simonec73 · kalyancheerla · Apr 3, 2023 · Apr 3, 2023 · Apr 3, 2023 · Apr 3, 2023
diff --git a/Samples/SampleThreatModelGenerator/ModelLoader.cs b/Samples/SampleThreatModelGenerator/ModelLoader.cs
@@ -0,0 +1,61 @@
+using System;
+using System.Collections.Generic;
+using System.Configuration;
+using System.Linq;
+using System.Text.RegularExpressions;
+using ThreatsManager.Engine;
+using ThreatsManager.Interfaces;
+using ThreatsManager.Interfaces.ObjectModel;
+using ThreatsManager.Utilities;
+using ThreatsManager.AutoThreatGeneration.Initializers;
+
+namespace SampleThreatModelGenerator
+{
+    class ModelLoader
+    {
+        private List<string> _missingTypes = new List<string>();
+
+        public ModelLoader()
+        {
+            KnownTypesBinder.TypeNotFound += OnTypeNotFound;
+            ExtensionsConfigurationManager.SetConfigurationUserLevel(ConfigurationUserLevel.None);
+            Manager.Instance.LoadExtensions(ExecutionMode.Simplified);
+            Manager.Instance.ApplyExtensionInitializers();
+        }
+
+        private void OnTypeNotFound(string assemblyName, string typeName)
+        {
+            if (string.CompareOrdinal(assemblyName, "mscorlib") == 0)
+            {
+                var regex = new Regex(@"\[\[(?<class>[.\w]*), (?<assembly>[.\w]*)\]\]");
+                var match = regex.Match(typeName);
+                if (match.Success)
+                {
+                    assemblyName = match.Groups["assembly"].Value;
+                    typeName = match.Groups["class"].Value;
+                }
+            }
+            var name = $"{assemblyName}#{typeName}";
+
+            if (!_missingTypes.Contains(name))
+            {
+                _missingTypes.Add(name);
+                var parts = typeName.Split('.');
+                Console.WriteLine($"Document uses type {parts.Last()} from {assemblyName}, which is unknown.\nThe document will be loaded but some information may be missing.");
+            }
+        }
+
+        public IThreatModel LoadDefaultModel()
+        {
+            var autoGenRuleInitializer = new AutoGenRuleInitializer();
+            autoGenRuleInitializer.Initialize();
+
+            // Create a default threat model instance
+            var model = ThreatModelManager.GetDefaultInstance();
+            model.Name = "Threat Model";
+
+            return model;
+        }
+    }
+}
+
diff --git a/Samples/SampleThreatModelGenerator/Program.cs b/Samples/SampleThreatModelGenerator/Program.cs
@@ -0,0 +1,87 @@
+using System.IO;
+using ThreatsManager.Interfaces.ObjectModel.Entities;
+using ThreatsManager.Utilities;
+using ThreatsManager.Packaging;
+using System.Drawing;
+using System;
+
+namespace SampleThreatModelGenerator
+{
+    internal class Program
+    {
+        static void Main(string[] args)
+        {
+            if (args.Length == 1 && !File.Exists(args[0]))
+            {
+                // initialize the threatmodel
+                var loader = new ModelLoader();
+                var model = loader.LoadDefaultModel();
+
+                // add diagram
+                var diagram = model.AddDiagram("Diagram 1");
+
+                // add external interactor
+                var externalinteractor = model.AddEntity<IExternalInteractor>("User");
+                diagram.AddShape(externalinteractor, new PointF(-300, 200));
+
+                // add trust boundary
+                var trustboundary = model.AddGroup<ITrustBoundary>("Trust Boundary 1");
+                diagram.AddGroupShape(trustboundary.Id, new PointF(300, 100), new SizeF(500, 200));
+
+                // add processes and their shapes, parents
+                var process1 = model.AddEntity<IProcess>("Web Front-End");
+                diagram.AddShape(process1, new PointF(100, 50));
+                process1.SetParent(trustboundary);
+
+                var process2 = model.AddEntity<IProcess>("Exposed APIs");
+                diagram.AddShape(process2, new PointF(100, 350));
+                process2.SetParent(trustboundary);
+
+                var process3 = model.AddEntity<IProcess>("Serverless BL");
+                diagram.AddShape(process3, new PointF(500, 50));
+                process3.SetParent(trustboundary);
+
+                var datastore = model.AddEntity<IDataStore>("Database");
+                diagram.AddShape(datastore, new PointF(500, 350));
+                datastore.SetParent(trustboundary);
+
+                var process4 = model.AddEntity<IProcess>("On-premises systems");
+                diagram.AddShape(process4, new PointF(900, 50));
+
+                // add dataflows between them
+                var dataflow1 = model.AddDataFlow("Get static content", externalinteractor.Id, process1.Id);
+                diagram.AddLink(dataflow1);
+
+                var dataflow2 = model.AddDataFlow("Get/set data", externalinteractor.Id, process2.Id);
+                diagram.AddLink(dataflow2);
+
+                var dataflow3 = model.AddDataFlow("Get/set data into DB", process2.Id, datastore.Id);
+                diagram.AddLink(dataflow3);
+
+                var dataflow4 = model.AddDataFlow("Get data from DB", process3.Id, datastore.Id);
+                diagram.AddLink(dataflow4);
+
+                var dataflow5 = model.AddDataFlow("Push to on-premises", process3.Id, process4.Id);
+                diagram.AddLink(dataflow5);
+
+                // set output file
+                string output_file = args[0];
+
+                // Save the model to a file in JSON format.
