From a4fc78feef06593d923c8bc151e76406b202d9c2 Mon Sep 17 00:00:00 2001 From: YacineKhamis Date: Tue, 11 Jul 2017 18:24:02 +0200 Subject: [PATCH] First part of dashboard specifications Pictures need to be added, as the missing content that need to be formatted and translated --- DashboardSpecs_Draft.md | 130 ++++++++++++++++++++++++++++++++++++++++ 1 file changed, 130 insertions(+) create mode 100644 DashboardSpecs_Draft.md diff --git a/DashboardSpecs_Draft.md b/DashboardSpecs_Draft.md new file mode 100644 index 0000000..43914a3 --- /dev/null +++ b/DashboardSpecs_Draft.md @@ -0,0 +1,130 @@ +# MONARC Dashboard functional specifications + +> Draft version. Pending for approval + +## A. Purpose & objectives +{TODO} + + +## B. Functional specifications +### I. Backend +{TODO} +#### I.1) Scheduled job + +#### I.2) Model extend + +### II. Frontend +--- +#### II.1) Overview +##### 11) Layout +##### 12) Components +###### 12a. Risks +###### 12b. Threats +###### 12c. Vulnerabilities +###### 12d. Cartography +--- +#### II.2) Decision support +##### 21) Layout + +{IMG PLACEHOLDER : main decision tab layout} + +The decision support view must be composed of 2 areas splitting the available space at screen horizontally. It must be possible for the user to drag a delimiter between the two areas to cleansen the view. +The 2 areas will both display a list of textual elements. These elements should be highlighted when clicked the first time. + +{IMG PLACEHOLDER : individual list} + +##### 22) Components +###### 22a. Custom action plan +The first component of the decision support tab is a priority queue concerning the recommandations done by the risk assessor. +Indeed, one must have the ability to choose a strategy in a dropdown list and then be provided with different results. The available strategies are the following : +* Cost +* Time +* Quality +* Criticity +* Importance +* Likelihood + +Each element of the list represents a measure which will be presented as following : + +|#| Field1 | Field2 | Field3 | Field4 | Field5 | +|---|---|---|---|---|---| +|1| ExampleField1 | ExampleField2 | ExampleField3 | ExampleField4 | ExampleField5 | + +About the different strategies that one must find in the dropdown list, they are described below : + +| Strategy | Description | Score | +|---|---|---| +| Cost | Prioritize the cheapest mesures | = ↗ 0.75 x initial cost + 0.25 x maintenance | +| Time | Put the recommandation that are the shortest to set up at the top of the queue | = ↗ time qualification | +| Quality | Prioritize the measures which decrease the most the overall vulnerability | = ↘ Σ ( Vuln before - Vuln after ) for each risk assigned to the recommandation | +| Criticity | Highlight the most spread measures among the organization's risks | = ↘ Number of risks mitigated | +| Importance | Put in order according to the criteria of importance of the risk assessor | = ↘ Measure's importance criteria | +| Likelihood | Prioritize the measures that are related to the most likely risks | = ↘ Σ ( Threat probability x Vulnerability qualification ) | + + +###### 22b. Risk factors +The second part of the decision support tab is about highlight specific aspect of the risk analysis that might stayed unoticed from the user otherwise. + +> The application will only display the most significant risk amongst those shared by global assets + +One must have to choose from a dropdown list the following options : +* Global risks +* Vulnerabilities +* Threats + +Similarly to above, the application will give a score according to the chosen option and then list the results, which here will be different for each option. + +Global risk element : + +|#| Field1 | Field2 | Field3 | Field4 | Field5 | +|---|---|---|---|---|---| +|1| ExampleField1 | ExampleField2 | ExampleField3 | ExampleField4 | ExampleField5 | + +Threat element : + +|#| Field1 | Field2 | Field3 | Field4 | Field5 | +|---|---|---|---|---|---| +|1| ExampleField1 | ExampleField2 | ExampleField3 | ExampleField4 | ExampleField5 | + +Vulnerability element : + +|#| Field1 | Field2 | Field3 | Field4 | Field5 | +|---|---|---|---|---|---| +|1| ExampleField1 | ExampleField2 | ExampleField3 | ExampleField4 | ExampleField5 | + +Here is how the score must be calculated for each option : + +| Option | Description | Score | Order By | +|---|---|---|---| +| Global risks | Show risks that might be more present than the UI let see | ↘ number of asset which contain that risk | Current risk value | +| Threats | Highlight the most spread threats | ↘ number of asset concerned by the threat | Threat probability score | +| Vulnerabilities | Bring out the real weaknesses of the organisation | ↘ number of asset affected by the same vulnerability | Vulnerability | + +--- +#### II.3) Perspective +##### 31) Layout +{IMG PLACEHOLDER : perspective tab layout} + +This last view of the dashboard is meant to compare two snapshot of the risk analysis : the one currently in use and another one that one must be able to load through an upload field. + +This perspective view will then be composed of one plot, in which different bar charts will be nested. +In fact, the user must be given a checkbox from which he could choose what chart is revelant to him and display it. + +{IMG PLACEHOLDER : example of 1 chart} + +##### 32) Components +###### 32a. Evolutions & tendancies +The main plot area should not label any axis since informations presented are in different scales. Indeed, the values should be displayed directly on mouse hovering in a tooltip. +The values inside the checkbox should be filled with the following options : + +| Value | Description | +|---|---| +| Aggregated Risks | Show the total risk number no matter their value | +| Splitted Risks | Show strong, medium and weak risks total number | +| Assets | Compare the number of assets present in the risk analysis | +| Applied recomandations | Bring out number of applied recommandations | +| Risk mean | Put in perspective the overall risk value for both risk analysis | + +> Aggregated and splitted options shall be exclusive + +---