use of com.ge.verdict.attackdefensecollector.adtree.Defense in project VERDICT by ge-high-assurance.
the class DTreeConstructorTest method testUnmitigatedMixed.
@Test
public void testUnmitigatedMixed() {
DLeaf.Factory factory = new DLeaf.Factory();
CostModel dummyCosts = new CostModel(new File(getClass().getResource("dummyCosts.xml").getPath()));
int dal = 5;
SystemModel system = new SystemModel("S1");
Attack attack1 = new Attack(system.getAttackable(), "A1", "An attack", Prob.certain(), CIA.I);
Attack attack2 = new Attack(system.getAttackable(), "A2", "An attack", Prob.certain(), CIA.I);
Defense defense1 = new Defense(attack1);
defense1.addDefenseClause(Collections.singletonList(new Defense.DefenseLeaf("D1", Optional.empty())));
ADTree adtree = new ADOr(new ADNot(defense1), attack1, attack2);
Fraction[] costs = Util.fractionCosts(new double[] { 0, 1, 2, 3, 4, 5, 6, 7, 8, 9 });
DTree dtree = new DAnd(Arrays.asList(new DOr(Collections.singletonList(new DAnd(Collections.singletonList(new DLeaf("S1", "D1", "A1", 0, dal, costs, factory))))), new ALeaf(attack2)));
Assertions.assertThat(DTreeConstructor.construct(adtree, dummyCosts, dal, false, false, factory).prettyPrint()).isEqualTo(dtree.prettyPrint());
}
use of com.ge.verdict.attackdefensecollector.adtree.Defense in project VERDICT by ge-high-assurance.
the class SystemModel method trace.
/**
* Trace a port concern through a system from an output port, or from the input port of a
* subsystem with an internal incoming connection, constructing an attack-defense tree for all
* possible attacks on the system.
*
* <p>Uses attacks directly affecting the system, cyber relations, internal connections to
* subcomponents, and incoming connections to construct the entire attack-defense tree.
*
* <p>Avoids entering infinite loops by keeping track of pairs of connections and CIAs that have
* already been traced.
*
* <p>Builds maps (with concretize()) on first invocation.
*
* @param concern the port and CIA to trace
* @param cyclePrevention a set of previously-traced connections and CIAs, used to prevent
* cycles from causing infinite loops
* @return the optional attack-defense tree constructed from tracing the port concern
*/
protected Optional<ADTree> trace(PortConcern concern, Set<Pair<ConnectionModel, CIA>> cyclePrevention) {
if (!isConcretized()) {
concretize();
}
// Logger.println("Tracing " + getName() + " " + concern.getPortName() + ":" +
// concern.getCia());
// All attack-defense trees that will be OR-ed together at the end
Set<ADTree> children = new HashSet<>();
// If we find a cyber rel with this output port, then even if we have successfully
// traced the port concern even if we don't turn up an attack-defense tree at the end
boolean hasCyberRel = false;
// Attacks which apply directly to this system
for (Attack attack : attackable.getAttacks()) {
// Only allow matching CIA attacks
if (attack.getCia().equals(concern.getCia())) {
if (attackToDefense.containsKey(attack)) {
// There is a defense associated
Optional<ADTree> dependentRules = DependentRules.getComponentDependence(this, attack.getName());
if (dependentRules.isPresent()) {
children.add(new ADAnd(new ADNot(attackToDefense.get(attack)), attack, dependentRules.get()));
} else {
children.add(new ADAnd(new ADNot(attackToDefense.get(attack)), attack));
}
} else {
// There is no defense, just a raw attack
children.add(attack);
}
}
}
// Search in cyber relations
for (CyberRel cyberRel : Util.guardedGet(outputConcernToCyberRel, concern)) {
hasCyberRel = true;
if (cyberRel.getInput().isPresent()) {
// Trace cyber relation
cyberRel.getInput().get().toADTree(inputConcern -> traceInputConcern(inputConcern, cyclePrevention)).map(children::add);
}
}
// Search in subcomponents (using internal connections)
for (ConnectionModel internalConnection : Util.guardedGet(destPortToOutgoingInternalConnection, concern.getPortName())) {
internalConnection.trace(concern.getCia(), cyclePrevention).map(children::add);
}
// (This happens when tracing from a subcomponent back to an input of the overall system)
for (ConnectionModel internalConnection : Util.guardedGet(sourcePortToIncomingInternalConnection, concern.getPortName())) {
traceInputConcern(new PortConcern(internalConnection.getSourcePortName(), concern.getCia()), cyclePrevention).map(children::add);
}
if (children.isEmpty()) {
if (!hasCyberRel) {
Logger.showWarning("Found no trace for " + getName() + " " + concern.getPortName() + ":" + concern.getCia());
}
return Optional.empty();
} else {
// Disjunction of all of the inputs
return Optional.of(new ADOr(children));
}
}
use of com.ge.verdict.attackdefensecollector.adtree.Defense in project VERDICT by ge-high-assurance.
the class DTreeConstructorTest method partialSolutionTest.
