Skip to Main Navigation Skip to Content

Prioritize, Measure and Quantify CyberSecurity Risk

Appendix 1. Semantics of the micro KDM action elements

This appendix defines the semantics of micro KDM action elements. This section assumes understanding of the KDM Datatypes.

Each micro KDM action has the following 5 parts.

Action Kind, Inputs, Outputs, Control and Extras

  • Action Kind – is nature of the operation performed by the micro action. This is represented as a “kind” attribute to the micro action. The action kind may designate certain outgoing relationship as part of the Control. For example, the “call” micro action designated the Calls outgoing relationship as part of Control
  • Outputs – represented by the owned outgoing Writes relationship, which usually represents the result of the micro action. This part is optional.
  • Inputs – Ordered outgoing Reads and/or Addresses relationships that are owned by the action element, the order of the relationships represent the order of the arguments for a micro action.
  • Control part – owned outgoing control flow relationships for the action.
  • Extras part – owned relationships other than Reads, Writes and not designated as part of Control by the action Kind. For example, these can be interface compliance relation “CompliesTo” or any extended action relationships.

Comparison actions

Inputs: Two Reads relationships to DataElements representing values of the same datatype (except for Boolean NOT, which has a single Reads relationship).

Output: Optional writes to a DataElement of a Boolean type;

Control: Single flow – unconditional transfer of control to the next micro action (for example, as part of complex expressions);

Comparison Actions

Micro action

Semantics

Equals

Polymorphic equals for two values of the same datatype, see ISO Equals operation for the corresponding datatype

NotEqual

Polymorphic “not equal” for two values of the same datatype: not (A==B)

LessThanOrEqual

Polymorphic “less than or equal” for two values of the same ordered datatype; see ISO InOrder operation for the corresponding datatype

LessThan

Polymorphic “less than” for two values of the same ordered datatype: A<=B and not A==B

GreaterThan

Polymorphic “greater than or equal” for two values of the same ordered datatype: not A<=B

GreaterThanOrEqual

Polymorphic “less than or equal” for two values of the same ordered datatype: not A<=B or A==B

Not

Boolean NOT, see ISO Boolean NOT operation

And

Boolean AND, see ISO Boolean AND operation

Or

Boolean OR, see ISO Boolean OR operation

Xor

Boolean XOR: ( A and not B ) or (not A and B)

Actions related to the primitive numerical datatypes

Inputs: Two ordered Reads relationships to DataElements representing values of the same datatype (except for neg, succ, incr, decr unary operations, which have a single Reads relationship).

Output: Single Writes to a DataElement of a type corresponding to the definition of the operation (can be temporary register or a variable);

Control: Single flow – unconditional transfer of control to the next micro action.

Numerical actions

Micro action

Semantics

Add

Polymorphic add operation for a two values of the same numeric datatype, see ISO Add operation for the corresponding datatype

Multiply

Polymorphic multiply operation for two values of the same numeric datatype; see ISO Add operation for the corresponding datatype

Negate

Polymorphic unary negate operation for two values of the same numeric datatype; see ISO Negate operation for the corresponding datatype

Subtract

Polymorphic subtract operation for two values of the same numeric datatype; A+ neg B

Divide

Polymorphic divide operation for two values of the same numeric datatype

Remainder

Polymorphic remainder operation for two values of the same IntegerType datatype:

Successor

Single Reads; Successor for ordinal or enumerated types, see ISO Successor operation

Actions related to bitwise operations on primitive datatypes

Inputs: Two Reads relationships to DataElements representing values of the same datatype (except for neg, succ, incr, decr unary operations, which have a single Reads relationship).

Output: Single Writes to a DataElement of the same type as the first StorableElement (can be temporary register or a variable);

Control: Single Flow – unconditional transfer of control.

