Documentation
¶
Overview ¶
Package ir provides the intermediate representation for threat modeling diagrams. All types are designed to be Go-friendly and generate clean JSON schemas without polymorphic anyOf/oneOf constructs.
Index ¶
- func GetSTRIDEName(s STRIDEThreat) string
- type Actor
- type AssetClassification
- type Attack
- type Author
- type Boundary
- type BoundaryType
- type CVSSMapping
- type CVSSSeverity
- type CWEMapping
- type DiagramIR
- type DiagramType
- type DiagramView
- type Direction
- type Element
- type ElementType
- type Flow
- type FlowType
- type Legend
- type MITREATLASMapping
- type MITREAttackMapping
- type MITRETactic
- type Mappings
- type Message
- type OWASPCategory
- type OWASPMapping
- type Phase
- type Reference
- type STRIDEMapping
- type STRIDEThreat
- type Target
- type ThreatModel
- type ValidationError
- type ValidationErrors
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
func GetSTRIDEName ¶
func GetSTRIDEName(s STRIDEThreat) string
GetSTRIDEName returns the full name for a STRIDE category.
Types ¶
type Actor ¶
type Actor struct {
// ID is the unique identifier.
ID string `json:"id"`
// Label is the display name.
Label string `json:"label"`
// Type identifies the actor type (for styling).
Type ElementType `json:"type,omitempty"`
// Malicious indicates if this is an attacker-controlled actor.
Malicious bool `json:"malicious,omitempty"`
}
Actor represents a lifeline in a sequence diagram.
type AssetClassification ¶
type AssetClassification string
AssetClassification identifies the value/sensitivity of an asset.
const ( AssetClassificationCrownJewel AssetClassification = "crown-jewel" AssetClassificationHigh AssetClassification = "high" AssetClassificationMedium AssetClassification = "medium" AssetClassificationLow AssetClassification = "low" )
func (AssetClassification) JSONSchema ¶
func (AssetClassification) JSONSchema() *jsonschema.Schema
JSONSchema implements jsonschema.JSONSchemaer for AssetClassification.
type Attack ¶
type Attack struct {
// Step is the sequence number (1, 2, 3...).
Step int `json:"step"`
// From is the source element ID.
From string `json:"from"`
// To is the destination element ID.
To string `json:"to"`
// Label describes the attack step.
Label string `json:"label"`
// MITRETactic is the MITRE ATT&CK tactic ID.
MITRETactic MITRETactic `json:"mitreTactic,omitempty"`
// MITRETechnique is the MITRE ATT&CK technique ID (e.g., T1110).
MITRETechnique string `json:"mitreTechnique,omitempty"`
// STRIDEThreats lists applicable STRIDE threats.
STRIDEThreats []STRIDEThreat `json:"strideThreats,omitempty"`
// Description provides additional context.
Description string `json:"description,omitempty"`
}
Attack represents an attack step in an attack chain.
type Author ¶ added in v0.2.0
type Author struct {
// Name is the author's name.
Name string `json:"name"`
// Email is the author's email address.
Email string `json:"email,omitempty"`
// URL is a link to the author's profile or website.
URL string `json:"url,omitempty"`
}
Author represents a contributor to the threat model.
type Boundary ¶
type Boundary struct {
// ID is the unique identifier for the boundary.
ID string `json:"id"`
// Label is the display name.
Label string `json:"label"`
// Type identifies the boundary type.
Type BoundaryType `json:"type"`
// ParentID is the ID of a containing boundary (for nested boundaries).
ParentID string `json:"parentId,omitempty"`
// Description provides additional context.
Description string `json:"description,omitempty"`
}
Boundary represents a trust boundary containing elements.
type BoundaryType ¶
type BoundaryType string
BoundaryType identifies the type of trust boundary.
const ( BoundaryTypeBrowser BoundaryType = "browser" BoundaryTypeLocalhost BoundaryType = "localhost" BoundaryTypeNetwork BoundaryType = "network" BoundaryTypeCloud BoundaryType = "cloud" BoundaryTypeBreached BoundaryType = "breached" )
func (BoundaryType) JSONSchema ¶
func (BoundaryType) JSONSchema() *jsonschema.Schema
JSONSchema implements jsonschema.JSONSchemaer for BoundaryType.
type CVSSMapping ¶
type CVSSMapping struct {
// Version is the CVSS version (e.g., "3.1", "4.0").
