguageGraphAsset
@@ -356,7 +231,7 @@ class LanguageGraphAssociationField:
     maximum: int
 
 
-@dataclass
+@dataclass(frozen=True, eq=True)
 class LanguageGraphAssociation:
     """
     An association type between asset types as defined in the MAL language
@@ -364,7 +239,7 @@ class LanguageGraphAssociation:
     name: str
     left_field: LanguageGraphAssociationField
     right_field: LanguageGraphAssociationField
-    info: dict = field(default_factory = dict)
+    info: dict = field(default_factory = dict, compare=False)
 
     def to_dict(self) -> dict:
         """Convert LanguageGraphAssociation to dictionary"""
@@ -481,7 +356,7 @@ class LanguageGraphAttackStep:
     An attack step belonging to an asset type in the MAL language
     """
     name: str
-    type: str
+    type: Literal["or", "and", "defense", "exist", "notExist"]
     asset: LanguageGraphAsset
     ttc: Optional[dict] = field(default_factory = dict)
     overrides: bool = False
@@ -864,6 +739,13 @@ class LanguageGraph():
 
         return serialized_graph
 
+    @property
+    def associations(self) -> set[LanguageGraphAssociation]:
+        """
+        Return all associations in the language graph.
+        """
+        return {assoc for asset in self.assets.values() for assoc in asset.associations.values()}
+
     @staticmethod
     def _link_association_to_assets(
         assoc: LanguageGraphAssociation,
@@ -998,7 +880,7 @@ class LanguageGraph():
                     name = attack_step_dict['name'],
                     type = attack_step_dict['type'],
                     asset = asset,
-                    ttc = get_ttc_distribution(attack_step_dict),
+                    ttc = attack_step_dict['ttc'],
                     overrides = attack_step_dict['overrides'],
                     own_children = {},
                     own_parents = {},
@@ -1716,7 +1598,7 @@ class LanguageGraph():
                     name = attack_step_attribs['name'],
                     type = attack_step_attribs['type'],
                     asset = asset,
-                    ttc = get_ttc_distribution(attack_step_attribs),
+                    ttc = attack_step_attribs['ttc'],
                     overrides = (
                         attack_step_attribs['reaches']['overrides']
                         if attack_step_attribs['reaches'] else False

{mal_toolbox-1.0.3 → mal_toolbox-1.0.5}/maltoolbox/model.py

@@ -3,7 +3,6 @@ MAL-Toolbox Model Module
 """
 
 from __future__ import annotations
-from dataclasses import dataclass, field
 import json
 import logging
 from typing import TYPE_CHECKING
@@ -23,6 +22,7 @@ if TYPE_CHECKING:
     from .language import (
         LanguageGraph,
         LanguageGraphAsset,
+        LanguageGraphAssociation
     )
 
 logger = logging.getLogger(__name__)
@@ -361,6 +361,34 @@ class ModelAsset:
         return (f'ModelAsset(name: "{self.name}", id: {self.id}, '
             f'type: {self.type})')
 
+    def associations_with(
+        self, b: ModelAsset
+    ) -> set[LanguageGraphAssociation]:
+        """Returns all associations from self to `b`"""
+        assocs_in_common = set()
+        for assoc in self.lg_asset.associations.values():
+            assets_to_left = self.associated_assets.get(
+                assoc.left_field.fieldname, set()
+            )
+            assets_to_right = self.associated_assets.get(
+                assoc.right_field.fieldname, set()
+            )
+            if b in assets_to_left or b in assets_to_right:
+                assocs_in_common.add(assoc)
+
+        return assocs_in_common
+
+    def has_association_with(self, b: ModelAsset, assoc_name: str) -> bool:
+        """
+        Returns True if association `assoc_name` exists between self and `b`
+        """
+
+        for fieldname, associated_assets in self.associated_assets.items():
+            assoc = self.lg_asset.associations[fieldname]
+            if assoc.name == assoc_name and b in associated_assets:
+                return True
+
+        return False
 
     def validate_associated_assets(
             self, fieldname: str, assets_to_add: set[ModelAsset]

{mal_toolbox-1.0.3 → mal_toolbox-1.0.5}/pyproject.toml

@@ -1,12 +1,13 @@
 [project]
 name = "mal-toolbox"
-version = "1.0.3"
+version = "1.0.5"
 authors = [
   { name="Andrei Buhaiu", email="buhaiu@kth.se" },
   { name="Joakim Loxdal", email="loxdal@kth.se" },
   { name="Nikolaos Kakouros", email="nkak@kth.se" },
   { name="Jakob Nyberg", email="jaknyb@kth.se" },
-  { name="Giuseppe Nebbione", email="nebbione@kth.se" }
+  { name="Giuseppe Nebbione", email="nebbione@kth.se" },
+  { name="Sandor Berglund", email="sandor@kth.se" }
 ]
 description = "A collection of tools used to create MAL models and attack graphs."
 readme = "README.md"
@@ -34,6 +35,11 @@ classifiers = [
 "Bug Tracker" = "https://github.com/mal-lang/mal-toolbox/issues"
 "Repository" = "https://github.com/mal-lang/mal-toolbox"
 
+[project.optional-dependencies]
+dev = [
+    "pytest",
+]
+
 [project.scripts]
 "maltoolbox" = "maltoolbox.__main__:main"
 

{mal_toolbox-1.0.3 → mal_toolbox-1.0.5}/tests/test_model.py

@@ -125,6 +125,12 @@ def test_model_add_associated_asset(model: Model):
     assert 'hostApp' in asset2.associated_assets
     assert asset1 in asset2.associated_assets['hostApp']
 
+    associations_in_common = asset1.associations_with(asset2)
+    assert associations_in_common
+
+    for assoc in associations_in_common:
+        assert asset1.has_association_with(asset2, assoc.name)
+
 
 def test_model_add_appexecution_association_two_assets(model: Model):
     """coreLang specifies that AppExecution only can have one 'left' asset"""