Bitwise actions

Micro action

Semantics

Inputs

BitAnd

Bitwise AND on two integers or bitstrings or octetstrings

Two Reads relationships to DataElements representing values of the same datatype

BitOr

Bitwise OR on two integers or bitstrings or octetstrings

Two Reads relationships to DataElements representing values of the same datatype

BitNot

Bitwise NOT on integer or bitstring or octetstring

Two Reads relationships to DataElements representing values of the same datatype

BitXor

Bitwise XOR on two integers or bitstrings or octetstrings

Two Reads relationships to DataElements representing values of the same datatype

LeftShift

Arithmetic bitwise shift left on integer or bitstring or octetsting

First Reads relationship to a DataElement representing an integer, bitstring or octetstring

Second Reads relationship to an integer or ordinal representing the number of bits to shift

RightShift

Arithmetic bitwise shift right on integer or bitstring or octetstring

First Reads relationship to a DataElement representing an integer, bitstring or octetstring

Second Reads relationship to an integer or ordinal representing the number of bits to shift

BitRightShift

Logical bitwise shift right on integer or bitstring or octetstring

First Reads relationship to a DataElement representing an integer, bitstring or octetstring

Second Reads relationship to an integer or ordinal representing the number of bits to shift

Control actions

Control actions

Micro action

Description

Inputs

Outputs

Control

Assign

Assignment (copy)

Single Reads relationship to a DataElement representing the value

Writes relationship represents the DataElement (except for a ValueElement) to which the value of the input DataElement is assigned

Single flow to the next micro action

Condition

Condition

Single Reads relationship to a DataElement representing the Boolean value

TrueFlow & FalseFlow – conditional transfer of control

Call

Static call

Zero or more Reads relationships to DataElements, that represent input actual parameters; ordered;

Value of each actual parameter is assigned to the corresponding formal parameter of the ControlElement. Correspondence is established according to the Pos attribute of the formal parameter in the signature of the ControlElement. A sequence of values is assigned to the variable argument.

Optional Writes to the DataElement that represents the return value

Calls relationship to the ControlElement represents the flow of control to the ControlElement and the return back; Subsequently a single flow to the next micro action is performed.

MethodCall

Method call

Invokes relationship to the DataElement that represents the instance;

Zero or more Reads relationships to DataElements, that represent input actual parameters; ordered;

Same as Call

Calls relationship to the MethodUnit represents the flow of control to the Method and the return back; Subsequently a single flow to the next micro action is performed.

PtrCall

Call via pointer

Addresses relationship to the DataElement that represents the pointer;

Zero or more Reads relationships to DataElements, that represent input actual parameters; ordered;

Same as Call

This represents a dynamic call to one of the possible targets of the pointer (corresponding to the current value of the pointer). The Signature of the possible targets is represented as the type attribute of the DataElement

VirtualCall

Virtual method call

Invokes relationship to the DataElement that represents the instance;

Zero or more Reads relationships to DataElements, that represent input actual parameters; ordered;

Same as Call

Calls relationship to the MethodUnit represents the superclass of the method that will be determined dynamically. This represents the flow of control to the Method and the return back; Subsequently a single flow to the next micro action is performed.

Return

return

Single Reads represents the DataElement that contains the return value

Control is returned back to one of the ControlElements that has performed the call.

Nop

dummy

none

none

Single flow to the next micro action

Goto

Unconditional transfer of control

none

none

Single flow to the next micro action

Throw

Raising exception

zero or more Reads relationships to DataElements representing actual parameters to the exception being thrown

none

Throws relationship to the datatype that represents the “exception object”. Optional ExceptionFlow relationship to a CatchUnit that processes the exception

Incr

Variable post increment operation;

Single Addresses relationship represents the DataElement whose value is incremented;

Optional Writes relationship to another DataUnit to which the previous value of the incremented variable is assigned

Single flow to the next micro action

Decr

Variable post decrement operation;

Single Addresses relationship represents the DataElement whose value is decremented

Optional Writes relationship to another DataUnit to which the previous value of the incremented variable is assigned

Single flow to the next micro action

Switch

Branching based on the value of a StorableElement

Single Reads to the DataElement that represents the selector value

none

One or more GuardedFlow relations to a second micro action with a single Reads relationship that represents the guard value. A single FalseFlow represents the default branch. This construct represents selection of a single branch for which the value of the selector is equal to the value of the guard or the default branch

Compound

Compound action

none

none

Single Flow – the entry flow to the first internal action element

Actions related to access to datatypes

Access actions

Micro action

Description

Inputs

Outputs

Control

FieldSelect

Access to a particular ItemUnit of a RecordType

Single Addresses relationship to a DataElement (of a RecordType); Single Reads relationship to an ItemUnit representing the field being accessed

