Add security and confidentiality analysis

CONTRIBUTORS

@@ -13,3 +13,5 @@ University of Alabama in Huntsville (UAH)
 Rockwell Collins
  - Java files in alisa/org.osate.smaccm.stubs
 
+Friedrich Schiller University Jena
+ - Security and Confidentiality Analysis (implementation)

analyses/org.osate.analysis.security.ui/.classpath

@@ -0,0 +1,7 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<classpath>
+	<classpathentry kind="con" path="org.eclipse.jdt.launching.JRE_CONTAINER/org.eclipse.jdt.internal.debug.ui.launcher.StandardVMType/JavaSE-1.8"/>
+	<classpathentry kind="con" path="org.eclipse.pde.core.requiredPlugins"/>
+	<classpathentry kind="src" path="src"/>
+	<classpathentry kind="output" path="bin"/>
+</classpath>

analyses/org.osate.analysis.security.ui/.gitignore

@@ -0,0 +1,3 @@
+/bin/
+/target/
+*.jar

analyses/org.osate.analysis.security.ui/.project

@@ -0,0 +1,91 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<projectDescription>
+	<name>org.osate.analysis.security.ui</name>
+	<comment></comment>
+	<projects>
+	</projects>
+	<buildSpec>
+		<buildCommand>
+			<name>org.eclipse.xtext.ui.shared.xtextBuilder</name>
+			<arguments>
+			</arguments>
+		</buildCommand>
+		<buildCommand>
+			<name>org.eclipse.jdt.core.javabuilder</name>
+			<arguments>
+			</arguments>
+		</buildCommand>
+		<buildCommand>
+			<name>org.eclipse.pde.ManifestBuilder</name>
+			<arguments>
+			</arguments>
+		</buildCommand>
+		<buildCommand>
+			<name>org.eclipse.pde.SchemaBuilder</name>
+			<arguments>
+			</arguments>
+		</buildCommand>
+		<buildCommand>
+			<name>org.eclipse.pde.api.tools.apiAnalysisBuilder</name>
+			<arguments>
+			</arguments>
+		</buildCommand>
+		<buildCommand>
+			<name>org.eclipse.m2e.core.maven2Builder</name>
+			<arguments>
+			</arguments>
+		</buildCommand>
+		<buildCommand>
+			<name>org.eclipse.oomph.version.VersionBuilder</name>
+			<arguments>
+				<dictionary>
+					<key>check.feature.closure.completeness</key>
+					<value>true</value>
+				</dictionary>
+				<dictionary>
+					<key>check.feature.closure.content</key>
+					<value>true</value>
+				</dictionary>
+				<dictionary>
+					<key>check.maven.pom</key>
+					<value>true</value>
+				</dictionary>
+				<dictionary>
+					<key>ignore.feature.content.redundancy</key>
+					<value>true</value>
+				</dictionary>
+				<dictionary>
+					<key>ignore.lower.bound.dependency.ranges</key>
+					<value>false</value>
+				</dictionary>
+				<dictionary>
+					<key>ignore.schema.builder</key>
+					<value>true</value>
+				</dictionary>
+				<dictionary>
+					<key>release.path</key>
+					<value>/releng/version-management/release.xml</value>
+				</dictionary>
+			</arguments>
+		</buildCommand>
+	</buildSpec>
+	<natures>
+		<nature>org.eclipse.xtext.ui.shared.xtextNature</nature>
+		<nature>org.eclipse.m2e.core.maven2Nature</nature>
+		<nature>org.eclipse.pde.PluginNature</nature>
+		<nature>org.eclipse.jdt.core.javanature</nature>
+		<nature>org.eclipse.pde.api.tools.apiAnalysisNature</nature>
+		<nature>org.eclipse.oomph.version.VersionNature</nature>
+	</natures>
+	<filteredResources>
+		<filter>
+			<id>1702127013282</id>
+			<name></name>
+			<type>30</type>
+			<matcher>
+				<id>org.eclipse.core.resources.regexFilterMatcher</id>
+				<arguments>node_modules|\.git|__CREATED_BY_JAVA_LANGUAGE_SERVER__</arguments>
+			</matcher>
+		</filter>
+	</filteredResources>
+</projectDescription>

analyses/org.osate.analysis.security.ui/.settings/org.eclipse.core.resources.prefs

@@ -0,0 +1,2 @@
+eclipse.preferences.version=1
+encoding/<project>=UTF-8

analyses/org.osate.analysis.security.ui/.settings/org.eclipse.xtend.core.Xtend.prefs

