This software is no longer maintained and there are no plans for a future release. Having said that the basic principles of the software herein and on the cited papers below are still relevant to model-based security and the software should run given that the user installs the versions of dependent software stated below.
CYBOK. A vulnerability assessment tool for model-based systems engineering.
Georgios Bakirtzis, Brandon Simon, Aidan Collins, Cody Fleming, and Carl Elks, “Data-Driven Vulnerability Exploration for Design Phase System Analysis” IEEE Systems Journal [proceedings, preprint]
Rationale. Georgios Bakirtzis, Garrett Ward, Christopher Deloglos, Carl Elks, Barry Horowitz, and Cody Fleming, “Fundamental Challenges of Cyber-Physical Systems Security Modeling” IEEE/IFIP DSN 2020 [proceedings, preprint]
CYBOK has been tested
with Python 3.7.5 on macOS and Windows 10.
You will need to use Python 3.7.1
or above because the code makes use
of the NamedTuple
class and f-strings
.
For macOS we recommend installing python3
using homebrew.
brew install python3
For Windows we recommend installing python3
using Chocolatey.
chocho install python3
(Note: Chocolatey installs python3
as python
.
This means that pip3
now maps to pip
.
To run cybok use python cybok.py [options]
instead of making the file executable
as with GNU/Linux and macOS.)
To visualize graphs you will need to install graphviz
.
For macOS:
brew install graphviz
For Windows:
choco install graphviz --version 2.38
To setup CYBOK download this repo in your desired local folder.
git clone https://github.com/bakirtzisg/cybok-cli.git
Install all python library requirements
from requirements.txt
.
pip3 install -r requirements.txt
Before using CYBOK you will need run the update
command.
$ python3 cybok --update
This downloads the latest CAPEC, CWE, and CVE feeds and creates the search index.
🎉 🎉 🎉 🎉 🎉
$ python3 cybok --help
$ python3 cybok --search gps
$ python3 cybok --input "./models/simple_system.graphml"
$ python3 cybok --visualize --input "./models/simple_system.graphml"
$ python3 cybok --visualize --input "./models/simple_system.graphml" --target "MCU"
$ python3 cybok --visualize --input "./models/fcs.graphml" --target "Primary Application Processor"
$ python3 cybok --input "./models/fcs.graphml" --output "fcs"
Argument | Type | Input | Description |
---|---|---|---|
-h --help | N/A | N/A | shows all available arguments |
-u --update | N/A | N/A | updates all available database data and creates search index |
-s --search | str | search string | takes a string and matches to available database entries |
-i --input | str | model definition in GraphML form | takes a .graphml file and produces a vulnerability report |
-v --visualize | N/A | N/A | creates visualizations for the attack surface and if given a target the exploit chains associated with it |
-t --target | str | vertex name in the system GraphML file | finds all possible exploit chains from any element in the attack surface to that vertex |
-o --output | str | filename or filepath | export all evidence from -s or -i to .graphml or .csv files |
Georgios Bakirtzis ([email protected]) bakirtzis.net