PyPI - mal-toolbox - Versions diffs - 2.0.0__py3-none-any.whl → 2.1.0__py3-none-any.whl - Mend

mal-toolbox 2.0.0py3-none-any.whl → 2.1.0py3-none-any.whl

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (29) hide show

{mal_toolbox-2.0.0.dist-info → mal_toolbox-2.1.0.dist-info}/METADATA +2 -2
mal_toolbox-2.1.0.dist-info/RECORD +51 -0
{mal_toolbox-2.0.0.dist-info → mal_toolbox-2.1.0.dist-info}/WHEEL +1 -1
maltoolbox/__init__.py +2 -2
maltoolbox/attackgraph/__init__.py +2 -2
maltoolbox/attackgraph/attackgraph.py +121 -549
maltoolbox/attackgraph/factories.py +68 -0
maltoolbox/attackgraph/file_utils.py +0 -0
maltoolbox/attackgraph/generate.py +338 -0
maltoolbox/attackgraph/node_getters.py +36 -0
maltoolbox/attackgraph/ttcs.py +28 -0
maltoolbox/language/__init__.py +2 -2
maltoolbox/language/compiler/mal_compiler.py +4 -3
maltoolbox/language/detector.py +43 -0
maltoolbox/language/expression_chain.py +218 -0
maltoolbox/language/language_graph_asset.py +180 -0
maltoolbox/language/language_graph_assoc.py +147 -0
maltoolbox/language/language_graph_attack_step.py +129 -0
maltoolbox/language/language_graph_builder.py +282 -0
maltoolbox/language/language_graph_loaders.py +7 -0
maltoolbox/language/language_graph_lookup.py +140 -0
maltoolbox/language/language_graph_serialization.py +5 -0
maltoolbox/language/languagegraph.py +244 -1537
maltoolbox/language/step_expression_processor.py +491 -0
mal_toolbox-2.0.0.dist-info/RECORD +0 -36
{mal_toolbox-2.0.0.dist-info → mal_toolbox-2.1.0.dist-info}/entry_points.txt +0 -0
{mal_toolbox-2.0.0.dist-info → mal_toolbox-2.1.0.dist-info}/licenses/AUTHORS +0 -0
{mal_toolbox-2.0.0.dist-info → mal_toolbox-2.1.0.dist-info}/licenses/LICENSE +0 -0
{mal_toolbox-2.0.0.dist-info → mal_toolbox-2.1.0.dist-info}/top_level.txt +0 -0

maltoolbox/language/languagegraph.py CHANGED Viewed

@@ -1,701 +1,49 @@
-"""MAL-Toolbox Language Graph Module
+"""MAL-Toolbox Language Graph functionality
+- A graph representation of a MAL language
+- Used when creating models and when generating attack graphs
 """
 from __future__ import annotations
 import json
 import logging
+from typing import Any
 import zipfile
-from dataclasses import dataclass, field
-from functools import cached_property
-from typing import Any, Literal, Optional
-from maltoolbox.file_utils import (
-    load_dict_from_json_file,
-    load_dict_from_yaml_file,
-    save_dict_to_file,
-)
-from ..exceptions import (
-    LanguageGraphAssociationError,
-    LanguageGraphException,
-    LanguageGraphStepExpressionError,
-    LanguageGraphSuperAssetNotFoundError,
-)
-from .compiler import MalCompiler
-logger = logging.getLogger(__name__)
-def disaggregate_attack_step_full_name(
-    attack_step_full_name: str
-) -> list[str]:
-    """From an attack step full name, get (asset_name, attack_step_name)"""
-    return attack_step_full_name.split(':')
-@dataclass(frozen=True, eq=True)
-class Detector:
-    name: str | None
-    context: Context
-    type: str | None
-    tprate: dict | None
-    def to_dict(self) -> dict:
-        return {
-            "context": self.context.to_dict(),
-            "name": self.name,
-            "type": self.type,
-            "tprate": self.tprate,
-        }
-class Context(dict):
-    """Context is part of detectors to provide meta data about attackers"""
-    def __init__(self, context) -> None:
-        super().__init__(context)
-        self._context_dict = context
-        for label, asset in context.items():
-            setattr(self, label, asset)
-    def to_dict(self) -> dict:
-        return {label: asset.name for label, asset in self.items()}
-    def __str__(self) -> str:
-        return str({label: asset.name for label, asset in self._context_dict.items()})
-    def __repr__(self) -> str:
-        return f"Context({self!s}))"
-@dataclass
-class LanguageGraphAsset:
-    """An asset type as defined in the MAL language"""
-    name: str
-    own_associations: dict[str, LanguageGraphAssociation] = \
-        field(default_factory=dict)
-    attack_steps: dict[str, LanguageGraphAttackStep] = \
-        field(default_factory=dict)
-    info: dict = field(default_factory=dict)
-    own_super_asset: LanguageGraphAsset | None = None
-    own_sub_assets: list[LanguageGraphAsset] = field(default_factory=list)
-    own_variables: dict = field(default_factory=dict)
-    is_abstract: bool | None = None
-    def to_dict(self) -> dict:
-        """Convert LanguageGraphAsset to dictionary"""
-        node_dict: dict[str, Any] = {
-            'name': self.name,
-            'associations': {},
-            'attack_steps': {},
-            'info': self.info,
-            'super_asset': self.own_super_asset.name
-                if self.own_super_asset else "",
-            'sub_assets': [asset.name for asset in self.own_sub_assets],
-            'variables': {},
-            'is_abstract': self.is_abstract
-        }
-        for fieldname, assoc in self.own_associations.items():
-            node_dict['associations'][fieldname] = assoc.to_dict()
-        for attack_step in self.attack_steps.values():
-            node_dict['attack_steps'][attack_step.name] = \
-                attack_step.to_dict()
-        for variable_name, (var_target_asset, var_expr_chain) in \
-                self.own_variables.items():
-            node_dict['variables'][variable_name] = (
-                var_target_asset.name,
-                var_expr_chain.to_dict()
-            )
-        return node_dict
-    def __repr__(self) -> str:
-        return f'LanguageGraphAsset(name: "{self.name}")'
-    def __hash__(self):
-        return id(self)
-    def is_subasset_of(self, target_asset: LanguageGraphAsset) -> bool:
-        """Check if an asset extends the target asset through inheritance.
-        Arguments:
-        ---------
-        target_asset    - the target asset we wish to evaluate if this asset
-                          extends
-        Return:
-        ------
-        True if this asset extends the target_asset via inheritance.
-        False otherwise.
-        """
-        current_asset: LanguageGraphAsset | None = self
-        while current_asset:
-            if current_asset == target_asset:
-                return True
-            current_asset = current_asset.own_super_asset
-        return False
-    @cached_property
-    def sub_assets(self) -> set[LanguageGraphAsset]:
-        """Return a list of all of the assets that directly or indirectly extend
-        this asset.
-        Return:
-        ------
-        A list of all of the assets that extend this asset plus itself.
-        """
-        subassets: list[LanguageGraphAsset] = []
-        for subasset in self.own_sub_assets:
-            subassets.extend(subasset.sub_assets)
-        subassets.extend(self.own_sub_assets)
-        subassets.append(self)
-        return set(subassets)
-    @cached_property
-    def super_assets(self) -> list[LanguageGraphAsset]:
-        """Return a list of all of the assets that this asset directly or
-        indirectly extends.
-        Return:
-        ------
-        A list of all of the assets that this asset extends plus itself.
-        """
-        current_asset: LanguageGraphAsset | None = self
-        superassets = []
-        while current_asset:
-            superassets.append(current_asset)
-            current_asset = current_asset.own_super_asset
-        return superassets
-    def associations_to(
-        self, asset_type: LanguageGraphAsset
-    ) -> dict[str, LanguageGraphAssociation]:
-        """Return dict of association types that go from self
-        to given `asset_type`
-        """
-        associations_to_asset_type = {}
-        for fieldname, association in self.associations.items():
-            if association in asset_type.associations.values():
-                associations_to_asset_type[fieldname] = association
-        return associations_to_asset_type
-    @cached_property
-    def associations(self) -> dict[str, LanguageGraphAssociation]:
-        """Return a list of all of the associations that belong to this asset
-        directly or indirectly via inheritance.
-        Return:
-        ------
-        A list of all of the associations that apply to this asset, either
-        directly or via inheritance.
