doc/operationflow.dot

   1 /*
   2 digraph O {
   3
   4         subgraph cluster_0 {
   5                 style=filled;
   6                 color=lightgrey;
   7                 node [style=filled,color=white];
   8                 a0 -> a1 -> a2 -> a3;
   9                 label = "process #1";
  10         }
  11
  12         subgraph cluster_1 {
  13                 node [style=filled];
  14                 b0 -> b1 -> b2 -> b3;
  15                 label = "process #2";
  16                 color=blue
  17         }
  18         //start -> a0;
  19         //start -> b0;
  20         a1 -> b3;
  21         b2 -> a3;
  22         a3 -> a0;
  23         //a3 -> end;
  24         //b3 -> end;
  25
  26         //start [shape=Mdiamond];
  27         //end [shape=Msquare];
  28 }
  29 */
  30
  31
  32
  33 digraph OpenPTS {
  34   subgraph cluster_0 {
  35     label="Collector(Init)"
  36     node [style=filled, color=gray]
  37
  38     // Platform states
  39     platform_new [color=green]
  40     platform_boot_bios [label="Enable TPM (BIOS conf)",color=green]
  41     platform_running_1st [color=green]
  42
  43     // TPM state
  44     tpm_takeownership[label="tpm_takeownership -y -z",shape=box]
  45
  46     tss_config [label="Config tcsd\n/etc/tcsd.conf\nservice tcsd restart",shape=note]
  47     iml2text [label="iml2text\n(should dump the IML)",shape=box]
  48     iml2text_error [color=orange]
  49
  50     // PTSC states
  51     ptsc_error_config [color=orange, label="Config error\nManifest error\nTPM error"]
  52
  53     // PTSC actions
  54     group_config  [label="groupadd ptsc\nusermod -a -G ptsc account",shape=box]
  55     ptsc_config [label="Config ptsc\n/etc/ptsc.conf",shape=note]
  56     ptsc_init [label="ptsc -i\n(init)", color=yellow,shape=box]
  57     ptsc_selftest0 [label="ptsc -t\n(selftest)", color=yellow,shape=box]
  58
  59     // Transitions
  60     platform_new -> platform_boot_bios [label="first boot"]
  61     platform_boot_bios -> platform_running_1st [label="first boot"]
  62     platform_running_1st -> tpm_takeownership [label="first boot"]
  63     tpm_takeownership -> tss_config
  64     tss_config -> group_config
  65
  66     tss_config -> iml2text
  67     iml2text -> iml2text_error [label="missing IML"]
  68     iml2text_error -> tss_config
  69
  70     {rank=same; tss_config; iml2text;}
  71
  72     group_config -> ptsc_config
  73
  74
  75     ptsc_config -> ptsc_init
  76     ptsc_init -> ptsc_error_config [label="fail"]
  77     ptsc_error_config -> ptsc_config
  78     ptsc_init -> ptsc_selftest0
  79     ptsc_selftest0 -> ptsc_error_config [label="fail"]
  80
  81     {rank=same; ptsc_config; ptsc_init;}
  82     {rank=same; ptsc_selftest0; ptsc_error_config;}
  83   }
  84
  85
  86
  87   subgraph cluster_1 {
  88     label="Collector(Operation)"
  89     node [style=filled, color=gray]
  90
  91
  92     subgraph cluster_4 {
  93         label="Platform"
  94         // Platform states
  95         platform_running [label="Running\n(w/ consistent IML and RM)",color=green]
  96         platform_update [label="Update/Attack\ne.g. BIOS update",color=orange]
  97         platform_update_running [label="Running\n(w/ inconsistent IML and RM)",color=orange]
  98         platform_update_boot [label="Boot\n(Unknown sequence)",color=orange]
  99         platform_shoutdown [label="Shoutdown"]
 100         platform_boot [label="Boot\n(Known sequence)",color=green]
 101
 102         // Transitions
 103         platform_running -> platform_shoutdown
 104         platform_shoutdown -> platform_boot
 105         platform_boot -> platform_running [label="(w/ consistent IML)"]
 106
 107         platform_running -> platform_update [label="(legitimate change OR attack)"]
 108         platform_update -> platform_update_boot [label="(reboot w/ new boot components)"]
 109         platform_update_boot -> platform_update_running [label="(w/ inconsistent IML)"]
 110         platform_update_running -> platform_shoutdown
 111
 112         platform_update -> ptsc_autoupdate
 113
 114     {rank=same; platform_boot; platform_update_boot;}
 115     {rank=same; platform_running; platform_update_running;}
 116
 117     }
 118
 119     subgraph cluster_5 {
 120         label="PTSC"
 121         // PTSC states
 122         ptsc_null
 123         ptsc_valid   [label="Valid",color=green]
 124         ptsc_invalid [label="Invalid",color=orange]
 125         ptsc_error   [label="ERROR",color=orange]
 126         ptsc_attack  [label="ATTACKED",color=red]
 127         ptsc_s_update [label="Legitimate Update",color=orange]
 128
 129         // PTSC actions
