Examples with Attack com.ge.verdict.attackdefensecollector.adtree.Attack used on opensource projects
Example 11 with Attack
use of com.ge.verdict.attackdefensecollector.adtree.Attack in project VERDICT by ge-high-assurance.
the class DTreeConstructorTest method multipleRequirementsTest.
@Test
public void multipleRequirementsTest() {
DLeaf.Factory factory = new DLeaf.Factory();
CostModel dummyCosts = new CostModel(new File(getClass().getResource("dummyCosts.xml").getPath()));
SystemModel system = new SystemModel("S1");
Attack attack1 = new Attack(system.getAttackable(), "A1", "An attack", Prob.certain(), CIA.I);
Defense defense1 = new Defense(attack1);
defense1.addDefenseClause(Collections.singletonList(new Defense.DefenseLeaf("D1", Optional.empty())));
List<AttackDefenseCollector.Result> results = Arrays.asList(new AttackDefenseCollector.Result(system, new CyberReq("req1", "mission1", 5, "port1", CIA.I), new ADAnd(new ADNot(defense1), attack1), Prob.certain()), new AttackDefenseCollector.Result(system, new CyberReq("req1", "mission1", 7, "port1", CIA.I), new ADAnd(new ADNot(defense1), attack1), Prob.certain()));
DTree dtree = new DAnd(new DOr(new DOr(new DAnd(new DLeaf("S1", "D1", "A1", 0, 5, dummyCosts, factory, false, false)))), new DOr(new DOr(new DAnd(new DLeaf("S1", "D1", "A1", 0, 7, dummyCosts, factory, false, false)))));
Assertions.assertThat(DTreeConstructor.construct(results, dummyCosts, false, false, factory).prepare().get().prettyPrint()).isEqualTo(dtree.prettyPrint());
}
Also used :
DLeaf(com.ge.verdict.synthesis.dtree.DLeaf)
ADNot(com.ge.verdict.attackdefensecollector.adtree.ADNot)
DTree(com.ge.verdict.synthesis.dtree.DTree)
ADTree(com.ge.verdict.attackdefensecollector.adtree.ADTree)
CyberReq(com.ge.verdict.attackdefensecollector.model.CyberReq)
ADOr(com.ge.verdict.attackdefensecollector.adtree.ADOr)
DOr(com.ge.verdict.synthesis.dtree.DOr)
AttackDefenseCollector(com.ge.verdict.attackdefensecollector.AttackDefenseCollector)
ADAnd(com.ge.verdict.attackdefensecollector.adtree.ADAnd)
Attack(com.ge.verdict.attackdefensecollector.adtree.Attack)
ADAnd(com.ge.verdict.attackdefensecollector.adtree.ADAnd)
DAnd(com.ge.verdict.synthesis.dtree.DAnd)
Defense(com.ge.verdict.attackdefensecollector.adtree.Defense)
SystemModel(com.ge.verdict.attackdefensecollector.model.SystemModel)
File(java.io.File)
Test(org.junit.Test)
Example 12 with Attack
use of com.ge.verdict.attackdefensecollector.adtree.Attack in project VERDICT by ge-high-assurance.
the class ConnectionModel method traceInternal.
