Example 1 with Connection
use of verdict.vdm.vdm_model.Connection in project VERDICT by ge-high-assurance.
the class VDMInstrumentor method connection_mapper.
protected Map<String, List<String>> connection_mapper(Map<Connection, String> connections, Map<String, HashSet<Connection>> comp_asmp) {
Map<String, List<String>> comp_link = new HashMap<String, List<String>>();
for (String key : comp_asmp.keySet()) {
List<String> constants = new ArrayList<String>();
for (Connection con : comp_asmp.get(key)) {
if (!isProbePort(con)) {
String g_constant = connections.get(con);
constants.add(g_constant);
comp_link.put(key, constants);
}
}
}
return comp_link;
}
Also used :
HashMap(java.util.HashMap)
ArrayList(java.util.ArrayList)
Connection(verdict.vdm.vdm_model.Connection)
ArrayList(java.util.ArrayList)
List(java.util.List)
Example 2 with Connection
use of verdict.vdm.vdm_model.Connection in project VERDICT by ge-high-assurance.
the class VDMInstrumentor method instrument_link.
// public void instrument_link(Connection connection) {
// // Connection Source
// ConnectionEnd src = connection.getSource();
//
// // Connection Destination
// ConnectionEnd dest = connection.getDestination();
//
// // Source Component
// Port src_port = src.getComponentPort();
// // Destination Component
// Port dest_port = dest.getComponentPort();
//
// if (src_port == null && dest_port == null) {
// // Both are sub-compon
// System.out.println("Both are subcomponents.");
// }
// if (src_port == null && dest_port != null) {
// // Only one is Subcomponent
// System.out.println(dest_port.getId() + " -- " + dest_port.getName());
// }
// if (src_port != null && dest_port == null) {
// // One Subcomponent
// System.out.println(src_port.getId() + " -- " + src_port.getName());
// }
// }
// public void create_link(Connection old_channel, ComponentInstance
// src_componentInstance,
// ComponentInstance dest_componentInstance) {
//
// ComponentInstance instrumented_componentInstance = new ComponentInstance();
//
// String component_ID = src_componentInstance.getName() + "_Inst_" +
// dest_componentInstance.getName();
// instrumented_componentInstance.setId(component_ID + "_Instance");
// instrumented_componentInstance.setName(component_ID);
//
// instrumented_componentInstance.setSpecification(value);
// instrumented_componentInstance.setImplementation(value);
//
// ComponentType instrumented_component = new ComponentType();
// instrumented_component.setId(component_ID);
// instrumented_component.setName(component_ID);
//
//
//
// Connection inst_channel = new Connection();
//
// //Update Old connection Destination
// old_channel.setDestination(value);
//
// //Add New Connection Source
// inst_channel.setSource(value);
// //Add New Connection Destination
// inst_channel.setDestination(value);
//
//
// }
public String instrument_link(String compID, Connection connection, BlockImpl blockImpl) {
// instrument_link(connection);
// System.out.println("Instrumented Link ***" + connection.getName());
// Default Block Implementation
ComponentImpl compImpl = null;
if (compID != null) {
compImpl = retrieve_cmp_impl(compID);
}
// Connections without Components Instrumentation.
