public double Analyze([NotNull] IThreatModel model,
Func <IQualityAnalyzer, IPropertiesContainer, bool> isFalsePositive,
out IEnumerable <object> instances)
{
double result = 0.0;
instances = null;
List <object> items = new List <object>();
AnalyzeContainer(model, isFalsePositive, items);
var entities = model.Entities?.ToArray();
if (entities?.Any() ?? false)
{
foreach (var entity in entities)
{
AnalyzeContainer(entity, isFalsePositive, items);
}
}
var flows = model.DataFlows?.ToArray();
if (flows?.Any() ?? false)
{
foreach (var flow in flows)
{
AnalyzeContainer(flow, isFalsePositive, items);
}
}
if (items.Any())
{
result = items.Count;
instances = items;
}
return(result);
}
public void SetThreatModel(IThreatModel model)
{
try
{
if (model != null)
{
var schema = new DefinitionsPropertySchemaManager(model);
var propertyType = schema.DefinitionsPropertyType;
if (propertyType != null)
{
var property = model.GetProperty(propertyType) ?? model.AddProperty(propertyType, null);
if (property is IPropertyJsonSerializableObject jsonProperty)
{
if (jsonProperty.Value is DefinitionContainer container)
{
_container = container;
var definitions = container.Definitions?.ToArray();
if (definitions?.Any() ?? false)
{
foreach (var definition in definitions)
{
_data.Rows.Add(definition.Key, definition.Value);
}
}
}
else
{
_container = new DefinitionContainer();
jsonProperty.Value = _container;
}
}
}
}
}
finally
{
_loading = false;
}
}
public IEnumerable <ListItem> GetList(IThreatModel model)
{
IEnumerable <ListItem> result = null;
var schema = new RoadmapPropertySchemaManager(model);
var mitigations = model.GetUniqueMitigations()?
.Where(x => schema.GetStatus(x) == RoadmapStatus.MidTerm)
.OrderBy(x => x.Name)
.ToArray();
if (mitigations?.Any() ?? false)
{
var list = new List <ListItem>();
foreach (var mitigation in mitigations)
{
var items = new List <ItemRow>();
var tems = model.GetThreatEventMitigations(mitigation)?.ToArray();
if (tems?.Any() ?? false)
{
items.Add(new TextRow("Control Type", mitigation.ControlType.GetEnumLabel()));
items.Add(new TextRow("Description", mitigation.Description));
var itemRows = mitigation.GetItemRows()?.ToArray();
if (itemRows?.Any() ?? false)
{
items.AddRange(itemRows);
}
list.Add(new ListItem(mitigation.Name, mitigation.Id, items));
}
}
result = list;
}
return(result);
}
public double Analyze([NotNull] IThreatModel model, Func <IQualityAnalyzer, IPropertiesContainer, bool> isFalsePositive,
out IEnumerable <object> instances)
{
double result = 0.0;
instances = null;
var entities = model.Entities?.Where(x => !isFalsePositive(this, x)).ToArray();
if (entities?.Any() ?? false)
{
var flows = model.DataFlows?.ToArray();
if (flows?.Any() ?? false)
{
List <object> found = new List <object>();
foreach (var entity in entities)
{
if (!flows.Any(x => x.SourceId == entity.Id || x.TargetId == entity.Id))
{
found.Add(entity);
}
}
result = found.Count;
instances = found;
}
else
{
if (entities.Any())
{
instances = entities;
}
result = entities.Length;
}
}
return(result);
}
/// <summary>
/// Creates a new Default Instance of the Threat Model.
/// </summary>
/// <returns>Threat Model created.</returns>
public static IThreatModel GetDefaultInstance()
{
IThreatModel result = null;
var type = Type.GetType("ThreatsManager.Engine.Manager, ThreatsManager.Engine", false);
var property = type?.GetProperty("Instance");
if (property != null)
{
var instance = property.GetValue(null);
result = type.InvokeMember("CreateNewThreatModel", BindingFlags.InvokeMethod, null, instance,
new object[] { "Default Threat Model" }) as IThreatModel;
if (result != null)
{
_instances.Add(result);
type.GetMethod("RegisterEvents")?.Invoke(result, null);
}
}
return(result);
}
public IEnumerable <KeyValuePair <string, IPropertyType> > GetProperties([NotNull] IThreatModel model)
{
IEnumerable <KeyValuePair <string, IPropertyType> > result = null;
var processes = model.Entities?.OfType <IProcess>().OrderBy(x => x.Name).ToArray();
if (processes?.Any() ?? false)
{
var dict = new Dictionary <string, IPropertyType>();
foreach (var process in processes)
{
var properties = process.Properties?
