PyPI - mal-toolbox - Versions diffs - 1.0.4__tar.gz → 1.0.6__tar.gz - Mend

mal-toolbox 1.0.4tar.gz → 1.0.6tar.gz

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (37) hide show

{mal_toolbox-1.0.4/mal_toolbox.egg-info → mal_toolbox-1.0.6}/PKG-INFO RENAMED Viewed

@@ -1,8 +1,8 @@
 Metadata-Version: 2.4
 Name: mal-toolbox
-Version: 1.0.4
+Version: 1.0.6
 Summary: A collection of tools used to create MAL models and attack graphs.
-Author-email: Andrei Buhaiu <buhaiu@kth.se>, Joakim Loxdal <loxdal@kth.se>, Nikolaos Kakouros <nkak@kth.se>, Jakob Nyberg <jaknyb@kth.se>, Giuseppe Nebbione <nebbione@kth.se>
+Author-email: Andrei Buhaiu <buhaiu@kth.se>, Joakim Loxdal <loxdal@kth.se>, Nikolaos Kakouros <nkak@kth.se>, Jakob Nyberg <jaknyb@kth.se>, Giuseppe Nebbione <nebbione@kth.se>, Sandor Berglund <sandor@kth.se>
 License: Apache Software License
 Project-URL: Homepage, https://github.com/mal-lang/mal-toolbox
 Project-URL: Bug Tracker, https://github.com/mal-lang/mal-toolbox/issues
@@ -23,6 +23,8 @@ Requires-Dist: antlr4-tools
 Requires-Dist: antlr4-python3-runtime
 Requires-Dist: docopt
 Requires-Dist: PyYAML
+Provides-Extra: dev
+Requires-Dist: pytest; extra == "dev"
 Dynamic: license-file
 # MAL Toolbox overview
@@ -30,23 +32,15 @@ Dynamic: license-file
 MAL Toolbox is a collection of python modules to help developers create and work with
 MAL ([Meta Attack Language](https://mal-lang.org/)) models and attack graphs.
-Attack graphs can be used to run simulations (see MAL Simulator) or analysis.
+Attack graphs can be used to run simulations in [MAL Simulator](https://github.com/mal-lang/mal-simulator) or run your own custom analysis on.
-[Documentation](https://mal-lang.org/mal-toolbox/index.html)(Work in progress)
+- [MAL Toolbox Documentation](https://mal-lang.org/mal-toolbox/index.html)
+- [MAL Toolbox tutorial](https://github.com/mal-lang/mal-toolbox-tutorial)
 ## The Language Module
 The language module provides various tools to process MAL languages.
-### The Language Specification Submodule
-The language specification submodule provides functions to load the
-specification from a .mar archive(`load_language_specification_from_mar`) or a
-JSON file(`load_language_specification_from_json`). This specification will
-then be used to generate python classes representing the assets and
-associations of the language and to determine the attack steps for each asset
-when generating the attack graph.
 ## The Model Module
 With a MAL language a Model (a MAL instance model) can be created either
@@ -70,12 +64,6 @@ nodes related and the asset field which will contain the object in the model
 instance to which this attack step belongs to, if this information is
 available.
-## Ingestors Module
-The ingestors module contains various tools that can make use of the instance
-model or attack graph. Currently the Neo4J ingestor is the only one available
-and it can be used to visualise the instance model and the attack graph.
 # Usage
@@ -98,6 +86,11 @@ logging:
   model_file: "logs/model.yml"
   langspec_file: "logs/langspec_file.yml"
   langgraph_file: "logs/langspec_file.yml"
+neo4j:
+  uri: None
+  username: None
+  password: None
+  dbname: None
 ```
 Alternatively, you can use the `MALTOOLBOX_CONFIG`
@@ -124,25 +117,66 @@ You can use the maltoolbox cli to:
 Command-line interface for MAL toolbox operations
 Usage:
-    maltoolbox attack-graph generate [options] <model_file> <lang_file>
     maltoolbox compile <lang_file> <output_file>
+    maltoolbox generate-attack-graph [--graphviz] <model_file> <lang_file>
     maltoolbox upgrade-model <model_file> <lang_file> <output_file>
+    maltoolbox visualize-model <model_file> <lang_file>
 Arguments:
     <model_file>    Path to JSON instance model file.
     <lang_file>     Path to .mar or .mal file containing MAL spec.
     <output_file>   Path to write the result of the compilation (yml/json).
+Options:
+  -h --help         Show this screen.
+  -g --graphviz     Visualize with graphviz
 Notes:
     - <lang_file> can be either a .mar file (generated by the older MAL
-      compiler) or a .mal file containing the DSL written in MAL.
+      compiler) or a .mal file containing the DSL written in MAL.```
 ```
 ## Code examples / Tutorial
-To find code examples and tutorials, visit the
+To find more code examples and tutorials, visit the
 [MAL Toolbox Tutorial](https://github.com/mal-lang/mal-toolbox-tutorial/tree/main) repository.
+### Load a language
+```python
+from maltoolbox.language import LanguageGraph
+# Will load the MAL language (.mal/.mar) or a saved language graph (yml/json)
+lang_graph = LanguageGraph.load_from_file(lang_file_path)
+```
+### Generate a model
+```python
+from maltoolbox.model import Model
+# Create an empty model
+instance_model = Model("Example Model", lang_graph)
+# Create and add assets of type supported by the MAL language
+asset1 = instance_model.add_asset('Application', 'Application1')
+asset2 = instance_model.add_asset('Application', 'Application2')
+# Create association between the assets
+asset1.add_associated_assets('appExecutedApps', asset2)
+```
+## Generate an attack graph
+```python
+from maltoolbox.attackgraph import AttackGraph
+attack_graph = AttackGraph(lang_graph, model)
+```
 # Tests
 There are unit tests inside of ./tests.
 Before running the tests, make sure to install the requirements in ./tests/requirements.txt with `python -m pip install -r ./tests/requirements.txt`.