@Test
public void partialSolutionTest() {
DLeaf.Factory factory = new DLeaf.Factory();
CostModel dummyCosts = new CostModel(new File(getClass().getResource("dummyCosts.xml").getPath()));
int dal = 5;
SystemModel system = new SystemModel("S1");
Attack attack1 = new Attack(system.getAttackable(), "A1", "An attack", Prob.certain(), CIA.I);
Attack attack2 = new Attack(system.getAttackable(), "A2", "An attack", Prob.certain(), CIA.A);
Defense defense1 = new Defense(attack1);
defense1.addDefenseClause(Collections.singletonList(new Defense.DefenseLeaf("D1", Optional.of(new Pair<>("D1", 3)))));
Defense defense2 = new Defense(attack2);
defense2.addDefenseClause(Collections.singletonList(new Defense.DefenseLeaf("D2", Optional.empty())));
ADTree adtree = new ADOr(new ADNot(defense1), attack1, new ADNot(defense2), attack2);
Fraction[] costs = Util.fractionCosts(new double[] { 0, 1, 2, 3, 4, 5, 6, 7, 8, 9 });
DTree dtree = new DAnd(new DOr(new DAnd(new DLeaf("S1", "D1", "A1", 3, dal, costs, factory))), new DOr(new DAnd(new DLeaf("S1", "D2", "A2", 0, dal, costs, factory))));
Assertions.assertThat(DTreeConstructor.construct(adtree, dummyCosts, dal, true, false, factory).prepare().get().prettyPrint()).isEqualTo(dtree.prettyPrint());
}
use of com.ge.verdict.attackdefensecollector.adtree.Defense in project VERDICT by ge-high-assurance.
the class DTreeConstructorTest method multipleRequirementsTest.
@Test
public void multipleRequirementsTest() {
DLeaf.Factory factory = new DLeaf.Factory();
CostModel dummyCosts = new CostModel(new File(getClass().getResource("dummyCosts.xml").getPath()));
SystemModel system = new SystemModel("S1");
Attack attack1 = new Attack(system.getAttackable(), "A1", "An attack", Prob.certain(), CIA.I);
Defense defense1 = new Defense(attack1);
defense1.addDefenseClause(Collections.singletonList(new Defense.DefenseLeaf("D1", Optional.empty())));
List<AttackDefenseCollector.Result> results = Arrays.asList(new AttackDefenseCollector.Result(system, new CyberReq("req1", "mission1", 5, "port1", CIA.I), new ADAnd(new ADNot(defense1), attack1), Prob.certain()), new AttackDefenseCollector.Result(system, new CyberReq("req1", "mission1", 7, "port1", CIA.I), new ADAnd(new ADNot(defense1), attack1), Prob.certain()));
DTree dtree = new DAnd(new DOr(new DOr(new DAnd(new DLeaf("S1", "D1", "A1", 0, 5, dummyCosts, factory, false, false)))), new DOr(new DOr(new DAnd(new DLeaf("S1", "D1", "A1", 0, 7, dummyCosts, factory, false, false)))));
Assertions.assertThat(DTreeConstructor.construct(results, dummyCosts, false, false, factory).prepare().get().prettyPrint()).isEqualTo(dtree.prettyPrint());
}
use of com.ge.verdict.attackdefensecollector.adtree.Defense in project VERDICT by ge-high-assurance.
the class ConnectionModel method concretize.
/**
* Build all of the maps used by trace(). This is performed once for significant time complexity
* improvements.
*/
public void concretize() {
attackToDefense = new LinkedHashMap<>();
Set<Attack> declaredAttacks = new HashSet<>();
for (Attack attack : attackable.getAttacks()) {
declaredAttacks.add(attack);
}
for (Defense defense : attackable.getDefenses()) {
// Check that referenced attacks are added to this system
if (!declaredAttacks.contains(defense.getAttack())) {
throw new RuntimeException("Defense in system " + getName() + " refers to non-existant attack " + defense.getAttack().getName());
}
attackToDefense.put(defense.getAttack(), defense);
}
}
Aggregations