From f1864719ab53dd3df8a4140cbb6bb767d89a17cb Mon Sep 17 00:00:00 2001 From: Mike Surridge <27415349+mike1813@users.noreply.github.com> Date: Mon, 21 Aug 2023 16:48:20 +0100 Subject: [PATCH 1/2] Added a control input data type for IoT Sensors, plus direct Thing-Data relationships, then rationalised IoT construction patterns and surfacing threats, addressing #32. --- csv/CASetting.csv | 27 +++++++++++------- csv/ConstructionPattern.csv | 27 ++++++++++-------- csv/ConstructionPatternLinks.csv | 42 +++++++++++++++------------ csv/Control.csv | 2 +- csv/ControlLocations.csv | 2 +- csv/ControlStrategy.csv | 3 +- csv/ControlStrategyBlocks.csv | 11 ++++---- csv/ControlStrategyControls.csv | 1 + csv/ControlStrategyTriggers.csv | 2 +- csv/DomainAsset.csv | 1 + csv/DomainAssetParents.csv | 1 + csv/InferredNodeSetting.csv | 11 ++++---- csv/InferredNodeSettingIncludes.csv | 11 ++++---- csv/MADefaultSetting.csv | 8 ++++++ csv/MatchingPattern.csv | 24 ++++++++-------- csv/MatchingPatternLinks.csv | 12 +++----- csv/MatchingPatternNodes.csv | 7 ++--- csv/Misbehaviour.csv | 1 + csv/MisbehaviourLocations.csv | 1 + csv/ObjectProperty.csv | 7 +++-- csv/ObjectPropertyDomains.csv | 3 ++ csv/ObjectPropertyParents.csv | 2 ++ csv/ObjectPropertyRanges.csv | 3 ++ csv/RootPattern.csv | 19 ++++++++----- csv/RootPatternLinks.csv | 44 +++++++++++++++++++++-------- csv/RootPatternNodes.csv | 44 ++++++++++++++++++++--------- csv/TWAADefaultSetting.csv | 7 +++++ csv/Threat.csv | 17 ++++++----- csv/ThreatEffects.csv | 20 ++++++++----- csv/ThreatEntryPoints.csv | 3 ++ csv/ThreatSEC.csv | 14 ++++----- 31 files changed, 239 insertions(+), 138 deletions(-) diff --git a/csv/CASetting.csv b/csv/CASetting.csv index 725361c..70fd250 100644 --- a/csv/CASetting.csv +++ b/csv/CASetting.csv @@ -714,9 +714,10 @@ package#GDPR,domain#CAS-SubjectToGDPR-Child,domain#Child,domain#SubjectToGDPR,TR package#GDPR,domain#CAS-SubjectToGDPR-Human,domain#Human,domain#SubjectToGDPR,TRUE,domain#TrustworthinessLevelSafe,TRUE package#GDPR,domain#CAS-SubjectToGDPR-Jurisdiction,domain#Jurisdiction,domain#SubjectToGDPR,TRUE,domain#TrustworthinessLevelSafe,TRUE package#IoT,domain#CAS-AccessControl-Controller,domain#Controller,domain#AccessControl,FALSE,domain#TrustworthinessLevelSafe,TRUE -package#IoT,domain#CAS-AccessControl-ControlProcess,domain#ControlProcess,domain#AccessControl,FALSE,domain#TrustworthinessLevelSafe,TRUE +package#IoT,domain#CAS-AccessControl-ControlProcess,domain#ControlProcess,domain#AccessControl,TRUE,domain#TrustworthinessLevelSafe,TRUE package#IoT,domain#CAS-AccessControl-Sensor,domain#Sensor,domain#AccessControl,FALSE,domain#TrustworthinessLevelSafe,TRUE package#IoT,domain#CAS-AccessControl-SensorProcess,domain#SensorProcess,domain#AccessControl,TRUE,domain#TrustworthinessLevelSafe,TRUE +package#IoT,domain#CAS-AccessPolicy-ControlData,domain#ControlData,domain#AccessPolicy,TRUE,domain#TrustworthinessLevelSafe,FALSE package#IoT,domain#CAS-AntiMalware-Controller,domain#Controller,domain#AntiMalware,FALSE,domain#TrustworthinessLevelSafe,TRUE package#IoT,domain#CAS-AntiMalware-Sensor,domain#Sensor,domain#AntiMalware,FALSE,domain#TrustworthinessLevelSafe,TRUE package#IoT,domain#CAS-AuthenticationLimits-ControlProcess,domain#ControlProcess,domain#AuthenticationLimits,FALSE,domain#TrustworthinessLevelSafe,TRUE @@ -771,7 +772,7 @@ package#IoT,domain#CAS-OneTimeKeyVerifier-ControlProcess,domain#ControlProcess,d package#IoT,domain#CAS-OneTimeKeyVerifier-SensorProcess,domain#SensorProcess,domain#OneTimeKeyVerifier,FALSE,domain#TrustworthinessLevelSafe,TRUE package#IoT,domain#CAS-OutOfBandKeyVerifier-ControlProcess,domain#ControlProcess,domain#OutOfBandKeyVerifier,FALSE,domain#TrustworthinessLevelSafe,TRUE package#IoT,domain#CAS-OutOfBandKeyVerifier-SensorProcess,domain#SensorProcess,domain#OutOfBandKeyVerifier,FALSE,domain#TrustworthinessLevelSafe,TRUE -package#IoT,domain#CAS-Password-ControlProcess,domain#ControlProcess,domain#Password,FALSE,domain#TrustworthinessLevelSafe,TRUE +package#IoT,domain#CAS-Password-ControlProcess,domain#ControlProcess,domain#Password,TRUE,domain#TrustworthinessLevelSafe,TRUE package#IoT,domain#CAS-PasswordQualityCheck-ControlProcess,domain#ControlProcess,domain#PasswordQualityCheck,FALSE,domain#TrustworthinessLevelSafe,TRUE package#IoT,domain#CAS-PasswordQualityCheck-SensorProcess,domain#SensorProcess,domain#PasswordQualityCheck,FALSE,domain#TrustworthinessLevelSafe,TRUE package#IoT,domain#CAS-PasswordReset-ControlProcess,domain#ControlProcess,domain#PasswordReset,FALSE,domain#TrustworthinessLevelSafe,TRUE @@ -779,10 +780,10 @@ package#IoT,domain#CAS-PasswordReset-SensorProcess,domain#SensorProcess,domain#P package#IoT,domain#CAS-Password-SensorProcess,domain#SensorProcess,domain#Password,TRUE,domain#TrustworthinessLevelSafe,TRUE package#IoT,domain#CAS-PasswordStore-ControlProcess,domain#ControlProcess,domain#PasswordStore,FALSE,domain#TrustworthinessLevelSafe,TRUE package#IoT,domain#CAS-PasswordStore-SensorProcess,domain#SensorProcess,domain#PasswordStore,FALSE,domain#TrustworthinessLevelSafe,TRUE -package#IoT,domain#CAS-PasswordVerifier-ControlProcess,domain#ControlProcess,domain#PasswordVerifier,FALSE,domain#TrustworthinessLevelSafe,TRUE +package#IoT,domain#CAS-PasswordVerifier-ControlProcess,domain#ControlProcess,domain#PasswordVerifier,TRUE,domain#TrustworthinessLevelSafe,TRUE package#IoT,domain#CAS-PasswordVerifier-SensorProcess,domain#SensorProcess,domain#PasswordVerifier,TRUE,domain#TrustworthinessLevelSafe,TRUE package#IoT,domain#CAS-PenetrationTesting-Controller,domain#Controller,domain#PenetrationTesting,TRUE,domain#TrustworthinessLevelSafe,TRUE -package#IoT,domain#CAS-PenetrationTesting-ControlProcess,domain#ControlProcess,domain#PenetrationTesting,FALSE,domain#TrustworthinessLevelSafe,TRUE +package#IoT,domain#CAS-PenetrationTesting-ControlProcess,domain#ControlProcess,domain#PenetrationTesting,TRUE,domain#TrustworthinessLevelSafe,TRUE package#IoT,domain#CAS-PenetrationTesting-Sensor,domain#Sensor,domain#PenetrationTesting,TRUE,domain#TrustworthinessLevelSafe,TRUE package#IoT,domain#CAS-PenetrationTesting-SensorProcess,domain#SensorProcess,domain#PenetrationTesting,TRUE,domain#TrustworthinessLevelSafe,TRUE package#IoT,domain#CAS-PersonalDevice-Controller,domain#Controller,domain#PersonalDevice,TRUE,domain#TrustworthinessLevelSafe,TRUE @@ -795,7 +796,8 @@ package#IoT,domain#CAS-ProcessMonitoring-ControlProcess,domain#ControlProcess,do package#IoT,domain#CAS-ProcessMonitoring-SensorProcess,domain#SensorProcess,domain#ProcessMonitoring,FALSE,domain#TrustworthinessLevelSafe,TRUE package#IoT,domain#CAS-SafeControlMode-Controller,domain#Controller,domain#SafeControlMode,TRUE,domain#TrustworthinessLevelSafe,TRUE package#IoT,domain#CAS-SafeControlSetting-Controller,domain#Controller,domain#SafeControlSetting,TRUE,domain#TrustworthinessLevelSafe,TRUE -package#IoT,domain#CAS-SafeIoTController-Controller,domain#Controller,domain#SafeIoTController,TRUE,domain#TrustworthinessLevelSafe,TRUE +package#IoT,domain#CAS-SafeIoTController-Controller,domain#Controller,domain#SafeIoTController,TRUE,domain#TrustworthinessLevelSafe,FALSE +package#IoT,domain#CAS-SafeIoTController-Sensor,domain#Sensor,domain#SafeIoTController,TRUE,domain#TrustworthinessLevelSafe,FALSE package#IoT,domain#CAS-SafetyTraining-Adult,domain#Adult,domain#SafetyTraining,TRUE,domain#TrustworthinessLevelSafe,TRUE package#IoT,domain#CAS-SafetyTraining-Child,domain#Child,domain#SafetyTraining,FALSE,domain#TrustworthinessLevelSafe,TRUE package#IoT,domain#CAS-SafetyTraining-Human,domain#Human,domain#SafetyTraining,TRUE,domain#TrustworthinessLevelSafe,TRUE @@ -813,7 +815,7 @@ package#IoT,domain#CAS-SharedKeyVerifier-Controller,domain#Controller,domain#Sha package#IoT,domain#CAS-SharedKeyVerifier-Sensor,domain#Sensor,domain#SharedKeyVerifier,TRUE,domain#TrustworthinessLevelSafe,TRUE package#IoT,domain#CAS-SIM-Controller,domain#Controller,domain#SIM,TRUE,domain#TrustworthinessLevelSafe,TRUE package#IoT,domain#CAS-SIM-Sensor,domain#Sensor,domain#SIM,FALSE,domain#TrustworthinessLevelSafe,TRUE -package#IoT,domain#CAS-SoftwareCertification-ControlProcess,domain#ControlProcess,domain#SoftwareCertification,FALSE,domain#TrustworthinessLevelSafe,TRUE +package#IoT,domain#CAS-SoftwareCertification-ControlProcess,domain#ControlProcess,domain#SoftwareCertification,TRUE,domain#TrustworthinessLevelSafe,TRUE package#IoT,domain#CAS-SoftwareCertification-SensorProcess,domain#SensorProcess,domain#SoftwareCertification,TRUE,domain#TrustworthinessLevelSafe,TRUE package#IoT,domain#CAS-SoftwarePatched-Controller,domain#Controller,domain#SoftwarePatched,TRUE,domain#TrustworthinessLevelSafe,TRUE package#IoT,domain#CAS-SoftwarePatched-ControlProcess,domain#ControlProcess,domain#SoftwarePatched,TRUE,domain#TrustworthinessLevelSafe,TRUE @@ -825,6 +827,7 @@ package#IoT,domain#CAS-SoftwareTesting-Controller,domain#Controller,domain#Softw package#IoT,domain#CAS-SoftwareTesting-ControlProcess,domain#ControlProcess,domain#SoftwareTesting,TRUE,domain#TrustworthinessLevelSafe,TRUE package#IoT,domain#CAS-SoftwareTesting-Sensor,domain#Sensor,domain#SoftwareTesting,TRUE,domain#TrustworthinessLevelSafe,TRUE package#IoT,domain#CAS-SoftwareTesting-SensorProcess,domain#SensorProcess,domain#SoftwareTesting,TRUE,domain#TrustworthinessLevelSafe,TRUE +package#IoT,domain#CAS-StaticData-ControlData,domain#ControlData,domain#StaticData,TRUE,domain#TrustworthinessLevelSafe,FALSE package#IoT,domain#CAS-SuspendInfectedHost-Controller,domain#Controller,domain#SuspendInfectedHost,TRUE,domain#TrustworthinessLevelSafe,TRUE package#IoT,domain#CAS-SuspendInfectedHost-Sensor,domain#Sensor,domain#SuspendInfectedHost,TRUE,domain#TrustworthinessLevelSafe,TRUE package#IoT,domain#CAS-SuspendInfectedProcess-ControlProcess,domain#ControlProcess,domain#SuspendInfectedProcess,FALSE,domain#TrustworthinessLevelSafe,TRUE @@ -834,12 +837,12 @@ package#IoT,domain#CAS-SuspendVulnerableHost-Controller,domain#Controller,domain package#IoT,domain#CAS-SuspendVulnerableHost-Sensor,domain#Sensor,domain#SuspendVulnerableHost,TRUE,domain#TrustworthinessLevelSafe,TRUE package#IoT,domain#CAS-SuspendVulnerableService-ControlProcess,domain#ControlProcess,domain#SuspendVulnerableService,FALSE,domain#TrustworthinessLevelSafe,TRUE package#IoT,domain#CAS-SuspendVulnerableService-SensorProcess,domain#SensorProcess,domain#SuspendVulnerableService,FALSE,domain#TrustworthinessLevelSafe,TRUE -package#IoT,domain#CAS-TLS-ControlProcess,domain#ControlProcess,domain#TLS,FALSE,domain#TrustworthinessLevelSafe,TRUE +package#IoT,domain#CAS-TLS-ControlProcess,domain#ControlProcess,domain#TLS,TRUE,domain#TrustworthinessLevelSafe,TRUE package#IoT,domain#CAS-TLS-SensorProcess,domain#SensorProcess,domain#TLS,TRUE,domain#TrustworthinessLevelSafe,TRUE package#IoT,domain#CAS-Unmanaged-Controller,domain#Controller,domain#Unmanaged,TRUE,domain#TrustworthinessLevelSafe,TRUE package#IoT,domain#CAS-Unmanaged-Sensor,domain#Sensor,domain#Unmanaged,TRUE,domain#TrustworthinessLevelSafe,TRUE package#IoT,domain#CAS-X509ClientVerifier-Controller,domain#Controller,domain#X509ClientVerifier,FALSE,domain#TrustworthinessLevelSafe,TRUE -package#IoT,domain#CAS-X509ClientVerifier-ControlProcess,domain#ControlProcess,domain#X509ClientVerifier,FALSE,domain#TrustworthinessLevelSafe,TRUE +package#IoT,domain#CAS-X509ClientVerifier-ControlProcess,domain#ControlProcess,domain#X509ClientVerifier,TRUE,domain#TrustworthinessLevelSafe,TRUE package#IoT,domain#CAS-X509ClientVerifier-Sensor,domain#Sensor,domain#X509ClientVerifier,FALSE,domain#TrustworthinessLevelSafe,TRUE package#IoT,domain#CAS-X509ClientVerifier-SensorProcess,domain#SensorProcess,domain#X509ClientVerifier,TRUE,domain#TrustworthinessLevelSafe,TRUE package#IoT,domain#CAS-X509-Controller,domain#Controller,domain#X509,FALSE,domain#TrustworthinessLevelSafe,TRUE @@ -847,7 +850,7 @@ package#IoT,domain#CAS-X509-ControlProcess,domain#ControlProcess,domain#X509,TRU package#IoT,domain#CAS-X509-Sensor,domain#Sensor,domain#X509,FALSE,domain#TrustworthinessLevelSafe,TRUE package#IoT,domain#CAS-X509-SensorProcess,domain#SensorProcess,domain#X509,TRUE,domain#TrustworthinessLevelSafe,TRUE package#IoT,domain#CAS-X509ServiceVerifier-Controller,domain#Controller,domain#X509ServiceVerifier,FALSE,domain#TrustworthinessLevelSafe,TRUE -package#IoT,domain#CAS-X509ServiceVerifier-ControlProcess,domain#ControlProcess,domain#X509ServiceVerifier,FALSE,domain#TrustworthinessLevelSafe,TRUE +package#IoT,domain#CAS-X509ServiceVerifier-ControlProcess,domain#ControlProcess,domain#X509ServiceVerifier,TRUE,domain#TrustworthinessLevelSafe,TRUE package#IoT,domain#CAS-X509ServiceVerifier-Sensor,domain#Sensor,domain#X509ServiceVerifier,FALSE,domain#TrustworthinessLevelSafe,TRUE package#IoT,domain#CAS-X509ServiceVerifier-SensorProcess,domain#SensorProcess,domain#X509ServiceVerifier,TRUE,domain#TrustworthinessLevelSafe,TRUE package#IoT,domain#CAS-XSSSanitisation-ControlProcess,domain#ControlProcess,domain#XSSSanitisation,FALSE,domain#TrustworthinessLevelSafe,TRUE @@ -1593,6 +1596,7 @@ package#Privacy,domain#CAS-AccessPolicy-HealthData,domain#HealthData,domain#Acce package#Privacy,domain#CAS-AntiMalware-HealthSensor,domain#HealthSensor,domain#AntiMalware,FALSE,domain#TrustworthinessLevelSafe,TRUE package#Privacy,domain#CAS-BiometricIDVerifier-HealthSensor,domain#HealthSensor,domain#BiometricIDVerifier,FALSE,domain#TrustworthinessLevelSafe,TRUE package#Privacy,domain#CAS-BreakTheGlass-BiometricData,domain#BiometricData,domain#BreakTheGlass,TRUE,domain#TrustworthinessLevelSafe,TRUE +package#Privacy,domain#CAS-BreakTheGlass-ControlData,domain#ControlData,domain#BreakTheGlass,TRUE,domain#TrustworthinessLevelSafe,FALSE package#Privacy,domain#CAS-BreakTheGlass-Data,domain#Data,domain#BreakTheGlass,TRUE,domain#TrustworthinessLevelSafe,TRUE package#Privacy,domain#CAS-BreakTheGlass-GeneticData,domain#GeneticData,domain#BreakTheGlass,TRUE,domain#TrustworthinessLevelSafe,TRUE package#Privacy,domain#CAS-BreakTheGlass-HealthData,domain#HealthData,domain#BreakTheGlass,TRUE,domain#TrustworthinessLevelSafe,TRUE @@ -1625,6 +1629,7 @@ package#Privacy,domain#CAS-ConsentInterface-Adult,domain#Adult,domain#ConsentInt package#Privacy,domain#CAS-ConsentInterface-Child,domain#Child,domain#ConsentInterface,TRUE,domain#TrustworthinessLevelSafe,TRUE package#Privacy,domain#CAS-ConsentInterface-Human,domain#Human,domain#ConsentInterface,TRUE,domain#TrustworthinessLevelSafe,TRUE package#Privacy,domain#CAS-ConsentManagement-BiometricData,domain#BiometricData,domain#ConsentManagement,TRUE,domain#TrustworthinessLevelSafe,TRUE +package#Privacy,domain#CAS-ConsentManagement-ControlData,domain#ControlData,domain#ConsentManagement,TRUE,domain#TrustworthinessLevelSafe,FALSE package#Privacy,domain#CAS-ConsentManagement-Data,domain#Data,domain#ConsentManagement,TRUE,domain#TrustworthinessLevelSafe,TRUE package#Privacy,domain#CAS-ConsentManagement-GeneticData,domain#GeneticData,domain#ConsentManagement,TRUE,domain#TrustworthinessLevelSafe,TRUE package#Privacy,domain#CAS-ConsentManagement-HealthData,domain#HealthData,domain#ConsentManagement,TRUE,domain#TrustworthinessLevelSafe,TRUE @@ -1638,6 +1643,7 @@ package#Privacy,domain#CAS-FormalVerification-HealthSensor,domain#HealthSensor,d package#Privacy,domain#CAS-HostEncryption-HealthSensor,domain#HealthSensor,domain#HostEncryption,TRUE,domain#TrustworthinessLevelSafe,TRUE package#Privacy,domain#CAS-HostMonitoring-HealthSensor,domain#HealthSensor,domain#HostMonitoring,FALSE,domain#TrustworthinessLevelSafe,TRUE package#Privacy,domain#CAS-ImpersonalData-BiometricData,domain#BiometricData,domain#ImpersonalData,TRUE,domain#TrustworthinessLevelSafe,TRUE +package#Privacy,domain#CAS-ImpersonalData-ControlData,domain#ControlData,domain#ImpersonalData,TRUE,domain#TrustworthinessLevelSafe,FALSE package#Privacy,domain#CAS-ImpersonalData-Controller,domain#Controller,domain#ImpersonalData,TRUE,domain#TrustworthinessLevelSafe,TRUE package#Privacy,domain#CAS-ImpersonalData-Data,domain#Data,domain#ImpersonalData,TRUE,domain#TrustworthinessLevelSafe,TRUE package#Privacy,domain#CAS-ImpersonalData-GeneticData,domain#GeneticData,domain#ImpersonalData,TRUE,domain#TrustworthinessLevelSafe,TRUE @@ -1655,6 +1661,7 @@ package#Privacy,domain#CAS-PenetrationTesting-HealthSensor,domain#HealthSensor,d package#Privacy,domain#CAS-PersonalDevice-HealthSensor,domain#HealthSensor,domain#PersonalDevice,TRUE,domain#TrustworthinessLevelSafe,TRUE package#Privacy,domain#CAS-PhysicalChecks-HealthSensor,domain#HealthSensor,domain#PhysicalChecks,TRUE,domain#TrustworthinessLevelSafe,TRUE package#Privacy,domain#CAS-PhysicalDeviceProtection-HealthSensor,domain#HealthSensor,domain#PhysicalDeviceProtection,TRUE,domain#TrustworthinessLevelSafe,TRUE +package#Privacy,domain#CAS-SafeIoTController-HealthSensor,domain#HealthSensor,domain#SafeIoTController,TRUE,domain#TrustworthinessLevelSafe,FALSE package#Privacy,domain#CAS-SecureBIOS-HealthSensor,domain#HealthSensor,domain#SecureBIOS,FALSE,domain#TrustworthinessLevelSafe,TRUE package#Privacy,domain#CAS-SecureConfig-HealthSensor,domain#HealthSensor,domain#SecureConfig,TRUE,domain#TrustworthinessLevelSafe,TRUE package#Privacy,domain#CAS-SecureEnclave-HealthSensor,domain#HealthSensor,domain#SecureEnclave,FALSE,domain#TrustworthinessLevelSafe,TRUE @@ -1674,7 +1681,7 @@ package#Privacy,domain#CAS-VitalInterests-ApplicationProcess,domain#ApplicationP package#Privacy,domain#CAS-VitalInterests-AuthClient,domain#AuthClient,domain#VitalInterests,TRUE,domain#TrustworthinessLevelSafe,TRUE package#Privacy,domain#CAS-VitalInterests-AuthService,domain#AuthService,domain#VitalInterests,TRUE,domain#TrustworthinessLevelSafe,TRUE package#Privacy,domain#CAS-VitalInterests-CmdLineProcess,domain#CmdLineProcess,domain#VitalInterests,TRUE,domain#TrustworthinessLevelSafe,TRUE -package#Privacy,domain#CAS-VitalInterests-ControlProcess,domain#ControlProcess,domain#VitalInterests,FALSE,domain#TrustworthinessLevelSafe,TRUE +package#Privacy,domain#CAS-VitalInterests-ControlProcess,domain#ControlProcess,domain#VitalInterests,TRUE,domain#TrustworthinessLevelSafe,TRUE package#Privacy,domain#CAS-VitalInterests-DataService,domain#DataService,domain#VitalInterests,TRUE,domain#TrustworthinessLevelSafe,TRUE package#Privacy,domain#CAS-VitalInterests-DB,domain#DB,domain#VitalInterests,TRUE,domain#TrustworthinessLevelSafe,TRUE package#Privacy,domain#CAS-VitalInterests-DesktopService,domain#DesktopService,domain#VitalInterests,TRUE,domain#TrustworthinessLevelSafe,TRUE diff --git a/csv/ConstructionPattern.csv b/csv/ConstructionPattern.csv index 49d33fd..0e47004 100644 --- a/csv/ConstructionPattern.csv +++ b/csv/ConstructionPattern.csv @@ -84,17 +84,22 @@ hasPriority,URI,package,label,iterate,maxIterations,usesLoopback,usesParallel,ha 4240,domain#CP-Hum-iHRAS+i,package#CloudManagement,Hum-iHRAS+i,FALSE,0,FALSE,FALSE,domain#MP-Hum-iHRAS,"Finds a human managing but not interacting with a host that is not a Pod and has a root privileged remote access service, and adds a link to say the human interacts with the desktop service." 