# Sandbox
For testing and developing new Cyber Security Assessment tools in an interactive and persistent development environment.

In [None]:
import itertools
import json
import copy
import random
import warnings
import math
import numpy as np
import networkx as nx
import matplotlib.pyplot as plt
import scipy.stats.distributions as distr
import seaborn as sns
import pandapower
from pathlib import Path as p

from cyber.assets import Defence, Vulnerability, CommmonDefences, CyberDevice
from communication.graph import CommNode, CommEdge
from communication.network import Aggregator, Device, CommNetwork
from attackers.random_attacker import RandomAttacker
from cyber.analysis import Analyzer
from visualization import plot_communication_network

## Procedural Generation
### Abstract Tree
Consists of Devices and Aggregators. 
* Aggregators (internal nodes) require a **Hard** amount of effort to compromise and have a 50% chance of being compromised if the necessary effort is spent
* Devices (leaf nodes) require an **Easy** amount of effort to compromise and also have a 50% chance of being compromised if the necesssary effort is spent
* Control Center (root node) is **Very Hard** to compromise

Controllable parameters include:
* Number of devices (leaf nodes)
* Number of Entrypoints (points where cyberattacks can originate)
* Number of children per parent node (inversely proportional to redundancy)
* Random deviation in number of children
* Sibling to Sibling communication (lateral edges between nodes on the same level)

In [None]:
seed = np.random.randint(low=0, high=52600)
np.random.seed(seed); random.seed(seed)
print(f"Seed: {np.random.get_state()[1][0]}")

with warnings.catch_warnings():
    warnings.filterwarnings(action="ignore", category=FutureWarning)
    grid=pandapower.networks.create_cigre_network_mv(with_der="all")
    print(grid)
    pandapower.plotting.simple_plot(grid,
                                    plot_loads=True, plot_gens=True, plot_sgens=True, plot_line_switches=True,
                                    respect_switches=True, sgen_size=1.5, gen_size=1.5, switch_distance=2)
    network = CommNetwork(n_devices=3, n_entrypoints=1, children_per_parent=0, child_no_deviation=5, 
                    network_specs=p.cwd() / "specifications" / "SCADA_specifications.json", 
                    # "Default_specifications.json", "SmartMeter_specifications.json", "SCADA_specifications.json", "WAMS_specifications.json"
                    grid=grid,
                    enable_sibling_to_sibling_comm=True)
print(CommNetwork.show_tree(network.root))
print(f"Number of Components: {network.n_components}")

analyzer = Analyzer(network)

## Visualization
Plot the structure of the communication network. 

In [None]:
node_fc, node_ec, line_ec, node_to_pos = plot_communication_network(network, palette="tab10") # "tab10" (default), "Set2", "Paired", "flare"

In [None]:
import inspect
import matplotlib.path as mpath
import matplotlib.patches as mpatches
from matplotlib.lines import Line2D

class ElectricalPatchMaker():

    def __init__(self, symbol="trafo", **kwargs) -> None:
        methods = {method_name:method for method_name, method in inspect.getmembers(ElectricalPatchMaker, predicate=inspect.isfunction)}
        if symbol in methods:
            self.symbol = symbol
            self.patch, self.centroid = methods[self.symbol](self, **kwargs)
        else:
            raise ValueError(f"The symbol '{symbol}' is not currently supported.")

    def trafo(self, x0=0, y0=0, radius=1, **kwargs):
        circle1 = mpath.Path.circle(center=(x0,y0), radius=radius)
        circle2 = mpath.Path.circle(center=(x0+radius/2,y0), radius=radius)
        trafo_path = mpath.Path.make_compound_path(circle1, circle2)
        trafo_patch = mpatches.PathPatch(trafo_path, **kwargs)
        # Return Patch and its Centroid
        centroid = (x0+radius/4, y0)
        return trafo_patch, centroid