{mal_toolbox-1.0.4 → mal_toolbox-1.0.6}/README.md RENAMED Viewed

@@ -3,23 +3,15 @@
 MAL Toolbox is a collection of python modules to help developers create and work with
 MAL ([Meta Attack Language](https://mal-lang.org/)) models and attack graphs.
-Attack graphs can be used to run simulations (see MAL Simulator) or analysis.
+Attack graphs can be used to run simulations in [MAL Simulator](https://github.com/mal-lang/mal-simulator) or run your own custom analysis on.
-[Documentation](https://mal-lang.org/mal-toolbox/index.html)(Work in progress)
+- [MAL Toolbox Documentation](https://mal-lang.org/mal-toolbox/index.html)
+- [MAL Toolbox tutorial](https://github.com/mal-lang/mal-toolbox-tutorial)
 ## The Language Module
 The language module provides various tools to process MAL languages.
-### The Language Specification Submodule
-The language specification submodule provides functions to load the
-specification from a .mar archive(`load_language_specification_from_mar`) or a
-JSON file(`load_language_specification_from_json`). This specification will
-then be used to generate python classes representing the assets and
-associations of the language and to determine the attack steps for each asset
-when generating the attack graph.
 ## The Model Module
 With a MAL language a Model (a MAL instance model) can be created either
@@ -43,12 +35,6 @@ nodes related and the asset field which will contain the object in the model
 instance to which this attack step belongs to, if this information is
 available.
-## Ingestors Module
-The ingestors module contains various tools that can make use of the instance
-model or attack graph. Currently the Neo4J ingestor is the only one available
-and it can be used to visualise the instance model and the attack graph.
 # Usage
@@ -71,6 +57,11 @@ logging:
   model_file: "logs/model.yml"
   langspec_file: "logs/langspec_file.yml"
   langgraph_file: "logs/langspec_file.yml"
+neo4j:
+  uri: None
+  username: None
+  password: None
+  dbname: None
 ```
 Alternatively, you can use the `MALTOOLBOX_CONFIG`
@@ -97,25 +88,66 @@ You can use the maltoolbox cli to:
 Command-line interface for MAL toolbox operations
 Usage:
-    maltoolbox attack-graph generate [options] <model_file> <lang_file>
     maltoolbox compile <lang_file> <output_file>
+    maltoolbox generate-attack-graph [--graphviz] <model_file> <lang_file>
     maltoolbox upgrade-model <model_file> <lang_file> <output_file>
+    maltoolbox visualize-model <model_file> <lang_file>
 Arguments:
     <model_file>    Path to JSON instance model file.
     <lang_file>     Path to .mar or .mal file containing MAL spec.
     <output_file>   Path to write the result of the compilation (yml/json).
+Options:
+  -h --help         Show this screen.
+  -g --graphviz     Visualize with graphviz
 Notes:
     - <lang_file> can be either a .mar file (generated by the older MAL
-      compiler) or a .mal file containing the DSL written in MAL.
+      compiler) or a .mal file containing the DSL written in MAL.```
 ```
 ## Code examples / Tutorial
-To find code examples and tutorials, visit the
+To find more code examples and tutorials, visit the
 [MAL Toolbox Tutorial](https://github.com/mal-lang/mal-toolbox-tutorial/tree/main) repository.
+### Load a language
+```python
+from maltoolbox.language import LanguageGraph
+# Will load the MAL language (.mal/.mar) or a saved language graph (yml/json)
+lang_graph = LanguageGraph.load_from_file(lang_file_path)
+```
+### Generate a model
+```python
+from maltoolbox.model import Model
+# Create an empty model
+instance_model = Model("Example Model", lang_graph)
+# Create and add assets of type supported by the MAL language
+asset1 = instance_model.add_asset('Application', 'Application1')
+asset2 = instance_model.add_asset('Application', 'Application2')
+# Create association between the assets
+asset1.add_associated_assets('appExecutedApps', asset2)
+```
+## Generate an attack graph
+```python
+from maltoolbox.attackgraph import AttackGraph
+attack_graph = AttackGraph(lang_graph, model)
+```
 # Tests
 There are unit tests inside of ./tests.
 Before running the tests, make sure to install the requirements in ./tests/requirements.txt with `python -m pip install -r ./tests/requirements.txt`.

