Examples with ADTree com.ge.verdict.attackdefensecollector.adtree.ADTree used on opensource projects
Example 11 with ADTree
use of com.ge.verdict.attackdefensecollector.adtree.ADTree in project VERDICT by ge-high-assurance.
the class DependentRules method getComponentDependence.
public static Optional<ADTree> getComponentDependence(SystemModel component, String attackName) {
List<ADTree> paths = new ArrayList<>();
switch(attackName) {
case "CAPEC-21":
for (ConnectionModel connection : component.getIncomingConnections()) {
if ("Untrusted".equals(connection.getAttributes().get("connectionType"))) {
// Vul-CAPEC-21-1
paths.add(new DefenseCondition(connection.getAttackable(), "deviceAuthentication", 1));
}
}
for (ConnectionModel connection : component.getOutgoingConnections()) {
if ("Untrusted".equals(connection.getAttributes().get("connectionType"))) {
// Vul-CAPEC-21-2
paths.add(new DefenseCondition(connection.getAttackable(), "deviceAuthentication", 1));
}
}
return mkRet(component.getAttackable(), attackName, paths);
case "CAPEC-112":
for (ConnectionModel connection : component.getIncomingConnections()) {
// Vul-CAPEC-112-1, Vul-CAPEC-112-3, Vul-CAPEC-112-5
paths.add(new DefenseCondition(connection.getAttackable(), "deviceAuthentication", 1));
// Vul-CAPEC-112-2, Vul-CAPEC-112-4, Vul-CAPEC-112-6
paths.add(new DefenseCondition(connection.getAttackable(), "encryptedTransmission", 1));
}
return mkRet(component.getAttackable(), attackName, paths);
case "CAPEC-114":
for (ConnectionModel connection : component.getIncomingConnections()) {
// Vul-CAPEC-114-1, Vul-CAPEC-114-2, Vul-CAPEC-114-3
paths.add(new DefenseCondition(connection.getAttackable(), "deviceAuthentication", 1));
}
return mkRet(component.getAttackable(), attackName, paths);
case "CAPEC-115":
for (ConnectionModel connection : component.getIncomingConnections()) {
// Vul-CAPEC-115-1, Vul-CAPEC-115-2, Vul-CAPEC-115-3
paths.add(new DefenseCondition(connection.getAttackable(), "deviceAuthentication", 1));
}
return mkRet(component.getAttackable(), attackName, paths);
case "CAPEC-390":
paths.add(new DefenseCondition(component.getAttackable(), "physicalAccessControl", 1));
return mkRet(component.getAttackable(), attackName, paths);
default:
return Optional.empty();
}
}
Also used :
ADTree(com.ge.verdict.attackdefensecollector.adtree.ADTree)
ArrayList(java.util.ArrayList)
ConnectionModel(com.ge.verdict.attackdefensecollector.model.ConnectionModel)
DefenseCondition(com.ge.verdict.attackdefensecollector.adtree.DefenseCondition)
Example 12 with ADTree
use of com.ge.verdict.attackdefensecollector.adtree.ADTree in project VERDICT by ge-high-assurance.
the class VerdictSynthesisTest method biggerMeritAssignmentTest.
@Test
public void biggerMeritAssignmentTest() {
CostModel costModel = new CostModel(new File(getClass().getResource("meritCosts.xml").getPath()));
SystemModel system = new SystemModel("C1");
Attack attack1 = new Attack(system.getAttackable(), "A1", "An attack", Prob.certain(), CIA.I);
Defense defense1 = new Defense(attack1);
defense1.addDefenseClause(Collections.singletonList(new Defense.DefenseLeaf("D1", Optional.of(new com.ge.verdict.attackdefensecollector.Pair<>("D1", 1)))));
Attack attack2 = new Attack(system.getAttackable(), "A2", "An attack", Prob.certain(), CIA.I);
Defense defense2 = new Defense(attack2);
defense2.addDefenseClause(Collections.singletonList(new Defense.DefenseLeaf("D2", Optional.of(new com.ge.verdict.attackdefensecollector.Pair<>("D2", 1)))));
ADTree adtree = new ADAnd(new ADOr(new ADAnd(new ADNot(defense1), attack1)), new ADOr(new ADAnd(new ADNot(defense2), attack2)));
DLeaf.Factory factory = new DLeaf.Factory();
List<AttackDefenseCollector.Result> results = Arrays.asList(new AttackDefenseCollector.Result(system, new CyberReq("req1", "mission1", 1, "port1", CIA.I), adtree, Prob.certain()));
Optional<ResultsInstance> result = VerdictSynthesis.performSynthesisMultiple(DTreeConstructor.construct(results, costModel, true, true, factory), factory, costModel, true, true, true, false);
Assertions.assertThat(result.isPresent());
Assertions.assertThat(result.get().items.size()).isEqualTo(2);
Assertions.assertThat(result.get().outputCost).isEqualTo(new Fraction(1));
}
Also used :
DLeaf(com.ge.verdict.synthesis.dtree.DLeaf)
ADNot(com.ge.verdict.attackdefensecollector.adtree.ADNot)
CyberReq(com.ge.verdict.attackdefensecollector.model.CyberReq)
ADAnd(com.ge.verdict.attackdefensecollector.adtree.ADAnd)
AttackDefenseCollector(com.ge.verdict.attackdefensecollector.AttackDefenseCollector)
Fraction(org.apache.commons.math3.fraction.Fraction)
Attack(com.ge.verdict.attackdefensecollector.adtree.Attack)
ResultsInstance(com.ge.verdict.vdm.synthesis.ResultsInstance)
Defense(com.ge.verdict.attackdefensecollector.adtree.Defense)
ComponentDefense(com.ge.verdict.synthesis.dtree.DLeaf.ComponentDefense)
ADTree(com.ge.verdict.attackdefensecollector.adtree.ADTree)
SystemModel(com.ge.verdict.attackdefensecollector.model.SystemModel)
ADOr(com.ge.verdict.attackdefensecollector.adtree.ADOr)
File(java.io.File)
Pair(com.ge.verdict.synthesis.util.Pair)
Test(org.junit.Test)
Aggregations
ADTree (com.ge.verdict.attackdefensecollector.adtree.ADTree)12
ADOr (com.ge.verdict.attackdefensecollector.adtree.ADOr)10
ADAnd (com.ge.verdict.attackdefensecollector.adtree.ADAnd)8
ADNot (com.ge.verdict.attackdefensecollector.adtree.ADNot)8
Attack (com.ge.verdict.attackdefensecollector.adtree.Attack)8
Defense (com.ge.verdict.attackdefensecollector.adtree.Defense)8
DLeaf (com.ge.verdict.synthesis.dtree.DLeaf)7
SystemModel (com.ge.verdict.attackdefensecollector.model.SystemModel)6
File (java.io.File)6
DOr (com.ge.verdict.synthesis.dtree.DOr)5
DTree (com.ge.verdict.synthesis.dtree.DTree)5
ArrayList (java.util.ArrayList)5
Test (org.junit.Test)5
DAnd (com.ge.verdict.synthesis.dtree.DAnd)4
Fraction (org.apache.commons.math3.fraction.Fraction)4
ALeaf (com.ge.verdict.synthesis.dtree.ALeaf)3
Optional (java.util.Optional)3
Set (java.util.Set)3
AttackDefenseCollector (com.ge.verdict.attackdefensecollector.AttackDefenseCollector)2
Pair (com.ge.verdict.attackdefensecollector.Pair)2
