Riskman

A VSCode extension for visualizing, reasoning over, and validating RDF-based risk management documents conforming to the Riskman ontology.

Features

• Graph visualization — renders the risk management file (risks, controls, implementation manifests, etc.) as an interactive graph
• Inference — runs an OWL reasoner to derive implicit knowledge (i.e. materialisation)
• SHACL validation — validates the document against the Riskman shapes and highlights failing nodes directly in the graph
• Implementation manifest checking — verifies that all implementation manifests referenced in the risk document are actually present in your workspace source code

Requirements

• An OWL reasoner (a ready-to-use realization wrapper based on HermiT is available at cl-tud/realization-wrapper.)
• Pyshacl for SHACL validation (pip install pyshacl)

Extension Settings

Usage

Typical workflow

1. Riskman: Extract RDF Graph — load the active editor file into the graph panel (or use Riskman: Load Graph to pick a file via dialog)

2. Riskman: Run Inference — run the OWL reasoner to compute derived triples (probabilities, severities); new nodes appear in the graph

3. Riskman: Validate — run SHACL validation; nodes with violations are highlighted in red

Implementation manifest checking

1. Riskman: Load HTML or Riskman: Load RDF — load the risk document into the Implementation Manifests Explorer panel
2. The tree view lists all implementation manifests from the document and shows which ones are found (or missing) in your workspace
3. Click any item to navigate to the line in your source code where the manifest URI appears

Other commands