Search in sources :

Example 6 with Defense

use of com.ge.verdict.attackdefensecollector.adtree.Defense in project VERDICT by ge-high-assurance.

the class DTreeConstructorTest method testUnmitigatedMixed.

@Test
public void testUnmitigatedMixed() {
    DLeaf.Factory factory = new DLeaf.Factory();
    CostModel dummyCosts = new CostModel(new File(getClass().getResource("dummyCosts.xml").getPath()));
    int dal = 5;
    SystemModel system = new SystemModel("S1");
    Attack attack1 = new Attack(system.getAttackable(), "A1", "An attack", Prob.certain(), CIA.I);
    Attack attack2 = new Attack(system.getAttackable(), "A2", "An attack", Prob.certain(), CIA.I);
    Defense defense1 = new Defense(attack1);
    defense1.addDefenseClause(Collections.singletonList(new Defense.DefenseLeaf("D1", Optional.empty())));
    ADTree adtree = new ADOr(new ADNot(defense1), attack1, attack2);
    Fraction[] costs = Util.fractionCosts(new double[] { 0, 1, 2, 3, 4, 5, 6, 7, 8, 9 });
    DTree dtree = new DAnd(Arrays.asList(new DOr(Collections.singletonList(new DAnd(Collections.singletonList(new DLeaf("S1", "D1", "A1", 0, dal, costs, factory))))), new ALeaf(attack2)));
    Assertions.assertThat(DTreeConstructor.construct(adtree, dummyCosts, dal, false, false, factory).prettyPrint()).isEqualTo(dtree.prettyPrint());
}
Also used : DLeaf(com.ge.verdict.synthesis.dtree.DLeaf) ADNot(com.ge.verdict.attackdefensecollector.adtree.ADNot) DTree(com.ge.verdict.synthesis.dtree.DTree) ADTree(com.ge.verdict.attackdefensecollector.adtree.ADTree) ADOr(com.ge.verdict.attackdefensecollector.adtree.ADOr) DOr(com.ge.verdict.synthesis.dtree.DOr) ALeaf(com.ge.verdict.synthesis.dtree.ALeaf) Fraction(org.apache.commons.math3.fraction.Fraction) Attack(com.ge.verdict.attackdefensecollector.adtree.Attack) ADAnd(com.ge.verdict.attackdefensecollector.adtree.ADAnd) DAnd(com.ge.verdict.synthesis.dtree.DAnd) Defense(com.ge.verdict.attackdefensecollector.adtree.Defense) ADTree(com.ge.verdict.attackdefensecollector.adtree.ADTree) SystemModel(com.ge.verdict.attackdefensecollector.model.SystemModel) ADOr(com.ge.verdict.attackdefensecollector.adtree.ADOr) File(java.io.File) Test(org.junit.Test)

Example 7 with Defense

use of com.ge.verdict.attackdefensecollector.adtree.Defense in project VERDICT by ge-high-assurance.

the class SystemModel method trace.