@@ -0,0 +1,7 @@
+//outlet.DEFAULT_OUTPUT.sourceFolder.src/main/java.directory=xtend-gen
+//outlet.DEFAULT_OUTPUT.sourceFolder.src/test/java.directory=src/test/generated-sources/xtend
+BuilderConfiguration.is_project_specific=true
+eclipse.preferences.version=1
+outlet.DEFAULT_OUTPUT.hideLocalSyntheticVariables=true
+outlet.DEFAULT_OUTPUT.installDslAsPrimarySource=false
+outlet.DEFAULT_OUTPUT.userOutputPerSourceFolder=true

analyses/org.osate.analysis.security.ui/META-INF/MANIFEST.MF

@@ -0,0 +1,14 @@
+Manifest-Version: 1.0
+Bundle-ManifestVersion: 2
+Bundle-Name: Ui
+Bundle-SymbolicName: org.osate.analysis.security.ui;singleton:=true
+Bundle-Version: 1.0.0.qualifier
+Bundle-Activator: org.osate.analysis.security.ui.Activator
+Require-Bundle: org.osate.aadl2;bundle-version="[5.0.0,6.0.0)",
+ org.osate.aadl2.modelsupport;bundle-version="[7.0.0,8.0.0)",
+ org.osate.ui;bundle-version="[6.3.0,7.0.0)",
+ org.osate.analysis.security;bundle-version="[1.0.0,2.0.0)",
+ org.osate.results;bundle-version="[3.0.0,4.0.0)"
+Automatic-Module-Name: org.osate.analysis.security.ui
+Bundle-ActivationPolicy: lazy
+Export-Package: org.osate.analysis.security.ui.handlers;version="1.0.0"

analyses/org.osate.analysis.security.ui/build.properties

@@ -0,0 +1,30 @@
+###############################################################################
+# Copyright (c) 2004-2023 Carnegie Mellon University and others. (see Contributors file). 
+# All Rights Reserved.
+#
+# NO WARRANTY. ALL MATERIAL IS FURNISHED ON AN "AS-IS" BASIS. CARNEGIE MELLON UNIVERSITY MAKES NO WARRANTIES OF ANY
+# KIND, EITHER EXPRESSED OR IMPLIED, AS TO ANY MATTER INCLUDING, BUT NOT LIMITED TO, WARRANTY OF FITNESS FOR PURPOSE
+# OR MERCHANTABILITY, EXCLUSIVITY, OR RESULTS OBTAINED FROM USE OF THE MATERIAL. CARNEGIE MELLON UNIVERSITY DOES NOT
+# MAKE ANY WARRANTY OF ANY KIND WITH RESPECT TO FREEDOM FROM PATENT, TRADEMARK, OR COPYRIGHT INFRINGEMENT.
+#
+# This program and the accompanying materials are made available under the terms of the Eclipse Public License 2.0
+# which is available at https://www.eclipse.org/legal/epl-2.0/
+# SPDX-License-Identifier: EPL-2.0
+#
+# Created, in part, with funding and support from the United States Government. (see Acknowledgments file).
+#
+# This program includes and/or can make use of certain third party source code, object code, documentation and other
+# files ("Third Party Software"). The Third Party Software that is used by this program is dependent upon your system
+# configuration. By using this program, You agree to comply with any and all relevant Third Party Software terms and
+# conditions contained in any such Third Party Software or separate license file distributed with such Third Party
+# Software. The parties who own the Third Party Software ("Third Party Licensors") are intended third party beneficiaries
+# to this license with respect to the terms applicable to their Third Party Software. Third Party Software licenses
+# only apply to the Third Party Software and not any other portion of this program or this program as a whole.
+###############################################################################
+source.. = src/
+output.. = bin/
+bin.includes = META-INF/,\
+               .,\
+               icons/,\
+               plugin.xml
+src.includes = icons/

