The enterpriseLang is a MAL-based domain specific language for assessing the cyber security of enterprise systems.
- Active members:
- Status: running 🟢
- Timeline: 2019-2021
enterpriselang is a domain-specific MAL language based on the MITRE ATT&CK® Matrix, which intends to assess the cyber security of enterprise systems from a holistic point of view.
- We keep updating the file
enterpriselang.maland the foldersecuriCAD_models. The files within the foldersingle_attacksare not up-to-date, please refer to the fileenterpriselang.mal. Thepom.xmlshall be used to support advanced distributions. - The test cases can be found in
src/test/java/org/mal_lang/enterpriselang/test/, while anotherpom.xmlin the foldersrcshall be used for testing. - Please compile the language with the following command on the command line run in securiCAD:
mvn clean package -PsecuriCAD -Dmaven.test.skip
This project can be built according to exampleLang instructions (https://github.com/mal-lang/exampleLang)
- The file
pom.xmlis the Maven configuration file of the project, make sure that <kernelcad.version> is 1.6.2-SNAPSHOT in pom.xml. - The directory
src/main/malcontains the MAL specificationexampleLang.mal, which is the MAL specification of exampleLang. - The directory
src/main/resources/iconscontains SVG icons for the assets in exampleLang. - The directory
src/test/java/org/mal_lang/examplelang/testcontains the unit tests of exampleLang. - It requires a new alpha version of securiCAD Professional. The instructions on how to download it here: https://github.com/foreseeti/foreseeti-maven-repo.
- enterpriseLang v1 - threat modeling
- enterpriseLang v2 - attack simulations (in progress)
- enterpriseLang - validation / testing
This is a project run by the Software Systems Architecture and Security research group within the Division of Network and Systems Engineering at the Department of Computer Science at the School of Electrical Engineering and Computer Science @ KTH university.
For more of our projects, see the SSAS page at github.com.