Search in sources :

Example 16 with ComponentInstance

use of verdict.vdm.vdm_model.ComponentInstance in project VERDICT by ge-high-assurance.

the class Instrumentor method logicBomb.

// LB:
// - Select components c in C such that:
// c.ComponentType is in {Software, SwHwHybrid, SwHumanHybrid, Hybrid}
// and (c.pedigree = COTS and (c.pedigree = Sourced and c.supplyChainSecurity = 0 and
// c.tamperProtection = 0))
// and (c.adversariallyTestedForTrojanOrLogicBomb = 0 or C.staticCodeAnalysis = 0)
@Override
public void logicBomb(HashSet<ComponentType> vdm_components) {
    try {
        HashSet<String> components = new HashSet<String>();
        HashSet<String> lbComponentTypeSet = new HashSet<String>(Arrays.asList("software", "swhwhybrid", "swhumanhybrid", "hybrid"));
        BlockImpl blockImpl = null;
        for (ComponentImpl componentImpl : vdm_model.getComponentImpl()) {
            blockImpl = componentImpl.getBlockImpl();
            // BlockImpl
            if (blockImpl != null) {
                ComponentType componentType = componentImpl.getType();
                for (ComponentInstance componentInstance : blockImpl.getSubcomponent()) {
                    componentType = componentInstance.getSpecification();
                    ComponentImpl subcomponentImpl = componentInstance.getImplementation();
                    // Option 1) Specification
                    if (componentType != null) {
                    } else // Option 2) Implementation
                    if (subcomponentImpl != null) {
                        componentType = subcomponentImpl.getType();
                    }
                    List<GenericAttribute> attributeList = componentInstance.getAttribute();
                    GenericAttribute componentKindAttribute = getAttributeByName(attributeList, "ComponentType", componentInstance.getName());
                    GenericAttribute adversariallyTestedForTrojanOrLogicBombAttribute = getAttributeByName(attributeList, "AdversariallyTestedForTrojanOrLogicBomb", componentInstance.getName());
                    GenericAttribute pedigreeAttribute = getAttributeByName(attributeList, "Pedigree", componentInstance.getName());
                    GenericAttribute supplyChainSecurityAttribute = getAttributeByName(attributeList, "SupplyChainSecurity", componentInstance.getName());
                    GenericAttribute tamperProtectionAttribute = getAttributeByName(attributeList, "TamperProtection", componentInstance.getName());
                    GenericAttribute staticCodeAnalysisAttribute = getAttributeByName(attributeList, "StaticCodeAnalysis", componentInstance.getName());
                    String componentKind = componentKindAttribute.getValue().toString().toLowerCase();
                    int adversariallyTestedForTrojanOrLogicBomb = Integer.parseInt(adversariallyTestedForTrojanOrLogicBombAttribute.getValue().toString());
                    String pedigree = pedigreeAttribute.getValue().toString().toLowerCase();
                    int supplyChainSecurity = Integer.parseInt(supplyChainSecurityAttribute.getValue().toString());
                    int tamperProtection = Integer.parseInt(tamperProtectionAttribute.getValue().toString());
                    int staticCodeAnalysis = Integer.parseInt(staticCodeAnalysisAttribute.getValue().toString());
                    if (lbComponentTypeSet.contains(componentKind) && (pedigree.equalsIgnoreCase("cots") || (pedigree.equalsIgnoreCase("sourced") && supplyChainSecurity == 0 && tamperProtection == 0)) && (adversariallyTestedForTrojanOrLogicBomb == 0 || staticCodeAnalysis == 0)) {
                        // Store component
                        // if (!vdm_components.contains(componentType)) {
                        vdm_components.add(componentType);
                        components.add(componentType.getId());
                    // }
                    }
                }
            }
        }
        this.attack_cmp_link_map.put("LB", components);
    } catch (CRVException e) {
        System.out.println("\tCRV Error " + e.getCode() + " " + e.getMessage());
    }
}
Also used : BlockImpl(verdict.vdm.vdm_model.BlockImpl) ComponentType(verdict.vdm.vdm_model.ComponentType) ComponentInstance(verdict.vdm.vdm_model.ComponentInstance) GenericAttribute(verdict.vdm.vdm_data.GenericAttribute) ComponentImpl(verdict.vdm.vdm_model.ComponentImpl) HashSet(java.util.HashSet)

Example 17 with ComponentInstance

use of verdict.vdm.vdm_model.ComponentInstance in project VERDICT by ge-high-assurance.

the class Instrumentor method remoteCodeInjection.