/**
 * Trace a port concern through a system from an output port, or from the input port of a
 * subsystem with an internal incoming connection, constructing an attack-defense tree for all
 * possible attacks on the system.
 *
 * <p>Uses attacks directly affecting the system, cyber relations, internal connections to
 * subcomponents, and incoming connections to construct the entire attack-defense tree.
 *
 * <p>Avoids entering infinite loops by keeping track of pairs of connections and CIAs that have
 * already been traced.
 *
 * <p>Builds maps (with concretize()) on first invocation.
 *
 * @param concern the port and CIA to trace
 * @param cyclePrevention a set of previously-traced connections and CIAs, used to prevent
 *     cycles from causing infinite loops
 * @return the optional attack-defense tree constructed from tracing the port concern
 */
protected Optional<ADTree> trace(PortConcern concern, Set<Pair<ConnectionModel, CIA>> cyclePrevention) {
    if (!isConcretized()) {
        concretize();
    }
    // Logger.println("Tracing " + getName() + " " + concern.getPortName() + ":" +
    // concern.getCia());
    // All attack-defense trees that will be OR-ed together at the end
    Set<ADTree> children = new HashSet<>();
    // If we find a cyber rel with this output port, then even if we have successfully
    // traced the port concern even if we don't turn up an attack-defense tree at the end
    boolean hasCyberRel = false;
    // Attacks which apply directly to this system
    for (Attack attack : attackable.getAttacks()) {
        // Only allow matching CIA attacks
        if (attack.getCia().equals(concern.getCia())) {
            if (attackToDefense.containsKey(attack)) {
                // There is a defense associated
                Optional<ADTree> dependentRules = DependentRules.getComponentDependence(this, attack.getName());
                if (dependentRules.isPresent()) {
                    children.add(new ADAnd(new ADNot(attackToDefense.get(attack)), attack, dependentRules.get()));
                } else {
                    children.add(new ADAnd(new ADNot(attackToDefense.get(attack)), attack));
                }
            } else {
                // There is no defense, just a raw attack
                children.add(attack);
            }
        }
    }
    // Search in cyber relations
    for (CyberRel cyberRel : Util.guardedGet(outputConcernToCyberRel, concern)) {
        hasCyberRel = true;
        if (cyberRel.getInput().isPresent()) {
            // Trace cyber relation
            cyberRel.getInput().get().toADTree(inputConcern -> traceInputConcern(inputConcern, cyclePrevention)).map(children::add);
        }
    }
    // Search in subcomponents (using internal connections)
    for (ConnectionModel internalConnection : Util.guardedGet(destPortToOutgoingInternalConnection, concern.getPortName())) {
        internalConnection.trace(concern.getCia(), cyclePrevention).map(children::add);
    }
    // (This happens when tracing from a subcomponent back to an input of the overall system)
    for (ConnectionModel internalConnection : Util.guardedGet(sourcePortToIncomingInternalConnection, concern.getPortName())) {
        traceInputConcern(new PortConcern(internalConnection.getSourcePortName(), concern.getCia()), cyclePrevention).map(children::add);
    }
    if (children.isEmpty()) {
        if (!hasCyberRel) {
            Logger.showWarning("Found no trace for " + getName() + " " + concern.getPortName() + ":" + concern.getCia());
        }
        return Optional.empty();
    } else {
        // Disjunction of all of the inputs
        return Optional.of(new ADOr(children));
    }
}
Also used : ADOr(com.ge.verdict.attackdefensecollector.adtree.ADOr) Pair(com.ge.verdict.attackdefensecollector.Pair) Set(java.util.Set) ArrayList(java.util.ArrayList) Attack(com.ge.verdict.attackdefensecollector.adtree.Attack) HashSet(java.util.HashSet) LinkedHashMap(java.util.LinkedHashMap) Objects(java.util.Objects) ADAnd(com.ge.verdict.attackdefensecollector.adtree.ADAnd) List(java.util.List) Defense(com.ge.verdict.attackdefensecollector.adtree.Defense) Util(com.ge.verdict.attackdefensecollector.Util) Map(java.util.Map) Logger(com.ge.verdict.attackdefensecollector.Logger) Optional(java.util.Optional) DependentRules(com.ge.verdict.attackdefensecollector.DependentRules) ADTree(com.ge.verdict.attackdefensecollector.adtree.ADTree) Collections(java.util.Collections) ADNot(com.ge.verdict.attackdefensecollector.adtree.ADNot) ADNot(com.ge.verdict.attackdefensecollector.adtree.ADNot) ADAnd(com.ge.verdict.attackdefensecollector.adtree.ADAnd) Attack(com.ge.verdict.attackdefensecollector.adtree.Attack) ADTree(com.ge.verdict.attackdefensecollector.adtree.ADTree) ADOr(com.ge.verdict.attackdefensecollector.adtree.ADOr) HashSet(java.util.HashSet)

Example 8 with Defense

use of com.ge.verdict.attackdefensecollector.adtree.Defense in project VERDICT by ge-high-assurance.

the class DTreeConstructorTest method partialSolutionTest.

