use of com.ge.research.osate.verdict.dsl.verdict.ThreatModel in project VERDICT by ge-high-assurance.
the class VerdictJavaValidator method checkThreatModel.
/**
* Check that IDS are unique and non-empty and that top-level intro is a system.
* Check that assumptions are unique.
*
* @param threatModel
*/
@Check(CheckType.FAST)
public void checkThreatModel(ThreatModel threatModel) {
if (threatModel.getIntro().getType() != null && !threatModel.getIntro().getType().equals("system") && !threatModel.getIntro().getType().equals("connection")) {
error("Top-level quantified variable must be a system or connection", VerdictPackage.Literals.THREAT_MODEL__INTRO);
}
if (threatModel.getId().length() == 0) {
error("Threat model must specify an ID", VerdictPackage.Literals.THREAT_MODEL__ID);
} else {
// Check IDs unique
Set<String> otherIds = new HashSet<>();
// Find AADL package
EObject container = threatModel;
while (container != null && !(container instanceof PublicPackageSection)) {
container = container.eContainer();
}
if (container instanceof PublicPackageSection) {
// Find all verdict annex libraries
for (AnnexLibrary library : ((PublicPackageSection) container).getOwnedAnnexLibraries()) {
if ("verdict".equals(library.getName())) {
// Find all other threat model declarations
for (ThreatStatement other : ThreatModelUtil.getVerdictThreatModels(library).getStatements()) {
if (other instanceof ThreatModel && !threatModel.equals(other)) {
otherIds.add(((ThreatModel) other).getId());
}
}
}
}
}
if (otherIds.contains(threatModel.getId())) {
error("Duplicate ID " + threatModel.getId(), VerdictPackage.Literals.THREAT_MODEL__ID);
}
}
// Check for duplicate assumptions
Map<CRVAssumption, Integer> assumptionCounts = new HashMap<>();
for (CRVAssumption assumption : threatModel.getAssumptions()) {
if (assumptionCounts.containsKey(assumption)) {
assumptionCounts.put(assumption, assumptionCounts.get(assumption) + 1);
} else {
assumptionCounts.put(assumption, 1);
}
}
int pos = 0;
for (CRVAssumption assumption : threatModel.getAssumptions()) {
if (assumptionCounts.get(assumption) > 1) {
warning("Duplicate assumption: " + assumption.getLiteral(), VerdictPackage.Literals.THREAT_MODEL__ASSUMPTIONS, pos);
}
pos++;
}
if (threatModel.getReference() != null) {
// We say that a reference string is valid if there is a valid database ID
// that is a prefix string of that reference string
Set<String> definedDatabases = ThreatModelUtil.getDefinedThreatDatabases(threatModel);
if (!definedDatabases.stream().anyMatch(database -> threatModel.getReference().startsWith(database))) {
error("Undefined threat database: " + threatModel.getReference(), VerdictPackage.Literals.THREAT_MODEL__REFERENCE);
}
}
}
use of com.ge.research.osate.verdict.dsl.verdict.ThreatModel in project VERDICT by ge-high-assurance.
the class ThreatModelUtil method getScope.
/**
* Get all variables in scope for an expression.
*
* Searches up the AST for variable introductions, starting from the
* immediate parent of obj.
*
* Note that if scoping a quantification, you cannot pass the object
* directly because this might include the newly-introduced variable
* in its own scope! See getContainerForClasses() for obtaining the
* correct parent to use for scoping.
*
* @param obj the context for which to find scope.
* @param indexProvider the index provider, may be obtained from Guice
* @return the list of variables that are in scope
*/
public static List<VerdictVariable> getScope(EObject obj, ResourceDescriptionsProvider indexProvider) {
// Get type information
LinkedHashMap<String, VerdictType> types = getTypes(obj, indexProvider);
List<VerdictVariable> vars = new ArrayList<>();
// Traverse upward until we find the enclosing threat model
while (!(obj instanceof ThreatModel || obj == null)) {
obj = obj.eContainer();
if (obj instanceof ThreatModel) {
// Threat model introduces a system
ThreatModel threatModel = (ThreatModel) obj;
vars.add(VerdictVariableImpl.fromIntro(threatModel.getIntro(), types));
} else if (obj instanceof Forall) {
// Forall introduces a variable
Forall forall = (Forall) obj;
vars.add(VerdictVariableImpl.fromIntro(forall.getIntro(), types));
} else if (obj instanceof Exists) {
// Exists introduces a variable
Exists exists = (Exists) obj;
vars.add(VerdictVariableImpl.fromIntro(exists.getIntro(), types));
}
}
return vars;
}
Aggregations