+                var fileName = output_file;
+                var json = ThreatModelManager.Serialize(model);
+                var package = Package.Create(fileName);
+                package.Add("threatmodel.json", json);
+                package.Save();
+            }
+            else if (args.Length == 1)
+            {
+                Console.WriteLine($"Specify non-existent filename as {args[0]} already exists.");
+            }
+            else
+            {
+                Console.WriteLine("Provide output filename in cmd line args.");
+            }
+        }
+    }
+}
diff --git a/Samples/SampleThreatModelGenerator/README.md b/Samples/SampleThreatModelGenerator/README.md
@@ -0,0 +1,14 @@
+# SampleThreatModelGenerator
+
+A very simple program to generate a sample threat model as shown below.
+
+- The ModelLoader.cs initializes the ThreatModel engine.
+- In the Main program, entities like external interactors, processes, datastores and trustboundaries and other dataflow links were added as required like in below image,
+
+
+![A Sample Model](./Resources/sample.png)
+
+- Final output that will be generated is as shown below,
+
+
+![Output.png](./Resources/output.png)
diff --git a/Samples/SampleThreatModelGenerator/Resources/output.png b/Samples/SampleThreatModelGenerator/Resources/output.png
diff --git a/Samples/SampleThreatModelGenerator/Resources/sample.png b/Samples/SampleThreatModelGenerator/Resources/sample.png
diff --git a/Samples/SampleThreatModelGenerator/SampleThreatModelGenerator.csproj b/Samples/SampleThreatModelGenerator/SampleThreatModelGenerator.csproj
@@ -0,0 +1,114 @@
+<?xml version="1.0" encoding="utf-8"?>
+<Project ToolsVersion="15.0" xmlns="http://schemas.microsoft.com/developer/msbuild/2003">
+  <Import Project="$(MSBuildExtensionsPath)\$(MSBuildToolsVersion)\Microsoft.Common.props" Condition="Exists('$(MSBuildExtensionsPath)\$(MSBuildToolsVersion)\Microsoft.Common.props')" />
+  <PropertyGroup>
+    <Configuration Condition=" '$(Configuration)' == '' ">Debug</Configuration>
+    <Platform Condition=" '$(Platform)' == '' ">AnyCPU</Platform>
+    <ProjectGuid>{716D8BC8-8F05-4C21-B024-8F2BA25AACA7}</ProjectGuid>
+    <OutputType>Exe</OutputType>
+    <RootNamespace>SampleThreatModelGenerator</RootNamespace>
+    <AssemblyName>SampleThreatModelGenerator</AssemblyName>
+    <TargetFrameworkVersion>v4.7.2</TargetFrameworkVersion>
+    <FileAlignment>512</FileAlignment>
+    <AutoGenerateBindingRedirects>true</AutoGenerateBindingRedirects>
+    <Deterministic>true</Deterministic>
+    <SccProjectName>SAK</SccProjectName>
+    <SccLocalPath>SAK</SccLocalPath>
+    <SccAuxPath>SAK</SccAuxPath>
+    <SccProvider>SAK</SccProvider>
+  </PropertyGroup>
+  <PropertyGroup Condition=" '$(Configuration)|$(Platform)' == 'Debug|AnyCPU' ">
+    <PlatformTarget>AnyCPU</PlatformTarget>
+    <DebugSymbols>true</DebugSymbols>
+    <DebugType>full</DebugType>
+    <Optimize>false</Optimize>
+    <OutputPath>bin\Debug\</OutputPath>
+    <DefineConstants>DEBUG;TRACE</DefineConstants>
+    <ErrorReport>prompt</ErrorReport>
+    <WarningLevel>4</WarningLevel>
+  </PropertyGroup>
+  <PropertyGroup Condition=" '$(Configuration)|$(Platform)' == 'Release|AnyCPU' ">
+    <PlatformTarget>AnyCPU</PlatformTarget>
+    <DebugType>pdbonly</DebugType>
+    <Optimize>true</Optimize>
+    <OutputPath>bin\Release\</OutputPath>
+    <DefineConstants>TRACE</DefineConstants>
+    <ErrorReport>prompt</ErrorReport>
+    <WarningLevel>4</WarningLevel>
+  </PropertyGroup>
+  <ItemGroup>
