Search in sources :

Example 1 with GenericAttribute

use of verdict.vdm.vdm_data.GenericAttribute in project VERDICT by ge-high-assurance.

the class Vdm2Csv method preprocessCompImpls.

private void preprocessCompImpls(List<ComponentImpl> compImpls, String scenario, Map<String, HashSet<String>> propToConnections, Map<String, HashMap<String, String>> connectionAttributesMap, Map<String, String> compToCompImpl, Map<String, HashSet<String>> propToCompInsts, Map<String, HashMap<String, String>> compInstAttributesMap, Map<String, List<ConnectionEnd>> connectionDestToSourceMap) {
    for (ComponentImpl compImpl : compImpls) {
        if (compImpl.getBlockImpl() != null) {
            // process connections
            List<verdict.vdm.vdm_model.Connection> compConnections = compImpl.getBlockImpl().getConnection();
            for (verdict.vdm.vdm_model.Connection compConnection1 : compConnections) {
                // -- Get all property names associated with connections --> need it for headers in connections csv
                // -- Create a property name to set of connections with that property mapping
                List<GenericAttribute> connectionAttributes = compConnection1.getAttribute();
                for (GenericAttribute connectionAttribute : connectionAttributes) {
                    if (propToConnections.containsKey(connectionAttribute.getName())) {
                        String PropName = connectionAttribute.getName();
                        HashSet<String> propToConnection = propToConnections.get(PropName);
                        propToConnection.add(compConnection1.getName());
                        propToConnections.replace(PropName, propToConnection);
                    } else {
                        HashSet<String> propToConnection = new HashSet<>();
                        propToConnection.add(compConnection1.getName());
                        propToConnections.put(connectionAttribute.getName(), propToConnection);
                    }
                }
                // -- Create a map of connections that have a data-port as destination rather than subcomponent.data-port
                // this will be used for populating Missions Table
                verdict.vdm.vdm_model.ConnectionEnd dest = compConnection1.getDestination();
                if (dest.getComponentPort() != null) {
                    String destName = dest.getComponentPort().getName();
                    if (connectionDestToSourceMap.containsKey(destName)) {
                        List<ConnectionEnd> sources = connectionDestToSourceMap.get(destName);
                        sources.add(compConnection1.getSource());
                        connectionDestToSourceMap.replace(destName, sources);
                    } else {
                        List<ConnectionEnd> sources = new ArrayList<>();
                        sources.add(compConnection1.getSource());
                        connectionDestToSourceMap.put(destName, sources);
                    }
                }
                // --- Update connection attributes/properties map
                HashMap<String, String> connAttributes = new HashMap<>();
                List<GenericAttribute> connAttributesList = compConnection1.getAttribute();
                for (GenericAttribute attr : connAttributesList) {
                    connAttributes.put(attr.getName(), attr.getValue().toString());
                }
                connectionAttributesMap.put(compConnection1.getName(), connAttributes);
            }
            // --process component instances
            List<verdict.vdm.vdm_model.ComponentInstance> compInstances = compImpl.getBlockImpl().getSubcomponent();
            for (verdict.vdm.vdm_model.ComponentInstance compInst : compInstances) {
                List<GenericAttribute> compInstAttributesList = compInst.getAttribute();
                HashMap<String, String> compInstAttributes = new HashMap<>();
                for (GenericAttribute attr : compInstAttributesList) {
                    // --update attribute to attribute value mapping for each component attribute
                    compInstAttributes.put(attr.getName(), attr.getValue().toString());
                    // -- Create a property name to set of components with that property mapping
                    if (propToCompInsts.containsKey(attr.getName())) {
                        String PropName = attr.getName();
                        HashSet<String> propToCompInst = propToCompInsts.get(PropName);
                        propToCompInst.add(compInst.getId());
                        propToCompInsts.replace(PropName, propToCompInst);
                    } else {
                        HashSet<String> propToCompInst = new HashSet<>();
                        propToCompInst.add(compInst.getId());
                        propToCompInsts.put(attr.getName(), propToCompInst);
                    }
                }
                // Update component instances to attributes/properties map
                compInstAttributesMap.put(compInst.getId(), compInstAttributes);
            }
            // -- Create component to component-implementation mapping
            compToCompImpl.put(compImpl.getType().getName(), compImpl.getName());
        }
    }
}
Also used : HashMap(java.util.HashMap) GenericAttribute(verdict.vdm.vdm_data.GenericAttribute) ArrayList(java.util.ArrayList) ComponentInstance(verdict.vdm.vdm_model.ComponentInstance) ComponentImpl(verdict.vdm.vdm_model.ComponentImpl) ComponentInstance(verdict.vdm.vdm_model.ComponentInstance) ConnectionEnd(verdict.vdm.vdm_model.ConnectionEnd) ConnectionEnd(verdict.vdm.vdm_model.ConnectionEnd) HashSet(java.util.HashSet)

