Initial claims ontology #804

glguy · 2022-10-14T22:28:08Z

No description provided.

bhatt111

partiallySupports should be an attribute of PROPERTY_TYPE, not of PROPERTY, since that determination is made for the PROPERTY_TYPE. We need to think of PROPERTY_TYPE as a first class ENTITY, rather that just an "enumeration". We will still have predefined identifiers in SADL for PROPERTY_TYPE for he enumeration.

glguy · 2022-10-28T17:04:36Z

partiallySupports should be an attribute of PROPERTY_TYPE, not of PROPERTY, since that determination is made for the PROPERTY_TYPE. We need to think of PROPERTY_TYPE as a first class ENTITY, rather that just an "enumeration". We will still have predefined identifiers in SADL for PROPERTY_TYPE for he enumeration.

I'm expecting the PROPERTY_TYPEs to exist in the ontology before any OBJECTIVES are ever added. Would it make sense for OBJECTIVES to point to PROPERTY_TYPE, perhaps?

bhatt111 · 2022-10-28T17:46:00Z

Eric, I was just going to modify this comment based upon discussion with Vatsan this morning. The "partiallySupports" attribute has been in the PROPERTY class (and not used) long before the new approach with CLAIMS was proposed. I agree with you it doesn't belong in PROPERTY_TYPE, but neither does it belong in PROPERTY or OBJECTIVE. Our understanding is that it belongs in CLAIM, which can support specific OBJECTIVE(s) based upon the PROPERTY(s) and THEORY the claim uses. E.g., one can write claims to support different objectives using overlapping sets of properties. Devesh From: Eric Mertens ***@***.***> Sent: Friday, October 28, 2022 12:05 PM To: ge-high-assurance/RACK ***@***.***> Cc: Bhatt, Devesh (AdvTech) ***@***.***>; Comment ***@***.***> Subject: [External] Re: [ge-high-assurance/RACK] Initial claims ontology (PR #804) WARNING: This message has originated from an External Source. This may be a phishing email that can result in unauthorized access to Honeywell systems. Please use proper judgment and caution when opening attachments, clicking links or responding. partiallySupports should be an attribute of PROPERTY_TYPE, not of PROPERTY, since that determination is made for the PROPERTY_TYPE. We need to think of PROPERTY_TYPE as a first class ENTITY, rather that just an "enumeration". We will still have predefined identifiers in SADL for PROPERTY_TYPE for he enumeration. I'm expecting the PROPERTY_TYPEs to exist in the ontology before any OBJECTIVES are ever added. Would it make sense for OBJECTIVES to point to PROPERTY_TYPE, perhaps? - Reply to this email directly, view it on GitHub<https://nam12.safelinks.protection.outlook.com/?url=https%3A%2F%2Fgithub.com%2Fge-high-assurance%2FRACK%2Fpull%2F804%23issuecomment-1295241482&data=05%7C01%7Cdevesh.bhatt%40honeywell.com%7C7c5a3099cc244c97cee108dab9068535%7C96ece5269c7d48b08daf8b93c90a5d18%7C0%7C0%7C638025735032017829%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000%7C%7C%7C&sdata=qa3DtwslqDKXCNa6EzpYJXF72J3S%2F7By9BcxpRCJnr4%3D&reserved=0>, or unsubscribe<https://nam12.safelinks.protection.outlook.com/?url=https%3A%2F%2Fgithub.com%2Fnotifications%2Funsubscribe-auth%2FADJXVB2F2O2R4Z5QWBUI6OLWFQBS7ANCNFSM6AAAAAARFT4VFU&data=05%7C01%7Cdevesh.bhatt%40honeywell.com%7C7c5a3099cc244c97cee108dab9068535%7C96ece5269c7d48b08daf8b93c90a5d18%7C0%7C0%7C638025735032017829%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000%7C%7C%7C&sdata=6o8sCrgRtbFGy1GWaLe95POCFuethcbZwUoZTR314ls%3D&reserved=0>. You are receiving this because you commented.Message ID: ***@***.******@***.***>>

glguy · 2022-10-29T00:00:55Z

All of the claims types have been incorporated into the enumeration variant CSVs. I recommend using the [...] menu to select View File to get a pretty table view in the PR changed files tab.