private Optional<ADTree> traceInternal(CIA cia, Set<Pair<ConnectionModel, CIA>> cyclePrevention) {
if (!isConcretized()) {
concretize();
}
List<ADTree> children = new ArrayList<>();
Optional<ADTree> traced = getSource().trace(new PortConcern(getSourcePortName(), cia), cyclePrevention);
if (traced.isPresent()) {
children.add(traced.get());
}
// Attacks which apply directly to this connection
for (Attack attack : attackable.getAttacks()) {
// Only allow matching CIA attacks
if (attack.getCia().equals(cia)) {
if (attackToDefense.containsKey(attack)) {
// There is a defense associated
Optional<ADTree> dependentRules = DependentRules.getConnectionDependence(this, attack.getName());
if (dependentRules.isPresent()) {
children.add(new ADAnd(new ADNot(attackToDefense.get(attack)), attack, dependentRules.get()));
} else {
children.add(new ADAnd(new ADNot(attackToDefense.get(attack)), attack));
}
} else {
// There is no defense, just a raw attack
children.add(attack);
}
}
}
return children.isEmpty() ? Optional.empty() : Optional.of(new ADOr(children));
}
Also used :
ADTree(com.ge.verdict.attackdefensecollector.adtree.ADTree)
ADNot(com.ge.verdict.attackdefensecollector.adtree.ADNot)
ADAnd(com.ge.verdict.attackdefensecollector.adtree.ADAnd)
ArrayList(java.util.ArrayList)
ADOr(com.ge.verdict.attackdefensecollector.adtree.ADOr)
Attack(com.ge.verdict.attackdefensecollector.adtree.Attack)
Example 13 with Attack
use of com.ge.verdict.attackdefensecollector.adtree.Attack in project VERDICT by ge-high-assurance.
the class ConnectionModel method concretize.
/**
* Build all of the maps used by trace(). This is performed once for significant time complexity
* improvements.
*/
public void concretize() {
attackToDefense = new LinkedHashMap<>();
Set<Attack> declaredAttacks = new HashSet<>();
for (Attack attack : attackable.getAttacks()) {
declaredAttacks.add(attack);
}
for (Defense defense : attackable.getDefenses()) {
// Check that referenced attacks are added to this system
if (!declaredAttacks.contains(defense.getAttack())) {
throw new RuntimeException("Defense in system " + getName() + " refers to non-existant attack " + defense.getAttack().getName());
}
attackToDefense.put(defense.getAttack(), defense);
}
}Example 14 with Attack
use of com.ge.verdict.attackdefensecollector.adtree.Attack in project VERDICT by ge-high-assurance.
the class SystemModel method concretize.
/**
* Build all of the maps used by trace(). This is performed once for significant time complexity
* improvements.
*/
public void concretize() {
outputConcernToCyberRel = new LinkedHashMap<>();
destPortToOutgoingInternalConnection = new LinkedHashMap<>();
sourcePortToIncomingInternalConnection = new LinkedHashMap<>();
inputPortToIncomingConnection = new LinkedHashMap<>();
attackToDefense = new LinkedHashMap<>();
for (CyberRel cyberRel : cyberRels) {
Util.putListMap(outputConcernToCyberRel, cyberRel.getOutput(), cyberRel);
}
for (ConnectionModel connection : getInternalOutgoingConnections()) {
Util.putListMap(destPortToOutgoingInternalConnection, connection.getDestinationPortName(), connection);
}
for (ConnectionModel connection : getInternalIncomingConnections()) {
Util.putListMap(sourcePortToIncomingInternalConnection, connection.getSourcePortName(), connection);
}
for (ConnectionModel connection : getIncomingConnections()) {
Util.putListMap(inputPortToIncomingConnection, connection.getDestinationPortName(), connection);
}
Set<Attack> declaredAttacks = new HashSet<>();
for (Attack attack : attackable.getAttacks()) {
declaredAttacks.add(attack);
}
for (Defense defense : attackable.getDefenses()) {
// Check that referenced attacks are added to this system
if (!declaredAttacks.contains(defense.getAttack())) {
throw new RuntimeException("Defense in system " + getName() + " refers to non-existant attack " + defense.getAttack().getName());
}
attackToDefense.put(defense.getAttack(), defense);
}
}Example 15 with Attack
use of com.ge.verdict.attackdefensecollector.adtree.Attack in project VERDICT by ge-high-assurance.
the class VerdictSynthesisTest method biggerMeritAssignmentTest.
