Skip to Main Navigation Skip to Content

Prioritize, Measure and Quantify CyberSecurity Risk

Part 2. Program Elements Layer

The Program Elements Layer defines a large set of meta-model elements whose purpose is to provide a language-independent intermediate representation for various constructs determined by common programming languages.

Program Layer defines a single KDM Model, called CodeModel, and consists of the following KDM packages:

  • Code
  • Action

Code package defines CodeItems (named elements determined by the programming language, the so-called “symbols,” “definitions,” etc.) and structural relations between them. CodeItems are further categorized into ComputationalObject, Datatypes and Modules. Action package defines behavioral elements and various behavioral relationships, which determine the control- and data- flows between code items.

Description of the Code package is further subdivided into the following parts:

  • Code Elements representing Modules
  • Code Elements representing Computational Objects
  • Code Elements representing Datatypes
  • Code Elements representing Preprocessor Directives
  • Miscellaneous Code Elements

Data representation of KDM is aligned with ISO/IEC 11404 (Language-Independent datatypes) standard. In particular, KDM provides distinct meta-model elements for “data elements” (for example, global and local variables, constants, record fields, parameters, class members, array items and pointer base elements) and “datatypes”. Each data element has an association “type” to its datatype. KDM distinguishes primitive datatypes (for example Integer, Boolean), complex user-defined datatypes (for example, array, pointer, sequence) and named datatypes (for example, a class, a synonym type). KDM meta-model elements corresponding to datatypes are subclasses of a generic class Datatype. KDM meta-model elements corresponding to data elements are subclasses of a generic class DataElement.

KDM model elements represent existing artifacts determined by a programming language. KDM meta-model elements provide sufficient coverage for most common datatypes and data elements, common to programming languages. KDM also provides several powerful generic extensible elements that can be further used with stereotypes to represent uncommon situations.

In addition to the type association, KDM relationship “HasType” is used to track named datatypes. Anonymous datatypes can be owned by the data element that uses it.

The meta-model elements of the Program Elements Layer uses the following naming conventions (whenever practical):

  • suffix “Element” – usually designates a generic meta-model element
  • suffix “Type” – designates a meta-model element representing some datatype
  • suffic “Unit” – designates a concrete meta-model element