forked from devsecopsmaturitymodel/DevSecOps-MaturityModel
-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathdata-yml.php
129 lines (109 loc) · 4.9 KB
/
data-yml.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
<?php
$dimensions = array();
$files = scandir("data");
function readYaml($file) {
return yaml_parse(
file_get_contents($file)
);
}
$dimensions = array(
"Culture and Org." => readYaml("data/CultureAndOrg.yml"),
"Build and Deployment" => readYaml("data/BuildAndDeployment.yml"),
"Information Gathering" => readYaml("data/InformationGathering.yml"),
"Infrastructure" => readYaml("data/Infrastructure.yml"),
"Test and Verification" => readYaml("data/TestAndVerification.yml"),
);
ksort($dimensions);
foreach ($dimensions as $dimensionName => $subDimension) {
ksort($subDimension);
foreach ($subDimension as $subDimensionName => $elements) {
$newElements = $elements;
ksort($newElements);
$dimensions[$dimensionName][$subDimensionName] = $newElements;
}
}
function getDifficultyOfImplementationWithDependencies($dimensions, $elementImplementation, &$allElements)
{
if($elementImplementation == null) {
return ;
}
$knowledge = getKnowledge($elementImplementation);
$allElements[] = $knowledge;
$allElements[] = $elementImplementation['difficultyOfImplementation']["time"];
$allElements[] = $elementImplementation['difficultyOfImplementation']["time"];
$allElements[] = $elementImplementation['difficultyOfImplementation']["resources"];
if (array_key_exists('dependsOn', $elementImplementation) && $_GET['aggregated'] == "true") {
foreach ($elementImplementation['dependsOn'] as $dependency) {
$dependencyElement = getElementByName($dimensions, $dependency);
getDifficultyOfImplementationWithDependencies($dimensions, $dependencyElement, $allElements);
$knowledge = getKnowledge($elementImplementation);
$allElements[] = $knowledge;
$allElements[] = $elementImplementation['difficultyOfImplementation']["time"];
$allElements[] = $elementImplementation['difficultyOfImplementation']["time"];
$allElements[] = $elementImplementation['difficultyOfImplementation']["resources"];
}
}
}
function getDifficultyOfImplementation($dimensions, $elementImplementation)
{
if($elementImplementation == null) {
return ;
}
$knowledge = getKnowledge($elementImplementation);
$value = $knowledge + $elementImplementation['difficultyOfImplementation']["time"] * 2 + $elementImplementation['difficultyOfImplementation']["resources"];
$value = $value / 4;
if (array_key_exists('dependsOn', $elementImplementation) && $_GET['aggregated'] == "true") {
foreach ($elementImplementation['dependsOn'] as $dependency) {
$dependencyElement = getElementByName($dimensions, $dependency);
$value += getDifficultyOfImplementation($dimensions, $dependencyElement);
}
}
if ($value > 5) {
$value = 5;
}
return number_format((float)$value, 2, '.', '');
}
function getKnowledge($elementImplementation)
{
$knowledge = $elementImplementation['difficultyOfImplementation']["knowledge"];
if (is_array($knowledge)) {
$sum = 0;
// areas = operation, development, expertise, security
$areaCount = 4;
foreach ($knowledge as $knowledgeAttribute) {
$sum += $knowledgeAttribute;
}
$knowledge = $sum / $areaCount;
}
return $knowledge;
}
function build_table_tooltip($array, $headerWeight = 2)
{
$mapKnowLedge = array("Very Low (one discipline)", "Low (one discipline)", "Medium (two disciplines)", "High (two disciplines)", "Very High (three or more disciplines)");
$mapTime = array("Very Low", "Low", "Medium", "High", "Very High");
$mapResources = $mapTime;
$mapUsefulness = $mapTime;
$html = "";
$html .= "<h" . $headerWeight . ">Risk and Opportunity</h$headerWeight>";
$html .= "<div><b>" . gettext("Risk") . ":</b> " . $array['risk'] . "</div>";
$html .= "<div><b>" . gettext("Opportunity") . ":</b> " . $array['measure'] . "</div>";
$html .= "<hr />";
$html .= "<h$headerWeight>Exploit details</h$headerWeight>";
$html .= "<div><b>Usefullness:</b> " . ucfirst($mapUsefulness[$array['usefulness']-1]) . "</div>";
$html .= "<div><b>Required knowledge:</b> " . ucfirst($mapKnowLedge[$array['difficultyOfImplementation']['knowledge']-1]) . "</div>";
$html .= "<div><b>Required time:</b> " . ucfirst($mapTime[$array['difficultyOfImplementation']['time']-1]) . "</div>";
$html .= "<div><b>Required resources (systems):</b> " . ucfirst($mapResources[$array['difficultyOfImplementation']['resources']-1]) . "</div>";
return $html;
}
function getElementByName($dimensions, $name)
{
foreach ($dimensions as $dimensionName => $subDimension) {
foreach ($subDimension as $subDimensionName => $elements) {
foreach ($elements as $elementName => $element) {
if ($elementName == $name) {
return $element;
}
}
}
}
}