The enterpriseLang is a MAL-based domain specific language for assessing the cyber security of enterprise systems.
- Active members:
- Status: running 🟢
- Timeline: 2019-2021
enterpriselang is a domain-specific MAL language based on the MITRE ATT&CK® Matrix, which intends to assess the cyber security of enterprise systems from a holistic point of view.
- We keep updating the file
enterpriselang.mal
and the foldersecuriCAD_models
. The files within the foldersingle_attacks
are not up-to-date, please refer to the fileenterpriselang.mal
. Thepom.xml
shall be used to support advanced distributions. - The test cases can be found in
src/test/java/org/mal_lang/enterpriselang/test/
, while anotherpom.xml
in the foldersrc
shall be used for testing. - Please compile the language with the following command on the command line run in securiCAD:
mvn clean package -PsecuriCAD -Dmaven.test.skip
This project can be built according to exampleLang instructions (https://github.com/mal-lang/exampleLang)
- The file
pom.xml
is the Maven configuration file of the project, make sure that <kernelcad.version> is 1.6.2-SNAPSHOT in pom.xml. - The directory
src/main/mal
contains the MAL specificationexampleLang.mal
, which is the MAL specification of exampleLang. - The directory
src/main/resources/icons
contains SVG icons for the assets in exampleLang. - The directory
src/test/java/org/mal_lang/examplelang/test
contains the unit tests of exampleLang. - It requires a new alpha version of securiCAD Professional. The instructions on how to download it here: https://github.com/foreseeti/foreseeti-maven-repo.
- enterpriseLang v1 - threat modeling
- enterpriseLang v2 - attack simulations (in progress)
- enterpriseLang - validation / testing
This is a project run by the Software Systems Architecture and Security research group within the Division of Network and Systems Engineering at the Department of Computer Science at the School of Electrical Engineering and Computer Science @ KTH university.
For more of our projects, see the SSAS page at github.com.