Components
avidtools.datamodels.components
Component data classes used in AVID report and vulnerability datamodels.
- pydantic model LangValue[source]
Bases:
BaseModelGeneric class to store a string with its language specified.
Show JSON schema
{ "title": "LangValue", "description": "Generic class to store a string with its language specified.", "type": "object", "properties": { "lang": { "title": "Lang", "type": "string" }, "value": { "title": "Value", "type": "string" } }, "required": [ "lang", "value" ] }
- Fields:
- field lang: str [Required]
- field value: str [Required]
- pydantic model Artifact[source]
Bases:
BaseModelType and name of an affected artifact.
Show JSON schema
{ "title": "Artifact", "description": "Type and name of an affected artifact.", "type": "object", "properties": { "type": { "$ref": "#/definitions/ArtifactTypeEnum" }, "name": { "title": "Name", "type": "string" } }, "required": [ "type", "name" ], "definitions": { "ArtifactTypeEnum": { "title": "ArtifactTypeEnum", "description": "Whether the artifact is a dataset, model, or system.", "enum": [ "Dataset", "Model", "System" ], "type": "string" } } }
- field type: ArtifactTypeEnum [Required]
- field name: str [Required]
- pydantic model Detection[source]
Bases:
BaseModelMethod to detect a specific issue.
Show JSON schema
{ "title": "Detection", "description": "Method to detect a specific issue.", "type": "object", "properties": { "type": { "$ref": "#/definitions/MethodEnum" }, "name": { "title": "Name", "type": "string" } }, "required": [ "type", "name" ], "definitions": { "MethodEnum": { "title": "MethodEnum", "description": "The values a detection method can take.", "enum": [ "Significance Test", "Static Threshold" ], "type": "string" } } }
- field type: MethodEnum [Required]
- field name: str [Required]
- pydantic model Affects[source]
Bases:
BaseModelInformation on Artifact(s) affected by this report.
Show JSON schema
{ "title": "Affects", "description": "Information on Artifact(s) affected by this report.", "type": "object", "properties": { "developer": { "title": "Developer", "type": "array", "items": { "type": "string" } }, "deployer": { "title": "Deployer", "type": "array", "items": { "type": "string" } }, "artifacts": { "title": "Artifacts", "type": "array", "items": { "$ref": "#/definitions/Artifact" } } }, "required": [ "developer", "deployer", "artifacts" ], "definitions": { "ArtifactTypeEnum": { "title": "ArtifactTypeEnum", "description": "Whether the artifact is a dataset, model, or system.", "enum": [ "Dataset", "Model", "System" ], "type": "string" }, "Artifact": { "title": "Artifact", "description": "Type and name of an affected artifact.", "type": "object", "properties": { "type": { "$ref": "#/definitions/ArtifactTypeEnum" }, "name": { "title": "Name", "type": "string" } }, "required": [ "type", "name" ] } } }
- Fields:
- field developer: List[str] [Required]
- field deployer: List[str] [Required]
- pydantic model Problemtype[source]
Bases:
BaseModelDescription of the problem a report/vuln is concerned with.
Show JSON schema
{ "title": "Problemtype", "description": "Description of the problem a report/vuln is concerned with.", "type": "object", "properties": { "classof": { "$ref": "#/definitions/ClassEnum" }, "type": { "$ref": "#/definitions/TypeEnum" }, "description": { "$ref": "#/definitions/LangValue" } }, "required": [ "classof", "description" ], "definitions": { "ClassEnum": { "title": "ClassEnum", "description": "All report/vulnerability classes.", "enum": [ "AIID Incident", "ATLAS Case Study", "CVE Entry", "LLM Evaluation", "Undefined" ], "type": "string" }, "TypeEnum": { "title": "TypeEnum", "description": "All report/vulnerability types.", "enum": [ "Issue", "Advisory", "Measurement", "Detection" ], "type": "string" }, "LangValue": { "title": "LangValue", "description": "Generic class to store a string with its language specified.", "type": "object", "properties": { "lang": { "title": "Lang", "type": "string" }, "value": { "title": "Value", "type": "string" } }, "required": [ "lang", "value" ] } } }
- Fields:
- pydantic model Metric[source]
Bases:
BaseModelQuantification of the issue in a specific report.
