Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Code Refactoring #91

Closed
18 tasks done
andrewbwm opened this issue Oct 19, 2022 · 0 comments · Fixed by #96
Closed
18 tasks done

Code Refactoring #91

andrewbwm opened this issue Oct 19, 2022 · 0 comments · Fixed by #96
Assignees
@andrewbwm
Labels
code review Issues related to the code review process documentation Improvements or additions to documentation
Milestone
v0.8.0 Release

Comments

@andrewbwm
Copy link
Collaborator

andrewbwm commented Oct 19, 2022
edited
Loading

This issue will contain a large and evolving checklist related to the Code Review(#77) that specifically deal with refactoring existing code rather than modifying functionality.

  • Rework connect and connected in info texts for attack steps that do not deal with local or network connectivity to associate and associated to avoid confusion.
  • Remove attempt wording from attack steps that do are not start with attempt to avoid confusion.
  • Uniformise all of the attempt and successful attack steps to convey the same information since they are intermediary attack steps to enforce the pattern.
  • Make sure all of the names use the same terminology when the origin of the attack step is important. Choose between 'Via' or 'From' and uniformise it.
  • Reword user info texts for attack steps that trigger multiple functionalities making sure that the most relevant aspects are mentioned.
  • Ensure that all non-hidden attack steps have informative user info texts.
  • Make sure that all of the info texts fit the appropriate category(user/developer/modeler).
  • Make sure we use the modeler spelling of modeler throughout.
  • Only mention the probability distributions if they are researched, the default should be that they are not researched.
  • Flag all of the attack steps that can be used as natural entry points for the attacker with the @entrypoint tag and ensure that they are not hidden. (Related: Document which attack steps should be used as entry points #53)
  • Remove the info texts that mention things like "based on X from icsLang/awsLang".
  • Hide all of the attack steps that do not convey relevant information to the modeler or work as entry points.
  • Change the client/server nomenclature to ingoing/outgoing to match the ConnectionRule logic and be clearer.
  • Consider renaming Disabled defence and maybe all of the non-existence only defences, Disabled, Remove, and NotPresent should have the same name for clarity. - Sotirios
  • Ensure that non-existence defences truly disable all of the relevant attack steps.
  • Remove attempt-successful attack steps that are not currently needed
  • Add a better description of how the defences on Vulnerabilities work
  • Clarify what the distinction is between SoftwareVulnerability and HardwareVulnerability
@andrewbwm andrewbwm added documentation Improvements or additions to documentation code review Issues related to the code review process labels Oct 19, 2022
@andrewbwm andrewbwm added this to the v0.8.0 Release milestone Oct 19, 2022
@andrewbwm andrewbwm self-assigned this Oct 19, 2022
andrewbwm added a commit that referenced this issue Nov 3, 2022
@andrewbwm
Massive refactoring commit:
6f902f5 
    - clarify and uniformise info texts
    - homogenise attack step patterns
    - homogenise attack step names
    - replace British spelling with its American counterparts
    - remove unhelpful info strings
    - flag attack steps as entry points

See #91 for more details
@andrewbwm andrewbwm mentioned this issue Nov 17, 2022
Merged
@andrewbwm andrewbwm linked a pull request Nov 22, 2022 that will close this issue
Code review general refactoring #96
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@andrewbwm andrewbwm

Labels
code review Issues related to the code review process documentation Improvements or additions to documentation
Projects
None yet
Milestone
v0.8.0 Release
Development

Successfully merging a pull request may close this issue.

Code review general refactoring mal-lang/coreLang
1 participant
@andrewbwm