-        """
-        associations = dict(self.own_associations)
-        if self.own_super_asset:
-            associations |= self.own_super_asset.associations
-        return associations
-    @property
-    def variables(
-            self
-        ) -> dict[str, tuple[LanguageGraphAsset, ExpressionsChain]]:
-        """Return a list of all of the variables that belong to this asset
-        directly or indirectly via inheritance.
-        Return:
-        ------
-        A list of all of the variables that apply to this asset, either
-        directly or via inheritance.
-        """
-        all_vars = dict(self.own_variables)
-        if self.own_super_asset:
-            all_vars |= self.own_super_asset.variables
-        return all_vars
-    def get_all_common_superassets(
-            self, other: LanguageGraphAsset
-        ) -> set[str]:
-        """Return a set of all common ancestors between this asset
-        and the other asset given as parameter
-        """
-        self_superassets = set(
-            asset.name for asset in self.super_assets
-        )
-        other_superassets = set(
-            asset.name for asset in other.super_assets
-        )
-        return self_superassets.intersection(other_superassets)
-@dataclass(frozen=True, eq=True)
-class LanguageGraphAssociationField:
-    """A field in an association"""
-    asset: LanguageGraphAsset
-    fieldname: str
-    minimum: int
-    maximum: int
-@dataclass(frozen=True, eq=True)
-class LanguageGraphAssociation:
-    """An association type between asset types as defined in the MAL language
-    """
-    name: str
-    left_field: LanguageGraphAssociationField
-    right_field: LanguageGraphAssociationField
-    info: dict = field(default_factory=dict, compare=False)
-    def to_dict(self) -> dict:
-        """Convert LanguageGraphAssociation to dictionary"""
-        assoc_dict = {
-            'name': self.name,
-            'info': self.info,
-            'left': {
-                'asset': self.left_field.asset.name,
-                'fieldname': self.left_field.fieldname,
-                'min': self.left_field.minimum,
-                'max': self.left_field.maximum
-            },
-            'right': {
-                'asset': self.right_field.asset.name,
-                'fieldname': self.right_field.fieldname,
-                'min': self.right_field.minimum,
-                'max': self.right_field.maximum
-            }
-        }
-        return assoc_dict
-    def __repr__(self) -> str:
-        return (
-            f'LanguageGraphAssociation(name: "{self.name}", '
-            f'left_field: {self.left_field}, '
-            f'right_field: {self.right_field})'
-        )
-    @property
-    def full_name(self) -> str:
-        """Return the full name of the association. This is a combination of the
-        association name, left field name, left asset type, right field name,
-        and right asset type.
-        """
-        full_name = '%s_%s_%s' % (
-            self.name,
-            self.left_field.fieldname,
-            self.right_field.fieldname
-        )
-        return full_name
-    def get_field(self, fieldname: str) -> LanguageGraphAssociationField:
-        """Return the field that matches the `fieldname` given as parameter.
-        """
-        if self.right_field.fieldname == fieldname:
-            return self.right_field
-        return self.left_field
-    def contains_fieldname(self, fieldname: str) -> bool:
-        """Check if the association contains the field name given as a parameter.
-        Arguments:
-        ---------
-        fieldname   - the field name to look for
-        Return True if either of the two field names matches.
-        False, otherwise.
-        """
-        if self.left_field.fieldname == fieldname:
-            return True
-        if self.right_field.fieldname == fieldname:
-            return True
-        return False
-    def contains_asset(self, asset: Any) -> bool:
-        """Check if the association matches the asset given as a parameter. A
-        match can either be an explicit one or if the asset given subassets
-        either of the two assets that are part of the association.
-        Arguments:
-        ---------
-        asset       - the asset to look for
-        Return True if either of the two asset matches.
-        False, otherwise.
-        """
-        if asset.is_subasset_of(self.left_field.asset):
-            return True
-        if asset.is_subasset_of(self.right_field.asset):
-            return True
-        return False
-    def get_opposite_fieldname(self, fieldname: str) -> str:
-        """Return the opposite field name if the association contains the field
-        name given as a parameter.
-        Arguments:
-        ---------
-        fieldname   - the field name to look for
-        Return the other field name if the parameter matched either of the
-        two. None, otherwise.
-        """
-        if self.left_field.fieldname == fieldname:
-            return self.right_field.fieldname
-        if self.right_field.fieldname == fieldname:
-            return self.left_field.fieldname
-        msg = ('Requested fieldname "%s" from association '
-               '%s which did not contain it!')
-        logger.error(msg, fieldname, self.name)
-        raise LanguageGraphAssociationError(msg % (fieldname, self.name))
-@dataclass
-class LanguageGraphAttackStep:
-    """An attack step belonging to an asset type in the MAL language"""
-    name: str
-    type: Literal["or", "and", "defense", "exist", "notExist"]
-    asset: LanguageGraphAsset
-    causal_mode: Optional[Literal["action", "effect"]] = None
-    ttc: dict | None = field(default_factory=dict)
-    overrides: bool = False
-    own_children: dict[LanguageGraphAttackStep, list[ExpressionsChain | None]] = (
-        field(default_factory=dict)
-    )
-    own_parents: dict[LanguageGraphAttackStep, list[ExpressionsChain | None]] = (
-        field(default_factory=dict)
-    )
-    info: dict = field(default_factory=dict)
-    inherits: LanguageGraphAttackStep | None = None
-    own_requires: list[ExpressionsChain] = field(default_factory=list)
-    tags: list = field(default_factory=list)
-    detectors: dict = field(default_factory=dict)
-    def __hash__(self):
-        return id(self)
-    @property
-    def children(self) -> dict[
-        LanguageGraphAttackStep, list[ExpressionsChain | None]
-    ]:
-        """Get all (both own and inherited) children of a LanguageGraphAttackStep
-        """
-        all_children = dict(self.own_children)
+from maltoolbox.exceptions import LanguageGraphAssociationError, LanguageGraphException, LanguageGraphSuperAssetNotFoundError
+from maltoolbox.file_utils import load_dict_from_json_file, load_dict_from_yaml_file, save_dict_to_file
+from maltoolbox.language.compiler.mal_compiler import MalCompiler
+from maltoolbox.language.expression_chain import ExpressionsChain
+from maltoolbox.language.language_graph_builder import generate_graph
+from maltoolbox.language.language_graph_asset import LanguageGraphAsset
+from maltoolbox.language.language_graph_assoc import LanguageGraphAssociation, LanguageGraphAssociationField
+from maltoolbox.language.language_graph_attack_step import LanguageGraphAttackStep
+from maltoolbox.language.step_expression_processor import process_attack_step_expression, process_collect_step_expression, process_field_step_expression, process_set_operation_step_expression, process_step_expression, process_subType_step_expression, process_transitive_step_expression, process_variable_step_expression, reverse_expr_chain
-        if self.overrides:
-            # Override overrides the children
-            return all_children
-        if not self.inherits:
-            return all_children
-        for child_step, chains in self.inherits.children.items():
-            if child_step in all_children:
-                all_children[child_step] += [
-                    chain for chain in chains
-                    if chain not in all_children[child_step]
-                ]
-            else:
-                all_children[child_step] = chains
-        return all_children
-    @property
-    def parents(self) -> None:
-        raise NotImplementedError(
-            "Can not fetch parents of a LanguageGraphAttackStep"
-        )
-    @property
-    def full_name(self) -> str:
-        """Return the full name of the attack step. This is a combination of the
-        asset type name to which the attack step belongs and attack step name
-        itself.
-        """
-        full_name = self.asset.name + ':' + self.name
-        return full_name
-    def to_dict(self) -> dict:
-        node_dict: dict[Any, Any] = {
-            'name': self.name,
-            'type': self.type,
-            'asset': self.asset.name,
-            'ttc': self.ttc,
-            'own_children': {},
-            'own_parents': {},
-            'info': self.info,
-            'overrides': self.overrides,
-            'inherits': self.inherits.full_name if self.inherits else None,
-            'tags': list(self.tags),
-            'detectors': {label: detector.to_dict() for label, detector in
-            self.detectors.items()},
-        }
-        for child, expr_chains in self.own_children.items():
-            node_dict['own_children'][child.full_name] = []
-            for chain in expr_chains:
-                if chain:
-                    node_dict['own_children'][child.full_name].append(chain.to_dict())
-                else:
-                    node_dict['own_children'][child.full_name].append(None)
-        for parent, expr_chains in self.own_children.items():
-            node_dict['own_parents'][parent.full_name] = []
-            for chain in expr_chains:
-                if chain:
-                    node_dict['own_parents'][parent.full_name].append(chain.to_dict())
-                else:
-                    node_dict['own_parents'][parent.full_name].append(None)
-        if self.own_requires:
-            node_dict['requires'] = []
-            for requirement in self.own_requires:
-                node_dict['requires'].append(requirement.to_dict())
-        return node_dict
-    @cached_property
-    def requires(self):
-        if not hasattr(self, 'own_requires'):
-            requirements = []
-        else:
-            requirements = self.own_requires
-        if self.inherits:
-            requirements.extend(self.inherits.requires)
-        return requirements
-class ExpressionsChain:
-    """A series of linked step expressions that specify the association path and
-    operations to take to reach the child/parent attack step.
