analysis: Derived trustlevel

lang-example/mc.cfg

 /**
- * Generated on Wed Oct 08 18:06:57 CEST 2014
+ * Generated on Wed Oct 08 20:24:39 CEST 2014
  */
 config {
     Require-Model:

montiSecArcAnalysis/mc.cfg

 /**
- * Generated on Wed Oct 08 18:07:19 CEST 2014
+ * Generated on Wed Oct 08 20:24:58 CEST 2014
  */
 config {
     Require-Model:

montiSecArcAnalysis/src/main/java/secarc/error/MontiSecArcAnalysisErrorCodes.java

@@ -105,4 +105,9 @@ public enum MontiSecArcAnalysisErrorCodes implements IErrorCode {
 	 */
 	ReasonDifferingTrustlevel,
 	
+	/**
+	 * Derived turstlevel
+	 */
+	DerivedTrustlevel,
+	
 }

montiSecArcAnalysis/src/main/java/secarc/ets/analysis/trustlevel/DerivedTrustlevel.java

+package secarc.ets.analysis.trustlevel;
+
+import interfaces2.resolvers.AmbigousException;
+import mc.IErrorCode;
+import mc.umlp.arcd._ast.ASTArcComponent;
+import mc.umlp.arcd.ets.entries.ComponentEntry;
+import secarc.error.MontiSecArcAnalysisErrorCodes;
+import secarc.ets.analysis.checker.Analysis;
+import secarc.ets.analysis.checker.ISecAnalysisComponentChecker;
+import secarc.ets.check.MontiSecArcAnalysisConstants;
+import secarc.ets.entries.SecComponentEntry;
+import secarc.ets.entries.TrustlevelEntry;
+
+/**
+ * Derives trustlevel for components without trustlevel
+ * 
+ * <br>
+ * <br>
+ * Copyright (c) 2011 RWTH Aachen. All rights reserved
+ * 
+ * @author (last commit) $Author$
+ * @version $Date$<br>
+ * $Revision$
+ * 
+ */
+public class DerivedTrustlevel extends Analysis implements
+		ISecAnalysisComponentChecker {
+
+	public DerivedTrustlevel() {
+		super(MontiSecArcAnalysisConstants.DERIVED_TRUSTLEVEL);
+	}
+
+	/*
+	 * (non-Javadoc)
+	 * @see secarc.ets.analysis.checker.ISecAnalysisComponentChecker#check(mc.umlp.arcd._ast.ASTArcComponent, secarc.ets.entries.SecComponentEntry)
+	 */
+	@Override
+	public void check(ASTArcComponent node, SecComponentEntry entry)
+			throws AmbigousException {
+		if(entry.getTrustlevel().isPresent()) {
+			return;
+		}
+		
+		TrustlevelEntry trustlevelEntry = getTrustlevel(node);
+		String trustlevel = "";
+		
+		if(trustlevelEntry == null) {
+			trustlevel = "-1";
+		} else {
+			trustlevel += trustlevelEntry.getValue();
+			if(trustlevelEntry.isNegative()) {
+				trustlevel = "-" + trustlevel;
+			} else  {
+				trustlevel = "+" + trustlevel;
+			}
+		}
+		
+		addReport("The component " + entry.getName() + " has the trustlevel " + trustlevel, node.get_SourcePositionStart());
+		
+	}
+	
+	private TrustlevelEntry getTrustlevel(ASTArcComponent node) throws AmbigousException {
+		ASTArcComponent parent = node.getMainParent();
+		if(parent != null) {
+			SecComponentEntry componentParent = (SecComponentEntry) resolver.resolve(parent.getName(), ComponentEntry.KIND, getNameSpaceFor(parent));
+			if(componentParent.getTrustlevel().isPresent()) {
+				return componentParent.getTrustlevel().get();
+			} else {
+				return getTrustlevel(parent);
+			}
+		} else {
+			return null;
+		}
+	}
+
+	/*
+	 * (non-Javadoc)
+	 * @see interfaces2.coco.ContextCondition#getErrorCode()
+	 */
+	@Override
+	public IErrorCode getErrorCode() {
+		return MontiSecArcAnalysisErrorCodes.DerivedTrustlevel;
+	}
+
+}

montiSecArcAnalysis/src/main/java/secarc/ets/check/MontiSecArcAnalysisConstants.java