Version string `json:"version"`
// Vector is the CVSS vector string (e.g., "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N").
Vector string `json:"vector"`
// BaseScore is the calculated base score (0.0 - 10.0).
BaseScore float64 `json:"baseScore"`
// Severity is the qualitative severity rating.
Severity CVSSSeverity `json:"severity"`
// Description provides context for the scoring.
Description string `json:"description,omitempty"`
}
CVSSMapping represents a CVSS (Common Vulnerability Scoring System) assessment.
type CVSSSeverity ¶
type CVSSSeverity string
CVSSSeverity represents the qualitative severity rating.
const ( CVSSSeverityNone CVSSSeverity = "None" CVSSSeverityLow CVSSSeverity = "Low" CVSSSeverityMedium CVSSSeverity = "Medium" CVSSSeverityHigh CVSSSeverity = "High" CVSSSeverityCritical CVSSSeverity = "Critical" )
func (CVSSSeverity) JSONSchema ¶
func (CVSSSeverity) JSONSchema() *jsonschema.Schema
JSONSchema implements jsonschema.JSONSchemaer for CVSSSeverity.
type CWEMapping ¶
type CWEMapping struct {
// ID is the CWE ID (e.g., "CWE-346").
ID string `json:"id"`
// Name is the human-readable name (e.g., "Origin Validation Error").
Name string `json:"name,omitempty"`
// Description explains how this weakness applies.
Description string `json:"description,omitempty"`
// URL is the link to the CWE page.
URL string `json:"url,omitempty"`
}
CWEMapping represents a Common Weakness Enumeration reference.
type DiagramIR ¶
type DiagramIR struct {
// Type identifies the diagram type (dfd, attack-chain, sequence).
Type DiagramType `json:"type"`
// Title is the diagram title.
Title string `json:"title"`
// Description provides additional context about the diagram.
Description string `json:"description,omitempty"`
// Direction specifies the layout direction (right, down, etc.).
Direction Direction `json:"direction,omitempty"`
// Legend controls whether to show the legend.
Legend *Legend `json:"legend,omitempty"`
// Mappings contains references to external security frameworks
// (MITRE ATT&CK, ATLAS, OWASP, CWE, CVSS, STRIDE).
Mappings *Mappings `json:"mappings,omitempty"`
// Elements are the DFD elements (processes, datastores, external entities).
Elements []Element `json:"elements,omitempty"`
// Boundaries are the trust boundaries containing elements.
Boundaries []Boundary `json:"boundaries,omitempty"`
// Flows are the data flows between elements (for DFD).
Flows []Flow `json:"flows,omitempty"`
// Attacks are the attack steps (for attack-chain type).
Attacks []Attack `json:"attacks,omitempty"`
// Targets are the high-value assets being targeted.
Targets []Target `json:"targets,omitempty"`
// Actors are the lifelines in a sequence diagram.
Actors []Actor `json:"actors,omitempty"`
// Phases group messages into logical attack phases.
Phases []Phase `json:"phases,omitempty"`
// Messages are the interactions between actors (for sequence type).
Messages []Message `json:"messages,omitempty"`
}
DiagramIR is the intermediate representation for all threat modeling diagrams. It uses a non-polymorphic structure where the Type field identifies the diagram kind, and different fields are used depending on the type.
For DFD: Uses Elements, Boundaries, Flows For Attack Chain: Uses Elements, Boundaries, Attacks, Targets For Sequence: Uses Actors, Phases, Messages
func LoadFromFile ¶
LoadFromFile loads a DiagramIR from a JSON file.
func (*DiagramIR) MustValidate ¶
func (d *DiagramIR) MustValidate()
MustValidate panics if validation fails.
func (*DiagramIR) Validate ¶
Validate checks that the DiagramIR is internally consistent. It verifies that fields are appropriate for the diagram type and that required fields are present.
func (*DiagramIR) ValidateStrict ¶
ValidateStrict performs additional strict validation checks. This includes checks that may be warnings rather than errors.
type DiagramType ¶
type DiagramType string
DiagramType identifies the type of diagram.
const ( DiagramTypeDFD DiagramType = "dfd" DiagramTypeAttack DiagramType = "attack-chain" DiagramTypeSequence DiagramType = "sequence" )
func (DiagramType) JSONSchema ¶
func (DiagramType) JSONSchema() *jsonschema.Schema
JSONSchema implements jsonschema.JSONSchemaer for DiagramType.
type DiagramView ¶ added in v0.2.0
type DiagramView struct {
// Type identifies the diagram type (dfd, attack-chain, sequence).
