Version 0.8.0

This is meant to be the last pre-release version of coreLang, unless something unpredictable occurs.

All of the changes introduced by this version have come about as a result of the code review.

Warning: Since the code refactoring work resulted in renaming and removing a lot of attack steps this release will likely break most of the old models.

Here is an overview of the updates in this release:

• a lot of refactoring, the details of which can be found in #91.
• merge the three vulnerabilities files into a single one.
• removed NetworkClientAccess association between Applications and Networks because it felt out of place. If the modeller wants that level of detail they should use ConnectionRules even if they are not essential to the scenario.
• rework how read, write, and delete on Applications impact Data they are hosting, sending, or receiving to be uniform and clearer. Read also had a small bug that was fixed.
• remove access attack step on Data, it is too vague, access should describe the type of access, such as: read, delete, write.
• have specificAccess on an Application require write privileges on receivedData to be able to perform a respond connect attack.
• remove Origin association between Data and SoftwareProduct since there was some redundancy due to the fact that SoftwareProduct extends Information. See #98 for more details.
• introduce inherentUserInteraction for SoftwareVulnerabilities that require user interaction in case the user may trigger the interaction without additional attacker actions(i.e. social engineering). See #99 for more details.