Compute highest level of SAR, SFR claimed, display with text information on web

[petrs]

Use extracted SAR and SFR claims, heuristically establish the likely achieved value (highest) and visually display (e.g., within the minimum and maximum range levels).

Example: https://seccerts.org/cc/861434b03ddcac64/ Security target Security Assurance Requirements (SAR) ADV_FSP.5

[adamjanovsky]

@petrs From where should these be collected? Technically, they can appear at multiple places:

• Security target keywords
• Certification report keywords
• In the linked protection profiles. For instance, some certificate links to a protection profile for which we have a processed sample in pp_dataset.json. That PP can also list SARs that need to be parsed on their own...
• Directly in the security_level field parsed from csv, e.g.,

"security_level": {
                "_type": "Set",
                "elements": [
                    "ALC_FLR.3",
                    "EAL3"
                ]
},

If there's a conflict in the SARs, how should the conflict be resolved?

Currently, I'm capable of parsing the SARs from security target. I can quite quickly (2h work) add parsing from certification report. Problem with PPs is that the processed dataset contains old regular expressions and we don't have functionality for parsing PPs just yet. So, combining with PPs data is problematic...

[adamjanovsky]

@petrs

For now, SARs are collected from three sources sorted according to their priorities:

1. CSV scan (security level field)
2. Security target (highest level counts)
3. Certification report (highest level counts)

See how conflicts are resolved: https://github.com/crocs-muni/sec-certs/blob/2e45dd5c04a29a60c5fe7907491ca9633118c814/sec_certs/model/sar_transformer.py#L63-L94

Processing of protection profiles skipped for now.