{mal_toolbox-1.0.4 → mal_toolbox-1.0.6/mal_toolbox.egg-info}/PKG-INFO RENAMED Viewed

@@ -1,8 +1,8 @@
 Metadata-Version: 2.4
 Name: mal-toolbox
-Version: 1.0.4
+Version: 1.0.6
 Summary: A collection of tools used to create MAL models and attack graphs.
-Author-email: Andrei Buhaiu <buhaiu@kth.se>, Joakim Loxdal <loxdal@kth.se>, Nikolaos Kakouros <nkak@kth.se>, Jakob Nyberg <jaknyb@kth.se>, Giuseppe Nebbione <nebbione@kth.se>
+Author-email: Andrei Buhaiu <buhaiu@kth.se>, Joakim Loxdal <loxdal@kth.se>, Nikolaos Kakouros <nkak@kth.se>, Jakob Nyberg <jaknyb@kth.se>, Giuseppe Nebbione <nebbione@kth.se>, Sandor Berglund <sandor@kth.se>
 License: Apache Software License
 Project-URL: Homepage, https://github.com/mal-lang/mal-toolbox
 Project-URL: Bug Tracker, https://github.com/mal-lang/mal-toolbox/issues
@@ -23,6 +23,8 @@ Requires-Dist: antlr4-tools
 Requires-Dist: antlr4-python3-runtime
 Requires-Dist: docopt
 Requires-Dist: PyYAML
+Provides-Extra: dev
+Requires-Dist: pytest; extra == "dev"
 Dynamic: license-file
 # MAL Toolbox overview
@@ -30,23 +32,15 @@ Dynamic: license-file
 MAL Toolbox is a collection of python modules to help developers create and work with
 MAL ([Meta Attack Language](https://mal-lang.org/)) models and attack graphs.
-Attack graphs can be used to run simulations (see MAL Simulator) or analysis.
+Attack graphs can be used to run simulations in [MAL Simulator](https://github.com/mal-lang/mal-simulator) or run your own custom analysis on.
-[Documentation](https://mal-lang.org/mal-toolbox/index.html)(Work in progress)
+- [MAL Toolbox Documentation](https://mal-lang.org/mal-toolbox/index.html)
+- [MAL Toolbox tutorial](https://github.com/mal-lang/mal-toolbox-tutorial)
 ## The Language Module
 The language module provides various tools to process MAL languages.
-### The Language Specification Submodule
-The language specification submodule provides functions to load the
-specification from a .mar archive(`load_language_specification_from_mar`) or a
-JSON file(`load_language_specification_from_json`). This specification will
-then be used to generate python classes representing the assets and
-associations of the language and to determine the attack steps for each asset
-when generating the attack graph.
 ## The Model Module
 With a MAL language a Model (a MAL instance model) can be created either
@@ -70,12 +64,6 @@ nodes related and the asset field which will contain the object in the model
 instance to which this attack step belongs to, if this information is
 available.
-## Ingestors Module
-The ingestors module contains various tools that can make use of the instance
-model or attack graph. Currently the Neo4J ingestor is the only one available
-and it can be used to visualise the instance model and the attack graph.
 # Usage
@@ -98,6 +86,11 @@ logging:
   model_file: "logs/model.yml"
   langspec_file: "logs/langspec_file.yml"
   langgraph_file: "logs/langspec_file.yml"
+neo4j:
+  uri: None
+  username: None
+  password: None
+  dbname: None
 ```
 Alternatively, you can use the `MALTOOLBOX_CONFIG`
@@ -124,25 +117,66 @@ You can use the maltoolbox cli to:
 Command-line interface for MAL toolbox operations
 Usage:
-    maltoolbox attack-graph generate [options] <model_file> <lang_file>
     maltoolbox compile <lang_file> <output_file>
+    maltoolbox generate-attack-graph [--graphviz] <model_file> <lang_file>
     maltoolbox upgrade-model <model_file> <lang_file> <output_file>
+    maltoolbox visualize-model <model_file> <lang_file>
 Arguments:
     <model_file>    Path to JSON instance model file.
     <lang_file>     Path to .mar or .mal file containing MAL spec.
     <output_file>   Path to write the result of the compilation (yml/json).
+Options:
+  -h --help         Show this screen.
+  -g --graphviz     Visualize with graphviz
 Notes:
     - <lang_file> can be either a .mar file (generated by the older MAL
-      compiler) or a .mal file containing the DSL written in MAL.
+      compiler) or a .mal file containing the DSL written in MAL.```
 ```
 ## Code examples / Tutorial
-To find code examples and tutorials, visit the
+To find more code examples and tutorials, visit the
 [MAL Toolbox Tutorial](https://github.com/mal-lang/mal-toolbox-tutorial/tree/main) repository.
+### Load a language
+```python
+from maltoolbox.language import LanguageGraph
+# Will load the MAL language (.mal/.mar) or a saved language graph (yml/json)
+lang_graph = LanguageGraph.load_from_file(lang_file_path)
+```
+### Generate a model
+```python
+from maltoolbox.model import Model
+# Create an empty model
+instance_model = Model("Example Model", lang_graph)
+# Create and add assets of type supported by the MAL language
+asset1 = instance_model.add_asset('Application', 'Application1')
+asset2 = instance_model.add_asset('Application', 'Application2')
+# Create association between the assets
+asset1.add_associated_assets('appExecutedApps', asset2)
+```
+## Generate an attack graph
+```python
+from maltoolbox.attackgraph import AttackGraph
+attack_graph = AttackGraph(lang_graph, model)
+```
 # Tests
 There are unit tests inside of ./tests.
 Before running the tests, make sure to install the requirements in ./tests/requirements.txt with `python -m pip install -r ./tests/requirements.txt`.