-    """
-    def __init__(self,
-            type: str,
-            left_link: ExpressionsChain | None = None,
-            right_link: ExpressionsChain | None = None,
-            sub_link: ExpressionsChain | None = None,
-            fieldname: str | None = None,
-            association=None,
-            subtype=None
-        ):
-        self.type = type
-        self.left_link: ExpressionsChain | None = left_link
-        self.right_link: ExpressionsChain | None = right_link
-        self.sub_link: ExpressionsChain | None = sub_link
-        self.fieldname: str | None = fieldname
-        self.association: LanguageGraphAssociation | None = association
-        self.subtype: Any | None = subtype
-    def to_dict(self) -> dict:
-        """Convert ExpressionsChain to dictionary"""
-        match (self.type):
-            case 'union' | 'intersection' | 'difference' | 'collect':
-                return {
-                    self.type: {
-                        'left': self.left_link.to_dict()
-                                if self.left_link else {},
-                        'right': self.right_link.to_dict()
-                                 if self.right_link else {}
-                    },
-                    'type': self.type
-                }
-            case 'field':
-                if not self.association:
-                    raise LanguageGraphAssociationError(
-                        "Missing association for expressions chain"
-                    )
-                if self.fieldname == self.association.left_field.fieldname:
-                    asset_type = self.association.left_field.asset.name
-                elif self.fieldname == self.association.right_field.fieldname:
-                    asset_type = self.association.right_field.asset.name
-                else:
-                    raise LanguageGraphException(
-                        'Failed to find fieldname "%s" in association:\n%s' %
-                        (
-                            self.fieldname,
-                            json.dumps(self.association.to_dict(),
-                                indent=2)
-                        )
-                    )
-                return {
-                    self.association.name:
-                    {
-                        'fieldname': self.fieldname,
-                        'asset type': asset_type
-                    },
-                    'type': self.type
-                }
-            case 'transitive':
-                if not self.sub_link:
-                    raise LanguageGraphException(
-                        "No sub link for transitive expressions chain"
-                    )
-                return {
-                    'transitive': self.sub_link.to_dict(),
-                    'type': self.type
-                }
-            case 'subType':
-                if not self.subtype:
-                    raise LanguageGraphException(
-                        "No subtype for expressions chain"
-                    )
-                if not self.sub_link:
-                    raise LanguageGraphException(
-                        "No sub link for subtype expressions chain"
-                    )
-                return {
-                    'subType': self.subtype.name,
-                    'expression': self.sub_link.to_dict(),
-                    'type': self.type
-                }
-            case _:
-                msg = 'Unknown associations chain element %s!'
-                logger.error(msg, self.type)
-                raise LanguageGraphAssociationError(msg % self.type)
-    @classmethod
-    def _from_dict(cls,
-            serialized_expr_chain: dict,
-            lang_graph: LanguageGraph,
-        ) -> ExpressionsChain | None:
-        """Create ExpressionsChain from dict
-        Args:
-        serialized_expr_chain   - expressions chain in dict format
-        lang_graph              - the LanguageGraph that contains the assets,
-                                  associations, and attack steps relevant for
-                                  the expressions chain
-        """
-        if serialized_expr_chain is None or not serialized_expr_chain:
-            return None
-        if 'type' not in serialized_expr_chain:
-            logger.debug(json.dumps(serialized_expr_chain, indent=2))
-            msg = 'Missing expressions chain type!'
-            logger.error(msg)
-            raise LanguageGraphAssociationError(msg)
-        expr_chain_type = serialized_expr_chain['type']
-        match (expr_chain_type):
-            case 'union' | 'intersection' | 'difference' | 'collect':
-                left_link = cls._from_dict(
-                    serialized_expr_chain[expr_chain_type]['left'],
-                    lang_graph
-                )
-                right_link = cls._from_dict(
-                    serialized_expr_chain[expr_chain_type]['right'],
-                    lang_graph
-                )
-                new_expr_chain = ExpressionsChain(
-                    type=expr_chain_type,
-                    left_link=left_link,
-                    right_link=right_link
-                )
-                return new_expr_chain
-            case 'field':
-                assoc_name = list(serialized_expr_chain.keys())[0]
-                target_asset = lang_graph.assets[
-                    serialized_expr_chain[assoc_name]['asset type']]
-                fieldname = serialized_expr_chain[assoc_name]['fieldname']
-                association = None
-                for assoc in target_asset.associations.values():
-                    if assoc.contains_fieldname(fieldname) and \
-                            assoc.name == assoc_name:
-                        association = assoc
-                        break
-                if association is None:
-                    msg = 'Failed to find association "%s" with '\
-                        'fieldname "%s"'
-                    logger.error(msg, assoc_name, fieldname)
-                    raise LanguageGraphException(
-                        msg % (assoc_name, fieldname)
-                    )
-                new_expr_chain = ExpressionsChain(
-                    type='field',
-                    association=association,
-                    fieldname=fieldname
-                )
-                return new_expr_chain
-            case 'transitive':
-                sub_link = cls._from_dict(
-                    serialized_expr_chain['transitive'],
-                    lang_graph
-                )
-                new_expr_chain = ExpressionsChain(
-                    type='transitive',
-                    sub_link=sub_link
-                )
-                return new_expr_chain
-            case 'subType':
-                sub_link = cls._from_dict(
-                    serialized_expr_chain['expression'],
-                    lang_graph
-                )
-                subtype_name = serialized_expr_chain['subType']
-                if subtype_name in lang_graph.assets:
-                    subtype_asset = lang_graph.assets[subtype_name]
-                else:
-                    msg = 'Failed to find subtype %s'
-                    logger.error(msg, subtype_name)
-                    raise LanguageGraphException(msg % subtype_name)
-                new_expr_chain = ExpressionsChain(
-                    type='subType',
-                    sub_link=sub_link,
-                    subtype=subtype_asset
-                )
-                return new_expr_chain
-            case _:
-                msg = 'Unknown expressions chain type %s!'
-                logger.error(msg, serialized_expr_chain['type'])
-                raise LanguageGraphAssociationError(
-                    msg % serialized_expr_chain['type']
-                )
-    def __repr__(self) -> str:
-        return str(self.to_dict())
+logger = logging.getLogger(__name__)
 class LanguageGraph:
     """Graph representation of a MAL language"""
-    def __init__(self, lang: dict | None = None):
+    def __init__(self, lang_spec: dict | None = None):
         self.assets: dict[str, LanguageGraphAsset] = {}
-        if lang is not None:
-            self._lang_spec: dict = lang
+        self.lang_spec = lang_spec
+        if self.lang_spec is not None:
             self.metadata = {
-                "version": lang["defines"]["version"],
-                "id": lang["defines"]["id"],
+                "version": self.lang_spec["defines"]["version"],
+                "id": self.lang_spec["defines"]["id"],
             }
-            self._generate_graph()
+            self.assets = generate_graph(self.lang_spec)
     def __repr__(self) -> str:
-        return (f'LanguageGraph(id: "{self.metadata.get("id", "N/A")}", '
-            f'version: "{self.metadata.get("version", "N/A")}")')
+        """String representation of a LanguageGraph"""
+        return (
+            f'LanguageGraph(id: "{self.metadata.get("id", "N/A")}", '
+            f'version: "{self.metadata.get("version", "N/A")}")'
+        )
     @classmethod
     def from_mal_spec(cls, mal_spec_file: str) -> LanguageGraph:
@@ -706,8 +54,7 @@ class LanguageGraph:
         mal_spec_file   -   the path to the .mal file
         """
-        logger.info("Loading mal spec %s", mal_spec_file)
-        return LanguageGraph(MalCompiler().compile(mal_spec_file))
+        return language_graph_from_mal_spec(mal_spec_file)
     @classmethod
     def from_mar_archive(cls, mar_archive: str) -> LanguageGraph:
@@ -719,28 +66,13 @@ class LanguageGraph:
         mar_archive     -   the path to a ".mar" archive
         """
-        logger.info('Loading mar archive %s', mar_archive)
-        with zipfile.ZipFile(mar_archive, 'r') as archive:
-            langspec = archive.read('langspec.json')
-            return LanguageGraph(json.loads(langspec))
-    def _to_dict(self):
-        """Converts LanguageGraph into a dict"""
-        logger.debug(
-            'Serializing %s assets.', len(self.assets.items())
-        )
-        serialized_graph = {'metadata': self.metadata}
-        for asset in self.assets.values():
-            serialized_graph[asset.name] = asset.to_dict()
-        return serialized_graph
+        return language_graph_from_mar_archive(mar_archive)
     @property
     def associations(self) -> set[LanguageGraphAssociation]:
         """Return all associations in the language graph.
