use crate::core::Result;
use crate::engine::Mission;
use super::constraints::SMTConstraint;
use super::solver::{SMTResult, SMTSolver};
use serde::{Deserialize, Serialize};
use std::collections::HashMap;
use chrono::{DateTime, Utc};
#[derive(Debug, Clone, Hash, PartialEq, Eq, Serialize, Deserialize)]
pub enum StandardsFramework {
GDPR,
DoD,
ISO27001,
SOC2,
HIPAA,
PciDss,
FedRAMP,
NIST,
ZeroTrust,
}
#[derive(Debug, Clone, Serialize, Deserialize)]
pub enum GDPRConstraint {
LawfulBasis(String), PurposeLimitation(String), DataMinimization(String), Accuracy(String), StorageLimitation(String), IntegrityConfidentiality(String), Accountability(String), DataSubjectRights(String), }
#[derive(Debug, Clone, Serialize, Deserialize)]
pub enum DoDConstraint {
IdentificationAuthentication(String), AccessControl(String), AuditAccountability(String), ConfigurationManagement(String), IncidentResponse(String), RiskAssessment(String), SystemIntegrity(String), }
#[derive(Debug, Clone, Serialize, Deserialize)]
pub enum HIPAAConstraint {
PHIProtection(String), PatientRights(String), TechnicalSafeguards(String), AdministrativeSafeguards(String), PhysicalSafeguards(String), BreachNotification(String), BusinessAssociate(String), MinimumNecessary(String), }
#[derive(Debug, Clone, Serialize, Deserialize)]
pub enum SOC2Constraint {
Security(String), Availability(String), ProcessingIntegrity(String), Confidentiality(String), Privacy(String), }
#[derive(Debug, Clone, Serialize, Deserialize)]
pub enum ISO27001Constraint {
ISMS(String), RiskManagement(String), SecurityControls(String), ContinualImprovement(String), DocumentationControl(String), CompetenceAwareness(String), }
#[derive(Debug, Clone, Serialize, Deserialize)]
pub enum PCIDSSConstraint {
NetworkSecurity(String), DataProtection(String), VulnerabilityManagement(String), AccessControl(String), NetworkMonitoring(String), SecurityTesting(String), InformationSecurity(String), }
#[derive(Debug, Clone, Serialize, Deserialize)]
pub enum ComplianceViolationLevel {
Critical, High, Medium, Low, }
#[derive(Debug, Clone, Serialize, Deserialize)]
pub struct ComplianceViolation {
pub standard: StandardsFramework,
pub article_section: String,
pub violation_type: String,
pub severity: ComplianceViolationLevel,
pub description: String,
pub remediation: String,
pub smt_proof: String,
}
#[derive(Debug, Clone, Serialize, Deserialize)]
pub struct StandardsComplianceResult {
pub overall_compliant: bool,
pub mission_id: String,
pub verification_timestamp: DateTime<Utc>,
pub applicable_standards: Vec<StandardsFramework>,
pub violations: Vec<ComplianceViolation>,
pub certification_evidence: CertificationEvidence,
}
#[derive(Debug, Clone, Serialize, Deserialize)]
pub struct CertificationEvidence {
pub smt_proofs: Vec<String>,
pub constraint_hashes: Vec<String>,
pub audit_trail_hash: String,
pub verification_signature: String,
pub standards_versions: HashMap<StandardsFramework, String>,
}
pub struct StandardsConstraintGenerator {
gdpr_rules: Vec<GDPRConstraint>,
dod_rules: Vec<DoDConstraint>,
_hipaa_rules: Vec<HIPAAConstraint>,
_soc2_rules: Vec<SOC2Constraint>,
_iso27001_rules: Vec<ISO27001Constraint>,
_pci_rules: Vec<PCIDSSConstraint>,
}
impl StandardsConstraintGenerator {
pub fn new() -> Self {
Self {
gdpr_rules: Self::load_gdpr_constraints(),
dod_rules: Self::load_dod_constraints(),
_hipaa_rules: Self::load_hipaa_constraints(),
_soc2_rules: Self::load_soc2_constraints(),
_iso27001_rules: Self::load_iso27001_constraints(),
_pci_rules: Self::load_pci_constraints(),
}
}
pub fn generate_gdpr_constraints(&self, _mission: &Mission) -> Result<Vec<SMTConstraint>> {
let mut constraints = Vec::new();
let _gdpr_rules = &self.gdpr_rules;
constraints.push(SMTConstraint {
id: "gdpr_art5_lawfulness".to_string(),