if (compImpl == null) {
compImpl = retrieve_main_cmp_impl();
}
ComponentType instrumented_cmp = new ComponentType();
// R.H.S
ConnectionEnd src = connection.getSource();
ComponentInstance src_componentInstance = new ComponentInstance();
// Source Connection
Port src_port = src.getComponentPort();
if (src_port != null) {
String identifier = compImpl.getId();
// identifier = identifier.replace(".I", "_I");
identifier = identifier.replace(".", "_dot_");
identifier = identifier.replace("::", "_double_colon_");
src_componentInstance.setId(identifier);
src_componentInstance.setName(identifier);
src_componentInstance.setImplementation(compImpl);
}
// if (src_port == instrumented_port) {
CompInstancePort compInstancePort = src.getSubcomponentPort();
if (compInstancePort != null) {
src_componentInstance = compInstancePort.getSubcomponent();
src_port = compInstancePort.getPort();
}
// R.H.S
ConnectionEnd dest = connection.getDestination();
ComponentInstance dest_componentInstance = new ComponentInstance();
// Source Connection
Port dest_port = dest.getComponentPort();
if (dest_port != null) {
String identifier = compImpl.getId();
// identifier = identifier.replace(".I", "_I");
identifier = identifier.replace(".", "_dot_");
identifier = identifier.replace("::", "_double_colon_");
dest_componentInstance.setId(identifier);
dest_componentInstance.setName(identifier);
dest_componentInstance.setImplementation(compImpl);
}
// if (dest_port == instrumented_port) {
compInstancePort = dest.getSubcomponentPort();
if (compInstancePort != null) {
dest_componentInstance = compInstancePort.getSubcomponent();
dest_port = compInstancePort.getPort();
}
String instrument_cmp_Id = src_componentInstance.getName() + "_Inst_" + dest_componentInstance.getName() + "_port_" + dest_port.getName();
instrument_cmp_Id = instrument_cmp_Id.replace(".", "_dot_");
// Setting Component IDs
instrumented_cmp.setId(instrument_cmp_Id);
instrumented_cmp.setName(instrument_cmp_Id);
// output port
Port instrumented_port_dest = new Port();
instrumented_port_dest.setId(dest_port.getId());
instrumented_port_dest.setName(dest_port.getName());
instrumented_port_dest.setMode(dest_port.getMode());
instrumented_port_dest.setType(dest_port.getType());
if (dest_port.isEvent() != null && dest_port.isEvent()) {
instrumented_port_dest.setEvent(true);
} else {
instrumented_port_dest.setEvent(false);
}
instrumented_cmp.getPort().add(instrumented_port_dest);
// Input port
Port instrumented_port_src = new Port();
instrumented_port_src.setId(src_port.getId());
instrumented_port_src.setName(src_componentInstance + "_port_" + src_port.getName());
instrumented_port_src.setMode(src_port.getMode());
if (src_port.isEvent() != null && src_port.isEvent()) {
instrumented_port_src.setEvent(true);
} else {
instrumented_port_src.setEvent(false);
}
String global_constant_Id = src_componentInstance.getName();
if (instrumented_port_src.getMode() == instrumented_port_dest.getMode()) {
instrumented_port_src.setName(src_port.getName());
if (instrumented_port_src.getMode() == PortMode.IN) {
instrumented_port_src.setMode(PortMode.OUT);
} else {
instrumented_port_dest.setMode(PortMode.IN);
}
} else {
instrumented_port_src.setName(src_port.getName());
}
if (dest_port.getMode() == PortMode.OUT) {
global_constant_Id += "_port_" + dest_port.getName() + "_instrumented";
} else {
global_constant_Id += "_port_" + src_port.getName() + "_instrumented";
}
instrumented_port_src.setType(dest_port.getType());
instrumented_cmp.getPort().add(instrumented_port_src);
vdm_model.getComponentType().add(instrumented_cmp);
// Modify connection.
ConnectionEnd con_end_inst = new ConnectionEnd();
// instrumentd_port.setPort(value);
ComponentInstance instrumented_compInstance = new ComponentInstance();
instrumented_compInstance.setId(connection.getName());
instrumented_compInstance.setName(connection.getName());
instrumented_compInstance.setSpecification(instrumented_cmp);
// -----------------------------------------
// Adding Auxiliary Node.