// Remote Code Injection:
// - Select components c in the model M such that:
// c.ComponentType = 'Software' v c.ComponentType = 'Hybrid'
// & \exists ch\in M. p\in InputPort(c). ch = p.channel & ch.Connectin-Type =
// Remote
@Override
public void remoteCodeInjection(HashSet<ComponentType> vdm_components) {
    try {
        HashSet<String> components = new HashSet<String>();
        HashSet<String> rciComponentTypeSet = new HashSet<String>(Arrays.asList("software", "swhwhybrid", "swhumanhybrid", "hybrid"));
        BlockImpl blockImpl = null;
        for (ComponentImpl componentImpl : vdm_model.getComponentImpl()) {
            blockImpl = componentImpl.getBlockImpl();
            // BlockImpl
            if (blockImpl != null) {
                ComponentType componentType = componentImpl.getType();
                for (ComponentInstance componentInstance : blockImpl.getSubcomponent()) {
                    componentType = componentInstance.getSpecification();
                    ComponentImpl subcomponentImpl = componentInstance.getImplementation();
                    // Option 1) Specification
                    if (componentType != null) {
                    } else // Option 2) Implementation
                    if (subcomponentImpl != null) {
                        componentType = subcomponentImpl.getType();
                    }
                    List<GenericAttribute> attributeList = componentInstance.getAttribute();
                    GenericAttribute componentKindAttribute = getAttributeByName(attributeList, "ComponentType", componentInstance.getName());
                    GenericAttribute staticCodeAnalysisAttribute = getAttributeByName(attributeList, "StaticCodeAnalysis", componentInstance.getName());
                    GenericAttribute inputValidationAttribute = getAttributeByName(attributeList, "InputValidation", componentInstance.getName());
                    GenericAttribute memoryProtectionAttribute = getAttributeByName(attributeList, "MemoryProtection", componentInstance.getName());
                    String componentKind = componentKindAttribute.getValue().toString().toLowerCase();
                    int staticCodeAnalysis = Integer.parseInt(staticCodeAnalysisAttribute.getValue().toString());
                    int inputValidation = Integer.parseInt(inputValidationAttribute.getValue().toString());
                    int memoryProtection = Integer.parseInt(memoryProtectionAttribute.getValue().toString());
                    if (rciComponentTypeSet.contains(componentKind.toLowerCase()) && (staticCodeAnalysis == 0 || inputValidation == 0 || memoryProtection == 0)) {
                        Boolean hasEligibleIncomingChannels = false;
                        for (Port port : componentType.getPort()) {
                            PortMode mode = port.getMode();
                            if (mode == PortMode.IN) {
                                for (Connection connection : blockImpl.getConnection()) {
                                    if (connection.getDestination().getSubcomponentPort() != null) {
                                        if (connection.getDestination().getSubcomponentPort().getPort() == port) {
                                            Boolean scInsideTrustedBoundary;
                                            String scComponentKind;
                                            String scPedigree;
                                            int scStrongCryptoAlgorithms;
                                            int scSupplyChainSecurity;
                                            int scTamperProtection;
                                            if (connection.getSource().getSubcomponentPort() != null) {
                                                ComponentInstance sourceComponent = connection.getSource().getSubcomponentPort().getSubcomponent();
                                                List<GenericAttribute> sourceComponentAttributeList = sourceComponent.getAttribute();
                                                GenericAttribute sourceComponentInsideTrustedBoundaryAttribute = getAttributeByName(sourceComponentAttributeList, "InsideTrustedBoundary", sourceComponent.getName());
                                                GenericAttribute sourceComponentComponentKindAttribute = getAttributeByName(sourceComponentAttributeList, "ComponentType", sourceComponent.getName());
                                                GenericAttribute sourceComponentPedigreeAttribute = getAttributeByName(sourceComponentAttributeList, "Pedigree", sourceComponent.getName());
                                                GenericAttribute sourceComponentStrongCryptoAlgorithmsAttribute = getAttributeByName(sourceComponentAttributeList, "StrongCryptoAlgorithms", sourceComponent.getName());
                                                GenericAttribute sourceComponentSupplyChainSecurityAttribute = getAttributeByName(sourceComponentAttributeList, "SupplyChainSecurity", sourceComponent.getName());
                                                GenericAttribute sourceComponentTamperProtectionAttribute = getAttributeByName(sourceComponentAttributeList, "TamperProtection", sourceComponent.getName());
                                                scInsideTrustedBoundary = Boolean.parseBoolean(sourceComponentInsideTrustedBoundaryAttribute.getValue().toString());
                                                scComponentKind = sourceComponentComponentKindAttribute.getValue().toString().toLowerCase();
                                                scPedigree = sourceComponentPedigreeAttribute.getValue().toString().toLowerCase();
                                                scStrongCryptoAlgorithms = Integer.parseInt(sourceComponentStrongCryptoAlgorithmsAttribute.getValue().toString());
                                                scSupplyChainSecurity = Integer.parseInt(sourceComponentSupplyChainSecurityAttribute.getValue().toString());
                                                scTamperProtection = Integer.parseInt(sourceComponentTamperProtectionAttribute.getValue().toString());
                                            } else {
                                                scInsideTrustedBoundary = true;
                                                scComponentKind = "";
                                                scPedigree = "";
                                                scStrongCryptoAlgorithms = -1;
                                                scSupplyChainSecurity = -1;
                                                scTamperProtection = -1;
                                            }
                                            List<GenericAttribute> connectionAttributeList = connection.getAttribute();
                                            GenericAttribute connectionTypeAttribute = getAttributeByName(connectionAttributeList, "ConnectionType", connection.getName());
                                            GenericAttribute deviceAuthenticationAttribute = getAttributeByName(connectionAttributeList, "DeviceAuthentication", connection.getName());
                                            GenericAttribute sessionAuthenticityAttribute = getAttributeByName(connectionAttributeList, "SessionAuthenticity", connection.getName());
                                            String connectionType = connectionTypeAttribute.getValue().toString().toLowerCase();
                                            int deviceAuthentication = Integer.parseInt(deviceAuthenticationAttribute.getValue().toString());
                                            int sessionAuthenticity = Integer.parseInt(sessionAuthenticityAttribute.getValue().toString());
                                            if ((!scInsideTrustedBoundary || connectionType.equalsIgnoreCase("untrusted")) && !scComponentKind.equalsIgnoreCase("hardware") && ((scPedigree.equalsIgnoreCase("cots") || (scPedigree.equalsIgnoreCase("sourced") && scSupplyChainSecurity == 0 && scTamperProtection == 0)) || ((deviceAuthentication == 0 && sessionAuthenticity == 0) || scStrongCryptoAlgorithms == 0))) {
                                                hasEligibleIncomingChannels = true;
                                            }
                                            break;
                                        }
                                    }
                                }
                            }
                            if (hasEligibleIncomingChannels) {
                                break;
                            }
                        }
                        if (hasEligibleIncomingChannels) {
                            vdm_components.add(componentType);
                            components.add(componentType.getId());
                        }
                    }
                }
            }
        }
        this.attack_cmp_link_map.put("RI", components);
    } catch (CRVException e) {
        System.out.println("CRV Error " + e.getCode() + e.getMessage());
    }
}
Also used : BlockImpl(verdict.vdm.vdm_model.BlockImpl) ComponentType(verdict.vdm.vdm_model.ComponentType) PortMode(verdict.vdm.vdm_model.PortMode) CompInstancePort(verdict.vdm.vdm_model.CompInstancePort) Port(verdict.vdm.vdm_model.Port) GenericAttribute(verdict.vdm.vdm_data.GenericAttribute) Connection(verdict.vdm.vdm_model.Connection) ComponentImpl(verdict.vdm.vdm_model.ComponentImpl) ComponentInstance(verdict.vdm.vdm_model.ComponentInstance) HashSet(java.util.HashSet)