         """
-        return {assoc for asset in self.assets.values() for assoc in asset.associations.values()}
+        return get_language_graph_associations(self)
     @staticmethod
     def _link_association_to_assets(
@@ -753,152 +85,12 @@ class LanguageGraph:
     def save_to_file(self, filename: str) -> None:
         """Save to json/yml depending on extension"""
-        return save_dict_to_file(filename, self._to_dict())
-    @classmethod
-    def _from_dict(cls, serialized_graph: dict) -> LanguageGraph:
-        """Rebuild a LanguageGraph instance from its serialized dict form."""
-        logger.debug('Create language graph from dictionary.')
-        lang_graph = LanguageGraph()
-        lang_graph.metadata = serialized_graph.pop('metadata')
-        # Create asset nodes
-        for asset in serialized_graph.values():
-            logger.debug('Create asset %s', asset['name'])
-            lang_graph.assets[asset['name']] = LanguageGraphAsset(
-                name=asset['name'],
-                own_associations={},
-                attack_steps={},
-                info=asset['info'],
-                own_super_asset=None,
-                own_sub_assets=list(),
-                own_variables={},
-                is_abstract=asset['is_abstract']
-            )
-        # Link inheritance
-        for asset in serialized_graph.values():
-            asset_node = lang_graph.assets[asset['name']]
-            if super_name := asset['super_asset']:
-                try:
-                    super_asset = lang_graph.assets[super_name]
-                except KeyError:
-                    msg = f'Super asset "{super_name}" for "{asset["name"]}" not found'
-                    logger.error(msg)
-                    raise LanguageGraphSuperAssetNotFoundError(msg)
-                super_asset.own_sub_assets.append(asset_node)
-                asset_node.own_super_asset = super_asset
-        # Associations
-        for asset in serialized_graph.values():
-            logger.debug('Create associations for asset %s', asset['name'])
-            a_node = lang_graph.assets[asset['name']]
-            for assoc in asset['associations'].values():
-                try:
-                    left = lang_graph.assets[assoc['left']['asset']]
-                    right = lang_graph.assets[assoc['right']['asset']]
-                except KeyError as e:
-                    side = 'Left' if 'left' in str(e) else 'Right'
-                    msg = f'{side} asset for association "{assoc["name"]}" not found'
-                    logger.error(msg)
-                    raise LanguageGraphAssociationError(msg)
-                assoc_node = LanguageGraphAssociation(
-                    name=assoc['name'],
-                    left_field=LanguageGraphAssociationField(
-                        left, assoc['left']['fieldname'],
-                        assoc['left']['min'], assoc['left']['max']
-                    ),
-                    right_field=LanguageGraphAssociationField(
-                        right, assoc['right']['fieldname'],
-                        assoc['right']['min'], assoc['right']['max']
-                    ),
-                    info=assoc['info']
-                )
-                lang_graph._link_association_to_assets(assoc_node, left, right)
-        # Variables
-        for asset in serialized_graph.values():
-            a_node = lang_graph.assets[asset['name']]
-            for var, (target_name, expr_dict) in asset['variables'].items():
-                target = lang_graph.assets[target_name]
-                a_node.own_variables[var] = (
-                    target, ExpressionsChain._from_dict(expr_dict, lang_graph)
-                )
-        # Attack steps
-        for asset in serialized_graph.values():
-            a_node = lang_graph.assets[asset['name']]
-            for step in asset['attack_steps'].values():
-                a_node.attack_steps[step['name']] = LanguageGraphAttackStep(
-                    name=step['name'],
-                    type=step['type'],
-                    asset=a_node,
-                    causal_mode=step.get('causal_mode'),
-                    ttc=step['ttc'],
-                    overrides=step['overrides'],
-                    own_children={}, own_parents={},
-                    info=step['info'],
-                    tags=list(step['tags'])
-                )
-        # Inheritance for attack steps
-        for asset in serialized_graph.values():
-            a_node = lang_graph.assets[asset['name']]
-            for step in asset['attack_steps'].values():
-                if not (inh := step.get('inherits')):
-                    continue
-                a_step = a_node.attack_steps[step['name']]
-                a_name, s_name = disaggregate_attack_step_full_name(inh)
-                a_step.inherits = lang_graph.assets[a_name].attack_steps[s_name]
-        # Expression chains and requirements
-        for asset in serialized_graph.values():
-            a_node = lang_graph.assets[asset['name']]
-            for step in asset['attack_steps'].values():
-                s_node = a_node.attack_steps[step['name']]
-                for tgt_name, exprs in step['own_children'].items():
-                    t_asset, t_step = disaggregate_attack_step_full_name(tgt_name)
-                    t_node = lang_graph.assets[t_asset].attack_steps[t_step]
-                    for expr in exprs:
-                        chain = ExpressionsChain._from_dict(expr, lang_graph)
-                        s_node.own_children.setdefault(t_node, []).append(chain)
-                for tgt_name, exprs in step['own_parents'].items():
-                    t_asset, t_step = disaggregate_attack_step_full_name(tgt_name)
-                    t_node = lang_graph.assets[t_asset].attack_steps[t_step]
-                    for expr in exprs:
-                        chain = ExpressionsChain._from_dict(expr, lang_graph)
-                        s_node.own_parents.setdefault(t_node, []).append(chain)
-                if step['type'] in ('exist', 'notExist') and (reqs := step.get('requires')):
-                    s_node.own_requires = [
-                        chain for expr in reqs
-                        if (chain := ExpressionsChain._from_dict(expr, lang_graph))
-                    ]
-        return lang_graph
+        return save_dict_to_file(filename, language_graph_to_dict(self))
     @classmethod
     def load_from_file(cls, filename: str) -> LanguageGraph:
         """Create LanguageGraph from mal, mar, yaml or json"""
-        lang_graph = None
-        if filename.endswith('.mal'):
-            lang_graph = cls.from_mal_spec(filename)
-        elif filename.endswith('.mar'):
-            lang_graph = cls.from_mar_archive(filename)
-        elif filename.endswith(('.yaml', '.yml')):
-            lang_graph = cls._from_dict(load_dict_from_yaml_file(filename))
-        elif filename.endswith('.json'):
-            lang_graph = cls._from_dict(load_dict_from_json_file(filename))
-        else:
-            raise TypeError(
-                "Unknown file extension, expected json/mal/mar/yml/yaml"
-            )
-        if lang_graph:
-            return lang_graph
-        raise LanguageGraphException(
-            f'Failed to load language graph from file "{filename}".'
-        )
+        return load_language_graph_from_file(filename)
     def save_language_specification_to_json(self, filename: str) -> None:
         """Save a MAL language specification dictionary to a JSON file
@@ -909,9 +101,8 @@ class LanguageGraph:
         """
         logger.info('Save language specification to %s', filename)
         with open(filename, 'w', encoding='utf-8') as file:
-            json.dump(self._lang_spec, file, indent=4)
+            json.dump(self.lang_spec, file, indent=4)
     def process_attack_step_expression(
         self,
@@ -926,9 +117,8 @@ class LanguageGraph:
         step. All other step expressions only modify the target
         asset and parent associations chain.
         """
-        return (
+        return process_attack_step_expression(
             target_asset,
-            None,
             step_expression['name']
         )
@@ -936,7 +126,7 @@ class LanguageGraph:
         self,
         target_asset: LanguageGraphAsset,
         expr_chain: ExpressionsChain | None,
-        step_expression: dict[str, Any]
+        step_expression: dict[str, Any],
     ) -> tuple[
             LanguageGraphAsset,
             ExpressionsChain,
@@ -945,67 +135,22 @@ class LanguageGraph:
         """The set operators are used to combine the left hand and right
         hand targets accordingly.
