use of verdict.vdm.vdm_model.BlockImpl in project VERDICT by ge-high-assurance.
the class Instrumentor method hardwareTrojan.
// HT
// - Select all components c in C such that:
// c.ComponentKind is in {Hardware, SwHwHybrid, HwHumanHybrid, Hybrid}
// and c.adversariallyTestedForTrojanOrLogicBomb = 0
// and (c.pedigree = COTS or (c.pedigree = Sourced and c.supplyChainSecurity = 0 and
// c.tamperProtection = 0))
@Override
public void hardwareTrojan(HashSet<ComponentType> vdm_components) {
try {
HashSet<String> components = new HashSet<String>();
HashSet<String> htComponentTypeSet = new HashSet<String>(Arrays.asList("hardware", "swhwhybrid", "hwhumanhybrid", "hybrid"));
BlockImpl blockImpl = null;
for (ComponentImpl componentImpl : vdm_model.getComponentImpl()) {
blockImpl = componentImpl.getBlockImpl();
// BlockImpl
if (blockImpl != null) {
ComponentType componentType = componentImpl.getType();
for (ComponentInstance componentInstance : blockImpl.getSubcomponent()) {
componentType = getType(componentInstance);
List<GenericAttribute> attributeList = componentInstance.getAttribute();
GenericAttribute componentKindAttribute = getAttributeByName(attributeList, "ComponentType", componentInstance.getName());
GenericAttribute adversariallyTestedForTrojanOrLogicBombAttribute = getAttributeByName(attributeList, "AdversariallyTestedForTrojanOrLogicBomb", componentInstance.getName());
GenericAttribute pedigreeAttribute = getAttributeByName(attributeList, "Pedigree", componentInstance.getName());
GenericAttribute supplyChainSecurityAttribute = getAttributeByName(attributeList, "SupplyChainSecurity", componentInstance.getName());
GenericAttribute tamperProtectionAttribute = getAttributeByName(attributeList, "TamperProtection", componentInstance.getName());
String componentKind = componentKindAttribute.getValue().toString().toLowerCase();
int adversariallyTestedForTrojanOrLogicBomb = Integer.parseInt(adversariallyTestedForTrojanOrLogicBombAttribute.getValue().toString());
String pedigree = pedigreeAttribute.getValue().toString().toLowerCase();
int supplyChainSecurity = Integer.parseInt(supplyChainSecurityAttribute.getValue().toString());
int tamperProtection = Integer.parseInt(tamperProtectionAttribute.getValue().toString());
if (htComponentTypeSet.contains(componentKind) && adversariallyTestedForTrojanOrLogicBomb == 0 && (pedigree.equalsIgnoreCase("cots") || (pedigree.equalsIgnoreCase("sourced") && supplyChainSecurity == 0 && tamperProtection == 0))) {
// Store component
vdm_components.add(componentType);
components.add(componentType.getId());
// instrument_component(componentType, blockImpl);
}
}
}
}
this.attack_cmp_link_map.put("HT", components);
} catch (CRVException e) {
System.out.println("\tCRV Error " + e.getCode() + " " + e.getMessage());
}
}
use of verdict.vdm.vdm_model.BlockImpl in project VERDICT by ge-high-assurance.
the class Instrumentor method insiderThreat.
