Example OTM files - Githubissues

iriusrisk / startleft

StartLeft is an automation tool for generating Threat Models written in the Open Threat Model (OTM) format from a variety of different sources such as IaC files, diagrams or projects exported from Threat Modelling tools.

https://iriusrisk.github.io/startleft/

Apache License 2.0

48 stars 13 forks source link

Example OTM files #37

Open stevespringett opened 2 years ago

stevespringett commented 2 years ago

Hello. I’m looking for example otm files that conform to the current schema. Ideally I’m looking for a few simple files containing a handful of components, single trust boundary line, and simple data flows. Also if there are more complex examples with mesh looking dataflows, multiple trust boundaries, etc, that would be ideal,

Ideally, examples would be incorporated into unit tests in this repo and kept up to date as the otm schema evolves.

dantolin-iriusrisk commented 1 year ago

Hi, @stevespringett! You can find a lot of OTM examples in the test/resources folder of each SLP, which are used for testing purposes but are also interesting to check different OTM structures. You can also take a look at the EXAMPLE.md of the OpenThreatModel repository.

Anyway, I find interesting your idea of having a reference set of OTMs that could be also used as the basis of unit tests for the schema validation. Let us think a little more about this and update again this issue.