Search in sources :

Example 1 with ThreatModel

use of com.ge.research.osate.verdict.dsl.verdict.ThreatModel in project VERDICT by ge-high-assurance.

the class VerdictJavaValidator method checkThreatModel.

/**
 * Check that IDS are unique and non-empty and that top-level intro is a system.
 * Check that assumptions are unique.
 *
 * @param threatModel
 */
@Check(CheckType.FAST)
public void checkThreatModel(ThreatModel threatModel) {
    if (threatModel.getIntro().getType() != null && !threatModel.getIntro().getType().equals("system") && !threatModel.getIntro().getType().equals("connection")) {
        error("Top-level quantified variable must be a system or connection", VerdictPackage.Literals.THREAT_MODEL__INTRO);
    }
    if (threatModel.getId().length() == 0) {
        error("Threat model must specify an ID", VerdictPackage.Literals.THREAT_MODEL__ID);
    } else {
        // Check IDs unique
        Set<String> otherIds = new HashSet<>();
        // Find AADL package
        EObject container = threatModel;
        while (container != null && !(container instanceof PublicPackageSection)) {
            container = container.eContainer();
        }
        if (container instanceof PublicPackageSection) {
            // Find all verdict annex libraries
            for (AnnexLibrary library : ((PublicPackageSection) container).getOwnedAnnexLibraries()) {
                if ("verdict".equals(library.getName())) {
                    // Find all other threat model declarations
                    for (ThreatStatement other : ThreatModelUtil.getVerdictThreatModels(library).getStatements()) {
                        if (other instanceof ThreatModel && !threatModel.equals(other)) {
                            otherIds.add(((ThreatModel) other).getId());
                        }
                    }
                }
            }
        }
        if (otherIds.contains(threatModel.getId())) {
            error("Duplicate ID " + threatModel.getId(), VerdictPackage.Literals.THREAT_MODEL__ID);
        }
    }
    // Check for duplicate assumptions
    Map<CRVAssumption, Integer> assumptionCounts = new HashMap<>();
    for (CRVAssumption assumption : threatModel.getAssumptions()) {
        if (assumptionCounts.containsKey(assumption)) {
            assumptionCounts.put(assumption, assumptionCounts.get(assumption) + 1);
        } else {
            assumptionCounts.put(assumption, 1);
        }
    }
    int pos = 0;
    for (CRVAssumption assumption : threatModel.getAssumptions()) {
        if (assumptionCounts.get(assumption) > 1) {
            warning("Duplicate assumption: " + assumption.getLiteral(), VerdictPackage.Literals.THREAT_MODEL__ASSUMPTIONS, pos);
        }
        pos++;
    }
    if (threatModel.getReference() != null) {
        // We say that a reference string is valid if there is a valid database ID
        // that is a prefix string of that reference string
        Set<String> definedDatabases = ThreatModelUtil.getDefinedThreatDatabases(threatModel);
        if (!definedDatabases.stream().anyMatch(database -> threatModel.getReference().startsWith(database))) {
            error("Undefined threat database: " + threatModel.getReference(), VerdictPackage.Literals.THREAT_MODEL__REFERENCE);
        }
    }
}
Also used : SubcomponentType(org.osate.aadl2.SubcomponentType) Inject(com.google.inject.Inject) Event(com.ge.research.osate.verdict.dsl.verdict.Event) ThreatEqualContains(com.ge.research.osate.verdict.dsl.verdict.ThreatEqualContains) ThreatStatement(com.ge.research.osate.verdict.dsl.verdict.ThreatStatement) SafetyRel(com.ge.research.osate.verdict.dsl.verdict.SafetyRel) CyberRel(com.ge.research.osate.verdict.dsl.verdict.CyberRel) FExpr(com.ge.research.osate.verdict.dsl.verdict.FExpr) Classifier(org.osate.aadl2.Classifier) TargetLikelihood(com.ge.research.osate.verdict.dsl.verdict.TargetLikelihood) CyberReq(com.ge.research.osate.verdict.dsl.verdict.CyberReq) Map(java.util.Map) ComponentType(org.osate.aadl2.ComponentType) Check(org.eclipse.xtext.validation.Check) Var(com.ge.research.osate.verdict.dsl.verdict.Var) ThreatDefense(com.ge.research.osate.verdict.dsl.verdict.ThreatDefense) Set(java.util.Set) EObject(org.eclipse.emf.ecore.EObject) AadlPackage(org.osate.aadl2.AadlPackage) EPackage(org.eclipse.emf.ecore.EPackage) List(java.util.List) ResourceDescriptionsProvider(org.eclipse.xtext.resource.impl.ResourceDescriptionsProvider) PublicPackageSection(org.osate.aadl2.PublicPackageSection) Optional(java.util.Optional) VerdictUtil(com.ge.research.osate.verdict.dsl.VerdictUtil) SLPort(com.ge.research.osate.verdict.dsl.verdict.SLPort) AnnexLibrary(org.osate.aadl2.AnnexLibrary) ThreatModel(com.ge.research.osate.verdict.dsl.verdict.ThreatModel) CRVAssumption(com.ge.research.osate.verdict.dsl.verdict.CRVAssumption) SystemType(org.osate.aadl2.SystemType) HashMap(java.util.HashMap) SystemImplementation(org.osate.aadl2.SystemImplementation) ArrayList(java.util.ArrayList) HashSet(java.util.HashSet) CheckType(org.eclipse.xtext.validation.CheckType) ThreatDatabase(com.ge.research.osate.verdict.dsl.verdict.ThreatDatabase) FieldTypeResult(com.ge.research.osate.verdict.dsl.ThreatModelUtil.FieldTypeResult) LPort(com.ge.research.osate.verdict.dsl.verdict.LPort) Subcomponent(org.osate.aadl2.Subcomponent) CyberMission(com.ge.research.osate.verdict.dsl.verdict.CyberMission) VerdictVariable(com.ge.research.osate.verdict.dsl.type.VerdictVariable) Intro(com.ge.research.osate.verdict.dsl.verdict.Intro) Verdict(com.ge.research.osate.verdict.dsl.verdict.Verdict) Statement(com.ge.research.osate.verdict.dsl.verdict.Statement) VerdictThreatModels(com.ge.research.osate.verdict.dsl.verdict.VerdictThreatModels) VerdictType(com.ge.research.osate.verdict.dsl.type.VerdictType) SafetyReq(com.ge.research.osate.verdict.dsl.verdict.SafetyReq) ThreatModelUtil(com.ge.research.osate.verdict.dsl.ThreatModelUtil) AnnexSubclause(org.osate.aadl2.AnnexSubclause) PropertiesJavaValidator(org.osate.xtext.aadl2.properties.validation.PropertiesJavaValidator) VerdictPackage(com.ge.research.osate.verdict.dsl.verdict.VerdictPackage) HashMap(java.util.HashMap) PublicPackageSection(org.osate.aadl2.PublicPackageSection) ThreatStatement(com.ge.research.osate.verdict.dsl.verdict.ThreatStatement) EObject(org.eclipse.emf.ecore.EObject) CRVAssumption(com.ge.research.osate.verdict.dsl.verdict.CRVAssumption) AnnexLibrary(org.osate.aadl2.AnnexLibrary) HashSet(java.util.HashSet) ThreatModel(com.ge.research.osate.verdict.dsl.verdict.ThreatModel) Check(org.eclipse.xtext.validation.Check)

