Example 1 with DOr
use of com.ge.verdict.synthesis.dtree.DOr in project VERDICT by ge-high-assurance.
the class VerdictSynthesisTest method meritAssignmentTest.
@Test
public void meritAssignmentTest() {
DLeaf.Factory factory = new DLeaf.Factory();
Fraction[] costs1 = Util.fractionCosts(new double[] { 0, 1, 2, 3, 4, 5, 6, 7, 8, 9 });
Fraction[] costs2 = Util.fractionCosts(new double[] { 1, 2, 3, 5, 6, 7, 8, 9, 10, 11 });
DLeaf leaf1 = new DLeaf("S1", "D1", "A1", 3, 3, costs1, factory);
DLeaf leaf2 = new DLeaf("S1", "D2", "A2", 3, 3, costs2, factory);
DTree dtree = new DOr(leaf1, leaf2);
CostModel costModel = new CostModel(new Triple<>("S1", "D1", costs1), new Triple<>("S1", "D2", costs2));
Optional<ResultsInstance> result = VerdictSynthesis.performSynthesisMultiple(dtree, factory, costModel, true, true, true, false);
Assertions.assertThat(result.isPresent());
Assertions.assertThat(result.get().items).hasSize(2);
Assertions.assertThat(result.get().items).contains(new ResultsInstance.Item("S1", "D1", 3, 3, new Fraction(3), new Fraction(3)));
Assertions.assertThat(result.get().items).contains(new ResultsInstance.Item("S1", "D2", 3, 0, new Fraction(5), new Fraction(1)));
Assertions.assertThat(result.get().outputCost).isEqualTo(new Fraction(4));
}
Also used :
DLeaf(com.ge.verdict.synthesis.dtree.DLeaf)
DTree(com.ge.verdict.synthesis.dtree.DTree)
ADTree(com.ge.verdict.attackdefensecollector.adtree.ADTree)
ADOr(com.ge.verdict.attackdefensecollector.adtree.ADOr)
DOr(com.ge.verdict.synthesis.dtree.DOr)
Fraction(org.apache.commons.math3.fraction.Fraction)
ResultsInstance(com.ge.verdict.vdm.synthesis.ResultsInstance)
Test(org.junit.Test)
Example 2 with DOr
use of com.ge.verdict.synthesis.dtree.DOr in project VERDICT by ge-high-assurance.
the class VerdictSynthesisTest method unmitigatedMixedTest.
@Test
public void unmitigatedMixedTest() {
DLeaf.Factory factory = new DLeaf.Factory();
SystemModel system = new SystemModel("S1");
int targetDal = 1;
Fraction[] costs = Util.fractionCosts(new double[] { 5, 5, 5, 5, 5, 5, 5, 5, 5, 5 });
DLeaf dleaf = new DLeaf("S1", "D1", "A2", 0, targetDal, costs, factory);
DTree dtree = new DOr(new ALeaf(new Attack(system.getAttackable(), "A1", "An attack", Prob.certain(), CIA.I)), dleaf);
for (Approach approach : Approach.values()) {
Optional<Pair<Set<ComponentDefense>, Double>> result = VerdictSynthesis.performSynthesisSingle(dtree, targetDal, factory, approach);
Assertions.assertThat(result.isPresent());
Assertions.assertThat(result.get().left).hasSize(1);
Assertions.assertThat(result.get().left).contains(dleaf.componentDefense);
Assertions.assertThat(result.get().right).isEqualTo(5);
}
}
Also used :
DLeaf(com.ge.verdict.synthesis.dtree.DLeaf)
DTree(com.ge.verdict.synthesis.dtree.DTree)
ADTree(com.ge.verdict.attackdefensecollector.adtree.ADTree)
ADOr(com.ge.verdict.attackdefensecollector.adtree.ADOr)
DOr(com.ge.verdict.synthesis.dtree.DOr)
ALeaf(com.ge.verdict.synthesis.dtree.ALeaf)
Fraction(org.apache.commons.math3.fraction.Fraction)
Attack(com.ge.verdict.attackdefensecollector.adtree.Attack)
SystemModel(com.ge.verdict.attackdefensecollector.model.SystemModel)
ComponentDefense(com.ge.verdict.synthesis.dtree.DLeaf.ComponentDefense)
Approach(com.ge.verdict.synthesis.VerdictSynthesis.Approach)
Pair(com.ge.verdict.synthesis.util.Pair)
Test(org.junit.Test)
Example 3 with DOr
use of com.ge.verdict.synthesis.dtree.DOr in project VERDICT by ge-high-assurance.