We've instantiated the claims diagram with example bits from each of the contributing teams claims information.

Note that the "source" column in these CSV files are simply for reference as we iterate on this design. They are not going to be loaded into RACK itself.

glguy · 2022-10-29T00:01:47Z

@bhatt111 we've moved partiallySupports over to a CLAIM per discussion today.

glguy · 2022-11-02T00:03:28Z

@bhatt111 I've incorporated your changes to the SRI overlay

kityansiu · 2022-11-07T15:38:31Z

I just noticed that with the new claim enumeration types, we now have CWEs added as both PROPERTY_TYPES and MITRE-CWE. Is this really what we want? Should we remove one of them?

bhatt111 · 2022-11-07T15:56:20Z

I believe the CWE's may have been added as PROPERTY_TYPES<https://nam12.safelinks.protection.outlook.com/?url=https%3A%2F%2Fgithub.com%2Fge-high-assurance%2FRACK%2Fblob%2Fclaims%2FRACK-Ontology%2Fontology%2Fclaims%2FPROPERTY_TYPES.csv&data=05%7C01%7Cdevesh.bhatt%40honeywell.com%7C46de96b669b745c9d64d08dac0d62650%7C96ece5269c7d48b08daf8b93c90a5d18%7C0%7C0%7C638034323264531535%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000%7C%7C%7C&sdata=NlD6GuIrnmxsz8kwTEQJk5d%2FWu7g%2Bb3Z92Pv1EXtbR0%3D&reserved=0> by Lockheed, bit by SRI team. Devesh From: Kit Siu ***@***.***> Sent: Monday, November 7, 2022 9:39 AM To: ge-high-assurance/RACK ***@***.***> Cc: Bhatt, Devesh (AdvTech) ***@***.***>; Mention ***@***.***> Subject: [External] Re: [ge-high-assurance/RACK] Initial claims ontology (PR #804) WARNING: This message has originated from an External Source. This may be a phishing email that can result in unauthorized access to Honeywell systems. Please use proper judgment and caution when opening attachments, clicking links or responding. I just noticed that with the new claim enumeration types, we now have CWEs added as both PROPERTY_TYPES<https://nam12.safelinks.protection.outlook.com/?url=https%3A%2F%2Fgithub.com%2Fge-high-assurance%2FRACK%2Fblob%2Fclaims%2FRACK-Ontology%2Fontology%2Fclaims%2FPROPERTY_TYPES.csv&data=05%7C01%7Cdevesh.bhatt%40honeywell.com%7C46de96b669b745c9d64d08dac0d62650%7C96ece5269c7d48b08daf8b93c90a5d18%7C0%7C0%7C638034323264531535%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000%7C%7C%7C&sdata=NlD6GuIrnmxsz8kwTEQJk5d%2FWu7g%2Bb3Z92Pv1EXtbR0%3D&reserved=0> and MITRE-CWE<https://nam12.safelinks.protection.outlook.com/?url=https%3A%2F%2Fgithub.com%2Fge-high-assurance%2FRACK%2Fblob%2Fclaims%2FRACK-Ontology%2Fontology%2FMITRE-CWE%2FMITRE_CWE.csv&data=05%7C01%7Cdevesh.bhatt%40honeywell.com%7C46de96b669b745c9d64d08dac0d62650%7C96ece5269c7d48b08daf8b93c90a5d18%7C0%7C0%7C638034323264531535%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000%7C%7C%7C&sdata=vCC1WB90pfNy1mLrtD4IFvtlXZTx13xpJC8SuiHX4GU%3D&reserved=0>. Is this really what we want? Should we remove one of them? - Reply to this email directly, view it on GitHub<https://nam12.safelinks.protection.outlook.com/?url=https%3A%2F%2Fgithub.com%2Fge-high-assurance%2FRACK%2Fpull%2F804%23issuecomment-1305793691&data=05%7C01%7Cdevesh.bhatt%40honeywell.com%7C46de96b669b745c9d64d08dac0d62650%7C96ece5269c7d48b08daf8b93c90a5d18%7C0%7C0%7C638034323264531535%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000%7C%7C%7C&sdata=9GVvq9paevb%2FsAoWdPiku9pc5Wqnm%2FTuFiOyRBr7wPI%3D&reserved=0>, or unsubscribe<https://nam12.safelinks.protection.outlook.com/?url=https%3A%2F%2Fgithub.com%2Fnotifications%2Funsubscribe-auth%2FADJXVB7SO3C5PDEQMDFNJXTWHEPADANCNFSM6AAAAAARFT4VFU&data=05%7C01%7Cdevesh.bhatt%40honeywell.com%7C46de96b669b745c9d64d08dac0d62650%7C96ece5269c7d48b08daf8b93c90a5d18%7C0%7C0%7C638034323264531535%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000%7C%7C%7C&sdata=L%2BVuAKG6oSJfK5VeRRBKgfNPMmO49gHGD3XBv5vHlPY%3D&reserved=0>. You are receiving this because you were mentioned.Message ID: ***@***.******@***.***>>