Type DiagramType `json:"type"`
// Title is the diagram-specific title. If empty, inherits from ThreatModel.
Title string `json:"title,omitempty"`
// Description provides diagram-specific context.
Description string `json:"description,omitempty"`
// Direction specifies the layout direction (right, down, etc.).
Direction Direction `json:"direction,omitempty"`
// Legend controls whether to show the legend.
Legend *Legend `json:"legend,omitempty"`
// Mappings contains diagram-specific framework mappings.
// If nil, the diagram inherits from the parent ThreatModel.
// If set, these mappings apply only to this diagram view.
Mappings *Mappings `json:"mappings,omitempty"`
// Elements are the DFD elements (processes, datastores, external entities).
Elements []Element `json:"elements,omitempty"`
// Boundaries are the trust boundaries containing elements.
Boundaries []Boundary `json:"boundaries,omitempty"`
// Flows are the data flows between elements (for DFD).
Flows []Flow `json:"flows,omitempty"`
// Attacks are the attack steps (for attack-chain type).
Attacks []Attack `json:"attacks,omitempty"`
// Targets are the high-value assets being targeted.
Targets []Target `json:"targets,omitempty"`
// Actors are the lifelines in a sequence diagram.
Actors []Actor `json:"actors,omitempty"`
// Phases group messages into logical attack phases.
Phases []Phase `json:"phases,omitempty"`
// Messages are the interactions between actors (for sequence type).
Messages []Message `json:"messages,omitempty"`
}
DiagramView represents a single diagram within a ThreatModel. It embeds DiagramIR but allows the diagram to inherit or override the parent ThreatModel's mappings.
func (*DiagramView) ToDiagramIR ¶ added in v0.2.0
func (dv *DiagramView) ToDiagramIR(parent *ThreatModel) *DiagramIR
ToDigramIR converts a DiagramView to a standalone DiagramIR, inheriting mappings from the parent ThreatModel if not overridden.
type Direction ¶
type Direction string
Direction specifies the layout direction of the diagram.
func (Direction) JSONSchema ¶
func (Direction) JSONSchema() *jsonschema.Schema
JSONSchema implements jsonschema.JSONSchemaer for Direction.
type Element ¶
type Element struct {
// ID is the unique identifier for the element.
ID string `json:"id"`
// Label is the display name.
Label string `json:"label"`
// Type identifies the element type.
Type ElementType `json:"type"`
// ParentID is the ID of the containing boundary (if any).
ParentID string `json:"parentId,omitempty"`
// Classification indicates the asset value/sensitivity.
Classification AssetClassification `json:"classification,omitempty"`
// STRIDEThreats lists applicable STRIDE threats.
STRIDEThreats []STRIDEThreat `json:"strideThreats,omitempty"`
// Description provides additional context.
Description string `json:"description,omitempty"`
}
Element represents a DFD element (process, datastore, external entity, etc.).
type ElementType ¶
type ElementType string
ElementType identifies the type of DFD element.
const ( ElementTypeProcess ElementType = "process" ElementTypeDatastore ElementType = "datastore" ElementTypeExternalEntity ElementType = "external-entity" ElementTypeGateway ElementType = "gateway" ElementTypeBrowser ElementType = "browser" ElementTypeAgent ElementType = "agent" ElementTypeAPI ElementType = "api" )
func (ElementType) JSONSchema ¶
func (ElementType) JSONSchema() *jsonschema.Schema
JSONSchema implements jsonschema.JSONSchemaer for ElementType.
type Flow ¶
type Flow struct {
// From is the source element ID.
From string `json:"from"`
// To is the destination element ID.
To string `json:"to"`
// Label describes the flow.