constraint_type: super::constraints::ConstraintType::Safety,
expression: "(assert (forall ((processing DataProcessing)) (=> (processes mission processing) (exists ((basis LegalBasis)) (applies-to basis processing)))))".to_string(),
description: "GDPR Art. 5.1.a: All processing must have lawful basis".to_string(),
severity: super::constraints::ConstraintSeverity::Critical,
});
constraints.push(SMTConstraint {
id: "gdpr_art5_purpose_limitation".to_string(),
constraint_type: super::constraints::ConstraintType::Safety,
expression: "(assert (forall ((processing DataProcessing)) (=> (processes mission processing) (and (specific processing.purpose) (explicit processing.purpose) (legitimate processing.purpose)))))".to_string(),
description: "GDPR Art. 5.1.b: Purpose limitation - specific, explicit, legitimate".to_string(),
severity: super::constraints::ConstraintSeverity::Critical,
});
constraints.push(SMTConstraint {
id: "gdpr_art5_data_minimization".to_string(),
constraint_type: super::constraints::ConstraintType::Safety,
expression: "(assert (forall ((field DataField)) (=> (processes-field mission field) (and (adequate field mission.purpose) (relevant field mission.purpose) (necessary field mission.purpose)))))".to_string(),
description: "GDPR Art. 5.1.c: Data minimization - adequate, relevant, necessary".to_string(),
severity: super::constraints::ConstraintSeverity::Critical,
});
constraints.push(SMTConstraint {
id: "gdpr_art5_accuracy".to_string(),
constraint_type: super::constraints::ConstraintType::Safety,
expression: "(assert (forall ((data PersonalData)) (=> (stores mission data) (and (accurate data) (up-to-date data) (erasable-when-inaccurate data)))))".to_string(),
description: "GDPR Art. 5.1.d: Accuracy - accurate, up-to-date, erasable when inaccurate".to_string(),
severity: super::constraints::ConstraintSeverity::High,
});
constraints.push(SMTConstraint {
id: "gdpr_art5_storage_limitation".to_string(),
constraint_type: super::constraints::ConstraintType::Temporal,
expression: "(assert (forall ((data PersonalData)) (=> (stores mission data) (< data.retention_period (max-necessary-period data.purpose)))))".to_string(),
description: "GDPR Art. 5.1.e: Storage limitation - no longer than necessary".to_string(),
severity: super::constraints::ConstraintSeverity::High,
});
constraints.push(SMTConstraint {
id: "gdpr_art5_integrity_confidentiality".to_string(),
constraint_type: super::constraints::ConstraintType::Safety,
expression: "(assert (forall ((data PersonalData)) (=> (processes mission data) (and (encrypted-at-rest data) (encrypted-in-transit data) (access-controlled data) (integrity-protected data)))))".to_string(),
description: "GDPR Art. 5.1.f: Integrity and confidentiality - technical and organizational measures".to_string(),
severity: super::constraints::ConstraintSeverity::Critical,
});
constraints.push(SMTConstraint {
id: "gdpr_art5_accountability".to_string(),
constraint_type: super::constraints::ConstraintType::Safety,
expression: "(assert (forall ((principle GDPRPrinciple)) (=> (applies principle mission) (demonstrable-compliance principle mission))))".to_string(),
description: "GDPR Art. 5.2: Accountability - demonstrable compliance with all principles".to_string(),
severity: super::constraints::ConstraintSeverity::Critical,
});
let legal_bases = vec!["consent", "contract", "legal_obligation", "vital_interests", "public_task", "legitimate_interests"];
for (i, basis) in legal_bases.iter().enumerate() {
constraints.push(SMTConstraint {
id: format!("gdpr_art6_{}_basis", basis),
constraint_type: super::constraints::ConstraintType::Safety,
expression: format!("(assert (=> (uses-legal-basis mission \"{}\") (and (documented \"{}\") (justified \"{}\") (reviewable \"{}\"))))", basis, basis, basis, basis),