// IT
// - Select all components c in C such that:
// c.componentType in {Human, SwHumanHybrid, HwHumanHybrid, Hybrid}
// and c.insideTrustBoundary = true
// and (c.logging = 0 and (c.systemAccessControl = 0 or c.userAuthentication = 0))
@Override
public void insiderThreat(HashSet<ComponentType> vdm_components) {
try {
HashSet<String> components = new HashSet<String>();
HashSet<String> itComponentTypeSet = new HashSet<String>(Arrays.asList("human", "swhumanhybrid", "hwhumanhybrid", "hybrid"));
BlockImpl blockImpl = null;
for (ComponentImpl componentImpl : vdm_model.getComponentImpl()) {
blockImpl = componentImpl.getBlockImpl();
// BlockImpl
if (blockImpl != null) {
ComponentType componentType = componentImpl.getType();
for (ComponentInstance componentInstance : blockImpl.getSubcomponent()) {
componentType = getType(componentInstance);
List<GenericAttribute> attributeList = componentInstance.getAttribute();
GenericAttribute componentKindAttribute = getAttributeByName(attributeList, "ComponentType", componentInstance.getName());
GenericAttribute insideTrustedBoundaryAttribute = getAttributeByName(attributeList, "InsideTrustedBoundary", componentInstance.getName());
GenericAttribute loggingAttribute = getAttributeByName(attributeList, "Logging", componentInstance.getName());
GenericAttribute systemAccessControlAttribute = getAttributeByName(attributeList, "SystemAccessControl", componentInstance.getName());
GenericAttribute userAuthenticationAttribute = getAttributeByName(attributeList, "UserAuthentication", componentInstance.getName());
String componentKind = componentKindAttribute.getValue().toString().toLowerCase();
Boolean insideTrustedBoundary = Boolean.parseBoolean(insideTrustedBoundaryAttribute.getValue().toString());
int logging = Integer.parseInt(loggingAttribute.getValue().toString());
int systemAccessControl = Integer.parseInt(systemAccessControlAttribute.getValue().toString());
int userAuthentication = Integer.parseInt(userAuthenticationAttribute.getValue().toString());
if (itComponentTypeSet.contains(componentKind) && insideTrustedBoundary && (logging == 0 && (systemAccessControl == 0 || userAuthentication == 0))) {
// Store component
vdm_components.add(componentType);
components.add(componentType.getId());
// instrument_component(componentType, blockImpl);
}
}
}
}
this.attack_cmp_link_map.put("IT", components);
} catch (CRVException e) {
System.out.println("\tCRV Error " + e.getCode() + " " + e.getMessage());
}
}
use of verdict.vdm.vdm_model.BlockImpl in project VERDICT by ge-high-assurance.
the class Instrumentor method logicBomb.
// LB:
// - Select components c in C such that:
// c.ComponentType is in {Software, SwHwHybrid, SwHumanHybrid, Hybrid}
// and (c.pedigree = COTS and (c.pedigree = Sourced and c.supplyChainSecurity = 0 and
// c.tamperProtection = 0))
// and (c.adversariallyTestedForTrojanOrLogicBomb = 0 or C.staticCodeAnalysis = 0)
@Override
public void logicBomb(HashSet<ComponentType> vdm_components) {
try {
HashSet<String> components = new HashSet<String>();
HashSet<String> lbComponentTypeSet = new HashSet<String>(Arrays.asList("software", "swhwhybrid", "swhumanhybrid", "hybrid"));
BlockImpl blockImpl = null;
for (ComponentImpl componentImpl : vdm_model.getComponentImpl()) {
blockImpl = componentImpl.getBlockImpl();
// BlockImpl
if (blockImpl != null) {
ComponentType componentType = componentImpl.getType();
for (ComponentInstance componentInstance : blockImpl.getSubcomponent()) {
componentType = componentInstance.getSpecification();
ComponentImpl subcomponentImpl = componentInstance.getImplementation();
// Option 1) Specification
if (componentType != null) {
} else // Option 2) Implementation
if (subcomponentImpl != null) {
componentType = subcomponentImpl.getType();
}
List<GenericAttribute> attributeList = componentInstance.getAttribute();
GenericAttribute componentKindAttribute = getAttributeByName(attributeList, "ComponentType", componentInstance.getName());
GenericAttribute adversariallyTestedForTrojanOrLogicBombAttribute = getAttributeByName(attributeList, "AdversariallyTestedForTrojanOrLogicBomb", componentInstance.getName());
GenericAttribute pedigreeAttribute = getAttributeByName(attributeList, "Pedigree", componentInstance.getName());
GenericAttribute supplyChainSecurityAttribute = getAttributeByName(attributeList, "SupplyChainSecurity", componentInstance.getName());
GenericAttribute tamperProtectionAttribute = getAttributeByName(attributeList, "TamperProtection", componentInstance.getName());
GenericAttribute staticCodeAnalysisAttribute = getAttributeByName(attributeList, "StaticCodeAnalysis", componentInstance.getName());
String componentKind = componentKindAttribute.getValue().toString().toLowerCase();
int adversariallyTestedForTrojanOrLogicBomb = Integer.parseInt(adversariallyTestedForTrojanOrLogicBombAttribute.getValue().toString());
String pedigree = pedigreeAttribute.getValue().toString().toLowerCase();
int supplyChainSecurity = Integer.parseInt(supplyChainSecurityAttribute.getValue().toString());
int tamperProtection = Integer.parseInt(tamperProtectionAttribute.getValue().toString());
int staticCodeAnalysis = Integer.parseInt(staticCodeAnalysisAttribute.getValue().toString());
if (lbComponentTypeSet.contains(componentKind) && (pedigree.equalsIgnoreCase("cots") || (pedigree.equalsIgnoreCase("sourced") && supplyChainSecurity == 0 && tamperProtection == 0)) && (adversariallyTestedForTrojanOrLogicBomb == 0 || staticCodeAnalysis == 0)) {
// Store component
// if (!vdm_components.contains(componentType)) {
vdm_components.add(componentType);
components.add(componentType.getId());
// }
}
}
}
}
this.attack_cmp_link_map.put("LB", components);
} catch (CRVException e) {
System.out.println("\tCRV Error " + e.getCode() + " " + e.getMessage());
}
}
use of verdict.vdm.vdm_model.BlockImpl in project VERDICT by ge-high-assurance.