    def ext_grid(self, x0=-0.5, y0=-0.5,size=1, **kwargs):
        ext_grid_patch = mpatches.Rectangle((x0, y0), width=size, height=size,
                                         hatch="xxx", **kwargs)
        # Return Patch and its Centroid
        centroid = x0+size/2, y0+size/2
        return ext_grid_patch, centroid

    def line_switch(self, x0=-0.5, y0=-0.5, size=1, open=True, **kwargs):
        kwargs["fc"] = "None" if open else kwargs.get("ec", "black")
        line_path = mpath.Path(vertices=[(x0, y0), (x0+size, y0), (x0+size, y0+size), (x0, y0+size), (x0, y0)], codes=[1, 2, 2, 2, 79])
        line_patch = mpatches.PathPatch(line_path, **kwargs)
        # Return Patch and its Centroid
        centroid = (x0+size/2, y0+size/2)
        return line_patch, centroid
    
    def sgen(self, x0=0, y0=0, radius=1, joinstyle="bevel", **kwargs):
        t = radius * 0.8
        circle = mpath.Path.circle(center=(x0,y0), radius=radius)
        triangles = mpath.Path(vertices=[(x0-t,y0+t/2), (x0,y0+t/2), (x0-t/2, y0-t/2), (x0-t,y0+t/2), # Triangle (Down)
                                         (x0,y0-t/2), (x0+t,y0-t/2), (x0+t/2, y0+t/2), (x0,y0-t/2), # Triangle (Up)
                                         (x0-t,y0+t/2), (x0+t,y0+t/2), # Top Horizontal
                                         (x0-t,y0-t/2), (x0+t,y0-t/2),], # Bottom Horizontal
                                codes=[1,2,2,2,1,2,2,2,1,2,1,2])
        sgen_path = mpath.Path.make_compound_path(circle, triangles)
        sgen_patch = mpatches.PathPatch(sgen_path, joinstyle=joinstyle, **kwargs)
        # Return Patch and its Centroid
        centroid = (x0, y0)
        return sgen_patch, centroid
    
class CustomHandler(object):

    def legend_artist(self, legend, orig_handle, fontsize, handlebox):
        # centroid = orig_handle.centroid
        patch = orig_handle.patch
        patch.set_transform(handlebox.get_transform())
        handlebox.add_artist(patch)
        return patch

symbols = ["trafo", "ext_grid", "line_switch", "sgen"]
nrows = len(symbols) // 2 + (1 if len(symbols) % 2 != 0 else 0)
ncols = min(2, 1 + (len(symbols) // 2))
fig, axes = plt.subplots(figsize=(nrows*5,ncols*5), sharex=True, sharey=True,
                         nrows=nrows, ncols=ncols)
for i, symbol in enumerate(symbols):
    pm = ElectricalPatchMaker(symbol=symbol, edgecolor="black", facecolor="None", lw=3)
    ax = axes[i] if nrows == 1 else axes[i // 2, i % 2]
    ax.add_patch(pm.patch)
    ax.plot([pm.centroid[0]], [pm.centroid[1]], marker="*", markersize=5, color="black", zorder=10)
    ax.set(xlim=(-2, 2), ylim=(-2, 2), title=symbol, xticks=[], yticks=[])
plt.show()


In [None]:
import inspect
inspect.getmembers(trafo.patch, predicate=inspect.ismethod)

In [None]:
from matplotlib.transforms import CompositeGenericTransform, Affine2D, TransformedPatchPath, TransformNode, Tra


In [None]:
fig, ax = plt.subplots(nrows=1, ncols=1, figsize=(8,8))
# Lines
ax.scatter(x=grid.bus_geodata.x, y=grid.bus_geodata.y, label=grid.bus_geodata.index)
startx, starty = grid.bus_geodata.loc[grid.line.from_bus].x, grid.bus_geodata.loc[grid.line.from_bus].y
endx, endy = grid.bus_geodata.loc[grid.line.to_bus].x, grid.bus_geodata.loc[grid.line.to_bus].y
for x0, y0, x1, y1 in zip(startx, starty, endx, endy):
    plt.plot([x0, x1], [y0, y1], color="black", zorder=-1)