NodeCall nodeCall = new NodeCall();
nodeCall.setNodeId(instrumented_cmp.getId());
Expression callExpr = new Expression();
callExpr.setCall(nodeCall);
ContractItem true_guarantee_item = new ContractItem();
// true_guarantee_item.setName("true");
Expression true_expr = new Expression();
Boolean true_lit = Boolean.TRUE;
true_expr.setBoolLiteral(true_lit);
true_guarantee_item.setExpression(true_expr);
ContractSpec contractSpec = new ContractSpec();
contractSpec.getGuarantee().add(true_guarantee_item);
// ---------------------------------------------
ComponentImpl instrument_compImpl = new ComponentImpl();
instrument_compImpl.setId(instrumented_cmp.getId() + "_dot_impl");
instrument_compImpl.setName(instrumented_cmp.getName() + "_dot_Impl");
instrument_compImpl.setType(instrumented_cmp);
IfThenElse ifelse = new IfThenElse();
// Condition
Expression cond_expr = new Expression();
global_constant_Id = global_constant_Id.replace(".", "_dot_");
cond_expr.setIdentifier(global_constant_Id);
ifelse.setCondition(cond_expr);
// Then
Expression then_arg = new Expression();
then_arg.setIdentifier(dest_port.getName());
ifelse.setThenBranch(callExpr);
// Else
Expression else_arg = new Expression();
else_arg.setIdentifier(dest_port.getName());
nodeCall.getArgument().add(else_arg);
ifelse.setElseBranch(then_arg);
Expression instrumented_expr = new Expression();
instrumented_expr.setConditionalExpression(ifelse);
NodeEquation n_eq = new NodeEquation();
NodeEquationLHS neq_lhs = new NodeEquationLHS();
neq_lhs.getIdentifier().add(src_port.getName() + "_instrumented");
n_eq.setLhs(neq_lhs);
n_eq.setRhs(instrumented_expr);
NodeBody nodeBody = new NodeBody();
// VariableDeclaration cond_var = new VariableDeclaration();
// cond_var.setName(gloabal_constant_Id);
// DataType dataType = new DataType();
// dataType.setPlainType(PlainType.BOOL);
// cond_var.setDataType(dataType);
// nodeBody.getVariableDeclaration().add(cond_var);
nodeBody.setIsMain(false);
nodeBody.getEquation().add(n_eq);
instrument_compImpl.setDataflowImpl(nodeBody);
instrumented_compInstance.setImplementation(instrument_compImpl);
vdm_model.getComponentImpl().add(instrument_compImpl);
vdm_model.getComponentType().add(instrumented_cmp);
// -----------------------------------------
CompInstancePort compInstance_inst_port = new CompInstancePort();
compInstance_inst_port.setPort(dest_port);
compInstance_inst_port.setSubcomponent(instrumented_compInstance);
con_end_inst.setSubcomponentPort(compInstance_inst_port);
blockImpl.getSubcomponent().add(instrumented_compInstance);
connection.setDestination(con_end_inst);
Connection new_con = new Connection();
// Copying connection related artifacts
new_con.setName(connection.getName() + "_instrumented_channel");
// new_con.setConnType(connection.getConnType());
// new_con.setFlowType(connection.getFlowType());
//
// new_con.setDataEncrypted(connection.isEncryptedTransmission());
// new_con.setAuthenticated(connection.isAuthenticated());
new_con.setSource(con_end_inst);
compInstance_inst_port.setPort(src_port);
new_con.setDestination(dest);
blockImpl.getConnection().add(new_con);
return global_constant_Id;
}
Also used :
ComponentType(verdict.vdm.vdm_model.ComponentType)
NodeCall(verdict.vdm.vdm_lustre.NodeCall)
CompInstancePort(verdict.vdm.vdm_model.CompInstancePort)
NodeBody(verdict.vdm.vdm_lustre.NodeBody)
CompInstancePort(verdict.vdm.vdm_model.CompInstancePort)
Port(verdict.vdm.vdm_model.Port)
Connection(verdict.vdm.vdm_model.Connection)
NodeEquationLHS(verdict.vdm.vdm_lustre.NodeEquationLHS)
ComponentImpl(verdict.vdm.vdm_model.ComponentImpl)
NodeEquation(verdict.vdm.vdm_lustre.NodeEquation)
Expression(verdict.vdm.vdm_lustre.Expression)
ContractItem(verdict.vdm.vdm_lustre.ContractItem)
ComponentInstance(verdict.vdm.vdm_model.ComponentInstance)
ContractSpec(verdict.vdm.vdm_lustre.ContractSpec)
ConnectionEnd(verdict.vdm.vdm_model.ConnectionEnd)
IfThenElse(verdict.vdm.vdm_lustre.IfThenElse)
Example 3 with Connection
use of verdict.vdm.vdm_model.Connection in project VERDICT by ge-high-assurance.
the class VDMInstrumentor method retrieve_component_and_channels.
protected void retrieve_component_and_channels(Model vdm_model, List<String> threats, boolean blame_assignment, boolean component_level) {
HashSet<ComponentType> vdm_components = new HashSet<ComponentType>();
HashSet<Connection> vdm_links = new HashSet<Connection>();
// Initialize Components with Empty Ports and Ignore
identifyEmptyOutputComponents();
// Initialize DataFlow for empty Implementations.