{mal_toolbox-1.0.4 → mal_toolbox-1.0.6}/mal_toolbox.egg-info/SOURCES.txt RENAMED Viewed

@@ -30,4 +30,5 @@ maltoolbox/translators/securicad.py
 maltoolbox/translators/updater.py
 maltoolbox/visualization/__init__.py
 maltoolbox/visualization/graphviz_utils.py
+maltoolbox/visualization/neo4j_utils.py
 tests/test_model.py

{mal_toolbox-1.0.4 → mal_toolbox-1.0.6}/mal_toolbox.egg-info/requires.txt RENAMED Viewed

@@ -3,3 +3,6 @@ antlr4-tools
 antlr4-python3-runtime
 docopt
 PyYAML
+[dev]
+pytest

{mal_toolbox-1.0.4 → mal_toolbox-1.0.6}/maltoolbox/__init__.py RENAMED Viewed

@@ -1,5 +1,5 @@
 # -*- encoding: utf-8 -*-
-# MAL Toolbox v1.0.4
+# MAL Toolbox v1.0.6
 # Copyright 2025, Andrei Buhaiu.
 #
 # Licensed under the Apache License, Version 2.0 (the "License");
@@ -21,7 +21,7 @@ MAL-Toolbox Framework
 """
 __title__ = "maltoolbox"
-__version__ = "1.0.4"
+__version__ = "1.0.6"
 __authors__ = [
     "Andrei Buhaiu",
     "Giuseppe Nebbione",
@@ -48,6 +48,7 @@ config: dict[str, Any] = {
         "langspec_file": "logs/langspec_file.json",
         "langgraph_file": "logs/langgraph.yml",
     },
+    "neo4j": {"uri": None, "username": None, "password": None, "dbname": None},
 }
 config_file = os.getenv("MALTOOLBOX_CONFIG", "maltoolbox.yml")
@@ -59,6 +60,8 @@ if os.path.exists(config_file):
 log_configs = config['logging']
 os.makedirs(os.path.dirname(log_configs["log_file"]), exist_ok=True)
+neo4j_configs = config['logging']
 formatter = logging.Formatter(
     "%(asctime)s %(name)-12s %(levelname)-8s %(message)s", datefmt="%m-%d %H:%M"
 )