4250,domain#CP-HuiCHDtS-AC+AC,package#Application,HuiCHDtS-AC+AC,FALSE,0,FALSE,FALSE,domain#MP-HuiCHDtS-AC,"Finds a human managing but not interacting directly with a host that has a desktop service, and interacting with a console host but not with a client of the desktop service. Adds a Remote Desktop client enabling remote access to manage the host." 4251,domain#CP-HuiCHLnS-AC+AC,package#NetworkInference,HuiCHLnS-AC+AC,FALSE,0,FALSE,FALSE,domain#MP-HuiCHLnS-AC,"Finds a human managing but not interacting directly with a host that has a login service, and interacting with a console host but not with a client of the login service. Adds a Remote Terminal client enabling remote access to manage the host." -4310,domain#CP-Se+SPD,package#IoT,Se+SPD,FALSE,0,FALSE,FALSE,domain#MP-Se,Finds each IoT Sensor device and adds an onboard communication process and data. -4311,domain#CP-Co+SPD,package#IoT,Co+SPD,FALSE,0,FALSE,FALSE,domain#MP-Co,Finds each IoT Controller device and adds an onboard communication process and data. -4320,domain#CP-Pa-uCo+Rel,package#IoT,Pa-uCo+Rel,FALSE,0,FALSE,FALSE,domain#MP-Pa-uCo,"Finds a client Process that amends an IoT Controller, and adds relationships between the client and the onboard simple communication Process and Data." -4321,domain#CP-PuCo+Rel,package#IoT,PuCo+Rel,FALSE,0,FALSE,FALSE,domain#MP-PuCo,"Finds a client Process that updates an IoT Controller, and adds relationships between the client and the onboard communication Process and Data." -4330,domain#CP-PpSe+Rel,package#IoT,PpSe+Rel,FALSE,0,FALSE,FALSE,domain#MP-PpSe,"Finds a client Process that polls an IoT Sensor to obtain data, and adds relationships between the client and the onboard simple communication Process and Data." -4331,domain#CP-Pr-uSe+Rel,package#IoT,Pr-uSe+Rel,FALSE,0,FALSE,FALSE,domain#MP-Pr-uSe,"Finds an IoT Sensor sending data to a (not really client) Process, and adds a relationship between the onboard simple IoT communication Process and the client Process." -4332,domain#CP-PuSe+Rel,package#IoT,PuSe+Rel,FALSE,0,FALSE,FALSE,domain#MP-PuSe,"Finds a client Process that reads data from an IoT Sensor, and adds relationships between the client and the onboard simple communication Process and Data." -4340,domain#CP-HuiUCo+aD,package#IoT,HuiUCo+aD,FALSE,0,FALSE,TRUE,domain#MP-HuiUCo,"Finds a Human interacting with a UserController, and inserts interactivity relationships with the onboard data and processing." -4341,domain#CP-HuiUSe+vD,package#IoT,HuiUSe+vD,FALSE,0,FALSE,FALSE,domain#MP-HuiUSe,"Finds a Human interacting with a UserSensor, and inserts interactivity relationships with the onboard data and processing." -4350,domain#CP-HurTh+Rel,package#Privacy,HurTh+Rel,FALSE,0,FALSE,FALSE,domain#MP-HurTh,"Finds each Thing that relates to a Human data subject, and inserts the relationship of the onboard Data to the Human." -4360,domain#CP-HumThP-m+m,package#IoT,HumThP-m+m,FALSE,0,FALSE,FALSE,domain#MP-HumThP-m,"Finds a Human managing a Thing with an unmanaged onboard process, and makes the manager also manage the process." +4310,domain#CP-Co+cD,package#IoT,Co+cD,FALSE,0,FALSE,TRUE,domain#MP-Co,Finds each IoT Controller device and adds the onboard control input data. +4311,domain#CP-Se+cD,package#IoT,Se+cD,FALSE,0,FALSE,TRUE,domain#MP-Se,Finds each IoT Sensor device and adds the onboard control input data. +4312,domain#CP-Se+sD,package#IoT,Se+sD,FALSE,0,FALSE,FALSE,domain#MP-Se,Finds each IoT Sensor device and adds the sensed output data. +4320,domain#CP-SesD+SP,package#IoT,SesD+SP,FALSE,0,FALSE,FALSE,domain#MP-SesD,"Finds each IoT Sensor device and its sensed Data, and adds an onboard communication process that creates the Data." +4321,domain#CP-DcTh+DS,package#IoT,DcTh+DS,FALSE,0,FALSE,FALSE,domain#MP-DcTh,"Finds each IoT Thing device and its control input Data, and adds an onboard communication process that serves the Data." +4330,domain#CP-Pa-uCo+Rel,package#IoT,Pa-uCo+Rel,FALSE,0,FALSE,FALSE,domain#MP-Pa-uCo,"Finds a client Process that amends an IoT Controller, and adds relationships between the client and the onboard communication Process and control input Data." +4331,domain#CP-PuCo+Rel,package#IoT,PuCo+Rel,FALSE,0,FALSE,FALSE,domain#MP-PuCo,"Finds a client Process that updates an IoT Controller, and adds relationships between the client and the onboard communication Process and Data." +4340,domain#CP-PaSe+Rel,package#IoT,PaSe+Rel,FALSE,0,FALSE,FALSE,domain#MP-PaSe,"Finds a client Process that amends control input to an IoT Sensor, along with its onboard simple communication Process and Data, and adds relationships between the client and the onboard simple communication Process and Data." +4341,domain#CP-PrSe+Rel,package#IoT,PrSe+Rel,FALSE,0,FALSE,FALSE,domain#MP-PrSe,"Finds an IoT Sensor sending data to a (not really client) Process, and adds a relationship between the onboard simple IoT communication Process and the client Process." +4342,domain#CP-Pp-uSe+Rel,package#IoT,Pp-uSe+Rel,FALSE,0,FALSE,FALSE,domain#MP-Pp-uSe,"Finds a client Process that polls (but does not read) an IoT Sensor to obtain data, and adds relationships between the client and the onboard simple communication Process and Data." +4343,domain#CP-PuSe+Rel,package#IoT,PuSe+Rel,FALSE,0,FALSE,FALSE,domain#MP-PuSe,"Finds a client Process that reads data from an IoT Sensor, and adds relationships between the client and the onboard simple communication Process and Data." +4350,domain#CP-HuiCo+UI,package#IoT,HuiCo+UI,FALSE,0,FALSE,FALSE,domain#MP-HuiCo,"Finds the control input for an IoT Controller, which is being used interactively by a Human, and adds a user interface process, plus relationships of the Human to this process and to the input." +4351,domain#CP-HuiSe+Rel,package#IoT,HuiSe+Rel,FALSE,0,FALSE,FALSE,domain#MP-HuiSe,"Finds the control input and sensed output for an IoT Sensor, which is being used interactively by a Human, plus the interactive process that creates the output, and adds relationships of the Human to the process and data." +4360,domain#CP-HurSesD+Rel,package#Privacy,HurSesD+Rel,FALSE,0,FALSE,FALSE,domain#MP-HurSesD,"Finds Data produced as output by a Sensor related to a Human, and adds the relationship of the Data to the Human." +4361,domain#CP-HurThcD+Rel,package#Privacy,HurThcD+Rel,FALSE,0,FALSE,FALSE,domain#MP-HurThcD,"Finds control input to an IoT Thing related to a Human, and adds the relationship of the Data to the Human." +4370,domain#CP-HumThP-m+m,package#IoT,HumThP-m+m,FALSE,0,FALSE,FALSE,domain#MP-HumThP-m,"Finds a Human managing a Thing with an unmanaged onboard process, and makes the manager also manage the process." 4410,domain#CP-USBD-S+S,package#LocalDeviceConnectivity,USBD-S+S,FALSE,0,FALSE,FALSE,domain#MP-USBD-S,Finds Data stored on a USB device where there is no local process serving the data or creating it from scratch. 4420,domain#CP-UHDpP-S+S,package#LocalDeviceConnectivity,UHDpP-S+S,FALSE,0,FALSE,FALSE,domain#MP-UHDpP-S,"Finds Data stored on a USB Device paired with a USB Host which is running a process using the Data, where the Data is not also stored on the USB Host, and adds a usage link between the process and the onboard data service on the USB device." 4430,domain#CP-UHDrP-S+S,package#LocalDeviceConnectivity,UHDrP-S+S,FALSE,0,FALSE,FALSE,domain#MP-UHDrP-S,"Finds Data stored on a USB Device paired with a USB Host that does not also store the data, where the data is used by a Process running on a third distinct host, and inserts a simple service on the USB Host." diff --git a/csv/ConstructionPatternLinks.csv b/csv/ConstructionPatternLinks.csv index 6720918..2709fde 100644 --- a/csv/ConstructionPatternLinks.csv +++ b/csv/ConstructionPatternLinks.csv @@ -430,30 +430,35 @@ package#DataLifecycleInference,domain#CP-SDADPPDXRAC-DP+DP,domain#Link-NewDataPa package#DataLifecycleInference,domain#CP-SDADPPDXRAC-DP+DP,domain#Link-NewDataPath-toProc-DB package#DataLifecycleInference,domain#CP-SDUDADS+W,domain#Link-DataUse-canWrite-DataCopy package#DataLifecycleInference,domain#CP-SDUDSDA+R,domain#Link-DataUse-canRead-DataCopy -package#IoT,domain#CP-Co+SPD,domain#Link-Controller-hosts-DataService -package#IoT,domain#CP-Co+SPD,domain#Link-Controller-hosts-SimpleProcess -package#IoT,domain#CP-Co+SPD,domain#Link-Controller-stores-Data -package#IoT,domain#CP-Co+SPD,domain#Link-DataService-serves-Data -package#IoT,domain#CP-Co+SPD,domain#Link-SimpleProcess-receives-Data -package#IoT,domain#CP-Co+SPD,domain#Link-SimpleProcess-uses-DataService -package#IoT,domain#CP-HuiUCo+aD,domain#Link-Human-amendsData-Data -package#IoT,domain#CP-HuiUCo+aD,domain#Link-Human-interactsWith-SimpleProcess -package#IoT,domain#CP-HuiUCo+aD,domain#Link-SimpleProcess-creates-Data -package#IoT,domain#CP-HuiUSe+vD,domain#Link-Human-interactsWith-SimpleProcess -package#IoT,domain#CP-HuiUSe+vD,domain#Link-Human-viewsData-Data +package#IoT,domain#CP-Co+cD,domain#Link-Controller-stores-Data +package#IoT,domain#CP-Co+cD,domain#Link-Data-controlsThing-Controller +package#IoT,domain#CP-DcTh+DS,domain#Link-SimpleProcess-serves-Data +package#IoT,domain#CP-DcTh+DS,domain#Link-Thing-hosts-SimpleProcess +package#IoT,domain#CP-HuiCo+UI,domain#Link-Controller-hosts-Process +package#IoT,domain#CP-HuiCo+UI,domain#Link-Human-interactsWith-Process +package#IoT,domain#CP-HuiCo+UI,domain#Link-Process-creates-Data +package#IoT,domain#CP-HuiSe+Rel,domain#Link-Human-amendsData-Input +package#IoT,domain#CP-HuiSe+Rel,domain#Link-Human-interactsWith-Process +package#IoT,domain#CP-HuiSe+Rel,domain#Link-Human-viewsData-Output +package#IoT,domain#CP-HuiSe+Rel,domain#Link-Process-creates-Input package#IoT,domain#CP-HumThP-m+m,domain#Link-Human-manages-Process +package#IoT,domain#CP-PaSe+Rel,domain#Link-Client-amends-Data +package#IoT,domain#CP-PaSe+Rel,domain#Link-Client-uses-SimpleProcess package#IoT,domain#CP-Pa-uCo+Rel,domain#Link-Client-amends-Data package#IoT,domain#CP-Pa-uCo+Rel,domain#Link-Client-uses-Process -package#IoT,domain#CP-PpSe+Rel,domain#Link-Client-receives-Data -package#IoT,domain#CP-PpSe+Rel,domain#Link-Client-uses-SimpleProcess -package#IoT,domain#CP-Pr-uSe+Rel,domain#Link-Client-receives-Data -package#IoT,domain#CP-Pr-uSe+Rel,domain#Link-SimpleProcess-uses-Client +package#IoT,domain#CP-Pp-uSe+Rel,domain#Link-Client-receives-Data +package#IoT,domain#CP-Pp-uSe+Rel,domain#Link-Client-uses-SimpleProcess +package#IoT,domain#CP-PrSe+Rel,domain#Link-Client-receives-Data +package#IoT,domain#CP-PrSe+Rel,domain#Link-SimpleProcess-uses-Client package#IoT,domain#CP-PuCo+Rel,domain#Link-Client-updates-Data package#IoT,domain#CP-PuCo+Rel,domain#Link-Client-uses-Process package#IoT,domain#CP-PuSe+Rel,domain#Link-Client-reads-Data package#IoT,domain#CP-PuSe+Rel,domain#Link-Client-uses-SimpleProcess -package#IoT,domain#CP-Se+SPD,domain#Link-Sensor-hosts-SimpleProcess -package#IoT,domain#CP-Se+SPD,domain#Link-SimpleProcess-creates-Data +package#IoT,domain#CP-Se+cD,domain#Link-Data-controlsThing-Sensor +package#IoT,domain#CP-Se+cD,domain#Link-Sensor-stores-Data +package#IoT,domain#CP-Se+sD,domain#Link-Sensor-senses-Data +package#IoT,domain#CP-SesD+SP,domain#Link-Sensor-hosts-SimpleProcess +package#IoT,domain#CP-SesD+SP,domain#Link-SimpleProcess-creates-Data package#IoT,domain#CP-SHuTh-Hu+m,domain#Link-Human-manages-Thing package#Legal,domain#CP-JuHP+s,domain#Link-Process-subjectTo-Jurisdiction package#Legal,domain#CP-JuPHS+s,domain#Link-Host-subjectTo-Jurisdiction @@ -667,7 +672,8 @@ package#Privacy,domain#CP-DHuDC+r,domain#Link-DataCopy-relatesTo-Human package#Privacy,domain#CP-DHuDF+r,domain#Link-DataFlow-relatesTo-Human package#Privacy,domain#CP-HuiThaS-S+r,domain#Link-Thing-relatesTo-Human package#Privacy,domain#CP-HurH-StSt+o,domain#Link-Human-operates-Host -package#Privacy,domain#CP-HurTh+Rel,domain#Link-Data-relatesTo-Human +package#Privacy,domain#CP-HurSesD+Rel,domain#Link-Data-relatesTo-Human +package#Privacy,domain#CP-HurThcD+Rel,domain#Link-Data-relatesTo-Human package#Privacy,domain#CP-HurTh-S-m+m,domain#Link-Human-manages-Thing package#Privacy,domain#CP-HuwStrH-St+o,domain#Link-Employer-operates-Host package#ProcessCommsInference,domain#CP-APxSCtI+tI,domain#Link-ServiceAttackPath-toInterface-Interface diff --git a/csv/Control.csv b/csv/Control.csv index 9ec866c..60ab636 100644 --- a/csv/Control.csv +++ b/csv/Control.csv @@ -24,7 +24,7 @@ package#GDPR,domain#GDPRPrivacyShield,GDPRPrivacyShield,TRUE,The organisation is package#GDPR,domain#SubjectToGDPR,SubjectToGDPR,TRUE,"The jurisdiction is subject to the GDPR. That is to say, it is an EU member, EEA member, or other state (e.g. a Dependency), such that the GDPR applies to any personal data relating to its citizens and residents.",domain#CostVeryLow,domain#PerformanceImpactVeryLow package#IoT,domain#SafeControlMode,SafeControlMode,TRUE,This control applied at an IoT Controller signifies that the Controller is (temporarily) operating in a way that is safe without receiving real time control inputs.,domain#CostVeryLow,domain#PerformanceImpactVeryLow package#IoT,domain#SafeControlSetting,SafeControlSetting,TRUE,This control applied at an IoT Controller signifies that the Controller is capable of operating in a way that is safe without receiving real time control inputs.,domain#CostVeryLow,domain#PerformanceImpactVeryLow -package#IoT,domain#SafeIoTController,SafeIoTController,TRUE,This control applied at an IoT Controller signifies that real-time updating of control inputs is not necessary for safe operation.,domain#CostVeryLow,domain#PerformanceImpactVeryLow +package#IoT,domain#SafeIoTController,SafeIoTController,TRUE,This control applied at an IoT Thing signifies that real-time updating of control inputs is not necessary for operation of the Thing.,domain#CostVeryLow,domain#PerformanceImpactVeryLow package#IoT,domain#SafetyTraining,SafetyTraining,TRUE,This control indicates that a Human has been given safety training so they are able to manage risks in the physical world by preventing physical consequences of problems in the IT domain.,domain#CostMedium,domain#PerformanceImpactVeryLow package#IoT,domain#SuspendUnreliableController,SuspendUnreliableController,TRUE,The controller may be temporarily taken out of service to prevent unreliable behaviour that may threaten safety in the physical environment where it operates.,domain#CostVeryLow,domain#PerformanceImpactVeryLow package#Legal,domain#LegalCompetenceCheck,LegalCompetenceCheck,TRUE,"The human may or may not be a legally competent adult, so a check is needed to determine this.",domain#CostVeryLow,domain#PerformanceImpactVeryLow diff --git a/csv/ControlLocations.csv b/csv/ControlLocations.csv index e940c60..216c071 100644 --- a/csv/ControlLocations.csv +++ b/csv/ControlLocations.csv @@ -26,7 +26,7 @@ package#GDPR,domain#SubjectToGDPR,domain#Human package#GDPR,domain#SubjectToGDPR,domain#Jurisdiction package#IoT,domain#SafeControlMode,domain#Controller package#IoT,domain#SafeControlSetting,domain#Controller -package#IoT,domain#SafeIoTController,domain#Controller +package#IoT,domain#SafeIoTController,domain#Thing package#IoT,domain#SafetyTraining,domain#Human package#IoT,domain#SuspendUnreliableController,domain#Controller package#Legal,domain#LegalCompetenceCheck,domain#Human diff --git a/csv/ControlStrategy.csv b/csv/ControlStrategy.csv index 0e7c78e..b267d4f 100644 --- a/csv/ControlStrategy.csv +++ b/csv/ControlStrategy.csv @@ -57,7 +57,8 @@ package#GDPR,domain#CSG-GDPRDataFlowGovernance,GDPRDataFlowGovernance,The flow o package#GDPR,domain#CSG-GDPRPrivacyShieldAtOrganisation,GDPRPrivacyShieldAtOrganisation,"Organisation _Operator_ has Privacy Shield status under the GDPR, i.e. they are committed to respect and uphold the GDPR when handling personal data from EU citizens and residents, even though they are based outside the EU.",domain#TrustworthinessLevelSafe,TRUE,TRUE package#GDPR,domain#CSG-GDPRSuspendDataFlow,GDPRSuspendDataFlow,"The flow of data _Data_ from _FlowsFrom_ to _Process_ can be temporarily disabled by the manager _Human1_ of _FlowsFrom_ to prevent a breach of GDPR regulations by its transmission to _Process_. This strategy represents a contingency plan, which can be used to prevent such a breach, but it may also trigger other threats representing possible side effects.",domain#TrustworthinessLevelSafe,FALSE,TRUE package#GDPR,domain#CSG-GDPRSuspendDataFlow-Implementation-Runtime,GDPRSuspendDataFlow.Implementation,"The flow of data _Data_ from _FlowsFrom_ to _Process_ has been disabled by _Human1_ to prevent a breach of the GDPR. This strategy represents activation of a contingency plan at runtime, and can be selected to discover what effect this would have on risk levels, allowing this to be used for decision support calculations. To activate it at runtime, signal user _Human1_ who is responsible for managing the service _FlowsFrom_.",domain#TrustworthinessLevelSafe,TRUE,TRUE -package#IoT,domain#CSG-SafeIoTController,SafeIoTController,"The IoT controller device _Controller_ is regulating a physical system where it is not necessary to get real-time updates to control input data, due to the nature of the IoT application. This control strategy does not represent a contingency plan to constrain _Controller_ at run-time. It should be used to signal when the IoT application is not sensitive to temporary interruption in the flow of control inputs.",domain#TrustworthinessLevelSafe,TRUE,TRUE +package#IoT,domain#CSG-NonRealtimeSensor,NonRealtimeSensor,"The IoT device _Sensor_ implements a process for measurement of a physical system where it is not necessary to get real-time updates to control input data, due to the nature of the application. This control strategy does not represent a contingency plan but indicates that the application is not sensitive to interruptions in control inputs.",domain#TrustworthinessLevelSafe,TRUE,TRUE +package#IoT,domain#CSG-SafeIoTController,SafeIoTController,"The IoT controller device _Controller_ is regulating a physical system where it is not necessary to get real-time updates to control input data, due to the nature of the IoT application. This control strategy does not represent a contingency plan to constrain _Controller_ at run-time, but should be used to signal that the IoT application is not sensitive to temporary interruption in the flow of control inputs.",domain#TrustworthinessLevelSafe,TRUE,TRUE package#IoT,domain#CSG-SafeIoTControlMode,SafeIoTControlMode,"The IoT controller device _Controller_ can be set to operate within safety limits such that it poses no danger to the physical system it regulates, even without real-time control inputs. This strategy represents a contingency plan, which can be used to reduce risk from some threats. However, it may trigger other threats, or produce some loss of efficiency or function in the physical system.",domain#TrustworthinessLevelSafe,FALSE,TRUE package#IoT,domain#CSG-SafeIoTControlMode-Implementation-Runtime,SafeIoTControlMode.Implementation,"The IoT controller device _Controller_ has been set to operate within safety limits in response to an interruption in real-time control inputs, such that it poses no danger to the physical system it regulates. This strategy represents activation of a contingency plan at runtime, and can be selected to discover what effect this would have on risk levels, allowing this to be used for decision support calculations. To activate it at runtime, signal user _HostManager_ who is responsible for managing the device. The Safe IoT Controller control shoud be deselected only when the restrictions on _Controller_ have been lifted.",domain#TrustworthinessLevelSafe,TRUE,TRUE package#IoT,domain#CSG-SuspendUnreliableController,SuspendUnreliableController,"The IoT controller device _Controller_ can be disabled if it becomes unreliable, to prevent it causing problems in the physical environment where it operates. This strategy represents a contingency plan, which can be used to reduce risk from some threats. However, it will trigger threats representing the resulting loss of availability.",domain#TrustworthinessLevelSafe,FALSE,TRUE diff --git a/csv/ControlStrategyBlocks.csv b/csv/ControlStrategyBlocks.csv index c0b44b3..afb7f2d 100644 --- a/csv/ControlStrategyBlocks.csv +++ b/csv/ControlStrategyBlocks.csv @@ -222,11 +222,12 @@ package#GDPR,domain#CSG-GDPRSuspendDataFlow,domain#D.GDPR.DFHuoO.1 package#GDPR,domain#CSG-GDPRSuspendDataFlow,domain#D.GDPR.NDFHuoO.1 package#GDPR,domain#CSG-GDPRSuspendDataFlow-Implementation-Runtime,domain#D.GDPR.DFHuoO.1 package#GDPR,domain#CSG-GDPRSuspendDataFlow-Implementation-Runtime,domain#D.GDPR.NDFHuoO.1 -package#IoT,domain#CSG-SafeIoTController,domain#Co.U.CoPD.0.2 -package#IoT,domain#CSG-SafeIoTControlMode,domain#Co.U.CoPD.0.2 -package#IoT,domain#CSG-SafeIoTControlMode-Implementation-Runtime,domain#Co.U.CoPD.0.2 -package#IoT,domain#CSG-SuspendUnreliableController,domain#Co.U.CoPD.0.1 -package#IoT,domain#CSG-SuspendUnreliableController-Implementation-Runtime,domain#Co.U.CoPD.0.1 +package#IoT,domain#CSG-NonRealtimeSensor,domain#DF.I.DScSePDmFF.0.2 +package#IoT,domain#CSG-SafeIoTController,domain#Co.U.CoPDS.0.2 +package#IoT,domain#CSG-SafeIoTControlMode,domain#Co.U.CoPDS.0.2 +package#IoT,domain#CSG-SafeIoTControlMode-Implementation-Runtime,domain#Co.U.CoPDS.0.2 +package#IoT,domain#CSG-SuspendUnreliableController,domain#Co.U.CoPDS.0.1 +package#IoT,domain#CSG-SuspendUnreliableController-Implementation-Runtime,domain#Co.U.CoPDS.0.1 package#LocalDeviceConnectivity,domain#CSG-AntiMalwareAtHost,domain#H.W.HL1H.3 package#LocalDeviceConnectivity,domain#CSG-DisableMeshRouting,domain#Sg.TA.L1SSg2.8 package#LocalDeviceConnectivity,domain#CSG-DisableTethering,domain#Sg.TA.LTethSg2.8 diff --git a/csv/ControlStrategyControls.csv b/csv/ControlStrategyControls.csv index 2303d64..30475fd 100644 --- a/csv/ControlStrategyControls.csv +++ b/csv/ControlStrategyControls.csv @@ -121,6 +121,7 @@ package#GDPR,domain#CSG-GDPRSuspendDataFlow,domain#CS-SuspendOutboundFlow-DataFl package#GDPR,domain#CSG-GDPRSuspendDataFlow-Implementation-Runtime,domain#CS-DisabledDataFlow-DataFlow,FALSE package#GDPR,domain#CSG-GDPRSuspendDataFlow-Implementation-Runtime,domain#CS-GDPRComplianceTraining-Human1,FALSE package#GDPR,domain#CSG-GDPRSuspendDataFlow-Implementation-Runtime,domain#CS-SuspendOutboundFlow-DataFlow,FALSE +package#IoT,domain#CSG-NonRealtimeSensor,domain#CS-SafeIoTController-Sensor,FALSE package#IoT,domain#CSG-SafeIoTController,domain#CS-SafeIoTController-Controller,FALSE package#IoT,domain#CSG-SafeIoTControlMode,domain#CS-SafeControlSetting-Controller,FALSE package#IoT,domain#CSG-SafeIoTControlMode,domain#CS-SafetyTraining-HostManager,FALSE diff --git a/csv/ControlStrategyTriggers.csv b/csv/ControlStrategyTriggers.csv index 80fbf0e..6c36117 100644 --- a/csv/ControlStrategyTriggers.csv +++ b/csv/ControlStrategyTriggers.csv @@ -63,7 +63,7 @@ package#GDPR,domain#CSG-GDPRAtSubject,domain#P.GDPR.HuDoPS-o.6 package#GDPR,domain#CSG-GDPRAtSubject,domain#P.GDPR.HuDPoJoSt.1 package#GDPR,domain#CSG-GDPRAtSubject,domain#P.GDPR.HuDPoS-i.6 package#GDPR,domain#CSG-GDPRAtSubject,domain#P.GDPR.HuDPS-io.6 -package#IoT,domain#CSG-SuspendUnreliableController-Trigger,domain#Co.A.CoPD.6 +package#IoT,domain#CSG-SuspendUnreliableController-Trigger,domain#Co.A.CoPDS.6 package#LocalDeviceConnectivity,domain#CSG-DisableMeshRouting,domain#Sg.A.L1SSg2.6.1 package#LocalDeviceConnectivity,domain#CSG-DisableMeshRouting,domain#Sg.DA.L1SSg2AC.1 package#LocalDeviceConnectivity,domain#CSG-DisableTethering,domain#Sg.A.LTethSg2.6.1 diff --git a/csv/DomainAsset.csv b/csv/DomainAsset.csv index cd9e2c3..54bf636 100644 --- a/csv/DomainAsset.csv +++ b/csv/DomainAsset.csv @@ -62,6 +62,7 @@ package#DataLifecycleInference,domain#DataPath,DataPath,FALSE,TRUE,FALSE,Used fo package#GDPR,domain#GDPRArt94Data,GDPRArt94Data,FALSE,FALSE,FALSE,A parent class for certain types of data indicating the data is subject to national as well as European regulation under GDPR Article 9.4.,,FALSE package#GDPR,domain#GDPRArt9Data,GDPRArt9Data,FALSE,FALSE,FALSE,A parent class for certain types of data indicating the data is subject to additional data protection measures under the EU Regulation GDPR Article 9.,,FALSE package#GDPR,domain#SpecialCategoryData,SpecialCategoryData,TRUE,FALSE,TRUE,"Data revealing racial or ethnic origin, political opinions, religious or philosophical beliefs, or trade union membership, or data concerning a natural person's sex life or sexual orientation. These categories of data are subject to GDPR Art 9, along with biometric, genetic and health data all of which are presented using separate specialised classes.",sensitivedata.svg,FALSE +package#IoT,domain#ControlData,ControlData,FALSE,TRUE,TRUE,Data used to control the physical actuator hardware in an IoT device.,,FALSE package#IoT,domain#Controller,Controller,TRUE,FALSE,TRUE,"A Thing that is able to affect aspects of the physical environment in ways defined by data sent to it. A Controller has no console allowing login, but it may have an interface allowing some interaction with a human user.",actuator.svg,FALSE package#IoT,domain#ControlProcess,ControlProcess,FALSE,TRUE,FALSE,A simple process that runs on a controller and handles conversion of input data into control signals for robotic or other interaction with the real (physical) world.,,FALSE package#IoT,domain#IoTProcess,IoTProcess,FALSE,FALSE,FALSE,Base class for inferred onboard sensor acquisition and control processes running on an IoT Thing.,,FALSE diff --git a/csv/DomainAssetParents.csv b/csv/DomainAssetParents.csv index e216018..66d41a2 100644 --- a/csv/DomainAssetParents.csv +++ b/csv/DomainAssetParents.csv @@ -112,6 +112,7 @@ package#GDPR,domain#GeneticData,domain#GDPRArt94Data package#GDPR,domain#HealthData,domain#GDPRArt94Data package#GDPR,domain#SpecialCategoryData,domain#GDPRArt9Data package#GDPR,domain#SpecialCategoryData,domain#SensitiveData +package#IoT,domain#ControlData,domain#Data package#IoT,domain#Controller,domain#HostPalette package#IoT,domain#Controller,domain#Thing package#IoT,domain#ControlProcess,domain#IoTProcess diff --git a/csv/InferredNodeSetting.csv b/csv/InferredNodeSetting.csv index e98113c..abcbb13 100644 --- a/csv/InferredNodeSetting.csv +++ b/csv/InferredNodeSetting.csv @@ -76,11 +76,12 @@ package#DataLifecycleInference,domain#CP-SDADPPDXP-DP+DP,domain#Node-NewDataPath package#DataLifecycleInference,domain#CP-SDADPPDXP-Hu-DP+DP,domain#Node-NewDataPath-DataPath,domain#INS-SDADPPDXP-Hu-DP+DP-NewDataPath,TRUE,FALSE,domain#Node-Service-Process package#DataLifecycleInference,domain#CP-SDADPPDXPRAC-DP+DP,domain#Node-NewDataPath-DataPath,domain#INS-SDADPPDXPRAC-DP+DP-NewDataPath,TRUE,FALSE,domain#Node-Service-Process package#DataLifecycleInference,domain#CP-SDADPPDXRAC-DP+DP,domain#Node-NewDataPath-DataPath,domain#INS-SDADPPDXRAC-DP+DP-NewDataPath,TRUE,FALSE,domain#Node-Service-Process -package#IoT,domain#CP-Co+SPD,domain#Node-Data-Data,domain#INS-Co+SPD-Data,TRUE,FALSE,domain#Node-Controller-Controller -package#IoT,domain#CP-Co+SPD,domain#Node-DataService-DataService,domain#INS-Co+SPD-DataService,TRUE,FALSE,domain#Node-Controller-Controller -package#IoT,domain#CP-Co+SPD,domain#Node-SimpleProcess-ControlProcess,domain#INS-Co+SPD-SimpleProcess,TRUE,FALSE,domain#Node-Controller-Controller -package#IoT,domain#CP-Se+SPD,domain#Node-Data-Data,domain#INS-Se+SPD-Data,TRUE,FALSE,domain#Node-Sensor-Sensor -package#IoT,domain#CP-Se+SPD,domain#Node-SimpleProcess-SensorProcess,domain#INS-Se+SPD-SimpleProcess,TRUE,FALSE,domain#Node-Sensor-Sensor +package#IoT,domain#CP-Co+cD,domain#Node-Data-Data,domain#INS-Co+cD-Data,TRUE,FALSE,domain#Node-Controller-Controller +package#IoT,domain#CP-DcTh+DS,domain#Node-SimpleProcess-DataService,domain#INS-DcTh+DS-SimpleProcess,TRUE,FALSE,domain#Node-Thing-Thing +package#IoT,domain#CP-HuiCo+UI,domain#Node-Process-ControlProcess,domain#INS-HuiCo+UI-Process,TRUE,FALSE,domain#Node-Controller-Controller +package#IoT,domain#CP-Se+cD,domain#Node-Data-ControlData,domain#INS-Se+cD-Data,TRUE,FALSE,domain#Node-Sensor-Sensor +package#IoT,domain#CP-Se+sD,domain#Node-Data-Data,domain#INS-Se+sD-Data,TRUE,FALSE,domain#Node-Sensor-Sensor +package#IoT,domain#CP-SesD+SP,domain#Node-SimpleProcess-SensorProcess,domain#INS-SesD+SP-SimpleProcess,TRUE,FALSE,domain#Node-Sensor-Sensor package#LocalDeviceConnectivity,domain#CP-BPcGcBP+OSg,domain#Node-LogicalSegment-MeshRoutingSegment,domain#INS-BPcGcBP+OSg-LogicalSegment,TRUE,FALSE,domain#Node-Gateway-PhysicalHost package#LocalDeviceConnectivity,domain#CP-HpBRH+B,domain#Node-BluetoothPair-BluetoothPair,domain#INS-HpBRH+B-BluetoothPair,FALSE,TRUE,domain#Link-RemoteHost-pairsViaBluetooth-LocalHost package#LocalDeviceConnectivity,domain#CP-HpURH+U,domain#Node-USBPair-USBPair,domain#INS-HpURH+U-USBPair,FALSE,TRUE,domain#Link-RemoteHost-pairsViaUSB-LocalHost diff --git a/csv/InferredNodeSettingIncludes.csv b/csv/InferredNodeSettingIncludes.csv index 7be3c49..d6e2be5 100644 --- a/csv/InferredNodeSettingIncludes.csv +++ b/csv/InferredNodeSettingIncludes.csv @@ -143,11 +143,12 @@ package#DataLifecycleInference,domain#INS-SDADPPDXPRAC-DP+DP-NewDataPath,domain# package#DataLifecycleInference,domain#INS-SDADPPDXPRAC-DP+DP-NewDataPath,domain#Node-Process-Process package#DataLifecycleInference,domain#INS-SDADPPDXRAC-DP+DP-NewDataPath,domain#Node-OldDataPath-DataPath package#DataLifecycleInference,domain#INS-SDADPPDXRAC-DP+DP-NewDataPath,domain#Node-RemoteAccessClient-RemoteAccessClient -package#IoT,domain#INS-Co+SPD-Data,domain#Node-Controller-Controller -package#IoT,domain#INS-Co+SPD-DataService,domain#Node-Controller-Controller -package#IoT,domain#INS-Co+SPD-SimpleProcess,domain#Node-Controller-Controller -package#IoT,domain#INS-Se+SPD-Data,domain#Node-Sensor-Sensor -package#IoT,domain#INS-Se+SPD-SimpleProcess,domain#Node-Sensor-Sensor +package#IoT,domain#INS-Co+cD-Data,domain#Node-Controller-Controller +package#IoT,domain#INS-DcTh+DS-SimpleProcess,domain#Node-Thing-Thing +package#IoT,domain#INS-HuiCo+UI-Process,domain#Node-Controller-Controller +package#IoT,domain#INS-Se+cD-Data,domain#Node-Sensor-Sensor +package#IoT,domain#INS-Se+sD-Data,domain#Node-Sensor-Sensor +package#IoT,domain#INS-SesD+SP-SimpleProcess,domain#Node-Sensor-Sensor package#LocalDeviceConnectivity,domain#INS-BPcGcBP+OSg-LogicalSegment,domain#Node-FromSubnet-BluetoothPair package#LocalDeviceConnectivity,domain#INS-BPcGcBP+OSg-LogicalSegment,domain#Node-Gateway-PhysicalHost package#LocalDeviceConnectivity,domain#INS-BPcGcBP+OSg-LogicalSegment,domain#Node-ToSubnet-BluetoothPair diff --git a/csv/MADefaultSetting.csv b/csv/MADefaultSetting.csv index 9a30235..a1f500b 100644 --- a/csv/MADefaultSetting.csv +++ b/csv/MADefaultSetting.csv @@ -363,15 +363,19 @@ package#IoT,domain#MADS-LocalLossOfUserTW-Controller,domain#Controller,domain#Lo package#IoT,domain#MADS-LocalLossOfUserTW-ControlProcess,domain#ControlProcess,domain#LocalLossOfUserTW,domain#ImpactLevelNegligible package#IoT,domain#MADS-LocalLossOfUserTW-Sensor,domain#Sensor,domain#LocalLossOfUserTW,domain#ImpactLevelNegligible package#IoT,domain#MADS-LocalLossOfUserTW-SensorProcess,domain#SensorProcess,domain#LocalLossOfUserTW,domain#ImpactLevelNegligible +package#IoT,domain#MADS-LossOfAuthenticity-ControlData,domain#ControlData,domain#LossOfAuthenticity,domain#ImpactLevelNegligible package#IoT,domain#MADS-LossOfAuthenticity-Sensor,domain#Sensor,domain#LossOfAuthenticity,domain#ImpactLevelNegligible +package#IoT,domain#MADS-LossOfAvailability-ControlData,domain#ControlData,domain#LossOfAvailability,domain#ImpactLevelNegligible package#IoT,domain#MADS-LossOfAvailability-Controller,domain#Controller,domain#LossOfAvailability,domain#ImpactLevelNegligible package#IoT,domain#MADS-LossOfAvailability-ControlProcess,domain#ControlProcess,domain#LossOfAvailability,domain#ImpactLevelNegligible package#IoT,domain#MADS-LossOfAvailability-Sensor,domain#Sensor,domain#LossOfAvailability,domain#ImpactLevelNegligible package#IoT,domain#MADS-LossOfAvailability-SensorProcess,domain#SensorProcess,domain#LossOfAvailability,domain#ImpactLevelNegligible +package#IoT,domain#MADS-LossOfConfidentiality-ControlData,domain#ControlData,domain#LossOfConfidentiality,domain#ImpactLevelNegligible package#IoT,domain#MADS-LossOfConfidentiality-Controller,domain#Controller,domain#LossOfConfidentiality,domain#ImpactLevelNegligible package#IoT,domain#MADS-LossOfConfidentiality-Sensor,domain#Sensor,domain#LossOfConfidentiality,domain#ImpactLevelNegligible package#IoT,domain#MADS-LossOfControl-Controller,domain#Controller,domain#LossOfControl,domain#ImpactLevelMedium package#IoT,domain#MADS-LossOfControl-Sensor,domain#Sensor,domain#LossOfControl,domain#ImpactLevelNegligible +package#IoT,domain#MADS-LossOfDefaultTW-ControlData,domain#ControlData,domain#LossOfDefaultTW,domain#ImpactLevelNegligible package#IoT,domain#MADS-LossOfDefaultTW-Controller,domain#Controller,domain#LossOfDefaultTW,domain#ImpactLevelNegligible package#IoT,domain#MADS-LossOfDefaultTW-ControlProcess,domain#ControlProcess,domain#LossOfDefaultTW,domain#ImpactLevelNegligible package#IoT,domain#MADS-LossOfDefaultTW-Sensor,domain#Sensor,domain#LossOfDefaultTW,domain#ImpactLevelNegligible @@ -384,6 +388,7 @@ package#IoT,domain#MADS-LossOfExtrinsicTW-Controller,domain#Controller,domain#Lo package#IoT,domain#MADS-LossOfExtrinsicTW-ControlProcess,domain#ControlProcess,domain#LossOfExtrinsicTW,domain#ImpactLevelNegligible package#IoT,domain#MADS-LossOfExtrinsicTW-Sensor,domain#Sensor,domain#LossOfExtrinsicTW,domain#ImpactLevelNegligible package#IoT,domain#MADS-LossOfExtrinsicTW-SensorProcess,domain#SensorProcess,domain#LossOfExtrinsicTW,domain#ImpactLevelNegligible +package#IoT,domain#MADS-LossOfIntegrity-ControlData,domain#ControlData,domain#LossOfIntegrity,domain#ImpactLevelNegligible package#IoT,domain#MADS-LossOfIntegrity-Sensor,domain#Sensor,domain#LossOfIntegrity,domain#ImpactLevelNegligible package#IoT,domain#MADS-LossOfIntrinsicTW-Controller,domain#Controller,domain#LossOfIntrinsicTW,domain#ImpactLevelNegligible package#IoT,domain#MADS-LossOfIntrinsicTW-ControlProcess,domain#ControlProcess,domain#LossOfIntrinsicTW,domain#ImpactLevelNegligible @@ -395,6 +400,7 @@ package#IoT,domain#MADS-LossOfReliability-Sensor,domain#Sensor,domain#LossOfReli package#IoT,domain#MADS-LossOfReliability-SensorProcess,domain#SensorProcess,domain#LossOfReliability,domain#ImpactLevelNegligible package#IoT,domain#MADS-LossOfResourceTW-Controller,domain#Controller,domain#LossOfResourceTW,domain#ImpactLevelNegligible package#IoT,domain#MADS-LossOfResourceTW-Sensor,domain#Sensor,domain#LossOfResourceTW,domain#ImpactLevelNegligible +package#IoT,domain#MADS-LossOfTimeliness-ControlData,domain#ControlData,domain#LossOfTimeliness,domain#ImpactLevelNegligible package#IoT,domain#MADS-LossOfTimeliness-ControlProcess,domain#ControlProcess,domain#LossOfTimeliness,domain#ImpactLevelNegligible package#IoT,domain#MADS-LossOfTimeliness-Sensor,domain#Sensor,domain#LossOfTimeliness,domain#ImpactLevelNegligible package#IoT,domain#MADS-LossOfTimeliness-SensorProcess,domain#SensorProcess,domain#LossOfTimeliness,domain#ImpactLevelNegligible @@ -402,6 +408,7 @@ package#IoT,domain#MADS-LossOfUserTW-Controller,domain#Controller,domain#LossOfU package#IoT,domain#MADS-LossOfUserTW-ControlProcess,domain#ControlProcess,domain#LossOfUserTW,domain#ImpactLevelNegligible package#IoT,domain#MADS-LossOfUserTW-Sensor,domain#Sensor,domain#LossOfUserTW,domain#ImpactLevelNegligible package#IoT,domain#MADS-LossOfUserTW-SensorProcess,domain#SensorProcess,domain#LossOfUserTW,domain#ImpactLevelNegligible +package#IoT,domain#MADS-MalwareInfection-ControlData,domain#ControlData,domain#MalwareInfection,domain#ImpactLevelNegligible package#IoT,domain#MADS-MalwareInfection-Controller,domain#Controller,domain#MalwareInfection,domain#ImpactLevelNegligible package#IoT,domain#MADS-MalwareInfection-ControlProcess,domain#ControlProcess,domain#MalwareInfection,domain#ImpactLevelNegligible package#IoT,domain#MADS-MalwareInfection-Sensor,domain#Sensor,domain#MalwareInfection,domain#ImpactLevelNegligible @@ -410,6 +417,7 @@ package#IoT,domain#MADS-Overloaded-Controller,domain#Controller,domain#Overloade package#IoT,domain#MADS-Overloaded-ControlProcess,domain#ControlProcess,domain#Overloaded,domain#ImpactLevelNegligible package#IoT,domain#MADS-Overloaded-Sensor,domain#Sensor,domain#Overloaded,domain#ImpactLevelNegligible package#IoT,domain#MADS-Overloaded-SensorProcess,domain#SensorProcess,domain#Overloaded,domain#ImpactLevelNegligible +package#IoT,domain#MADS-PhysicalShutdown-Controller,domain#Controller,domain#PhysicalShutdown,domain#ImpactLevelMedium package#IoT,domain#MADS-TrojanInsertion-Controller,domain#Controller,domain#TrojanInsertion,domain#ImpactLevelNegligible package#IoT,domain#MADS-TrojanInsertion-ControlProcess,domain#ControlProcess,domain#TrojanInsertion,domain#ImpactLevelNegligible package#IoT,domain#MADS-TrojanInsertion-Sensor,domain#Sensor,domain#TrojanInsertion,domain#ImpactLevelNegligible diff --git a/csv/MatchingPattern.csv b/csv/MatchingPattern.csv index b8e6d6e..a4eddfa 100644 --- a/csv/MatchingPattern.csv +++ b/csv/MatchingPattern.csv @@ -246,7 +246,6 @@ package#DataLifecycleInference,domain#MP-PaDSH-S-Hu-DA,PaDSH-S-Hu-DA,"Finds a Pr package#DataLifecycleInference,domain#MP-Pc-rDSH+S-Hu-DA,Pc-rDSH+S-Hu-DA,"Finds a Process that is creating data of which there is a copy stored on the same host, where the process does not enable a user to enter the data, and there is as yet no data access associated with this Process and Data, but there is at least one Data Pool at this Host associated with the Data.",domain#R-PcDSH,FALSE,TRUE package#DataLifecycleInference,domain#MP-Pc-rDSH-S-Hu-DA,Pc-rDSH-S-Hu-DA,"Finds a Process that is creating data of which there is a copy stored on the same host, where the process does not enable a user to enter the data, and there is as yet no data access associated with this Process and Data, and no Data Pool at this Host associated with the Data.",domain#R-PcDSH,FALSE,TRUE package#DataLifecycleInference,domain#MP-PDP,PDP,Finds a Process that implicitly or explicitly serves stored Data.,domain#R-PDP,FALSE,FALSE -package#DataLifecycleInference,domain#MP-PDP-DP,PDP-DP,"Finds a Process that implicitly or explicitly serves stored Data, where the Data has no Data Path.",domain#R-PDP,FALSE,FALSE package#DataLifecycleInference,domain#MP-Pr-cDSH+S-Hu-DA,Pr-cDSH+S-Hu-DA,"Finds a Process that is receiving data of which there is a copy stored on the same host, where the process does not enable a user to enter the data, and there is as yet no data access associated with this Process and Data, but there is at least one Data Pool at this Host associated with the Data.",domain#R-PrDSH,FALSE,TRUE package#DataLifecycleInference,domain#MP-Pr-cDSH-S-Hu-DA,Pr-cDSH-S-Hu-DA,"Finds a Process that is receiving data of which there is a copy stored on the same host, where the process does not enable a user to enter the data, and there is as yet no data access associated with this Process and Data, and no Data Pool at this Host associated with the Data.",domain#R-PrDSH,FALSE,TRUE package#DataLifecycleInference,domain#MP-RA-fDCSDD,RA-fDCSDD,"Finds a remote access client acting as a data source but not itself getting the data from any original source, and having a data channel to a service that can act as a data destination.",domain#R-RADCSDD,FALSE,FALSE @@ -259,22 +258,24 @@ package#GDPR,domain#MP-HuSDPoS-i,HuSDPoS-i,"Finds a Stakeholder operating a Proc package#GDPR,domain#MP-HuSDPS-io,HuSDPS-io,Finds a Stakeholder operating a Process that is using Special Category Data relating to a Human data subject who is not operating the process providing access to the data.,domain#R-HuSDPS,FALSE,FALSE package#GDPR,domain#MP-NDFHuoO,NDFHuoO,Finds nationally regulated personal data being transferred across a border to a process that optionally has an operator organisation.,domain#R-NDFHu,FALSE,FALSE package#IoT,domain#MP-Co,Co,Finds a solo Controller.,domain#R-Co,FALSE,FALSE -package#IoT,domain#MP-CoPD,CoPD,Finds a Controller with its onboard data and the control process that uses this data to control physical processes.,domain#R-CoPD,FALSE,FALSE -package#IoT,domain#MP-CoPDsFT,CoPDsFT,"Finds a Controller with its onboard data and the control process that uses this data to control physical processes, plus flows of the data to this process, at least one of which must be involved.",domain#R-CoPD,FALSE,FALSE -package#IoT,domain#MP-CoPsDmFF,CoPsDmFF,"Finds a Controller with its onboard data and the process that serves the data making it available to external clients, plus all flows of this data from the process (i.e., out of the sensor), all of which must be involved in the pattern.",domain#R-CoPsD,FALSE,FALSE +package#IoT,domain#MP-CoPDS,CoPDS,Finds a Controller with its stored control input data.,domain#R-CoPDS,FALSE,FALSE +package#IoT,domain#MP-DcTh,DcTh,Finds an IoT Thing and its control input Data.,domain#R-DcTh,FALSE,FALSE +package#IoT,domain#MP-DScSePDmFF,DScSePDmFF,"Finds a Sensor with its onboard process and output data, and its stored copy of control input data, plus all flows of this data from the process (i.e., out of the sensor), all of which must be involved in the pattern.",domain#R-DScSePD,FALSE,FALSE +package#IoT,domain#MP-HuiCo,HuiCo,"Finds the control input for an IoT Controller, which is being used interactively by a Human.",domain#R-HuiCo,FALSE,FALSE +package#IoT,domain#MP-HuiSe,HuiSe,"Finds the control input and sensed output for an IoT Sensor, which is being used interactively by a Human, plus the interactive