LustreProgram lt = vdm_model.getDataflowCode();
if (lt == null) {
lt = new LustreProgram();
vdm_model.setDataflowCode(lt);
}
if (threats.contains("LS")) {
System.out.println("Location Spoofing Instrumentation");
locationSpoofing(vdm_components);
}
if (threats.contains("LB")) {
System.out.println("Logic Bomb Instrumentation");
logicBomb(vdm_components);
}
if (threats.contains("SV")) {
System.out.println("Software Virus/malware/worm/trojan");
softwareVirus(vdm_components);
}
if (threats.contains("RI")) {
System.out.println("Remote Code Injection");
remoteCodeInjection(vdm_components);
}
if (threats.contains("OT")) {
System.out.println("Outsider Threat");
outsiderThreat(vdm_components);
}
if (threats.contains("IT")) {
System.out.println("Insider Threat");
insiderThreat(vdm_components);
}
if (threats.contains("HT")) {
System.out.println("Hardware Trojans");
hardwareTrojan(vdm_components);
}
if (threats.contains("NI")) {
System.out.println("Network Injection Instrumentation");
// Snooze links for component level blame assignment.
if (!component_level) {
networkInjection(vdm_links);
}
}
if (threats.contains("BN")) {
System.out.println("Benign");
vdm_components.clear();
vdm_links.clear();
}
// int component_index = 1;
// Removed Once component Implemtation assumption.
ComponentImpl componentImpl = retrieve_main_cmp_impl();
BlockImpl blockImpl = null;
if (componentImpl != null) {
blockImpl = componentImpl.getBlockImpl();
}
Map<String, HashSet<Connection>> components_map = new HashMap<String, HashSet<Connection>>();
if (vdm_components.size() > 0) {
for (ComponentType component : vdm_components) {
blockImpl = retrieve_block(component);
HashSet<Connection> vdm_cmp_links = instrument_component(component, blockImpl);
for (Connection link_con : vdm_cmp_links) {
// Check if connection contains Empty Component on Port Ends.
if (!ignoreMarkedLink(link_con)) {
// Check if Port is Probe Port
if (!isProbePort(link_con)) {
vdm_links.add(link_con);
}
}
}
components_map.put(component.getId(), vdm_cmp_links);
}
}
// Snoorzing probe ports and Empty output components
if (vdm_links.size() > 0) {
Iterator<Connection> it = vdm_links.iterator();
while (it.hasNext()) {
Connection con = it.next();
if (isProbePort(con)) {
it.remove();
} else if (ignoreMarkedLink(con)) {
it.remove();
}
}
}
HashSet<String> global_constants = new HashSet<String>();
Map<Connection, String> connections_map = new HashMap<Connection, String>();
if (vdm_links.size() > 0) {
for (Connection connection : vdm_links) {
// System.out.println("(" + connection_index++ + ") " +
// connection.getName());
// instrument_link(connection, blockImpl);
String cmpID = getComponentID(components_map, connection);
if (cmpID != null) {
// Find Block based on Connection
blockImpl = getBlockID(cmpID);
String constant = instrument_link(cmpID, connection, blockImpl);
global_constants.add(constant);
connections_map.put(connection, constant);
} else {
// Handle 'NI' as Special Case.