{mal_toolbox-1.0.4 → mal_toolbox-1.0.6}/maltoolbox/__main__.py RENAMED Viewed

@@ -3,9 +3,9 @@ Command-line interface for MAL toolbox operations
 Usage:
     maltoolbox compile <lang_file> <output_file>
-    maltoolbox generate-attack-graph [--graphviz] <model_file> <lang_file>
+    maltoolbox generate-attack-graph [--graphviz] [--neo4j] <model_file> <lang_file>
     maltoolbox upgrade-model <model_file> <lang_file> <output_file>
-    maltoolbox visualize-model <model_file> <lang_file>
+    maltoolbox visualize-model [--neo4j] [--graphviz] <model_file> <lang_file>
 Arguments:
     <model_file>    Path to JSON instance model file.
@@ -15,6 +15,7 @@ Arguments:
 Options:
   -h --help         Show this screen.
   -g --graphviz     Visualize with graphviz
+  -n --neo4j        Send to neo4j
 Notes:
     - <lang_file> can be either a .mar file (generated by the older MAL
@@ -25,12 +26,17 @@ import logging
 import json
 import docopt
-from . import log_configs
+from . import log_configs, neo4j_configs
 from .attackgraph import create_attack_graph, AttackGraph
 from .language.compiler import MalCompiler
 from .language.languagegraph import LanguageGraph
 from .translators.updater import load_model_from_older_version
-from .visualization.graphviz_utils import render_model, render_attack_graph
+from .visualization import (
+    render_model,
+    render_attack_graph,
+    ingest_model_neo4j,
+    ingest_attack_graph_neo4j
+)
 from .model import Model
 logger = logging.getLogger(__name__)
@@ -78,6 +84,8 @@ def main():
         )
         if args['--graphviz']:
             render_attack_graph(attack_graph)
+        if args['--neo4j']:
+            ingest_attack_graph_neo4j(attack_graph, neo4j_configs)
     elif args['compile']:
         compile(
@@ -90,7 +98,12 @@ def main():
     elif args['visualize-model']:
         lang_graph = LanguageGraph.load_from_file(args['<lang_file>'])
         model = Model.load_from_file(args['<model_file>'], lang_graph)
-        render_model(model)
+        if args['--graphviz']:
+            render_model(model)
+        else:
+            print("Use flag --graphviz to generate a pdf")
+        if args['--neo4j']:
+            ingest_model_neo4j(model, neo4j_configs)
 if __name__ == "__main__":
     main()

{mal_toolbox-1.0.4 → mal_toolbox-1.0.6}/maltoolbox/attackgraph/attackgraph.py RENAMED Viewed

@@ -167,10 +167,10 @@ class AttackGraph():
         attack_graph = AttackGraph(lang_graph)
         attack_graph.model = model
-        serialized_attack_steps = serialized_object['attack_steps']
+        serialized_attack_steps: dict[str, dict] = serialized_object['attack_steps']
         # Create all of the nodes in the imported attack graph.
-        for node_dict in serialized_attack_steps.values():
+        for node_full_name, node_dict in serialized_attack_steps.items():
             # Recreate asset links if model is available.
             node_asset = None
@@ -192,7 +192,13 @@ class AttackGraph():
                 node_id = node_dict['id'],
                 model_asset = node_asset,
                 ttc_dist = node_dict['ttc'],
-                existence_status = node_dict.get('existence_status', None)
+                existence_status = (
+                    bool(node_dict['existence_status'])
+                    if 'existence_status' in node_dict else None
+                ),
+                # Give explicit full name if model is missing, otherwise
+                # it will generate automatically in node.full_name
+                full_name=node_full_name if not model else None
             )
             ag_node.tags = list(node_dict.get('tags', []))
             ag_node.extras = node_dict.get('extras', {})
@@ -608,7 +614,8 @@ class AttackGraph():
             node_id: Optional[int] = None,
             model_asset: Optional[ModelAsset] = None,
             ttc_dist: Optional[dict] = None,
-            existence_status: Optional[bool] = None
+            existence_status: Optional[bool] = None,
+            full_name: Optional[str] = None
         ) -> AttackGraphNode:
         """Create and add a node to the graph
         Arguments:
@@ -653,7 +660,8 @@ class AttackGraph():
             lg_attack_step = lg_attack_step,
             model_asset = model_asset,
             ttc_dist = ttc_dist,
-            existence_status = existence_status
+            existence_status = existence_status,
+            full_name = full_name
         )
         self.nodes[node_id] = node

{mal_toolbox-1.0.4 → mal_toolbox-1.0.6}/maltoolbox/attackgraph/node.py RENAMED Viewed

