Example 1 with ThreatModel
use of com.ge.research.osate.verdict.dsl.verdict.ThreatModel in project VERDICT by ge-high-assurance.
the class VerdictJavaValidator method checkThreatModel.
/**
* Check that IDS are unique and non-empty and that top-level intro is a system.
* Check that assumptions are unique.
*
* @param threatModel
*/
@Check(CheckType.FAST)
public void checkThreatModel(ThreatModel threatModel) {
if (threatModel.getIntro().getType() != null && !threatModel.getIntro().getType().equals("system") && !threatModel.getIntro().getType().equals("connection")) {
error("Top-level quantified variable must be a system or connection", VerdictPackage.Literals.THREAT_MODEL__INTRO);
}
if (threatModel.getId().length() == 0) {
error("Threat model must specify an ID", VerdictPackage.Literals.THREAT_MODEL__ID);
} else {
// Check IDs unique
Set<String> otherIds = new HashSet<>();
// Find AADL package
EObject container = threatModel;
while (container != null && !(container instanceof PublicPackageSection)) {
container = container.eContainer();
}
if (container instanceof PublicPackageSection) {
// Find all verdict annex libraries
for (AnnexLibrary library : ((PublicPackageSection) container).getOwnedAnnexLibraries()) {
if ("verdict".equals(library.getName())) {
// Find all other threat model declarations
for (ThreatStatement other : ThreatModelUtil.getVerdictThreatModels(library).getStatements()) {
if (other instanceof ThreatModel && !threatModel.equals(other)) {
otherIds.add(((ThreatModel) other).getId());
}
}
}
}
}
if (otherIds.contains(threatModel.getId())) {
error("Duplicate ID " + threatModel.getId(), VerdictPackage.Literals.THREAT_MODEL__ID);
}
}
// Check for duplicate assumptions
Map<CRVAssumption, Integer> assumptionCounts = new HashMap<>();
for (CRVAssumption assumption : threatModel.getAssumptions()) {
if (assumptionCounts.containsKey(assumption)) {
assumptionCounts.put(assumption, assumptionCounts.get(assumption) + 1);
} else {
assumptionCounts.put(assumption, 1);
}
}
int pos = 0;
for (CRVAssumption assumption : threatModel.getAssumptions()) {
if (assumptionCounts.get(assumption) > 1) {
warning("Duplicate assumption: " + assumption.getLiteral(), VerdictPackage.Literals.THREAT_MODEL__ASSUMPTIONS, pos);
}
pos++;
}
if (threatModel.getReference() != null) {
// We say that a reference string is valid if there is a valid database ID
// that is a prefix string of that reference string
Set<String> definedDatabases = ThreatModelUtil.getDefinedThreatDatabases(threatModel);
if (!definedDatabases.stream().anyMatch(database -> threatModel.getReference().startsWith(database))) {
error("Undefined threat database: " + threatModel.getReference(), VerdictPackage.Literals.THREAT_MODEL__REFERENCE);
}
}
}
Also used :
SubcomponentType(org.osate.aadl2.SubcomponentType)
Inject(com.google.inject.Inject)
Event(com.ge.research.osate.verdict.dsl.verdict.Event)
ThreatEqualContains(com.ge.research.osate.verdict.dsl.verdict.ThreatEqualContains)
ThreatStatement(com.ge.research.osate.verdict.dsl.verdict.ThreatStatement)
SafetyRel(com.ge.research.osate.verdict.dsl.verdict.SafetyRel)
CyberRel(com.ge.research.osate.verdict.dsl.verdict.CyberRel)
FExpr(com.ge.research.osate.verdict.dsl.verdict.FExpr)
Classifier(org.osate.aadl2.Classifier)
TargetLikelihood(com.ge.research.osate.verdict.dsl.verdict.TargetLikelihood)
CyberReq(com.ge.research.osate.verdict.dsl.verdict.CyberReq)
Map(java.util.Map)
ComponentType(org.osate.aadl2.ComponentType)
Check(org.eclipse.xtext.validation.Check)
Var(com.ge.research.osate.verdict.dsl.verdict.Var)
ThreatDefense(com.ge.research.osate.verdict.dsl.verdict.ThreatDefense)
Set(java.util.Set)
EObject(org.eclipse.emf.ecore.EObject)
AadlPackage(org.osate.aadl2.AadlPackage)
EPackage(org.eclipse.emf.ecore.EPackage)
List(java.util.List)
ResourceDescriptionsProvider(org.eclipse.xtext.resource.impl.ResourceDescriptionsProvider)
PublicPackageSection(org.osate.aadl2.PublicPackageSection)
Optional(java.util.Optional)
VerdictUtil(com.ge.research.osate.verdict.dsl.VerdictUtil)
SLPort(com.ge.research.osate.verdict.dsl.verdict.SLPort)
AnnexLibrary(org.osate.aadl2.AnnexLibrary)
ThreatModel(com.ge.research.osate.verdict.dsl.verdict.ThreatModel)
CRVAssumption(com.ge.research.osate.verdict.dsl.verdict.CRVAssumption)
SystemType(org.osate.aadl2.SystemType)
HashMap(java.util.HashMap)
SystemImplementation(org.osate.aadl2.SystemImplementation)
ArrayList(java.util.ArrayList)
HashSet(java.util.HashSet)
CheckType(org.eclipse.xtext.validation.CheckType)
ThreatDatabase(com.ge.research.osate.verdict.dsl.verdict.ThreatDatabase)
FieldTypeResult(com.ge.research.osate.verdict.dsl.ThreatModelUtil.FieldTypeResult)