Show JSON schema
{ "title": "Metric", "description": "Quantification of the issue in a specific report.", "type": "object", "properties": { "name": { "title": "Name", "type": "string" }, "detection_method": { "$ref": "#/definitions/Detection" }, "results": { "title": "Results", "type": "object" } }, "required": [ "name", "detection_method", "results" ], "definitions": { "MethodEnum": { "title": "MethodEnum", "description": "The values a detection method can take.", "enum": [ "Significance Test", "Static Threshold" ], "type": "string" }, "Detection": { "title": "Detection", "description": "Method to detect a specific issue.", "type": "object", "properties": { "type": { "$ref": "#/definitions/MethodEnum" }, "name": { "title": "Name", "type": "string" } }, "required": [ "type", "name" ] } } }
- field name: str [Required]
- field results: Dict [Required]
- pydantic model Reference[source]
Bases:
BaseModelDetails for a reference of a report/vulnerability.
Show JSON schema
{ "title": "Reference", "description": "Details for a reference of a report/vulnerability.", "type": "object", "properties": { "type": { "title": "Type", "type": "string" }, "label": { "title": "Label", "type": "string" }, "url": { "title": "Url", "type": "string" } }, "required": [ "label", "url" ] }
- Config:
fields: dict = {‘type’: {‘exclude’: True}}
- Fields:
- field type: str | None = None
- field label: str [Required]
- field url: str [Required]
- pydantic model AvidTaxonomy[source]
Bases:
BaseModelAVID taxonomy mappings of a report/vulnerability.
Show JSON schema
{ "title": "AvidTaxonomy", "description": "AVID taxonomy mappings of a report/vulnerability.", "type": "object", "properties": { "vuln_id": { "title": "Vuln Id", "type": "string" }, "risk_domain": { "title": "Risk Domain", "type": "array", "items": { "type": "string" } }, "sep_view": { "type": "array", "items": { "$ref": "#/definitions/SepEnum" } }, "lifecycle_view": { "type": "array", "items": { "$ref": "#/definitions/LifecycleEnum" } }, "taxonomy_version": { "title": "Taxonomy Version", "type": "string" } }, "required": [ "risk_domain", "sep_view", "lifecycle_view", "taxonomy_version" ], "definitions": { "SepEnum": { "title": "SepEnum", "description": "All (sub)categories of the SEP view of the AVID taxonomy.", "enum": [ "S0100: Software Vulnerability", "S0200: Supply Chain Compromise", "S0201: Model Compromise", "S0202: Software Compromise", "S0300: Over-permissive API", "S0301: Information Leak", "S0302: Excessive Queries", "S0400: Model Bypass", "S0401: Bad Features", "S0402: Insufficient Training Data", "S0403: Adversarial Example", "S0500: Exfiltration", "S0501: Model inversion", "S0502: Model theft", "S0600: Data Poisoning", "S0601: Ingest Poisoning", "E0100: Bias/ Discrimination", "E0101: Group fairness", "E0102: Individual fairness", "E0200: Explainability", "E0201: Global explanations", "E0202: Local explanations", "E0300: User actions", "E0301: Toxicity", "E0302: Polarization/ Exclusion", "E0400: Misinformation", "E0401: Deliberative Misinformation", "E0402: Generative Misinformation", "P0100: Data issues", "P0101: Data drift", "P0102: Concept drift", "P0103: Data entanglement", "P0104: Data quality issues", "P0105: Feedback loops", "P0200: Model issues", "P0201: Resilience/ Stability", "P0202: OOD generalization", "P0203: Scaling", "P0204: Accuracy", "P0300: Privacy", "P0301: Anonymization", "P0302: Randomization", "P0303: Encryption", "P0400: Safety", "P0401: Psychological Safety", "P0402: Physical safety", "P0403: Socioeconomic safety", "P0404: Environmental safety" ], "type": "string" }, "LifecycleEnum": { "title": "LifecycleEnum", "description": "All (sub)categories of the lifecycle view of the AVID taxonomy.", "enum": [ "L01: Business Understanding", "L02: Data Understanding", "L03: Data Preparation", "L04: Model Development", "L05: Evaluation", "L06: Deployment" ], "type": "string" } } }
- Config:
fields: dict = {‘vuln_id’: {‘exclude’: True}}
- Fields:
- field vuln_id: str | None = None
- field risk_domain: List[str] [Required]
- field lifecycle_view: List[LifecycleEnum] [Required]
- field taxonomy_version: str [Required]
- pydantic model Impact[source]
Bases:
BaseModelImpact information of a report/vulnerability, e.g. different taxonomy mappings, harm and severity scores.