process that creates the output.",domain#R-HuiSe,FALSE,FALSE package#IoT,domain#MP-HuiThaS-S,HuiThaS-S,Finds a Human that has access to a space and uses an IoT Thing which has no specified location.,domain#R-HuiThaS,FALSE,FALSE -package#IoT,domain#MP-HuiUCo,HuiUCo,"Finds a Human interacting with a UserController, plus onboard data and processing.",domain#R-HuiUCo,FALSE,FALSE -package#IoT,domain#MP-HuiUSe,HuiUSe,"Finds a Human interacting with a UserSensor, plus onboard data and processing.",domain#R-HuiUSe,FALSE,FALSE package#IoT,domain#MP-HumThP-m,HumThP-m,Finds a Human managing a Thing with an unmanaged onboard process.,domain#R-HumThP,FALSE,FALSE -package#IoT,domain#MP-Pa-uCo,Pa-uCo,"Finds a client Process that amends an IoT Controller, along with its onboard communication Process and Data.",domain#R-PaCo,FALSE,TRUE -package#IoT,domain#MP-PpSe,PpSe,"Finds a Process polling a Sensor, and the onboard Process and Data at the Sensor.",domain#R-PpSe,FALSE,FALSE -package#IoT,domain#MP-Pr-uSe,Pr-uSe,"Finds a client Process that receives data from an IoT Sensor, along with its onboard simple communication Process and Data.",domain#R-PrSe,FALSE,TRUE -package#IoT,domain#MP-PuCo,PuCo,"Finds a client Process that updates an IoT Controller, along with its onboard communication Process serving onboard Data.",domain#R-PuCo,FALSE,FALSE +package#IoT,domain#MP-PaSe,PaSe,"Finds a client Process that amends control input to an IoT Sensor, along with its onboard simple communication Process and Data.",domain#R-PaSe,FALSE,FALSE +package#IoT,domain#MP-Pa-uCo,Pa-uCo,"Finds a client Process that amends (but does not update) an IoT Controller, along with its control input Data and onboard communication Process.",domain#R-PaCo,FALSE,TRUE +package#IoT,domain#MP-Pp-uSe,Pp-uSe,"Finds a client Process that polls (but does not read) an IoT Sensor, along with its onboard simple communication Process and Data.",domain#R-PpSe,FALSE,TRUE +package#IoT,domain#MP-PrSe,PrSe,"Finds a client Process that receives data from an IoT Sensor, along with its onboard simple communication Process and Data.",domain#R-PrSe,FALSE,TRUE +package#IoT,domain#MP-PuCo,PuCo,"Finds a client Process that updates an IoT Controller, along with its control input Data and onboard communication Process.",domain#R-PuCo,FALSE,FALSE package#IoT,domain#MP-PuSe,PuSe,"Finds a client Process that reads data from an IoT Sensor, along with its onboard simple communication Process and Data.",domain#R-PuSe,FALSE,FALSE package#IoT,domain#MP-Se,Se,Finds a solo Sensor.,domain#R-Se,FALSE,FALSE package#IoT,domain#MP-SePD,SePD,Finds a Sensor with its onboard process and data.,domain#R-SePD,FALSE,FALSE package#IoT,domain#MP-SePDmFF,SePDmFF,"Finds a Sensor with its onboard process and data, plus all flows of this data from the process (i.e., out of the sensor), all of which must be involved in the pattern.",domain#R-SePD,FALSE,FALSE package#IoT,domain#MP-SePDsFF,SePDsFF,"Finds a Sensor with its onboard process and data, plus all flows of this data from the process (i.e., out of the sensor), at least one of which must be involved in the pattern.",domain#R-SePD,FALSE,FALSE +package#IoT,domain#MP-SesD,SesD,Finds a Sensor and its sensed Data.,domain#R-SesD,FALSE,FALSE package#IoT,domain#MP-SHuTh-Hu,SHuTh-Hu,Finds a Human managing a Space in which an unmanaged Thing is located.,domain#R-SHuTh,FALSE,FALSE package#Legal,domain#MP-DFHuoO,DFHuoO,Finds personal data being transferred across a border to a process that optionally has an operator organisation.,domain#R-DFHu,FALSE,FALSE package#Legal,domain#MP-DSHuoO,DSHuoO,"Finds personal data being communicated across a border, to a process that is an intermediary (not the final destination) and optionally has an operator organisation.",domain#R-DSHu,FALSE,FALSE @@ -543,7 +544,8 @@ package#Privacy,domain#MP-Hu-aDPS-io,Hu-aDPS-io,"Finds a Stakeholder operating a package#Privacy,domain#MP-HuDPoS-i,HuDPoS-i,"Finds Stakeholder operating a Process that is using Data relating to a Human data subject via a controlling Service, where the subject operates the Service but not the Process.",domain#R-HuDPoS,FALSE,FALSE package#Privacy,domain#MP-HuDPS-io,HuDPS-io,"Finds a Stakeholder operating a Process that is using Data relating to a Human data subject via a controlling Service, where the subject does not operate either the Process or the controlling Service.",domain#R-HuDPS,FALSE,FALSE package#Privacy,domain#MP-HurH-StSt,HurH-StSt,"Finds a Human who does not work for anyone else, with a related personal device that has no operator.",domain#R-HurH,FALSE,FALSE -package#Privacy,domain#MP-HurTh,HurTh,"Finds a Thing relating to a Human, plus onboard data and processing.",domain#R-HurTh,FALSE,FALSE +package#Privacy,domain#MP-HurSesD,HurSesD,Finds Data produced as output by a Sensor related to a Human.,domain#R-HurSesD,FALSE,FALSE +package#Privacy,domain#MP-HurThcD,HurThcD,Finds control input to an IoT Thing related to a Human.,domain#R-HurThcD,FALSE,FALSE package#Privacy,domain#MP-HurTh-S-m,HurTh-S-m,"Finds a Thing relating to a Human, plus onboard data and processing, where there is no manager and no specified location.",domain#R-HurTh,FALSE,FALSE package#Privacy,domain#MP-HuwStrH-St,HuwStrH-St,"Finds a Human working for an Employer, with a personal device that has no other operator.",domain#R-HuwStrH,FALSE,FALSE package#Privacy,domain#MP-IoT-Hu,IoT-Hu,"Finds a solo IoT Thing that does not relate to a Human data subject. Not used at present, but reserved for a future extension.",domain#R-IoT,FALSE,FALSE diff --git a/csv/MatchingPatternLinks.csv b/csv/MatchingPatternLinks.csv index ee60beb..636e56f 100644 --- a/csv/MatchingPatternLinks.csv +++ b/csv/MatchingPatternLinks.csv @@ -430,7 +430,6 @@ package#DataLifecycleInference,domain#MP-Pc-rDSH-S-Hu-DA,domain#Link-DataPool-at package#DataLifecycleInference,domain#MP-Pc-rDSH-S-Hu-DA,domain#Link-DataPool-usedFor-Data,FALSE package#DataLifecycleInference,domain#MP-Pc-rDSH-S-Hu-DA,domain#Link-Process-enablesUserInput-Data,TRUE package#DataLifecycleInference,domain#MP-Pc-rDSH-S-Hu-DA,domain#Link-Process-receives-Data,TRUE -package#DataLifecycleInference,domain#MP-PDP-DP,domain#Link-DataPath-dataPathFor-Data,FALSE package#DataLifecycleInference,domain#MP-Pr-cDSH+S-Hu-DA,domain#Link-DataAccess-usedBy-Process,FALSE package#DataLifecycleInference,domain#MP-Pr-cDSH+S-Hu-DA,domain#Link-DataAccess-usedFor-Data,FALSE package#DataLifecycleInference,domain#MP-Pr-cDSH+S-Hu-DA,domain#Link-DataPool-atHost-Host,FALSE @@ -462,16 +461,13 @@ package#GDPR,domain#MP-NDFHuoO,domain#Link-DataSubject-operates-Process,TRUE package#GDPR,domain#MP-NDFHuoO,domain#Link-Human1-manages-FlowsFrom,FALSE package#GDPR,domain#MP-NDFHuoO,domain#Link-Human2-manages-Process,FALSE package#GDPR,domain#MP-NDFHuoO,domain#Link-Operator-operates-Process,FALSE -package#IoT,domain#MP-CoPD,domain#Link-HostManager-manages-Controller,FALSE -package#IoT,domain#MP-CoPDsFT,domain#Link-DataFlow-flows-Data,FALSE -package#IoT,domain#MP-CoPDsFT,domain#Link-DataFlow-flowsTo-Process,FALSE -package#IoT,domain#MP-CoPDsFT,domain#Link-HostManager-manages-Controller,FALSE -package#IoT,domain#MP-CoPsDmFF,domain#Link-DataFlow-flows-Data,FALSE -package#IoT,domain#MP-CoPsDmFF,domain#Link-DataFlow-flowsFrom-Process,FALSE +package#IoT,domain#MP-CoPDS,domain#Link-HostManager-manages-Controller,FALSE +package#IoT,domain#MP-DScSePDmFF,domain#Link-DataFlow-flows-Data,FALSE +package#IoT,domain#MP-DScSePDmFF,domain#Link-DataFlow-flowsFrom-Process,FALSE package#IoT,domain#MP-HuiThaS-S,domain#Link-Thing-locatedIn-OtherSpace,FALSE package#IoT,domain#MP-HumThP-m,domain#Link-ProcessManager-manages-Process,FALSE package#IoT,domain#MP-Pa-uCo,domain#Link-Client-updatesController-Controller,TRUE -package#IoT,domain#MP-Pr-uSe,domain#Link-Client-readsSensor-Sensor,TRUE +package#IoT,domain#MP-Pp-uSe,domain#Link-Client-readsSensor-Sensor,TRUE package#IoT,domain#MP-SePDmFF,domain#Link-DataFlow-flows-Data,FALSE package#IoT,domain#MP-SePDmFF,domain#Link-DataFlow-flowsFrom-Process,FALSE package#IoT,domain#MP-SePDsFF,domain#Link-DataFlow-flows-Data,FALSE diff --git a/csv/MatchingPatternNodes.csv b/csv/MatchingPatternNodes.csv index 5e558e6..a132f51 100644 --- a/csv/MatchingPatternNodes.csv +++ b/csv/MatchingPatternNodes.csv @@ -219,7 +219,6 @@ package#DataLifecycleInference,domain#MP-Pc-rDSH+S-Hu-DA,domain#Node-DataAccess- package#DataLifecycleInference,domain#MP-Pc-rDSH+S-Hu-DA,domain#Node-DataPool-DataPool,TRUE,FALSE,FALSE package#DataLifecycleInference,domain#MP-Pc-rDSH-S-Hu-DA,domain#Node-DataAccess-DataAccess,FALSE,TRUE,FALSE package#DataLifecycleInference,domain#MP-Pc-rDSH-S-Hu-DA,domain#Node-DataPool-DataPool,FALSE,TRUE,FALSE -package#DataLifecycleInference,domain#MP-PDP-DP,domain#Node-DataPath-DataPath,FALSE,TRUE,FALSE package#DataLifecycleInference,domain#MP-Pr-cDSH+S-Hu-DA,domain#Node-DataAccess-DataAccess,FALSE,TRUE,FALSE package#DataLifecycleInference,domain#MP-Pr-cDSH+S-Hu-DA,domain#Node-DataPool-DataPool,TRUE,FALSE,FALSE package#DataLifecycleInference,domain#MP-Pr-cDSH-S-Hu-DA,domain#Node-DataAccess-DataAccess,FALSE,TRUE,FALSE @@ -234,10 +233,8 @@ package#DataLifecycleInference,domain#MP-SDADPPDXRAC-DP,domain#Node-DataPath-Dat package#GDPR,domain#MP-NDFHuoO,domain#Node-Human1-Human,FALSE,FALSE,FALSE package#GDPR,domain#MP-NDFHuoO,domain#Node-Human2-Human,FALSE,FALSE,FALSE package#GDPR,domain#MP-NDFHuoO,domain#Node-Operator-Stakeholder,FALSE,FALSE,FALSE -package#IoT,domain#MP-CoPD,domain#Node-HostManager-Human,FALSE,FALSE,FALSE -package#IoT,domain#MP-CoPDsFT,domain#Node-DataFlow-DataFlow,TRUE,FALSE,TRUE -package#IoT,domain#MP-CoPDsFT,domain#Node-HostManager-Human,FALSE,FALSE,FALSE -package#IoT,domain#MP-CoPsDmFF,domain#Node-DataFlow-DataFlow,TRUE,FALSE,FALSE +package#IoT,domain#MP-CoPDS,domain#Node-HostManager-Human,FALSE,FALSE,FALSE +package#IoT,domain#MP-DScSePDmFF,domain#Node-DataFlow-DataFlow,TRUE,FALSE,FALSE package#IoT,domain#MP-HuiThaS-S,domain#Node-OtherSpace-Space,FALSE,TRUE,FALSE package#IoT,domain#MP-HumThP-m,domain#Node-ProcessManager-Human,FALSE,TRUE,FALSE package#IoT,domain#MP-SePDmFF,domain#Node-DataFlow-DataFlow,TRUE,FALSE,FALSE diff --git a/csv/Misbehaviour.csv b/csv/Misbehaviour.csv index f96d6e1..b955264 100644 --- a/csv/Misbehaviour.csv +++ b/csv/Misbehaviour.csv @@ -10,6 +10,7 @@ package#Application,domain#LossOfTimeliness,LossOfTimeliness,"Represents a state package#Core,domain#LossOfDefaultTW,LossOfDefaultTW,"Modelling artefact, corresponding to the trustworthiness attribute DefaultTW, which is already set by default to the lowest trustworthiness level.",FALSE,None package#DataLifecycle,domain#NotDecrypted,NotDecrypted,"An adverse behaviour of stored or flowing copies of data, signifying that the copy is not available in an unencrypted form. Considered an adverse effect because it can lead to loss of availability for the data if a legitimate user or process lacks a suitable decryption key, and used to model side effects of encryption controls.",FALSE,X package#DataLifecycle,domain#NotEncrypted,NotEncrypted,"An adverse behaviour of stored or flowing copies of data, signifying that the copy is not available in an encrypted form. Considered as an adverse effect as it means confidentiality could be breached without compromising a decryption key, and used to model side effects of encryption controls.",FALSE,Y +package#IoT,domain#PhysicalShutdown,PhysicalShutdown,Signifies that the physical process controlled by the Controller has been halted by physical means.,TRUE, package#Network,domain#InService,InService,"Engagement by an asset in the system, which is usually desirable, but means the asset is open to attack, abuse or misuse (and hence it is modelled as a potential threat consequence).",FALSE,IS package#Network,domain#LossOfCapacity,LossOfCapacity,Reduction in the capacity of a Data Centre to handle demands placed on it by automatically provisioned for hosts and processes.,FALSE,O package#Network,domain#LossOfControl,Loss Of Control,"Untrusted, potentially malicious agents gained admin rights in some system context.",TRUE,M diff --git a/csv/MisbehaviourLocations.csv b/csv/MisbehaviourLocations.csv index 9126775..285070d 100644 --- a/csv/MisbehaviourLocations.csv +++ b/csv/MisbehaviourLocations.csv @@ -28,6 +28,7 @@ package#DataLifecycle,domain#Overloaded,domain#DataStep package#IoT,domain#LossOfAuthenticity,domain#Sensor package#IoT,domain#LossOfIntegrity,domain#Sensor package#IoT,domain#LossOfTimeliness,domain#Sensor +package#IoT,domain#PhysicalShutdown,domain#Controller package#Network,domain#InService,domain#Host package#Network,domain#InService,domain#NetworkAsset package#Network,domain#InService,domain#Process diff --git a/csv/ObjectProperty.csv b/csv/ObjectProperty.csv index 43d6ba7..131731a 100644 --- a/csv/ObjectProperty.csv +++ b/csv/ObjectProperty.csv @@ -69,9 +69,12 @@ package#DataLifecycleInference,domain#revPath,revPath,Signifies that the data us package#DataLifecycleInference,domain#toProc,toProc,The DataPath represents a chain of process-process communications enabling the use of data obtained from the Process.,TRUE,FALSE,FALSE,FALSE,TRUE,TRUE package#DataLifecycleInference,domain#usesDataPath,usesDataPath,Relationship between a data flow and a data path.,TRUE,FALSE,FALSE,FALSE,TRUE,TRUE package#IoT,domain#amendsController,amends,"The Process uses and alters the value of the control settings for the Controller, and is not blocked if it cannot access these settings.",FALSE,TRUE,TRUE,FALSE,FALSE,FALSE -package#IoT,domain#pollsSensor,polls,"The Process reads data from the Sensor, and is not blocked if the Sensor is not available.",FALSE,TRUE,TRUE,FALSE,FALSE,FALSE -package#IoT,domain#readsSensor,reads,"The Process reads data from the Sensor, and is blocked if the Sensor is not available.",FALSE,TRUE,TRUE,FALSE,FALSE,FALSE +package#IoT,domain#amendsSensor,amendsSensor,"The Process uses and alters the value of the control settings for the Sensor, and is not blocked if it cannot access these settings.",FALSE,TRUE,TRUE,FALSE,FALSE,FALSE +package#IoT,domain#controlsThing,controlsThing,Relationship from control input Data to a Thing whose physical actuator or measurement hardware is controlled or configured by the Data.,FALSE,TRUE,TRUE,FALSE,FALSE,FALSE +package#IoT,domain#pollsSensor,polls,"The Process updates the Sensor configuration and reads data from the Sensor, and is not blocked if the Sensor is not available.",FALSE,TRUE,TRUE,FALSE,FALSE,FALSE +package#IoT,domain#readsSensor,reads,"The Process updates the configuration and reads data from the Sensor, and is blocked if the Sensor is not available.",FALSE,TRUE,TRUE,FALSE,FALSE,FALSE package#IoT,domain#receivesFromSensor,receives,"The Sensor sends readings to the Process, and neither end is blocked should this not be possible.",FALSE,TRUE,TRUE,FALSE,FALSE,FALSE +package#IoT,domain#senses,senses,Relationship from an IoT Sensor to Data produced by its measurement hardware.,FALSE,TRUE,TRUE,FALSE,FALSE,FALSE package#IoT,domain#updatesController,updates,"The Process uses and alters the value of the control settings for the Controller, and is blocked if it cannot access these settings.",FALSE,TRUE,TRUE,FALSE,FALSE,FALSE package#Legal,domain#hasController,hasController,The Stakeholder is legally responsible for use of the Data to the data subject and data regulator.,FALSE,TRUE,TRUE,FALSE,FALSE,FALSE package#Legal,domain#responsibleFor,responsibleFor,The Stakeholder is legally responsible for regulating access to Data by a Process.,TRUE,FALSE,FALSE,FALSE,TRUE,FALSE diff --git a/csv/ObjectPropertyDomains.csv b/csv/ObjectPropertyDomains.csv index 322370e..c9aa98c 100644 --- a/csv/ObjectPropertyDomains.csv +++ b/csv/ObjectPropertyDomains.csv @@ -73,9 +73,12 @@ package#DataLifecycleInference,domain#toProc,domain#DataPath package#DataLifecycleInference,domain#usesDataPath,domain#DataChannel package#DataLifecycleInference,domain#usesDataPath,domain#DataFlow package#IoT,domain#amendsController,domain#Process +package#IoT,domain#amendsSensor,domain#Process +package#IoT,domain#controlsThing,domain#Data package#IoT,domain#pollsSensor,domain#Process package#IoT,domain#readsSensor,domain#Process package#IoT,domain#receivesFromSensor,domain#Process +package#IoT,domain#senses,domain#Sensor package#IoT,domain#updatesController,domain#Process package#Legal,domain#hasController,domain#Data package#Legal,domain#responsibleFor,domain#Stakeholder diff --git a/csv/ObjectPropertyParents.csv b/csv/ObjectPropertyParents.csv index 2102899..0dfea44 100644 --- a/csv/ObjectPropertyParents.csv +++ b/csv/ObjectPropertyParents.csv @@ -24,6 +24,8 @@ package#DataLifecycle,domain#crudu,domain#crudr package#DataLifecycle,domain#flowsIn,domain#flows package#DataLifecycle,domain#flowsOut,domain#flows package#DataLifecycle,domain#noDX,domain#noDU +package#IoT,domain#pollsSensor,domain#amendsSensor +package#IoT,domain#readsSensor,domain#pollsSensor package#Network,domain#interactsWith,domain#interactsRemotelyWith package#Network,domain#locatedIn,domain#mayBeIn package#Network,domain#uses,domain#usesService diff --git a/csv/ObjectPropertyRanges.csv b/csv/ObjectPropertyRanges.csv index 37f1bca..310b19d 100644 --- a/csv/ObjectPropertyRanges.csv +++ b/csv/ObjectPropertyRanges.csv @@ -70,10 +70,13 @@ package#DataLifecycleInference,domain#revPath,domain#DataPath package#DataLifecycleInference,domain#toProc,domain#Process package#DataLifecycleInference,domain#usesDataPath,domain#DataPath package#IoT,domain#amendsController,domain#Controller +package#IoT,domain#amendsSensor,domain#Sensor +package#IoT,domain#controlsThing,domain#Thing package#IoT,domain#interactsWith,domain#Thing package#IoT,domain#pollsSensor,domain#Sensor package#IoT,domain#readsSensor,domain#Sensor package#IoT,domain#receivesFromSensor,domain#Sensor +package#IoT,domain#senses,domain#Data package#IoT,domain#updatesController,domain#Controller package#Legal,domain#hasController,domain#Stakeholder package#Legal,domain#responsibleFor,domain#DataAccess diff --git a/csv/RootPattern.csv b/csv/RootPattern.csv index 224d362..8dd14ef 100644 --- a/csv/RootPattern.csv +++ b/csv/RootPattern.csv @@ -213,20 +213,23 @@ package#GDPR,domain#R-HuSDPoS,HuSDPoS,"Finds a Stakeholder operating a Process t package#GDPR,domain#R-HuSDPS,HuSDPS,Finds a Stakeholder operating a Process that is using Special Category Data relating to a Human data subject.,FALSE,FALSE package#GDPR,domain#R-NDFHu,NDFHu,Finds nationally regulated personal data being transferred across a border.,FALSE,FALSE package#IoT,domain#R-Co,Co,Finds a solo Controller.,FALSE,FALSE -package#IoT,domain#R-CoPD,CoPD,Finds a Controller with its onboard data and the control process that uses this data to control physical processes.,FALSE,FALSE -package#IoT,domain#R-CoPsD,CoPsD,Finds a Controller with its onboard data and the process that serves the data making it available to external clients.,FALSE,FALSE +package#IoT,domain#R-CoPDS,CoPDS,Finds a Controller with its stored control input data.,FALSE,FALSE +package#IoT,domain#R-DcTh,DcTh,Finds an IoT Thing and its control input Data.,FALSE,FALSE +package#IoT,domain#R-DScSePD,DScSePD,"Finds a Sensor with its onboard process and output data, and its stored copy of control input data.",FALSE,FALSE +package#IoT,domain#R-HuiCo,HuiCo,"Finds the control input for an IoT Controller, which is being used interactively by a Human.",FALSE,FALSE +package#IoT,domain#R-HuiSe,HuiSe,"Finds the control input and sensed output for an IoT Sensor, which is being used interactively by a Human, plus the interactive process that creates the output.",FALSE,FALSE package#IoT,domain#R-HuiThaS,HuiThaS,Finds a Human that uses an IoT Thing and has access to a space.,FALSE,FALSE -package#IoT,domain#R-HuiUCo,HuiUCo,"Finds a Human interacting with an IoT Controller, plus its onboard data and processing.",FALSE,FALSE -package#IoT,domain#R-HuiUSe,HuiUSe,"Finds a Human interacting with an IoT Sensor, plus its onboard data and processing.",FALSE,FALSE package#IoT,domain#R-HumThP,HumThP,Finds a Human managing a Thing with an onboard process.,FALSE,FALSE package#IoT,domain#R-IoT,IoT,"Finds a solo IoT Thing. Not used at present, but reserved for a future extension.",FALSE,FALSE -package#IoT,domain#R-PaCo,PaCo,"Finds a client Process that amends an IoT Controller, along with its onboard communication Process serving onboard Data.",FALSE,FALSE -package#IoT,domain#R-PpSe,PpSe,"Finds a Process polling a Sensor, and the onboard Process and Data at the Sensor.",FALSE,FALSE +package#IoT,domain#R-PaCo,PaCo,"Finds a client Process that amends an IoT Controller, along with its control input Data and onboard communication Process.",FALSE,FALSE +package#IoT,domain#R-PaSe,PaSe,"Finds a client Process that amends control input to an IoT Sensor, along with its onboard simple communication Process and Data.",FALSE,FALSE +package#IoT,domain#R-PpSe,PpSe,"Finds a client Process that polls an IoT Sensor, along with its onboard simple communication Process and Data.",FALSE,FALSE package#IoT,domain#R-PrSe,PrSe,"Finds a an IoT Sensor sending data to a Process, along with the onboard simple communication Process and Data.",FALSE,FALSE -package#IoT,domain#R-PuCo,PuCo,"Finds a client Process that updates an IoT Controller, along with its onboard communication Process serving onboard Data.",FALSE,FALSE +package#IoT,domain#R-PuCo,PuCo,"Finds a client Process that updates an IoT Controller, along with its control input Data and onboard communication Process.",FALSE,FALSE package#IoT,domain#R-PuSe,PuSe,"Finds a client Process that reads data from an IoT Sensor, along with its onboard simple communication Process and Data.",FALSE,FALSE package#IoT,domain#R-Se,Se,Finds a solo Sensor.,FALSE,FALSE package#IoT,domain#R-SePD,SePD,Finds a Sensor with its onboard process and data.,FALSE,FALSE +package#IoT,domain#R-SesD,SesD,Finds a Sensor and its sensed Data.,FALSE,FALSE package#IoT,domain#R-SHuTh,SHuTh,Finds a Human managing a Space in which a Thing is located.,FALSE,FALSE package#Legal,domain#R-DFHu,DFHu,Finds the subject of personal data being transferred across a border.,FALSE,FALSE package#Legal,domain#R-DSHu,DSHu,Finds the subject personal data being communicated across a border.,FALSE,FALSE @@ -464,7 +467,9 @@ package#Privacy,domain#R-HuDPoS,HuDPoS,"Finds a Stakeholder operating a Process package#Privacy,domain#R-HuDPS,HuDPS,Finds a Stakeholder operating a Process that is using Data relating to a Human data subject via a controlling Service.,FALSE,FALSE package#Privacy,domain#R-HuDSH,HuDSH,Finds a Host storing Data related to a Human subject.,FALSE,FALSE package#Privacy,domain#R-HurH,HurH,Finds a Human with a related personal device.,FALSE,FALSE +package#Privacy,domain#R-HurSesD,HurSesD,Finds Data produced as output by a Sensor related to a Human.,FALSE,FALSE package#Privacy,domain#R-HurTh,HurTh,"Finds a Thing relating to a Human, plus onboard data and processing.",FALSE,FALSE +package#Privacy,domain#R-HurThcD,HurThcD,Finds control input to an IoT Thing related to a Human.,FALSE,FALSE package#Privacy,domain#R-HuwStrH,HuwStrH,Finds a Human with a related personal device and who works for an Employer.,FALSE,FALSE package#ProcessComms,domain#R-CACHcLSP,CACHcLSP,"Finds a client and service and the associated client channel, plus the hosts of the two processes, and a client attack path from a subnet where the client is connected to the service where messages on the attack path look like those from the client, where the service is an authentication proxy that has a further client channel to a back end service, and a context in which the client can access the subnet and hence access the service.",FALSE,FALSE package#ProcessComms,domain#R-CACHcLSS,CACHcLSS,"Finds a service accessed by a client via a subnet the client is on, and an associated context for access to the client.",FALSE,FALSE diff --git a/csv/RootPatternLinks.csv b/csv/RootPatternLinks.csv index 63800f8..8aaaae9 100644 --- a/csv/RootPatternLinks.csv +++ b/csv/RootPatternLinks.csv @@ -1065,39 +1065,55 @@ package#GDPR,domain#R-NDFHu,domain#Link-Data-relatesTo-DataSubject package#GDPR,domain#R-NDFHu,domain#Link-FlowsFrom-subjectTo-Jurisdiction package#GDPR,domain#R-NDFHu,domain#Link-Host-hosts-FlowsFrom package#GDPR,domain#R-NDFHu,domain#Link-Process-subjectTo-RemoteJurisdiction -package#IoT,domain#R-CoPD,domain#Link-Controller-hosts-Process -package#IoT,domain#R-CoPD,domain#Link-Process-receives-Data -package#IoT,domain#R-CoPsD,domain#Link-Controller-hosts-Process -package#IoT,domain#R-CoPsD,domain#Link-Process-serves-Data +package#IoT,domain#R-CoPDS,domain#Link-Controller-storesCopy-DataCopy +package#IoT,domain#R-CoPDS,domain#Link-Data-controlsThing-Controller +package#IoT,domain#R-CoPDS,domain#Link-DataCopy-copyOf-Data +package#IoT,domain#R-DcTh,domain#Link-Data-controlsThing-Thing +package#IoT,domain#R-DScSePD,domain#Link-DataCopy-copyOf-Input +package#IoT,domain#R-DScSePD,domain#Link-Input-controlsThing-Sensor +package#IoT,domain#R-DScSePD,domain#Link-Process-creates-Data +package#IoT,domain#R-DScSePD,domain#Link-Sensor-hosts-Process +package#IoT,domain#R-DScSePD,domain#Link-Sensor-senses-Data +package#IoT,domain#R-DScSePD,domain#Link-Sensor-storesCopy-DataCopy +package#IoT,domain#R-HuiCo,domain#Link-Data-controlsThing-Controller +package#IoT,domain#R-HuiCo,domain#Link-Human-interactsWith-Controller +package#IoT,domain#R-HuiSe,domain#Link-Human-interactsWith-Sensor +package#IoT,domain#R-HuiSe,domain#Link-Input-controlsThing-Sensor +package#IoT,domain#R-HuiSe,domain#Link-Process-creates-Output +package#IoT,domain#R-HuiSe,domain#Link-Sensor-hosts-Process +package#IoT,domain#R-HuiSe,domain#Link-Sensor-senses-Output package#IoT,domain#R-HuiThaS,domain#Link-Human-canAccess-Space package#IoT,domain#R-HuiThaS,domain#Link-Human-interactsWith-Thing -package#IoT,domain#R-HuiUCo,domain#Link-Controller-hosts-SimpleProcess -package#IoT,domain#R-HuiUCo,domain#Link-Human-interactsWith-Controller -package#IoT,domain#R-HuiUCo,domain#Link-SimpleProcess-receives-Data -package#IoT,domain#R-HuiUSe,domain#Link-Human-interactsWith-Sensor -package#IoT,domain#R-HuiUSe,domain#Link-Sensor-hosts-SimpleProcess -package#IoT,domain#R-HuiUSe,domain#Link-SimpleProcess-receives-Data package#IoT,domain#R-HumThP,domain#Link-Human-manages-Thing package#IoT,domain#R-HumThP,domain#Link-Thing-hosts-Process package#IoT,domain#R-PaCo,domain#Link-Client-amendsController-Controller package#IoT,domain#R-PaCo,domain#Link-Controller-hosts-Process -package#IoT,domain#R-PaCo,domain#Link-Controller-stores-Data +package#IoT,domain#R-PaCo,domain#Link-Data-controlsThing-Controller package#IoT,domain#R-PaCo,domain#Link-Process-serves-Data +package#IoT,domain#R-PaSe,domain#Link-Client-amendsSensor-Sensor +package#IoT,domain#R-PaSe,domain#Link-Data-controlsThing-Sensor +package#IoT,domain#R-PaSe,domain#Link-Sensor-hosts-SimpleProcess +package#IoT,domain#R-PaSe,domain#Link-SimpleProcess-serves-Data package#IoT,domain#R-PpSe,domain#Link-Client-pollsSensor-Sensor package#IoT,domain#R-PpSe,domain#Link-Sensor-hosts-SimpleProcess +package#IoT,domain#R-PpSe,domain#Link-Sensor-senses-Data package#IoT,domain#R-PpSe,domain#Link-SimpleProcess-creates-Data package#IoT,domain#R-PrSe,domain#Link-Client-receivesFromSensor-Sensor package#IoT,domain#R-PrSe,domain#Link-Sensor-hosts-SimpleProcess +package#IoT,domain#R-PrSe,domain#Link-Sensor-senses-Data package#IoT,domain#R-PrSe,domain#Link-SimpleProcess-creates-Data package#IoT,domain#R-PuCo,domain#Link-Client-updatesController-Controller package#IoT,domain#R-PuCo,domain#Link-Controller-hosts-Process -package#IoT,domain#R-PuCo,domain#Link-Controller-stores-Data +package#IoT,domain#R-PuCo,domain#Link-Data-controlsThing-Controller package#IoT,domain#R-PuCo,domain#Link-Process-serves-Data package#IoT,domain#R-PuSe,domain#Link-Client-readsSensor-Sensor package#IoT,domain#R-PuSe,domain#Link-Sensor-hosts-SimpleProcess +package#IoT,domain#R-PuSe,domain#Link-Sensor-senses-Data package#IoT,domain#R-PuSe,domain#Link-SimpleProcess-creates-Data package#IoT,domain#R-SePD,domain#Link-Process-creates-Data package#IoT,domain#R-SePD,domain#Link-Sensor-hosts-Process +package#IoT,domain#R-SePD,domain#Link-Sensor-senses-Data +package#IoT,domain#R-SesD,domain#Link-Sensor-senses-Data package#IoT,domain#R-SHuTh,domain#Link-Human-manages-Space package#IoT,domain#R-SHuTh,domain#Link-Thing-locatedIn-Space package#Legal,domain#R-DFHu,domain#Link-DataFlow-flows-Data @@ -1817,9 +1833,13 @@ package#Privacy,domain#R-HuDSH,domain#Link-DataCopy-copyOf-Data package#Privacy,domain#R-HuDSH,domain#Link-Data-relatesTo-DataSubject package#Privacy,domain#R-HuDSH,domain#Link-Host-storesCopy-DataCopy package#Privacy,domain#R-HurH,domain#Link-Host-relatesTo-Human +package#Privacy,domain#R-HurSesD,domain#Link-Sensor-relatesTo-Human +package#Privacy,domain#R-HurSesD,domain#Link-Sensor-senses-Data package#Privacy,domain#R-HurTh,domain#Link-Process-processes-Data package#Privacy,domain#R-HurTh,domain#Link-Thing-hosts-Process package#Privacy,domain#R-HurTh,domain#Link-Thing-relatesTo-Human +package#Privacy,domain#R-HurThcD,domain#Link-Data-controlsThing-Thing +package#Privacy,domain#R-HurThcD,domain#Link-Thing-relatesTo-Human package#Privacy,domain#R-HuwStrH,domain#Link-Host-relatesTo-Human package#Privacy,domain#R-HuwStrH,domain#Link-Human-worksFor-Employer package#ProcessComms,domain#R-CACHcLSP,domain#Link-AttackPath-channelTo-Service diff --git a/csv/RootPatternNodes.csv b/csv/RootPatternNodes.csv index a92b5d3..7f90ca6 100644 --- a/csv/RootPatternNodes.csv +++ b/csv/RootPatternNodes.csv @@ -1009,23 +1009,27 @@ package#GDPR,domain#R-NDFHu,domain#Node-Jurisdiction-Jurisdiction,TRUE package#GDPR,domain#R-NDFHu,domain#Node-Process-Process,TRUE package#GDPR,domain#R-NDFHu,domain#Node-RemoteJurisdiction-Jurisdiction,TRUE package#IoT,domain#R-Co,domain#Node-Controller-Controller,TRUE -package#IoT,domain#R-CoPD,domain#Node-Controller-Controller,TRUE -package#IoT,domain#R-CoPD,domain#Node-Data-Data,TRUE -package#IoT,domain#R-CoPD,domain#Node-Process-ControlProcess,TRUE -package#IoT,domain#R-CoPsD,domain#Node-Controller-Controller,TRUE -package#IoT,domain#R-CoPsD,domain#Node-Data-Data,TRUE -package#IoT,domain#R-CoPsD,domain#Node-Process-Process,TRUE +package#IoT,domain#R-CoPDS,domain#Node-Controller-Controller,TRUE +package#IoT,domain#R-CoPDS,domain#Node-DataCopy-DataCopy,TRUE +package#IoT,domain#R-CoPDS,domain#Node-Data-Data,TRUE +package#IoT,domain#R-DcTh,domain#Node-Data-Data,TRUE +package#IoT,domain#R-DcTh,domain#Node-Thing-Thing,TRUE +package#IoT,domain#R-DScSePD,domain#Node-DataCopy-DataCopy,TRUE +package#IoT,domain#R-DScSePD,domain#Node-Data-Data,TRUE +package#IoT,domain#R-DScSePD,domain#Node-Input-Data,TRUE +package#IoT,domain#R-DScSePD,domain#Node-Process-Process,TRUE +package#IoT,domain#R-DScSePD,domain#Node-Sensor-Sensor,TRUE +package#IoT,domain#R-HuiCo,domain#Node-Controller-Controller,TRUE +package#IoT,domain#R-HuiCo,domain#Node-Data-Data,TRUE +package#IoT,domain#R-HuiCo,domain#Node-Human-Human,TRUE +package#IoT,domain#R-HuiSe,domain#Node-Human-Human,TRUE +package#IoT,domain#R-HuiSe,domain#Node-Input-Data,TRUE +package#IoT,domain#R-HuiSe,domain#Node-Output-Data,TRUE +package#IoT,domain#R-HuiSe,domain#Node-Process-Process,TRUE +package#IoT,domain#R-HuiSe,domain#Node-Sensor-Sensor,TRUE package#IoT,domain#R-HuiThaS,domain#Node-Human-Human,TRUE package#IoT,domain#R-HuiThaS,domain#Node-Space-Space,TRUE package#IoT,domain#R-HuiThaS,domain#Node-Thing-Thing,TRUE -package#IoT,domain#R-HuiUCo,domain#Node-Controller-Controller,TRUE -package#IoT,domain#R-HuiUCo,domain#Node-Data-Data,TRUE -package#IoT,domain#R-HuiUCo,domain#Node-Human-Human,TRUE -package#IoT,domain#R-HuiUCo,domain#Node-SimpleProcess-ControlProcess,TRUE -package#IoT,domain#R-HuiUSe,domain#Node-Data-Data,TRUE -package#IoT,domain#R-HuiUSe,domain#Node-Human-Human,TRUE -package#IoT,domain#R-HuiUSe,domain#Node-Sensor-Sensor,TRUE -package#IoT,domain#R-HuiUSe,domain#Node-SimpleProcess-SensorProcess,TRUE package#IoT,domain#R-HumThP,domain#Node-Human-Human,TRUE package#IoT,domain#R-HumThP,domain#Node-Process-Process,TRUE package#IoT,domain#R-HumThP,domain#Node-Thing-Thing,TRUE @@ -1034,6 +1038,10 @@ package#IoT,domain#R-PaCo,domain#Node-Client-Process,TRUE package#IoT,domain#R-PaCo,domain#Node-Controller-Controller,TRUE package#IoT,domain#R-PaCo,domain#Node-Data-Data,TRUE package#IoT,domain#R-PaCo,domain#Node-Process-Process,TRUE +package#IoT,domain#R-PaSe,domain#Node-Client-Process,TRUE +package#IoT,domain#R-PaSe,domain#Node-Data-Data,TRUE +package#IoT,domain#R-PaSe,domain#Node-Sensor-Sensor,TRUE +package#IoT,domain#R-PaSe,domain#Node-SimpleProcess-DataService,TRUE package#IoT,domain#R-PpSe,domain#Node-Client-Process,TRUE package#IoT,domain#R-PpSe,domain#Node-Data-Data,TRUE package#IoT,domain#R-PpSe,domain#Node-Sensor-Sensor,TRUE @@ -1054,6 +1062,8 @@ package#IoT,domain#R-Se,domain#Node-Sensor-Sensor,TRUE package#IoT,domain#R-SePD,domain#Node-Data-Data,TRUE package#IoT,domain#R-SePD,domain#Node-Process-Process,TRUE package#IoT,domain#R-SePD,domain#Node-Sensor-Sensor,TRUE +package#IoT,domain#R-SesD,domain#Node-Data-Data,TRUE +package#IoT,domain#R-SesD,domain#Node-Sensor-Sensor,TRUE package#IoT,domain#R-SHuTh,domain#Node-Human-Human,TRUE package#IoT,domain#R-SHuTh,domain#Node-Space-Space,TRUE package#IoT,domain#R-SHuTh,domain#Node-Thing-Thing,TRUE @@ -1864,10 +1874,16 @@ package#Privacy,domain#R-HuDSH,domain#Node-DataSubject-Human,TRUE package#Privacy,domain#R-HuDSH,domain#Node-Host-Host,TRUE package#Privacy,domain#R-HurH,domain#Node-Host-Host,TRUE package#Privacy,domain#R-HurH,domain#Node-Human-Human,TRUE +package#Privacy,domain#R-HurSesD,domain#Node-Data-Data,TRUE +package#Privacy,domain#R-HurSesD,domain#Node-Human-Human,TRUE +package#Privacy,domain#R-HurSesD,domain#Node-Sensor-Sensor,TRUE package#Privacy,domain#R-HurTh,domain#Node-Data-Data,TRUE package#Privacy,domain#R-HurTh,domain#Node-Human-Human,TRUE package#Privacy,domain#R-HurTh,domain#Node-Process-Process,TRUE package#Privacy,domain#R-HurTh,domain#Node-Thing-Thing,TRUE +package#Privacy,domain#R-HurThcD,domain#Node-Data-Data,TRUE +package#Privacy,domain#R-HurThcD,domain#Node-Human-Human,TRUE +package#Privacy,domain#R-HurThcD,domain#Node-Thing-Thing,TRUE package#Privacy,domain#R-HuwStrH,domain#Node-Employer-Stakeholder,TRUE package#Privacy,domain#R-HuwStrH,domain#Node-Host-Host,TRUE package#Privacy,domain#R-HuwStrH,domain#Node-Human-Human,TRUE diff --git a/csv/TWAADefaultSetting.csv b/csv/TWAADefaultSetting.csv index 5bc4e79..ddb46af 100644 --- a/csv/TWAADefaultSetting.csv +++ b/csv/TWAADefaultSetting.csv @@ -307,15 +307,19 @@ package#GDPR,domain#TWAADS-DefaultTW-SpecialCategoryData,domain#DefaultTW,domain package#GDPR,domain#TWAADS-Health-SpecialCategoryData,domain#Health,domain#SpecialCategoryData,domain#TrustworthinessLevelSafe,TRUE package#GDPR,domain#TWAADS-Integrity-SpecialCategoryData,domain#Integrity,domain#SpecialCategoryData,domain#TrustworthinessLevelSafe,TRUE package#GDPR,domain#TWAADS-Timeliness-SpecialCategoryData,domain#Timeliness,domain#SpecialCategoryData,domain#TrustworthinessLevelSafe,TRUE +package#IoT,domain#TWAADS-Authenticity-ControlData,domain#Authenticity,domain#ControlData,domain#TrustworthinessLevelSafe,TRUE package#IoT,domain#TWAADS-Authenticity-Sensor,domain#Authenticity,domain#Sensor,domain#TrustworthinessLevelSafe,TRUE +package#IoT,domain#TWAADS-Availability-ControlData,domain#Availability,domain#ControlData,domain#TrustworthinessLevelSafe,TRUE package#IoT,domain#TWAADS-Availability-Controller,domain#Availability,domain#Controller,domain#TrustworthinessLevelSafe,TRUE package#IoT,domain#TWAADS-Availability-ControlProcess,domain#Availability,domain#ControlProcess,domain#TrustworthinessLevelSafe,TRUE package#IoT,domain#TWAADS-Availability-Sensor,domain#Availability,domain#Sensor,domain#TrustworthinessLevelSafe,TRUE package#IoT,domain#TWAADS-Availability-SensorProcess,domain#Availability,domain#SensorProcess,domain#TrustworthinessLevelSafe,TRUE +package#IoT,domain#TWAADS-Confidentiality-ControlData,domain#Confidentiality,domain#ControlData,domain#TrustworthinessLevelSafe,TRUE package#IoT,domain#TWAADS-Confidentiality-Controller,domain#Confidentiality,domain#Controller,domain#TrustworthinessLevelSafe,TRUE package#IoT,domain#TWAADS-Confidentiality-Sensor,domain#Confidentiality,domain#Sensor,domain#TrustworthinessLevelSafe,TRUE package#IoT,domain#TWAADS-Control-Controller,domain#Control,domain#Controller,domain#TrustworthinessLevelSafe,TRUE package#IoT,domain#TWAADS-Control-Sensor,domain#Control,domain#Sensor,domain#TrustworthinessLevelSafe,TRUE +package#IoT,domain#TWAADS-DefaultTW-ControlData,domain#DefaultTW,domain#ControlData,domain#TrustworthinessLevelVeryLow,TRUE package#IoT,domain#TWAADS-DefaultTW-Controller,domain#DefaultTW,domain#Controller,domain#TrustworthinessLevelVeryLow,TRUE package#IoT,domain#TWAADS-DefaultTW-ControlProcess,domain#DefaultTW,domain#ControlProcess,domain#TrustworthinessLevelVeryLow,TRUE package#IoT,domain#TWAADS-DefaultTW-Sensor,domain#DefaultTW,domain#Sensor,domain#TrustworthinessLevelVeryLow,TRUE @@ -328,10 +332,12 @@ package#IoT,domain#TWAADS-ExtrinsicTW-Controller,domain#ExtrinsicTW,domain#Contr package#IoT,domain#TWAADS-ExtrinsicTW-ControlProcess,domain#ExtrinsicTW,domain#ControlProcess,domain#TrustworthinessLevelHigh,TRUE package#IoT,domain#TWAADS-ExtrinsicTW-Sensor,domain#ExtrinsicTW,domain#Sensor,domain#TrustworthinessLevelHigh,TRUE package#IoT,domain#TWAADS-ExtrinsicTW-SensorProcess,domain#ExtrinsicTW,domain#SensorProcess,domain#TrustworthinessLevelHigh,TRUE +package#IoT,domain#TWAADS-Health-ControlData,domain#Health,domain#ControlData,domain#TrustworthinessLevelSafe,TRUE package#IoT,domain#TWAADS-Health-Controller,domain#Health,domain#Controller,domain#TrustworthinessLevelSafe,TRUE package#IoT,domain#TWAADS-Health-ControlProcess,domain#Health,domain#ControlProcess,domain#TrustworthinessLevelSafe,TRUE package#IoT,domain#TWAADS-Health-Sensor,domain#Health,domain#Sensor,domain#TrustworthinessLevelSafe,TRUE package#IoT,domain#TWAADS-Health-SensorProcess,domain#Health,domain#SensorProcess,domain#TrustworthinessLevelSafe,TRUE +package#IoT,domain#TWAADS-Integrity-ControlData,domain#Integrity,domain#ControlData,domain#TrustworthinessLevelSafe,TRUE package#IoT,domain#TWAADS-Integrity-Sensor,domain#Integrity,domain#Sensor,domain#TrustworthinessLevelSafe,TRUE package#IoT,domain#TWAADS-IntrinsicTW-Controller,domain#IntrinsicTW,domain#Controller,domain#TrustworthinessLevelSafe,TRUE package#IoT,domain#TWAADS-IntrinsicTW-ControlProcess,domain#IntrinsicTW,domain#ControlProcess,domain#TrustworthinessLevelSafe,TRUE @@ -347,6 +353,7 @@ package#IoT,domain#TWAADS-Reliability-Sensor,domain#Reliability,domain#Sensor,do package#IoT,domain#TWAADS-Reliability-SensorProcess,domain#Reliability,domain#SensorProcess,domain#TrustworthinessLevelSafe,TRUE package#IoT,domain#TWAADS-ResourceTW-Controller,domain#ResourceTW,domain#Controller,domain#TrustworthinessLevelSafe,TRUE package#IoT,domain#TWAADS-ResourceTW-Sensor,domain#ResourceTW,domain#Sensor,domain#TrustworthinessLevelSafe,TRUE +package#IoT,domain#TWAADS-Timeliness-ControlData,domain#Timeliness,domain#ControlData,domain#TrustworthinessLevelSafe,TRUE package#IoT,domain#TWAADS-Timeliness-ControlProcess,domain#Timeliness,domain#ControlProcess,domain#TrustworthinessLevelSafe,TRUE package#IoT,domain#TWAADS-Timeliness-Sensor,domain#Timeliness,domain#Sensor,domain#TrustworthinessLevelSafe,TRUE package#IoT,domain#TWAADS-Timeliness-SensorProcess,domain#Timeliness,domain#SensorProcess,domain#TrustworthinessLevelSafe,TRUE diff --git a/csv/Threat.csv b/csv/Threat.csv index 1ea54ce..2656805 100644 --- a/csv/Threat.csv +++ b/csv/Threat.csv @@ -168,13 +168,16 @@ package#GDPR,domain#P.GDPR.HuDPoS-i.6,P.GDPR.HuDPoS-i.6,domain#Category-Complian package#GDPR,domain#P.GDPR.HuDPS-io.6,P.GDPR.HuDPS-io.6,domain#Category-ComplianceThreats,FALSE,FALSE,,FALSE,FALSE,"Lack of legal basis for use of _Data_ related to _DataSubject_ by _Process_: since the data is related to a person who is a citizen or resident in a state where the GDPR applies, a legal basis is required to process the data.",domain#MP-HuDPS-io,domain#Role_Process package#GDPR,domain#P.GDPR.HuSDPoS-i.9,P.GDPR.HuSDPoS-i.9,domain#Category-ComplianceThreats,FALSE,FALSE,,FALSE,FALSE,"Condition for processing special category data _Data_ related to _DataSubject_: since the data _Data_ being processed is special category data, it may be