@@ -21,7 +21,8 @@ class AttackGraphNode:
         lg_attack_step: LanguageGraphAttackStep,
         model_asset: Optional[ModelAsset] = None,
         ttc_dist: Optional[dict] = None,
-        existence_status: Optional[bool] = None
+        existence_status: Optional[bool] = None,
+        full_name: Optional[str] = None
     ):
         self.lg_attack_step = lg_attack_step
         self.name = lg_attack_step.name
@@ -30,6 +31,7 @@ class AttackGraphNode:
         self.tags = lg_attack_step.tags
         self.detectors = lg_attack_step.detectors
+        self._full_name = full_name
         self.id = node_id
         self.model_asset = model_asset
         self.existence_status = existence_status
@@ -45,10 +47,12 @@ class AttackGraphNode:
             'lang_graph_attack_step': self.lg_attack_step.full_name,
             'name': self.name,
             'ttc': self.ttc,
-            'children': {child.id: child.full_name for child in
-                self.children},
-            'parents': {parent.id: parent.full_name for parent in
-                self.parents},
+            'children': {
+                child.id: child.full_name for child in self.children
+            },
+            'parents': {
+                parent.id: parent.full_name for parent in self.parents
+            },
         }
         for detector in self.detectors.values():
@@ -56,7 +60,7 @@ class AttackGraphNode:
         if self.model_asset is not None:
             node_dict['asset'] = str(self.model_asset.name)
         if self.existence_status is not None:
-            node_dict['existence_status'] = str(self.existence_status)
+            node_dict['existence_status'] = self.existence_status
         if self.tags:
             node_dict['tags'] = list(self.tags)
         if self.extras:
@@ -105,13 +109,19 @@ class AttackGraphNode:
     @property
     def full_name(self) -> str:
         """
-        Return the full name of the attack step. This is a combination of the
-        asset name to which the attack step belongs and attack step name
-        itself.
+        Return the full name of the attack step. This is normally a
+        combination of the asset name to which the attack step
+        belongs and attack step name itself, but can also be
+        explicitly set or a combination of the step id and step name.
         """
-        if self.model_asset:
+        if self._full_name:
+            # Explicitly set
+            return self._full_name
+        elif self.model_asset:
+            # Inherited from model asset
             full_name = self.model_asset.name + ':' + self.name
         else:
+            # Fallback: use ID
             full_name = str(self.id) + ':' + self.name
         return full_name

{mal_toolbox-1.0.4 → mal_toolbox-1.0.6}/maltoolbox/language/languagegraph.py RENAMED Viewed

@@ -10,7 +10,7 @@ import zipfile
 from dataclasses import dataclass, field
 from functools import cached_property
-from typing import Any, Optional
+from typing import Any, Literal, Optional
 from maltoolbox.file_utils import (
     load_dict_from_yaml_file, load_dict_from_json_file,
@@ -171,6 +171,18 @@ class LanguageGraphAsset:
             current_asset = current_asset.own_super_asset
         return superassets
+    def associations_to(
+        self, asset_type: LanguageGraphAsset
+    ) -> dict[str, LanguageGraphAssociation]:
+        """
+        Return dict of association types that go from self
+        to given `asset_type`
+        """
+        associations_to_asset_type = {}
+        for fieldname, association in self.associations.items():
+            if association in asset_type.associations.values():
+                associations_to_asset_type[fieldname] = association
+        return associations_to_asset_type
     @cached_property
     def associations(self) -> dict[str, LanguageGraphAssociation]:
@@ -222,7 +234,7 @@ class LanguageGraphAsset:
         return self_superassets.intersection(other_superassets)
-@dataclass
+@dataclass(frozen=True)
 class LanguageGraphAssociationField:
     """A field in an association"""
     asset: LanguageGraphAsset
@@ -231,7 +243,7 @@ class LanguageGraphAssociationField:
     maximum: int
-@dataclass
+@dataclass(frozen=True, eq=True)
 class LanguageGraphAssociation:
     """
     An association type between asset types as defined in the MAL language
@@ -239,7 +251,7 @@ class LanguageGraphAssociation:
     name: str
     left_field: LanguageGraphAssociationField
     right_field: LanguageGraphAssociationField
-    info: dict = field(default_factory = dict)
+    info: dict = field(default_factory = dict, compare=False)
     def to_dict(self) -> dict:
         """Convert LanguageGraphAssociation to dictionary"""
@@ -356,7 +368,7 @@ class LanguageGraphAttackStep:
     An attack step belonging to an asset type in the MAL language
     """
     name: str
-    type: str
+    type: Literal["or", "and", "defense", "exist", "notExist"]
     asset: LanguageGraphAsset
     ttc: Optional[dict] = field(default_factory = dict)
     overrides: bool = False
@@ -739,6 +751,13 @@ class LanguageGraph():
         return serialized_graph
+    @property
+    def associations(self) -> set[LanguageGraphAssociation]:
+        """
+        Return all associations in the language graph.
+        """
+        return {assoc for asset in self.assets.values() for assoc in asset.associations.values()}
     @staticmethod
     def _link_association_to_assets(
         assoc: LanguageGraphAssociation,

