5/31/06 (Wednesday):

• Met with Jan and discussed basics of Attack Graphs and modelling of system security.
  

6/2/06 (Friday):

• Viewed and discussed GME metamodel that is used for metamodeling.
• Further discussed good modeling practices.  Modelled a bicycle as example.
  
• Read through more Attack Graph material.

6/5/06 (Monday):

• Spent the day reading Secrets and Lies.
  

6/6/06 (Tuesday):

• Read the paper "Attack Modeling for Information Security and Survivability" and more Secrets and Lies.
• Browsed http://www.amenaza.com , a site that offers (expensive) software to do attack graph modeling.
  
• Began construction of the AttackGraph paradigm in GME.
  

6/7/06 (Wednesday):

• Studied the OCL language and designed multiplicity constraints for GME meta-model.
• Learned about GME interpreters constructed using C++.
• Outlined a Pathfinder algorithm to be coded into an interpreter.

6/8/06 (Thursday):

• Created BON interpreter for Attack Graph paradigm.
• Wrote method to find the goal of an Attack Tree.
• Wrote a method to percolate up the possibilities of the leaf nodes to parent nodes.
  

6/9/06 (Friday):

• Worked on more Interpreter algorithms.
• Tried to build interpreter that would list all possible paths to the goal of an Attack tree.

6/12/06 (Monday):

• Successfully completed the pathfinder algorithm allowing all possible paths to the goal node to be found.  Implementation included a recursive function and use of a stack of strings.
• Added CostToAttack, CostToDefend, and CostofAttack variables to nodes in the AttackGraph paradigm.

6/13/06 (Tuesday):

• Created a class PathData for holding a path list along with interesting data members, like whether the path is detectable and legal.
  
• Created a few sample models for demonstration purposes.

6/14/06 (Wednesday):

• Designed a set of icons for use in the AttackGraph.
• Began work on and completed an interpreter to assign these icons to the nodes based on their properties.
• Worked on tidying code and analyzing the security of individual nodes.
  

6/15/06 (Thursday):

• Began implementation of a user interface in which the user can specify which paths are a threat to their security.
• Added functionality to the interpreter to display a found path.
  
• Created data structure for storing user specifications from user interface.
• Refactored code for more efficient use of memory.
• Read through XML tutorial.
  

6/16/06 (Friday):

• Integrated the icon setting and pathfinding interpreters.  In addition, the pathfinder now verifies necessary attributes of the attack graph have been set before setting icons and running pathfinding routines.
• Created an interpreter based primarily on a recursive function to export the present model into an XML document.
  
• Worked on user interface options and their implementations.
• Refactored code to use strategy pattern.
  

6/19/06 (Monday):

• Began work on an XML parser for importing XML documents.
• Completed the vulnerable path filter implementation GUI.
  

6/20/06 (Tuesday):

• Continued working on XML parser for importing XML documents.
• Began work on a method to display each vulnerable path in a new model within the model from which interpreter was called.
  

6/21/06 (Wednesday):

• Continued working on XML parser.
• Completed method that displays each path in a model.
  
• Added error detection and warning messages to user interface.

6/22/06 (Thursday):

• Continued working on XML parser.
• Equipped interpreter to create a GME model from results of XML parser.
  

6/26/06 (Monday):

• Created outline for midterm presentation and report.

6/27/06 (Tuesday):

• Worked on midterm presentation.
• Studied cyclical OCL constraints.

6/28/06 - 6/29/06 (Tuesday - Wednesday):

• Worked on midterm presentation and report.
• Gave dry run on presentation for SIPHER group.

6/30/06 (Friday):

• Gave midterm presentation for ISIS.

7/5/06 (Wednesday)

• Began and made good progress on an interpreter for collapsing and expanding a tree at a node.  The metamodel had to be upgraded to allow for a connection from a model to a node.  The connection is displayed as a black dashed line.
  
• Debugged the XML parser to deal with an occasional error.
• When paths are displayed on a graph, the line is now solid red as opposed to black dashed to avoid confusion with the model-node connection and better convey vulnerable paths.

7/6/06 (Thursday)

• Expanded the collapsing interpreter to expand a model in a tree, but have yet to deal with a bug where-in models cannot be destroyed (GME crashes).  Awaiting assistance on this matter.
  
• Modified the user interface.

7/7/06 (Friday)

• Discovered the problem causing the expanding interpreter to fail.  The children of a model were being manually destroyed, but when the model itself was being destroyed for some reason or another it still thought it had all of its old children, causing destroy functions to be called on non-existant objects.  To fix this problem the manual destruction was removed from the general copy function.  Instead, a recursive function for destroying a tree branch starting at a specific node was made for use with the collapse feature.

7/10/06 (Monday)

• Added additional output options to the user interface.
• Debugged functionality issues with multiple nesting of collapsed elements.  A bug in GME itself may be causing an issue.

7/11/06 (Tuesday)

• Finally nicked the reason why the collapse/expand interpreter failed upon multiple nesting.  The function to get connections has a third variable to determine whether connections underneath will be retrieved also.  We used its default value, meaning any nested connections would also be received, while we wanted to set it as false to retrieve only objects directly connected to that object.  In other words that interpreter is now finished.
• Enhanced the Pathfinder interpreter to delete models that had been generated by the previous interpreter run.

7/12/06 (Wednesday)

• Developed methods for complete expansion of a tree and subsequent recollapsal, for lack of a better word.  These will be used to allow the existing pathfinder algorithms to function properly.
• Had an issue with these methods wherein existing GME methods must be upgraded to destroy objects in a model.  We have this upgrade almost completed.
  

7/14/06 (Friday)

• Debugged collapse/expand interpreter.
• Updated paradigm and sample attack graph models.

7/17/06 (Monday)

• After realizing the inability of GME to properly maintain destroyed objects, decided to rewrite the main interpreter to deal with collapsed models.
  
• Formatted Graphviz output.

7/18/06 (Tuesday)

• Upgraded the main interpreter to be compatible with the latest collapsable paradigm.
• Designed the acyclic OCL constraint.
• Attended the SIPHER presentation on graduate school.
  

7/19/06 (Wednesday)

• Completed the updating of interpreters.
  

7/20/06 (Thursday)

• Designed new paradigm with attributes that could better describe security threats.  Replaced boolean detection, legal, special tools needed, and possible with double values technical ability and probability of apprehension.  Renamed model as AttackTree.
• Updated icons with a consistent scheme.
  

7/21/06 (Friday) - 7/24/06 (Monday)

• Extensively updated interpreters and dialog to work with new paradigm.

7/25/06 (Tuesday)

• Finished upgrading all existing interpreters and algorithms to new paradigm.
• Began work on an analysis dialog for displaying attributes of vulnerable paths.
  

7/26/06 (Wednesday)

• Implemented all functionality for new analysis dialog.
• Cleared out old options from user interface and main interpreter that were outdated.