necessary to obtain consent from the data subject _DataSubject_ even if the legal basis for processing is not based on consent.",domain#MP-HuSDPoS-i,domain#Role_Process package#GDPR,domain#P.GDPR.HuSDPS-io.9,P.GDPR.HuSDPS-io.9,domain#Category-ComplianceThreats,FALSE,FALSE,,FALSE,FALSE,"Condition for processing special category _Data_ related to _DataSubject_: since the data _Data_ being processed is special category data, it may be necessary to obtain consent from the data subject _DataSubject_ even if the legal basis for processing is not based on consent.",domain#MP-HuSDPS-io,domain#Role_Process -package#IoT,domain#Co.A.CoPD.0,Co.A.CoPD.0,domain#Category-ArtificialModelConstructs,FALSE,FALSE,domain#LikelihoodVeryHigh,TRUE,TRUE,"Loss of availability at controller _Controller_: if the onboard control process at a controller is not available, it is modelled as a loss of availability at the controller.",domain#MP-CoPD,domain#Role_Controller -package#IoT,domain#Co.A.CoPD.6,Co.A.CoPD.6,domain#Category-ArtificialModelConstructs,FALSE,FALSE,domain#LikelihoodVeryHigh,TRUE,TRUE,"Loss of availability at disabled controller _Controller_: if a controller is disabled because it becomes unreliable, the side effect will be a loss of availability.",domain#MP-CoPD,domain#Role_Controller -package#IoT,domain#Co.A.CoPsDmFF.0,Co.A.CoPsDmFF.0,domain#Category-ArtificialModelConstructs,FALSE,FALSE,domain#LikelihoodVeryHigh,TRUE,TRUE,"Loss of accessibility at controller _Controller_: if the onboard data at a controller cannot be accessed by any recipient, it is modelled as a loss of availability at the controller.",domain#MP-CoPsDmFF,domain#Role_Controller -package#IoT,domain#Co.C.CoPD.0,Co.C.CoPD.0,domain#Category-ArtificialModelConstructs,FALSE,FALSE,domain#LikelihoodVeryHigh,TRUE,TRUE,"Data leakage at controller _Controller_: if the onboard data at a controller leaks, it is modelled as a loss of confidentiality for the controller.",domain#MP-CoPD,domain#Role_Controller -package#IoT,domain#Co.M.CoPDsFT.0,Co.M.CoPDsFT.0,domain#Category-ArtificialModelConstructs,FALSE,FALSE,domain#LikelihoodVeryHigh,TRUE,TRUE,"Loss of control due to compromised input at controller _Controller_: if the onboard data received by the onboard control process at a controller is not authentic, the attacker can assume control, which is represented as loss of control over the controller.",domain#MP-CoPDsFT,domain#Role_Controller -package#IoT,domain#Co.U.CoPD.0.1,Co.U.CoPD.0.1,domain#Category-ArtificialModelConstructs,FALSE,FALSE,domain#LikelihoodVeryHigh,TRUE,TRUE,"Loss of control process reliability at _Controller_: if the onboard control process at a controller becomes unreliable, it means the controller will not be reliable.",domain#MP-CoPD,domain#Role_Controller -package#IoT,domain#Co.U.CoPD.0.2,Co.U.CoPD.0.2,domain#Category-ArtificialModelConstructs,FALSE,FALSE,domain#LikelihoodVeryHigh,TRUE,TRUE,"Loss of reliability due to out of date input at _Controller_: if the onboard data at a controller is out of date, it means the controller will not be reliable. In some situations it may be possible to address this by applying restrictions at _Controller_ so that it can operate safely without real-time inputs.",domain#MP-CoPD,domain#Role_Controller +package#IoT,domain#Co.A.CoPDS.6,Co.A.CoPDS.6,domain#Category-SideEffectsOfSecurity,FALSE,FALSE,domain#LikelihoodVeryHigh,TRUE,TRUE,"Shutdown of physical process controlled by _Controller_: if IoT device _Controller_ cannot get appropriate control inputs, it may be suspended to prevent loss of reliability, but this means shutting down the process it controls by physical means.",domain#MP-CoPDS,domain#Role_Controller +package#IoT,domain#Co.C.CoPDS.0,Co.C.CoPDS.0,domain#Category-ArtificialModelConstructs,FALSE,FALSE,domain#LikelihoodVeryHigh,TRUE,TRUE,"Data leakage at controller _Controller_: if the onboard data at a controller leaks, it is modelled as a loss of confidentiality for the controller.",domain#MP-CoPDS,domain#Role_Controller +package#IoT,domain#Co.M.CoPDS.0,Co.M.CoPDS.0,domain#Category-ArtificialModelConstructs,FALSE,FALSE,domain#LikelihoodVeryHigh,TRUE,TRUE,"Loss of control due to compromised input at controller _Controller_: if the onboard data received by the onboard control process at a controller is not authentic, the attacker can assume control, which is represented as loss of control over the controller.",domain#MP-CoPDS,domain#Role_Controller +package#IoT,domain#Co.U.CoPDS.0.1,Co.U.CoPDS.0.1,domain#Category-ArtificialModelConstructs,FALSE,FALSE,domain#LikelihoodVeryHigh,TRUE,TRUE,"Loss of control process reliability at _Controller_: if the onboard control input at a controller is faulty or corrupt, it means the controller will not be reliable.",domain#MP-CoPDS,domain#Role_Controller +package#IoT,domain#Co.U.CoPDS.0.2,Co.U.CoPDS.0.2,domain#Category-ArtificialModelConstructs,FALSE,FALSE,domain#LikelihoodVeryHigh,TRUE,TRUE,"Loss of reliability due to out of date input at _Controller_: if the onboard data at a controller is out of date, it means the controller will not be reliable unless it does not require real-time updates to operate safely.",domain#MP-CoPDS,domain#Role_Controller +package#IoT,domain#Co.U.CoPDS.0.3,Co.U.CoPDS.0.3,domain#Category-ArtificialModelConstructs,FALSE,FALSE,domain#LikelihoodVeryHigh,TRUE,TRUE,"Loss of reliability due to unavailable controller _Controller_: if controller _Controller_ is unable to run processes, the associated physical process will continue in an uncontrolled fashion, making it unreliable.",domain#MP-CoPDS,domain#Role_Controller +package#IoT,domain#DF.A.DScSePDmFF.3,DF.A.DScSePDmFF.3,domain#Category-ExploitationOfPrivileges,FALSE,FALSE,domain#LikelihoodVeryHigh,TRUE,TRUE,"Malicious control of _Sensor_ prevents generation of sensed output _Data_: if an attacker can tamper with the stored control inputs to sensor _Sensor_, they may be able to prevent measurement of the environment by _Sensor_.",domain#MP-DScSePDmFF,domain#Role_Data +package#IoT,domain#DF.Auth.DScSePDmFF.3,DF.Auth.DScSePDmFF.3,domain#Category-ExploitationOfPrivileges,FALSE,FALSE,domain#LikelihoodVeryHigh,TRUE,TRUE,"Malicious control of _Sensor_ alters generation of sensed output _Data_: if an attacker can tamper with the stored control inputs to sensor _Sensor_, they may be able to alter measurement of the environment by _Sensor_ so as to deceive recipients of the data.",domain#MP-DScSePDmFF,domain#Role_Data +package#IoT,domain#DF.I.DScSePDmFF.0.1,DF.I.DScSePDmFF.0.1,domain#Category-SecondaryThreats,FALSE,FALSE,domain#LikelihoodVeryHigh,TRUE,TRUE,"Corrupt control input causes loss of integrity in output _Data_ from _Sensor_: if the control input to _Sensor_ is faulty or corrupt, then measurement of the environment by _Sensor_ will be affected, leading to faulty or corrupt sensor output _Data_.",domain#MP-DScSePDmFF,domain#Role_Data +package#IoT,domain#DF.I.DScSePDmFF.0.2,DF.I.DScSePDmFF.0.2,domain#Category-SecondaryThreats,FALSE,FALSE,domain#LikelihoodVeryHigh,TRUE,TRUE,"Out of date control input causes loss of integrity in output _Data_ from _Sensor_: if the control input to _Sensor_ is out of date, and _Sensor_ depends on real-time updating of this input, then measurement of the environment by _Sensor_ will be affected, leading to faulty or corrupt sensor output _Data_.",domain#MP-DScSePDmFF,domain#Role_Data package#IoT,domain#Se.A.SePDmFF.0,Se.A.SePDmFF.0,domain#Category-ArtificialModelConstructs,FALSE,FALSE,domain#LikelihoodVeryHigh,TRUE,TRUE,"Loss of availability at sensor _Sensor_: if the onboard data from a sensor is not available to any client, it is modelled as a loss of availability at the sensor.",domain#MP-SePDmFF,domain#Role_Sensor package#IoT,domain#Se.Auth.SePDsFF.0,Se.Auth.SePDsFF.0,domain#Category-ArtificialModelConstructs,FALSE,FALSE,domain#LikelihoodVeryHigh,TRUE,TRUE,"Loss of authenticity at sensor _Sensor_: if the onboard data received from a sensor by any client is altered by an attacker, it is modelled as a loss of authenticity at the sensor.",domain#MP-SePDsFF,domain#Role_Sensor package#IoT,domain#Se.C.SePD.0,Se.C.SePD.0,domain#Category-ArtificialModelConstructs,FALSE,FALSE,domain#LikelihoodVeryHigh,TRUE,TRUE,"Data leakage at sensor _Sensor_: if the onboard data at a sensor leaks, it is modelled as a loss of confidentiality at the sensor.",domain#MP-SePD,domain#Role_Sensor diff --git a/csv/ThreatEffects.csv b/csv/ThreatEffects.csv index 978a74e..e675ca2 100644 --- a/csv/ThreatEffects.csv +++ b/csv/ThreatEffects.csv @@ -156,13 +156,19 @@ package#DataLifecycle,domain#P.U.HP-iDSDI.3,domain#MS-LossOfReliability-Process package#DataLifecycle,domain#P.U.HuirPiD-DF-DS.0,domain#MS-LossOfReliability-Process package#DataLifecycle,domain#P.U.P-iDFDI.0,domain#MS-LossOfReliability-Process package#DataLifecycle,domain#P.U.P-iDFDI.3,domain#MS-LossOfReliability-Process -package#IoT,domain#Co.A.CoPD.0,domain#MS-LossOfAvailability-Controller -package#IoT,domain#Co.A.CoPD.6,domain#MS-LossOfAvailability-Controller -package#IoT,domain#Co.A.CoPsDmFF.0,domain#MS-LossOfAvailability-Controller -package#IoT,domain#Co.C.CoPD.0,domain#MS-LossOfConfidentiality-Controller -package#IoT,domain#Co.M.CoPDsFT.0,domain#MS-LossOfControl-Controller -package#IoT,domain#Co.U.CoPD.0.1,domain#MS-LossOfReliability-Controller -package#IoT,domain#Co.U.CoPD.0.2,domain#MS-LossOfReliability-Controller +package#IoT,domain#Co.A.CoPDS.6,domain#MS-PhysicalShutdown-Controller +package#IoT,domain#Co.C.CoPDS.0,domain#MS-LossOfConfidentiality-Controller +package#IoT,domain#Co.M.CoPDS.0,domain#MS-LossOfControl-Controller +package#IoT,domain#Co.U.CoPDS.0.1,domain#MS-LossOfReliability-Controller +package#IoT,domain#Co.U.CoPDS.0.2,domain#MS-LossOfReliability-Controller +package#IoT,domain#Co.U.CoPDS.0.3,domain#MS-LossOfReliability-Controller +package#IoT,domain#DF.A.DScSePDmFF.3,domain#MS-LossOfAvailability-DataFlow +package#IoT,domain#DF.Auth.DScSePDmFF.3,domain#MS-LossOfAuthenticity-Data +package#IoT,domain#DF.Auth.DScSePDmFF.3,domain#MS-LossOfAuthenticity-DataFlow +package#IoT,domain#DF.I.DScSePDmFF.0.1,domain#MS-LossOfAuthenticity-Data +package#IoT,domain#DF.I.DScSePDmFF.0.1,domain#MS-LossOfAuthenticity-DataFlow +package#IoT,domain#DF.I.DScSePDmFF.0.2,domain#MS-LossOfAuthenticity-Data +package#IoT,domain#DF.I.DScSePDmFF.0.2,domain#MS-LossOfAuthenticity-DataFlow package#IoT,domain#Se.A.SePDmFF.0,domain#MS-LossOfAvailability-Sensor package#IoT,domain#Se.Auth.SePDsFF.0,domain#MS-LossOfAuthenticity-Sensor package#IoT,domain#Se.C.SePD.0,domain#MS-LossOfConfidentiality-Sensor diff --git a/csv/ThreatEntryPoints.csv b/csv/ThreatEntryPoints.csv index 7a8d703..d47a999 100644 --- a/csv/ThreatEntryPoints.csv +++ b/csv/ThreatEntryPoints.csv @@ -73,6 +73,9 @@ package#DataLifecycle,domain#P.O.PpDP.6,domain#TWAS-DefaultTW-Process package#DataLifecycle,domain#P.T.PcPr-uDS.6,domain#TWAS-DefaultTW-Data package#DataLifecycle,domain#P.U.HP-iDSDI.3,domain#TWAS-Authenticity-DataCopy package#DataLifecycle,domain#P.U.P-iDFDI.3,domain#TWAS-Authenticity-DataFlow +package#IoT,domain#Co.A.CoPDS.6,domain#TWAS-DefaultTW-Controller +package#IoT,domain#DF.A.DScSePDmFF.3,domain#TWAS-Authenticity-DataCopy +package#IoT,domain#DF.Auth.DScSePDmFF.3,domain#TWAS-Authenticity-DataCopy package#LocalDeviceConnectivity,domain#H.J.UHS.3,domain#TWAS-OccupantTW-Space package#LocalDeviceConnectivity,domain#H.W.HL1H.3,domain#TWAS-Health-RemoteHost package#LocalDeviceConnectivity,domain#H.W.HL1H.3,domain#TWAS-OutOfService-RemoteHost diff --git a/csv/ThreatSEC.csv b/csv/ThreatSEC.csv index 6218d83..71621a4 100644 --- a/csv/ThreatSEC.csv +++ b/csv/ThreatSEC.csv @@ -106,13 +106,13 @@ package#DataLifecycle,domain#P.U.HP-iDSDI.0,domain#MS-LossOfIntegrity-DataCopy package#DataLifecycle,domain#P.U.HuirPiD-DF-DS.0,domain#MS-LossOfReliability-Human package#DataLifecycle,domain#P.U.P-iDFDI.0,domain#MS-InService-DataFlow package#DataLifecycle,domain#P.U.P-iDFDI.0,domain#MS-LossOfIntegrity-DataFlow -package#IoT,domain#Co.A.CoPD.0,domain#MS-LossOfAvailability-Process -package#IoT,domain#Co.A.CoPD.6,domain#MS-LossOfReliability-Process -package#IoT,domain#Co.A.CoPsDmFF.0,domain#MS-LossOfAvailability-DataFlow -package#IoT,domain#Co.C.CoPD.0,domain#MS-LossOfConfidentiality-Data -package#IoT,domain#Co.M.CoPDsFT.0,domain#MS-LossOfAuthenticity-DataFlow -package#IoT,domain#Co.U.CoPD.0.1,domain#MS-LossOfReliability-Process -package#IoT,domain#Co.U.CoPD.0.2,domain#MS-LossOfTimeliness-Process +package#IoT,domain#Co.C.CoPDS.0,domain#MS-LossOfConfidentiality-Data +package#IoT,domain#Co.M.CoPDS.0,domain#MS-LossOfAuthenticity-DataCopy +package#IoT,domain#Co.U.CoPDS.0.1,domain#MS-LossOfIntegrity-DataCopy +package#IoT,domain#Co.U.CoPDS.0.2,domain#MS-LossOfTimeliness-DataCopy +package#IoT,domain#Co.U.CoPDS.0.3,domain#MS-LossOfAvailability-Controller +package#IoT,domain#DF.I.DScSePDmFF.0.1,domain#MS-LossOfIntegrity-DataCopy +package#IoT,domain#DF.I.DScSePDmFF.0.2,domain#MS-LossOfTimeliness-DataCopy package#IoT,domain#Se.A.SePDmFF.0,domain#MS-LossOfAvailability-DataFlow package#IoT,domain#Se.Auth.SePDsFF.0,domain#MS-LossOfAuthenticity-DataFlow package#IoT,domain#Se.C.SePD.0,domain#MS-LossOfConfidentiality-Data From 4d685c1a756515e10a261e8ad114039f173e09c6 Mon Sep 17 00:00:00 2001 From: Mike Surridge <27415349+mike1813@users.noreply.github.com> Date: Tue, 29 Aug 2023 13:33:40 +0100 Subject: [PATCH 2/2] Restored the current and future risk validity flags, some of which were lost, presumably due to a bug in the domain model editor. --- csv/Threat.csv | 60 +++++++++++++++++++++++++------------------------- 1 file changed, 30 insertions(+), 30 deletions(-) diff --git a/csv/Threat.csv b/csv/Threat.csv index 2656805..98b0602 100644 --- a/csv/Threat.csv +++ b/csv/Threat.csv @@ -13,7 +13,7 @@ package#Application,domain#P.E.HIP-Hu.9,P.E.HIP-Hu.9,domain#Category-Anomalies,F package#Application,domain#P.E.HuirIPp-xD.9,P.E.HuirIPp-xD.9,domain#Category-Anomalies,FALSE,FALSE,,FALSE,FALSE,"User _Human_ of interactive process _InteractiveProcess_ has no interaction with data _Data_ used by _InteractiveProcess_: process _InteractiveProcess_ is specialised to support user interaction with data, and cannot process data without inolving the user. The domain model infers the user interaction where possible, but in this case there is some ambiguity so you must specify whether _Human_ enters, views or amends _Data_. If _Human_ really does not interact with _Data_ then either delete the relationship of _InteractiveProcess_ to _Data_, or change the type of _InteractiveProcess_ to a less specialised type of process.",domain#MP-HuirIPp-xD,domain#Role_InteractiveProcess package#Application,domain#P.E.HuirPsD.9,P.E.HuirPsD.9,domain#Category-Anomalies,FALSE,FALSE,,FALSE,FALSE,"Data _Data_ is both served by interactive process _Process_ used by _Human_: this is not supported by the domain model as it leads to ambiguous dependencies. Please replace _Process_ by two distinct processes, one used by _Human_ and the other that serves _Data_, then specify which uses the other (usually the interactive process would use the data service, but this cannot be inferred automatically since it may not always be the case).",domain#MP-HuirPsD,domain#Role_Process package#Application,domain#P.E.PpD+noDU.9,P.E.PpD+noDU.9,domain#Category-Anomalies,FALSE,FALSE,,FALSE,FALSE,"Process _Process_ should not process data _Data_: process _Process_ is in one of the restricted classes that may not process data, i.e. an authentication client or service, a specialised reverse proxy service or a remote access client or service. If the relationship between _Process_ and _Data_ is not an error, then the type of _Process_ should be changed to a less restricted class.",domain#MP-PpD+noDU,domain#Role_Process -package#CloudManagement,domain#DF.A.PDF.6.2,DF.A.PDF.6.2,domain#Category-SideEffectsOfSecurity,FALSE,FALSE,domain#LikelihoodVeryHigh,TRUE,TRUE,"Loss of availability from suspending the flow of unauthentic data _Data_ from _FlowsFrom_ to _Process_: if a contingency plan is used in which the flow of _Data_ between _FlowsFrom_ to _Process_ is disabled if the data was subject to malicious tampering, then the flow of data _Data_ from _FlowsFrom_ to _Process_ will become unavailable.",domain#MP-PDF,domain#Role_DataFlow +package#CloudManagement,domain#DF.A.PDF.6.2,DF.A.PDF.6.2,domain#Category-SideEffectsOfSecurity,FALSE,FALSE,domain#LikelihoodVeryHigh,FALSE,TRUE,"Loss of availability from suspending the flow of unauthentic data _Data_ from _FlowsFrom_ to _Process_: if a contingency plan is used in which the flow of _Data_ between _FlowsFrom_ to _Process_ is disabled if the data was subject to malicious tampering, then the flow of data _Data_ from _FlowsFrom_ to _Process_ will become unavailable.",domain#MP-PDF,domain#Role_DataFlow package#CloudManagement,domain#H.A.CVHHDC.0,H.A.CVHHDC.0,domain#Category-SecondaryThreats,TRUE,FALSE,domain#LikelihoodLow,TRUE,TRUE,"SLA constrained virtual host _Host_ becomes unavailable: if clusterable virtual host _Host_ running in data centre _DataCentre_ becomes overloaded, and it is limited by an SLA from scaling up its use of resources at _DataCentre_, then it may become unavailable.",domain#MP-CVHHDC,domain#Role_Host package#CloudManagement,domain#H.E.CtDS.9,H.E.CtDS.9,domain#Category-Anomalies,FALSE,FALSE,,FALSE,FALSE,"Data _Data_ cannot be stored persistently in Container _Container_: host _Container_ is a Container, which cannot retain persistent state internally.",domain#MP-CtDS,domain#Role_Container package#CloudManagement,domain#H.E.CtH-iP.9,H.E.CtH-iP.9,domain#Category-Anomalies,FALSE,FALSE,,FALSE,FALSE,"Container _Container_ cannot be provisioned on host _Host_: a Container can only be provisioned by a Pod, which _Host_ is not.",domain#MP-CtH-iP,domain#Role_Container @@ -43,8 +43,8 @@ package#DataLifecycle,domain#DF.A.HPDSDADF.0,DF.A.HPDSDADF.0,domain#Category-Sec package#DataLifecycle,domain#DF.A.HPDSDADF.6.1,DF.A.HPDSDADF.6.1,domain#Category-SideEffectsOfSecurity,FALSE,FALSE,domain#LikelihoodVeryHigh,TRUE,TRUE,"Service _Process_ cannot decrypt data _Data_ for transmission to _FlowsTo_: the stored copy of _Data_ on _Host_ is encrypted, but _FlowsTo_ expects an unencrypted version, and _Process_ has no means to decrypt the data before sending it.",domain#MP-HPDSDADF,domain#Role_DataFlow package#DataLifecycle,domain#DF.A.HPDSDADF.6.2,DF.A.HPDSDADF.6.2,domain#Category-SideEffectsOfSecurity,FALSE,FALSE,domain#LikelihoodVeryHigh,TRUE,TRUE,"Service _Process_ cannot send unencrypted data _Data_ to _FlowsTo_: because the stored copy of _Data_ on _Host_ is not encrypted, and _FlowsTo_ expects an encrypted version, it is not possible for _Process_ to send it without a key.",domain#MP-HPDSDADF,domain#Role_DataFlow package#DataLifecycle,domain#DF.A.PDF.6.1,DF.A.PDF.6.1,domain#Category-SideEffectsOfSecurity,FALSE,FALSE,domain#LikelihoodVeryHigh,TRUE,TRUE,"Loss of availability in the disabled flow of data _Data_ from _FlowsFrom_ to _Process_: the flow of _Data_ between _FlowsFrom_ to _Process_ has been disabled to maintain security or prevent a breach of regulations, but as a result the data flow is now unavailable.",domain#MP-PDF,domain#Role_DataFlow -package#DataLifecycle,domain#DF.A.PDF.6.3,DF.A.PDF.6.3,domain#Category-SideEffectsOfSecurity,FALSE,FALSE,domain#LikelihoodVeryHigh,TRUE,TRUE,"Loss of availability from suspending the flow of corrupt data _Data_ from _FlowsFrom_ to _Process_: if a contingency plan is used in which the flow of _Data_ between _FlowsFrom_ to _Process_ is disabled if the data is corrupt, then the flow of data _Data_ from _FlowsFrom_ to _Process_ will become unavailable.",domain#MP-PDF,domain#Role_DataFlow -package#DataLifecycle,domain#DF.A.PDF.6.4,DF.A.PDF.6.4,domain#Category-SideEffectsOfSecurity,FALSE,FALSE,domain#LikelihoodVeryHigh,TRUE,TRUE,"Loss of availability from suspending the flow of infected data _Data_ from _FlowsFrom_ to _Process_: if a contingency plan is used in which the flow of _Data_ between _FlowsFrom_ to _Process_ is disabled if the data becomes infected with malware, then the flow of data _Data_ from _FlowsFrom_ to _Process_ will become unavailable.",domain#MP-PDF,domain#Role_DataFlow +package#DataLifecycle,domain#DF.A.PDF.6.3,DF.A.PDF.6.3,domain#Category-SideEffectsOfSecurity,FALSE,FALSE,domain#LikelihoodVeryHigh,FALSE,TRUE,"Loss of availability from suspending the flow of corrupt data _Data_ from _FlowsFrom_ to _Process_: if a contingency plan is used in which the flow of _Data_ between _FlowsFrom_ to _Process_ is disabled if the data is corrupt, then the flow of data _Data_ from _FlowsFrom_ to _Process_ will become unavailable.",domain#MP-PDF,domain#Role_DataFlow +package#DataLifecycle,domain#DF.A.PDF.6.4,DF.A.PDF.6.4,domain#Category-SideEffectsOfSecurity,FALSE,FALSE,domain#LikelihoodVeryHigh,FALSE,TRUE,"Loss of availability from suspending the flow of infected data _Data_ from _FlowsFrom_ to _Process_: if a contingency plan is used in which the flow of _Data_ between _FlowsFrom_ to _Process_ is disabled if the data becomes infected with malware, then the flow of data _Data_ from _FlowsFrom_ to _Process_ will become unavailable.",domain#MP-PDF,domain#Role_DataFlow package#DataLifecycle,domain#DF.A.PmDFIDADFI.0,DF.A.PmDFIDADFI.0,domain#Category-SecondaryThreats,TRUE,FALSE,domain#LikelihoodVeryHigh,TRUE,TRUE,"Data _Data_ cannot be forwarded by _Process_ to _FlowsTo_ because the incoming data flow is not available: if the flow of data _Data_ to _Process_ is unavailable, the flow of the same data from _Process_ to _FlowsTo_ will also be unavailable.",domain#MP-PmDFIDADFI,domain#Role_DataFlow package#DataLifecycle,domain#DF.A.PmDFIDADFI.6.1,DF.A.PmDFIDADFI.6.1,domain#Category-SecondaryThreats,FALSE,FALSE,domain#LikelihoodVeryHigh,TRUE,TRUE,"Encrypted data _Data_ cannot be forwarded by _Process_ to _FlowsTo_: if the flow of data _Data_ to _Process_ is encrypted, it cannot be forwarded to _FlowsTo_ which expects it to be unencrypted.",domain#MP-PmDFIDADFI,domain#Role_DataFlow package#DataLifecycle,domain#DF.A.PmDFIDADFI.6.2,DF.A.PmDFIDADFI.6.2,domain#Category-SecondaryThreats,FALSE,FALSE,domain#LikelihoodVeryHigh,TRUE,TRUE,"Unencrypted data _Data_ cannot be forwarded by _Process_ to _FlowsTo_: if the flow of data _Data_ to _Process_ is not encrypted, it cannot be forwarded to _FlowsTo_ which expects it to be encrypted.",domain#MP-PmDFIDADFI,domain#Role_DataFlow @@ -381,12 +381,12 @@ package#ProcessComms,domain#CC.AX.CCC-nS.6.1.1,CC.AX.CCC-nS.6.1.1,domain#Categor package#ProcessComms,domain#CC.AX.CCC-nS.6.1.3,CC.AX.CCC-nS.6.1.3,domain#Category-SideEffectsOfSecurity,FALSE,FALSE,domain#LikelihoodVeryHigh,TRUE,TRUE,"Client _Client_ unable to use 2-factor authentication to access service _Service_: if service _Service_ requires clients to authenticate using a second factor (e.g. a one time key or out of band key exchange), but this is not available to _Client_ then access will be impossible.",domain#MP-CCC-nS,domain#Role_ClientChannel package#ProcessComms,domain#CC.AX.CCCS.1.3,CC.AX.CCCS.1.3,domain#Category-ExploitationOfPrivileges,FALSE,FALSE,domain#LikelihoodVeryHigh,TRUE,TRUE,Compromised service _Service_ prevents access by _Client_: if service _Service_ is compromised then the attacker can prevent _Client_ from authenticating with the service.,domain#MP-CCCS,domain#Role_ClientChannel package#ProcessComms,domain#CC.AX.CCCS.6.1,CC.AX.CCCS.6.1,domain#Category-SideEffectsOfSecurity,FALSE,FALSE,domain#LikelihoodVeryHigh,TRUE,TRUE,"Disabled access by client _Client_ to _Service_: access by client _Client_ to service _Service_ has been disabled to prevent communication threats. However, this also causes a loss of accessibility of the service from that client.",domain#MP-CCCS,domain#Role_ClientChannel -package#ProcessComms,domain#CC.AX.CCCS.6.2,CC.AX.CCCS.6.2,domain#Category-SideEffectsOfSecurity,FALSE,FALSE,domain#LikelihoodVeryHigh,TRUE,TRUE,"Disabling access by impersonated client _Client_ to _Service_ affects availability: access by client _Client_ to service _Service_ may be disabled to prevent access by an impersonated client, but this affects the availability of client-service connections.",domain#MP-CCCS,domain#Role_ClientChannel -package#ProcessComms,domain#CC.AX.CCCS.6.3,CC.AX.CCCS.6.3,domain#Category-SideEffectsOfSecurity,FALSE,FALSE,domain#LikelihoodVeryHigh,TRUE,TRUE,"Disabling access by untrustworthy client _Client_ to _Service_ affects availability: access by client _Client_ to service _Service_ may be disabled to prevent access by a malicious or compromised client, but this affects the availability of client-service connections.",domain#MP-CCCS,domain#Role_ClientChannel +package#ProcessComms,domain#CC.AX.CCCS.6.2,CC.AX.CCCS.6.2,domain#Category-SideEffectsOfSecurity,FALSE,FALSE,domain#LikelihoodVeryHigh,FALSE,TRUE,"Disabling access by impersonated client _Client_ to _Service_ affects availability: access by client _Client_ to service _Service_ may be disabled to prevent access by an impersonated client, but this affects the availability of client-service connections.",domain#MP-CCCS,domain#Role_ClientChannel +package#ProcessComms,domain#CC.AX.CCCS.6.3,CC.AX.CCCS.6.3,domain#Category-SideEffectsOfSecurity,FALSE,FALSE,domain#LikelihoodVeryHigh,FALSE,TRUE,"Disabling access by untrustworthy client _Client_ to _Service_ affects availability: access by client _Client_ to service _Service_ may be disabled to prevent access by a malicious or compromised client, but this affects the availability of client-service connections.",domain#MP-CCCS,domain#Role_ClientChannel package#ProcessComms,domain#CC.AX.CCCSScS.0,CC.AX.CCCSScS.0,domain#Category-SecondaryThreats,TRUE,FALSE,domain#LikelihoodVeryHigh,TRUE,TRUE,"Client _Client_ unable to authenticate with _Service_ to access service _Process_: the service _Process_ requires that clients authenticate with a separate service _Service_, which the client _Client_ is unable to do.",domain#MP-CCCSScS,domain#Role_AuthChannel package#ProcessComms,domain#CC.AX.CCCvCCS.0,CC.AX.CCCvCCS.0,domain#Category-SecondaryThreats,TRUE,FALSE,domain#LikelihoodVeryHigh,TRUE,TRUE,"Access by _Client_ to _Service_ blocked between _ProxyClient_ and _Proxy_: if _Client_ is accessing _Service_ via a proxy, then a comms failure to or from the proxy also causes an end-to-end comms failure between _Client_ and _Service_.",domain#MP-CCCvCCS,domain#Role_ClientChannel -package#ProcessComms,domain#CC.AX.CCDFSFS.6.4,CC.AX.CCDFSFS.6.4,domain#Category-SideEffectsOfSecurity,FALSE,FALSE,domain#LikelihoodVeryHigh,TRUE,TRUE,"Disabling excessive access by client _Client_ to _Service_ affects availability: access by client _Client_ to service _Service_ may be disabled to prevent excessive amounts of data being requested from the service, but this affects the availability of client-service connections.",domain#MP-CCDFSFS,domain#Role_ClientChannel -package#ProcessComms,domain#CC.AX.CCDFSTS.6.4,CC.AX.CCDFSTS.6.4,domain#Category-SideEffectsOfSecurity,FALSE,FALSE,domain#LikelihoodVeryHigh,TRUE,TRUE,"Disabling excessive access by client _Client_ to _Service_ affects availability: access by client _Client_ to service _Service_ may be disabled to prevent excessive amounts of data being sent to the service, but this affects the availability of client-service connections.",domain#MP-CCDFSTS,domain#Role_ClientChannel +package#ProcessComms,domain#CC.AX.CCDFSFS.6.4,CC.AX.CCDFSFS.6.4,domain#Category-SideEffectsOfSecurity,FALSE,FALSE,domain#LikelihoodVeryHigh,FALSE,TRUE,"Disabling excessive access by client _Client_ to _Service_ affects availability: access by client _Client_ to service _Service_ may be disabled to prevent excessive amounts of data being requested from the service, but this affects the availability of client-service connections.",domain#MP-CCDFSFS,domain#Role_ClientChannel +package#ProcessComms,domain#CC.AX.CCDFSTS.6.4,CC.AX.CCDFSTS.6.4,domain#Category-SideEffectsOfSecurity,FALSE,FALSE,domain#LikelihoodVeryHigh,FALSE,TRUE,"Disabling excessive access by client _Client_ to _Service_ affects availability: access by client _Client_ to service _Service_ may be disabled to prevent excessive amounts of data being sent to the service, but this affects the availability of client-service connections.",domain#MP-CCDFSTS,domain#Role_ClientChannel package#ProcessComms,domain#CC.AX.HuCCC-nS.6.1.2,CC.AX.HuCCC-nS.6.1.2,domain#Category-SideEffectsOfSecurity,FALSE,FALSE,domain#LikelihoodMedium,TRUE,TRUE,"User _Human_ of client _Client_ forgot the password to authenticate with _Service_: the service _Service_ requires that clients authenticate using a strong password, but the user _Human_ cannot remember the password.",domain#MP-HuCCC-nS,domain#Role_ClientChannel package#ProcessComms,domain#CC.AX.HuCCC-nS.6.1.7,CC.AX.HuCCC-nS.6.1.7,domain#Category-SideEffectsOfSecurity,FALSE,FALSE,domain#LikelihoodMedium,TRUE,TRUE,"Continuous authN false negative at _Client_ prevents access to _Service_: the service _Service_ requires that clients use continuous authentication to verify the identity of the user _Human_, and this is in place but produces a false negative result.",domain#MP-HuCCC-nS,domain#Role_ClientChannel package#ProcessComms,domain#CC.C.CCCSCSoCC.3,CC.C.CCCSCSoCC.3,domain#Category-SnoopingAttacks,FALSE,FALSE,domain#LikelihoodVeryHigh,TRUE,TRUE,"Communications intercepted between _Client_ and _Service_: if a network communication path used by _Client_ and _Service_ is subject to snooping, then communications between _Client_ and _Service_ can be intercepted.",domain#MP-CCCSCSoCC,domain#Role_ClientChannel @@ -402,10 +402,10 @@ package#ProcessComms,domain#CC.R.HuoStCCCS.1,CC.R.HuoStCCCS.1,domain#Category-Ex package#ProcessComms,domain#CC.R.HuStCCCS.1,CC.R.HuStCCCS.1,domain#Category-ExploitationOfPrivileges,FALSE,FALSE,domain#LikelihoodVeryHigh,TRUE,TRUE,Malicious action by employee of _Employer_ using _Client_ to access _Service_: user _Human_ of client process _Client_ may be persuaded by their employer _Employer_ to abuse the right of _Client_ to access service _Service_.,domain#MP-HuStCCCS,domain#Role_ClientChannel package#ProcessComms,domain#CC.R.OCAPNoS.3,CC.R.OCAPNoS.3,domain#Category-ExploitationOfImposterPrivileges,FALSE,FALSE,domain#LikelihoodVeryHigh,TRUE,TRUE,Imposter posing as _Client_ gains access to service _Service_ from _LogicalSubnet_: an attacker with access to subnet _LogicalSubnet_ who can impersonate legitimate client _Client_ or otherwise evade authentication can exploit a privileged network path from _Client_ to _Service_ and access service _Service_ as _Client_.,domain#MP-OCAPNoS,domain#Role_ClientChannel package#ProcessComms,domain#CP.IS.SCmCP.8,CP.IS.SCmCP.8,domain#Category-NormalOperation,FALSE,TRUE,domain#LikelihoodVeryHigh,TRUE,TRUE,"Client path(s) from _Client_ to _Service_ is in service: if there is an open channel from client _Client_ to service _Service_, then the service may be subject to authenticated attacks from logical subnets exploiting the open channel.",domain#MP-SCmCP,domain#Role_ClientPath -package#ProcessComms,domain#DF.A.CCDFCS.6.3,DF.A.CCDFCS.6.3,domain#Category-SideEffectsOfSecurity,FALSE,FALSE,domain#LikelihoodVeryHigh,TRUE,TRUE,"Flow of data _Data_ from _FlowsFrom_ to _FlowsTo_ via untrustworthy _Service_ disabled: if the system operates a policy to disable the flow of data _Data_ from _FlowsFrom_ if there is a perceived loss of trustworthiness in a recipient _Service_, then there will also be a loss of availability if _Service_ is untrustworthy.",domain#MP-CCDFCS,domain#Role_DataFlow +package#ProcessComms,domain#DF.A.CCDFCS.6.3,DF.A.CCDFCS.6.3,domain#Category-SideEffectsOfSecurity,FALSE,FALSE,domain#LikelihoodVeryHigh,FALSE,TRUE,"Flow of data _Data_ from _FlowsFrom_ to _FlowsTo_ via untrustworthy _Service_ disabled: if the system operates a policy to disable the flow of data _Data_ from _FlowsFrom_ if there is a perceived loss of trustworthiness in a recipient _Service_, then there will also be a loss of availability if _Service_ is untrustworthy.",domain#MP-CCDFCS,domain#Role_DataFlow package#ProcessComms,domain#DF.A.CCDFCS-i.0,DF.A.CCDFCS-i.0,domain#Category-SecondaryThreats,TRUE,FALSE,domain#LikelihoodVeryHigh,TRUE,TRUE,"Flow of data _Data_ from _FlowsFrom_ to _FlowsTo_ interrupted because _Client_ cannot access _Service_: if client _Client_ cannot access service _Service_, the end to end flow of data _Data_ from _FlowsFrom_ to _FlowsTo_ that uses this client-service connection will be interrupted.",domain#MP-CCDFCS-i,domain#Role_DataFlow package#ProcessComms,domain#DF.A.CCDFC-SS-i.0,DF.A.CCDFC-SS-i.0,domain#Category-SecondaryThreats,TRUE,FALSE,domain#LikelihoodVeryHigh,TRUE,TRUE,Flow of data _Data_ from _FlowsFrom_ to _FlowsTo_ interrupted by unavailable process _Client_: if process _Client_ is not available then it will be unable to initiate or forward the flow of _Data_ between _FlowsFrom_ to _FlowsTo_.,domain#MP-CCDFC-SS-i,domain#Role_DataFlow -package#ProcessComms,domain#DF.A.CCDFSC.6.3,DF.A.CCDFSC.6.3,domain#Category-SideEffectsOfSecurity,FALSE,FALSE,domain#LikelihoodVeryHigh,TRUE,TRUE,"Flow of data _Data_ from _FlowsFrom_ to _FlowsTo_ via untrustworthy process _Client_ disabled: if the system operates a policy to disable the flow of data _Data_ from _FlowsFrom_ if there is a perceived loss of trustworthiness in the recipient _Client_, then there will also be a loss of availability if _Client_ is untrustworthy.",domain#MP-CCDFSC,domain#Role_DataFlow +package#ProcessComms,domain#DF.A.CCDFSC.6.3,DF.A.CCDFSC.6.3,domain#Category-SideEffectsOfSecurity,FALSE,FALSE,domain#LikelihoodVeryHigh,FALSE,TRUE,"Flow of data _Data_ from _FlowsFrom_ to _FlowsTo_ via untrustworthy process _Client_ disabled: if the system operates a policy to disable the flow of data _Data_ from _FlowsFrom_ if there is a perceived loss of trustworthiness in the recipient _Client_, then there will also be a loss of availability if _Client_ is untrustworthy.",domain#MP-CCDFSC,domain#Role_DataFlow package#ProcessComms,domain#DF.A.CCDFSC-i.0,DF.A.CCDFSC-i.0,domain#Category-SecondaryThreats,TRUE,FALSE,domain#LikelihoodVeryHigh,TRUE,TRUE,"Flow of data _Data_ from _FlowsFrom_ to _FlowsTo_ interrupted because _Client_ cannot access _Service_: if client _Client_ cannot access service _Service_, the end to end flow of data _Data_ from _FlowsFrom_ to _FlowsTo_ that uses this client-service connection will be interrupted.",domain#MP-CCDFSC-i,domain#Role_DataFlow package#ProcessComms,domain#DF.Auth.CCDFCS.1.3,DF.Auth.CCDFCS.1.3,domain#Category-ExploitationOfImposterPrivileges,FALSE,FALSE,domain#LikelihoodVeryHigh,TRUE,TRUE,"Compromised or impersonated client _Client_ injects fake content into the flow of data _Data_ from _FlowsFrom_ to _FlowsTo_ between _Client_ and _Service_: if an attacker can compromise or impersonate client _Client_, they can inject fake data in messages to _Service_.",domain#MP-CCDFCS,domain#Role_Data package#ProcessComms,domain#DF.Auth.CCDFFC.1.6,DF.Auth.CCDFFC.1.6,domain#Category-ExploitationOfPrivileges,FALSE,FALSE,domain#LikelihoodVeryHigh,TRUE,TRUE,"Compromised client _Client_ injects fake content into the encrypted flow of _Data_ to/via _Service_: if an attacker can compromise client _Client_, they can access its cryptographic key and alter data _Data_ flowing between _Client_ and _FlowsTo_.",domain#MP-CCDFFC,domain#Role_DataFlow @@ -538,15 +538,15 @@ package#VulnerabilityCVSS,domain#DS.C.HDS.4,DS.C.HDS.4,domain#Category-Exploitat package#VulnerabilityCVSS,domain#DS.C.HPsACDSrDI.4,DS.C.HPsACDSrDI.4,domain#Category-ExploitationOfVulnerabilityEffects,FALSE,FALSE,domain#LikelihoodVeryHigh,TRUE,TRUE,"Attacker exploit at _Process_ accesses its input _Data_: the attacker is able to exploit a vulnerability in process _Process_, gaining access to the stored copy of _Data_ used by the process on its host device _Host_.",domain#MP-HPsACDSrDI,domain#Role_Data package#VulnerabilityCVSS,domain#DS.C.HPsACDSr-pDA.4,DS.C.HPsACDSr-pDA.4,domain#Category-ExploitationOfVulnerabilityEffects,FALSE,FALSE,domain#LikelihoodVeryHigh,TRUE,TRUE,Attacker exploit at _Process_ accesses _Data_: the attacker is able to exploit a vulnerability in process _Process_ and gains access to the stored copy of _Data_ on device _Host_ which is served by the process.,domain#MP-HPsACDSr-pDA,domain#Role_Data package#VulnerabilityCVSS,domain#H.A.H.4,H.A.H.4,domain#Category-ExploitationOfVulnerabilityEffects,FALSE,FALSE,domain#LikelihoodVeryHigh,TRUE,TRUE,Attacker exploit disables _Host_: the attacker exploits a vulnerability in device _Host_ and is able to crash the device.,domain#MP-H,domain#Role_Host -package#VulnerabilityCVSS,domain#H.E-A.TH.8,H.E-A.TH.8,domain#Category-DiscoveryOfVulnerabilies,FALSE,TRUE,domain#LikelihoodLow,TRUE,TRUE,"Vulnerability (A) discovered at _Host_: software vulnerability found in device _Host_, which could allow an attack on host availability, and may be known to attackers. Only around 4 percent of vulnerabilities are specific to this type of action (NVD 2015-2019).",domain#MP-TH,domain#Role_Host -package#VulnerabilityCVSS,domain#H.E-AU.H.8,H.E-AU.H.8,domain#Category-DiscoveryOfVulnerabilies,FALSE,TRUE,domain#LikelihoodVeryHigh,TRUE,TRUE,"Vulnerability (AU) discovered at _Host_: software vulnerability found in device _Host_, which could allow an attack that bypasses authentication, and may be known to attackers. Around 82 percent of vulnerabilities can be accessed without authentication (NVD 2015-2019).",domain#MP-H,domain#Role_Host -package#VulnerabilityCVSS,domain#H.E-C.TH.8,H.E-C.TH.8,domain#Category-DiscoveryOfVulnerabilies,FALSE,TRUE,domain#LikelihoodVeryLow,TRUE,TRUE,"Vulnerability (C) discovered at _Host_: software vulnerability found in device _Host_, which could allow an attack on data confidentiality, and may be known to attackers. Less than 1 percent of vulnerabilities are specific to this type of action (NVD 2015-2019).",domain#MP-TH,domain#Role_Host -package#VulnerabilityCVSS,domain#H.E-I.TH.8,H.E-I.TH.8,domain#Category-DiscoveryOfVulnerabilies,FALSE,TRUE,domain#LikelihoodVeryLow,TRUE,TRUE,"Vulnerability (I) discovered at _Host_: software vulnerability found in device _Host_, which could allow an attack on data integrity, and may be known to attackers. Less than 1 percent of vulnerabilities are specific to this type of action (NVD 2015-2019).",domain#MP-TH,domain#Role_Host -package#VulnerabilityCVSS,domain#H.E-M.SH.8,H.E-M.SH.8,domain#Category-DiscoveryOfVulnerabilies,FALSE,TRUE,domain#LikelihoodMedium,TRUE,TRUE,"Vulnerability (M) discovered at _Host_: software vulnerability found in device _Host_, which could allow an attack gaining admin level access, and may be known to attackers. Around 18 percent of vulnerabilities allow complete control of the vulnerable device (NVD 2015-2019).",domain#MP-SH,domain#Role_Host -package#VulnerabilityCVSS,domain#H.E-VA.H.8,H.E-VA.H.8,domain#Category-DiscoveryOfVulnerabilies,FALSE,TRUE,domain#LikelihoodVeryLow,TRUE,TRUE,"Vulnerability (VA) discovered at _Host_: software vulnerability found in device _Host_, which could allow an attack from an adjacent network, and may be known to attackers. Under 2 percent of vulnerabilities require low level access from an adjacent network (NVD 2015-2019).",domain#MP-H,domain#Role_Host -package#VulnerabilityCVSS,domain#H.E-VL.H.8,H.E-VL.H.8,domain#Category-DiscoveryOfVulnerabilies,FALSE,TRUE,domain#LikelihoodMedium,TRUE,TRUE,"Vulnerability (VL) discovered at _Host_: software vulnerability found in device _Host_, which could allow an attack by a local user, and may be known to attackers. Around 14 percent of vulnerabilities require local user access to the vulnerable device (NVD 2015-2019).",domain#MP-H,domain#Role_Host -package#VulnerabilityCVSS,domain#H.E-VN.H.8,H.E-VN.H.8,domain#Category-DiscoveryOfVulnerabilies,FALSE,TRUE,domain#LikelihoodVeryHigh,TRUE,TRUE,"Vulnerability (VN) discovered at _Host_: software vulnerability found in device _Host_, which could allow an attack from a remote network, and may be known to attackers. Around 84 percent of vulnerabilities can be accessed from a remote network (NVD 2015-2019).",domain#MP-H,domain#Role_Host -package#VulnerabilityCVSS,domain#H.E-W.GH.8,H.E-W.GH.8,domain#Category-DiscoveryOfVulnerabilies,FALSE,TRUE,domain#LikelihoodMedium,TRUE,TRUE,"Vulnerability (W) discovered at _Host_: software vulnerability found in device _Host_, which could allow an attack by self-propagating malware, and may be known to attackers. Statistics not analysed, but