# Transformers
SIZE = 0.2
startx, starty = grid.bus_geodata.loc[grid.trafo.hv_bus].x, grid.bus_geodata.loc[grid.trafo.hv_bus].y
endx, endy = grid.bus_geodata.loc[grid.trafo.lv_bus].x, grid.bus_geodata.loc[grid.trafo.lv_bus].y
for x0, y0, x1, y1 in zip(startx, starty, endx, endy):
    print(x0, y0, x1, y1)
    plt.plot([x0, x1], [y0, y1], color="black", zorder=-1)
    trafo = ElectricalPatchMaker(symbol="trafo",
                                 x0=(x1+x0)/2, y0=(y1+y0)/2, radius=SIZE, fc="white").patch
                                 # transform=Affine2D().rotate_around(x=(x1+x0)/2, y=(y1+y0)/2, theta=np.pi)).patch
    print(trafo.get_transform())
    trafo.set_transform(ax.transData+Affine2D().rotate_deg(45))
    print(trafo.get_transform())
    ax.add_patch(trafo)
plt.show()

In [None]:
import warnings
from collections import Counter
from pandapower.plotting import draw_collections, create_bus_collection, create_line_collection, \
                                create_trafo_collection, create_line_switch_collection, \
                                create_sgen_collection, create_load_collection, create_ext_grid_collection
from matplotlib import colormaps
from matplotlib.colors import Normalize
from matplotlib.lines import Line2D

def modal_value(lst):
    data = Counter(lst)
    return data.most_common(1)[0][0]

fig, ax = plt.subplots(nrows=1, ncols=1, figsize=(8,8))
grid = network.grid
N = len(np.unique(grid.bus.vn_kv))
cmap_list = [(volt) for volt in np.unique(grid.bus.vn_kv)]
with warnings.catch_warnings():
    warnings.filterwarnings("ignore", "", category=FutureWarning)

    bus_patch = Line2D([0], [0], marker="8", markersize=10, markerfacecolor="white",
                       markeredgecolor="black", color="None")
    colors = plt.rcParams['axes.prop_cycle'].by_key()['color']
    bus_pc = create_bus_collection(grid, zorder=10,
        size=0.2, patch_type="poly8", 
        infofunc=lambda id:grid.bus.loc[id].name,
        # cbar_title="Bus Voltage (kV)",
        linewidth=2, color=["black"]*len(grid.bus))
        # cmap="jet", norm=Normalize(vmin=0, vmax=grid.bus.vn_kv.max()*1.1),
        # z=grid.bus.vn_kv)
    bus_coords = list(zip(grid.bus_geodata.loc[:, "x"].values, grid.bus_geodata.loc[:, "y"].values))

    ext_patch = ElectricalPatchMaker(symbol="ext_grid", x0=8, size=10, lw=2, fc="white", ec="black")
    ext_grid_pc = create_ext_grid_collection(grid, size=0.3)
    
    trafo_patch = ElectricalPatchMaker(symbol="trafo", x0=12, y0=4, radius=5, lw=2, fc="white", ec="black")
    trafo_pc = create_trafo_collection(grid, zorder=9,
        size=0.2, color="black",
        infofunc=lambda id:grid.bus.loc[id].name)
    
    switch_patch = ElectricalPatchMaker(symbol="line_switch", x0=8, size=10, lw=2, fc="white", ec="black")
    line_switch_pc = create_line_switch_collection(grid, zorder=8,
        size=0.2, distance_to_bus=0.5)
    
    gen_patch = ElectricalPatchMaker(symbol="sgen", x0=12, y0=4, radius=10, lw=1, fc="white", ec="black")
    gen_pc = create_sgen_collection(grid, zorder=9, linewidth=1,
        size=0.2, color="black", patch_facecolor="white", patch_edgecolor="black", orientation=0)

    load_patch= Line2D([0], [0], marker="v", markersize=10, markerfacecolor="white",
                       markeredgecolor="black", color="None")
    load_pc = create_load_collection(grid, zorder=8, linewidth=1,
        size=0.2, color="black", patch_facecolor="white", patch_edgecolor="black", orientation=np.pi)
    