         """
-        lh_target_asset, lh_expr_chain, _ = self.process_step_expression(
-            target_asset,
-            expr_chain,
-            step_expression['lhs']
-        )
-        rh_target_asset, rh_expr_chain, _ = self.process_step_expression(
-            target_asset,
-            expr_chain,
-            step_expression['rhs']
-        )
-        assert lh_target_asset, (
-            f"No lh target in step expression {step_expression}"
-        )
-        assert rh_target_asset, (
-            f"No rh target in step expression {step_expression}"
-        )
-        if not lh_target_asset.get_all_common_superassets(rh_target_asset):
-            raise ValueError(
-                "Set operation attempted between targets that do not share "
-                f"any common superassets: {lh_target_asset.name} "
-                f"and {rh_target_asset.name}!"
-            )
-        new_expr_chain = ExpressionsChain(
-            type=step_expression['type'],
-            left_link=lh_expr_chain,
-            right_link=rh_expr_chain
-        )
-        return (
-            lh_target_asset,
-            new_expr_chain,
-            None
+        return process_set_operation_step_expression(
+            self.assets, target_asset, expr_chain, step_expression, self.lang_spec
         )
     def process_variable_step_expression(
         self,
         target_asset: LanguageGraphAsset,
-        step_expression: dict[str, Any]
+        step_expression: dict[str, Any],
     ) -> tuple[
             LanguageGraphAsset,
             ExpressionsChain,
             None
         ]:
-        var_name = step_expression['name']
-        var_target_asset, var_expr_chain = (
-            self._resolve_variable(target_asset, var_name)
-        )
-        if var_expr_chain is None:
-            raise LookupError(
-                f'Failed to find variable "{step_expression["name"]}" '
-                f'for {target_asset.name}',
-            )
-        return (
-            var_target_asset,
-            var_expr_chain,
-            None
+        return process_variable_step_expression(
+            self.assets, target_asset, step_expression, self.lang_spec
         )
     def process_field_step_expression(
@@ -1021,46 +166,15 @@ class LanguageGraph:
         asset given the specified field name and add the parent
         fieldname and association to the parent associations chain.
         """
-        fieldname = step_expression['name']
-        if target_asset is None:
-            raise ValueError(
-                f'Missing target asset for field "{fieldname}"!'
-            )
-        new_target_asset = None
-        for association in target_asset.associations.values():
-            if (association.left_field.fieldname == fieldname and
-                target_asset.is_subasset_of(
-                    association.right_field.asset)):
-                new_target_asset = association.left_field.asset
-            if (association.right_field.fieldname == fieldname and
-                target_asset.is_subasset_of(
-                    association.left_field.asset)):
-                new_target_asset = association.right_field.asset
-            if new_target_asset:
-                new_expr_chain = ExpressionsChain(
-                    type='field',
-                    fieldname=fieldname,
-                    association=association
-                )
-                return (
-                    new_target_asset,
-                    new_expr_chain,
-                    None
-                )
-        raise LookupError(
-            f'Failed to find field {fieldname} on asset {target_asset.name}!',
+        return process_field_step_expression(
+            target_asset, step_expression
         )
     def process_transitive_step_expression(
         self,
         target_asset: LanguageGraphAsset,
         expr_chain: ExpressionsChain | None,
-        step_expression: dict[str, Any]
+        step_expression: dict[str, Any],
     ) -> tuple[
             LanguageGraphAsset,
             ExpressionsChain,
@@ -1069,28 +183,15 @@ class LanguageGraph:
         """Create a transitive tuple entry that applies to the next
         component of the step expression.
         """
-        result_target_asset, result_expr_chain, _ = (
-            self.process_step_expression(
-                target_asset,
-                expr_chain,
-                step_expression['stepExpression']
-            )
-        )
-        new_expr_chain = ExpressionsChain(
-            type='transitive',
-            sub_link=result_expr_chain
-        )
-        return (
-            result_target_asset,
-            new_expr_chain,
-            None
+        return process_transitive_step_expression(
+            self.assets, target_asset, expr_chain, step_expression, self.lang_spec
         )
     def process_subType_step_expression(
         self,
         target_asset: LanguageGraphAsset,
         expr_chain: ExpressionsChain | None,
-        step_expression: dict[str, Any]
+        step_expression: dict[str, Any],
     ) -> tuple[
             LanguageGraphAsset,
             ExpressionsChain,
@@ -1100,47 +201,15 @@ class LanguageGraph:
         component of the step expression and changes the target
         asset to the subasset.
         """
-        subtype_name = step_expression['subType']
-        result_target_asset, result_expr_chain, _ = (
-            self.process_step_expression(
-                target_asset,
-                expr_chain,
-                step_expression['stepExpression']
-            )
-        )
-        if subtype_name not in self.assets:
-            raise LanguageGraphException(
-                f'Failed to find subtype {subtype_name}'
-            )
-        subtype_asset = self.assets[subtype_name]
-        if result_target_asset is None:
-            raise LookupError("Nonexisting asset for subtype")
-        if not subtype_asset.is_subasset_of(result_target_asset):
-            raise ValueError(
-                f'Found subtype {subtype_name} which does not extend '
-                f'{result_target_asset.name}, subtype cannot be resolved.'
-            )
-        new_expr_chain = ExpressionsChain(
-            type='subType',
-            sub_link=result_expr_chain,
-            subtype=subtype_asset
-        )
-        return (
-            subtype_asset,
-            new_expr_chain,
-            None
+        return process_subType_step_expression(
+            self.assets, target_asset, expr_chain, step_expression, self.lang_spec
         )
     def process_collect_step_expression(
         self,
         target_asset: LanguageGraphAsset,
         expr_chain: ExpressionsChain | None,
-        step_expression: dict[str, Any]
+        step_expression: dict[str, Any],
     ) -> tuple[
             LanguageGraphAsset,
             ExpressionsChain | None,
@@ -1149,45 +218,19 @@ class LanguageGraph:
         """Apply the right hand step expression to left hand step
         expression target asset and parent associations chain.
         """
-        lh_target_asset, lh_expr_chain, _ = self.process_step_expression(
-            target_asset, expr_chain, step_expression['lhs']
-        )
-        if lh_target_asset is None:
-            raise ValueError(
-                'No left hand asset in collect expression '
-                f'{step_expression["lhs"]}'
-            )
-        rh_target_asset, rh_expr_chain, rh_attack_step_name = (
-            self.process_step_expression(
-                lh_target_asset, None, step_expression['rhs']
-            )
-        )
-        new_expr_chain = lh_expr_chain
-        if rh_expr_chain:
-            new_expr_chain = ExpressionsChain(
-                type='collect',
-                left_link=lh_expr_chain,
-                right_link=rh_expr_chain
-            )
-        return (
-            rh_target_asset,
-            new_expr_chain,
-            rh_attack_step_name
+        return process_collect_step_expression(
+            self.assets, target_asset, expr_chain, step_expression, self.lang_spec
         )
     def process_step_expression(self,
-            target_asset: LanguageGraphAsset,
-            expr_chain: ExpressionsChain | None,
-            step_expression: dict
-        ) -> tuple[
-                LanguageGraphAsset,
-                ExpressionsChain | None,
-                str | None
-            ]:
+        target_asset: LanguageGraphAsset,
+        expr_chain: ExpressionsChain | None,
+        step_expression: dict,
+    ) -> tuple[
+            LanguageGraphAsset,
+            ExpressionsChain | None,
+            str | None
+        ]:
         """Recursively process an attack step expression.
         Arguments:
@@ -1210,59 +253,15 @@ class LanguageGraph:
         associations chain, and the name of the attack step.
