Skip to content
Snippets Groups Projects
Select Git revision
  • master default protected
1 result

cpss-cosim

  • Clone with SSH
  • Clone with HTTPS
  • user avatar
    mstevic authored
    da655238
    History

    pn-cpss-cosim

    Cyber-Physical-Social System Co-simulator for analysis of attack trees based on Petri Nets (PN) and Continuous-Time Markov Chains (CTMC).
    This repository represents software for the simulation phase of the CPSS Co-simulator.

    Installation

    For standalone execution without docker environment check Standalone for Linux and Standalone-windows for Windows.

    Installation (Ubuntu 16.04/18.04/20.04 )

    Install docker and docker-compose. Please follow instaructions at,

    https://docs.docker.com/engine/install/ubuntu/ and https://docs.docker.com/compose/install/ .

    Note: The actions above require an internet-connection and admin access.

    After that you can copy(via WinSCP), git clone or download repository to an empty directory, then follow instructions at Execution section.

    Installation (Docker for Windows)

    Prepare the docker-environment by following the installation instructions from: https://docs.docker.com/docker-for-windows/install/

    Allow the execution of Powershell-Scripts (.ps1), by executing in an administrator PowerShell:

    Set-ExecutionPolicy remotesigned

    Open Docker-Settings

    Allow Drive-Access to C:

    Jump into the project directory. Then build the docker-image

    ./build.ps1

    Note: The actions above require an internet-connection.

    The image can then be started via:

    ./start.ps1

    Execution

    For production deployment i.e. along with other services, please refer to Deployment.

    Clone or extract contents of this repository to a directory(e.g. cosim_home). Then copy contents of copy_in_parent directory to the same directory. Directory structure should look like,

    cosim_home/
    __ all_configs.env
    __ docker-compose.yml
    __ pn-cpss-cosim(original repository directory)

    Follow the instructions at section Installation. After docker-compose is installed then navigate to coism_home in command line or terminal and run

    command: sudo docker-compose up --build

    To stop the application press Ctrl + C, then

    command: sudo docker-compose down

    For standalone execution without docker environment check Standalone .
    This page also contains a scetion on how to run without docker on Windows at bottom.

    Functionalities

    f7

    Endpoint: http://ip_addr:port/api/f7
    Parsing logic: src/parsers/jsonparser_in_F7.py
    config properties: props_f7 in config file

    F7 api is used to predict probabilities based on current compromise event. It returns a time series of probability values for all nodes in current tree. Length of time series can be configured for each attack tree separately in json_files/attack_tree_models/AttackModel_merged.json.

    f8

    Endpoint: http://ip_addr:port/api/f8
    Parsing logic: src/parsers/jsonparser_in_F8.py
    config properties: props_f8 in config file

    F8 api is used to measure effectiveness of countermeasure. It simulate in the same manner as F7 via CTMC but considers mitigations. It returns time series of of probability values for all nodes in current tree along with probability of safe state.

    Configuration

    all_configs.env is used to configure the behaviour of the simulator. It is located in copy_in_parent folder and needs to be copied to the same directory where repositiry was cloned into. This usually means one level up. docker_compose.yml also needs to be copied.

    props_fX

    props_f7 and props_f8 respectively used to specify properties of f7 and f8 endpoints. They define four properties:

    Property Description Default value
    cosimulator__props_fX__in_foldername
    input folder for fX endpoint(check Testing section below) None
    cosimulator__props_fX__out_endpoint
    endpoint to which simulation result is sent None
    cosimulator__props_f7__out_response_type
    string, file or json json
    cosimulator__props_f7__deactivate_endpoint
    flag to deactivate server interface of fX false
    cosimulator__props_f7__output_path
    location in container for storing f6 files json_files/output_files/op_fX

    Cache configurations

    These properties are used to connect to cache service. They do not have any default value configured. For mode details how cache is used in cosimulator check Persistence Layer.

    Property Description Example
    cosimulator__cache_host
    cache service name as per docker-compose.yml cache-cpss-cosim
    cosimulator__cache_port
    cache service port inside docker network 6379
    cosimulator__cache_lifetime_in_seconds
    expiry time of cached objects 3600
    cosimulator__cache_max_retry
    max no of retry if cache service is unreachable, after that error is reported 3

    Other configurations

    These properties are also part of all_configs.env. But it is recommened not to change them.

    Property Description Default value
    cosimulator__sim_debug
    generate plots of probability values for all nodes false
    cosimulator__no_record
    disable f6 file retention false
    cosimulator__reduced_record
    disable original propbability time series retention (before down-sampling) true
    cosimulator__append_correlated_events
    enable additionalInfo attribute from F7 to be appended in F6 false
    cosimulator__alternate_norm
    use alternate normalization approach to get CDF false

    Logging configuration

    The logging-config-file is used to configure the behaviour of the simulator.

    Property Description Default property
    log_file_name relative file path to log file ../simulator_api.log
    log_format format of each log line
    max_log_size log file max size in MB 300MB
    max_old_logs max no of backup logs 5
    log_level level of detail in log INFO
    console_level level of detail in print DEBUG
    enable_console_log command line output enable? False

    API

    If no test input is configured when executed as Flask app or in case executed as Gunicorn app, an HTTP-Server spins up and serves a REST-ful API on port 8080. The API-Endpoints and formats are described in the corresponding OpenAPI-YAML.

    It can be tested with curl (for example in git bash) by sending the input file like so:

    curl http://localhost:8080/api/f7 -T json_files/test_input_f7/valid/in_f7_T2_3.2_cEvent_ENG.json
    
    curl http://localhost:8080/api/f8 -T json_files/test_input_f8/valid/in_f8_T2_3.2_cEvent_ENG.json

    This call will instantly return OK (Status 202) if the JSON-input could be parsed correctly. The simulation will run asynchronuously in a separate thread, thus the simulation-result is not reflected by this answer.

    Testing

    Now it supports testing before application start up for both th API i.e. f7 and f8. This can be used in case of execution as flask app, gunicorn app or in docker container.
    To use this feature, put the request json input in respective json_files/test_json_input_fX (X = 7 or 8) folder.
    Notice that there are two subfolders inside in both cases.

    'valid' : any possible test cases, assert successful start up of simulation of execution
    'invalid' : currently only node not found test case is included, asserts trigger of exception

    It should be noted that all these files will be executed sequentially. The folder paths are configurable in json_files/config.json as input_foldername in respective props_fX attribute.