Search in sources :

Example 6 with SystemModel

use of com.ge.verdict.attackdefensecollector.model.SystemModel in project VERDICT by ge-high-assurance.

the class AttackDefenseCollector method performInference.

/**
 * Perform inference on the loaded model. Factored out because it is used in both the CSV and
 * VDM approaches. Must be called after systems and cyber relations are loaded.
 */
private void performInference() {
    int inferenceCounter = 0;
    for (SystemModel system : sysNameToSystemModelMap.values()) {
        // because we don't want to infer cyber relations for a system with subcomponents
        if (system.getCyberRels().isEmpty() && system.getInternalIncomingConnections().isEmpty() && system.getInternalOutgoingConnections().isEmpty()) {
            Logger.println("Inferring cyber relations for system " + system.getName());
            // anyway because it can't be traced.
            for (ConnectionModel outgoing : system.getOutgoingConnections()) {
                if (!system.getIncomingConnections().isEmpty()) {
                    // For each of C, I, A, we have X -> X
                    for (CIA cia : CIA.values()) {
                        CyberExpr condition = new CyberOr(system.getIncomingConnections().stream().map(incoming -> new PortConcern(incoming.getDestinationPortName(), cia)).collect(Collectors.toList()));
                        system.addCyberRel(new CyberRel("_inference" + (inferenceCounter++), condition, new PortConcern(outgoing.getSourcePortName(), cia)));
                    }
                    // We also have I -> A
                    system.addCyberRel(new CyberRel("_inference" + (inferenceCounter++), new CyberOr(system.getIncomingConnections().stream().map(incoming -> new PortConcern(incoming.getDestinationPortName(), CIA.I)).collect(Collectors.toList())), new PortConcern(outgoing.getSourcePortName(), CIA.A)));
                }
            }
        }
    }
}
Also used : CyberRel(com.ge.verdict.attackdefensecollector.model.CyberRel) SystemModel(com.ge.verdict.attackdefensecollector.model.SystemModel) CyberExpr(com.ge.verdict.attackdefensecollector.model.CyberExpr) PortConcern(com.ge.verdict.attackdefensecollector.model.PortConcern) ConnectionModel(com.ge.verdict.attackdefensecollector.model.ConnectionModel) CIA(com.ge.verdict.attackdefensecollector.model.CIA) CyberOr(com.ge.verdict.attackdefensecollector.model.CyberOr)

Example 7 with SystemModel

use of com.ge.verdict.attackdefensecollector.model.SystemModel in project VERDICT by ge-high-assurance.

the class DTreeConstructorTest method testConstruct.

@Test
public void testConstruct() {
    DLeaf.Factory factory = new DLeaf.Factory();
    CostModel dummyCosts = new CostModel(new File(getClass().getResource("dummyCosts.xml").getPath()));
    int dal = 5;
    SystemModel system = new SystemModel("S1");
    Attack attack1 = new Attack(system.getAttackable(), "A1", "An attack", Prob.certain(), CIA.I);
    Defense defense1 = new Defense(attack1);
    defense1.addDefenseClause(Collections.singletonList(new Defense.DefenseLeaf("D1", Optional.empty())));
    ADTree adtree = new ADOr(new ADAnd(new ADNot(defense1), attack1));
    Fraction[] costs = Util.fractionCosts(new double[] { 0, 1, 2, 3, 4, 5, 6, 7, 8, 9 });
    DTree dtree = new DAnd(Collections.singletonList(new DOr(Collections.singletonList(new DOr(Collections.singletonList(new DAnd(Collections.singletonList(new DLeaf("S1", "D1", "A1", 0, dal, costs, factory)))))))));
    Assertions.assertThat(DTreeConstructor.construct(adtree, dummyCosts, dal, false, false, factory).prettyPrint()).isEqualTo(dtree.prettyPrint());
}
Also used : DLeaf(com.ge.verdict.synthesis.dtree.DLeaf) ADNot(com.ge.verdict.attackdefensecollector.adtree.ADNot) DTree(com.ge.verdict.synthesis.dtree.DTree) ADTree(com.ge.verdict.attackdefensecollector.adtree.ADTree) ADOr(com.ge.verdict.attackdefensecollector.adtree.ADOr) DOr(com.ge.verdict.synthesis.dtree.DOr) ADAnd(com.ge.verdict.attackdefensecollector.adtree.ADAnd) Fraction(org.apache.commons.math3.fraction.Fraction) Attack(com.ge.verdict.attackdefensecollector.adtree.Attack) ADAnd(com.ge.verdict.attackdefensecollector.adtree.ADAnd) DAnd(com.ge.verdict.synthesis.dtree.DAnd) Defense(com.ge.verdict.attackdefensecollector.adtree.Defense) ADTree(com.ge.verdict.attackdefensecollector.adtree.ADTree) SystemModel(com.ge.verdict.attackdefensecollector.model.SystemModel) ADOr(com.ge.verdict.attackdefensecollector.adtree.ADOr) File(java.io.File) Test(org.junit.Test)

Example 8 with SystemModel

use of com.ge.verdict.attackdefensecollector.model.SystemModel in project VERDICT by ge-high-assurance.

the class DTreeConstructorTest method testUnmitigated.