    line_pc = create_line_collection(grid, zorder=0,
        use_bus_geodata=True, color="black")
    
    legend_map = {"Bus":bus_patch, "Generator":gen_patch, "Load":load_patch, "Transformer":trafo_patch,
                  "External Grid":ext_patch, "Switch":switch_patch}

draw_collections([bus_pc, ext_grid_pc, trafo_pc, line_switch_pc, gen_pc, load_pc, line_pc],
                 ax=ax, plot_colorbars=True, set_aspect=True, axes_visible=(True, True))

labels, handles = zip(*sorted(zip(*(legend_map.keys(), legend_map.values())), key=lambda t: t[0]))
fig.legend(labels=labels, handles=handles, loc="lower center", bbox_to_anchor=(0.5, -0.1), ncol=1 + (len(labels) // 3),
           handler_map={trafo_patch:CustomHandler(), ext_patch:CustomHandler(), switch_patch:CustomHandler(), gen_patch:CustomHandler()},
           title="Legend", fancybox=True, fontsize='large', title_fontsize='larger')

id_map = {equip.id: v for equip, v in network.equip_to_device.items()}
for bus_id in grid.bus_geodata.index:
    network.equip_to_device
    comm_ids = id_map[f"bus_{bus_id}"]

    # Color is determined by most common Device color attached to the equipment
    fcs, ecs = [], []
    for comm_id in comm_ids:
        device = network.id_to_node[comm_id]
        pos = node_to_pos[device]
        fcs.append(node_fc[pos])
        ecs.append(node_ec[pos])
    fc, ec = modal_value(fcs), modal_value(ecs)

    # Label equipment w. Communication Device ID (or range of IDs)
    label = f"{comm_id}" if len(comm_ids) == 1 else f"{min(comm_ids)}-{max(comm_ids)}"
    x, y = grid.bus_geodata.loc[bus_id, ["x", "y"]]
    plt.annotate(label,
                 xy=(x,y), xytext=(x-1.0, y+0.5), # Place text to top-left of Bus
                 xycoords="data", 
                 zorder=-1,
                 # Draw a rounded box (colored) around the text
                 bbox=dict(boxstyle="round,pad=0.3",
                           fc=fc, ec=ec, lw=1),
                 # Connect the box to the Bus with a dashed line
                 arrowprops=dict(arrowstyle="-", linestyle="--"))

In [None]:
from matplotlib.colors import to_rgb
from pandapower.plotting.plotting_toolbox import get_color_list
get_color_list(["black"]*15, 15),get_color_list("black", 15)

## Analysis

### Monte Carlo
Build an approximate profile of the network's cyber security by launching many cyber attacks. The higher N_ATTACKS the more precise the resulting distribution is, however this comes at the cost of increased computation time.
The more nodes are compromised, the more successful the attack.

#### Active Graph Only
Only perform Monte Carlo simulation on the currently active network.

In [None]:
N_ATTACKS = 1000
BUDGET = 52
ATTACKER_VARIANT = RandomAttacker
compromised_array, effort_array = analyzer.monte_carlo_analysis(n_attacks=N_ATTACKS, attacker_variant=ATTACKER_VARIANT, budget=BUDGET)
analyzer.plot_monte()

#### Varied Parameter
Perform monte carlo simulation while varying particular parameter, such as the level of redundancy in the network. 