         """
-        if logger.isEnabledFor(logging.DEBUG):
-            # Avoid running json.dumps when not in debug
-            logger.debug(
-                'Processing Step Expression:\n%s',
-                json.dumps(step_expression, indent=2)
-            )
-        result: tuple[
-            LanguageGraphAsset,
-            ExpressionsChain | None,
-            str | None
-        ]
-        match (step_expression['type']):
-            case 'attackStep':
-                result = self.process_attack_step_expression(
-                    target_asset, step_expression
-                )
-            case 'union' | 'intersection' | 'difference':
-                result = self.process_set_operation_step_expression(
-                    target_asset, expr_chain, step_expression
-                )
-            case 'variable':
-                result = self.process_variable_step_expression(
-                    target_asset, step_expression
-                )
-            case 'field':
-                result = self.process_field_step_expression(
-                    target_asset, step_expression
-                )
-            case 'transitive':
-                result = self.process_transitive_step_expression(
-                    target_asset, expr_chain, step_expression
-                )
-            case 'subType':
-                result = self.process_subType_step_expression(
-                    target_asset, expr_chain, step_expression
-                )
-            case 'collect':
-                result = self.process_collect_step_expression(
-                    target_asset, expr_chain, step_expression
-                )
-            case _:
-                raise LookupError(
-                    f'Unknown attack step type: "{step_expression["type"]}"'
-                )
-        return result
+        return process_step_expression(
+            self.assets, target_asset, expr_chain, step_expression, self.lang_spec
+        )
     def reverse_expr_chain(
-            self,
-            expr_chain: ExpressionsChain | None,
-            reverse_chain: ExpressionsChain | None
-        ) -> ExpressionsChain | None:
+        self,
+        expr_chain: ExpressionsChain | None,
+        reverse_chain: ExpressionsChain | None
+    ) -> ExpressionsChain | None:
         """Recursively reverse the associations chain. From parent to child or
         vice versa.
@@ -1279,507 +278,215 @@ class LanguageGraph:
         The resulting reversed associations chain.
         """
-        if not expr_chain:
-            return reverse_chain
-        match (expr_chain.type):
-            case 'union' | 'intersection' | 'difference' | 'collect':
-                left_reverse_chain = \
-                    self.reverse_expr_chain(expr_chain.left_link,
-                    reverse_chain)
-                right_reverse_chain = \
-                    self.reverse_expr_chain(expr_chain.right_link,
-                    reverse_chain)
-                if expr_chain.type == 'collect':
-                    new_expr_chain = ExpressionsChain(
-                        type=expr_chain.type,
-                        left_link=right_reverse_chain,
-                        right_link=left_reverse_chain
-                    )
-                else:
-                    new_expr_chain = ExpressionsChain(
-                        type=expr_chain.type,
-                        left_link=left_reverse_chain,
-                        right_link=right_reverse_chain
-                    )
-                return new_expr_chain
-            case 'transitive':
-                result_reverse_chain = self.reverse_expr_chain(
-                    expr_chain.sub_link, reverse_chain)
-                new_expr_chain = ExpressionsChain(
-                    type='transitive',
-                    sub_link=result_reverse_chain
-                )
-                return new_expr_chain
-            case 'field':
-                association = expr_chain.association
-                if not association:
-                    raise LanguageGraphException(
-                        "Missing association for expressions chain"
-                    )
-                if not expr_chain.fieldname:
-                    raise LanguageGraphException(
-                        "Missing field name for expressions chain"
-                    )
-                opposite_fieldname = association.get_opposite_fieldname(
-                    expr_chain.fieldname)
-                new_expr_chain = ExpressionsChain(
-                    type='field',
-                    association=association,
-                    fieldname=opposite_fieldname
-                )
-                return new_expr_chain
-            case 'subType':
-                result_reverse_chain = self.reverse_expr_chain(
-                    expr_chain.sub_link,
-                    reverse_chain
-                )
-                new_expr_chain = ExpressionsChain(
-                    type='subType',
-                    sub_link=result_reverse_chain,
-                    subtype=expr_chain.subtype
-                )
-                return new_expr_chain
-            case _:
-                msg = 'Unknown assoc chain element "%s"'
-                logger.error(msg, expr_chain.type)
-                raise LanguageGraphAssociationError(msg % expr_chain.type)
-    def _resolve_variable(self, asset: LanguageGraphAsset, var_name) -> tuple:
-        """Resolve a variable for a specific asset by variable name.
-        Arguments:
-        ---------
-        asset       - a language graph asset to which the variable belongs
-        var_name    - a string representing the variable name
-        Return:
-        ------
-        A tuple containing the target asset and expressions chain required to
-        reach it.
+        return reverse_expr_chain(
+            expr_chain, reverse_chain
+        )
+    def regenerate_graph(self) -> None:
+        """Regenerate language graph starting from the MAL language specification
+        given in the constructor.
         """
-        if var_name not in asset.variables:
-            var_expr = self._get_var_expr_for_asset(asset.name, var_name)
-            target_asset, expr_chain, _ = self.process_step_expression(
-                asset,
-                None,
-                var_expr
-            )
-            asset.own_variables[var_name] = (target_asset, expr_chain)
-            return (target_asset, expr_chain)
-        return asset.variables[var_name]
+        self.assets = generate_graph(self.lang_spec)
-    def _create_associations_for_assets(
-            self,
-            lang_spec: dict[str, Any],
-            assets: dict[str, LanguageGraphAsset]
-        ) -> None:
-        """Link associations to assets based on the language specification.
+    def _to_dict(self) -> dict[str, Any]:
+        return language_graph_to_dict(self)
-        Arguments:
-        ---------
-        lang_spec   - the language specification dictionary
-        assets      - a dictionary of LanguageGraphAsset objects
-                      indexed by their names
-        """
-        for association_dict in lang_spec['associations']:
-            logger.debug(
-                'Create association language graph nodes for association %s',
-                association_dict['name']
-            )
+def disaggregate_attack_step_full_name(
+    attack_step_full_name: str
+) -> list[str]:
+    """From an attack step full name, get (asset_name, attack_step_name)"""
+    return attack_step_full_name.split(':')
-            left_asset_name = association_dict['leftAsset']
-            right_asset_name = association_dict['rightAsset']
-            if left_asset_name not in assets:
-                raise LanguageGraphAssociationError(
-                    f'Left asset "{left_asset_name}" for '
-                    f'association "{association_dict["name"]}" not found!'
-                )
-            if right_asset_name not in assets:
-                raise LanguageGraphAssociationError(
-                    f'Right asset "{right_asset_name}" for '
-                    f'association "{association_dict["name"]}" not found!'
-                )
+def language_graph_to_dict(graph: LanguageGraph) -> dict:
+    """Converts LanguageGraph into a dict"""
+    logger.debug(
+        'Serializing %s assets.', len(graph.assets.items())
+    )
-            left_asset = assets[left_asset_name]
-            right_asset = assets[right_asset_name]
+    serialized_graph = {'metadata': graph.metadata}
+    for asset in graph.assets.values():
+        serialized_graph[asset.name] = asset.to_dict()
+    return serialized_graph
+def language_graph_from_dict(serialized_graph: dict) -> LanguageGraph:
+    """Rebuild a LanguageGraph instance from its serialized dict form."""
+    logger.debug('Create language graph from dictionary.')
+    lang_graph = LanguageGraph()
+    lang_graph.metadata = serialized_graph.pop('metadata')
+    # Create asset nodes
+    for asset in serialized_graph.values():
+        logger.debug('Create asset %s', asset['name'])
+        lang_graph.assets[asset['name']] = LanguageGraphAsset(
+            name=asset['name'],
+            own_associations={},
+            attack_steps={},
+            info=asset['info'],
+            own_super_asset=None,
+            own_sub_assets=list(),
+            own_variables={},
+            is_abstract=asset['is_abstract']
+        )
+    # Link inheritance
+    for asset in serialized_graph.values():
+        asset_node = lang_graph.assets[asset['name']]
+        if super_name := asset['super_asset']:
+            try:
+                super_asset = lang_graph.assets[super_name]
+            except KeyError:
+                msg = f'Super asset "{super_name}" for "{asset["name"]}" not found'
+                logger.error(msg)
+                raise LanguageGraphSuperAssetNotFoundError(msg)
+            super_asset.own_sub_assets.append(asset_node)
+            asset_node.own_super_asset = super_asset
+    # Associations
+    for asset in serialized_graph.values():
+        logger.debug('Create associations for asset %s', asset['name'])
+        a_node = lang_graph.assets[asset['name']]
+        for assoc in asset['associations'].values():
+            try:
+                left = lang_graph.assets[assoc['left']['asset']]
+                right = lang_graph.assets[assoc['right']['asset']]
+            except KeyError as e:
+                side = 'Left' if 'left' in str(e) else 'Right'
+                msg = f'{side} asset for association "{assoc["name"]}" not found'
+                logger.error(msg)
+                raise LanguageGraphAssociationError(msg)
             assoc_node = LanguageGraphAssociation(
-                name=association_dict['name'],
+                name=assoc['name'],
                 left_field=LanguageGraphAssociationField(
-                    left_asset,
-                    association_dict['leftField'],
-                    association_dict['leftMultiplicity']['min'],
-                    association_dict['leftMultiplicity']['max']
+                    left, assoc['left']['fieldname'],
+                    assoc['left']['min'], assoc['left']['max']
                 ),
                 right_field=LanguageGraphAssociationField(
-                    right_asset,
-                    association_dict['rightField'],
-                    association_dict['rightMultiplicity']['min'],
-                    association_dict['rightMultiplicity']['max']
+                    right, assoc['right']['fieldname'],
+                    assoc['right']['min'], assoc['right']['max']
                 ),
-                info=association_dict['meta']
+                info=assoc['info']
             )
-            # Add the association to the left and right asset
-            self._link_association_to_assets(
-                assoc_node, left_asset, right_asset
+            lang_graph._link_association_to_assets(assoc_node, left, right)
+    # Variables
+    for asset in serialized_graph.values():
+        a_node = lang_graph.assets[asset['name']]
+        for var, (target_name, expr_dict) in asset['variables'].items():
+            target = lang_graph.assets[target_name]
+            a_node.own_variables[var] = (
+                target, ExpressionsChain._from_dict(expr_dict, lang_graph)
             )
-    def _link_assets(
-            self,
-            lang_spec: dict[str, Any],
-            assets: dict[str, LanguageGraphAsset]
-        ) -> None:
-        """Link assets based on inheritance and associations.