Example 2 with GenericAttribute

use of verdict.vdm.vdm_data.GenericAttribute in project VERDICT by ge-high-assurance.

the class Instrumentor method softwareVirus.

// SV:
// - Select components c in the model M such that:
// c.ComponentType = 'Software' v c.ComponentType = 'Hybrid' & c.Manufacturer =
// 'ThirdParty'
// & \exists ch\in M. p\in InputPort(c). ch = p.channel & ch.Connectin-Type =
// Remote
@Override
public void softwareVirus(HashSet<ComponentType> vdm_components) {
    try {
        HashSet<String> components = new HashSet<String>();
        HashSet<String> svComponentTypeSet = new HashSet<String>(Arrays.asList("software", "swhwhybrid", "swhumanhybrid", "hybrid"));
        BlockImpl blockImpl = null;
        for (ComponentImpl componentImpl : vdm_model.getComponentImpl()) {
            blockImpl = componentImpl.getBlockImpl();
            // BlockImpl
            if (blockImpl != null) {
                ComponentType componentType = componentImpl.getType();
                for (ComponentInstance componentInstance : blockImpl.getSubcomponent()) {
                    componentType = componentInstance.getSpecification();
                    ComponentImpl subcomponentImpl = componentInstance.getImplementation();
                    // Option 1) Specification
                    if (componentType != null) {
                    } else // Option 2) Implementation
                    if (subcomponentImpl != null) {
                        componentType = subcomponentImpl.getType();
                    }
                    List<GenericAttribute> attributeList = componentInstance.getAttribute();
                    GenericAttribute componentKindAttribute = getAttributeByName(attributeList, "ComponentType", componentInstance.getName());
                    GenericAttribute staticCodeAnalysisAttribute = getAttributeByName(attributeList, "StaticCodeAnalysis", componentInstance.getName());
                    GenericAttribute inputValidationAttribute = getAttributeByName(attributeList, "InputValidation", componentInstance.getName());
                    GenericAttribute memoryProtectionAttribute = getAttributeByName(attributeList, "MemoryProtection", componentInstance.getName());
                    GenericAttribute secureBootAttribute = getAttributeByName(attributeList, "SecureBoot", componentInstance.getName());
                    String componentKind = componentKindAttribute.getValue().toString().toLowerCase();
                    int staticCodeAnalysis = Integer.parseInt(staticCodeAnalysisAttribute.getValue().toString());
                    int inputValidation = Integer.parseInt(inputValidationAttribute.getValue().toString());
                    int memoryProtection = Integer.parseInt(memoryProtectionAttribute.getValue().toString());
                    int secureBoot = Integer.parseInt(secureBootAttribute.getValue().toString());
                    if (svComponentTypeSet.contains(componentKind.toLowerCase()) && (staticCodeAnalysis == 0 || inputValidation == 0 || memoryProtection == 0 || secureBoot == 0)) {
                        Boolean hasEligibleIncomingChannels = false;
                        for (Port port : componentType.getPort()) {
                            PortMode mode = port.getMode();
                            if (mode == PortMode.IN) {
                                for (Connection connection : blockImpl.getConnection()) {
                                    if (connection.getDestination().getSubcomponentPort() != null) {
                                        if (connection.getDestination().getSubcomponentPort().getPort() == port) {
                                            Boolean scInsideTrustedBoundary;
                                            String scComponentKind;
                                            String scPedigree;
                                            int scStrongCryptoAlgorithms;
                                            int scSupplyChainSecurity;
                                            int scTamperProtection;
                                            if (connection.getSource().getSubcomponentPort() != null) {
                                                ComponentInstance sourceComponent = connection.getSource().getSubcomponentPort().getSubcomponent();
                                                List<GenericAttribute> sourceComponentAttributeList = sourceComponent.getAttribute();
                                                GenericAttribute sourceComponentInsideTrustedBoundaryAttribute = getAttributeByName(sourceComponentAttributeList, "InsideTrustedBoundary", sourceComponent.getName());
                                                GenericAttribute sourceComponentComponentKindAttribute = getAttributeByName(sourceComponentAttributeList, "ComponentType", sourceComponent.getName());
                                                GenericAttribute sourceComponentPedigreeAttribute = getAttributeByName(sourceComponentAttributeList, "Pedigree", sourceComponent.getName());
