### Run Insider Intruder Analysis (Bash) Source: https://context7.com/ygdantas/laufen/llms.txt This bash script demonstrates how to execute the Laufen tool for insider intruder (Man-in-the-Middle) attack enumeration. It specifies the necessary DLV files and filters for the analysis, and includes an option to add execution time statistics. ```Bash # Run LAUFEN for insider intruder (MITM) attack enumeration ./bin/dlv-2.1.1-linux-x86.bin \ example/apollo.dlv \ utils/utils.dlv \ m2m/af3.dlv \ -n 1 \ security/safety2security.dlv \ security/insider_intruder.dlv \ --filter=insider_intruder/3 # Output format: insider_intruder(PUBLISHER, SUBSCRIBER, AFFECTED_TOPIC) # Each result shows a potential MITM attack path # Add execution time statistics ./bin/dlv-2.1.1-linux-x86.bin \ example/apollo.dlv \ utils/utils.dlv \ m2m/af3.dlv \ security/safety2security.dlv \ security/insider_intruder.dlv \ --filter=insider_intruder/3 \ --stats=verbosity ``` -------------------------------- ### DLV Utility Functions for Asset Classification and Pub/Sub Source: https://context7.com/ygdantas/laufen/llms.txt This module provides helper predicates for classifying software and hardware assets, deriving topics from publish/subscribe relationships, and navigating component hierarchies. It is used for threat modeling and understanding system interactions. ```prolog % Classify software elements software(CP) :- component(CP). software(CP) :- task(CP). % Classify hardware elements hardware(ECU) :- ecu(ECU). hardware(NET) :- network(NET). hardware(CLUSTER) :- cluster(CLUSTER). % Derive topics from pub/sub relationships topic(TOPIC) :- subscriber(CP,TOPIC). topic(TOPIC) :- publisher(CP,TOPIC). % Asset type classification for threat modeling get_asset_type(ASSET,software) :- asset_software(ASSET). get_asset_type(ASSET,topic) :- asset_data(ASSET). get_asset_type(ASSET,hardware) :- asset_hardware(ASSET). % Component hierarchy navigation for pub/sub has_child_component_publisher(CP,TOPIC) :- publisher(CP,TOPIC), sub_component(SUB_CP,CP), publisher(SUB_CP,TOPIC). get_child_publisher_topic(CP,TOPIC,CHILD) :- publisher(CP,TOPIC), sub_component(CHILD,CP), publisher(CHILD,TOPIC), not has_child_component_publisher(CHILD,TOPIC). ``` -------------------------------- ### AutoFOCUS3 Model Transformation Rules (Prolog) Source: https://context7.com/ygdantas/laufen/llms.txt This Prolog code provides model-to-model transformation rules for importing architectures from AutoFOCUS3. It includes mappings for ASIL levels, hazard attributes, loss scenarios with failure modes, and deriving component allocation from task allocation. ```Prolog % Map ASIL levels from AF3 numeric encoding arch_element_asil(ID,d) :- cpASILaf3(ID,"4"). % ASIL D arch_element_asil(ID,c) :- cpASILaf3(ID,"3"). % ASIL C arch_element_asil(ID,b) :- cpASILaf3(ID,"2"). % ASIL B arch_element_asil(ID,a) :- cpASILaf3(ID,"1"). % ASIL A arch_element_asil(ID,qm) :- cpASILaf3(ID,"0"). % QM % Map hazard attributes from AF3 format hazard(ID,NEW_SEV,NEW_EXP,NEW_CTL) :- hazard_af3(ID,SEV,EXP,CTL), map_hazard_from_af3(SEV,NEW_SEV), map_hazard_from_af3(EXP,NEW_EXP), map_hazard_from_af3(CTL,NEW_CTL). map_hazard_from_af3("Severity 3",s3). map_hazard_from_af3("Controllability 3",c3). % Map loss scenarios with failure mode transformation loss_scenario_verbose(ID,FROM_CP,TO_CP,TOPIC,NEW_FAILURE_MODE,HZ) :- loss_scenario_af3(ID,FROM_CP,TO_CP,TOPIC,FAILURE_MODE,HZ), map_failure_mode_from_af3(FAILURE_MODE,NEW_FAILURE_MODE). map_failure_mode_from_af3("FAILURE_LOSS",loss). map_failure_mode_from_af3("FAILURE_ERRONEOUS",erroneous). % Derive