Label string `json:"label,omitempty"`
// Type identifies the flow type (normal, attack, exfil).
Type FlowType `json:"type,omitempty"`
// Bidirectional indicates if the flow goes both ways.
Bidirectional bool `json:"bidirectional,omitempty"`
}
Flow represents a data flow between elements.
type FlowType ¶
type FlowType string
FlowType identifies the type of data flow or attack flow.
func (FlowType) JSONSchema ¶
func (FlowType) JSONSchema() *jsonschema.Schema
JSONSchema implements jsonschema.JSONSchemaer for FlowType.
type Legend ¶
type Legend struct {
// Show controls whether the legend is displayed.
Show bool `json:"show"`
// ShowSTRIDE includes STRIDE threat legend.
ShowSTRIDE bool `json:"showStride,omitempty"`
// ShowMITRE includes MITRE ATT&CK tactic legend.
ShowMITRE bool `json:"showMitre,omitempty"`
// ShowAssets includes asset classification legend.
ShowAssets bool `json:"showAssets,omitempty"`
// ShowElements includes element type legend.
ShowElements bool `json:"showElements,omitempty"`
// ShowBoundaries includes boundary type legend.
ShowBoundaries bool `json:"showBoundaries,omitempty"`
}
Legend configures the diagram legend.
type MITREATLASMapping ¶
type MITREATLASMapping struct {
// TacticID is the tactic ID (e.g., "AML.TA0002").
TacticID string `json:"tacticId"`
// TacticName is the human-readable tactic name.
TacticName string `json:"tacticName,omitempty"`
// TechniqueID is the technique ID (e.g., "AML.T0024").
TechniqueID string `json:"techniqueId"`
// TechniqueName is the human-readable technique name.
TechniqueName string `json:"techniqueName,omitempty"`
// Description explains how this technique applies.
Description string `json:"description,omitempty"`
// URL is the link to the ATLAS page.
URL string `json:"url,omitempty"`
}
MITREATLASMapping represents a MITRE ATLAS (AI/ML) technique reference.
type MITREAttackMapping ¶
type MITREAttackMapping struct {
// TacticID is the tactic ID (e.g., "TA0001").
TacticID string `json:"tacticId"`
// TacticName is the human-readable tactic name (e.g., "Initial Access").
TacticName string `json:"tacticName,omitempty"`
// TechniqueID is the technique ID (e.g., "T1189").
TechniqueID string `json:"techniqueId"`
// TechniqueName is the human-readable technique name (e.g., "Drive-by Compromise").
TechniqueName string `json:"techniqueName,omitempty"`
// SubTechniqueID is the sub-technique ID (e.g., "T1189.001"), if applicable.
SubTechniqueID string `json:"subTechniqueId,omitempty"`
// Description explains how this technique applies to the threat model.
Description string `json:"description,omitempty"`
// URL is the link to the ATT&CK page.
URL string `json:"url,omitempty"`
}
MITREAttackMapping represents a MITRE ATT&CK technique reference.
type MITRETactic ¶
type MITRETactic string
MITRETactic identifies a MITRE ATT&CK tactic.
const ( MITREInitialAccess MITRETactic = "TA0001" MITREExecution MITRETactic = "TA0002" MITREPersistence MITRETactic = "TA0003" MITREPrivilegeEsc MITRETactic = "TA0004" MITREDefenseEvasion MITRETactic = "TA0005" MITRECredentialAccess MITRETactic = "TA0006" MITREDiscovery MITRETactic = "TA0007" MITRELateralMovement MITRETactic = "TA0008" MITRECollection MITRETactic = "TA0009" MITREExfiltration MITRETactic = "TA0010" MITRECommandAndControl MITRETactic = "TA0011" MITREImpact MITRETactic = "TA0040" )
func (MITRETactic) JSONSchema ¶
func (MITRETactic) JSONSchema() *jsonschema.Schema
JSONSchema implements jsonschema.JSONSchemaer for MITRETactic.
type Mappings ¶
type Mappings struct {
// MITREAttack contains MITRE ATT&CK technique mappings.
MITREAttack []MITREAttackMapping `json:"mitreAttack,omitempty"`
// MITREATLAS contains MITRE ATLAS (AI-specific) technique mappings.
