forked from devsecopsmaturitymodel/DevSecOps-MaturityModel
-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathdata.php
130 lines (110 loc) · 4.96 KB
/
data.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
<?php
$dimensions = array();
$files = scandir("data");
function readYaml($file) {
return yaml_parse(
file_get_contents($file)
);
}
$dimensions = array(
"Culture and Org." => readYaml("data/CultureandOrg.yml"),
"Build and Deployment" => readYaml("data/BuildandDeployment.yml"),
"Information Gathering" => readYaml("data/Informationgathering.yml"),
"Infrastructure" => readYaml("data/Infrastructure.yml"),
"Test and Verification" => readYaml("data/TestandVerification.yml"),
"Patch Management" => readYaml("data/PatchManagement.yml"),
);
ksort($dimensions);
foreach ($dimensions as $dimensionName => $subDimension) {
ksort($subDimension);
foreach ($subDimension as $subDimensionName => $elements) {
$newElements = $elements;
ksort($newElements);
$dimensions[$dimensionName][$subDimensionName] = $newElements;
}
}
function getDifficultyOfImplementationWithDependencies($dimensions, $elementImplementation, &$allElements)
{
if($elementImplementation == null) {
return ;
}
$knowledge = getKnowledge($elementImplementation);
$allElements[] = $knowledge;
$allElements[] = $elementImplementation['difficultyOfImplementation']["time"];
$allElements[] = $elementImplementation['difficultyOfImplementation']["time"];
$allElements[] = $elementImplementation['difficultyOfImplementation']["resources"];
if (array_key_exists('dependsOn', $elementImplementation) && $_GET['aggregated'] == "true") {
foreach ($elementImplementation['dependsOn'] as $dependency) {
$dependencyElement = getElementByName($dimensions, $dependency);
getDifficultyOfImplementationWithDependencies($dimensions, $dependencyElement, $allElements);
$knowledge = getKnowledge($elementImplementation);
$allElements[] = $knowledge;
$allElements[] = $elementImplementation['difficultyOfImplementation']["time"];
$allElements[] = $elementImplementation['difficultyOfImplementation']["time"];
$allElements[] = $elementImplementation['difficultyOfImplementation']["resources"];
}
}
}
function getDifficultyOfImplementation($dimensions, $elementImplementation)
{
if($elementImplementation == null) {
return ;
}
$knowledge = getKnowledge($elementImplementation);
$value = $knowledge + $elementImplementation['difficultyOfImplementation']["time"] * 2 + $elementImplementation['difficultyOfImplementation']["resources"];
$value = $value / 4;
if (array_key_exists('dependsOn', $elementImplementation) && $_GET['aggregated'] == "true") {
foreach ($elementImplementation['dependsOn'] as $dependency) {
$dependencyElement = getElementByName($dimensions, $dependency);
$value += getDifficultyOfImplementation($dimensions, $dependencyElement);
}
}
if ($value > 5) {
$value = 5;
}
return number_format((float)$value, 2, '.', '');
}
function getKnowledge($elementImplementation)
{
$knowledge = $elementImplementation['difficultyOfImplementation']["knowledge"];
if (is_array($knowledge)) {
$sum = 0;
// areas = operation, development, expertise, security
$areaCount = 4;
foreach ($knowledge as $knowledgeAttribute) {
$sum += $knowledgeAttribute;
}
$knowledge = $sum / $areaCount;
}
return $knowledge;
}
function build_table_tooltip($array, $headerWeight = 2)
{
$mapKnowLedge = array("Very Low (one discipline)", "Low (one discipline)", "Medium (two disciplines)", "High (two disciplines)", "Very High (three or more disciplines)");
$mapTime = array("Very Low", "Low", "Medium", "High", "Very High");
$mapResources = $mapTime;
$mapUsefulness = $mapTime;
$html = "";
$html .= "<h" . $headerWeight . ">Risk and Opportunity</h$headerWeight>";
$html .= "<div><b>" . gettext("Risk") . ":</b> " . $array['risk'] . "</div>";
$html .= "<div><b>" . gettext("Opportunity") . ":</b> " . $array['measure'] . "</div>";
$html .= "<hr />";
$html .= "<h$headerWeight>Exploit details</h$headerWeight>";
$html .= "<div><b>Usefullness:</b> " . ucfirst($mapUsefulness[$array['usefulness']-1]) . "</div>";
$html .= "<div><b>Required knowledge:</b> " . ucfirst($mapKnowLedge[$array['difficultyOfImplementation']['knowledge']-1]) . "</div>";
$html .= "<div><b>Required time:</b> " . ucfirst($mapTime[$array['difficultyOfImplementation']['time']-1]) . "</div>";
$html .= "<div><b>Required resources (systems):</b> " . ucfirst($mapResources[$array['difficultyOfImplementation']['resources']-1]) . "</div>";
return $html;
}
function getElementByName($dimensions, $name)
{
foreach ($dimensions as $dimensionName => $subDimension) {
foreach ($subDimension as $subDimensionName => $elements) {
foreach ($elements as $elementName => $element) {
if ($elementName == $name) {
return $element;
}
}
}
}
}