Writes relationship represents the DataElement (except for a ValueElement) to which the value of the field is assigned

Single flow to the next micro action

FieldReplace

Modification of a particular field of a RecordType

Single Addresses relationship to a DataElement (of a RecordType); Single Reads to a DataElement representing the new value

Writes relationship to an ItemUnit representing the field being modified;

Single flow to the next micro action

ChoiceSelect

Access to a particular ItemUnit of a ChoiceType

Single Addresses relationship to a DataElement (of a ChoiceType); Single Reads relationship to an ItemUnit representing the field type being accessed

Writes relationship represents the DataElement (except for a ValueElement) to which the value of the field is assigned

Single flow to the next micro action

ChoiceReplace

Modification of a particular field of a ChoiceType

Single Addresses relationship to a DataElement (of a ChoiceType); Single Reads to a DataElement representing the new value

Writes relationship to an ItemUnit representing the field being modified;

Single flow to the next micro action

Ptr

Access to a pointer to a StorableElement

Single Addresses relationship to a DataElement

Writes relationship to the StorableElement which will hold the new value

Single flow to the next micro action

PtrSelect

Access to a value via pointer

Single Addresses relationship to a DataElement (of an PointerType); Single Reads relationship to an ItemUnit of that PointerType representing the ItemUnit being accessed;

Writes relationship to the ItemUnit of that PointerType

Single flow to the next micro action

PtrReplace

Modification of an ItemUnit of a PointerType

Single Addresses relationship to a DataElement (of an PointerType); Last Reads to a DataElement representing the new value

Writes relationship to the ItemUnit of that PointerType

Single flow to the next micro action

ArraySelect

Access to a particular ItemUnit of an ArrayType

Single Addresses relationship to a DataElement (of an ArrayType); Single Reads relationship to an ItemUnit representing the ItemUnit being accessed; Last Reads represents the Index

Writes relationship represents the DataElement (except for a ValueElement) to which the value of the ItemUnit is assigned

Single flow to the next micro action

ArrayReplace

Modification of a particular ItemUnit of an ArrayType

Single Addresses relationship to a DataElement (of an ArrayType); Reads that represents the Index; Last Reads to a DataElement representing the new value

Writes relationship to an ItemUnit representing the ItemUnit being modified;

Single flow to the next micro action

MemberSelect

Access to a particular MemberUnit of a ClassType

Invokes relationship to the DataElement that represents the instance.Single Reads relationship to an MemberUnit representing the member being accessed

Writes relationship represents the DataElement (except for a ValueElement) to which the value of the field is assigned

Single flow to the next micro action

MemberReplace

Modification of a particular member of a ClassType

Single Invokes relationship to a DataElement (of a ClassType) that represents the instance of the object being accessed.Single Reads to a DataElement representing the new value

Writes relationship to an MemberUnit representing the member being modified;

Single flow to the next micro action

New

Creation of a new dynamic instance of a datatype; this has to be done separately if required

Creates relationship to the Datatype being created

Writes relationship represents the DataElement (except for a ValueElement) to which the reference to the new dynamic element is assigned

Single flow to the next micro action; This micro operation does not invoke the constructor of the new object;

NewArray

Creation of a new dynamic instance of an ArrayType datatype

Creates relationship to the Datatype being created; Reads relation to the DataElement that represents the length of the new array

Writes relationship represents the DataElement (except for a ValueElement) to which the reference to the new dynamic element is assigned

Single flow to the next micro action;

Actions related to type conversions

Type conversion actions

Micro action

Description

Inputs

Outputs

Control

Sizeof

Determines the length of a StorableUnit

Reads represents the DataElement;

Optional writes to a DataElement

Single flow to the next micro action;

Instanceof

Performs dynamic type check if the data element is of a certain datatype

Reads represents the DataElement; UsesCode relation represents the datatype

Writes to a DataElement of a Boolean type;

Single flow – unconditional transfer of control to the next micro action (for example, as part of complex expressions, or condition);

DynCast

Performs a dynamic cast of a DataElement to a certain Datatype

Reads represents the DataElement; UsesCode relation represents the datatype

Writes to a DataElement

Single flow – unconditional transfer of control to the next micro action (for example, as part of complex expressions, or condition);