-        """
-        for asset_dict in lang_spec['assets']:
-            asset = assets[asset_dict['name']]
-            if asset_dict['superAsset']:
-                super_asset = assets[asset_dict['superAsset']]
-                if not super_asset:
-                    msg = 'Failed to find super asset "%s" for asset "%s"!'
-                    logger.error(
-                        msg, asset_dict["superAsset"], asset_dict["name"])
-                    raise LanguageGraphSuperAssetNotFoundError(
-                        msg % (asset_dict["superAsset"], asset_dict["name"]))
-                super_asset.own_sub_assets.append(asset)
-                asset.own_super_asset = super_asset
-    def _set_variables_for_assets(
-            self, assets: dict[str, LanguageGraphAsset]
-        ) -> None:
-        """Set the variables for each asset based on the language specification.
-        Arguments:
-        ---------
-        assets      - a dictionary of LanguageGraphAsset objects
-                      indexed by their names
-        """
-        for asset in assets.values():
-            logger.debug(
-                'Set variables for asset %s', asset.name
+    # Attack steps
+    for asset in serialized_graph.values():
+        a_node = lang_graph.assets[asset['name']]
+        for step in asset['attack_steps'].values():
+            a_node.attack_steps[step['name']] = LanguageGraphAttackStep(
+                name=step['name'],
+                type=step['type'],
+                asset=a_node,
+                causal_mode=step.get('causal_mode'),
+                ttc=step['ttc'],
+                overrides=step['overrides'],
+                own_children={}, own_parents={},
+                info=step['info'],
+                tags=list(step['tags'])
             )
-            variables = self._get_variables_for_asset_type(asset.name)
-            for variable in variables:
-                if logger.isEnabledFor(logging.DEBUG):
-                    # Avoid running json.dumps when not in debug
-                    logger.debug(
-                        'Processing Variable Expression:\n%s',
-                        json.dumps(variable, indent=2)
-                    )
-                self._resolve_variable(asset, variable['name'])
-    def _generate_attack_steps(self, assets) -> None:
-        """
-        Generate attack steps for all assets and link them according to the
-        language specification.
-        This method performs three phases:
-        1. Create attack step nodes for each asset, including detectors.
-        2. Inherit attack steps from super-assets, respecting overrides.
-        3. Link attack steps via 'reaches' and evaluate 'exist'/'notExist'
-        requirements.
-        Args:
-            assets (dict): Mapping of asset names to asset objects.
-        Raises:
-            LanguageGraphStepExpressionError: If a step expression cannot be
-                resolved to a target asset or attack step.
-            LanguageGraphException: If an existence requirement cannot be
-                resolved.
-        """
-        langspec_dict = {}
-        for asset in assets.values():
-            logger.debug('Create attack steps language graph nodes for asset %s', asset.name)
-            for step_dict in self._get_attacks_for_asset_type(asset.name).values():
-                logger.debug(
-                    'Create attack step language graph nodes for %s', step_dict['name']
-                )
-                node = LanguageGraphAttackStep(
-                    name=step_dict['name'],
-                    type=step_dict['type'],
-                    asset=asset,
-                    causal_mode=step_dict.get('causal_mode'),
-                    ttc=step_dict['ttc'],
-                    overrides=(
-                        step_dict['reaches']['overrides']
-                        if step_dict['reaches'] else False
-                    ),
-                    own_children={}, own_parents={},
-                    info=step_dict['meta'],
-                    tags=list(step_dict['tags'])
-                )
-                langspec_dict[node.full_name] = step_dict
-                asset.attack_steps[node.name] = node
-                for det in step_dict.get('detectors', {}).values():
-                    node.detectors[det['name']] = Detector(
-                        context=Context(
-                            {lbl: assets[a] for lbl, a in det['context'].items()}
-                        ),
-                        name=det.get('name'),
-                        type=det.get('type'),
-                        tprate=det.get('tprate'),
-                    )
-        pending = list(self.assets.values())
-        while pending:
-            asset = pending.pop(0)
-            super_asset = asset.own_super_asset
-            if super_asset in pending:
-                # Super asset still needs processing, defer this asset
-                pending.append(asset)
-                continue
-            if not super_asset:
+    # Inheritance for attack steps
+    for asset in serialized_graph.values():
+        a_node = lang_graph.assets[asset['name']]
+        for step in asset['attack_steps'].values():
+            if not (inh := step.get('inherits')):
                 continue
-            for super_step in super_asset.attack_steps.values():
-                current_step = asset.attack_steps.get(super_step.name)
-                if not current_step:
-                    node = LanguageGraphAttackStep(
-                        name=super_step.name,
-                        type=super_step.type,
-                        asset=asset,
-                        causal_mode=step_dict.get('causal_mode'),
-                        ttc=super_step.ttc,
-                        overrides=False,
-                        own_children={},
-                        own_parents={},
-                        info=super_step.info,
-                        tags=list(super_step.tags)
-                    )
-                    node.inherits = super_step
-                    asset.attack_steps[super_step.name] = node
-                elif current_step.overrides:
-                    continue
-                else:
-                    current_step.inherits = super_step
-                    current_step.tags += super_step.tags
-                    current_step.info |= super_step.info
-        for asset in self.assets.values():
-            for step in asset.attack_steps.values():
-                logger.debug('Determining children for attack step %s', step.name)
-                if step.full_name not in langspec_dict:
-                    continue
-                entry = langspec_dict[step.full_name]
-                for expr in (entry['reaches']['stepExpressions'] if entry['reaches'] else []):
-                    tgt_asset, chain, tgt_name = self.process_step_expression(step.asset, None, expr)
-                    if not tgt_asset:
-                        raise LanguageGraphStepExpressionError(
-                            'Failed to find target asset for:\n%s' % json.dumps(expr, indent=2)
-                        )
-                    if tgt_name not in tgt_asset.attack_steps:
-                        raise LanguageGraphStepExpressionError(
-                            'Failed to find target attack step %s on %s:\n%s' %
-                            (tgt_name, tgt_asset.name, json.dumps(expr, indent=2))
-                        )
-                    tgt = tgt_asset.attack_steps[tgt_name]
-                    step.own_children.setdefault(tgt, []).append(chain)
-                    tgt.own_parents.setdefault(step, []).append(self.reverse_expr_chain(chain, None))
-                if step.type in ('exist', 'notExist'):
-                    reqs = entry['requires']['stepExpressions'] if entry['requires'] else []
-                    if not reqs:
-                        raise LanguageGraphStepExpressionError(
-                            'Missing requirements for "%s" of type "%s":\n%s' %
-                            (step.name, step.type, json.dumps(entry, indent=2))
-                        )
-                    for expr in reqs:
-                        _, chain, _ = self.process_step_expression(step.asset, None, expr)
-                        if chain is None:
-                            raise LanguageGraphException(
-                                f'Failed to find existence step requirement for:\n{expr}'
-                            )
-                        step.own_requires.append(chain)
-    def _generate_graph(self) -> None:
-        """Generate language graph starting from the MAL language specification
-        given in the constructor.
-        """
-        # Generate all of the asset nodes of the language graph.
