Search in sources :

Example 6 with ADNot

use of com.ge.verdict.attackdefensecollector.adtree.ADNot in project VERDICT by ge-high-assurance.

the class DTreeConstructorTest method partialSolutionTest.

@Test
public void partialSolutionTest() {
    DLeaf.Factory factory = new DLeaf.Factory();
    CostModel dummyCosts = new CostModel(new File(getClass().getResource("dummyCosts.xml").getPath()));
    int dal = 5;
    SystemModel system = new SystemModel("S1");
    Attack attack1 = new Attack(system.getAttackable(), "A1", "An attack", Prob.certain(), CIA.I);
    Attack attack2 = new Attack(system.getAttackable(), "A2", "An attack", Prob.certain(), CIA.A);
    Defense defense1 = new Defense(attack1);
    defense1.addDefenseClause(Collections.singletonList(new Defense.DefenseLeaf("D1", Optional.of(new Pair<>("D1", 3)))));
    Defense defense2 = new Defense(attack2);
    defense2.addDefenseClause(Collections.singletonList(new Defense.DefenseLeaf("D2", Optional.empty())));
    ADTree adtree = new ADOr(new ADNot(defense1), attack1, new ADNot(defense2), attack2);
    Fraction[] costs = Util.fractionCosts(new double[] { 0, 1, 2, 3, 4, 5, 6, 7, 8, 9 });
    DTree dtree = new DAnd(new DOr(new DAnd(new DLeaf("S1", "D1", "A1", 3, dal, costs, factory))), new DOr(new DAnd(new DLeaf("S1", "D2", "A2", 0, dal, costs, factory))));
    Assertions.assertThat(DTreeConstructor.construct(adtree, dummyCosts, dal, true, false, factory).prepare().get().prettyPrint()).isEqualTo(dtree.prettyPrint());
}
Also used : DLeaf(com.ge.verdict.synthesis.dtree.DLeaf) ADNot(com.ge.verdict.attackdefensecollector.adtree.ADNot) DTree(com.ge.verdict.synthesis.dtree.DTree) ADTree(com.ge.verdict.attackdefensecollector.adtree.ADTree) ADOr(com.ge.verdict.attackdefensecollector.adtree.ADOr) DOr(com.ge.verdict.synthesis.dtree.DOr) Fraction(org.apache.commons.math3.fraction.Fraction) Attack(com.ge.verdict.attackdefensecollector.adtree.Attack) ADAnd(com.ge.verdict.attackdefensecollector.adtree.ADAnd) DAnd(com.ge.verdict.synthesis.dtree.DAnd) Defense(com.ge.verdict.attackdefensecollector.adtree.Defense) ADTree(com.ge.verdict.attackdefensecollector.adtree.ADTree) SystemModel(com.ge.verdict.attackdefensecollector.model.SystemModel) ADOr(com.ge.verdict.attackdefensecollector.adtree.ADOr) File(java.io.File) Pair(com.ge.verdict.attackdefensecollector.Pair) Test(org.junit.Test)

Example 7 with ADNot

use of com.ge.verdict.attackdefensecollector.adtree.ADNot in project VERDICT by ge-high-assurance.

the class DTreeConstructorTest method multipleRequirementsTest.

