Evaluate the Need for Additional Conditional Bypass Attack Steps

[andrewbwm]

The generalisation of bypasses, which was introduced in #78, means that there may be scenarios that deal with conditional bypasses of defences that the language can now cover more easily since the relevant attack steps or defences have bypasses included.

For example, as mentioned in this comment, the payloadInspection defence should not function if the ConnectionRule is used to transmit encrypted communications. We could now create an attack step on Data that have encryption Credentials associated with them to bypass the defence. This is somewhat complex to implement because it is difficult to ensure that the appropriate ConnectionRule is bypassed because the Data are not associated with it, but rather with the sender/receiver Application and the Network it transits.

Other similar situations may exist and should be sought out at some point.

During the weekly coreLang meeting on June 15th the conclusion was reached that this is a rather complex issue and should probably be addressed well after v1.0 releases.

[andrewbwm]

A substantial part of the above mentioned example, of payloadInspection on a ConnectionRule with encrypted Data, should be resolved by the Have Data Encryption Bypass PayloadInspection pull request(#89).