Show JSON schema
{ "title": "Impact", "description": "Impact information of a report/vulnerability, e.g. different taxonomy mappings, harm and severity scores.", "type": "object", "properties": { "avid": { "$ref": "#/definitions/AvidTaxonomy" } }, "required": [ "avid" ], "definitions": { "SepEnum": { "title": "SepEnum", "description": "All (sub)categories of the SEP view of the AVID taxonomy.", "enum": [ "S0100: Software Vulnerability", "S0200: Supply Chain Compromise", "S0201: Model Compromise", "S0202: Software Compromise", "S0300: Over-permissive API", "S0301: Information Leak", "S0302: Excessive Queries", "S0400: Model Bypass", "S0401: Bad Features", "S0402: Insufficient Training Data", "S0403: Adversarial Example", "S0500: Exfiltration", "S0501: Model inversion", "S0502: Model theft", "S0600: Data Poisoning", "S0601: Ingest Poisoning", "E0100: Bias/ Discrimination", "E0101: Group fairness", "E0102: Individual fairness", "E0200: Explainability", "E0201: Global explanations", "E0202: Local explanations", "E0300: User actions", "E0301: Toxicity", "E0302: Polarization/ Exclusion", "E0400: Misinformation", "E0401: Deliberative Misinformation", "E0402: Generative Misinformation", "P0100: Data issues", "P0101: Data drift", "P0102: Concept drift", "P0103: Data entanglement", "P0104: Data quality issues", "P0105: Feedback loops", "P0200: Model issues", "P0201: Resilience/ Stability", "P0202: OOD generalization", "P0203: Scaling", "P0204: Accuracy", "P0300: Privacy", "P0301: Anonymization", "P0302: Randomization", "P0303: Encryption", "P0400: Safety", "P0401: Psychological Safety", "P0402: Physical safety", "P0403: Socioeconomic safety", "P0404: Environmental safety" ], "type": "string" }, "LifecycleEnum": { "title": "LifecycleEnum", "description": "All (sub)categories of the lifecycle view of the AVID taxonomy.", "enum": [ "L01: Business Understanding", "L02: Data Understanding", "L03: Data Preparation", "L04: Model Development", "L05: Evaluation", "L06: Deployment" ], "type": "string" }, "AvidTaxonomy": { "title": "AvidTaxonomy", "description": "AVID taxonomy mappings of a report/vulnerability.", "type": "object", "properties": { "vuln_id": { "title": "Vuln Id", "type": "string" }, "risk_domain": { "title": "Risk Domain", "type": "array", "items": { "type": "string" } }, "sep_view": { "type": "array", "items": { "$ref": "#/definitions/SepEnum" } }, "lifecycle_view": { "type": "array", "items": { "$ref": "#/definitions/LifecycleEnum" } }, "taxonomy_version": { "title": "Taxonomy Version", "type": "string" } }, "required": [ "risk_domain", "sep_view", "lifecycle_view", "taxonomy_version" ] } } }
- field avid: AvidTaxonomy [Required]