@Test
public void multipleRequirementsTest() {
    DLeaf.Factory factory = new DLeaf.Factory();
    CostModel dummyCosts = new CostModel(new File(getClass().getResource("dummyCosts.xml").getPath()));
    SystemModel system = new SystemModel("S1");
    Attack attack1 = new Attack(system.getAttackable(), "A1", "An attack", Prob.certain(), CIA.I);
    Defense defense1 = new Defense(attack1);
    defense1.addDefenseClause(Collections.singletonList(new Defense.DefenseLeaf("D1", Optional.empty())));
    List<AttackDefenseCollector.Result> results = Arrays.asList(new AttackDefenseCollector.Result(system, new CyberReq("req1", "mission1", 5, "port1", CIA.I), new ADAnd(new ADNot(defense1), attack1), Prob.certain()), new AttackDefenseCollector.Result(system, new CyberReq("req1", "mission1", 7, "port1", CIA.I), new ADAnd(new ADNot(defense1), attack1), Prob.certain()));
    DTree dtree = new DAnd(new DOr(new DOr(new DAnd(new DLeaf("S1", "D1", "A1", 0, 5, dummyCosts, factory, false, false)))), new DOr(new DOr(new DAnd(new DLeaf("S1", "D1", "A1", 0, 7, dummyCosts, factory, false, false)))));
    Assertions.assertThat(DTreeConstructor.construct(results, dummyCosts, false, false, factory).prepare().get().prettyPrint()).isEqualTo(dtree.prettyPrint());
}
Also used : DLeaf(com.ge.verdict.synthesis.dtree.DLeaf) ADNot(com.ge.verdict.attackdefensecollector.adtree.ADNot) DTree(com.ge.verdict.synthesis.dtree.DTree) ADTree(com.ge.verdict.attackdefensecollector.adtree.ADTree) CyberReq(com.ge.verdict.attackdefensecollector.model.CyberReq) ADOr(com.ge.verdict.attackdefensecollector.adtree.ADOr) DOr(com.ge.verdict.synthesis.dtree.DOr) AttackDefenseCollector(com.ge.verdict.attackdefensecollector.AttackDefenseCollector) ADAnd(com.ge.verdict.attackdefensecollector.adtree.ADAnd) Attack(com.ge.verdict.attackdefensecollector.adtree.Attack) ADAnd(com.ge.verdict.attackdefensecollector.adtree.ADAnd) DAnd(com.ge.verdict.synthesis.dtree.DAnd) Defense(com.ge.verdict.attackdefensecollector.adtree.Defense) SystemModel(com.ge.verdict.attackdefensecollector.model.SystemModel) File(java.io.File) Test(org.junit.Test)

Example 8 with ADNot

use of com.ge.verdict.attackdefensecollector.adtree.ADNot in project VERDICT by ge-high-assurance.

the class ConnectionModel method traceInternal.

private Optional<ADTree> traceInternal(CIA cia, Set<Pair<ConnectionModel, CIA>> cyclePrevention) {
    if (!isConcretized()) {
        concretize();
    }
    List<ADTree> children = new ArrayList<>();
    Optional<ADTree> traced = getSource().trace(new PortConcern(getSourcePortName(), cia), cyclePrevention);
    if (traced.isPresent()) {
        children.add(traced.get());
    }
    // Attacks which apply directly to this connection
    for (Attack attack : attackable.getAttacks()) {
        // Only allow matching CIA attacks
        if (attack.getCia().equals(cia)) {
            if (attackToDefense.containsKey(attack)) {
                // There is a defense associated
                Optional<ADTree> dependentRules = DependentRules.getConnectionDependence(this, attack.getName());
                if (dependentRules.isPresent()) {
                    children.add(new ADAnd(new ADNot(attackToDefense.get(attack)), attack, dependentRules.get()));
                } else {
                    children.add(new ADAnd(new ADNot(attackToDefense.get(attack)), attack));
                }
            } else {
                // There is no defense, just a raw attack
                children.add(attack);
            }
        }
    }
    return children.isEmpty() ? Optional.empty() : Optional.of(new ADOr(children));
}
Also used : ADTree(com.ge.verdict.attackdefensecollector.adtree.ADTree) ADNot(com.ge.verdict.attackdefensecollector.adtree.ADNot) ADAnd(com.ge.verdict.attackdefensecollector.adtree.ADAnd) ArrayList(java.util.ArrayList) ADOr(com.ge.verdict.attackdefensecollector.adtree.ADOr) Attack(com.ge.verdict.attackdefensecollector.adtree.Attack)

Example 9 with ADNot

use of com.ge.verdict.attackdefensecollector.adtree.ADNot in project VERDICT by ge-high-assurance.

the class VerdictSynthesisTest method biggerMeritAssignmentTest.

