use of com.ge.verdict.attackdefensecollector.model.SystemModel in project VERDICT by ge-high-assurance.
the class AttackDefenseCollector method performInference.
/**
* Perform inference on the loaded model. Factored out because it is used in both the CSV and
* VDM approaches. Must be called after systems and cyber relations are loaded.
*/
private void performInference() {
int inferenceCounter = 0;
for (SystemModel system : sysNameToSystemModelMap.values()) {
// because we don't want to infer cyber relations for a system with subcomponents
if (system.getCyberRels().isEmpty() && system.getInternalIncomingConnections().isEmpty() && system.getInternalOutgoingConnections().isEmpty()) {
Logger.println("Inferring cyber relations for system " + system.getName());
// anyway because it can't be traced.
for (ConnectionModel outgoing : system.getOutgoingConnections()) {
if (!system.getIncomingConnections().isEmpty()) {
// For each of C, I, A, we have X -> X
for (CIA cia : CIA.values()) {
CyberExpr condition = new CyberOr(system.getIncomingConnections().stream().map(incoming -> new PortConcern(incoming.getDestinationPortName(), cia)).collect(Collectors.toList()));
system.addCyberRel(new CyberRel("_inference" + (inferenceCounter++), condition, new PortConcern(outgoing.getSourcePortName(), cia)));
}
// We also have I -> A
system.addCyberRel(new CyberRel("_inference" + (inferenceCounter++), new CyberOr(system.getIncomingConnections().stream().map(incoming -> new PortConcern(incoming.getDestinationPortName(), CIA.I)).collect(Collectors.toList())), new PortConcern(outgoing.getSourcePortName(), CIA.A)));
}
}
}
}
}
use of com.ge.verdict.attackdefensecollector.model.SystemModel in project VERDICT by ge-high-assurance.
the class DTreeConstructorTest method testConstruct.
@Test
public void testConstruct() {
DLeaf.Factory factory = new DLeaf.Factory();
CostModel dummyCosts = new CostModel(new File(getClass().getResource("dummyCosts.xml").getPath()));
int dal = 5;
SystemModel system = new SystemModel("S1");
Attack attack1 = new Attack(system.getAttackable(), "A1", "An attack", Prob.certain(), CIA.I);
Defense defense1 = new Defense(attack1);
defense1.addDefenseClause(Collections.singletonList(new Defense.DefenseLeaf("D1", Optional.empty())));
ADTree adtree = new ADOr(new ADAnd(new ADNot(defense1), attack1));
Fraction[] costs = Util.fractionCosts(new double[] { 0, 1, 2, 3, 4, 5, 6, 7, 8, 9 });
DTree dtree = new DAnd(Collections.singletonList(new DOr(Collections.singletonList(new DOr(Collections.singletonList(new DAnd(Collections.singletonList(new DLeaf("S1", "D1", "A1", 0, dal, costs, factory)))))))));
Assertions.assertThat(DTreeConstructor.construct(adtree, dummyCosts, dal, false, false, factory).prettyPrint()).isEqualTo(dtree.prettyPrint());
}
use of com.ge.verdict.attackdefensecollector.model.SystemModel in project VERDICT by ge-high-assurance.
the class DTreeConstructorTest method testUnmitigated.
@Test
public void testUnmitigated() {
DLeaf.Factory factory = new DLeaf.Factory();
CostModel dummyCosts = new CostModel(new File(getClass().getResource("dummyCosts.xml").getPath()));
int dal = 5;
SystemModel system = new SystemModel("S1");
Attack attack1 = new Attack(system.getAttackable(), "A1", "An attack", Prob.certain(), CIA.I);
DTree dtree = new ALeaf(attack1);
Assertions.assertThat(DTreeConstructor.construct(attack1, dummyCosts, dal, false, false, factory).prettyPrint()).isEqualTo(dtree.prettyPrint());
}
use of com.ge.verdict.attackdefensecollector.model.SystemModel in project VERDICT by ge-high-assurance.
the class DTreeConstructorTest method testUnmitigatedMixed.
@Test
public void testUnmitigatedMixed() {
DLeaf.Factory factory = new DLeaf.Factory();
CostModel dummyCosts = new CostModel(new File(getClass().getResource("dummyCosts.xml").getPath()));
int dal = 5;
SystemModel system = new SystemModel("S1");
Attack attack1 = new Attack(system.getAttackable(), "A1", "An attack", Prob.certain(), CIA.I);
Attack attack2 = new Attack(system.getAttackable(), "A2", "An attack", Prob.certain(), CIA.I);
Defense defense1 = new Defense(attack1);
defense1.addDefenseClause(Collections.singletonList(new Defense.DefenseLeaf("D1", Optional.empty())));
ADTree adtree = new ADOr(new ADNot(defense1), attack1, attack2);
Fraction[] costs = Util.fractionCosts(new double[] { 0, 1, 2, 3, 4, 5, 6, 7, 8, 9 });
DTree dtree = new DAnd(Arrays.asList(new DOr(Collections.singletonList(new DAnd(Collections.singletonList(new DLeaf("S1", "D1", "A1", 0, dal, costs, factory))))), new ALeaf(attack2)));
Assertions.assertThat(DTreeConstructor.construct(adtree, dummyCosts, dal, false, false, factory).prettyPrint()).isEqualTo(dtree.prettyPrint());
}
use of com.ge.verdict.attackdefensecollector.model.SystemModel in project VERDICT by ge-high-assurance.
the class DTreeConstructorTest method partialSolutionTest.
@Test
public void partialSolutionTest() {
DLeaf.Factory factory = new DLeaf.Factory();
CostModel dummyCosts = new CostModel(new File(getClass().getResource("dummyCosts.xml").getPath()));
int dal = 5;
SystemModel system = new SystemModel("S1");
Attack attack1 = new Attack(system.getAttackable(), "A1", "An attack", Prob.certain(), CIA.I);
Attack attack2 = new Attack(system.getAttackable(), "A2", "An attack", Prob.certain(), CIA.A);
Defense defense1 = new Defense(attack1);
defense1.addDefenseClause(Collections.singletonList(new Defense.DefenseLeaf("D1", Optional.of(new Pair<>("D1", 3)))));
Defense defense2 = new Defense(attack2);
defense2.addDefenseClause(Collections.singletonList(new Defense.DefenseLeaf("D2", Optional.empty())));
ADTree adtree = new ADOr(new ADNot(defense1), attack1, new ADNot(defense2), attack2);
Fraction[] costs = Util.fractionCosts(new double[] { 0, 1, 2, 3, 4, 5, 6, 7, 8, 9 });
DTree dtree = new DAnd(new DOr(new DAnd(new DLeaf("S1", "D1", "A1", 3, dal, costs, factory))), new DOr(new DAnd(new DLeaf("S1", "D2", "A2", 0, dal, costs, factory))));
Assertions.assertThat(DTreeConstructor.construct(adtree, dummyCosts, dal, true, false, factory).prepare().get().prettyPrint()).isEqualTo(dtree.prettyPrint());
}
Aggregations