description: format!("GDPR Art. 6.1.{}: {} legal basis requirements", ('a' as u8 + i as u8) as char, basis),
severity: super::constraints::ConstraintSeverity::Critical,
});
}
constraints.push(SMTConstraint {
id: "gdpr_art7_consent_freely_given".to_string(),
constraint_type: super::constraints::ConstraintType::Safety,
expression: "(assert (forall ((consent Consent)) (=> (uses-consent mission consent) (and (freely-given consent) (specific consent) (informed consent) (unambiguous consent)))))".to_string(),
description: "GDPR Art. 7: Consent must be freely given, specific, informed, unambiguous".to_string(),
severity: super::constraints::ConstraintSeverity::Critical,
});
constraints.push(SMTConstraint {
id: "gdpr_art7_consent_withdrawal".to_string(),
constraint_type: super::constraints::ConstraintType::Safety,
expression: "(assert (forall ((consent Consent)) (=> (uses-consent mission consent) (= (difficulty (withdraw consent)) (difficulty (give consent))))))".to_string(),
description: "GDPR Art. 7.3: Consent withdrawal must be as easy as giving consent".to_string(),
severity: super::constraints::ConstraintSeverity::High,
});
constraints.push(SMTConstraint {
id: "gdpr_art7_consent_demonstrable".to_string(),
constraint_type: super::constraints::ConstraintType::Safety,
expression: "(assert (forall ((consent Consent)) (=> (uses-consent mission consent) (and (recorded consent) (timestamped consent) (auditable consent)))))".to_string(),
description: "GDPR Art. 7.1: Controller must be able to demonstrate consent".to_string(),
severity: super::constraints::ConstraintSeverity::High,
});
constraints.push(SMTConstraint {
id: "gdpr_art7_consent_unbundled".to_string(),
constraint_type: super::constraints::ConstraintType::Safety,
expression: "(assert (forall ((consent Consent) (service Service)) (=> (and (uses-consent mission consent) (provides-service mission service)) (not (conditional service consent)))))".to_string(),
description: "GDPR Art. 7.4: Service provision cannot be conditional on non-essential consent".to_string(),
severity: super::constraints::ConstraintSeverity::Medium,
});
let special_categories = vec!["health", "biometric", "genetic", "political_opinions", "religious_beliefs", "trade_union", "sex_life", "sexual_orientation", "racial_ethnic", "criminal_convictions"];
for category in special_categories {
constraints.push(SMTConstraint {
id: format!("gdpr_art9_{}_protection", category),
constraint_type: super::constraints::ConstraintType::Safety,
expression: format!("(assert (=> (processes-{} mission) (exists ((exception Art9Exception)) (and (applies exception mission) (documented exception)))))", category),
description: format!("GDPR Art. 9: {} data requires Art. 9.2 exception", category.replace('_', " ")),
severity: super::constraints::ConstraintSeverity::Critical,
});
}
constraints.push(SMTConstraint {
id: "gdpr_art12_transparent_information".to_string(),
constraint_type: super::constraints::ConstraintType::Safety,
expression: "(assert (forall ((info PrivacyInfo)) (=> (provides-info mission info) (and (concise info) (transparent info) (intelligible info) (easily-accessible info)))))".to_string(),
description: "GDPR Art. 12.1: Information must be concise, transparent, intelligible, easily accessible".to_string(),
severity: super::constraints::ConstraintSeverity::High,
});
constraints.push(SMTConstraint {
id: "gdpr_art12_plain_language".to_string(),
constraint_type: super::constraints::ConstraintType::Safety,
expression: "(assert (forall ((info PrivacyInfo)) (=> (provides-info mission info) (and (clear-language info) (plain-language info) (appropriate-for-audience info)))))".to_string(),
description: "GDPR Art. 12.1: Information must be in clear and plain language".to_string(),
severity: super::constraints::ConstraintSeverity::Medium,