@Test
public void biggerMeritAssignmentTest() {
    CostModel costModel = new CostModel(new File(getClass().getResource("meritCosts.xml").getPath()));
    SystemModel system = new SystemModel("C1");
    Attack attack1 = new Attack(system.getAttackable(), "A1", "An attack", Prob.certain(), CIA.I);
    Defense defense1 = new Defense(attack1);
    defense1.addDefenseClause(Collections.singletonList(new Defense.DefenseLeaf("D1", Optional.of(new com.ge.verdict.attackdefensecollector.Pair<>("D1", 1)))));
    Attack attack2 = new Attack(system.getAttackable(), "A2", "An attack", Prob.certain(), CIA.I);
    Defense defense2 = new Defense(attack2);
    defense2.addDefenseClause(Collections.singletonList(new Defense.DefenseLeaf("D2", Optional.of(new com.ge.verdict.attackdefensecollector.Pair<>("D2", 1)))));
    ADTree adtree = new ADAnd(new ADOr(new ADAnd(new ADNot(defense1), attack1)), new ADOr(new ADAnd(new ADNot(defense2), attack2)));
    DLeaf.Factory factory = new DLeaf.Factory();
    List<AttackDefenseCollector.Result> results = Arrays.asList(new AttackDefenseCollector.Result(system, new CyberReq("req1", "mission1", 1, "port1", CIA.I), adtree, Prob.certain()));
    Optional<ResultsInstance> result = VerdictSynthesis.performSynthesisMultiple(DTreeConstructor.construct(results, costModel, true, true, factory), factory, costModel, true, true, true, false);
    Assertions.assertThat(result.isPresent());
    Assertions.assertThat(result.get().items.size()).isEqualTo(2);
    Assertions.assertThat(result.get().outputCost).isEqualTo(new Fraction(1));
}
Also used : DLeaf(com.ge.verdict.synthesis.dtree.DLeaf) ADNot(com.ge.verdict.attackdefensecollector.adtree.ADNot) CyberReq(com.ge.verdict.attackdefensecollector.model.CyberReq) ADAnd(com.ge.verdict.attackdefensecollector.adtree.ADAnd) AttackDefenseCollector(com.ge.verdict.attackdefensecollector.AttackDefenseCollector) Fraction(org.apache.commons.math3.fraction.Fraction) Attack(com.ge.verdict.attackdefensecollector.adtree.Attack) ResultsInstance(com.ge.verdict.vdm.synthesis.ResultsInstance) Defense(com.ge.verdict.attackdefensecollector.adtree.Defense) ComponentDefense(com.ge.verdict.synthesis.dtree.DLeaf.ComponentDefense) ADTree(com.ge.verdict.attackdefensecollector.adtree.ADTree) SystemModel(com.ge.verdict.attackdefensecollector.model.SystemModel) ADOr(com.ge.verdict.attackdefensecollector.adtree.ADOr) File(java.io.File) Pair(com.ge.verdict.synthesis.util.Pair) Test(org.junit.Test)

Aggregations

ADAnd (com.ge.verdict.attackdefensecollector.adtree.ADAnd)9 ADNot (com.ge.verdict.attackdefensecollector.adtree.ADNot)9 ADOr (com.ge.verdict.attackdefensecollector.adtree.ADOr)9 ADTree (com.ge.verdict.attackdefensecollector.adtree.ADTree)9 Attack (com.ge.verdict.attackdefensecollector.adtree.Attack)9 Defense (com.ge.verdict.attackdefensecollector.adtree.Defense)8 DLeaf (com.ge.verdict.synthesis.dtree.DLeaf)7 SystemModel (com.ge.verdict.attackdefensecollector.model.SystemModel)6 File (java.io.File)6 Test (org.junit.Test)6 DAnd (com.ge.verdict.synthesis.dtree.DAnd)5 DOr (com.ge.verdict.synthesis.dtree.DOr)5 DTree (com.ge.verdict.synthesis.dtree.DTree)5 Fraction (org.apache.commons.math3.fraction.Fraction)4 AttackDefenseCollector (com.ge.verdict.attackdefensecollector.AttackDefenseCollector)3 ArrayList (java.util.ArrayList)3 Optional (java.util.Optional)3 Set (java.util.Set)3 Pair (com.ge.verdict.attackdefensecollector.Pair)2 CyberReq (com.ge.verdict.attackdefensecollector.model.CyberReq)2