forked from pontusj101/autosarLang
-
Notifications
You must be signed in to change notification settings - Fork 1
/
APServices.mal
33 lines (27 loc) · 1.35 KB
/
APServices.mal
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
include APEncryption.mal
category System {
asset SignalToServiceMappingService extends AdaptivePlatformService {
| access
info: "Get access to the signal to service mapping adaptive platform service."
-> _adaptivePlatformAccess,
denialOfService
| denialOfService
info: "Deny signal-to-service mapping service, the communication with non-AUTOSAR applications can be denied."
-> comApp.denialOfService
}
}
category Security {
asset AuthenticationService extends Service
rationale: "Authentication service is not actively involved in account authentication (e.g. key.read leads directly to account.authenticate), because that is not needed for the attacks we are interested in."
{
| access
info: "If a service is tasked with authentication of accounts, its compromise leads to the compromise of the associated accounts."
-> _softwareAccess,
authenticatedAccounts.compromise
}
}
associations {
Account [authenticatedAccounts] * <-- AccountAuthentication --> 0-1 [authenticationServices] AuthenticationService
info: "Conceptually, authentication is separated from access control (obvious in the case of e.g. Radius servers). authenticationServices provide the authentication service."
SignalToServiceMappingService [s2s] 0-1 <-- SignalServiceConv --> * [comApp] UserApplication
}