                                                GenericAttribute sourceComponentStrongCryptoAlgorithmsAttribute = getAttributeByName(sourceComponentAttributeList, "StrongCryptoAlgorithms", sourceComponent.getName());
                                                GenericAttribute sourceComponentSupplyChainSecurityAttribute = getAttributeByName(sourceComponentAttributeList, "SupplyChainSecurity", sourceComponent.getName());
                                                GenericAttribute sourceComponentTamperProtectionAttribute = getAttributeByName(sourceComponentAttributeList, "TamperProtection", sourceComponent.getName());
                                                scInsideTrustedBoundary = Boolean.parseBoolean(sourceComponentInsideTrustedBoundaryAttribute.getValue().toString());
                                                scComponentKind = sourceComponentComponentKindAttribute.getValue().toString().toLowerCase();
                                                scPedigree = sourceComponentPedigreeAttribute.getValue().toString().toLowerCase();
                                                scStrongCryptoAlgorithms = Integer.parseInt(sourceComponentStrongCryptoAlgorithmsAttribute.getValue().toString());
                                                scSupplyChainSecurity = Integer.parseInt(sourceComponentSupplyChainSecurityAttribute.getValue().toString());
                                                scTamperProtection = Integer.parseInt(sourceComponentTamperProtectionAttribute.getValue().toString());
                                            } else {
                                                scInsideTrustedBoundary = true;
                                                scComponentKind = "";
                                                scPedigree = "";
                                                scStrongCryptoAlgorithms = -1;
                                                scSupplyChainSecurity = -1;
                                                scTamperProtection = -1;
                                            }
                                            List<GenericAttribute> connectionAttributeList = connection.getAttribute();
                                            GenericAttribute connectionTypeAttribute = getAttributeByName(connectionAttributeList, "ConnectionType", connection.getName());
                                            GenericAttribute deviceAuthenticationAttribute = getAttributeByName(connectionAttributeList, "DeviceAuthentication", connection.getName());
                                            GenericAttribute sessionAuthenticityAttribute = getAttributeByName(connectionAttributeList, "SessionAuthenticity", connection.getName());
                                            String connectionType = connectionTypeAttribute.getValue().toString().toLowerCase();
                                            int deviceAuthentication = Integer.parseInt(deviceAuthenticationAttribute.getValue().toString());
                                            int sessionAuthenticity = Integer.parseInt(sessionAuthenticityAttribute.getValue().toString());
                                            if ((!scInsideTrustedBoundary || connectionType.equalsIgnoreCase("untrusted")) && !scComponentKind.equalsIgnoreCase("hardware") && ((scPedigree.equalsIgnoreCase("cots") || (scPedigree.equalsIgnoreCase("sourced") && scSupplyChainSecurity == 0 && scTamperProtection == 0)) || ((deviceAuthentication == 0 && sessionAuthenticity == 0) || scStrongCryptoAlgorithms == 0))) {
                                                hasEligibleIncomingChannels = true;
                                            }
                                            break;
                                        }
                                    }
                                }
                            }
                            if (hasEligibleIncomingChannels) {
                                break;
                            }
                        }
                        if (hasEligibleIncomingChannels) {
                            vdm_components.add(componentType);
                            components.add(componentType.getId());
                        }
                    }
                }
            }
        }
        this.attack_cmp_link_map.put("SV", components);
    } catch (CRVException e) {
        System.out.println("\tCRV Error " + e.getCode() + " " + e.getMessage());
    }
}
Also used : BlockImpl(verdict.vdm.vdm_model.BlockImpl) ComponentType(verdict.vdm.vdm_model.ComponentType) PortMode(verdict.vdm.vdm_model.PortMode) CompInstancePort(verdict.vdm.vdm_model.CompInstancePort) Port(verdict.vdm.vdm_model.Port) GenericAttribute(verdict.vdm.vdm_data.GenericAttribute) Connection(verdict.vdm.vdm_model.Connection) ComponentImpl(verdict.vdm.vdm_model.ComponentImpl) ComponentInstance(verdict.vdm.vdm_model.ComponentInstance) HashSet(java.util.HashSet)