@Test
public void testUnmitigated() {
    DLeaf.Factory factory = new DLeaf.Factory();
    CostModel dummyCosts = new CostModel(new File(getClass().getResource("dummyCosts.xml").getPath()));
    int dal = 5;
    SystemModel system = new SystemModel("S1");
    Attack attack1 = new Attack(system.getAttackable(), "A1", "An attack", Prob.certain(), CIA.I);
    DTree dtree = new ALeaf(attack1);
    Assertions.assertThat(DTreeConstructor.construct(attack1, dummyCosts, dal, false, false, factory).prettyPrint()).isEqualTo(dtree.prettyPrint());
}
Also used : DLeaf(com.ge.verdict.synthesis.dtree.DLeaf) SystemModel(com.ge.verdict.attackdefensecollector.model.SystemModel) DTree(com.ge.verdict.synthesis.dtree.DTree) ADTree(com.ge.verdict.attackdefensecollector.adtree.ADTree) ALeaf(com.ge.verdict.synthesis.dtree.ALeaf) Attack(com.ge.verdict.attackdefensecollector.adtree.Attack) File(java.io.File) Test(org.junit.Test)

Example 9 with SystemModel

use of com.ge.verdict.attackdefensecollector.model.SystemModel in project VERDICT by ge-high-assurance.

the class DTreeConstructorTest method testUnmitigatedMixed.

@Test
public void testUnmitigatedMixed() {
    DLeaf.Factory factory = new DLeaf.Factory();
    CostModel dummyCosts = new CostModel(new File(getClass().getResource("dummyCosts.xml").getPath()));
    int dal = 5;
    SystemModel system = new SystemModel("S1");
    Attack attack1 = new Attack(system.getAttackable(), "A1", "An attack", Prob.certain(), CIA.I);
    Attack attack2 = new Attack(system.getAttackable(), "A2", "An attack", Prob.certain(), CIA.I);
    Defense defense1 = new Defense(attack1);
    defense1.addDefenseClause(Collections.singletonList(new Defense.DefenseLeaf("D1", Optional.empty())));
    ADTree adtree = new ADOr(new ADNot(defense1), attack1, attack2);
    Fraction[] costs = Util.fractionCosts(new double[] { 0, 1, 2, 3, 4, 5, 6, 7, 8, 9 });
    DTree dtree = new DAnd(Arrays.asList(new DOr(Collections.singletonList(new DAnd(Collections.singletonList(new DLeaf("S1", "D1", "A1", 0, dal, costs, factory))))), new ALeaf(attack2)));
    Assertions.assertThat(DTreeConstructor.construct(adtree, dummyCosts, dal, false, false, factory).prettyPrint()).isEqualTo(dtree.prettyPrint());
}
Also used : DLeaf(com.ge.verdict.synthesis.dtree.DLeaf) ADNot(com.ge.verdict.attackdefensecollector.adtree.ADNot) DTree(com.ge.verdict.synthesis.dtree.DTree) ADTree(com.ge.verdict.attackdefensecollector.adtree.ADTree) ADOr(com.ge.verdict.attackdefensecollector.adtree.ADOr) DOr(com.ge.verdict.synthesis.dtree.DOr) ALeaf(com.ge.verdict.synthesis.dtree.ALeaf) Fraction(org.apache.commons.math3.fraction.Fraction) Attack(com.ge.verdict.attackdefensecollector.adtree.Attack) ADAnd(com.ge.verdict.attackdefensecollector.adtree.ADAnd) DAnd(com.ge.verdict.synthesis.dtree.DAnd) Defense(com.ge.verdict.attackdefensecollector.adtree.Defense) ADTree(com.ge.verdict.attackdefensecollector.adtree.ADTree) SystemModel(com.ge.verdict.attackdefensecollector.model.SystemModel) ADOr(com.ge.verdict.attackdefensecollector.adtree.ADOr) File(java.io.File) Test(org.junit.Test)

Example 10 with SystemModel

use of com.ge.verdict.attackdefensecollector.model.SystemModel in project VERDICT by ge-high-assurance.

the class DTreeConstructorTest method partialSolutionTest.