In [None]:
import os
import multiprocess as mp
N_ATTACKS = 1000
N_DEVICES = 30
BUDGET = 52
SPEC = p.cwd() / "specifications" / "SmartMeter_specifications.json" 
SEED = np.random.randint(low=0, high=52600)
N_ENTRYPOINTS = 1 # Total budget is multiplied by this!
MIN_CHILDREN = 2
MAX_CHILDREN = N_DEVICES
CHILD_NO_STEP = 2
CHILD_NO_DEVIATION = 0
no_of_children = np.arange(MIN_CHILDREN, MAX_CHILDREN, CHILD_NO_STEP)
network_specs = dict(n_devices=N_DEVICES,
                     n_entrypoints=N_ENTRYPOINTS,
                     network_specs=SPEC,
                     child_no_deviation=CHILD_NO_DEVIATION,
                     enable_sibling_to_sibling_comm=True)

compromised_array, effort_array = analyzer.monte_carlo_multi_analysis(seed, "children_per_parent", no_of_children, budget=BUDGET, n_attacks=N_ATTACKS, **network_specs)
analyzer.plot_monte()

### Static Analysis
Given an infinite budget, breaksdown the probability of compromising components in the network. The resulting probabilities are exact (except for floating point precision issues) but do not scale well to larger communication networks (> 5 nodes). Useful as a static feature of a communication network. 

In [None]:
n_probs = analyzer.static_analysis(show_paths=False, verbose=True)
analyzer.plot_static()

In [None]:
# Adjacency Matrix
# Does not handle self-loops / backtracking
# Consequently, probabilities will differ from combinatorial approach

def superscript(num:int):
    sup_map = {0: f"\N{SUPERSCRIPT ZERO}", 1: f"\N{SUPERSCRIPT ONE}", 2: f"\N{SUPERSCRIPT TWO}", 3: f"\N{SUPERSCRIPT THREE}", 4: f"\N{SUPERSCRIPT FOUR}", 
           5: f"\N{SUPERSCRIPT FIVE}",  6: f"\N{SUPERSCRIPT SIX}", 7: f"\N{SUPERSCRIPT SEVEN}", 8: f"\N{SUPERSCRIPT EIGHT}", 9: f"\N{SUPERSCRIPT NINE}"}
    return "".join(sup_map[digit] for digit in map(int, str(num)))

np.set_printoptions(precision=2, floatmode="maxprec_equal")
nodes = sorted(network.graph.nodes(), key=lambda node: node.id)
prob_lookup = [node.get_prob_to_compromise() for node in nodes]
print(f"Probabilities: {prob_lookup}")


A = nx.adjacency_matrix(network.graph, nodelist=nodes, weight="p").todense()
n_probs = {}
oldA = np.eye(A.shape[0])
for i in range(len(nodes)):
    newA = oldA@A
    # np.fill_diagonal(newA, val=0)
    print(f"A{superscript(i+1)}\n", newA)
    n_probs[i+1] = np.triu(newA, k=1).sum()
    print(f"A{superscript(i+1)}: {n_probs[i+1]}")
    oldA = newA

In [None]:
# Mutually Exclusive Approach
# Assumes you can jump and independently attack any node (i.e. ignores communication connections!)

time_required = 0.0
nodes = network.graph.nodes()
node_probs = {node: node.get_prob_to_compromise() for node in nodes}

n_probs = {}
all_nodes = set(nodes)
cumulative = 0.0
for n_devices in range(network.n_components, 0, -1):
    n_probs[n_devices] = cumulative
    for combination in itertools.combinations(nodes, n_devices):
        probability_to_compromise = 1.0
        combination = set(combination)
        missing_nodes = all_nodes.difference(combination)
        for node in combination:
            probability_to_compromise *= node_probs[node]
        for node in missing_nodes:
            probability_to_compromise *= (1 - node_probs[node])
        n_probs[n_devices] += probability_to_compromise 
    cumulative += n_probs[n_devices]
print("\n".join(f"{k} devices: {v}" for k,v in sorted(n_probs.items(), key=lambda item: item[0])))
print("Sum:", sum(n_probs.values()))

In [None]:
# If the probability of compromising all components is the same,
# we can use the Binomial distribution function
# Takes: 12.6 µs
N = network.n_components
k = 2
p = 0.5
cumulative = 0.0
for k in range(N, 0, -1):
    prob = math.comb(N, k)*math.pow(p, k)*math.pow(1-p,N-k)
    print(f"{k} Devices: {cumulative + prob}")
    cumulative += prob