ConnectionEnd conDest = connection.getSource();
Port dest_port = conDest.getComponentPort();
if (dest_port != null) {
cmpID = dest_port.getId();
} else {
CompInstancePort compInstance = conDest.getSubcomponentPort();
ComponentInstance compInst = compInstance.getSubcomponent();
cmpID = compInst.getId();
}
blockImpl = retrieve_block(connection);
String constant = instrument_link(cmpID, connection, blockImpl);
global_constants.add(constant);
connections_map.put(connection, constant);
}
}
} else {
emptySelection = true;
}
// Declare Global Constants
for (String comp_id : global_constants) {
ConstantDeclaration global_comp_const = new ConstantDeclaration();
DataType global_comp_dataType = new DataType();
global_comp_dataType.setPlainType(PlainType.BOOL);
global_comp_const.setName(comp_id);
global_comp_const.setDataType(global_comp_dataType);
// Expression global_expr = new Expression();
// global_expr.setBoolLiteral(true);
// global_comp_const.setDefinition(global_expr);
vdm_model.getDataflowCode().getConstantDeclaration().add(global_comp_const);
// g_constants.add(global_comp_const);
}
Map<String, List<String>> connection_gps_comp_map = connection_gps_mapper(connections_map, components_map);
// Choosing Blame options
if (threats.contains("LS") && component_level) {
// Link Level Instrumentation varibales
dec_var_asmp_const(connection_gps_comp_map, blame_assignment, false);
} else if (threats.contains("LS") && !component_level) {
dec_var_asmp_const(connection_gps_comp_map, blame_assignment, true);
}
if (blame_assignment && component_level) {
Map<String, List<String>> connection_comp_map = connection_mapper(connections_map, components_map);
ComponentImpl compImpl = retrieve_main_cmp_impl();
// if (compImpl.getBlockImpl() == null) {
// compImpl = retrieve_block(compImpl);
// }
ContractSpec contractSpec = compImpl.getType().getContract();
for (String key : components_map.keySet()) {
String id = key.replace("::", "_double_colon_");
Expression wk_expr = new Expression();
wk_expr.setIdentifier(id);
Expression not_wkexpr = new Expression();
not_wkexpr.setNot(wk_expr);
// Adding weakly assume variables
ContractItem weakly_assume_item = new ContractItem();
weakly_assume_item.setName(id + " is not instrumented");
weakly_assume_item.setExpression(not_wkexpr);
// Checking connection before adding assumption
HashSet<Connection> empty_connection_check = components_map.get(key);
if (empty_connection_check.size() > 0) {
contractSpec.getWeaklyassume().add(weakly_assume_item);
}
}
dec_var_const(connection_comp_map);
} else if (blame_assignment && !component_level) {
ComponentImpl compImpl = retrieve_main_cmp_impl();
if (compImpl != null) {
// if (compImpl.getBlockImpl() == null) {
// compImpl = retrieve_block_impl(compImpl);
// }
ContractSpec contractSpec = compImpl.getType().getContract();
for (String key : global_constants) {
Expression wk_expr = new Expression();
wk_expr.setIdentifier(key);
Expression not_wkexpr = new Expression();
not_wkexpr.setNot(wk_expr);
// Adding weakly assume variables
ContractItem weakly_assume_item = new ContractItem();
weakly_assume_item.setName(link_name(key) + " is not instrumented");
weakly_assume_item.setExpression(not_wkexpr);
contractSpec.getWeaklyassume().add(weakly_assume_item);
}
}
}
}
Also used :
BlockImpl(verdict.vdm.vdm_model.BlockImpl)
HashMap(java.util.HashMap)
CompInstancePort(verdict.vdm.vdm_model.CompInstancePort)
Port(verdict.vdm.vdm_model.Port)
ConstantDeclaration(verdict.vdm.vdm_lustre.ConstantDeclaration)
ComponentImpl(verdict.vdm.vdm_model.ComponentImpl)
ContractItem(verdict.vdm.vdm_lustre.ContractItem)
ComponentInstance(verdict.vdm.vdm_model.ComponentInstance)
DataType(verdict.vdm.vdm_data.DataType)
ArrayList(java.util.ArrayList)
List(java.util.List)
HashSet(java.util.HashSet)
ComponentType(verdict.vdm.vdm_model.ComponentType)
CompInstancePort(verdict.vdm.vdm_model.CompInstancePort)
Connection(verdict.vdm.vdm_model.Connection)
Expression(verdict.vdm.vdm_lustre.Expression)
LustreProgram(verdict.vdm.vdm_lustre.LustreProgram)
ContractSpec(verdict.vdm.vdm_lustre.ContractSpec)
ConnectionEnd(verdict.vdm.vdm_model.ConnectionEnd)
Example 4 with Connection
use of verdict.vdm.vdm_model.Connection in project VERDICT by ge-high-assurance.
the class VDM2Lustre method visit.