@Test
public void partialSolutionTest() {
    DLeaf.Factory factory = new DLeaf.Factory();
    CostModel dummyCosts = new CostModel(new File(getClass().getResource("dummyCosts.xml").getPath()));
    int dal = 5;
    SystemModel system = new SystemModel("S1");
    Attack attack1 = new Attack(system.getAttackable(), "A1", "An attack", Prob.certain(), CIA.I);
    Attack attack2 = new Attack(system.getAttackable(), "A2", "An attack", Prob.certain(), CIA.A);
    Defense defense1 = new Defense(attack1);
    defense1.addDefenseClause(Collections.singletonList(new Defense.DefenseLeaf("D1", Optional.of(new Pair<>("D1", 3)))));
    Defense defense2 = new Defense(attack2);
    defense2.addDefenseClause(Collections.singletonList(new Defense.DefenseLeaf("D2", Optional.empty())));
    ADTree adtree = new ADOr(new ADNot(defense1), attack1, new ADNot(defense2), attack2);
    Fraction[] costs = Util.fractionCosts(new double[] { 0, 1, 2, 3, 4, 5, 6, 7, 8, 9 });
    DTree dtree = new DAnd(new DOr(new DAnd(new DLeaf("S1", "D1", "A1", 3, dal, costs, factory))), new DOr(new DAnd(new DLeaf("S1", "D2", "A2", 0, dal, costs, factory))));
    Assertions.assertThat(DTreeConstructor.construct(adtree, dummyCosts, dal, true, false, factory).prepare().get().prettyPrint()).isEqualTo(dtree.prettyPrint());
}
Also used : DLeaf(com.ge.verdict.synthesis.dtree.DLeaf) ADNot(com.ge.verdict.attackdefensecollector.adtree.ADNot) DTree(com.ge.verdict.synthesis.dtree.DTree) ADTree(com.ge.verdict.attackdefensecollector.adtree.ADTree) ADOr(com.ge.verdict.attackdefensecollector.adtree.ADOr) DOr(com.ge.verdict.synthesis.dtree.DOr) Fraction(org.apache.commons.math3.fraction.Fraction) Attack(com.ge.verdict.attackdefensecollector.adtree.Attack) ADAnd(com.ge.verdict.attackdefensecollector.adtree.ADAnd) DAnd(com.ge.verdict.synthesis.dtree.DAnd) Defense(com.ge.verdict.attackdefensecollector.adtree.Defense) ADTree(com.ge.verdict.attackdefensecollector.adtree.ADTree) SystemModel(com.ge.verdict.attackdefensecollector.model.SystemModel) ADOr(com.ge.verdict.attackdefensecollector.adtree.ADOr) File(java.io.File) Pair(com.ge.verdict.attackdefensecollector.Pair) Test(org.junit.Test)

Example 9 with Defense

use of com.ge.verdict.attackdefensecollector.adtree.Defense in project VERDICT by ge-high-assurance.

the class DTreeConstructorTest method multipleRequirementsTest.