the class VerdictSynthesisTest method performSynthesisTestInternal.
private void performSynthesisTestInternal(int[] costs, String[] selected, Approach approach) {
if (costs.length != 3) {
throw new RuntimeException("hey!");
}
DLeaf.Factory factory = new DLeaf.Factory();
double[] doubleCosts0 = new double[10];
double[] doubleCosts1 = new double[10];
double[] doubleCosts2 = new double[10];
for (int i = 0; i < 10; i++) {
doubleCosts0[i] = costs[0];
doubleCosts1[i] = costs[1];
doubleCosts2[i] = costs[2];
}
Fraction[] fractionCosts0 = Util.fractionCosts(doubleCosts0);
Fraction[] fractionCosts1 = Util.fractionCosts(doubleCosts1);
Fraction[] fractionCosts2 = Util.fractionCosts(doubleCosts2);
int targetDal = 1;
DLeaf cd1 = new DLeaf("C1", "D1", "A1", 0, targetDal, fractionCosts0, factory);
DLeaf cd2 = new DLeaf("C2", "D2", "A2", 0, targetDal, fractionCosts1, factory);
DLeaf cd3 = new DLeaf("C3", "D3", "A3", 0, targetDal, fractionCosts2, factory);
DTree tree = new DOr(new DAnd(cd1, cd2), new DAnd(cd2, cd3), new DAnd(cd1, cd3));
Optional<Pair<Set<ComponentDefense>, Double>> output = VerdictSynthesis.performSynthesisSingle(tree, targetDal, factory, approach);
Assertions.assertThat(output.isPresent()).isTrue();
Assertions.assertThat(output.get().left.size()).isEqualTo(selected.length);
for (String comp : selected) {
Assertions.assertThat(output.get().left.stream()).withFailMessage("Expected: " + stringOfArray(selected) + ", output: " + stringOfIterable(output.get().left) + ", does not contain component: " + comp + ", approach: " + approach.toString()).anyMatch(pair -> pair.component.equals(comp));
}
}
Also used :
DLeaf(com.ge.verdict.synthesis.dtree.DLeaf)
DTree(com.ge.verdict.synthesis.dtree.DTree)
ADTree(com.ge.verdict.attackdefensecollector.adtree.ADTree)
ADOr(com.ge.verdict.attackdefensecollector.adtree.ADOr)
DOr(com.ge.verdict.synthesis.dtree.DOr)
Fraction(org.apache.commons.math3.fraction.Fraction)
ADAnd(com.ge.verdict.attackdefensecollector.adtree.ADAnd)
DAnd(com.ge.verdict.synthesis.dtree.DAnd)
ComponentDefense(com.ge.verdict.synthesis.dtree.DLeaf.ComponentDefense)
Pair(com.ge.verdict.synthesis.util.Pair)
Example 4 with DOr
use of com.ge.verdict.synthesis.dtree.DOr in project VERDICT by ge-high-assurance.
the class DTreeConstructor method perform.
/**
* This is the part that actually constructs the dtree.
*
* @param adtree
* @return
*/
private DTree perform(ADTree adtree) {
Optional<DTree> resultOpt = constructInternal(adtree);
if (!resultOpt.isPresent()) {
return new DOr(Collections.emptyList());
} else {
DTree result = resultOpt.get();
// remove raw attack leaves that are covered by a defense
for (Defense defense : defenses) {
if (!attackALeafMap.containsKey(defense.getAttack())) {
throw new RuntimeException("defense references undefined attack: " + defense.getAttack().getName());
}
// it isn't included in the final tree
for (ALeaf aleaf : attackALeafMap.get(defense.getAttack())) {
aleaf.setMitigated();
}
}
// these are the raw attack leaves that aren't covered by a defense
Set<ALeaf> unmitigated = new LinkedHashSet<>();
for (Set<ALeaf> set : attackALeafMap.values()) {
for (ALeaf aleaf : set) {
if (!aleaf.isMitigated()) {
unmitigated.add(aleaf);
}
}
}
// raw attacks without corresponding defenses
for (ALeaf aleaf : unmitigated) {
System.out.println("Warning: Unmitigated attack: " + aleaf.getAttack().toString());
}
// connect the defense condition to its corresponding dleaf
for (DCondition dcond : dconditions) {
Optional<DLeaf.ComponentDefense> compDef = factory.lookup(dcond.defenseCond.getAttackable().getParentName(), dcond.defenseCond.getDefenseProperty());
if (compDef.isPresent()) {
dcond.setCompDef(compDef.get());
} else {
// This means that the defense isn't part of the attack-defense tree,
// so we need to create a dleaf (which implicitly creates an SMT variable)
// for it so that the DAL can get forced down to zero if necessary
// TODO this doesn't actually work. This is the screwy case that we need to fix.