MITREATLAS []MITREATLASMapping `json:"mitreAtlas,omitempty"`
// OWASP contains OWASP Top 10 mappings (API, LLM, Web).
OWASP []OWASPMapping `json:"owasp,omitempty"`
// CWE contains Common Weakness Enumeration mappings.
CWE []CWEMapping `json:"cwe,omitempty"`
// CVSS contains the CVSS vector string and score.
CVSS *CVSSMapping `json:"cvss,omitempty"`
// STRIDE contains STRIDE threat category mappings.
STRIDE []STRIDEMapping `json:"stride,omitempty"`
}
Mappings contains references to external security frameworks. This allows threat models to be mapped to industry-standard frameworks for compliance, reporting, and interoperability.
type Message ¶
type Message struct {
// Seq is the sequence number (1, 2, 3...).
Seq int `json:"seq"`
// From is the source actor ID.
From string `json:"from"`
// To is the destination actor ID.
To string `json:"to"`
// Label describes the message.
Label string `json:"label"`
// Type identifies the message type (normal, attack, exfil).
Type FlowType `json:"type,omitempty"`
// MITRETechnique is the MITRE ATT&CK technique ID (if applicable).
MITRETechnique string `json:"mitreTechnique,omitempty"`
// Note is a self-message note (when From == To).
Note bool `json:"note,omitempty"`
}
Message represents an interaction between actors in a sequence diagram.
type OWASPCategory ¶
type OWASPCategory string
OWASPCategory identifies which OWASP Top 10 list a mapping belongs to.
const ( OWASPCategoryAPI OWASPCategory = "api" // API Security Top 10 OWASPCategoryLLM OWASPCategory = "llm" // LLM Application Top 10 OWASPCategoryWeb OWASPCategory = "web" // Web Application Top 10 )
func (OWASPCategory) JSONSchema ¶
func (OWASPCategory) JSONSchema() *jsonschema.Schema
JSONSchema implements jsonschema.JSONSchemaer for OWASPCategory.
type OWASPMapping ¶
type OWASPMapping struct {
// Category identifies which OWASP list (api, llm, web).
Category OWASPCategory `json:"category"`
// ID is the OWASP ID (e.g., "API2:2023", "LLM06:2025", "A01:2021").
ID string `json:"id"`
// Name is the human-readable name (e.g., "Broken Authentication").
Name string `json:"name,omitempty"`
// Description explains how this applies to the threat model.
Description string `json:"description,omitempty"`
// URL is the link to the OWASP page.
URL string `json:"url,omitempty"`
}
OWASPMapping represents an OWASP Top 10 reference.
type Phase ¶
type Phase struct {
// Name is the phase name.
Name string `json:"name"`
// MITRETactic is the MITRE ATT&CK tactic for this phase.
MITRETactic MITRETactic `json:"mitreTactic,omitempty"`
// Description provides additional context.
Description string `json:"description,omitempty"`
// StartMessage is the first message index in this phase.
StartMessage int `json:"startMessage"`
// EndMessage is the last message index in this phase.
EndMessage int `json:"endMessage"`
}
Phase groups messages into a logical attack phase.
type Reference ¶ added in v0.2.0
type Reference struct {
// Title is the reference title.
Title string `json:"title"`
// URL is the link to the resource.
URL string `json:"url"`
// Type categorizes the reference (e.g., "advisory", "blog", "paper", "cve").
Type string `json:"type,omitempty"`
}
Reference is an external resource related to the threat model.
type STRIDEMapping ¶
type STRIDEMapping struct {
// Category is the STRIDE category (S, T, R, I, D, E).
Category STRIDEThreat `json:"category"`
// Name is the full name (e.g., "Spoofing", "Tampering").
Name string `json:"name,omitempty"`
// Description explains how this threat applies.
Description string `json:"description,omitempty"`
// AffectedComponents lists the component IDs affected by this threat.