glguy · 2022-11-07T16:53:03Z

@kityansiu I agree that it's not great that the CWEs are duplicated.

Maybe another encoding would just be to have a single "CWE present in module" property and require the claim to use "addresses" to point the the actual MITRE_CWE instance.

bhatt111 · 2022-11-07T17:03:45Z

Extending what Eric said, another way (we are handling an analogous situation in the SRI team) is to have "CWE NOT present in module" as a PROPERTY_TYPE and then create individual instances of PROPERTY that would reference a particular CWE using “mitigates” or similar attribute.
Note: I suggest that properties should be stated in a positive way – i.e., property being satisfied is a good thing.
Devesh

Initial claims ontology

bceb364

glguy self-assigned this Oct 14, 2022

Update CLAIM.sadl

a501435

bhatt111 suggested changes Oct 27, 2022

View reviewed changes

Add enumerations and subtypes to claims

8cae1b0

glguy added 2 commits October 28, 2022 16:52

Add claim enum types

2dec895

Update CLAIM.sadl

b228258

Update SRI.sadl

57c5570

glguy added 3 commits November 1, 2022 17:14

fixup error and warning

91c90d3

Fix arcos/rack setup

43dc59d

Update import.yaml

c2e531b

glguy marked this pull request as ready for review November 2, 2022 16:35

Merge branch 'master' into claims

0670efd

glguy merged commit eb2f51e into master Nov 7, 2022

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Initial claims ontology #804

Initial claims ontology #804

glguy commented Oct 14, 2022

bhatt111 left a comment

glguy commented Oct 28, 2022

bhatt111 commented Oct 28, 2022 via email

glguy commented Oct 29, 2022

glguy commented Oct 29, 2022

glguy commented Nov 2, 2022

kityansiu commented Nov 7, 2022

bhatt111 commented Nov 7, 2022 via email

glguy commented Nov 7, 2022

bhatt111 commented Nov 7, 2022

Initial claims ontology #804

Initial claims ontology #804

Conversation

glguy commented Oct 14, 2022

bhatt111 left a comment

Choose a reason for hiding this comment

glguy commented Oct 28, 2022

bhatt111 commented Oct 28, 2022 via email

glguy commented Oct 29, 2022

glguy commented Oct 29, 2022

glguy commented Nov 2, 2022

kityansiu commented Nov 7, 2022

bhatt111 commented Nov 7, 2022 via email

glguy commented Nov 7, 2022

bhatt111 commented Nov 7, 2022