In [None]:
import scipy.stats.distributions as distr
distr_lookup = {
    "TruncNorm": distr.truncnorm, # Continuous, loc=mean (float), scale=standard deviation (float)
    "Exponential": distr.expon, # Continuous, scale = 1 / lambda (float)
    "Gamma": distr.gamma, # Continuous, a = shape parameter (integer)
    "Bernoulli": distr.bernoulli, # Discrete
}
n_attacks = 20
is_successful = distr.bernoulli(0.5).rvs(size=n_attacks).astype(bool)
time_taken = distr.expon(scale=0.0).rvs(size=n_attacks)[is_successful]
print(f"Successful Attacks {sum(is_successful)}/{n_attacks}\nTime Taken per Successful Attack: {time_taken}")

## Communication Network Specifications
Explores how we can supply structured information to our procedural network generation algorithm. Includes information such as the types of components and defences we expect to see in the communication network.

In [None]:
# seed = np.random.randint(low=0, high=52600)
seed = 27194
print(f"Seed: {seed}")
np.random.seed(seed)
pcn = CommNetwork(n_devices=15, n_entrypoints=1, children_per_parent=5, child_no_deviation=1,
                  network_specs="SmartMeterNetworkSpecifications.json",
                  enable_sibling_to_sibling_comm=True)


## Power System Component Association

In [None]:
import inspect
import warnings
import numpy as np
import pandapower as pp
import pandapower.networks as grids
grid = pp.create_empty_network()
grid_filter = lambda module: inspect.isfunction(module) and not module.__name__.startswith("_")
grid_map = {grid_name:grid_creator for grid_name, grid_creator in \
            inspect.getmembers(grids, predicate=grid_filter)}
grid_options = list(grid_map.keys())
print(", ".join(grid_map.keys()))
CHOSEN_GRID = "mv_oberrhein" # "create_cigre_network_mv" # Can be None
kwargs = dict(scenario="generation", include_substations=True) #  dict(with_der="all")
with warnings.catch_warnings():
    warnings.filterwarnings(action="ignore", category=FutureWarning)
    grid_name = np.random.choice(grid_options) if CHOSEN_GRID is None else CHOSEN_GRID
    print(f"Grid: {grid_name}")
    grid = grid_map[grid_name](**kwargs)
    print(grid)
    # Controllable
    n_controllable = sum(getattr(grid, attr).shape[0] for attr in ["gen", "shunt", "trafo", "switch"])
    print(f"No. of controllable elements: {n_controllable} (generators, shunts, transformers and switches)")
    # Sensor-Only
    n_sensor_only = sum(getattr(grid, attr).shape[0] for attr in ["bus", "load", "line"])
    print(f"No. of sensor-only elements: {n_sensor_only} (buses, loads and lines)")
    print(f"Total (possible) no. of devices: {n_sensor_only+n_controllable} (generators, shunts, transformers and switches, buses, loads and lines)")

# grid.switch.closed = True
pp.plotting.simple_plot(grid, respect_switches=True, plot_line_switches=True, plot_loads=True, plot_gens=True, plot_sgens=True, )


In [None]:
seed = np.random.randint(low=0, high=52600)
np.random.seed(seed); random.seed(seed)
print(f"Seed: {np.random.get_state()[1][0]}")

with warnings.catch_warnings():
    warnings.filterwarnings(action="ignore", category=FutureWarning)
    grid = pandapower.networks.mv_oberrhein(scenario="generation") # pandapower.networks.case14()
    print(grid)
    pcn = CommNetwork(n_devices=30, n_entrypoints=1, children_per_parent=0, child_no_deviation=5, 
                    network_specs=p.cwd() / "specifications" / "SCADA_specifications.json", 
                    # "Default_specifications.json", "SmartMeter_specifications.json", "SCADA_specifications.json", "WAMS_specifications.json"
                    grid=grid,
                    enable_sibling_to_sibling_comm=True)
print(CommNetwork.show_tree(pcn.root))
print(f"Number of Components: {pcn.n_components}")