analyses/org.osate.analysis.security.ui/plugin.properties

@@ -0,0 +1,36 @@
+###############################################################################
+# Copyright (c) 2000, 2021 IBM Corporation and others.
+# All rights reserved. This program and the accompanying materials 
+# are made available under the terms of the Common Public License v1.0
+# which accompanies this distribution, and is available at
+# http://www.eclipse.org/legal/cpl-v10.html
+# 
+# Contributors:
+#     Carnegie Mellon University - initial API and implementation
+###############################################################################
+#
+# Resource strings for Security Checker
+#
+pluginName=Security Checker
+providerName = sei.cmu.edu
+
+#
+# Menu labels
+#
+menu.analyses.label = Analyses
+menu.security.label = Security
+menu.osate.label = OSATE
+
+popupMenu.aadl.label = OSATE
+popupMenu.analyses.label = AADL Analyses
+popupMenu.Security.label = Security
+
+#
+# Action labels & tooltips
+# 
+actionSet.label = OSATE Security Analyses
+
+CheckSecurity.label = &Check Security Levels
+CheckSecurity.toolTip = Check Security
+CheckSecurity.icon = icons/checkSecurity.gif
+CheckSecurity.disabledIcon = icons/noCheckSecurity.gif

analyses/org.osate.analysis.security.ui/plugin.xml

@@ -0,0 +1,140 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<?eclipse version="3.0"?>
+<!--
+    Copyright (c) 2004-2023 Carnegie Mellon University and others. (see Contributors file). 
+    All Rights Reserved.
+
+    NO WARRANTY. ALL MATERIAL IS FURNISHED ON AN "AS-IS" BASIS. CARNEGIE MELLON UNIVERSITY MAKES NO WARRANTIES OF ANY
+    KIND, EITHER EXPRESSED OR IMPLIED, AS TO ANY MATTER INCLUDING, BUT NOT LIMITED TO, WARRANTY OF FITNESS FOR PURPOSE
+    OR MERCHANTABILITY, EXCLUSIVITY, OR RESULTS OBTAINED FROM USE OF THE MATERIAL. CARNEGIE MELLON UNIVERSITY DOES NOT
+    MAKE ANY WARRANTY OF ANY KIND WITH RESPECT TO FREEDOM FROM PATENT, TRADEMARK, OR COPYRIGHT INFRINGEMENT.
+
+    This program and the accompanying materials are made available under the terms of the Eclipse Public License 2.0
+    which is available at https://www.eclipse.org/legal/epl-2.0/
+    SPDX-License-Identifier: EPL-2.0
+
+    Created, in part, with funding and support from the United States Government. (see Acknowledgments file).
+
+    This program includes and/or can make use of certain third party source code, object code, documentation and other
+    files ("Third Party Software"). The Third Party Software that is used by this program is dependent upon your system
+    configuration. By using this program, You agree to comply with any and all relevant Third Party Software terms and
+    conditions contained in any such Third Party Software or separate license file distributed with such Third Party
+    Software. The parties who own the Third Party Software ("Third Party Licensors") are intended third party beneficiaries
+    to this license with respect to the terms applicable to their Third Party Software. Third Party Software licenses
+    only apply to the Third Party Software and not any other portion of this program or this program as a whole.
+ -->
+
+<plugin>
+
+   <extension
+         point="org.eclipse.ui.commands">
+      <category
+            id="org.osate.analysis.architecture.category"
+            name="%actionSet.label">
+      </category>
+      <command
+            categoryId="org.osate.analysis.architecture.category"
+            id="org.osate.analysis.security.checkSecurityLabels"
+            name="Check Security Labels">
+      </command>
+   </extension>
+
+   <extension
+         point="org.eclipse.ui.handlers">
+      <handler
+            class="org.osate.analysis.security.ui.handlers.SecurityChecker"
+            commandId="org.osate.analysis.security.checkSecurityLabels">
+         <enabledWhen>
+            <or>
+               <reference
+                     definitionId="org.osate.core.isInstanceFileSelected">
+               </reference>
+               <with
+                     variable="selection">
+                  <and>
+                     <count
+                           value="1">
+                     </count>
+                     <iterate>
+                        <instanceof
+                              value="org.osate.aadl2.instance.SystemInstance">
+                        </instanceof>
+                     </iterate>
+                  </and>
+               </with>
+            </or>
+         </enabledWhen>
+      </handler>
+   </extension>
+
+   <extension
+         point="org.eclipse.ui.commandImages">
+      <image
+            commandId="org.osate.analysis.security.checkSecurityLabels"
+            disabledIcon="icons/noCheckSecurity.gif"
+            icon="icons/checkSecurity.gif">
+      </image>
+   </extension>
+
+   <extension
+         point="org.eclipse.ui.menus">
+      <menuContribution
+            locationURI="menu:org.osate.ui.semanticChecksMenu?after=core">
+         <command
+               commandId="org.osate.analysis.security.checkSecurityLabels">
+         </command>
+      </menuContribution>
+      <menuContribution
+            locationURI="toolbar:org.osate.ui.semanticChecksToolbar?after=core">
+         <command
+               commandId="org.osate.analysis.security.checkSecurityLabels"
+               tooltip="%checkSecurity.toolTip">
+            <!--
+               Remove visibleWhen on the command when this bug is fixed:
+               https://bugs.eclipse.org/bugs/show_bug.cgi?id=201589
+            -->
+            <visibleWhen
+                  checkEnabled="false">
+               <with
+                     variable="activeWorkbenchWindow.activePerspective">
+                  <equals
+                        value="org.osate.ui.perspective.AadlPerspective">
+                  </equals>
+               </with>
+            </visibleWhen>
+         </command>
+      </menuContribution>
+      <menuContribution
+            locationURI="popup:org.osate.ui.semanticChecksNavigatorPopup?after=core">
+         <command
+               commandId="org.osate.analysis.security.checkSecurityLabels">
+            <visibleWhen
+                  checkEnabled="true">
+            </visibleWhen>
+         </command>
+      </menuContribution>
+   </extension>
+   <extension
+         id="SecurityRuleObjectMarker"
+         name="Security Rule Violation"
+         point="org.eclipse.core.resources.markers">
+      <super
+            type="org.osate.aadl2.modelsupport.AadlObjectMarker">
+      </super>
+      <persistent
+            value="true">
+      </persistent>
+   </extension>
+   <extension
+         id="SecurityLabelMarker"
+         name="Security Label Issue"
+         point="org.eclipse.core.resources.markers">
+      <super
+            type="org.osate.aadl2.modelsupport.AadlObjectMarker">
+      </super>
+      <persistent
+            value="true">
+      </persistent>
+   </extension>
+
+</plugin>