.Where(x => !(x.PropertyType?.DoNotPrint ?? true))
.Select(x => x.PropertyType)
.ToArray();
if (properties?.Any() ?? false)
{
foreach (var property in properties)
{
if (!dict.ContainsKey(property.Name))
{
dict.Add(property.Name, property);
}
}
}
}
result = dict
.OrderBy(x => model.GetSchema(x.Value.SchemaId).Priority)
.ThenBy(x => model.GetSchema(x.Value.SchemaId).Namespace)
.ThenBy(x => model.GetSchema(x.Value.SchemaId).Name)
.ThenBy(x => x.Value.Priority)
.ToArray();
}
return(result);
}
public IEnumerable <ChartItem> GetChart([NotNull] IThreatModel model)
{
IEnumerable <ChartItem> result = null;
var mitigations = model.Mitigations?.ToArray();
if (mitigations?.Any() ?? false)
{
var selectedMitigations = new List <Guid>();
UpdateSelectedMitigations(selectedMitigations, mitigations, RoadmapStatus.ShortTerm);
var schemaManager = new ResidualRiskEstimatorPropertySchemaManager(model);
var projected = schemaManager.SelectedEstimator?.GetProjectedThreatTypesResidualRisk(model, selectedMitigations);
if (projected?.Any() ?? false)
{
result = GetChart(model, projected);
}
}
return(result);
}
private IEntity GetEntity([Required] string msEntityId, [NotNull] IThreatModel model,
[NotNull] ObjectPropertySchemaManager schemaManager)
{
IEntity result = null;
var entities = model.Entities?.ToArray();
if (entities != null)
{
foreach (var entity in entities)
{
var id = schemaManager.GetInstanceId(entity);
if (string.CompareOrdinal(id, msEntityId) == 0)
{
result = entity;
break;
}
}
}
return(result);
}
public static SelectionRule GetRule(this IPropertiesContainer container, IThreatModel model = null)
{
SelectionRule result = null;
if (model == null && container is IThreatModelChild child)
{
model = child.Model;
}
if (model != null)
{
var schemaManager = new AutoGenRulesPropertySchemaManager(model);
var propertyType = schemaManager.GetPropertyType();
if (container.HasProperty(propertyType))
{
if (container.GetProperty(propertyType) is IPropertyJsonSerializableObject jsonSerializableObject)
{
result = jsonSerializableObject.Value as SelectionRule;
}
}
else
{
var oldSchema = model.GetSchema(OldSchemaName, Properties.Resources.DefaultNamespace);
var oldPropertyType = oldSchema?.GetPropertyType(OldPropertyName);
if (oldPropertyType != null)
{
if (container.GetProperty(oldPropertyType) is IPropertyJsonSerializableObject
jsonSerializableObject)
{
result = jsonSerializableObject.Value as SelectionRule;
container.AddProperty(propertyType, jsonSerializableObject.StringValue);
container.RemoveProperty(oldPropertyType);
}
}
}
}
return(result);
}
private void AddEntityTemplates([NotNull] List <ListItem> list, [NotNull] IThreatModel model, EntityType entityType)
{
var entities = model.EntityTemplates?