+    <Reference Include="Newtonsoft.Json, Version=13.0.0.0, Culture=neutral, PublicKeyToken=30ad4fe6b2a6aeed, processorArchitecture=MSIL">
+      <HintPath>..\packages\Newtonsoft.Json.13.0.1\lib\net45\Newtonsoft.Json.dll</HintPath>
+    </Reference>
+    <Reference Include="PostSharp, Version=6.10.5.0, Culture=neutral, PublicKeyToken=b13fd38b8f9c99d7, processorArchitecture=MSIL">
+      <HintPath>..\packages\PostSharp.Redist.6.10.5\lib\net45\PostSharp.dll</HintPath>
+    </Reference>
+    <Reference Include="PostSharp.Patterns.Aggregation, Version=6.10.5.0, Culture=neutral, PublicKeyToken=e7f631e6ce13f078, processorArchitecture=MSIL">
+      <HintPath>..\packages\PostSharp.Patterns.Aggregation.Redist.6.10.5\lib\net45\PostSharp.Patterns.Aggregation.dll</HintPath>
+    </Reference>
+    <Reference Include="PostSharp.Patterns.Common, Version=6.10.5.0, Culture=neutral, PublicKeyToken=e7f631e6ce13f078, processorArchitecture=MSIL">
+      <HintPath>..\packages\PostSharp.Patterns.Common.Redist.6.10.5\lib\net47\PostSharp.Patterns.Common.dll</HintPath>
+    </Reference>
+    <Reference Include="PostSharp.Patterns.Model, Version=6.10.5.0, Culture=neutral, PublicKeyToken=e7f631e6ce13f078, processorArchitecture=MSIL">
+      <HintPath>..\packages\PostSharp.Patterns.Model.Redist.6.10.5\lib\net45\PostSharp.Patterns.Model.dll</HintPath>
+    </Reference>
+    <Reference Include="PostSharp.Patterns.Threading, Version=6.10.5.0, Culture=neutral, PublicKeyToken=e7f631e6ce13f078, processorArchitecture=MSIL">
+      <HintPath>..\packages\PostSharp.Patterns.Threading.Redist.6.10.5\lib\net45\PostSharp.Patterns.Threading.dll</HintPath>
+    </Reference>
+    <Reference Include="System" />
+    <Reference Include="System.ComponentModel.Composition" />
+    <Reference Include="System.Configuration" />
+    <Reference Include="System.Configuration.ConfigurationManager, Version=6.0.0.0, Culture=neutral, PublicKeyToken=cc7b13ffcd2ddd51, processorArchitecture=MSIL">
+      <HintPath>..\packages\System.Configuration.ConfigurationManager.6.0.0\lib\net461\System.Configuration.ConfigurationManager.dll</HintPath>
+    </Reference>
+    <Reference Include="System.Core" />
+    <Reference Include="System.Data.OracleClient" />
+    <Reference Include="System.Drawing" />
+    <Reference Include="System.Drawing.Common, Version=6.0.0.0, Culture=neutral, PublicKeyToken=cc7b13ffcd2ddd51, processorArchitecture=MSIL">
+      <HintPath>..\packages\System.Drawing.Common.6.0.0\lib\net461\System.Drawing.Common.dll</HintPath>
+    </Reference>
+    <Reference Include="System.Net" />
+    <Reference Include="System.Security" />
+    <Reference Include="System.Security.AccessControl, Version=6.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a, processorArchitecture=MSIL">
+      <HintPath>..\packages\System.Security.AccessControl.6.0.0\lib\net461\System.Security.AccessControl.dll</HintPath>
+    </Reference>
+    <Reference Include="System.Security.Cryptography.ProtectedData, Version=6.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a, processorArchitecture=MSIL">
+      <HintPath>..\packages\System.Security.Cryptography.ProtectedData.6.0.0\lib\net461\System.Security.Cryptography.ProtectedData.dll</HintPath>
+    </Reference>
+    <Reference Include="System.Security.Permissions, Version=6.0.0.0, Culture=neutral, PublicKeyToken=cc7b13ffcd2ddd51, processorArchitecture=MSIL">
+      <HintPath>..\packages\System.Security.Permissions.6.0.0\lib\net461\System.Security.Permissions.dll</HintPath>
+    </Reference>