allocation from component hierarchy allocation(CP,ECU) :- component(CP), task(TASK), allocation(CP,TASK), ecu(ECU), allocation(TASK,ECU). ``` -------------------------------- ### Execute Outsider Intruder Analysis via CLI Source: https://context7.com/ygdantas/laufen/llms.txt Commands to run the LAUFEN engine using the DLV binary. These commands process architecture models and security rules to output attack paths or source-to-target mappings. ```bash # Run LAUFEN for outsider intruder attack path enumeration ./bin/dlv-2.1.1-linux-x86.bin \ example/apollo.dlv \ utils/utils.dlv \ m2m/af3.dlv \ security/safety2security.dlv \ security/outsider_intruder_reachability.dlv \ security/outsider_intruder_attack_paths.dlv \ --filter=outsider_intruder/1 # To show source and target information: ./bin/dlv-2.1.1-linux-x86.bin \ example/apollo.dlv \ utils/utils.dlv \ m2m/af3.dlv \ security/safety2security.dlv \ security/outsider_intruder_reachability.dlv \ security/outsider_intruder_attack_paths.dlv \ --filter=outsider_intruder_from_to/2 ``` -------------------------------- ### Define Insider Intruder Attack Path Rules (Prolog) Source: https://context7.com/ygdantas/laufen/llms.txt This Prolog code defines the logic for identifying Man-in-the-Middle (MITM) attack scenarios in publish-subscribe architectures. It covers direct attacks on the same topic and indirect attacks through dependent topics, generating results for insider intruder attacks. ```Prolog % MITM attack: compromised publisher directly affects subscriber of the same topic path_MITM_topic_SOA(ASSET,MALICIOUS_CP,TARGET_CP,ASSET) :- asset_data(ASSET), publisher(MALICIOUS_CP,ASSET), not has_child_component_publisher(MALICIOUS_CP,ASSET), subscriber(TARGET_CP,ASSET), not has_child_component_subscriber(TARGET_CP,ASSET). % MITM attack: indirect attack through dependent topics path_MITM_topic_SOA(ASSET,MALICIOUS_CP,TARGET_CP,TARGET_TOPIC) :- asset_data(ASSET), damage_scenario(ASSET,integrity,_), publisher(TARGET_CP,ASSET), not has_child_component_publisher(TARGET_CP,ASSET), subscriber(TARGET_CP,TARGET_TOPIC), publisher(MALICIOUS_CP,TARGET_TOPIC), not has_child_component_publisher(MALICIOUS_CP,TARGET_TOPIC). % Generate insider intruder results insider_intruder(MALICIOUS_CP,TARGET_CP,TARGET_TOPIC) :- path_MITM_topic_SOA(ASSET,MALICIOUS_CP,TARGET_CP,TARGET_TOPIC). ``` -------------------------------- ### Define Outsider Intruder Reachability Rules (Prolog) Source: https://context7.com/ygdantas/laufen/llms.txt This Prolog code defines the rules for determining network reachability for external attackers. It establishes base cases for public interfaces and defines reachability through network transmissions and ECU ports, ultimately identifying attack-reachable assets. ```Prolog % Base case: public interfaces are directly reachable reachable(null,PUBLIC_PORT) :- public(PUBLIC), ecu_port(PUBLIC,PUBLIC_PORT). reachable(null,PUBLIC_PORT) :- public(PUBLIC), network_port(PUBLIC,PUBLIC_PORT). % Reachability through network transmissions reachable(CP1,INPUT_ECU) :- reachable(CP,TARGET_PORT), network_port(TARGET,TARGET_PORT), ecu_port(ECU,INPUT_ECU), transmission_with_ports(ID,OUTPUT_TARGET,TARGET,INPUT_ECU,ECU), component(CP1), cp_reads_from_ecu_port(CP1,INPUT_ECU). % Component reads from ECU port (via task allocation) cp_reads_from_ecu_port(CP,INPUT_ECU) :- task_input_port(TASK,INPUT_TASK), allocation(INPUT_TASK,INPUT_ECU), allocation(CP,TASK). % Determine if an asset is attack-reachable