.Where(x => x.EntityType == entityType)
.OrderBy(x => x.Name).ToArray();
if (entities?.Any() ?? false)
{
foreach (var entity in entities)
{
List <ItemRow> items = new List <ItemRow>();
items.Add(new TextRow("Description", entity.Description));
items.Add(new TextRow("Item Type", entity.EntityType.GetEnumLabel()));
var itemRows = entity.GetItemRows()?.ToArray();
if (itemRows?.Any() ?? false)
{
items.AddRange(itemRows);
}
list.Add(new ListItem(entity.Name, entity.Id, items));
}
}
}
private IDataFlow GetDataFlow([Required] string msDataFlowId, [NotNull] IThreatModel model,
[NotNull] ObjectPropertySchemaManager schemaManager)
{
IDataFlow result = null;
var dataFlows = model.DataFlows?.ToArray();
if (dataFlows != null)
{
foreach (var dataFlow in dataFlows)
{
var id = schemaManager.GetInstanceId(dataFlow);
if (string.CompareOrdinal(id, msDataFlowId) == 0)
{
result = dataFlow;
break;
}
}
}
return(result);
}
private void _browse_Click(object sender, EventArgs e)
{
if (_openFile.ShowDialog(ActiveForm) == DialogResult.OK)
{
if (_template != null)
{
ThreatModelManager.Remove(_template.Id);
}
_schemas.Items.Clear();
_fileName.Text = _openFile.FileName;
_template = TemplateManager.OpenTemplate(_fileName.Text);
var schemas = _template?.Schemas?.OrderBy(x => x.Name).ToArray();
if (schemas?.Any() ?? false)
{
_schemas.Items.AddRange(schemas);
}
_ok.Enabled = IsValid();
}
}
public IEnumerable <ListItem> GetList(IThreatModel model)
{
IEnumerable <ListItem> result = null;
var flows = model.DataFlows?.OrderBy(x => x.Name).ToArray();
if (flows?.Any() ?? false)
{
var list = new List <ListItem>();
foreach (var flow in flows)
{
var items = new List <ItemRow>();
items.Add(new TextRow("Description", flow.Description));
if (flow.Source != null)
{
items.Add(new TextRow("Source", $"[{flow.Model.GetIdentityTypeInitial(flow.Source)}] {flow.Source.Name}",
null, null, new [] { flow.SourceId }));
}
if (flow.Target != null)
{
items.Add(new TextRow("Target", $"[{flow.Model.GetIdentityTypeInitial(flow.Target)}] {flow.Target.Name}",
null, null, new [] { flow.TargetId }));
}
items.Add(new TextRow("Flow Type", flow.FlowType.GetEnumLabel()));
var itemRows = flow.GetItemRows()?.ToArray();
if (itemRows?.Any() ?? false)
{
items.AddRange(itemRows);
}
list.Add(new ListItem(flow.Name, flow.Id, items));
}
result = list;
}
return(result);
}
public TableItem GetTable([NotNull] IThreatModel model)
{
TableItem result = null;
var threatEvents = model.GetThreatEvents()?
.OrderByDescending(x => x.Severity, new SeverityComparer())
.ThenBy(x => x.Parent.Name)
.ThenBy(x => x.Name)
.ToArray();
if (threatEvents?.Any() ?? false)
{
result = new TableItem(Name, new[]
{
new TableColumn("Threat Event", 200),
new TableColumn("Severity", 50),
new TableColumn("Mitigations", 300)
}, GetCells(threatEvents));
}
return(result);
}
public double Analyze([NotNull] IThreatModel model,
Func <IQualityAnalyzer, IPropertiesContainer, bool> isFalsePositive,
out IEnumerable <object> instances)
{
double result = 0.0;
instances = null;
var entities = model.Entities?.ToArray();
if (entities?.Any() ?? false)
{
var flows = model.DataFlows?.Where(x => !isFalsePositive(this, x)).ToArray();
if (flows?.Any() ?? false)
{
List <object> found = new List <object>();
foreach (var entity in entities)
{
var loopFlow = flows.FirstOrDefault(x => x.SourceId == entity.Id &&
flows.Any(y =>
y.SourceId == x.TargetId && y.TargetId == x.SourceId));
if (loopFlow != null)
{
found.Add(loopFlow);
}
}
result = found.Count;
if (found.Any())
{
instances = found;
}
}
}
return(result);
}
public double Analyze([NotNull] IThreatModel model,
Func <IQualityAnalyzer, IPropertiesContainer, bool> isFalsePositive,
out IEnumerable <object> instances)
{
double result = 0.0;
instances = null;
List <object> items = new List <object>();
if (!isFalsePositive(this, model) && ((model.ThreatEvents?.Count() ?? 0) == 1))
{
items.Add(model);
}
var entities = model.Entities?
.Where(x => !isFalsePositive(this, x) && ((x.ThreatEvents?.Count() ?? 0) == 1)).ToArray();
if (entities?.Any() ?? false)
{
items.AddRange(entities);
}
var flows = model.DataFlows?