@Test
public void multipleRequirementsTest() {
    DLeaf.Factory factory = new DLeaf.Factory();
    CostModel dummyCosts = new CostModel(new File(getClass().getResource("dummyCosts.xml").getPath()));
    SystemModel system = new SystemModel("S1");
    Attack attack1 = new Attack(system.getAttackable(), "A1", "An attack", Prob.certain(), CIA.I);
    Defense defense1 = new Defense(attack1);
    defense1.addDefenseClause(Collections.singletonList(new Defense.DefenseLeaf("D1", Optional.empty())));
    List<AttackDefenseCollector.Result> results = Arrays.asList(new AttackDefenseCollector.Result(system, new CyberReq("req1", "mission1", 5, "port1", CIA.I), new ADAnd(new ADNot(defense1), attack1), Prob.certain()), new AttackDefenseCollector.Result(system, new CyberReq("req1", "mission1", 7, "port1", CIA.I), new ADAnd(new ADNot(defense1), attack1), Prob.certain()));
    DTree dtree = new DAnd(new DOr(new DOr(new DAnd(new DLeaf("S1", "D1", "A1", 0, 5, dummyCosts, factory, false, false)))), new DOr(new DOr(new DAnd(new DLeaf("S1", "D1", "A1", 0, 7, dummyCosts, factory, false, false)))));
    Assertions.assertThat(DTreeConstructor.construct(results, dummyCosts, false, false, factory).prepare().get().prettyPrint()).isEqualTo(dtree.prettyPrint());
}
Also used : DLeaf(com.ge.verdict.synthesis.dtree.DLeaf) ADNot(com.ge.verdict.attackdefensecollector.adtree.ADNot) DTree(com.ge.verdict.synthesis.dtree.DTree) ADTree(com.ge.verdict.attackdefensecollector.adtree.ADTree) CyberReq(com.ge.verdict.attackdefensecollector.model.CyberReq) ADOr(com.ge.verdict.attackdefensecollector.adtree.ADOr) DOr(com.ge.verdict.synthesis.dtree.DOr) AttackDefenseCollector(com.ge.verdict.attackdefensecollector.AttackDefenseCollector) ADAnd(com.ge.verdict.attackdefensecollector.adtree.ADAnd) Attack(com.ge.verdict.attackdefensecollector.adtree.Attack) ADAnd(com.ge.verdict.attackdefensecollector.adtree.ADAnd) DAnd(com.ge.verdict.synthesis.dtree.DAnd) Defense(com.ge.verdict.attackdefensecollector.adtree.Defense) SystemModel(com.ge.verdict.attackdefensecollector.model.SystemModel) File(java.io.File) Test(org.junit.Test)

Example 10 with Defense

use of com.ge.verdict.attackdefensecollector.adtree.Defense in project VERDICT by ge-high-assurance.

the class ConnectionModel method concretize.

/**
 * Build all of the maps used by trace(). This is performed once for significant time complexity
 * improvements.
 */
public void concretize() {
    attackToDefense = new LinkedHashMap<>();
    Set<Attack> declaredAttacks = new HashSet<>();
    for (Attack attack : attackable.getAttacks()) {
        declaredAttacks.add(attack);
    }
    for (Defense defense : attackable.getDefenses()) {
        // Check that referenced attacks are added to this system
        if (!declaredAttacks.contains(defense.getAttack())) {
            throw new RuntimeException("Defense in system " + getName() + " refers to non-existant attack " + defense.getAttack().getName());
        }
        attackToDefense.put(defense.getAttack(), defense);
    }
}
Also used : Attack(com.ge.verdict.attackdefensecollector.adtree.Attack) Defense(com.ge.verdict.attackdefensecollector.adtree.Defense) HashSet(java.util.HashSet)

Aggregations

Defense (com.ge.verdict.attackdefensecollector.adtree.Defense)12 Attack (com.ge.verdict.attackdefensecollector.adtree.Attack)11 ADOr (com.ge.verdict.attackdefensecollector.adtree.ADOr)10 ADTree (com.ge.verdict.attackdefensecollector.adtree.ADTree)10 ADAnd (com.ge.verdict.attackdefensecollector.adtree.ADAnd)8 ADNot (com.ge.verdict.attackdefensecollector.adtree.ADNot)8 DLeaf (com.ge.verdict.synthesis.dtree.DLeaf)8 SystemModel (com.ge.verdict.attackdefensecollector.model.SystemModel)7 File (java.io.File)7 DOr (com.ge.verdict.synthesis.dtree.DOr)6 DTree (com.ge.verdict.synthesis.dtree.DTree)6 Test (org.junit.Test)6 DAnd (com.ge.verdict.synthesis.dtree.DAnd)5 Optional (java.util.Optional)4 Set (java.util.Set)4 Fraction (org.apache.commons.math3.fraction.Fraction)4 AttackDefenseCollector (com.ge.verdict.attackdefensecollector.AttackDefenseCollector)3 CyberReq (com.ge.verdict.attackdefensecollector.model.CyberReq)3 ALeaf (com.ge.verdict.synthesis.dtree.ALeaf)3 ArrayList (java.util.ArrayList)3