Search in sources :

Example 1 with AttackDefenseCollector

use of com.ge.verdict.attackdefensecollector.AttackDefenseCollector in project VERDICT by ge-high-assurance.

the class App method main.

/**
 * This is just used for testing purposes. Uses CSV, not VDM (so out of date). See below for
 * invocation.
 *
 * @param args
 */
public static void main(String[] args) {
    if (args.length < 2) {
        throw new RuntimeException("Must specify STEM output directory and cost model XML!");
    }
    long startTime = System.currentTimeMillis();
    // Usage:
    String stemOutDir = args[0];
    String costModelXml = args[1];
    boolean inference = arrayContains(args, "--inference");
    boolean meritAssignment = arrayContains(args, "--merit-assignment");
    boolean partialSolution = arrayContains(args, "--partial-solution") || meritAssignment;
    boolean dumpSmtLib = arrayContains(args, "--dump-smtlib");
    if (dumpSmtLib) {
        System.out.println("Will dump SMT-LIB format to verdict-synthesis-dump.smtlib for debugging");
        System.out.println("Parent directory: " + System.getProperty("user.dir"));
    }
    final CostModel costModel = timed("Load cost model", () -> new CostModel(new File(costModelXml)));
    AttackDefenseCollector collector = timed("Load CSV", () -> {
        try {
            return new AttackDefenseCollector(stemOutDir, inference);
        } catch (IOException | MalformedInputException e) {
            throw new RuntimeException(e);
        }
    });
    List<Result> results = timed("Build attack-defense tree", () -> collector.perform());
    // This part is for the single cyber requirement version
    // disabled because it doesn't work anymore
    // for (Result result : results) {
    // System.out.println();
    // System.out.println("Result for cyber req: " + result.cyberReq.getName());
    // DLeaf.Factory factory = new DLeaf.Factory();
    // DTree dtree =
    // timed(
    // "Construct defense tree",
    // () ->
    // DTreeConstructor.construct(
    // result.adtree,
    // costModel,
    // result.cyberReq.getSeverityDal(),
    // partialSolution,
    // false,
    // factory));
    // Optional<Pair<Set<ComponentDefense>, Double>> selected =
    // timed(
    // "Perform synthesis",
    // () ->
    // VerdictSynthesis.performSynthesisSingle(
    // dtree,
    // result.cyberReq.getSeverityDal(),
    // factory,
    // VerdictSynthesis.Approach.MAXSMT));
    // if (selected.isPresent()) {
    // for (ComponentDefense pair : selected.get().left) {
    // System.out.println("Selected leaf: " + pair.toString());
    // }
    // System.out.println("Total cost: " + selected.get().right);
    // }
    // }
    System.out.println("\n\n\n");
    {
        DLeaf.Factory factory = new DLeaf.Factory();
        DTree dtree = timed("Construct defense tree", () -> DTreeConstructor.construct(results, costModel, partialSolution, meritAssignment, factory));
        Optional<ResultsInstance> selected = timed("Perform synthesis", () -> VerdictSynthesis.performSynthesisMultiple(dtree, factory, costModel, partialSolution, true, meritAssignment, dumpSmtLib));
        if (selected.isPresent()) {
            selected.get().toStreamXml(System.out);
        } else {
            System.out.println("Failure?");
        }
    }
    System.out.println(" == Total time: " + (System.currentTimeMillis() - startTime) + " milliseconds");
}
Also used : DLeaf(com.ge.verdict.synthesis.dtree.DLeaf) DTree(com.ge.verdict.synthesis.dtree.DTree) Optional(java.util.Optional) AttackDefenseCollector(com.ge.verdict.attackdefensecollector.AttackDefenseCollector) IOException(java.io.IOException) Result(com.ge.verdict.attackdefensecollector.AttackDefenseCollector.Result) MalformedInputException(com.ge.verdict.attackdefensecollector.CSVFile.MalformedInputException) File(java.io.File)

Example 2 with AttackDefenseCollector

use of com.ge.verdict.attackdefensecollector.AttackDefenseCollector in project VERDICT by ge-high-assurance.

the class App method runMbasSynthesis.