the class Instrumentor method remoteCodeInjection.
// Remote Code Injection:
// - Select components c in the model M such that:
// c.ComponentType = 'Software' v c.ComponentType = 'Hybrid'
// & \exists ch\in M. p\in InputPort(c). ch = p.channel & ch.Connectin-Type =
// Remote
@Override
public void remoteCodeInjection(HashSet<ComponentType> vdm_components) {
try {
HashSet<String> components = new HashSet<String>();
HashSet<String> rciComponentTypeSet = new HashSet<String>(Arrays.asList("software", "swhwhybrid", "swhumanhybrid", "hybrid"));
BlockImpl blockImpl = null;
for (ComponentImpl componentImpl : vdm_model.getComponentImpl()) {
blockImpl = componentImpl.getBlockImpl();
// BlockImpl
if (blockImpl != null) {
ComponentType componentType = componentImpl.getType();
for (ComponentInstance componentInstance : blockImpl.getSubcomponent()) {
componentType = componentInstance.getSpecification();
ComponentImpl subcomponentImpl = componentInstance.getImplementation();
// Option 1) Specification
if (componentType != null) {
} else // Option 2) Implementation
if (subcomponentImpl != null) {
componentType = subcomponentImpl.getType();
}
List<GenericAttribute> attributeList = componentInstance.getAttribute();
GenericAttribute componentKindAttribute = getAttributeByName(attributeList, "ComponentType", componentInstance.getName());
GenericAttribute staticCodeAnalysisAttribute = getAttributeByName(attributeList, "StaticCodeAnalysis", componentInstance.getName());
GenericAttribute inputValidationAttribute = getAttributeByName(attributeList, "InputValidation", componentInstance.getName());
GenericAttribute memoryProtectionAttribute = getAttributeByName(attributeList, "MemoryProtection", componentInstance.getName());
String componentKind = componentKindAttribute.getValue().toString().toLowerCase();
int staticCodeAnalysis = Integer.parseInt(staticCodeAnalysisAttribute.getValue().toString());
int inputValidation = Integer.parseInt(inputValidationAttribute.getValue().toString());
int memoryProtection = Integer.parseInt(memoryProtectionAttribute.getValue().toString());
if (rciComponentTypeSet.contains(componentKind.toLowerCase()) && (staticCodeAnalysis == 0 || inputValidation == 0 || memoryProtection == 0)) {
Boolean hasEligibleIncomingChannels = false;
for (Port port : componentType.getPort()) {
PortMode mode = port.getMode();
if (mode == PortMode.IN) {
for (Connection connection : blockImpl.getConnection()) {
if (connection.getDestination().getSubcomponentPort() != null) {
if (connection.getDestination().getSubcomponentPort().getPort() == port) {
Boolean scInsideTrustedBoundary;
String scComponentKind;
String scPedigree;
int scStrongCryptoAlgorithms;
int scSupplyChainSecurity;
int scTamperProtection;
if (connection.getSource().getSubcomponentPort() != null) {
ComponentInstance sourceComponent = connection.getSource().getSubcomponentPort().getSubcomponent();
List<GenericAttribute> sourceComponentAttributeList = sourceComponent.getAttribute();
GenericAttribute sourceComponentInsideTrustedBoundaryAttribute = getAttributeByName(sourceComponentAttributeList, "InsideTrustedBoundary", sourceComponent.getName());
GenericAttribute sourceComponentComponentKindAttribute = getAttributeByName(sourceComponentAttributeList, "ComponentType", sourceComponent.getName());
GenericAttribute sourceComponentPedigreeAttribute = getAttributeByName(sourceComponentAttributeList, "Pedigree", sourceComponent.getName());