TypeCast

Performs a static type conversion of a DataElement to a certain Datatype

Reads represents the DataElement; UsesCode relation represents the datatype

Optional writes to a DataElement

Single flow to the next micro action;

Actions related to StringType operations

StringType actions

Micro action

Description

Inputs

Outputs

Control

IsEmpty

True is the string x is empty

First Reads represents x;

writes to a DataElement

Single flow – unconditional transfer of control to the next micro action (for example, as part of complex expressions, or condition);

Head

Produces the value of the first element in the string x

First Reads represents x;

writes to a DataElement

Single flow to the next micro action;

Tail

Produces sequence that results from deleting the first element in the string x

First Reads represents x;

writes to a DataElement

Single flow to the next micro action;

Empty

Produces and empty string

UsesType to the required type

writes to a DataElement

Single flow to the next micro action;

Append

Produces the sequence that is formed by adding a single value y to the end of the string x

First Reads represents x; Second represents y

writes to a DataElement

Single flow to the next micro action;

Note:”==” operation on ISO strings is defined as full comparison, this does not work in Java, which has shallow comparison of object references

Actions related to SetType operations

SetType actions

Micro action

Description

Inputs

Outputs

Control

IsIn

True is the value x is a member of the set y, else false

First Reads represents x; Second represents y

Writes to a DataElement

Single flow – unconditional transfer of control to the next micro action (for example, as part of complex expressions, or condition);

Subset

True if every member of x is a member of y

First Reads represents x; Second represents y

writes to a DataElement

Single flow to the next micro action;

Difference

Produces the set that consists of the values that are in x and not in y

First Reads represents x; Second represents y

writes to a DataElement

Single flow to the next micro action;

Union

Produces the set that consists of the values that are either in x or in y

First Reads represents x; Second represents y

writes to a DataElement

Single flow to the next micro action;

Intersection

Produces the set that consists of the values that are both in x and in y

First Reads represents x; Second represents y

writes to a DataElement

Single flow to the next micro action;

Select

Produces a value of the base type that is in the set x

First Reads represents x;

writes to a DataElement

Single flow to the next micro action;

IsEmpty

True is the set x is empty

First Reads represents x;

writes to a DataElement

Single flow – unconditional transfer of control to the next micro action (for example, as part of complex expressions, or condition);

Empty

Produces and empty set

UsesType to the required type

writes to a DataElement

Single flow to the next micro action;

Actions related to SequenceType operations

SequenceType actions

Micro action

Description

Inputs

Outputs

Control

IsEmpty

True is the sequence x is empty

First Reads represents x;

writes to a DataElement

Single flow – unconditional transfer of control to the next micro action (for example, as part of complex expressions, or condition);

Head

Produces the value of the first element in the sequence x

First Reads represents x;

writes to a DataElement

Single flow to the next micro action;

Tail

Produces sequence that results from deleting the first element in the sequence x

First Reads represents x;

writes to a DataElement

Single flow to the next micro action;

Empty

Produces and empty sequence

UsesType to the required type

writes to a DataElement

Single flow to the next micro action;

Append

Produces the sequence that is formed by adding a single value y to the end of the sequence x

First Reads represents x; Second represents y

writes to a DataElement

Single flow to the next micro action;

Actions related to BagType operations

BagType actions

Micro action

Description

Inputs

Outputs

Control

IsEmpty

True is the bag x is empty

First Reads represents x;

writes to a DataElement

Single flow – unconditional transfer of control to the next micro action (for example, as part of complex expressions, or condition);

Select

Produces a value of the base type that is in the bag x

First Reads represents x;

writes to a DataElement

Single flow to the next micro action;

Delete

Produces the bag that is formed by deleting one instance of value y from the bag x if any

First Reads represents x; Second represents y

writes to a DataElement

Single flow to the next micro action;

Empty

Produces and empty bag

UsesType to the required type

writes to a DataElement

Single flow to the next micro action;

Insert

Produces the bag that is formed by adding one instance of value y from the bag x

First Reads represents x; Second represents y

writes to a DataElement

Single flow to the next micro action;

Serialize

Produces the sequence in which each element is repeated as many time as it occurs in the bag x

First Reads represents x;

writes to a DataElement

Single flow to the next micro action;