});
constraints.push(SMTConstraint {
id: "gdpr_art12_free_of_charge".to_string(),
constraint_type: super::constraints::ConstraintType::Safety,
expression: "(assert (forall ((request DataSubjectRequest)) (=> (receives mission request) (or (= (cost request) 0) (excessive request)))))".to_string(),
description: "GDPR Art. 12.5: Information and responses provided free unless requests excessive".to_string(),
severity: super::constraints::ConstraintSeverity::Medium,
});
constraints.push(SMTConstraint {
id: "gdpr_art12_timely_response".to_string(),
constraint_type: super::constraints::ConstraintType::Temporal,
expression: "(assert (forall ((request DataSubjectRequest)) (=> (receives mission request) (<= (response-time request) 2592000))))".to_string(), description: "GDPR Art. 12.3: Response to data subject requests within one month".to_string(),
severity: super::constraints::ConstraintSeverity::High,
});
let required_info_elements = vec!["controller_identity", "dpo_contact", "purposes", "legal_basis", "recipients", "retention_period", "subject_rights", "withdrawal_right", "complaint_right"];
for element in required_info_elements {
constraints.push(SMTConstraint {
id: format!("gdpr_info_element_{}", element),
constraint_type: super::constraints::ConstraintType::Safety,
expression: format!("(assert (=> (collects-personal-data mission) (provides-info mission \"{}\")))", element),
description: format!("GDPR Art. 13-14: {} must be provided at collection", element.replace('_', " ")),
severity: super::constraints::ConstraintSeverity::High,
});
}
constraints.push(SMTConstraint {
id: "gdpr_art15_access_confirmation".to_string(),
constraint_type: super::constraints::ConstraintType::Safety,
expression: "(assert (forall ((subject DataSubject)) (=> (requests-access subject mission) (provides-confirmation mission (processes-data-of subject)))))".to_string(),
description: "GDPR Art. 15.1: Provide confirmation whether personal data is processed".to_string(),
severity: super::constraints::ConstraintSeverity::High,
});
constraints.push(SMTConstraint {
id: "gdpr_art15_data_copy".to_string(),
constraint_type: super::constraints::ConstraintType::Safety,
expression: "(assert (forall ((subject DataSubject)) (=> (and (requests-access subject mission) (processes-data-of mission subject)) (and (provides-copy mission subject.data) (= (cost (first-copy subject.data)) 0)))))".to_string(),
description: "GDPR Art. 15.3: Provide copy of personal data being processed free of charge".to_string(),
severity: super::constraints::ConstraintSeverity::High,
});
let erasure_grounds = vec!["no_longer_necessary", "consent_withdrawn", "unlawful_processing", "legal_compliance", "child_consent", "objection_upheld"];
for ground in erasure_grounds {
constraints.push(SMTConstraint {
id: format!("gdpr_art17_erasure_{}", ground),
constraint_type: super::constraints::ConstraintType::Safety,
expression: format!("(assert (=> (and (requests-erasure subject mission) ({})) (must-erase mission subject.data)))", ground.replace('_', "-")),
description: format!("GDPR Art. 17.1: Erasure required when {}", ground.replace('_', " ")),
severity: super::constraints::ConstraintSeverity::High,
});
}
let erasure_exceptions = vec!["freedom_expression", "legal_compliance", "public_interest", "scientific_research", "legal_claims"];
for exception in erasure_exceptions {
constraints.push(SMTConstraint {
id: format!("gdpr_art17_exception_{}", exception),
constraint_type: super::constraints::ConstraintType::Safety,
expression: format!("(assert (=> (and (requests-erasure subject mission) ({})) (not (must-erase mission subject.data))))", exception.replace('_', "-")),
description: format!("GDPR Art. 17.3: Erasure exception for {}", exception.replace('_', " ")),
severity: super::constraints::ConstraintSeverity::Medium,
