# Set working directory

In [2]:
import os
cwd = os.path.split(os.getcwd())
if cwd[-1] == 'tutorials':
    os.chdir('..')
    print(f'Changed directory to {os.getcwd()}')
!python --version

Python 3.7.4


# Import modules

In [3]:
from meta_analysis.find_riskiest_software import load_graph_network, riskiest_software
from meta_analysis.sum_unique_cves import load_graph_network, count_unique_cves
from meta_analysis.meta_analysis_scripts.count_bron_contents import count_contents

# Extra meta-analysis

This notebook contains _extra_ meta-analysis files that can be run on BRON. Make sure to first build the BRON before running meta-analyses. A tutorial on how to build BRON is available in the `tutorials` folder.

# Find riskiest software

This file finds the software, listed as an Affected Platform Configuration, that has the highest sum of CVSS scores in BRON. The file outputs the highest CVSS score and the software with the score. To find the riskiest software, run the following command:
```
python -m meta_analysis.find_riskiest_software --BRON_path BRON_PATH
```
`BRON_PATH` is file path of BRON.

In [4]:
BRON_path = 'example_data/example_output_data/BRON.json'
graph = load_graph_network(BRON_path)
riskiest_software(graph)

74.50000000000001 {'freerdp', 'lexiglot'}


(74.50000000000001, {'freerdp', 'lexiglot'})

# Sum CVSS scores of unique Vulnerabilities

This file sums the CVSS scores of unique Vulnerabilities that exist in BRON. To sum the CVSS scores of unique Vulnerabilities, run the following command:
```
python -m meta_analysis.sum_unique_cves --BRON_path BRON_PATH
```
`BRON_PATH` is file path of BRON.

In [5]:
BRON_path = 'example_data/example_output_data/BRON.json'
graph = load_graph_network(BRON_path)
count_unique_cves(graph)

1013.9999999999999


1013.9999999999999

# Count contents of BRON

This file counts the connections between data types in BRON. To count contents of BRON, run the following command:
```
python meta_analysis/meta_analysis_scripts/count_bron_contents.py --data_summary_folder_path DATA_SUMMARY_FOLDER_PATH --all_versions (optional) --all_years (optional)
```
`DATA_SUMMARY_FOLDER_PATH` is the folder path to subfolders of the data summaries for all data types. To consider all versions of Affected Platform Configurations, add the argument `--all_versions`. To consider all years of Vulnerability data, add the argument `--all_years`.

It is important for the data summary folder containing subfolders to have the following subfolder names:
```
* all_cves_all_versions
* recent_cves_all_versions
* all_cves_latest_version
* recent_cves_latest_version
```

Each of the subfolders should contain data summaries for all threat data types:
```
* tactic_summary.csv
* technique_summary.csv
* capec_summary.csv
* cwe_summary.csv
* cve_summary.csv
* cpe_summary.csv
```
Refer to `meta_analysis/make_data_summary.py` to create data summaries for all threat data types.

In [6]:
data_summary_folder_path = 'example_data/example_output_data'
all_versions = True
all_years = True
count_contents(data_summary_folder_path, all_versions, all_years)

tactic dict  {'floating': 0, 'above_only': 12, 'below_only': 0, 'both': 0}
technique dict  {'floating': 1, 'above_only': 195, 'below_only': 0, 'both': 70}
capec dict  {'floating': 128, 'above_only': 14, 'below_only': 325, 'both': 52}
cwe dict  {'floating': 0, 'above_only': 212, 'below_only': 9, 'both': 30}
cve dict  {'floating': 73, 'above_only': 0, 'below_only': 4, 'both': 140}
cpe dict  {'floating': 0, 'above_only': 277, 'below_only': 0, 'both': 0}