LPort(com.ge.research.osate.verdict.dsl.verdict.LPort)
Subcomponent(org.osate.aadl2.Subcomponent)
CyberMission(com.ge.research.osate.verdict.dsl.verdict.CyberMission)
VerdictVariable(com.ge.research.osate.verdict.dsl.type.VerdictVariable)
Intro(com.ge.research.osate.verdict.dsl.verdict.Intro)
Verdict(com.ge.research.osate.verdict.dsl.verdict.Verdict)
Statement(com.ge.research.osate.verdict.dsl.verdict.Statement)
VerdictThreatModels(com.ge.research.osate.verdict.dsl.verdict.VerdictThreatModels)
VerdictType(com.ge.research.osate.verdict.dsl.type.VerdictType)
SafetyReq(com.ge.research.osate.verdict.dsl.verdict.SafetyReq)
ThreatModelUtil(com.ge.research.osate.verdict.dsl.ThreatModelUtil)
AnnexSubclause(org.osate.aadl2.AnnexSubclause)
PropertiesJavaValidator(org.osate.xtext.aadl2.properties.validation.PropertiesJavaValidator)
VerdictPackage(com.ge.research.osate.verdict.dsl.verdict.VerdictPackage)
HashMap(java.util.HashMap)
PublicPackageSection(org.osate.aadl2.PublicPackageSection)
ThreatStatement(com.ge.research.osate.verdict.dsl.verdict.ThreatStatement)
EObject(org.eclipse.emf.ecore.EObject)
CRVAssumption(com.ge.research.osate.verdict.dsl.verdict.CRVAssumption)
AnnexLibrary(org.osate.aadl2.AnnexLibrary)
HashSet(java.util.HashSet)
ThreatModel(com.ge.research.osate.verdict.dsl.verdict.ThreatModel)
Check(org.eclipse.xtext.validation.Check)
Example 2 with ThreatModel
use of com.ge.research.osate.verdict.dsl.verdict.ThreatModel in project VERDICT by ge-high-assurance.
the class ThreatModelUtil method getScope.
/**
* Get all variables in scope for an expression.
*
* Searches up the AST for variable introductions, starting from the
* immediate parent of obj.
*
* Note that if scoping a quantification, you cannot pass the object
* directly because this might include the newly-introduced variable
* in its own scope! See getContainerForClasses() for obtaining the
* correct parent to use for scoping.
*
* @param obj the context for which to find scope.
* @param indexProvider the index provider, may be obtained from Guice
* @return the list of variables that are in scope
*/
public static List<VerdictVariable> getScope(EObject obj, ResourceDescriptionsProvider indexProvider) {
// Get type information
LinkedHashMap<String, VerdictType> types = getTypes(obj, indexProvider);
List<VerdictVariable> vars = new ArrayList<>();
// Traverse upward until we find the enclosing threat model
while (!(obj instanceof ThreatModel || obj == null)) {
obj = obj.eContainer();
if (obj instanceof ThreatModel) {
// Threat model introduces a system
ThreatModel threatModel = (ThreatModel) obj;
vars.add(VerdictVariableImpl.fromIntro(threatModel.getIntro(), types));
} else if (obj instanceof Forall) {
// Forall introduces a variable
Forall forall = (Forall) obj;
vars.add(VerdictVariableImpl.fromIntro(forall.getIntro(), types));
} else if (obj instanceof Exists) {
// Exists introduces a variable
Exists exists = (Exists) obj;
vars.add(VerdictVariableImpl.fromIntro(exists.getIntro(), types));
}
}
return vars;
}
Also used :
VerdictType(com.ge.research.osate.verdict.dsl.type.VerdictType)
Exists(com.ge.research.osate.verdict.dsl.verdict.Exists)
ArrayList(java.util.ArrayList)
VerdictVariable(com.ge.research.osate.verdict.dsl.type.VerdictVariable)
Forall(com.ge.research.osate.verdict.dsl.verdict.Forall)
ThreatModel(com.ge.research.osate.verdict.dsl.verdict.ThreatModel)
Aggregations
VerdictType (com.ge.research.osate.verdict.dsl.type.VerdictType)2
VerdictVariable (com.ge.research.osate.verdict.dsl.type.VerdictVariable)2
ThreatModel (com.ge.research.osate.verdict.dsl.verdict.ThreatModel)2
ArrayList (java.util.ArrayList)2
ThreatModelUtil (com.ge.research.osate.verdict.dsl.ThreatModelUtil)1
FieldTypeResult (com.ge.research.osate.verdict.dsl.ThreatModelUtil.FieldTypeResult)1
VerdictUtil (com.ge.research.osate.verdict.dsl.VerdictUtil)1
CRVAssumption (com.ge.research.osate.verdict.dsl.verdict.CRVAssumption)1
CyberMission (com.ge.research.osate.verdict.dsl.verdict.CyberMission)1
CyberRel (com.ge.research.osate.verdict.dsl.verdict.CyberRel)1
CyberReq (com.ge.research.osate.verdict.dsl.verdict.CyberReq)1
Event (com.ge.research.osate.verdict.dsl.verdict.Event)1
Exists (com.ge.research.osate.verdict.dsl.verdict.Exists)1
FExpr (com.ge.research.osate.verdict.dsl.verdict.FExpr)1
Forall (com.ge.research.osate.verdict.dsl.verdict.Forall)1
Intro (com.ge.research.osate.verdict.dsl.verdict.Intro)1
LPort (com.ge.research.osate.verdict.dsl.verdict.LPort)1
SLPort (com.ge.research.osate.verdict.dsl.verdict.SLPort)1
SafetyRel (com.ge.research.osate.verdict.dsl.verdict.SafetyRel)1
SafetyReq (com.ge.research.osate.verdict.dsl.verdict.SafetyReq)1
