Skip to content

Tool for analysis of security certificates and their security targets (Common Criteria, NIST FIPS140-2...).

License

Notifications You must be signed in to change notification settings

Julik24/sec-certs

 
 

Repository files navigation

Sec-certs

A tool for data scraping and analysis of security certificates from Common Criteria and FIPS 140-2/3 frameworks.

Website Website PyPI DockerHub PyPI - Python Version Tests Codecov

Papers

Two publications accompany this project:

Note

  • Janovsky, A., Jancar, J., Svenda, P., Chmielewski, Ł., Michalik, J., & Matyas, V. (2024). sec-certs: Examining the security certification practice for better vulnerability mitigation. Computers & Security, 143. https://doi.org/10.1016/j.cose.2024.103895
  • Janovsky, A., Chmielewski, Ł., Svenda, P., Jancar, J., Matyas, V. (2024). Chain of Trust: Unraveling References Among Common Criteria Certified Products. In: Pitropakis, N., Katsikas, S., Furnell, S., Markantonakis, K. (eds) ICT Systems Security and Privacy Protection. SEC 2024. IFIP Advances in Information and Communication Technology, vol 710. Springer, Cham. https://doi.org/10.1007/978-3-031-65175-5_14

Installation

Use Docker with docker pull seccerts/sec-certs or just pip install -U sec-certs && python -m spacy download en_core_web_sm. For more elaborate description, see docs.

Usage

There are two main steps in exploring the world of security certificates:

  1. Data scraping and data processing all the certificates
  2. Exploring and analysing the processed data

For the first step, we currently provide CLI. For the second step, we provide simple API that can be used directly inside our Jupyter notebook or locally, together with a fully processed datasets that can be downloaded.

More elaborate usage is described in docs/quickstart. Also, see example notebooks either at GitHub or at docs. From docs, you can also run our notebooks in Binder.

Data scraping

Run sec-certs cc all for Common Criteria processing, sec-certs fips all for FIPS 140 processing.

Data analysis

Most probably, you don't want to fully process the certification artifacts by yourself. Instead, you can use our results and explore them as a data structure. An example snippet follows. For more, see example notebooks. Tip: these can be run with Binder from our docs.

from sec_certs.dataset import CCDataset

dset = CCDataset.from_web_latest() # now you can inspect the object, certificates are held in dset.certs
df = dset.to_pandas()  # Or you can transform the object into Pandas dataframe
dset.to_json(
    './latest_cc_snapshot.json')  # You may want to store the snapshot as json, so that you don't have to download it again
dset = CCDataset.from_json('./latest_cc_snapshot.json')  # you can now load your stored dataset again

# Get certificates with some CVE
vulnerable_certs = [x for x in dset if x.heuristics.related_cves]
df_vulnerable = df.loc[~df.related_cves.isna()]

# Show CVE ids of some vulnerable certificate
print(f"{vulnerable_certs[0].heuristics.related_cves=}")

# Get certificates from 2015 and newer
df_2015_and_newer = df.loc[df.year_from > 2014]

# Plot distribution of years of certification
df.year_from.value_counts().sort_index().plot.line()

About

Tool for analysis of security certificates and their security targets (Common Criteria, NIST FIPS140-2...).

Resources

License

Code of conduct

Stars

Watchers

Forks

Releases

No releases published

Packages

No packages published

Languages

  • Jupyter Notebook 65.0%
  • HTML 17.9%
  • Python 17.0%
  • Other 0.1%