GenericAttribute sourceComponentStrongCryptoAlgorithmsAttribute = getAttributeByName(sourceComponentAttributeList, "StrongCryptoAlgorithms", sourceComponent.getName());
GenericAttribute sourceComponentSupplyChainSecurityAttribute = getAttributeByName(sourceComponentAttributeList, "SupplyChainSecurity", sourceComponent.getName());
GenericAttribute sourceComponentTamperProtectionAttribute = getAttributeByName(sourceComponentAttributeList, "TamperProtection", sourceComponent.getName());
scInsideTrustedBoundary = Boolean.parseBoolean(sourceComponentInsideTrustedBoundaryAttribute.getValue().toString());
scComponentKind = sourceComponentComponentKindAttribute.getValue().toString().toLowerCase();
scPedigree = sourceComponentPedigreeAttribute.getValue().toString().toLowerCase();
scStrongCryptoAlgorithms = Integer.parseInt(sourceComponentStrongCryptoAlgorithmsAttribute.getValue().toString());
scSupplyChainSecurity = Integer.parseInt(sourceComponentSupplyChainSecurityAttribute.getValue().toString());
scTamperProtection = Integer.parseInt(sourceComponentTamperProtectionAttribute.getValue().toString());
} else {
scInsideTrustedBoundary = true;
scComponentKind = "";
scPedigree = "";
scStrongCryptoAlgorithms = -1;
scSupplyChainSecurity = -1;
scTamperProtection = -1;
}
List<GenericAttribute> connectionAttributeList = connection.getAttribute();
GenericAttribute connectionTypeAttribute = getAttributeByName(connectionAttributeList, "ConnectionType", connection.getName());
GenericAttribute deviceAuthenticationAttribute = getAttributeByName(connectionAttributeList, "DeviceAuthentication", connection.getName());
GenericAttribute sessionAuthenticityAttribute = getAttributeByName(connectionAttributeList, "SessionAuthenticity", connection.getName());
String connectionType = connectionTypeAttribute.getValue().toString().toLowerCase();
int deviceAuthentication = Integer.parseInt(deviceAuthenticationAttribute.getValue().toString());
int sessionAuthenticity = Integer.parseInt(sessionAuthenticityAttribute.getValue().toString());
if ((!scInsideTrustedBoundary || connectionType.equalsIgnoreCase("untrusted")) && !scComponentKind.equalsIgnoreCase("hardware") && ((scPedigree.equalsIgnoreCase("cots") || (scPedigree.equalsIgnoreCase("sourced") && scSupplyChainSecurity == 0 && scTamperProtection == 0)) || ((deviceAuthentication == 0 && sessionAuthenticity == 0) || scStrongCryptoAlgorithms == 0))) {
hasEligibleIncomingChannels = true;
}
break;
}
}
}
}
if (hasEligibleIncomingChannels) {
break;
}
}
if (hasEligibleIncomingChannels) {
vdm_components.add(componentType);
components.add(componentType.getId());
}
}
}
}
}
this.attack_cmp_link_map.put("RI", components);
} catch (CRVException e) {
System.out.println("CRV Error " + e.getCode() + e.getMessage());
}
}
use of verdict.vdm.vdm_model.BlockImpl in project VERDICT by ge-high-assurance.
the class VDMInstrumentor method getBlockID.
protected BlockImpl getBlockID(String componentID) {
BlockImpl blockImpl = null;
for (ComponentImpl cmpImpl : vdm_model.getComponentImpl()) {
if (cmpImpl.getBlockImpl() != null) {
blockImpl = cmpImpl.getBlockImpl();
for (ComponentInstance cmpInstance : blockImpl.getSubcomponent()) {
ComponentImpl impl = cmpInstance.getImplementation();
ComponentType enumType = null;
if (impl != null) {
enumType = impl.getType();
} else {
enumType = cmpInstance.getSpecification();
}
if (componentID.equalsIgnoreCase(enumType.getId())) {
return blockImpl;
}
}
}
}
return blockImpl;
}
Aggregations