Example 3 with GenericAttribute

use of verdict.vdm.vdm_data.GenericAttribute in project VERDICT by ge-high-assurance.

the class Instrumentor method networkInjection.

// NI:
// - Select all channels ch in the model M such that:
// ch.ConnectionType = Remote & ch.Connection-Encrypted = False &
// ch.Connection-Authentication = False
// 
// - Select all channels ch in CH such that:
// (ch.start.insideTrustedBoundary = false and ch.connectionType = Remote)
// and ((ch.deviceAuthentication = 0 and ch.sessionAuthenticity = 0) or
// ch.start.strongCryptoAlgorithms = 0)
@Override
public void networkInjection(HashSet<Connection> vdm_links) {
    try {
        HashSet<String> links = new HashSet<String>();
        BlockImpl blockImpl = null;
        for (ComponentImpl componentImpl : vdm_model.getComponentImpl()) {
            blockImpl = componentImpl.getBlockImpl();
            // BlockImpl
            if (blockImpl != null) {
                // Selection channels (Authentication = OFF & DataEncrypted = OFF)
                for (Connection connection : blockImpl.getConnection()) {
                    boolean insideTrustedBoundary;
                    int strongCryptoAlgorithms;
                    if (connection.getSource().getSubcomponentPort() != null) {
                        ComponentInstance sourceComponent = connection.getSource().getSubcomponentPort().getSubcomponent();
                        List<GenericAttribute> sourceComponentAttributeList = sourceComponent.getAttribute();
                        GenericAttribute insideTrustedBoundaryAttribute = getAttributeByName(sourceComponentAttributeList, "InsideTrustedBoundary", sourceComponent.getName());
                        GenericAttribute strongCryptoAlgorithmsAttribute = getAttributeByName(sourceComponentAttributeList, "StrongCryptoAlgorithms", sourceComponent.getName());
                        insideTrustedBoundary = Boolean.parseBoolean(insideTrustedBoundaryAttribute.getValue().toString());
                        strongCryptoAlgorithms = Integer.parseInt(strongCryptoAlgorithmsAttribute.getValue().toString());
                    } else {
                        insideTrustedBoundary = true;
                        strongCryptoAlgorithms = 1;
                    }
                    List<GenericAttribute> connectionAttributeList = connection.getAttribute();
                    GenericAttribute connectionTypeAttribute = getAttributeByName(connectionAttributeList, "ConnectionType", connection.getName());
                    GenericAttribute deviceAuthenticationAttribute = getAttributeByName(connectionAttributeList, "DeviceAuthentication", connection.getName());
                    GenericAttribute sessionAuthenticityAttribute = getAttributeByName(connectionAttributeList, "SessionAuthenticity", connection.getName());
                    String connectionType = connectionTypeAttribute.getValue().toString().toLowerCase();
                    int deviceAuthentication = Integer.parseInt(deviceAuthenticationAttribute.getValue().toString());
                    int sessionAuthenticity = Integer.parseInt(sessionAuthenticityAttribute.getValue().toString());
                    if ((!insideTrustedBoundary || connectionType.equalsIgnoreCase("untrusted")) && ((deviceAuthentication == 0 && sessionAuthenticity == 0) || strongCryptoAlgorithms == 0)) {
                        vdm_links.add(connection);
                        links.add(connection.getName());
                    }
                }
            }
        }
        for (Connection con : vdm_links) {
            if (!isProbePort(con)) {
                links.addAll(get_ports(con));
            }
        }
        this.attack_cmp_link_map.put("NI", links);
    } catch (CRVException e) {
        System.out.println("\tCRV Error " + e.getCode() + " " + e.getMessage());
    }
}
Also used : BlockImpl(verdict.vdm.vdm_model.BlockImpl) Connection(verdict.vdm.vdm_model.Connection) ComponentInstance(verdict.vdm.vdm_model.ComponentInstance) GenericAttribute(verdict.vdm.vdm_data.GenericAttribute) ComponentImpl(verdict.vdm.vdm_model.ComponentImpl) HashSet(java.util.HashSet)