-        self.assets = {}
-        for asset_dict in self._lang_spec['assets']:
-            logger.debug(
-                'Create asset language graph nodes for asset %s',
-                asset_dict['name']
-            )
-            asset_node = LanguageGraphAsset(
-                name=asset_dict['name'],
-                own_associations={},
-                attack_steps={},
-                info=asset_dict['meta'],
-                own_super_asset=None,
-                own_sub_assets=list(),
-                own_variables={},
-                is_abstract=asset_dict['isAbstract']
-            )
-            self.assets[asset_dict['name']] = asset_node
-        # Link assets to each other
-        self._link_assets(self._lang_spec, self.assets)
-        # Add and link associations to assets
-        self._create_associations_for_assets(self._lang_spec, self.assets)
-        # Set the variables for each asset
-        self._set_variables_for_assets(self.assets)
-        # Add attack steps to the assets
-        self._generate_attack_steps(self.assets)
-    def _get_attacks_for_asset_type(self, asset_type: str) -> dict[str, dict]:
-        """Get all Attack Steps for a specific asset type.
-        Arguments:
-        ---------
-        asset_type      - the name of the asset type we want to
-                          list the possible attack steps for
-        Return:
-        ------
-        A dictionary containing the possible attacks for the
-        specified asset type. Each key in the dictionary is an attack name
-        associated with a dictionary containing other characteristics of the
-        attack such as type of attack, TTC distribution, child attack steps
-        and other information
-        """
-        attack_steps: dict = {}
-        try:
-            asset = next(
-                asset for asset in self._lang_spec['assets']
-                    if asset['name'] == asset_type
-            )
-        except StopIteration:
-            logger.error(
-                'Failed to find asset type %s when looking'
-                'for attack steps.', asset_type
-            )
-            return attack_steps
-        logger.debug(
-            'Get attack steps for %s asset from '
-            'language specification.', asset['name']
-        )
-        attack_steps = {step['name']: step for step in asset['attackSteps']}
-        return attack_steps
-    def _get_associations_for_asset_type(self, asset_type: str) -> list[dict]:
-        """Get all associations for a specific asset type.
-        Arguments:
-        ---------
-        asset_type      - the name of the asset type for which we want to
-                          list the associations
-        Return:
-        ------
-        A list of dicts, where each dict represents an associations
-        for the specified asset type. Each dictionary contains
-        name and meta information about the association.
+            a_step = a_node.attack_steps[step['name']]
+            a_name, s_name = disaggregate_attack_step_full_name(inh)
+            a_step.inherits = lang_graph.assets[a_name].attack_steps[s_name]
+    # Expression chains and requirements
+    for asset in serialized_graph.values():
+        a_node = lang_graph.assets[asset['name']]
+        for step in asset['attack_steps'].values():
+            s_node = a_node.attack_steps[step['name']]
+            for tgt_name, exprs in step['own_children'].items():
+                t_asset, t_step = disaggregate_attack_step_full_name(tgt_name)
+                t_node = lang_graph.assets[t_asset].attack_steps[t_step]
+                for expr in exprs:
+                    chain = ExpressionsChain._from_dict(expr, lang_graph)
+                    s_node.own_children.setdefault(t_node, []).append(chain)
+            for tgt_name, exprs in step['own_parents'].items():
+                t_asset, t_step = disaggregate_attack_step_full_name(tgt_name)
+                t_node = lang_graph.assets[t_asset].attack_steps[t_step]
+                for expr in exprs:
+                    chain = ExpressionsChain._from_dict(expr, lang_graph)
+                    s_node.own_parents.setdefault(t_node, []).append(chain)
+            if step['type'] in ('exist', 'notExist') and (reqs := step.get('requires')):
+                s_node.own_requires = [
+                    chain for expr in reqs
+                    if (chain := ExpressionsChain._from_dict(expr, lang_graph))
+                ]
-        """
-        logger.debug(
-            'Get associations for %s asset from '
-            'language specification.', asset_type
+    return lang_graph
+def load_language_graph_from_file(filename: str) -> LanguageGraph:
+    """Create LanguageGraph from mal, mar, yaml or json"""
+    lang_graph = None
+    if filename.endswith('.mal'):
+        lang_graph = language_graph_from_mal_spec(filename)
+    elif filename.endswith('.mar'):
+        lang_graph = language_graph_from_mar_archive(filename)
+    elif filename.endswith(('.yaml', '.yml')):
+        lang_graph = language_graph_from_dict(load_dict_from_yaml_file(filename))
+    elif filename.endswith('.json'):
+        lang_graph = language_graph_from_dict(load_dict_from_json_file(filename))
+    else:
+        raise TypeError(
+            "Unknown file extension, expected json/mal/mar/yml/yaml"
         )
-        associations: list = []
-        asset = next((asset for asset in self._lang_spec['assets']
-            if asset['name'] == asset_type), None)
-        if not asset:
-            logger.error(
-                'Failed to find asset type %s when '
-                'looking for associations.', asset_type
-            )
-            return associations
-        assoc_iter = (assoc for assoc in self._lang_spec['associations']
-            if assoc['leftAsset'] == asset_type or
-                assoc['rightAsset'] == asset_type)
-        assoc = next(assoc_iter, None)
-        while assoc:
-            associations.append(assoc)
-            assoc = next(assoc_iter, None)
-        return associations
+    if lang_graph:
+        return lang_graph
+    raise LanguageGraphException(
+        f'Failed to load language graph from file "{filename}".'
+    )
-    def _get_variables_for_asset_type(
-            self, asset_type: str) -> list[dict]:
-        """Get variables for a specific asset type.
-        Note: Variables are the ones specified in MAL through `let` statements
-        Arguments:
-        ---------
-        asset_type      - a string representing the asset type which
-                          contains the variables
+def get_language_graph_associations(language_graph: LanguageGraph):
+    return {
+        assoc for asset in language_graph.assets.values()
+        for assoc in asset.associations.values()
+    }
-        Return:
-        ------
-        A list of dicts representing the step expressions for the variables
-        belonging to the asset.
-        """
-        asset_dict = next((asset for asset in self._lang_spec['assets']
-            if asset['name'] == asset_type), None)
-        if not asset_dict:
-            msg = 'Failed to find asset type %s in language specification '\
-                'when looking for variables.'
-            logger.error(msg, asset_type)
-            raise LanguageGraphException(msg % asset_type)
+def language_graph_from_mal_spec(mal_spec_file: str) -> LanguageGraph:
+    """Create a LanguageGraph from a .mal file (a MAL spec).
-        return asset_dict['variables']
+    Arguments:
+    ---------
+    mal_spec_file   -   the path to the .mal file
-    def _get_var_expr_for_asset(
-            self, asset_type: str, var_name) -> dict:
-        """Get a variable for a specific asset type by variable name.
+    """
+    logger.info("Loading mal spec %s", mal_spec_file)
+    return LanguageGraph(MalCompiler().compile(mal_spec_file))
-        Arguments:
-        ---------
-        asset_type      - a string representing the type of asset which
-                          contains the variable
-        var_name        - a string representing the variable name
-        Return:
-        ------
-        A dictionary representing the step expression for the variable.
+def language_graph_from_mar_archive(mar_archive: str) -> LanguageGraph:
+    """Create a LanguageGraph from a ".mar" archive provided by malc
+    (https://github.com/mal-lang/malc).
-        """
-        vars_dict = self._get_variables_for_asset_type(asset_type)
+    Arguments:
+    ---------
+    mar_archive     -   the path to a ".mar" archive
-        var_expr = next((var_entry['stepExpression'] for var_entry
-            in vars_dict if var_entry['name'] == var_name), None)
+    """
+    logger.info('Loading mar archive %s', mar_archive)
+    with zipfile.ZipFile(mar_archive, 'r') as archive:
+        langspec = archive.read('langspec.json')
+        return LanguageGraph(json.loads(langspec))
-        if not var_expr:
-            msg = 'Failed to find variable name "%s" in language '\
-                'specification when looking for variables for "%s" asset.'
-            logger.error(msg, var_name, asset_type)
-            raise LanguageGraphException(msg % (var_name, asset_type))
-        return var_expr
-    def regenerate_graph(self) -> None:
-        """Regenerate language graph starting from the MAL language specification
-        given in the constructor.
-        """
-        self.assets = {}
-        self._generate_graph()

mal-toolbox 2.0.0__py3-none-any.whl → 2.1.0__py3-none-any.whl

mal-toolbox 2.0.0py3-none-any.whl → 2.1.0py3-none-any.whl