+    <Reference Include="System.Security.Principal.Windows, Version=5.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a, processorArchitecture=MSIL">
+      <HintPath>..\packages\System.Security.Principal.Windows.5.0.0\lib\net461\System.Security.Principal.Windows.dll</HintPath>
+    </Reference>
+    <Reference Include="System.ServiceProcess" />
+    <Reference Include="System.Transactions" />
+    <Reference Include="System.Xml.Linq" />
+    <Reference Include="System.Data.DataSetExtensions" />
+    <Reference Include="Microsoft.CSharp" />
+    <Reference Include="System.Data" />
+    <Reference Include="System.Net.Http" />
+    <Reference Include="System.Xml" />
+    <Reference Include="ThreatsManager.Engine, Version=1.5.2.0, Culture=neutral, PublicKeyToken=e345404a827fb4c3, processorArchitecture=MSIL">
+      <HintPath>..\packages\ThreatsManager.Engine.1.5.2\lib\net472\ThreatsManager.Engine.dll</HintPath>
+    </Reference>
+    <Reference Include="ThreatsManager.Interfaces, Version=1.5.2.0, Culture=neutral, PublicKeyToken=e345404a827fb4c3, processorArchitecture=MSIL">
+      <HintPath>..\packages\ThreatsManager.Interfaces.1.5.2\lib\net472\ThreatsManager.Interfaces.dll</HintPath>
+    </Reference>
+    <Reference Include="ThreatsManager.Packaging, Version=1.5.2.0, Culture=neutral, PublicKeyToken=e345404a827fb4c3, processorArchitecture=MSIL">
+      <HintPath>..\packages\ThreatsManager.Packaging.1.5.2\lib\net472\ThreatsManager.Packaging.dll</HintPath>
+    </Reference>
+    <Reference Include="ThreatsManager.Utilities, Version=1.5.2.0, Culture=neutral, PublicKeyToken=e345404a827fb4c3, processorArchitecture=MSIL">
+      <HintPath>..\packages\ThreatsManager.Utilities.1.5.2\lib\net472\ThreatsManager.Utilities.dll</HintPath>
+    </Reference>
+  </ItemGroup>
+  <ItemGroup>
+    <ProjectReference Include="..\..\Sources\Extensions\ThreatsManager.AutoThreatGeneration\ThreatsManager.AutoThreatGeneration.csproj" />
+  </ItemGroup>
+  <ItemGroup>
+    <Compile Include="ModelLoader.cs" />
+    <Compile Include="Program.cs" />
+  </ItemGroup>
+  <ItemGroup />
+  <Import Project="$(MSBuildToolsPath)\Microsoft.CSharp.targets" />
+</Project>
diff --git a/Samples/Samples.sln b/Samples/Samples.sln
@@ -9,6 +9,8 @@ Project("{FAE04EC0-301F-11D3-BF4B-00C04F79EFBC}") = "SampleWinFormExtensions", "
 EndProject
 Project("{FAE04EC0-301F-11D3-BF4B-00C04F79EFBC}") = "SimpleThreatModelAnalyzer", "SimpleThreatModelAnalyzer\SimpleThreatModelAnalyzer.csproj", "{02557E72-71EE-493B-9A7B-21BC743BAF22}"
 EndProject
+Project("{FAE04EC0-301F-11D3-BF4B-00C04F79EFBC}") = "SampleThreatModelGenerator", "SampleThreatModelGenerator\SampleThreatModelGenerator.csproj", "{716D8BC8-8F05-4C21-B024-8F2BA25AACA7}"
+EndProject
 Global
 	GlobalSection(SolutionConfigurationPlatforms) = preSolution
 		Debug|Any CPU = Debug|Any CPU
@@ -27,6 +29,10 @@ Global
 		{02557E72-71EE-493B-9A7B-21BC743BAF22}.Debug|Any CPU.Build.0 = Debug|Any CPU
 		{02557E72-71EE-493B-9A7B-21BC743BAF22}.Release|Any CPU.ActiveCfg = Release|Any CPU
 		{02557E72-71EE-493B-9A7B-21BC743BAF22}.Release|Any CPU.Build.0 = Release|Any CPU
+		{716D8BC8-8F05-4C21-B024-8F2BA25AACA7}.Debug|Any CPU.ActiveCfg = Debug|Any CPU
+		{716D8BC8-8F05-4C21-B024-8F2BA25AACA7}.Debug|Any CPU.Build.0 = Debug|Any CPU
+		{716D8BC8-8F05-4C21-B024-8F2BA25AACA7}.Release|Any CPU.ActiveCfg = Release|Any CPU
+		{716D8BC8-8F05-4C21-B024-8F2BA25AACA7}.Release|Any CPU.Build.0 = Release|Any CPU
 	EndGlobalSection
 	GlobalSection(SolutionProperties) = preSolution
 		HideSolutionNode = FALSE