Reworked the System asset into the Hardware asset that is simpler and only represents, as the name suggests, the hardware components on which Applications are run. This makes the distinction between hardware and software in coreLang clearer.
This pull request also introduces HardwareVulnerabilities which are analogous, but less complex, than the SoftwareVulnerabilities. These are used to model vulnerabilities that both require physical access on and lead to disruptions(confidentiality, integrity, availability) on the Hardware asset. Vulnerabilities that require physical access but impact software(Applications/SoftwareProducts) are represented using SoftwareVulnerabilities with the physicalAccessRequired defence enabled.
Also included is an update to the PhysicalZone asset. Both Network and Hardware assets can be associated with a PhysicalZone and each can belong to multiple zones, thus representing overlapping zones. This was initially requested by @jesajx(https://github.com/mal-lang/coreLang/pull/39#issuecomment-874282070).
Users now can directly be associated with either Hardware or PhysicalZone assets in order to represent the hardware/network assets that they have physical access to. Identities cannot be associated with Hardware as they were with the old System asset since privileges are only relevant for software assets.
Reworked the
Systemasset into theHardwareasset that is simpler and only represents, as the name suggests, the hardware components on whichApplicationsare run. This makes the distinction between hardware and software in coreLang clearer.This pull request also introduces
HardwareVulnerabilitieswhich are analogous, but less complex, than theSoftwareVulnerabilities. These are used to model vulnerabilities that both require physical access on and lead to disruptions(confidentiality, integrity, availability) on theHardwareasset. Vulnerabilities that require physical access but impact software(Applications/SoftwareProducts) are represented usingSoftwareVulnerabilitieswith thephysicalAccessRequireddefence enabled.Also included is an update to the
PhysicalZoneasset. BothNetworkandHardwareassets can be associated with aPhysicalZoneand each can belong to multiple zones, thus representing overlapping zones. This was initially requested by @jesajx(https://github.com/mal-lang/coreLang/pull/39#issuecomment-874282070).Usersnow can directly be associated with eitherHardwareorPhysicalZoneassets in order to represent the hardware/network assets that they have physical access to.Identitiescannot be associated withHardwareas they were with the oldSystemasset since privileges are only relevant for software assets.