| Date | Author | Comments | Version |
|---|---|---|---|
| 25.10.2023 | Peter Maynard | Converted Install guide from word to markdown. | 0.1.0 |
| 13.06.2023 | Peter Maynard | Initial Setup Guide. | 0.1.0 |
-
Four videos showing how to use the tool.
-
Installation and Quick Start Guide
This guides briefly covers the Windows download and setup for Cardiff University machines (The steps are similar for other systems). Along with importing an example project containing a example Dependency Model and Playbook Process.
-
Import Existing Model or Playbook
This covers how to import existing models into an existing project. Using one of the example models from this repository.
-
Explains the steps to export the project and models as a zipped archive.
-
Introduces a helpful conversion tool.
For additional example models and project files see the Examples and Templates directory.
Click on the icons below for a video recording showing how to use the tool.
Latest SecMof version only supports windows. (August 2024)
Older Version
Mac OS Not supported.
Make sure it is the following location, otherwise Windows will fail to extract with an error relating to "path names too long."
C:\Users\<username>\Desktop\SecMoF
Trouble Extracting
Still can't extract the archive, double check you're extracting to the correct location.If that's not fixing it, try running the following in the command prompt:
tar -xf Security.Modelling.Framework_1.0.0.202301201418-win32.win32.x86_64.zip
Finally, try renaming Security.Modelling.Framework_1.0.0.202301201418-win32.win32.x86_64.zip to SecMof.zip then extract.
No need to extract it, this will be read be eclipse later on.
Double click on the 'SecMof' application.
The tool will ask where you want to keep your data and related files. The default is fine. Inside this directory you will find any projects and artifacts you create with the tool.
Import projects > Existing Projects into Workspace [Next] > Select archive file [Finish]
Window > Perspective > Open Perspective > Other > Modelling [Open]
You should now see the example project, with a sample Playbook and Dependency Model.
The Model Explorer pane (A) contains an overview of all paragons within the dependency model.
The Palette pane (B) allows you to create new paragons, by clicking "Create[OR|AND]Dependency" then selecting an existing node in the Main Viewer pane (C) to be the new node's parent.
The Model Explorer pane (A) contains an overview of all the Playbook Process and Artifacts.
The Palette pane (B) allows you to create new a new Activity, Artifact in State, Associate Reference, Assign Actuator, and to mark activities as complete.
The main Viewer pane (C) shows two Activities linked.
Find and download the Dependency Model or Playbook Process as an XML file to your Desktop.
This example we use the large SCADA Dependency Model.
Right Click on project (example) -> Import -> File System -> Identify Directory [Desktop] -> Check "SCADA.dependencymodel" [Finish]
Once the Model has been imported into the project, you will need to create a new visual representation of it.
Right Click on project (example) -> Create Representation -> Select Representation Type [Next] -> Select the Root Node (C) [Finish] -> Name the new representation [OK].
The Representation can either be (A) DependencyModellingDiagram for Dependency Models, or (B) FRIPP Representation for Playbooks.
If you wish to export the models for use on another computer or to send to someone. You can export as a archive file.
File > Export > General > Archive File > Check ‘example’ > Save to Desktop as a zip.
A supporting tool called the Security Model Converter (SMC) was created to support SecMoF. This is an Open-Source command-line application written in GoLang that converts security model data to different formats.
Supported formats are: Attack Trees (tab-indented text files), GraphML, FRIPP, and DM models.
For more information see the SMC repository.
This work is licensed under CC BY-SA 4.0.