@@ -70,4 +70,6 @@ public final class MontiSecArcAnalysisConstants {
 
 	public static final String REASON_DIFFERING_TRUSTLEVEL = "Checks if the trustlevel differs more then 2 from expected level.";
 	
+	public static final String DERIVED_TRUSTLEVEL = "Drives turstlevel for components which do not have a trustlevel.";
+	
 }

montiSecArcAnalysis/src/main/java/secarc/ets/check/MontiSecArcAnalysisCreator.java

@@ -23,6 +23,7 @@ import secarc.ets.analysis.role.DerivedRolesComponent;
 import secarc.ets.analysis.role.DerivedRolesPort;
 import secarc.ets.analysis.role.DerivedRolesThirdParty;
 import secarc.ets.analysis.role.RoleAccess;
+import secarc.ets.analysis.trustlevel.DerivedTrustlevel;
 import secarc.ets.analysis.trustlevel.ReasonForDifferingTrustlevel;
 
 
@@ -176,6 +177,9 @@ public final class MontiSecArcAnalysisCreator {
 			//Trustlevel differs more than 2 from relative trustevel
 			trustlevelAnalysis.addChild(new ReasonForDifferingTrustlevel());
 			
+			//Dervied trustlevel for components without trustlevel
+			trustlevelAnalysis.addChild(new DerivedTrustlevel());
+			
 			analysis.addChild(connectorAnalysis);
 			analysis.addChild(filterAnalysis);
 			analysis.addChild(portAnalysis);

montiSecArcAnalysis/src/test/java/secarc/MontiSecArcAnalysisTest.java

@@ -179,8 +179,9 @@ public class MontiSecArcAnalysisTest extends TestWithSymtabAnalysis<MontiSecArcA
 		
 		List<MontiSecArcAnalysisErrorCodes> errorCodes = new ArrayList<MontiSecArcAnalysisErrorCodes>();
 		errorCodes.add(MontiSecArcAnalysisErrorCodes.ReasonDifferingTrustlevel);
+		errorCodes.add(MontiSecArcAnalysisErrorCodes.DerivedTrustlevel);
 
-        assertEquals(2, handler.getWarnings().size());
+        assertEquals(3, handler.getWarnings().size());
         for(ProblemReport error : handler.getErrors()) {
         	assertTrue(errorCodes.contains(error.getErrorcode()));
         }

montiSecArcAnalysis/src/test/resources/secarc/analysis/configuration/ConfigurationNotReviewed.secarc

@@ -16,6 +16,8 @@ component ConfigurationNotReviewed {
 		version "1.2";
 		
 		configuration conf;
+		
+		trustlevel +1;
 	}
 		
 	component SubEncryptedConnector subEncryptedConnector{

montiSecArcAnalysis/src/test/resources/secarc/analysis/configuration/ConfigurationReviewed.secarc

@@ -18,6 +18,8 @@ component ConfigurationReviewed {
 		port in String inputTarget;
 		
 		configuration conf_reviewed;
+		
+		trustlevel +1;
 	
 	}
 		

montiSecArcAnalysis/src/test/resources/secarc/analysis/connector/EncryptedPathEndInLowTrustlevel.secarc

@@ -21,6 +21,7 @@ component EncryptedPathEndInLowTrustlevel {
 		
 		configuration conf_reviewed;
 		
+		trustlevel +1;
 	}
 		
 	component SubEncryptedConnector subEncryptedConnector {

montiSecArcAnalysis/src/test/resources/secarc/analysis/connector/EncryptedPathWithUnencryptedPart.secarc

@@ -21,6 +21,7 @@ component EncryptedPathWithUnencryptedPart {
 		
 		configuration conf_reviewed;
 		
+		trustlevel +1;
 	}
 		
 	component SubEncryptedConnector subEncryptedConnector {

montiSecArcAnalysis/src/test/resources/secarc/analysis/connector/ListEncryptedData.secarc

