Bumps jgraph/drawio from 18.1.3 to 19.0.3.

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Summary: This enhancement allows to split attack graphs over several pages and makes functions and default attributes available on every page.

This PR introduces a special "link" node that connects two nodes on different pages together. It is depicted as a circle and contains a label (content of the node). In order to connect the two nodes, both the source and destination link node must have the same label. Furthermore, the source node (with an incoming edge) must have a link to the page where the destination link node resides. Creating the link is possible by right-clicking on the source link node and selecting Edit Link. In the drop-down menu (2nd bullet point) select the corresponding page.

Source link node (label A, link to Sub-Step 1):

Destiantion link node (label A, stored on page Sub-Step 1):

Closes #17.

Furthermore, this PR makes the default attributes, computed attributes functions, and aggregation functions available on every page of the diagram. They are not copied and hence changing them on one page also changes them on the other pages.

Closes #6.

The following TODOs must be completed before this PR can be merged:

• [x] Update sensitivity analysis to cache and write to cells across all pages
• [x] Changes to default attributes, aggregation functions, and computed attributes functions are only saved when saving on the first page
• [x] Update templates and define default functions for the new link node
• [x] Indicate whether a source link node is connected to a destination link node.
• [x] Create documenation on link nodes and how to use them in attack graphs
• [x] Moving the first page causes trouble for the default attributes, aggregation functions, and computed attributes functions
• [x] Display the source pages on destination link nodes, e.g., inside the tooltip
• [ ] (optional) Create test cases for this new feature
• [ ] (optional) Find a better way to store the default attributes, aggregation functions, and computed attributes functions for global access

The plugin conveniently adds some templates already containing the configured default attributes to draw.io's sidebar.

However, also non-leave nodes (currently, only the one marked in the figure) have the default attributes pre-configured which disturbes the workflow of creating an attack graph. If non-leave nodes have attributes and the attributes have default values configured, the comparison is unnecessarily activated.

<mxGraphModel dx="1102" dy="857" grid="1" gridSize="10" guides="1" tooltips="1" connect="1" arrows="1" fold="1" page="1" pageScale="1" pageWidth="583" pageHeight="827" math="0" shadow="0">
  <root>
    <object id="0">
      <ag_global_attributes>
        <ag_global_attribute name="Testattribut" value="0" iconName="" min="0" max="4" />
      </ag_global_attributes>
      <ag_attributes />
      <ag_computed_attributes />
      <mxCell />
    </object>
    <object id="1">
      <ag_attributes />
      <ag_computed_attributes />
      <mxCell parent="0" />
    </object>
    <object label="Activity" Testattribut="3" id="tVLiphedjEk2YKl1oAa3-1">
      <ag_attributes />
      <ag_computed_attributes />
      <mxCell style="shape=attackgraphs.node;" parent="1" vertex="1">
        <mxGeometry x="210" y="250" width="150" height="75" as="geometry" />
      </mxCell>
    </object>
    <object id="tVLiphedjEk2YKl1oAa3-3">
      <ag_attributes />
      <ag_computed_attributes />
      <mxCell style="rounded=0;orthogonalLoop=1;jettySize=auto;html=1;strokeWidth=2;" parent="1" source="tVLiphedjEk2YKl1oAa3-4" target="tVLiphedjEk2YKl1oAa3-1" edge="1">
        <mxGeometry relative="1" as="geometry" />
      </mxCell>
    </object>
    <object label="Activity" Testattribut="0" id="tVLiphedjEk2YKl1oAa3-4">
      <ag_attributes Testattribut="3" />
      <ag_computed_attributes />
      <ag_aggregation_custom_function ag_aggregation_custom_function="function(c){&#xa;    var result = 0;&#xa;    c.childAttributes.forEach(function(child){&#xa;        result += parseInt(child.attributes[&quot;Testattribut&quot;]);&#xa;    })&#xa;    return {&quot;Testattribut&quot;: result};&#xa;}" />
      <mxCell style="shape=attackgraphs.node;" vertex="1" parent="1">
        <mxGeometry x="210" y="130" width="150" height="75" as="geometry" />
      </mxCell>
    </object>
  </root>
</mxGraphModel>

This PR introduces a feature to highlight critical paths in an attack graph. Aggregtation functions can set a hidden attribute _marking with the ID of the child node to mark the edge from the node to the specified child node. Therefore, the collection object passed to the aggregation functions now includes the ID of all child nodes and the ID of the node itself.