should be less likely than user-level access because someone would need to know about the vulnerability and then develop fully automated and self-propagating malware able to attack it.",domain#MP-GH,domain#Role_Host +package#VulnerabilityCVSS,domain#H.E-A.TH.8,H.E-A.TH.8,domain#Category-DiscoveryOfVulnerabilies,FALSE,TRUE,domain#LikelihoodLow,FALSE,TRUE,"Vulnerability (A) discovered at _Host_: software vulnerability found in device _Host_, which could allow an attack on host availability, and may be known to attackers. Only around 4 percent of vulnerabilities are specific to this type of action (NVD 2015-2019).",domain#MP-TH,domain#Role_Host +package#VulnerabilityCVSS,domain#H.E-AU.H.8,H.E-AU.H.8,domain#Category-DiscoveryOfVulnerabilies,FALSE,TRUE,domain#LikelihoodVeryHigh,FALSE,TRUE,"Vulnerability (AU) discovered at _Host_: software vulnerability found in device _Host_, which could allow an attack that bypasses authentication, and may be known to attackers. Around 82 percent of vulnerabilities can be accessed without authentication (NVD 2015-2019).",domain#MP-H,domain#Role_Host +package#VulnerabilityCVSS,domain#H.E-C.TH.8,H.E-C.TH.8,domain#Category-DiscoveryOfVulnerabilies,FALSE,TRUE,domain#LikelihoodVeryLow,FALSE,TRUE,"Vulnerability (C) discovered at _Host_: software vulnerability found in device _Host_, which could allow an attack on data confidentiality, and may be known to attackers. Less than 1 percent of vulnerabilities are specific to this type of action (NVD 2015-2019).",domain#MP-TH,domain#Role_Host +package#VulnerabilityCVSS,domain#H.E-I.TH.8,H.E-I.TH.8,domain#Category-DiscoveryOfVulnerabilies,FALSE,TRUE,domain#LikelihoodVeryLow,FALSE,TRUE,"Vulnerability (I) discovered at _Host_: software vulnerability found in device _Host_, which could allow an attack on data integrity, and may be known to attackers. Less than 1 percent of vulnerabilities are specific to this type of action (NVD 2015-2019).",domain#MP-TH,domain#Role_Host +package#VulnerabilityCVSS,domain#H.E-M.SH.8,H.E-M.SH.8,domain#Category-DiscoveryOfVulnerabilies,FALSE,TRUE,domain#LikelihoodMedium,FALSE,TRUE,"Vulnerability (M) discovered at _Host_: software vulnerability found in device _Host_, which could allow an attack gaining admin level access, and may be known to attackers. Around 18 percent of vulnerabilities allow complete control of the vulnerable device (NVD 2015-2019).",domain#MP-SH,domain#Role_Host +package#VulnerabilityCVSS,domain#H.E-VA.H.8,H.E-VA.H.8,domain#Category-DiscoveryOfVulnerabilies,FALSE,TRUE,domain#LikelihoodVeryLow,FALSE,TRUE,"Vulnerability (VA) discovered at _Host_: software vulnerability found in device _Host_, which could allow an attack from an adjacent network, and may be known to attackers. Under 2 percent of vulnerabilities require low level access from an adjacent network (NVD 2015-2019).",domain#MP-H,domain#Role_Host +package#VulnerabilityCVSS,domain#H.E-VL.H.8,H.E-VL.H.8,domain#Category-DiscoveryOfVulnerabilies,FALSE,TRUE,domain#LikelihoodMedium,FALSE,TRUE,"Vulnerability (VL) discovered at _Host_: software vulnerability found in device _Host_, which could allow an attack by a local user, and may be known to attackers. Around 14 percent of vulnerabilities require local user access to the vulnerable device (NVD 2015-2019).",domain#MP-H,domain#Role_Host +package#VulnerabilityCVSS,domain#H.E-VN.H.8,H.E-VN.H.8,domain#Category-DiscoveryOfVulnerabilies,FALSE,TRUE,domain#LikelihoodVeryHigh,FALSE,TRUE,"Vulnerability (VN) discovered at _Host_: software vulnerability found in device _Host_, which could allow an attack from a remote network, and may be known to attackers. Around 84 percent of vulnerabilities can be accessed from a remote network (NVD 2015-2019).",domain#MP-H,domain#Role_Host +package#VulnerabilityCVSS,domain#H.E-W.GH.8,H.E-W.GH.8,domain#Category-DiscoveryOfVulnerabilies,FALSE,TRUE,domain#LikelihoodMedium,FALSE,TRUE,"Vulnerability (W) discovered at _Host_: software vulnerability found in device _Host_, which could allow an attack by self-propagating malware, and may be known to attackers. Statistics not analysed, but should be less likely than user-level access because someone would need to know about the vulnerability and then develop fully automated and self-propagating malware able to attack it.",domain#MP-GH,domain#Role_Host package#VulnerabilityCVSS,domain#H.J.GH.7,H.J.GH.7,domain#Category-ExploitationOfVulnerabilities,FALSE,FALSE,domain#LikelihoodVeryHigh,TRUE,TRUE,Malware inserts remote access back door in infected device _Host_: the malware infecting device _Host_ exploits a vulnerability to insert a means for the attacker to remotely access admin privileges on _Host_.,domain#MP-GH,domain#Role_Host package#VulnerabilityCVSS,domain#H.L.HAC.4,H.L.HAC.4,domain#Category-ExploitationOfVulnerabilityEffects,FALSE,FALSE,domain#LikelihoodVeryHigh,TRUE,TRUE,"Attacker exploit gains user privileges at _Host_ in location _Space_: the attacker exploits a vulnerability in device _Host_ when it is located in _Space_, and gains user level access to the device in that context.",domain#MP-HAC,domain#Role_Host package#VulnerabilityCVSS,domain#H.M.HAC.4,H.M.HAC.4,domain#Category-ExploitationOfVulnerabilityEffects,FALSE,FALSE,domain#LikelihoodVeryHigh,TRUE,TRUE,Attacker exploit gains admin rights at _Host_ when it is in location _Space_: the attacker exploits a vulnerability in device _Host_ in context _HostAccess_ and gains control over the device in that context.,domain#MP-HAC,domain#Role_Host @@ -569,18 +569,18 @@ package#VulnerabilityCVSS,domain#P.A.HuDFrXSS.6,P.A.HuDFrXSS.6,domain#Category-E package#VulnerabilityCVSS,domain#P.A.HuDFsXSS.6,P.A.HuDFsXSS.6,domain#Category-ExploitationOfVulnerabilities,FALSE,FALSE,domain#LikelihoodVeryHigh,TRUE,TRUE,"Service _Service_ disabled to prevent XSS attack on _Client_ injected via input _Data_ from _FlowsFrom_: if service _Service_ is disabled to prevent XSS attacks on _Client_ injected via input _Data_ from _FlowsFrom_, then _Service_ will be unavailable.",domain#MP-HuDFsXSS,domain#Role_Service package#VulnerabilityCVSS,domain#P.A.HuDSrXSS.6,P.A.HuDSrXSS.6,domain#Category-ExploitationOfVulnerabilities,FALSE,FALSE,domain#LikelihoodVeryHigh,TRUE,TRUE,"Service _Service_ disabled to prevent XSS attack on _Client_ via its input _Data_: if service _Service_ is disabled to prevent XSS attacks using malicious content injected via locally stored inpuut _Data_, this will make the service unavailable.",domain#MP-HuDSrXSS,domain#Role_Service package#VulnerabilityCVSS,domain#P.A.HuDSsXSS.6,P.A.HuDSsXSS.6,domain#Category-ExploitationOfVulnerabilities,FALSE,FALSE,domain#LikelihoodVeryHigh,TRUE,TRUE,"Service _Service_ disabled to prevent XSS attack on _Client_ injected via local input _Data_: if service _Service_ is disabled to prevent XSS attacks on _Client_ injected via input _Data_, then _Service_ will be unavailable.",domain#MP-HuDSsXSS,domain#Role_Service -package#VulnerabilityCVSS,domain#P.E-A.HP-iT.8,P.E-A.HP-iT.8,domain#Category-DiscoveryOfVulnerabilies,FALSE,TRUE,domain#LikelihoodLow,TRUE,TRUE,"Vulnerability (A) discovered at _Process_: software vulnerability found in process _Process_, which could allow an attack on process availability, and may be known to attackers. Only around 4 percent of vulnerabilities are specific to this type of action (NVD 2015-2019).",domain#MP-HP-iT,domain#Role_Process -package#VulnerabilityCVSS,domain#P.E-AU.HP-iT.8,P.E-AU.HP-iT.8,domain#Category-DiscoveryOfVulnerabilies,FALSE,TRUE,domain#LikelihoodVeryHigh,TRUE,TRUE,"Vulnerability (AU) discovered at _Process_: software vulnerability found in process _Process_, which could allow an attack bypassing authentication, and may be known to attackers. Around 82 percent of vulnerabilities can be accessed without authentication (NVD 2015-2019).",domain#MP-HP-iT,domain#Role_Process -package#VulnerabilityCVSS,domain#P.E-C.HP-iT.8,P.E-C.HP-iT.8,domain#Category-DiscoveryOfVulnerabilies,FALSE,TRUE,domain#LikelihoodVeryLow,TRUE,TRUE,"Vulnerability (C) discovered at _Process_: software vulnerability found in process _Process_, which could allow an attack on data confidentiality, and may be known to attackers. Less than 1 percent of vulnerabilities are specific to this type of action (NVD 2015-2019).",domain#MP-HP-iT,domain#Role_Process -package#VulnerabilityCVSS,domain#P.E-I.HP-iT.8,P.E-I.HP-iT.8,domain#Category-DiscoveryOfVulnerabilies,FALSE,TRUE,domain#LikelihoodVeryLow,TRUE,TRUE,"Vulnerability (I) discovered at _Process_: software vulnerability found in process _Process_, which could allow an attack on data integrity, and may be known to attackers. Less than 1 percent of vulnerabilities are specific to this type of action (NVD 2015-2019).",domain#MP-HP-iT,domain#Role_Process -package#VulnerabilityCVSS,domain#P.E-M.SHP-iT.8,P.E-M.SHP-iT.8,domain#Category-DiscoveryOfVulnerabilies,FALSE,TRUE,domain#LikelihoodMedium,TRUE,TRUE,"Vulnerability (M) discovered at _Process_: software vulnerability found in process _Process_, which could allow admin level access to its host device, and may be known to attackers. Around 18 percent of vulnerabilities allow complete control of the vulnerable device (NVD 2015-2019).",domain#MP-SHP-iT,domain#Role_Process -package#VulnerabilityCVSS,domain#P.E-QI.HP-iT.8,P.E-QI.HP-iT.8,domain#Category-DiscoveryOfVulnerabilies,FALSE,TRUE,domain#LikelihoodHigh,TRUE,TRUE,"Vulnerability (QI) discovered at _Process_: software vulnerability found in process _Process_, which could allow injection of queries into a back-end database, and may be known to attackers. Around 3 percent of vulnerabilities relate to query injection, but around 5 percent of all low complexity attacks are of this type (NVD 2015-2019).",domain#MP-HP-iT,domain#Role_Process -package#VulnerabilityCVSS,domain#P.E-U.SHP-iT.8,P.E-U.SHP-iT.8,domain#Category-DiscoveryOfVulnerabilies,FALSE,TRUE,domain#LikelihoodHigh,TRUE,TRUE,"Vulnerability (U) discovered at _Process_: software vulnerability found in process _Process_, which could allow user level access to its host device with the rights of the process, and may be known to attackers. Around 30 percent of vulnerabilities allow local user access to the vulnerable device (NVD 2015-2019).",domain#MP-SHP-iT,domain#Role_Process -package#VulnerabilityCVSS,domain#P.E-VA.HP-iT.8,P.E-VA.HP-iT.8,domain#Category-DiscoveryOfVulnerabilies,FALSE,TRUE,domain#LikelihoodLow,TRUE,TRUE,"Vulnerability (VA) discovered at _Process_: software vulnerability found in process _Process_, which could allow an attack from an adjacent network, and may be known to attackers. Under 2 percent of vulnerabilities require low level access from an adjacent network (NVD 2015-2019), and presumably the majority are in the O/S (i.e. the host).",domain#MP-HP-iT,domain#Role_Process -package#VulnerabilityCVSS,domain#P.E-VL.HP-iT.8,P.E-VL.HP-iT.8,domain#Category-DiscoveryOfVulnerabilies,FALSE,TRUE,domain#LikelihoodMedium,TRUE,TRUE,"Vulnerability (VL) discovered at _Process_: software vulnerability found in process _Process_, which could allow an attack by a local user, and may be known to attackers. Around 14 percent of vulnerabilities require local user access to the vulnerable device (NVD 2015-2019).",domain#MP-HP-iT,domain#Role_Process -package#VulnerabilityCVSS,domain#P.E-VN.HP-iT.8,P.E-VN.HP-iT.8,domain#Category-DiscoveryOfVulnerabilies,FALSE,TRUE,domain#LikelihoodVeryHigh,TRUE,TRUE,"Vulnerability (VN) discovered at _Process_: software vulnerability found in process _Process_, which could allow an attack from a remote network, and may be known to attackers. Around 84 percent of vulnerabilities can be accessed from a remote network (NVD 2015-2019).",domain#MP-HP-iT,domain#Role_Process -package#VulnerabilityCVSS,domain#P.E-W.HP-iT.8,P.E-W.HP-iT.8,domain#Category-DiscoveryOfVulnerabilies,FALSE,TRUE,domain#LikelihoodMedium,TRUE,TRUE,"Vulnerability (W) discovered at _Process_: software vulnerability found in process _Process_, which could allow an attack by self-propagating malware, and may be known to attackers. Statistics not analysed, but should be less likely than user-level access because someone would need to know about the vulnerability and then develop fully automated and self-propagating malware able to attack it.",domain#MP-HP-iT,domain#Role_Process -package#VulnerabilityCVSS,domain#P.E-XS.HP-iT.8,P.E-XS.HP-iT.8,domain#Category-DiscoveryOfVulnerabilies,FALSE,TRUE,domain#LikelihoodMedium,TRUE,TRUE,"Vulnerability (XS) discovered at _Process_: software vulnerability found in process _Process_, which could allow a cross-site scripting attack on a client, and may be known to attackers. Around 14 percent of vulnerabilities relate to cross site scripting, including 32 percent of vulnerabilities relating to medium complexity exploits (NVD 2015-2019).",domain#MP-HP-iT,domain#Role_Process +package#VulnerabilityCVSS,domain#P.E-A.HP-iT.8,P.E-A.HP-iT.8,domain#Category-DiscoveryOfVulnerabilies,FALSE,TRUE,domain#LikelihoodLow,FALSE,TRUE,"Vulnerability (A) discovered at _Process_: software vulnerability found in process _Process_, which could allow an attack on process availability, and may be known to attackers. Only around 4 percent of vulnerabilities are specific to this type of action (NVD 2015-2019).",domain#MP-HP-iT,domain#Role_Process +package#VulnerabilityCVSS,domain#P.E-AU.HP-iT.8,P.E-AU.HP-iT.8,domain#Category-DiscoveryOfVulnerabilies,FALSE,TRUE,domain#LikelihoodVeryHigh,FALSE,TRUE,"Vulnerability (AU) discovered at _Process_: software vulnerability found in process _Process_, which could allow an attack bypassing authentication, and may be known to attackers. Around 82 percent of vulnerabilities can be accessed without authentication (NVD 2015-2019).",domain#MP-HP-iT,domain#Role_Process +package#VulnerabilityCVSS,domain#P.E-C.HP-iT.8,P.E-C.HP-iT.8,domain#Category-DiscoveryOfVulnerabilies,FALSE,TRUE,domain#LikelihoodVeryLow,FALSE,TRUE,"Vulnerability (C) discovered at _Process_: software vulnerability found in process _Process_, which could allow an attack on data confidentiality, and may be known to attackers. Less than 1 percent of vulnerabilities are specific to this type of action (NVD 2015-2019).",domain#MP-HP-iT,domain#Role_Process +package#VulnerabilityCVSS,domain#P.E-I.HP-iT.8,P.E-I.HP-iT.8,domain#Category-DiscoveryOfVulnerabilies,FALSE,TRUE,domain#LikelihoodVeryLow,FALSE,TRUE,"Vulnerability (I) discovered at _Process_: software vulnerability found in process _Process_, which could allow an attack on data integrity, and may be known to attackers. Less than 1 percent of vulnerabilities are specific to this type of action (NVD 2015-2019).",domain#MP-HP-iT,domain#Role_Process +package#VulnerabilityCVSS,domain#P.E-M.SHP-iT.8,P.E-M.SHP-iT.8,domain#Category-DiscoveryOfVulnerabilies,FALSE,TRUE,domain#LikelihoodMedium,FALSE,TRUE,"Vulnerability (M) discovered at _Process_: software vulnerability found in process _Process_, which could allow admin level access to its host device, and may be known to attackers. Around 18 percent of vulnerabilities allow complete control of the vulnerable device (NVD 2015-2019).",domain#MP-SHP-iT,domain#Role_Process +package#VulnerabilityCVSS,domain#P.E-QI.HP-iT.8,P.E-QI.HP-iT.8,domain#Category-DiscoveryOfVulnerabilies,FALSE,TRUE,domain#LikelihoodHigh,FALSE,TRUE,"Vulnerability (QI) discovered at _Process_: software vulnerability found in process _Process_, which could allow injection of queries into a back-end database, and may be known to attackers. Around 3 percent of vulnerabilities relate to query injection, but around 5 percent of all low complexity attacks are of this type (NVD 2015-2019).",domain#MP-HP-iT,domain#Role_Process +package#VulnerabilityCVSS,domain#P.E-U.SHP-iT.8,P.E-U.SHP-iT.8,domain#Category-DiscoveryOfVulnerabilies,FALSE,TRUE,domain#LikelihoodHigh,FALSE,TRUE,"Vulnerability (U) discovered at _Process_: software vulnerability found in process _Process_, which could allow user level access to its host device with the rights of the process, and may be known to attackers. Around 30 percent of vulnerabilities allow local user access to the vulnerable device (NVD 2015-2019).",domain#MP-SHP-iT,domain#Role_Process +package#VulnerabilityCVSS,domain#P.E-VA.HP-iT.8,P.E-VA.HP-iT.8,domain#Category-DiscoveryOfVulnerabilies,FALSE,TRUE,domain#LikelihoodLow,FALSE,TRUE,"Vulnerability (VA) discovered at _Process_: software vulnerability found in process _Process_, which could allow an attack from an adjacent network, and may be known to attackers. Under 2 percent of vulnerabilities require low level access from an adjacent network (NVD 2015-2019), and presumably the majority are in the O/S (i.e. the host).",domain#MP-HP-iT,domain#Role_Process +package#VulnerabilityCVSS,domain#P.E-VL.HP-iT.8,P.E-VL.HP-iT.8,domain#Category-DiscoveryOfVulnerabilies,FALSE,TRUE,domain#LikelihoodMedium,FALSE,TRUE,"Vulnerability (VL) discovered at _Process_: software vulnerability found in process _Process_, which could allow an attack by a local user, and may be known to attackers. Around 14 percent of vulnerabilities require local user access to the vulnerable device (NVD 2015-2019).",domain#MP-HP-iT,domain#Role_Process +package#VulnerabilityCVSS,domain#P.E-VN.HP-iT.8,P.E-VN.HP-iT.8,domain#Category-DiscoveryOfVulnerabilies,FALSE,TRUE,domain#LikelihoodVeryHigh,FALSE,TRUE,"Vulnerability (VN) discovered at _Process_: software vulnerability found in process _Process_, which could allow an attack from a remote network, and may be known to attackers. Around 84 percent of vulnerabilities can be accessed from a remote network (NVD 2015-2019).",domain#MP-HP-iT,domain#Role_Process +package#VulnerabilityCVSS,domain#P.E-W.HP-iT.8,P.E-W.HP-iT.8,domain#Category-DiscoveryOfVulnerabilies,FALSE,TRUE,domain#LikelihoodMedium,FALSE,TRUE,"Vulnerability (W) discovered at _Process_: software vulnerability found in process _Process_, which could allow an attack by self-propagating malware, and may be known to attackers. Statistics not analysed, but should be less likely than user-level access because someone would need to know about the vulnerability and then develop fully automated and self-propagating malware able to attack it.",domain#MP-HP-iT,domain#Role_Process +package#VulnerabilityCVSS,domain#P.E-XS.HP-iT.8,P.E-XS.HP-iT.8,domain#Category-DiscoveryOfVulnerabilies,FALSE,TRUE,domain#LikelihoodMedium,FALSE,TRUE,"Vulnerability (XS) discovered at _Process_: software vulnerability found in process _Process_, which could allow a cross-site scripting attack on a client, and may be known to attackers. Around 14 percent of vulnerabilities relate to cross site scripting, including 32 percent of vulnerabilities relating to medium complexity exploits (NVD 2015-2019).",domain#MP-HP-iT,domain#Role_Process package#VulnerabilityCVSS,domain#P.L.HPAC.4,P.L.HPAC.4,domain#Category-ExploitationOfVulnerabilityEffects,FALSE,FALSE,domain#LikelihoodVeryHigh,TRUE,TRUE,"Attacker exploit takes control of _Process_ in _Space_: the attacker exploits a vulnerability in process _Process_ when its host _Host_ is located in _Space_, giving them control of the process behaviour and access to its privileges on _Host_ when in that location.",domain#MP-HPAC,domain#Role_Process package#VulnerabilityCVSS,domain#P.V.CCAPNoS.2,P.V.CCAPNoS.2,domain#Category-ExploitationOfVulnerabilities,FALSE,FALSE,domain#LikelihoodVeryHigh,TRUE,TRUE,"Remote authenticated exploit on service _Service_ as _Client_ from _LogicalSubnet_: an attacker able to authenticate to service _Service_ as client _Client_, and with access to _LogicalSubnet_ can exploit a privileged network path to the service to send a message containing malicious content that, after authentication, can exploit a bug in _Service_.",domain#MP-CCAPNoS,domain#Role_Service package#VulnerabilityCVSS,domain#P.V.CCCPNaP.2,P.V.CCCPNaP.2,domain#Category-ExploitationOfVulnerabilities,FALSE,FALSE,domain#LikelihoodVeryHigh,TRUE,TRUE,"Remote authenticated exploit on service _Process_ as _Client_ via reverse proxy _Proxy_: an attacker able to authenticate as client _Client_ with back end service _Service_ can send messages containing malicious content via _Proxy_ to _Process_ that, after authentication, can exploit a bug in _Process_.",domain#MP-CCCPNaP,domain#Role_Process