// B) Component Implementation Translated into Lustre Node
public void visit(ComponentImpl componentImpl, Node node) {
NodeBody nodeBody = new NodeBody();
// Option 1) Block Implementation
// retrieve_block(componentImpl);
BlockImpl blockImpl = componentImpl.getBlockImpl();
// BlockImpl
if (blockImpl != null) {
ComponentType componentType = componentImpl.getType();
for (ComponentInstance componentInstance : blockImpl.getSubcomponent()) {
// replace to make naming compliant with lustre code
String id = componentInstance.getId();
id = id.replace(".", "_dot_");
id = id.replace("::", "_double_colon_");
componentInstance.setId(id);
String name = componentInstance.getName();
name = name.replace(".", "_dot_");
name = name.replace("::", "_double_colon_");
componentInstance.setName(name);
componentType = componentInstance.getSpecification();
ComponentImpl subcomponentImpl = componentInstance.getImplementation();
if (componentType == null && subcomponentImpl == null) {
System.out.println(componentInstance.getName() + " subcomponent is missing both a specification and an implemention.");
System.out.println("Please provide some specification or an implementation to continue.");
System.exit(-1);
}
// Option 1) Implementation
if (subcomponentImpl != null) {
componentType = subcomponentImpl.getType();
if (!this.marked_types.contains(componentType)) {
visit(componentType, nodeBody, componentInstance.getId(), true);
}
} else // Option 2) Specification
if (componentType != null) {
if (!this.marked_types.contains(componentType)) {
visit(componentType, nodeBody, componentInstance.getId(), false);
}
}
}
for (Connection connection : blockImpl.getConnection()) {
if (!ignoreConnection(connection)) {
visit(connection, nodeBody);
}
}
} else {
// Option 2) DataFlow Implementation / NodeBody
nodeBody = componentImpl.getDataflowImpl();
// node.setBody(nodeBody);
}
node.setBody(nodeBody);
}
Also used :
BlockImpl(verdict.vdm.vdm_model.BlockImpl)
ComponentType(verdict.vdm.vdm_model.ComponentType)
NodeBody(verdict.vdm.vdm_lustre.NodeBody)
ComponentInstance(verdict.vdm.vdm_model.ComponentInstance)
Connection(verdict.vdm.vdm_model.Connection)
ComponentImpl(verdict.vdm.vdm_model.ComponentImpl)
Example 5 with Connection
use of verdict.vdm.vdm_model.Connection in project VERDICT by ge-high-assurance.
the class AttackDefenseCollector method loadAttacksDefensesFromCsv.
/**
* Load the attacks and defenses from CAPEC.csv and Defenses.csv, respectively.
*
* <p>This is factored out because it is used by both the CSV and VDM approaches.
*
* @param inputDir the STEM output directory
* @param connectionNameMap the map from connection names in the CSV files to the actual
* connection names
* @throws CSVFile.MalformedInputException
* @throws IOException
*/
private void loadAttacksDefensesFromCsv(String inputDir, Map<String, String> connectionNameMap) throws CSVFile.MalformedInputException, IOException {
// Load all the files as CSV
CSVFile capecCsv = new CSVFile(new File(inputDir, "CAPEC.csv"), true, "CompType", "CompInst", "CAPEC", "CAPECDescription", "Confidentiality", "Integrity", "Availability", "LikelihoodOfSuccess");
CSVFile defensesCsv = new CSVFile(new File(inputDir, "Defenses.csv"), true, "CompType", "CompInst", "CAPEC", "Confidentiality", "Integrity", "Availability", "ApplicableDefenseProperties", "ImplProperties", "DAL");
// Load attacks
for (CSVFile.RowData row : capecCsv.getRowDatas()) {
String systemTypeName = row.getCell("CompType");
String systemInstName = row.getCell("CompInst");
String attackName = row.getCell("CAPEC");
String attackDesc = row.getCell("CAPECDescription");
Prob likelihood = Prob.certain();