Example 2 with ThreatModel

use of com.ge.research.osate.verdict.dsl.verdict.ThreatModel in project VERDICT by ge-high-assurance.

the class ThreatModelUtil method getScope.

/**
 * Get all variables in scope for an expression.
 *
 * Searches up the AST for variable introductions, starting from the
 * immediate parent of obj.
 *
 * Note that if scoping a quantification, you cannot pass the object
 * directly because this might include the newly-introduced variable
 * in its own scope! See getContainerForClasses() for obtaining the
 * correct parent to use for scoping.
 *
 * @param obj the context for which to find scope.
 * @param indexProvider the index provider, may be obtained from Guice
 * @return the list of variables that are in scope
 */
public static List<VerdictVariable> getScope(EObject obj, ResourceDescriptionsProvider indexProvider) {
    // Get type information
    LinkedHashMap<String, VerdictType> types = getTypes(obj, indexProvider);
    List<VerdictVariable> vars = new ArrayList<>();
    // Traverse upward until we find the enclosing threat model
    while (!(obj instanceof ThreatModel || obj == null)) {
        obj = obj.eContainer();
        if (obj instanceof ThreatModel) {
            // Threat model introduces a system
            ThreatModel threatModel = (ThreatModel) obj;
            vars.add(VerdictVariableImpl.fromIntro(threatModel.getIntro(), types));
        } else if (obj instanceof Forall) {
            // Forall introduces a variable
            Forall forall = (Forall) obj;
            vars.add(VerdictVariableImpl.fromIntro(forall.getIntro(), types));
        } else if (obj instanceof Exists) {
            // Exists introduces a variable
            Exists exists = (Exists) obj;
            vars.add(VerdictVariableImpl.fromIntro(exists.getIntro(), types));
        }
    }
    return vars;
}
Also used : VerdictType(com.ge.research.osate.verdict.dsl.type.VerdictType) Exists(com.ge.research.osate.verdict.dsl.verdict.Exists) ArrayList(java.util.ArrayList) VerdictVariable(com.ge.research.osate.verdict.dsl.type.VerdictVariable) Forall(com.ge.research.osate.verdict.dsl.verdict.Forall) ThreatModel(com.ge.research.osate.verdict.dsl.verdict.ThreatModel)

Aggregations

VerdictType (com.ge.research.osate.verdict.dsl.type.VerdictType)2 VerdictVariable (com.ge.research.osate.verdict.dsl.type.VerdictVariable)2 ThreatModel (com.ge.research.osate.verdict.dsl.verdict.ThreatModel)2 ArrayList (java.util.ArrayList)2 ThreatModelUtil (com.ge.research.osate.verdict.dsl.ThreatModelUtil)1 FieldTypeResult (com.ge.research.osate.verdict.dsl.ThreatModelUtil.FieldTypeResult)1 VerdictUtil (com.ge.research.osate.verdict.dsl.VerdictUtil)1 CRVAssumption (com.ge.research.osate.verdict.dsl.verdict.CRVAssumption)1 CyberMission (com.ge.research.osate.verdict.dsl.verdict.CyberMission)1 CyberRel (com.ge.research.osate.verdict.dsl.verdict.CyberRel)1 CyberReq (com.ge.research.osate.verdict.dsl.verdict.CyberReq)1 Event (com.ge.research.osate.verdict.dsl.verdict.Event)1 Exists (com.ge.research.osate.verdict.dsl.verdict.Exists)1 FExpr (com.ge.research.osate.verdict.dsl.verdict.FExpr)1 Forall (com.ge.research.osate.verdict.dsl.verdict.Forall)1 Intro (com.ge.research.osate.verdict.dsl.verdict.Intro)1 LPort (com.ge.research.osate.verdict.dsl.verdict.LPort)1 SLPort (com.ge.research.osate.verdict.dsl.verdict.SLPort)1 SafetyRel (com.ge.research.osate.verdict.dsl.verdict.SafetyRel)1 SafetyReq (com.ge.research.osate.verdict.dsl.verdict.SafetyReq)1