 130         ptsc_selftest [label="ptsc -t\n(selftest)", color=yellow,shape=box]
 131         ptsc_startup [label="ptsc -s\n(startup)", color=yellow,shape=box]
 132         ptsc_display [label="ptsc -D\n(status)",shape=box]
 133         ptsc_update [label="ptsc -u\n(update)", color=yellow,shape=box]
 134         ptsc_autoupdate [label="ptsc -U\n(auto update)", color=yellow,shape=box]
 135         ptsc_ifm [label="SSH(ptsc -m)", color=yellow,shape=box]
 136         ptsc_clear [label="ptsc -e",shape=box]
 137
 138
 139     {rank=same; ptsc_valid; ptsc_invalid;ptsc_attack;}
 140     {rank=same; ptsc_error; ptsc_s_update;}
 141
 142     {rank=same; ptsc_startup; ptsc_update;ptsc_display; ptsc_selftest;}
 143
 144     }
 145
 146
 147
 148     platform_running -> ptsc_startup
 149     ptsc_startup -> ptsc_valid  [label="success"]
 150
 151     platform_update_running -> ptsc_startup
 152     ptsc_startup -> ptsc_invalid [label="fail"]
 153     // ptsc_invalid -> ptsc_update [label="update host manifest\n(legitimate change)"]
 154     ptsc_update -> ptsc_valid
 155
 156     //ptsc_valid -> ptsc_display;
 157     //ptsc_invalid -> ptsc_display;
 158
 159     //ptsc_valid -> ptsc_selftest
 160
 161     //ptsc_valid -> ptsc_clear -> ptsc_null
 162     // ptsc_invalid -> ptsc_selftest
 163     ptsc_invalid -> ptsc_s_update
 164     ptsc_invalid -> ptsc_error
 165
 166     //ptsc_selftest -> ptsc_error
 167     //ptsc_selftest -> ptsc_s_update
 168     ptsc_s_update -> ptsc_update [label="update host manifest\n(legitimate change)"]
 169     ptsc_invalid -> ptsc_attack
 170
 171     ptsc_error -> ptsc_clear [label="reset ptsc"]
 172     // ptsc_invalid -> ptsc_attack
 173     ptsc_clear -> ptsc_null
 174
 175     ptsc_valid -> ptsc_ifm
 176     ptsc_invalid -> ptsc_ifm
 177
 178
 179
 180
 181   }
 182
 183   subgraph cluster_2 {
 184     label="Verifier(enroll)"
 185     node [style=filled, color=gray]
 186
 187     verifier_new
 188     ssh_keygen
 189     ssh_copyid
 190     ssh_ready
 191
 192     verifier_new->ssh_keygen->ssh_copyid-> ssh_ready
 193
 194     openpts_enroll  [label="openpts -i [-f] hostname", color=yellow,shape=box]
 195     openpts_enroll_error [label="ERROR",color=orange]
 196     openpts_enroll_fix  [label="FIX",color=orange]
 197
 198     openpts_enroll -> openpts_enroll_error [label="SSH Error, IFM error"]
 199     openpts_enroll_error -> openpts_enroll_fix
 200     openpts_enroll_fix -> openpts_enroll
 201
 202     {rank=same; openpts_enroll_error; openpts_enroll_fix;}
 203   }
 204
 205   subgraph cluster_3 {
 206     label="Verifier(operation)"
 207     node [style=filled, color=gray]
 208
 209     openpts_verify  [label="openpts [-v] hostname\n(verify)", color=yellow,shape=box]
 210     openpts_remove  [label="openpts -r hostname",shape=box]
 211     openpts_display [label="openpts -D hostname",shape=box]
 212     openpts_enroll_force [label="openpts -i -f hostname", color=yellow,shape=box]
 213
 214     openpts_valid [color=green]
 215     openpts_invalid [color=orange]
 216     openpts_update [color=orange]
 217     openpts_error [color=orange]
 218     openpts_attack [color=red]
 219     openpts_null [label="Fix the problem and Enroll again"]
 220
 221     ssh_ready -> openpts_enroll
 222     openpts_enroll -> openpts_valid
 223     //openpts_enroll -> openpts_enroll_force
 224     openpts_enroll_force -> openpts_valid
 225
 226
 227     //openpts_valid ->
 228     openpts_remove -> openpts_null
 229
 230     //openpts_valid -> openpts_display
 231     //openpts_valid -> openpts_display
 232     //openpts_null  -> openpts_display [label="empty"]
 233
 234     openpts_verify -> openpts_valid   [label="Valid"]
 235     openpts_verify -> openpts_invalid  [label="Invalid"]
 236     openpts_invalid -> openpts_error  [label="ERROR"]
 237     openpts_invalid -> openpts_update [label="legitimate change"]
 238     openpts_update  -> openpts_enroll_force [label="update host manifest\n(legitimate change)"]
 239     openpts_invalid -> openpts_attack [label="invesigate the host"]
 240     openpts_error -> openpts_remove [label="delete odd host"]
 241     //openpts_remove -> openpts_null
 242
 243     //openpts_null -> openpts_enroll
 244     //openpts_null -> openpts_verify  [label="ERROR"]
 245
 246      {rank=same; openpts_verify; openpts_display;}
 247      {rank=same; openpts_valid; openpts_invalid; openpts_attack;}
 248      {rank=same; openpts_remove; openpts_enroll_force;}
 249   }
 250
 251   // 0<->1
 252   ptsc_init -> ptsc_valid
 253   ptsc_null -> ptsc_init
 254
 255   //NG {rank=same2; platform_running_1st; platform_running;}
 256
 257   openpts_verify -> ptsc_ifm [label="IF-M over SSH",dir=both]
 258
 259 }
 260
 261
 262