Suggest to support converting c4 models into pytm

[highkay]

As the pytm is really charming in saving threat modeling time. But we have a lot of c4 models in c4plantuml type, it is great to convert them into pytm type. It is reasonable to doing threat modeling in design and architecture stage at once.

[highkay]

https://github.com/geret1/plantuml-schemas/blob/main/stride.puml do some sense but don't support threat auto generating.

[izar]

I know of C4 but have never used it. Is it practical to convert it to pytm?

[colesmj]

Do you have a sample c4plantuml diagram definition you can provide for this issue? A conversion from C4 to pytm might be valuable, but it would require translating the constructs used in a C4 schema (from plantuml or elsewhere) to the structures pytm supports. Having a sample we could work from and discuss would be great to support this request.

[colesmj]

For reference, here is the c4-plantuml project: https://github.com/plantuml-stdlib/C4-PlantUML

[highkay]

yes, we use this project to write our architecture.

[raphaelahrens]

Is it possible to add custom attributes to the c4 model?
For example implementations details like serialization formats, protocols, runtime enviroment, etc.
It so you could completely work with the c4 tools and only use pytm for the threat model report.

Then the question would be how to transform the c4 model to the JSON representation of pytm (see #105 ).
This could even be its own tool.
An issue I see here is that currently the data model of pytm is very coupled with the pytm DSL and a change in the DSL leads to changes in the data format.

[highkay]

the c4plantuml models have details serialization formats, protocols, runtime enviroment, etc, but without schema, you could write anything in the model.