Example 4 with GenericAttribute

use of verdict.vdm.vdm_data.GenericAttribute in project VERDICT by ge-high-assurance.

the class Instrumentor method outsiderThreat.

// OT
// - Select all components c in C such that:
// c.componentType is in {Human, SwHumanHybrid, Hybrid, HwHumanHybrid}
// and c.insideTrustBoundary = false and c.physicalAccessControl = 0
// and (c.logging = 0 and (c.systemAccessControl = 0 and c.userAuthentication = 0))
@Override
public void outsiderThreat(HashSet<ComponentType> vdm_components) {
    try {
        HashSet<String> components = new HashSet<String>();
        HashSet<String> otComponentTypeSet = new HashSet<String>(Arrays.asList("human", "swhumanhybrid", "hwhumanhybrid", "hybrid"));
        BlockImpl blockImpl = null;
        for (ComponentImpl componentImpl : vdm_model.getComponentImpl()) {
            blockImpl = componentImpl.getBlockImpl();
            // BlockImpl
            if (blockImpl != null) {
                ComponentType componentType = componentImpl.getType();
                for (ComponentInstance componentInstance : blockImpl.getSubcomponent()) {
                    componentType = getType(componentInstance);
                    List<GenericAttribute> attributeList = componentInstance.getAttribute();
                    GenericAttribute componentKindAttribute = getAttributeByName(attributeList, "ComponentType", componentInstance.getName());
                    GenericAttribute insideTrustedBoundaryAttribute = getAttributeByName(attributeList, "InsideTrustedBoundary", componentInstance.getName());
                    GenericAttribute physicalAccessControlAttribute = getAttributeByName(attributeList, "PhysicalAccessControl", componentInstance.getName());
                    GenericAttribute loggingAttribute = getAttributeByName(attributeList, "Logging", componentInstance.getName());
                    GenericAttribute systemAccessControlAttribute = getAttributeByName(attributeList, "SystemAccessControl", componentInstance.getName());
                    GenericAttribute userAuthenticationAttribute = getAttributeByName(attributeList, "UserAuthentication", componentInstance.getName());
                    String componentKind = componentKindAttribute.getValue().toString().toLowerCase();
                    Boolean insideTrustedBoundary = Boolean.parseBoolean(insideTrustedBoundaryAttribute.getValue().toString());
                    int physicalAccessControl = Integer.parseInt(physicalAccessControlAttribute.getValue().toString());
                    int logging = Integer.parseInt(loggingAttribute.getValue().toString());
                    int systemAccessControl = Integer.parseInt(systemAccessControlAttribute.getValue().toString());
                    int userAuthentication = Integer.parseInt(userAuthenticationAttribute.getValue().toString());
                    if (otComponentTypeSet.contains(componentKind) && !insideTrustedBoundary && physicalAccessControl == 0 && (logging == 0 && (systemAccessControl == 0 || userAuthentication == 0))) {
                        // Store component
                        vdm_components.add(componentType);
                        components.add(componentType.getId());
                    // instrument_component(componentType, blockImpl);
                    }
                }
            }
        }
        this.attack_cmp_link_map.put("OT", components);
    } catch (CRVException e) {
        System.out.println("\tCRV Error " + e.getCode() + " " + e.getMessage());
    }
}
Also used : BlockImpl(verdict.vdm.vdm_model.BlockImpl) ComponentType(verdict.vdm.vdm_model.ComponentType) ComponentInstance(verdict.vdm.vdm_model.ComponentInstance) GenericAttribute(verdict.vdm.vdm_data.GenericAttribute) ComponentImpl(verdict.vdm.vdm_model.ComponentImpl) HashSet(java.util.HashSet)