{mal_toolbox-1.0.4 → mal_toolbox-1.0.6}/maltoolbox/model.py RENAMED Viewed

@@ -3,7 +3,6 @@ MAL-Toolbox Model Module
 """
 from __future__ import annotations
-from dataclasses import dataclass, field
 import json
 import logging
 from typing import TYPE_CHECKING
@@ -23,6 +22,7 @@ if TYPE_CHECKING:
     from .language import (
         LanguageGraph,
         LanguageGraphAsset,
+        LanguageGraphAssociation
     )
 logger = logging.getLogger(__name__)
@@ -101,6 +101,12 @@ class Model():
                         ' and we do not allow duplicates.'
                     )
+        if asset_type not in self.lang_graph.assets:
+            raise ValueError(
+                f'Asset type "{asset_type}" does not exist in language, '
+                'must be one of:\n -' +
+                '\n -'.join(self.lang_graph.assets.keys())
+            )
         lg_asset = self.lang_graph.assets[asset_type]
         asset = ModelAsset(
@@ -184,8 +190,11 @@ class Model():
         )
         return self._name_to_asset.get(asset_name, None)
     def _to_dict(self) -> dict:
+        """Backwards compatible"""
+        return self.to_dict()
+    def to_dict(self) -> dict:
         """Get dictionary representation of the model."""
         logger.debug('Translating model to dict.')
         contents: dict[str, Any] = {
@@ -361,6 +370,34 @@ class ModelAsset:
         return (f'ModelAsset(name: "{self.name}", id: {self.id}, '
             f'type: {self.type})')
+    def associations_with(
+        self, b: ModelAsset
+    ) -> set[LanguageGraphAssociation]:
+        """Returns all associations from self to `b`"""
+        assocs_in_common = set()
+        for assoc in self.lg_asset.associations.values():
+            assets_to_left = self.associated_assets.get(
+                assoc.left_field.fieldname, set()
+            )
+            assets_to_right = self.associated_assets.get(
+                assoc.right_field.fieldname, set()
+            )
+            if b in assets_to_left or b in assets_to_right:
+                assocs_in_common.add(assoc)
+        return assocs_in_common
+    def has_association_with(self, b: ModelAsset, assoc_name: str) -> bool:
+        """
+        Returns True if association `assoc_name` exists between self and `b`
+        """
+        for fieldname, associated_assets in self.associated_assets.items():
+            assoc = self.lg_asset.associations[fieldname]
+            if assoc.name == assoc_name and b in associated_assets:
+                return True
+        return False
     def validate_associated_assets(
             self, fieldname: str, assets_to_add: set[ModelAsset]
@@ -418,6 +455,20 @@ class ModelAsset:
         assets dictionary entry corresponding to the given fieldname.
         """
+        if fieldname not in self.lg_asset.associations:
+            if assets:
+                to_asset_type = next(iter(assets)).lg_asset
+                possible_associations = self.lg_asset.associations_to(to_asset_type)
+            else:
+                to_asset_type = None
+                possible_associations = self.lg_asset.associations
+            raise ValueError(
+                f'Association fieldname "{fieldname}" does not exist from '
+                f'<{self.lg_asset.name}> to <{to_asset_type.name if to_asset_type else "Any"}>'
+                ', must be one of:\n -' +
+                '\n -'.join([a for a in possible_associations])
+            )
         lg_assoc = self.lg_asset.associations[fieldname]
         other_fieldname = lg_assoc.get_opposite_fieldname(fieldname)

mal_toolbox-1.0.6/maltoolbox/visualization/__init__.py ADDED Viewed

@@ -0,0 +1,9 @@
+from .graphviz_utils import render_attack_graph, render_model
+from .neo4j_utils import ingest_attack_graph_neo4j, ingest_model_neo4j
+__all__ = [
+    'render_attack_graph',
+    'render_model',
+    'ingest_attack_graph_neo4j',
+    'ingest_model_neo4j'
+]