analyses/org.osate.analysis.security.ui/pom.xml

@@ -0,0 +1,43 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!--
+    Copyright (c) 2004-2023 Carnegie Mellon University and others. (see Contributors file). 
+    All Rights Reserved.
+
+    NO WARRANTY. ALL MATERIAL IS FURNISHED ON AN "AS-IS" BASIS. CARNEGIE MELLON UNIVERSITY MAKES NO WARRANTIES OF ANY
+    KIND, EITHER EXPRESSED OR IMPLIED, AS TO ANY MATTER INCLUDING, BUT NOT LIMITED TO, WARRANTY OF FITNESS FOR PURPOSE
+    OR MERCHANTABILITY, EXCLUSIVITY, OR RESULTS OBTAINED FROM USE OF THE MATERIAL. CARNEGIE MELLON UNIVERSITY DOES NOT
+    MAKE ANY WARRANTY OF ANY KIND WITH RESPECT TO FREEDOM FROM PATENT, TRADEMARK, OR COPYRIGHT INFRINGEMENT.
+
+    This program and the accompanying materials are made available under the terms of the Eclipse Public License 2.0
+    which is available at https://www.eclipse.org/legal/epl-2.0/
+    SPDX-License-Identifier: EPL-2.0
+
+    Created, in part, with funding and support from the United States Government. (see Acknowledgments file).
+
+    This program includes and/or can make use of certain third party source code, object code, documentation and other
+    files ("Third Party Software"). The Third Party Software that is used by this program is dependent upon your system
+    configuration. By using this program, You agree to comply with any and all relevant Third Party Software terms and
+    conditions contained in any such Third Party Software or separate license file distributed with such Third Party
+    Software. The parties who own the Third Party Software ("Third Party Licensors") are intended third party beneficiaries
+    to this license with respect to the terms applicable to their Third Party Software. Third Party Software licenses
+    only apply to the Third Party Software and not any other portion of this program or this program as a whole.
+ -->
+
+<project
+	xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd"
+	xmlns="http://maven.apache.org/POM/4.0.0"
+	xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
+	<modelVersion>4.0.0</modelVersion>
+
+	<parent>
+		<groupId>org.osate</groupId>
+		<artifactId>analyses.parent</artifactId>
+		<version>2.14.0-SNAPSHOT</version>
+	</parent>
+
+	<groupId>org.osate</groupId>
+	<artifactId>org.osate.analysis.security.ui</artifactId>
+	<version>1.0.0-SNAPSHOT</version>
+	<packaging>eclipse-plugin</packaging>
+
+</project>