.Where(x => !isFalsePositive(this, x) && ((x.ThreatEvents?.Count() ?? 0) == 1)).ToArray();
if (flows?.Any() ?? false)
{
items.AddRange(flows);
}
if (items.Any())
{
result = items.Count;
instances = items;
}
return(result);
}
public double Analyze(IThreatModel model, Func <IQualityAnalyzer, IPropertiesContainer, bool> isFalsePositive, out IEnumerable <object> instances)
{
double result = 0.0;
instances = null;
var found = new List <IIdentity>();
var entities = model.Entities?.Where(x => !isFalsePositive(this, x)).ToArray();
if (entities?.Any() ?? false)
{
foreach (var entity in entities)
{
if (string.IsNullOrWhiteSpace(entity.Name))
{
found.Add(entity);
}
}
}
var flows = model.DataFlows?.Where(x => !isFalsePositive(this, x)).ToArray();
if (flows?.Any() ?? false)
{
foreach (var flow in flows)
{
if (string.IsNullOrWhiteSpace(flow.Name))
{
found.Add(flow);
}
}
}
result = found.Count;
instances = found;
return(result);
}
public bool GetThresholds([NotNull] IThreatModel model,
Func <IQualityAnalyzer, IPropertiesContainer, bool> isFalsePositive,
out double minRed, out double maxRed, out double minYellow, out double maxYellow,
out double minGreen, out double maxGreen)
{
bool result = false;
minRed = 0;
maxRed = 0;
minYellow = double.NaN;
maxYellow = double.NaN;
minGreen = 0;
maxGreen = 0;
var count = (model.Entities?.Select(x => x.ThreatEvents?
.Where(y => !isFalsePositive(this, y)).Count() ?? 0).Sum() ?? 0) +
(model.DataFlows?.Select(x => x.ThreatEvents?
.Where(y => !isFalsePositive(this, y)).Count() ?? 0).Sum() ?? 0) +
(model.ThreatEvents?.Where(x => !isFalsePositive(this, x)).Count() ?? 0);
if (count > 0)
{
minGreen = 0;
maxGreen = 0.49;
minRed = 0.51;
maxRed = 1;
result = true;
}
else
{
minGreen = 0;
maxGreen = 1;
minRed = double.NaN;
maxRed = double.NaN;
}
return(result);
}
public void Initialize([NotNull] IThreatModel model)
{
if (_model != null)
{
Dispose();
}
_model = model;
_model.ChildCreated += ChildCreated;
_model.ChildRemoved += ChildRemoved;
var threats = _model.ThreatTypes?.ToArray();
if (threats?.Any() ?? false)
{
foreach (var threat in threats)
{
threat.ThreatTypeMitigationAdded += Update;
threat.ThreatTypeMitigationRemoved += Update;
}
}
}
private void ImportBaseFlowTemplates([NotNull] ThreatModel source, [NotNull] IThreatModel target)
{
var connectors = source.FlowTypes?