DLeaf dleaf = new DLeaf(dcond.defenseCond.getAttackable().getParentName(), dcond.defenseCond.getDefenseProperty(), "", dcond.defenseCond.getImplDal(), 0, costModel, factory, usePartialSolution, meritAssignment);
dcond.setCompDef(dleaf.componentDefense);
}
}
// important to call prepare - collapses nested NOTs and removes unmitigated raw attack
// leaves
Optional<DTree> prepared = result.prepare();
return prepared.orElse(new DOr(Collections.emptyList()));
}
}
Also used :
LinkedHashSet(java.util.LinkedHashSet)
DLeaf(com.ge.verdict.synthesis.dtree.DLeaf)
DTree(com.ge.verdict.synthesis.dtree.DTree)
ADTree(com.ge.verdict.attackdefensecollector.adtree.ADTree)
ADOr(com.ge.verdict.attackdefensecollector.adtree.ADOr)
DOr(com.ge.verdict.synthesis.dtree.DOr)
ALeaf(com.ge.verdict.synthesis.dtree.ALeaf)
DCondition(com.ge.verdict.synthesis.dtree.DCondition)
Defense(com.ge.verdict.attackdefensecollector.adtree.Defense)
Example 5 with DOr
use of com.ge.verdict.synthesis.dtree.DOr in project VERDICT by ge-high-assurance.
the class DTreeConstructor method constructInternal.
/**
* Inductively-defined function over attack-defense trees.
*
* <p>The mapping from attack-defense tree to defense tree is pretty straightforward. One of the
* most important things to note is that AND and OR nodes are transposed in the transformation
* because they mean opposite things in a defense tree compared to an attack-defense tree. (An
* attack-defense tree is "how to attack", whereas a defense tree is "how to defend".)
*
* @param adtree
* @return
*/
private Optional<DTree> constructInternal(ADTree adtree) {
if (adtree instanceof Attack) {
Attack attack = (Attack) adtree;
ALeaf aleaf = new ALeaf(attack);
// keep track of all attack leaves
if (!attackALeafMap.containsKey(attack)) {
attackALeafMap.put(attack, new LinkedHashSet<>());
}
attackALeafMap.get(attack).add(aleaf);
return Optional.of(aleaf);
} else if (adtree instanceof Defense) {
Defense defense = (Defense) adtree;
defenses.add(defense);
return Optional.of(new DNot(constructDefenseTree(defense)));
} else if (adtree instanceof ADAnd) {
ADAnd adand = (ADAnd) adtree;
// Transpose and/or
return Optional.of(new DOr(adand.children().stream().map(this::constructInternal).flatMap(elem -> elem.isPresent() ? Stream.of(elem.get()) : Stream.empty()).collect(Collectors.toList())));
} else if (adtree instanceof ADOr) {
ADOr ador = (ADOr) adtree;
// Transpose and/or
return Optional.of(new DAnd(ador.children().stream().map(this::constructInternal).flatMap(elem -> elem.isPresent() ? Stream.of(elem.get()) : Stream.empty()).collect(Collectors.toList())));
} else if (adtree instanceof ADNot) {
ADNot adnot = (ADNot) adtree;
return constructInternal(adnot.child()).map(DNot::new);
} else if (adtree instanceof DefenseCondition) {
DCondition dcond = new DCondition((DefenseCondition) adtree);
dconditions.add(dcond);
return Optional.of(dcond);
} else {
throw new RuntimeException("got invalid adtree type: " + adtree.getClass().getCanonicalName());
}
