private void AddPotentialMitigations(PotentialMitigationsTypeMitigation mitigation)
{
if (mitigation != null)
{
if (PotentialMitigations == null)
{
PotentialMitigations = new List <PotentialMitigation>();
}
PotentialMitigations.Add(new PotentialMitigation(mitigation.Phase.Select(x => x.ToString()),
mitigation.Strategy.ToString(), mitigation.Description.ConvertToString(), mitigation.Effectiveness.ToString()));
}
}
internal AttackPatternNode([NotNull] MitreGraph graph, [NotNull] AttackPatternType attackPattern) : base(graph, "CAPEC", attackPattern.ID)
{
if (attackPattern.Status == StatusEnumeration.Deprecated || attackPattern.Status == StatusEnumeration.Obsolete)
{
throw new ArgumentException(Properties.Resources.InvalidStatus, "attackPattern");
}
Name = attackPattern.Name;
Description = attackPattern.Description.ConvertToString();
if (Enum.TryParse <Evaluation>(attackPattern.Likelihood_Of_Attack.ToString(), out var likelihood))
{
Likelihood = likelihood;
}
else
{
Likelihood = Evaluation.Unknown;
}
if (Enum.TryParse <Evaluation>(attackPattern.Typical_Severity.ToString(), out var severity))
{
Severity = severity;
}
else
{
Severity = Evaluation.Unknown;
}
#region Add relationships.
var relAttackPatterns = attackPattern.Related_Attack_Patterns?.ToArray();
if (relAttackPatterns?.Any() ?? false)
{
foreach (var a in relAttackPatterns)
{
if (Enum.TryParse <RelationshipType>(a.Nature.ToString(), out var relType))
{
AddRelationship(relType, "CAPEC", a.CAPEC_ID);
}
}
}
var relWeaknesses = attackPattern.Related_Weaknesses?.ToArray();
if (relWeaknesses?.Any() ?? false)
{
foreach (var w in relWeaknesses)
{
AddRelationship(RelationshipType.Leverages, "CWE", w.CWE_ID);
}
}
#endregion
#region Add Consequences.
var consequences = attackPattern.Consequences?.ToArray();
if (consequences?.Any() ?? false)
{
foreach (var consequence in consequences)
{
AddConsequence(consequence);
}
}
#endregion
#region Add Potential Mitigations.
var potentialMitigations = attackPattern.Mitigations?.ToArray();
if (potentialMitigations?.Any() ?? false)
{
if (PotentialMitigations == null)
{
PotentialMitigations = new List <PotentialMitigation>();
}
foreach (var potentialMitigation in potentialMitigations)
{
PotentialMitigations.Add(new PotentialMitigation(null, null,
potentialMitigation.ConvertToString(), null));
}
}
#endregion
#region Add Taxonomy Mappings.
var taxonomyMappings = attackPattern.Taxonomy_Mappings?.ToArray();
if (taxonomyMappings?.Any() ?? false)
{
foreach (var taxonomyMapping in taxonomyMappings)
{
AddTaxonomyMapping(taxonomyMapping);
}
}
#endregion
}