@Test
public void biggerMeritAssignmentTest() {
CostModel costModel = new CostModel(new File(getClass().getResource("meritCosts.xml").getPath()));
SystemModel system = new SystemModel("C1");
Attack attack1 = new Attack(system.getAttackable(), "A1", "An attack", Prob.certain(), CIA.I);
Defense defense1 = new Defense(attack1);
defense1.addDefenseClause(Collections.singletonList(new Defense.DefenseLeaf("D1", Optional.of(new com.ge.verdict.attackdefensecollector.Pair<>("D1", 1)))));
Attack attack2 = new Attack(system.getAttackable(), "A2", "An attack", Prob.certain(), CIA.I);
Defense defense2 = new Defense(attack2);
defense2.addDefenseClause(Collections.singletonList(new Defense.DefenseLeaf("D2", Optional.of(new com.ge.verdict.attackdefensecollector.Pair<>("D2", 1)))));
ADTree adtree = new ADAnd(new ADOr(new ADAnd(new ADNot(defense1), attack1)), new ADOr(new ADAnd(new ADNot(defense2), attack2)));
DLeaf.Factory factory = new DLeaf.Factory();
List<AttackDefenseCollector.Result> results = Arrays.asList(new AttackDefenseCollector.Result(system, new CyberReq("req1", "mission1", 1, "port1", CIA.I), adtree, Prob.certain()));
Optional<ResultsInstance> result = VerdictSynthesis.performSynthesisMultiple(DTreeConstructor.construct(results, costModel, true, true, factory), factory, costModel, true, true, true, false);
Assertions.assertThat(result.isPresent());
Assertions.assertThat(result.get().items.size()).isEqualTo(2);
Assertions.assertThat(result.get().outputCost).isEqualTo(new Fraction(1));
}
Also used :
DLeaf(com.ge.verdict.synthesis.dtree.DLeaf)
ADNot(com.ge.verdict.attackdefensecollector.adtree.ADNot)
CyberReq(com.ge.verdict.attackdefensecollector.model.CyberReq)
ADAnd(com.ge.verdict.attackdefensecollector.adtree.ADAnd)
AttackDefenseCollector(com.ge.verdict.attackdefensecollector.AttackDefenseCollector)
Fraction(org.apache.commons.math3.fraction.Fraction)
Attack(com.ge.verdict.attackdefensecollector.adtree.Attack)
ResultsInstance(com.ge.verdict.vdm.synthesis.ResultsInstance)
Defense(com.ge.verdict.attackdefensecollector.adtree.Defense)
ComponentDefense(com.ge.verdict.synthesis.dtree.DLeaf.ComponentDefense)
ADTree(com.ge.verdict.attackdefensecollector.adtree.ADTree)
SystemModel(com.ge.verdict.attackdefensecollector.model.SystemModel)
ADOr(com.ge.verdict.attackdefensecollector.adtree.ADOr)
File(java.io.File)
Pair(com.ge.verdict.synthesis.util.Pair)
Test(org.junit.Test)
Aggregations
Attack (com.ge.verdict.attackdefensecollector.adtree.Attack)15
ADTree (com.ge.verdict.attackdefensecollector.adtree.ADTree)13
ADOr (com.ge.verdict.attackdefensecollector.adtree.ADOr)11
Defense (com.ge.verdict.attackdefensecollector.adtree.Defense)11
SystemModel (com.ge.verdict.attackdefensecollector.model.SystemModel)10
DLeaf (com.ge.verdict.synthesis.dtree.DLeaf)10
ADAnd (com.ge.verdict.attackdefensecollector.adtree.ADAnd)9
ADNot (com.ge.verdict.attackdefensecollector.adtree.ADNot)9
Test (org.junit.Test)9
DTree (com.ge.verdict.synthesis.dtree.DTree)8
File (java.io.File)8
DOr (com.ge.verdict.synthesis.dtree.DOr)6
ALeaf (com.ge.verdict.synthesis.dtree.ALeaf)5
DAnd (com.ge.verdict.synthesis.dtree.DAnd)5
Fraction (org.apache.commons.math3.fraction.Fraction)5
ArrayList (java.util.ArrayList)4
Optional (java.util.Optional)4
Set (java.util.Set)4
AttackDefenseCollector (com.ge.verdict.attackdefensecollector.AttackDefenseCollector)3
CyberReq (com.ge.verdict.attackdefensecollector.model.CyberReq)3