}
Also used :
DCondition(com.ge.verdict.synthesis.dtree.DCondition)
ADOr(com.ge.verdict.attackdefensecollector.adtree.ADOr)
DefenseCondition(com.ge.verdict.attackdefensecollector.adtree.DefenseCondition)
ArrayList(java.util.ArrayList)
Attack(com.ge.verdict.attackdefensecollector.adtree.Attack)
LinkedHashMap(java.util.LinkedHashMap)
Defense(com.ge.verdict.attackdefensecollector.adtree.Defense)
Map(java.util.Map)
DTree(com.ge.verdict.synthesis.dtree.DTree)
ADTree(com.ge.verdict.attackdefensecollector.adtree.ADTree)
LinkedHashSet(java.util.LinkedHashSet)
DLeaf(com.ge.verdict.synthesis.dtree.DLeaf)
DNot(com.ge.verdict.synthesis.dtree.DNot)
AttackDefenseCollector(com.ge.verdict.attackdefensecollector.AttackDefenseCollector)
Set(java.util.Set)
Collectors(java.util.stream.Collectors)
ALeaf(com.ge.verdict.synthesis.dtree.ALeaf)
ADAnd(com.ge.verdict.attackdefensecollector.adtree.ADAnd)
List(java.util.List)
Stream(java.util.stream.Stream)
Optional(java.util.Optional)
DAnd(com.ge.verdict.synthesis.dtree.DAnd)
DOr(com.ge.verdict.synthesis.dtree.DOr)
Collections(java.util.Collections)
ADNot(com.ge.verdict.attackdefensecollector.adtree.ADNot)
ADNot(com.ge.verdict.attackdefensecollector.adtree.ADNot)
ADOr(com.ge.verdict.attackdefensecollector.adtree.ADOr)
DOr(com.ge.verdict.synthesis.dtree.DOr)
ALeaf(com.ge.verdict.synthesis.dtree.ALeaf)
ADAnd(com.ge.verdict.attackdefensecollector.adtree.ADAnd)
DCondition(com.ge.verdict.synthesis.dtree.DCondition)
Attack(com.ge.verdict.attackdefensecollector.adtree.Attack)
ADAnd(com.ge.verdict.attackdefensecollector.adtree.ADAnd)
DAnd(com.ge.verdict.synthesis.dtree.DAnd)
Defense(com.ge.verdict.attackdefensecollector.adtree.Defense)
DNot(com.ge.verdict.synthesis.dtree.DNot)
ADNot(com.ge.verdict.attackdefensecollector.adtree.ADNot)
ADOr(com.ge.verdict.attackdefensecollector.adtree.ADOr)
DefenseCondition(com.ge.verdict.attackdefensecollector.adtree.DefenseCondition)
Aggregations
ADOr (com.ge.verdict.attackdefensecollector.adtree.ADOr)10
ADTree (com.ge.verdict.attackdefensecollector.adtree.ADTree)10
DLeaf (com.ge.verdict.synthesis.dtree.DLeaf)10
DOr (com.ge.verdict.synthesis.dtree.DOr)10
DTree (com.ge.verdict.synthesis.dtree.DTree)10
ADAnd (com.ge.verdict.attackdefensecollector.adtree.ADAnd)7
DAnd (com.ge.verdict.synthesis.dtree.DAnd)7
Fraction (org.apache.commons.math3.fraction.Fraction)7
Test (org.junit.Test)7
ADNot (com.ge.verdict.attackdefensecollector.adtree.ADNot)6
Attack (com.ge.verdict.attackdefensecollector.adtree.Attack)6
Defense (com.ge.verdict.attackdefensecollector.adtree.Defense)6
SystemModel (com.ge.verdict.attackdefensecollector.model.SystemModel)5
ALeaf (com.ge.verdict.synthesis.dtree.ALeaf)4
File (java.io.File)4
AttackDefenseCollector (com.ge.verdict.attackdefensecollector.AttackDefenseCollector)2
DCondition (com.ge.verdict.synthesis.dtree.DCondition)2
ComponentDefense (com.ge.verdict.synthesis.dtree.DLeaf.ComponentDefense)2
DNot (com.ge.verdict.synthesis.dtree.DNot)2
Pair (com.ge.verdict.synthesis.util.Pair)2