mal_toolbox-1.0.6/maltoolbox/visualization/neo4j_utils.py ADDED Viewed

@@ -0,0 +1,117 @@
+"""
+MAL-Toolbox Neo4j Ingestor Module
+"""
+# mypy: ignore-errors
+import logging
+from typing import Any
+from py2neo import Graph, Node, Relationship, Subgraph
+logger = logging.getLogger(__name__)
+def ingest_attack_graph_neo4j(
+        graph,
+        neo4j_config: dict[str, Any],
+        delete: bool = True
+    ) -> None:
+    """
+    Ingest an attack graph into a neo4j database
+    Arguments:
+    graph                - the attackgraph provided by the atkgraph.py module.
+    uri                  - the URI to a running neo4j instance
+    username             - the username to login on Neo4J
+    password             - the password to login on Neo4J
+    dbname               - the selected database
+    delete               - if True, the previous content of the database is deleted
+                           before ingesting the new attack graph
+    """
+    uri = neo4j_config.get('uri')
+    username = neo4j_config.get('username')
+    password = neo4j_config.get('password')
+    dbname = neo4j_config.get('dbname')
+    g = Graph(uri=uri, user=username, password=password, name=dbname)
+    if delete:
+        g.delete_all()
+    nodes = {}
+    rels = []
+    for node in graph.nodes.values():
+        node_dict = node.to_dict()
+        nodes[node.id] = Node(
+            node_dict['asset'] if 'asset' in node_dict else node_dict['id'],
+            name = node_dict['name'],
+            full_name = node.full_name,
+            type = node_dict['type'],
+            ttc = str(node_dict['ttc']),
+        )
+    for node in graph.nodes.values():
+        for child in node.children:
+            rels.append(Relationship(nodes[node.id], nodes[child.id]))
+    subgraph = Subgraph(list(nodes.values()), rels)
+    tx = g.begin()
+    tx.create(subgraph)
+    g.commit(tx)
+def ingest_model_neo4j(
+        model,
+        neo4j_config: dict[str, Any],
+        delete: bool = True
+    ) -> None:
+    """
+    Ingest an instance model graph into a Neo4J database
+    Arguments:
+    model                - the instance model dictionary as provided by the model.py module
+    uri                  - the URI to a running neo4j instance
+    username             - the username to login on Neo4J
+    password             - the password to login on Neo4J
+    dbname               - the selected database
+    delete               - if True, the previous content of the database is deleted
+                           before ingesting the new attack graph
+    """
+    uri = neo4j_config.get('uri')
+    username = neo4j_config.get('username')
+    password = neo4j_config.get('password')
+    dbname = neo4j_config.get('dbname')
+    g = Graph(uri=uri, user=username, password=password, name=dbname)
+    if delete:
+        g.delete_all()
+    nodes = {}
+    rels = []
+    for asset in model.assets.values():
+        nodes[str(asset.id)] = Node(
+            str(asset.type),
+            name=str(asset.name),
+            asset_id=str(asset.id),
+            type=str(asset.type)
+        )
+    for asset in model.assets.values():
+        for fieldname, other_assets in asset.associated_assets.items():
+            for other_asset in other_assets:
+                rels.append(
+                    Relationship(
+                        nodes[str(asset.id)],
+                        str(fieldname),
+                        nodes[str(other_asset.id)]
+                    )
+                )
+    subgraph = Subgraph(list(nodes.values()), rels)
+    tx = g.begin()
+    tx.create(subgraph)
+    g.commit(tx)

{mal_toolbox-1.0.4 → mal_toolbox-1.0.6}/pyproject.toml RENAMED Viewed

@@ -1,12 +1,13 @@
 [project]
 name = "mal-toolbox"
-version = "1.0.4"
+version = "1.0.6"
 authors = [
   { name="Andrei Buhaiu", email="buhaiu@kth.se" },
   { name="Joakim Loxdal", email="loxdal@kth.se" },
   { name="Nikolaos Kakouros", email="nkak@kth.se" },
   { name="Jakob Nyberg", email="jaknyb@kth.se" },
-  { name="Giuseppe Nebbione", email="nebbione@kth.se" }
+  { name="Giuseppe Nebbione", email="nebbione@kth.se" },
+  { name="Sandor Berglund", email="sandor@kth.se" }
 ]
 description = "A collection of tools used to create MAL models and attack graphs."
 readme = "README.md"
@@ -34,6 +35,11 @@ classifiers = [
 "Bug Tracker" = "https://github.com/mal-lang/mal-toolbox/issues"
 "Repository" = "https://github.com/mal-lang/mal-toolbox"
+[project.optional-dependencies]
+dev = [
+    "pytest",
+]
 [project.scripts]
 "maltoolbox" = "maltoolbox.__main__:main"

{mal_toolbox-1.0.4 → mal_toolbox-1.0.6}/tests/test_model.py RENAMED Viewed

@@ -125,6 +125,12 @@ def test_model_add_associated_asset(model: Model):
     assert 'hostApp' in asset2.associated_assets
     assert asset1 in asset2.associated_assets['hostApp']
+    associations_in_common = asset1.associations_with(asset2)
+    assert associations_in_common
+    for assoc in associations_in_common:
+        assert asset1.has_association_with(asset2, assoc.name)
 def test_model_add_appexecution_association_two_assets(model: Model):
     """coreLang specifies that AppExecution only can have one 'left' asset"""
@@ -161,7 +167,7 @@ def test_model_add_association_nonexisting_fieldname(model: Model):
     data = model.add_asset(asset_type = 'Data')
     # Try create an association between asset1 and data
-    with pytest.raises(LookupError):
+    with pytest.raises(ValueError):
         # will raise error because fieldname does not exist
         asset1.add_associated_assets(
             fieldname = 'unknownFieldName', assets = {data}