Example 5 with GenericAttribute

use of verdict.vdm.vdm_data.GenericAttribute in project VERDICT by ge-high-assurance.

the class Instrumentor method locationSpoofing.

// LS:
// - Select all components c in C such that:
// c.category = GPS or c.category = IMU or c.category = LIDAR or c.category = LOCATION_DEVICE
@Override
public void locationSpoofing(HashSet<ComponentType> vdm_components) {
    try {
        HashSet<String> components = new HashSet<String>();
        HashSet<String> locIdentificationDeviceSet = new HashSet<String>(Arrays.asList("gps", "dme_vor", "iru", "lidar", "imu"));
        BlockImpl blockImpl = null;
        for (ComponentImpl componentImpl : vdm_model.getComponentImpl()) {
            blockImpl = componentImpl.getBlockImpl();
            // BlockImpl
            if (blockImpl != null) {
                ComponentType componentType = componentImpl.getType();
                for (ComponentInstance componentInstance : blockImpl.getSubcomponent()) {
                    componentType = componentInstance.getSpecification();
                    ComponentImpl subcomponentImpl = componentInstance.getImplementation();
                    // Option 1) Specification
                    if (componentType != null) {
                    } else // Option 2) Implementation
                    if (subcomponentImpl != null) {
                        componentType = subcomponentImpl.getType();
                    }
                    List<GenericAttribute> attributeList = componentInstance.getAttribute();
                    GenericAttribute componentCategoryAttribute = getAttributeByName(attributeList, "Category", componentInstance.getName());
                    String componentCategory = componentCategoryAttribute.getValue().toString();
                    if (locIdentificationDeviceSet.contains(componentCategory.toLowerCase())) {
                        vdm_components.add(componentType);
                        components.add(componentType.getId());
                    }
                }
            }
        }
        this.attack_cmp_link_map.put("LS", components);
    } catch (CRVException e) {
        System.out.println("\tCRV Error " + e.getCode() + " " + e.getMessage());
    }
}
Also used : BlockImpl(verdict.vdm.vdm_model.BlockImpl) ComponentType(verdict.vdm.vdm_model.ComponentType) ComponentInstance(verdict.vdm.vdm_model.ComponentInstance) GenericAttribute(verdict.vdm.vdm_data.GenericAttribute) ComponentImpl(verdict.vdm.vdm_model.ComponentImpl) HashSet(java.util.HashSet)

Aggregations

HashSet (java.util.HashSet)9 GenericAttribute (verdict.vdm.vdm_data.GenericAttribute)9 ComponentImpl (verdict.vdm.vdm_model.ComponentImpl)9 ComponentInstance (verdict.vdm.vdm_model.ComponentInstance)9 BlockImpl (verdict.vdm.vdm_model.BlockImpl)8 ComponentType (verdict.vdm.vdm_model.ComponentType)7 Connection (verdict.vdm.vdm_model.Connection)3 CompInstancePort (verdict.vdm.vdm_model.CompInstancePort)2 Port (verdict.vdm.vdm_model.Port)2 PortMode (verdict.vdm.vdm_model.PortMode)2 ArrayList (java.util.ArrayList)1 HashMap (java.util.HashMap)1 ConnectionEnd (verdict.vdm.vdm_model.ConnectionEnd)1