// Look at all three columns to figure out which one is being used
CIA cia = CIA.fromStrings(row.getCell("Confidentiality"), row.getCell("Integrity"), row.getCell("Availability"));
if ("Connection".equals(systemTypeName)) {
String connectionName = connectionNameMap.get(systemInstName);
for (ConnectionModel connection : connNameToConnectionModelMap.get(connectionName)) {
connection.getAttackable().addAttack(new Attack(connection.getAttackable(), attackName, attackDesc, likelihood, cia));
}
} else {
SystemModel system = getSystem(systemInstName);
system.getAttackable().addAttack(new Attack(system.getAttackable(), attackName, attackDesc, likelihood, cia));
}
}
// Note we don't use implemented property column in csv files if we vdm as input
for (CSVFile.RowData row : defensesCsv.getRowDatas()) {
String systemTypeName = row.getCell("CompType");
String systemInstName = row.getCell("CompInst");
String attackName = row.getCell("CAPEC");
CIA cia = CIA.fromStrings(row.getCell("Confidentiality"), row.getCell("Integrity"), row.getCell("Availability"));
List<String> defenseNames = Arrays.asList(row.getCell("ApplicableDefenseProperties").split(";")).stream().map(name -> name.length() > 0 ? Character.toString(name.charAt(0)).toLowerCase() + name.substring(1) : "").collect(Collectors.toList());
List<String> implProps = Arrays.asList(row.getCell("ImplProperties").split(";"));
List<String> likelihoodStrings = Arrays.asList(row.getCell("DAL").split(";"));
if (defenseNames.size() != implProps.size() || defenseNames.size() != likelihoodStrings.size()) {
throw new RuntimeException("ApplicableDefenseProperties, ImplProperties, and DAL must have same cardinality");
}
List<Defense> defenses = new ArrayList<>();
List<Defense.DefenseLeaf> clause = new ArrayList<>();
if ("Connection".equals(systemTypeName)) {
String connectionName = connectionNameMap.get(systemInstName);
for (ConnectionModel connection : connNameToConnectionModelMap.get(connectionName)) {
Defense defense = connection.getAttackable().getDefenseByAttackAndCia(attackName, cia);
if (defense == null) {
Attack attack = connection.getAttackable().getAttackByNameAndCia(attackName, cia);
if (attack == null) {
throw new RuntimeException("could not find attack: " + attackName + ", " + cia);
}
defense = new Defense(attack);
connection.getAttackable().addDefense(defense);
}
defenses.add(defense);
}
} else {
SystemModel system = getSystem(systemInstName);
Defense defense = system.getAttackable().getDefenseByAttackAndCia(attackName, cia);
if (defense == null) {
Attack attack = system.getAttackable().getAttackByNameAndCia(attackName, cia);
if (attack == null) {
throw new RuntimeException("could not find attack: " + attackName + ", " + cia);
}
defense = new Defense(attack);
system.getAttackable().addDefense(defense);
}
defenses.add(defense);
}
// TODO get defense descriptions from Defenses2NIST?
// Need to get correct name if connection
String entityName = "Connection".equals(systemTypeName) ? connectionNameMap.get(systemInstName) : systemInstName;
for (int i = 0; i < defenseNames.size(); i++) {
if (!"null".equals(defenseNames.get(i))) {
int dal = -1;
// it will be null if we are not loading from VDM
if (compDefenseToImplDal != null) {
// load DAL from VDM if available
Pair<String, String> pair = new Pair<>(entityName, defenseNames.get(i));
if (compDefenseToImplDal.containsKey(pair)) {
dal = compDefenseToImplDal.get(pair);
} else {
// if there is no binding present, then it is not implemented
dal = 0;
}
}
// this code treats applicable defense and impl defense as separate things
// but we have changed the capitalization so that they should be the same