@@ -15,7 +15,7 @@ component ListEncryptedData {
 	}
 	
 	component TargetHelp targetHelp {
-		
+		trustlevel +1;
 	}
 		
 	component SubEncryptedConnector {

montiSecArcAnalysis/src/test/resources/secarc/analysis/connector/UnencryptedPathThroughLowTrustlevel.secarc

@@ -19,7 +19,9 @@ component UnencryptedPathThroughLowTrustlevel {
 		
 		port in String inputTarget;
 		
-		configuration conf_reviewed;		
+		configuration conf_reviewed;
+		
+		trustlevel +1;		
 	}	
 		
 	component SubEncryptedConnector subEncryptedConnector {

montiSecArcAnalysis/src/test/resources/secarc/analysis/filter/FilterComponent.secarc

@@ -13,6 +13,8 @@ component FilterComponent {
 	
 	component TargetHelp targetHelp {		
 		port out String output;
+		
+		trustlevel +1;
 	}
 		
 	component (filter URL) FilterURL filterURL {

montiSecArcAnalysis/src/test/resources/secarc/analysis/filter/FilterPort.secarc

@@ -11,7 +11,9 @@ component FilterPort {
 		trustlevel +1;
 	}
 	
-	component TargetHelp targetHelp {		
+	component TargetHelp targetHelp {
+	
+		trustlevel +1;		
 	
 		port
 			(filter SQL) in String input;

montiSecArcAnalysis/src/test/resources/secarc/analysis/identity/IdentityWithEncryption.secarc

@@ -17,12 +17,14 @@ component IdentityWithEncryption {
 		port out String inputTarget;
 		
 		identity weak targetHelp -> subEncryptedConnector;
+		
+		trustlevel +1;
 	
 	}
 		
 	component SubEncryptedConnector subEncryptedConnector {
 	
-		trustlevel +1;
+		trustlevel +2;
 		
 		access user;
 		

montiSecArcAnalysis/src/test/resources/secarc/analysis/identity/IdentityWithoutEncryption.secarc

@@ -17,12 +17,14 @@ component IdentityWithoutEncryption {
 		port in String inputTarget;
 		
 		identity weak targetHelp -> subEncryptedConnector;
+		
+		trustlevel +1;
 	
 	}
 		
 	component SubEncryptedConnector subEncryptedConnector {
 	
-		trustlevel +1;
+		trustlevel +2;
 		
 		access user;
 		

montiSecArcAnalysis/src/test/resources/secarc/analysis/port/CriticalPort.secarc

@@ -14,6 +14,7 @@ component CriticalPort {
 	
 	component TargetHelp targetHelp {
 		port critical in String inputTarget;
+		trustlevel +1;
 	}
 		
 	component SubEncryptedConnector subEncryptedConnector {

montiSecArcAnalysis/src/test/resources/secarc/analysis/port/IncomingPort.secarc

@@ -15,7 +15,8 @@ component IncomingPort {
 	}
 	
 	component TargetHelp targetHelp {
-		port in String inputTarget;		
+		port in String inputTarget;
+		trustlevel +1;		
 	}
 		
 	component SubEncryptedConnector subEncryptedConnector {

montiSecArcAnalysis/src/test/resources/secarc/analysis/port/OutgoingPort.secarc

@@ -17,6 +17,7 @@ component OutgoingPort {
 	
 	component TargetHelp targetHelp {
 		port in String inputTarget;
+		trustlevel +1;
 	}
 		
 	component SubEncryptedConnector subEncryptedConnector {

montiSecArcAnalysis/src/test/resources/secarc/analysis/role/DerivedThirdPartyRoles.secarc

@@ -23,6 +23,8 @@ component DerivedThirdPartyRoles {
 		
 		access inputTarget (admin);
 		
+		trustlevel +2;
+		
 	}
 		
 	component SubEncryptedConnector subEncryptedConnector {

montiSecArcAnalysis/src/test/resources/secarc/analysis/trustlevel/DerivedTrustlevel.secarc

+package secarc.analysis.trustlevel;
+
+component DerivedTrustlevel{
+
+	accesscontrol off;
+	
+	trustlevel +2;
+	
+	component Help help {
+		
+	}
+	
+	component PositiveDifference {
+		trustlevel +2;
+	}
+	
+	component NegativeDifference {
+		trustlevel +1;
+	}
+
+}
\ No newline at end of file