AffectedComponents []string `json:"affectedComponents,omitempty"`
}
STRIDEMapping represents a STRIDE threat category mapping with details.
type STRIDEThreat ¶
type STRIDEThreat string
STRIDEThreat identifies a STRIDE threat category.
const ( STRIDESpoofing STRIDEThreat = "S" STRIDETampering STRIDEThreat = "T" STRIDERepudiation STRIDEThreat = "R" STRIDEInformationDisc STRIDEThreat = "I" STRIDEDenialOfService STRIDEThreat = "D" STRIDEElevationOfPrivilege STRIDEThreat = "E" )
func (STRIDEThreat) JSONSchema ¶
func (STRIDEThreat) JSONSchema() *jsonschema.Schema
JSONSchema implements jsonschema.JSONSchemaer for STRIDEThreat.
type Target ¶
type Target struct {
// ElementID references the element that is a target.
ElementID string `json:"elementId"`
// Classification indicates the asset value.
Classification AssetClassification `json:"classification"`
// STRIDEThreats lists applicable STRIDE threats.
STRIDEThreats []STRIDEThreat `json:"strideThreats,omitempty"`
// Impact describes the impact if compromised.
Impact string `json:"impact,omitempty"`
}
Target represents a high-value asset being targeted.
type ThreatModel ¶ added in v0.2.0
type ThreatModel struct {
// ID is a unique identifier for the threat model (e.g., "openclaw-websocket-localhost").
ID string `json:"id"`
// Title is the human-readable title of the threat model.
Title string `json:"title"`
// Description provides an overview of the vulnerability or threat scenario.
Description string `json:"description,omitempty"`
// Version tracks the threat model version (e.g., "1.0.0").
Version string `json:"version,omitempty"`
// Authors lists the people who created or contributed to this threat model.
Authors []Author `json:"authors,omitempty"`
// References contains external links to related resources.
References []Reference `json:"references,omitempty"`
// Mappings contains references to external security frameworks
// (MITRE ATT&CK, ATLAS, OWASP, CWE, CVSS, STRIDE).
// These mappings apply to the overall threat model.
Mappings *Mappings `json:"mappings,omitempty"`
// Diagrams contains the individual diagram views of the threat model.
// Each diagram represents a different perspective (DFD, attack chain, sequence).
Diagrams []DiagramView `json:"diagrams"`
}
ThreatModel is the canonical representation of a security threat model. It contains shared metadata and framework mappings, with multiple diagram views of the same vulnerability or threat scenario.
This is the preferred format for complete threat models. Individual DiagramIR files can be used for single-diagram use cases or generated from a ThreatModel.
func LoadThreatModelFromFile ¶ added in v0.2.0
func LoadThreatModelFromFile(path string) (*ThreatModel, error)
LoadThreatModelFromFile loads a ThreatModel from a JSON file.
func (*ThreatModel) GetDiagram ¶ added in v0.2.0
func (tm *ThreatModel) GetDiagram(dt DiagramType) *DiagramView
GetDiagram returns the first diagram of the specified type, or nil if not found.
func (*ThreatModel) GetDiagramIR ¶ added in v0.2.0
func (tm *ThreatModel) GetDiagramIR(dt DiagramType) *DiagramIR
GetDiagramIR returns a standalone DiagramIR for the specified type, with inherited mappings from the ThreatModel.
func (*ThreatModel) IsValid ¶ added in v0.2.0
func (tm *ThreatModel) IsValid() bool
IsValid returns true if the threat model passes validation.
func (*ThreatModel) Validate ¶ added in v0.2.0
func (tm *ThreatModel) Validate() error
Validate checks that the ThreatModel is internally consistent.
type ValidationError ¶
ValidationError represents a diagram validation error.
func (ValidationError) Error ¶
func (e ValidationError) Error() string
type ValidationErrors ¶
type ValidationErrors []ValidationError
ValidationErrors is a collection of validation errors.
func (ValidationErrors) Error ¶
func (errs ValidationErrors) Error() string
func (ValidationErrors) HasErrors ¶
func (errs ValidationErrors) HasErrors() bool
HasErrors returns true if there are any validation errors.
func (ValidationErrors) Is ¶
func (errs ValidationErrors) Is(target error) bool
Is implements errors.Is for ValidationErrors.
func (ValidationErrors) Unwrap ¶
func (errs ValidationErrors) Unwrap() []error
Errors implements the error interface check for ValidationErrors.
Source Files
Click to show internal directories.
Click to hide internal directories.