/**
 * Run MBAS Synthesis with CSV input files
 *
 * @param vdmPath VDM input file for synthesis
 * @param modelName Name of model
 * @param stemDir output directory for STEM input files
 * @param soteriaDir output directory for Soteria++ input files
 * @throws VerdictRunException
 */
public static void runMbasSynthesis(String vdmPath, String modelName, String stemProjectDir, String debugDir, String soteriaPpBin, boolean cyberInference, boolean safetyInference, boolean partialSolution, String costModelPath, String outputPath) throws VerdictRunException {
    String stemCsvDir = (new File(stemProjectDir, "CSVData")).getAbsolutePath();
    String stemOutputDir = (new File(stemProjectDir, "Output")).getAbsolutePath();
    String stemGraphsDir = (new File(stemProjectDir, "Graphs")).getAbsolutePath();
    String stemSadlFile = (new File(stemProjectDir, "Run.sadl")).getAbsolutePath();
    File soteriaOutputDir = new File(stemOutputDir, "Soteria_Output");
    soteriaOutputDir.mkdirs();
    String soteriaPpOutputDir = soteriaOutputDir.getAbsolutePath();
    checkFile(stemCsvDir, true, true, true, false, null);
    checkFile(stemOutputDir, true, true, true, false, null);
    checkFile(stemGraphsDir, true, true, true, false, null);
    checkFile(stemSadlFile, true, false, false, false, null);
    checkFile(soteriaPpOutputDir, true, true, true, false, null);
    checkFile(soteriaPpBin, true, false, false, true, null);
    checkFile(vdmPath, true, false, false, false, "xml");
    checkFile(costModelPath, true, false, false, false, "xml");
    checkFile(outputPath, false, false, true, false, "xml");
    deleteDirectoryContents(stemGraphsDir);
    deleteDirectoryContents(soteriaPpOutputDir);
    if (debugDir != null) {
        logHeader("DEBUGGING XML OUTPUT");
    }
    try {
        // Copy Soteria++ pngs
        for (String soteria_png : soteria_pngs) {
            Binary.copyResource("soteria_pngs/" + soteria_png + ".png", new File(soteriaPpOutputDir, soteria_png + ".png"), false);
        }
    } catch (Binary.ExecutionException e) {
        throw new VerdictRunException("Failed to copy Soteria++ pngs", e);
    }
    logHeader("STEM");
    log("STEM project directory: " + stemProjectDir);
    log("STEM output directory: " + stemOutputDir);
    log("STEM graphs directory: " + stemGraphsDir);
    log("STEM is running. Please be patient...");
    VerdictStem stemRunner = new VerdictStem();
    Metrics.timer("Timer.mbas.stem", "model", modelName).record(() -> stemRunner.runStem(new File(stemProjectDir), new File(stemOutputDir), new File(stemGraphsDir)));
    log("STEM finished!");
    logHeader("Synthesis");
    try {
        Timer.Sample sample = Timer.start(Metrics.globalRegistry);
        CostModel costModel = new CostModel(new File(costModelPath));
        AttackDefenseCollector collector = new AttackDefenseCollector(new File(vdmPath), new File(stemOutputDir), cyberInference);
        List<AttackDefenseCollector.Result> results = collector.perform();
        boolean sat = results.stream().allMatch(result -> Prob.lte(result.prob, result.cyberReq.getSeverity()));
        boolean performMeritAssignment = partialSolution && sat;
        DLeaf.Factory factory = new DLeaf.Factory();
        DTree dtree = DTreeConstructor.construct(results, costModel, partialSolution, performMeritAssignment, factory);
        Optional<ResultsInstance> selected = VerdictSynthesis.performSynthesisMultiple(dtree, factory, costModel, partialSolution, sat, performMeritAssignment, false);
        if (selected.isPresent()) {
            if (performMeritAssignment) {
                ResultsInstance withExtraDefProps = VerdictSynthesis.addExtraImplDefenses(selected.get(), collector.getImplDal(), costModel);
                withExtraDefProps.toFileXml(new File(outputPath));
            } else {
                selected.get().toFileXml(new File(outputPath));
            }
            log("Synthesis results output to " + outputPath);
        } else {
            logError("Synthesis failed");
        }
        sample.stop(Metrics.timer("Timer.mbas.synthesis", "model", modelName));
    } catch (IOException | MalformedInputException e) {
        throw new VerdictRunException("Failed to execute synthesis", e);
    }
    logHeader("Finished");
}
Also used : DLeaf(com.ge.verdict.synthesis.dtree.DLeaf) DTree(com.ge.verdict.synthesis.dtree.DTree) VerdictStem(com.ge.verdict.stem.VerdictStem) CostModel(com.ge.verdict.synthesis.CostModel) AttackDefenseCollector(com.ge.verdict.attackdefensecollector.AttackDefenseCollector) IOException(java.io.IOException) ResultsInstance(com.ge.verdict.vdm.synthesis.ResultsInstance) Timer(io.micrometer.core.instrument.Timer) MalformedInputException(com.ge.verdict.attackdefensecollector.CSVFile.MalformedInputException) File(java.io.File)

Aggregations

AttackDefenseCollector (com.ge.verdict.attackdefensecollector.AttackDefenseCollector)2 MalformedInputException (com.ge.verdict.attackdefensecollector.CSVFile.MalformedInputException)2 DLeaf (com.ge.verdict.synthesis.dtree.DLeaf)2 DTree (com.ge.verdict.synthesis.dtree.DTree)2 File (java.io.File)2 IOException (java.io.IOException)2 Result (com.ge.verdict.attackdefensecollector.AttackDefenseCollector.Result)1 VerdictStem (com.ge.verdict.stem.VerdictStem)1 CostModel (com.ge.verdict.synthesis.CostModel)1 ResultsInstance (com.ge.verdict.vdm.synthesis.ResultsInstance)1 Timer (io.micrometer.core.instrument.Timer)1 Optional (java.util.Optional)1