Example 18 with ComponentInstance

use of verdict.vdm.vdm_model.ComponentInstance in project VERDICT by ge-high-assurance.

the class VDMInstrumentor method retrieve_links.

protected boolean retrieve_links(ComponentType component, Connection connection, Port instrumented_port) {
    // Default Block Implementation
    ComponentImpl compImpl = retrieve_cmp_impl(component);
    // R.H.S
    ConnectionEnd src = connection.getSource();
    ComponentInstance src_componentInstance = new ComponentInstance();
    // Source Connection
    Port src_port = src.getComponentPort();
    if (src_port != null) {
        String identifier = compImpl.getId();
        // identifier = identifier.replace(".I", "_I");
        identifier = identifier.replace(".", "_dot_");
        identifier = identifier.replace("::", "_double_colon_");
        src_componentInstance.setId(identifier);
        src_componentInstance.setName(identifier);
        src_componentInstance.setImplementation(compImpl);
    }
    // if (src_port == instrumented_port) {
    CompInstancePort compInstancePort = src.getSubcomponentPort();
    if (compInstancePort != null) {
        src_componentInstance = compInstancePort.getSubcomponent();
        src_port = compInstancePort.getPort();
    }
    if (instrumented_port == src_port) {
        return true;
    }
    return false;
}
Also used : CompInstancePort(verdict.vdm.vdm_model.CompInstancePort) CompInstancePort(verdict.vdm.vdm_model.CompInstancePort) Port(verdict.vdm.vdm_model.Port) ComponentInstance(verdict.vdm.vdm_model.ComponentInstance) ConnectionEnd(verdict.vdm.vdm_model.ConnectionEnd) ComponentImpl(verdict.vdm.vdm_model.ComponentImpl)

Example 19 with ComponentInstance

use of verdict.vdm.vdm_model.ComponentInstance in project VERDICT by ge-high-assurance.

the class VDMInstrumentor method ignoreMarkedLink.