.Where(x => x.IsGeneric)
.ToArray();
if (connectors?.Any() ?? false)
{
var schema = new BaseFlowPropertySchemaManager(target).GetSchema();
if (!(schema.PropertyTypes?.Any(x =>
string.CompareOrdinal("Out of Scope", x.Name) == 0) ?? false))
{
var outOfScope = schema.AddPropertyType("Out of Scope",
PropertyValueType.Boolean);
if (outOfScope != null)
{
outOfScope.Priority = -2;
}
}
if (!(schema.PropertyTypes?.Any(x =>
string.CompareOrdinal("Reason For Out Of Scope", x.Name) == 0) ?? false))
{
var reasonOutOfScope =
schema.AddPropertyType("Reason For Out Of Scope",
PropertyValueType.String);
if (reasonOutOfScope != null)
{
reasonOutOfScope.Priority = -1;
}
}
foreach (var connector in connectors)
{
AddProperties(schema, null, connector.Properties?.ToArray());
}
}
}
private bool UpdateFlows([NotNull] IThreatModel model,
[Required] string oldName, [Required] string oldNamespace, string oldPropertyName,
[Required] string newName, [Required] string newNamespace, string newPropertyName,
[NotNull] IPropertyType propertyType)
{
bool result = false;
var flows = model.DataFlows?.ToArray();
if (flows?.Any() ?? false)
{
foreach (var flow in flows)
{
if (flow.GetProperty(propertyType) is IPropertyJsonSerializableObject property)
{
if (property.Value is SelectionRule selectionRule)
{
if (string.IsNullOrWhiteSpace(oldPropertyName))
{
result |= selectionRule.Root?.UpdateSchema(oldName, oldNamespace, newName, newNamespace) ?? false;
}
else
{
result |= selectionRule.Root?.UpdatePropertyType(oldName, oldNamespace, oldPropertyName, newPropertyName) ?? false;
}
var threatEvents = flow.ThreatEvents?.ToArray();
if (threatEvents?.Any() ?? false)
{
result |= UpdateThreatEvents(threatEvents, oldName, oldNamespace, oldPropertyName, newName, newNamespace, newPropertyName, propertyType);
}
}
}
}
}
return(result);
}
private IProperty InternalAddProperty(IThreatModel model, IPropertyType propertyType, string value)
{
IProperty result = null;
var associatedClass = propertyType.GetType().GetCustomAttributes <AssociatedPropertyClassAttribute>()
.FirstOrDefault();
if (associatedClass != null)
{
var associatedClassType = Type.GetType(associatedClass.AssociatedType, false);
if (associatedClassType != null)
{
result = Activator.CreateInstance(associatedClassType, model, propertyType) as IProperty;
}
}
if (result != null)
{
if (_properties == null)
{
_properties = new List <IProperty>();
}
result.StringValue = value;
_properties.Add(result);
if (Instance is IDirty dirtyObject)
{
dirtyObject.SetDirty();
}
if (Instance is IPropertiesContainer container)
{
_propertyAdded?.Invoke(container, result);
}
result.Changed += OnPropertyChanged;
}
return(result);
}
public void SetObject([NotNull] IThreatModel model, [NotNull] object obj)
{
if (obj is IIdentity identity)
{
_objectContainer.Text = model.GetIdentityTypeName(identity);
_objectName.Text = " " + identity.Name;
_objectName.Image = identity.GetImage(ImageSize.Small);
}
else if (obj is IThreatEventMitigation threatEventMitigation)
{
_objectContainer.Text = "Threat Event Mitigation";
_objectName.Text = " " +
$"Mitigation '{threatEventMitigation.Mitigation.Name}' for '{threatEventMitigation.ThreatEvent.Name}' on '{threatEventMitigation.ThreatEvent.Parent.Name}";
_objectName.Image = Icons.Resources.mitigations_small;
}
else if (obj is IThreatTypeMitigation threatTypeMitigation)
{
_objectContainer.Text = "Threat Type Mitigation";
_objectName.Text = " " +
$"Mitigation '{threatTypeMitigation.Mitigation.Name}' for '{threatTypeMitigation.ThreatType.Name}'";
_objectName.Image = Icons.Resources.standard_mitigations_small;
}
}
public bool IsVisible(object item)
{
bool result = false;
IThreatModel model = null;
if (item is IThreatModelChild child)
{
model = child.Model;
}
else if (item is IThreatModel threatModel)
{
model = threatModel;
}
if (model != null && item is IPropertiesContainer container)
{
var schemaManager = new AnnotationsPropertySchemaManager(model);
result = !schemaManager.AreAnnotationsEnabled(container);
}
return(result);
}
public void Execute([NotNull] IThreatModel model)
{
var schemaManager = new DevOpsConfigPropertySchemaManager(model);
var iteration = schemaManager.CurrentIteration ?? schemaManager.PreviousIteration;
if (iteration != null)
{
var extensionId = ExtensionUtils.GetExtensionByLabel <IConfigurationPanelFactory <Form> >(
"Extensions Configuration Panel")?.GetExtensionId();
if (extensionId != null)
{
var normalizationReference = model.GetExtensionConfiguration(extensionId)?
.GlobalGet <int>("normalization") ?? 0;
var risk = model.EvaluateRisk(normalizationReference);
if (risk > 0f)
{
schemaManager.SetIterationRisk(iteration, risk);
}
}
}
}
public IEnumerable <ChartItem> GetChart([NotNull] IThreatModel model)
{
IEnumerable <ChartItem> result = null;
var severities = model.Severities?