attack_reachable(ASSET,ASSET,HW_ASSET) :- threat_scenario(ASSET,ATTACK_TYPE), allocation(ASSET,HW_ASSET), ecu_port(HW_ASSET,ECU_PORT), ecu(HW_ASSET), reachable(X,ECU_PORT), cp_reads_from_ecu_port(ASSET,ECU_PORT). ``` -------------------------------- ### DLV Definition of Loss Scenarios and Public Interfaces Source: https://context7.com/ygdantas/laufen/llms.txt This section demonstrates defining safety-relevant loss scenarios by linking components, topics, and hazards. It also defines public interfaces which serve as entry points for potential attacks, crucial for security analysis. ```prolog % Define a hazard with severity, exposure, and controllability hazard_af3("hz_113865","Severity 3","Exposure 4","Controllability 3"). % Define loss scenarios linking components, topics, and hazards % Format: loss_scenario_af3(ID, FROM_COMPONENT, TO_COMPONENT, TOPIC, FAILURE_MODE, HAZARD) loss_scenario_af3("ls_113867_FAILURE_ERRONEOUS", "planning_ID_110201", % Source component (planning module) "control_ID_109733", % Target component (control module) "_apollo__planning", % Affected topic "FAILURE_ERRONEOUS", % Failure mode (maps to integrity) "hz_113865"). % Associated hazard loss_scenario_af3("ls_113867_FAILURE_ERRONEOUS", "localization_ID_109801", "perception_ID_110035", "_apollo__localization__pose", "FAILURE_ERRONEOUS", "hz_113865"). % Define public interfaces (entry points for outsider attacks) public("Bluetooth_Radio_ID_112165"). public("T_Box_ID_112171"). public("GPS_radio_ID_112145"). public("LiDAR_ID_112161"). public("Front_Radar_ID_112149"). ``` -------------------------------- ### Define Safety to Security Transformation Rules in DLV Source: https://context7.com/ygdantas/laufen/llms.txt This module maps safety failure modes to security properties and derives assets, damage scenarios, and threat scenarios. It serves as the core logic for translating safety artifacts into security-relevant data. ```prolog % Map failure modes to security properties failure_mode2security_property(erroneous,integrity). failure_mode2security_property(loss,availability). % Map safety impact (severity + controllability) to security impact safety_impact2security_impact(s3,c3,severe). safety_impact2security_impact(s3,c2,serious). safety_impact2security_impact(s2,c2,serious). safety_impact2security_impact(s1,c1,moderate). safety_impact2security_impact(s0,c0,negligible). % Map asset types and security properties to attack types asset_type_security_property2attack_type(software,integrity,elevation_of_privilege). asset_type_security_property2attack_type(software,integrity,tampering). asset_type_security_property2attack_type(topic,integrity,spoofing). asset_type_security_property2attack_type(topic,availability,dos). % Derive assets from loss scenarios asset_software(FROM) :- loss_scenario_verbose(ID_LS,FROM,TO,TOPIC,FAILURE_MODE,HAZARD), component(FROM). asset_data(TOPIC) :- loss_scenario_verbose(ID_LS,FROM,TO,TOPIC,FAILURE_MODE,HAZARD), topic(TOPIC). % Derive damage scenarios damage_scenario(ASSET,SECURITY_PROPERTY,HAZARD) :- asset_software(ASSET), loss_scenario_verbose(ID_LS,ASSET,TO,TOPIC,FAILURE_MODE,HAZARD), failure_mode2security_property(FAILURE_MODE,SECURITY_PROPERTY). % Derive threat scenarios from damage scenarios threat_scenario(ASSET,ATTACK_TYPE) :- damage_scenario(ASSET,SECURITY_PROPERTY,_), get_asset_type(ASSET,ASSET_TYPE), asset_type_security_property2attack_type(ASSET_TYPE,SECURITY_PROPERTY,ATTACK_TYPE). ``` === COMPLETE CONTENT === This response contains all available snippets from this library. No additional content exists. Do not make further requests.