// Ignore Connection or Marked Ports.
private boolean ignoreMarkedLink(Connection con) {
    ConnectionEnd srcConnection = con.getSource();
    ComponentType srcType = null;
    ConnectionEnd destConnection = con.getDestination();
    ComponentType destType = null;
    Port srcPort = srcConnection.getComponentPort();
    if (srcPort == null) {
        CompInstancePort compPort = srcConnection.getSubcomponentPort();
        srcPort = compPort.getPort();
        ComponentInstance srcCompInstance = compPort.getSubcomponent();
        srcType = srcCompInstance.getSpecification();
        if (srcType == null) {
            ComponentImpl compImpl = srcCompInstance.getImplementation();
            srcType = compImpl.getType();
        }
    }
    Port destPort = destConnection.getComponentPort();
    if (destPort == null) {
        CompInstancePort compPort = destConnection.getSubcomponentPort();
        destPort = compPort.getPort();
        ComponentInstance destCompInstance = compPort.getSubcomponent();
        destType = destCompInstance.getSpecification();
        if (destType == null) {
            ComponentImpl compImpl = destCompInstance.getImplementation();
            destType = compImpl.getType();
        }
    }
    if (this.marked_ports.contains(srcPort) || this.marked_ports.contains(destPort)) {
        System.out.println("Ignore Port Connection:" + con.getName());
        return true;
    }
    if (this.marked_types.contains(srcType) || this.marked_types.contains(destType)) {
        System.out.println("Ignore Instance Connection:" + con.getName());
        return true;
    }
    return false;
}
Also used : ComponentType(verdict.vdm.vdm_model.ComponentType) CompInstancePort(verdict.vdm.vdm_model.CompInstancePort) CompInstancePort(verdict.vdm.vdm_model.CompInstancePort) Port(verdict.vdm.vdm_model.Port) ComponentInstance(verdict.vdm.vdm_model.ComponentInstance) ConnectionEnd(verdict.vdm.vdm_model.ConnectionEnd) ComponentImpl(verdict.vdm.vdm_model.ComponentImpl)

Example 20 with ComponentInstance

use of verdict.vdm.vdm_model.ComponentInstance in project VERDICT by ge-high-assurance.

the class VDMInstrumentor method getBlockID.

protected BlockImpl getBlockID(String componentID) {
    BlockImpl blockImpl = null;
    for (ComponentImpl cmpImpl : vdm_model.getComponentImpl()) {
        if (cmpImpl.getBlockImpl() != null) {
            blockImpl = cmpImpl.getBlockImpl();
            for (ComponentInstance cmpInstance : blockImpl.getSubcomponent()) {
                ComponentImpl impl = cmpInstance.getImplementation();
                ComponentType enumType = null;
                if (impl != null) {
                    enumType = impl.getType();
                } else {
                    enumType = cmpInstance.getSpecification();
                }
                if (componentID.equalsIgnoreCase(enumType.getId())) {
                    return blockImpl;
                }
            }
        }
    }
    return blockImpl;
}
Also used : BlockImpl(verdict.vdm.vdm_model.BlockImpl) ComponentType(verdict.vdm.vdm_model.ComponentType) ComponentInstance(verdict.vdm.vdm_model.ComponentInstance) ComponentImpl(verdict.vdm.vdm_model.ComponentImpl)

Aggregations

ComponentImpl (verdict.vdm.vdm_model.ComponentImpl)23 ComponentInstance (verdict.vdm.vdm_model.ComponentInstance)23 ComponentType (verdict.vdm.vdm_model.ComponentType)21 BlockImpl (verdict.vdm.vdm_model.BlockImpl)17 HashSet (java.util.HashSet)10 GenericAttribute (verdict.vdm.vdm_data.GenericAttribute)8 CompInstancePort (verdict.vdm.vdm_model.CompInstancePort)8 Port (verdict.vdm.vdm_model.Port)8 Connection (verdict.vdm.vdm_model.Connection)6 ConnectionEnd (verdict.vdm.vdm_model.ConnectionEnd)6 Expression (verdict.vdm.vdm_lustre.Expression)3 PortMode (verdict.vdm.vdm_model.PortMode)3 ArrayList (java.util.ArrayList)2 ContractItem (verdict.vdm.vdm_lustre.ContractItem)2 ContractSpec (verdict.vdm.vdm_lustre.ContractSpec)2 IfThenElse (verdict.vdm.vdm_lustre.IfThenElse)2 NodeBody (verdict.vdm.vdm_lustre.NodeBody)2 NodeCall (verdict.vdm.vdm_lustre.NodeCall)2 NodeEquation (verdict.vdm.vdm_lustre.NodeEquation)2 NodeEquationLHS (verdict.vdm.vdm_lustre.NodeEquationLHS)2