.Where(x => x.Visible && x.Id > 0)
.OrderByDescending(x => x.Id).ToArray()
.ToArray();
if (severities?.Any() ?? false)
{
var list = new List <ChartItem>();
foreach (var severity in severities)
{
list.Add(new ChartItem(severity.Name, model.CountThreatEventsByType(severity), severity.BackColor));
}
result = list;
}
return(result);
}
/// <summary>
/// Serializes a Threat Model as Json.
/// </summary>
/// <param name="model">Threat Model to be serialized.</param>
/// <returns>Serialized Json of the Threat Model, as byte array.</returns>
public static byte[] Serialize([NotNull] IThreatModel model)
{
StringBuilder sb = new StringBuilder();
StringWriter sw = new StringWriter(sb);
using (JsonWriter writer = new JsonTextWriter(sw))
{
var serializer = new JsonSerializer {
TypeNameHandling = TypeNameHandling.All, MaxDepth = 128, Formatting = Formatting.Indented
};
serializer.Serialize(writer, model);
}
var buf = Encoding.Unicode.GetBytes(sb.ToString());
var result = new byte[buf.Length + 2];
result[0] = 0xFF;
result[1] = 0xFE;
buf.CopyTo(result, 2);
return(result);
}
public void ExecuteRibbonAction(IThreatModel threatModel, IActionDefinition action)
{
try
{
switch (action.Name)
{
case "ImportAzure":
threatModel.AddEntity <IProcess>("Azure Function");
threatModel.AddEntity <IProcess>("Azure ML");
threatModel.AddEntity <IDataStore>("Azure SQL");
threatModel.AddEntity <IDataStore>("Azure Storage Blob");
ShowMessage?.Invoke("Import Azure Subscription succeeded.");
break;
}
}
catch
{
ShowWarning?.Invoke("Import Azure Subscription failed.");
}
}
private int ImportDataFlows([NotNull] ThreatModel source, [NotNull] IThreatModel target)
{
int result = 0;
var flows = source.Flows;
if (flows?.Any() ?? false)
{
var entitiesSchemaManager = new EntitiesPropertySchemaManager(target);
var dataFlowsSchemaManager = new DataFlowsPropertySchemaManager(target);
var schema = dataFlowsSchemaManager.GetSchema();
foreach (var flow in flows)
{
var sourceEntity = GetEntity(flow.SourceGuid.ToString(), target, entitiesSchemaManager);
var targetEntity = GetEntity(flow.TargetGuid.ToString(), target, entitiesSchemaManager);
if (sourceEntity != null && targetEntity != null)
{
var dataFlow = target.AddDataFlow(flow.Name, sourceEntity.Id, targetEntity.Id);
if (dataFlow != null)
{
dataFlowsSchemaManager.SetMsTmtDataFlowId(dataFlow, flow.FlowId.ToString());
var properties = flow.Properties?.ToArray();
AddProperties(schema, dataFlow, properties);
}
IDiagram diagram = target.Diagrams?.FirstOrDefault(x =>
string.CompareOrdinal(x.Name, flow.PageName) == 0);
diagram?.AddLink(dataFlow);
result++;
}
}
}
return(result);
}
public static bool GenerateThreatEvents(this IThreatModel model)
{
bool result = false;
var schemaManager = new AutoThreatGenPropertySchemaManager(model);
var propertyType = schemaManager.GetPropertyType();
if (propertyType is IJsonSerializableObjectPropertyType jsonPropertyType)
{
var threatTypes = model.ThreatTypes?.Where(x => x.HasProperty(jsonPropertyType)).ToArray();
if (threatTypes?.Any() ?? false)
{
ApplyThreatTypes(model, threatTypes, jsonPropertyType);
var entities = model.Entities?.ToArray();
if (entities?.Any() ?? false)
{
foreach (var entity in entities)
{
ApplyThreatTypes(entity, threatTypes, jsonPropertyType);
}
}
var dataFlows = model.DataFlows?.ToArray();
if (dataFlows?.Any() ?? false)
{
foreach (var dataFlow in dataFlows)
{
ApplyThreatTypes(dataFlow, threatTypes, jsonPropertyType);
}
}
result = true;
}
}
return(result);
}