@Test
public void partialSolutionTest() {
    DLeaf.Factory factory = new DLeaf.Factory();
    CostModel dummyCosts = new CostModel(new File(getClass().getResource("dummyCosts.xml").getPath()));
    int dal = 5;
    SystemModel system = new SystemModel("S1");
    Attack attack1 = new Attack(system.getAttackable(), "A1", "An attack", Prob.certain(), CIA.I);
    Attack attack2 = new Attack(system.getAttackable(), "A2", "An attack", Prob.certain(), CIA.A);
    Defense defense1 = new Defense(attack1);
    defense1.addDefenseClause(Collections.singletonList(new Defense.DefenseLeaf("D1", Optional.of(new Pair<>("D1", 3)))));
    Defense defense2 = new Defense(attack2);
    defense2.addDefenseClause(Collections.singletonList(new Defense.DefenseLeaf("D2", Optional.empty())));
    ADTree adtree = new ADOr(new ADNot(defense1), attack1, new ADNot(defense2), attack2);
    Fraction[] costs = Util.fractionCosts(new double[] { 0, 1, 2, 3, 4, 5, 6, 7, 8, 9 });
    DTree dtree = new DAnd(new DOr(new DAnd(new DLeaf("S1", "D1", "A1", 3, dal, costs, factory))), new DOr(new DAnd(new DLeaf("S1", "D2", "A2", 0, dal, costs, factory))));
    Assertions.assertThat(DTreeConstructor.construct(adtree, dummyCosts, dal, true, false, factory).prepare().get().prettyPrint()).isEqualTo(dtree.prettyPrint());
}
Also used : DLeaf(com.ge.verdict.synthesis.dtree.DLeaf) ADNot(com.ge.verdict.attackdefensecollector.adtree.ADNot) DTree(com.ge.verdict.synthesis.dtree.DTree) ADTree(com.ge.verdict.attackdefensecollector.adtree.ADTree) ADOr(com.ge.verdict.attackdefensecollector.adtree.ADOr) DOr(com.ge.verdict.synthesis.dtree.DOr) Fraction(org.apache.commons.math3.fraction.Fraction) Attack(com.ge.verdict.attackdefensecollector.adtree.Attack) ADAnd(com.ge.verdict.attackdefensecollector.adtree.ADAnd) DAnd(com.ge.verdict.synthesis.dtree.DAnd) Defense(com.ge.verdict.attackdefensecollector.adtree.Defense) ADTree(com.ge.verdict.attackdefensecollector.adtree.ADTree) SystemModel(com.ge.verdict.attackdefensecollector.model.SystemModel) ADOr(com.ge.verdict.attackdefensecollector.adtree.ADOr) File(java.io.File) Pair(com.ge.verdict.attackdefensecollector.Pair) Test(org.junit.Test)

Aggregations

SystemModel (com.ge.verdict.attackdefensecollector.model.SystemModel)12 ADTree (com.ge.verdict.attackdefensecollector.adtree.ADTree)11 Attack (com.ge.verdict.attackdefensecollector.adtree.Attack)10 ADOr (com.ge.verdict.attackdefensecollector.adtree.ADOr)9 DLeaf (com.ge.verdict.synthesis.dtree.DLeaf)9 Test (org.junit.Test)9 File (java.io.File)8 Defense (com.ge.verdict.attackdefensecollector.adtree.Defense)7 DTree (com.ge.verdict.synthesis.dtree.DTree)7 ADAnd (com.ge.verdict.attackdefensecollector.adtree.ADAnd)6 ADNot (com.ge.verdict.attackdefensecollector.adtree.ADNot)6 DOr (com.ge.verdict.synthesis.dtree.DOr)5 Fraction (org.apache.commons.math3.fraction.Fraction)5 CyberReq (com.ge.verdict.attackdefensecollector.model.CyberReq)4 ALeaf (com.ge.verdict.synthesis.dtree.ALeaf)4 DAnd (com.ge.verdict.synthesis.dtree.DAnd)4 Approach (com.ge.verdict.synthesis.VerdictSynthesis.Approach)3 ComponentDefense (com.ge.verdict.synthesis.dtree.DLeaf.ComponentDefense)3 Pair (com.ge.verdict.synthesis.util.Pair)3 AttackDefenseCollector (com.ge.verdict.attackdefensecollector.AttackDefenseCollector)2