Markings are only shown if a node is selected. Additionally, it only shows the critical path from the selected node "downwards". The following shows how an examplary marking looks when selecting a node:

The aggregation functions for the TS 50701 template were updated to include the _marking attribute in aggregations. For the AND function all outgoing edges are marked because it doesn't make sense to mark a specific child node as critical for the worst likelihood/risk. Hence, all outgoing edges are marked to show also the influence of critical nodes below an AND node:

Note: The aggregation functions for the RKL template shall be updated before merging this PR.

Closes #57.

The child node of each node that is currently responsible for the worst risk should be highlighted or highlightable. This could be done by drawing the respective edge thicker or in a different color (coordinate with #58), or draw the child node with a thicker border. Responsibility is only valid for some logical connections (e.g., OR. For AND it does not make sense as all child nodes contribute to the risk semantically). Responsibility is determined by the aggregation function, thus somehow the API would change to tell Drawio from the aggregation function which edge (or child node) to highlight (is there a way around that?).

Enable feature for Attribute values to not be freely selected inside of a range, but pre select certain values that then can be selected when values are given.

As more and more features keep beeing added, should we start keeping a changelog and introduce version numbers?

@tobi18991

If we do, this is the relevant reference:

• https://keepachangelog.com/en/1.0.0/
• https://semver.org/

We should then extend the contex menu to present the version number in addition to the commit hash.

Resizing and moving attack graph nodes can be very slow in sufficiently large graphs with aggregation functions to be evaluated.

My uneducated guess is that recalculations or redrawings are triggered to often. Eg., every time the node is moved by 1px (which would be unnecessary). Please have a look at the code. Maybe you can find a cause for the behaviour.

A strategy could also be to be more conservative with triggering recalculations and instead provide a context menu option to force calculations.

Bumps jgraph/drawio from 18.1.3 to 19.0.2.

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Bumps jgraph/drawio from 18.1.3 to 19.0.1.

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Bumps jgraph/drawio from 18.0.1 to 18.0.7.

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Directly moving an edge from one node to another does not update the values in the first node (see video). However dropping the end of the edge somewhere and then attaching it to the other node results in updated values (second part in the video).

This is valid also for attack step nodes, not only for security controls as in the video.

Values should also be updated when dragging an edge from one node and dropping it to another.

https://user-images.githubusercontent.com/4853357/210347898-7168d1ca-0b06-4a2f-b5b6-75fecd46d168.mp4

Enable bulk export for attack graphs to PNG including all diagram pages. In combination with #17 this makes exporting attack graphs for other uses, e.g., to include them in Word documents, much easier. Right now, every page must be exported on its own.

The idea is to add a sub menu item below Attack Graphs. When clicked, all diagram pages are exported to PNG into a folder that can be chosen by the user, e.g., using the Save as... dialog feature.

In some cases, attributes can only have specific values assigned to them, e.g., 1,4 or 7. However, arbitrary values can be assigned to attributes via the Edit Data dialog of draw.io.

Therefore, enable in the DefaultAttributesDialog the option to set an enumeration of possible values. While modeling and changing the data of nodes via the Edit Data dialog, only present the enumeration to users.

Extend the already existing test suite to also test for new features included in the plugin.

The following list enumerates all features that are untested right now (13th Oct 2022). Please check them when test cases exist for them. Also link the corresponding issue if on exists.

• [ ] #14
• [ ] #15
• [ ] #19
• [ ] #43
• [ ] #45
• [ ] #55
• [ ] #57
• [ ] #58
• [ ] AND and OR nodes are labeled

Please never close this issue to allow tracking of untested functionality!

While adding security measures to the attack graph, the modeller might be interested in how measures are influencing the attack steps, consequences, and the resulting risk. Adding a feature to disable and enable measures individually while leaving the measures connected to the nodes they mitigate, would ease the analysis.