Optional<Pair<String, Integer>> impl;
if (dal == -1) {
impl = "null".equals(implProps.get(i)) ? Optional.empty() : Optional.of(new Pair<>(implProps.get(i), Integer.parseInt(likelihoodStrings.get(i))));
} else {
impl = dal == 0 ? Optional.empty() : Optional.of(new Pair<>(defenseNames.get(i), dal));
}
clause.add(new Defense.DefenseLeaf(defenseNames.get(i), impl));
}
}
// And there are potentially multiple such rows, forming a DNF
for (Defense defense : defenses) {
defense.addDefenseClause(clause);
}
}
}
Also used :
CIA(com.ge.verdict.attackdefensecollector.model.CIA)
CyberNot(com.ge.verdict.attackdefensecollector.model.CyberNot)
CIAPort(verdict.vdm.vdm_model.CIAPort)
Arrays(java.util.Arrays)
VdmTranslator(com.ge.verdict.vdm.VdmTranslator)
ADOr(com.ge.verdict.attackdefensecollector.adtree.ADOr)
CyberAnd(com.ge.verdict.attackdefensecollector.model.CyberAnd)
CyberRel(com.ge.verdict.attackdefensecollector.model.CyberRel)
HashMap(java.util.HashMap)
CyberReq(com.ge.verdict.attackdefensecollector.model.CyberReq)
ArrayList(java.util.ArrayList)
GenericAttribute(verdict.vdm.vdm_data.GenericAttribute)
Attack(com.ge.verdict.attackdefensecollector.adtree.Attack)
LinkedHashMap(java.util.LinkedHashMap)
Model(verdict.vdm.vdm_model.Model)
Defense(com.ge.verdict.attackdefensecollector.adtree.Defense)
DefenseProperties(com.ge.verdict.vdm.DefenseProperties)
Map(java.util.Map)
Connection(verdict.vdm.vdm_model.Connection)
ComponentType(verdict.vdm.vdm_model.ComponentType)
ADTree(com.ge.verdict.attackdefensecollector.adtree.ADTree)
CyberExpr(com.ge.verdict.attackdefensecollector.model.CyberExpr)
SystemModel(com.ge.verdict.attackdefensecollector.model.SystemModel)
ComponentImpl(verdict.vdm.vdm_model.ComponentImpl)
CyberOr(com.ge.verdict.attackdefensecollector.model.CyberOr)
Collection(java.util.Collection)
Set(java.util.Set)
IOException(java.io.IOException)
ComponentInstance(verdict.vdm.vdm_model.ComponentInstance)
ConnectionModel(com.ge.verdict.attackdefensecollector.model.ConnectionModel)
Collectors(java.util.stream.Collectors)
File(java.io.File)
List(java.util.List)
Severity(verdict.vdm.vdm_model.Severity)
Optional(java.util.Optional)
Collections(java.util.Collections)
PortConcern(com.ge.verdict.attackdefensecollector.model.PortConcern)
Mission(verdict.vdm.vdm_model.Mission)
ArrayList(java.util.ArrayList)
Attack(com.ge.verdict.attackdefensecollector.adtree.Attack)
Defense(com.ge.verdict.attackdefensecollector.adtree.Defense)
SystemModel(com.ge.verdict.attackdefensecollector.model.SystemModel)
CIA(com.ge.verdict.attackdefensecollector.model.CIA)
ConnectionModel(com.ge.verdict.attackdefensecollector.model.ConnectionModel)
File(java.io.File)
Aggregations
Connection (verdict.vdm.vdm_model.Connection)9
ComponentImpl (verdict.vdm.vdm_model.ComponentImpl)7
ComponentInstance (verdict.vdm.vdm_model.ComponentInstance)7
ComponentType (verdict.vdm.vdm_model.ComponentType)6
HashSet (java.util.HashSet)5
BlockImpl (verdict.vdm.vdm_model.BlockImpl)5
CompInstancePort (verdict.vdm.vdm_model.CompInstancePort)5
Port (verdict.vdm.vdm_model.Port)5
GenericAttribute (verdict.vdm.vdm_data.GenericAttribute)4
ArrayList (java.util.ArrayList)3
HashMap (java.util.HashMap)3
List (java.util.List)3
PortMode (verdict.vdm.vdm_model.PortMode)3
ContractItem (verdict.vdm.vdm_lustre.ContractItem)2
ContractSpec (verdict.vdm.vdm_lustre.ContractSpec)2
Expression (verdict.vdm.vdm_lustre.Expression)2
NodeBody (verdict.vdm.vdm_lustre.NodeBody)2
ConnectionEnd (verdict.vdm.vdm_model.ConnectionEnd)2
ADOr (com.ge.verdict.attackdefensecollector.adtree.ADOr)1
ADTree (com.ge.verdict.attackdefensecollector.adtree.ADTree)1