});
}
constraints.push(SMTConstraint {
id: "gdpr_art20_structured_format".to_string(),
constraint_type: super::constraints::ConstraintType::Safety,
expression: "(assert (=> (and (requests-portability subject mission) (consent-or-contract-basis mission)) (provides-structured-format mission subject.data)))".to_string(),
description: "GDPR Art. 20.1: Provide data in structured, commonly used, machine-readable format".to_string(),
severity: super::constraints::ConstraintSeverity::Medium,
});
constraints.push(SMTConstraint {
id: "gdpr_art20_direct_transmission".to_string(),
constraint_type: super::constraints::ConstraintType::Safety,
expression: "(assert (=> (and (requests-transmission subject mission controller2) (technically-feasible subject.data controller2)) (enables-direct-transmission mission subject.data controller2)))".to_string(),
description: "GDPR Art. 20.2: Enable direct transmission when technically feasible".to_string(),
severity: super::constraints::ConstraintSeverity::Medium,
});
constraints.push(SMTConstraint {
id: "gdpr_art22_no_automated_decisions".to_string(),
constraint_type: super::constraints::ConstraintType::Safety,
expression: "(assert (=> (automated-decision-making mission) (exists ((exception Art22Exception)) (applies exception mission))))".to_string(),
description: "GDPR Art. 22.1: No automated decision-making with legal effects unless exception applies".to_string(),
severity: super::constraints::ConstraintSeverity::Critical,
});
constraints.push(SMTConstraint {
id: "gdpr_art22_human_intervention".to_string(),
constraint_type: super::constraints::ConstraintType::Safety,
expression: "(assert (forall ((decision AutomatedDecision)) (=> (makes-decision mission decision) (and (human-intervention-available decision) (challenge-decision-available decision) (explanation-available decision)))))".to_string(),
description: "GDPR Art. 22.3: Human intervention, challenge, and explanation rights for automated decisions".to_string(),
severity: super::constraints::ConstraintSeverity::High,
});
constraints.push(SMTConstraint {
id: "gdpr_art22_no_special_category_profiling".to_string(),
constraint_type: super::constraints::ConstraintType::Safety,
expression: "(assert (=> (automated-profiling mission) (not (uses-special-category-data mission))))".to_string(),
description: "GDPR Art. 22.4: Automated profiling cannot be based on special category data".to_string(),
severity: super::constraints::ConstraintSeverity::Critical,
});
constraints.push(SMTConstraint {
id: "gdpr_art25_privacy_by_design".to_string(),
constraint_type: super::constraints::ConstraintType::Safety,
expression: "(assert (forall ((system System)) (=> (implements mission system) (and (privacy-by-design system) (privacy-by-default system)))))".to_string(),
description: "GDPR Art. 25.1: Privacy by design and by default implementation".to_string(),
severity: super::constraints::ConstraintSeverity::High,
});
constraints.push(SMTConstraint {
id: "gdpr_art25_data_minimization_default".to_string(),
constraint_type: super::constraints::ConstraintType::Safety,
expression: "(assert (forall ((system System)) (=> (implements mission system) (= system.default_processing (minimal-necessary-processing system.purpose)))))".to_string(),
description: "GDPR Art. 25.2: Data minimization by default - only necessary data processed".to_string(),
severity: super::constraints::ConstraintSeverity::High,
});
let security_measures = vec!["pseudonymization", "encryption", "confidentiality", "integrity", "availability", "resilience"];
for measure in security_measures {
constraints.push(SMTConstraint {
id: format!("gdpr_art32_{}", measure),
constraint_type: super::constraints::ConstraintType::Safety,
expression: format!("(assert (forall ((data PersonalData)) (=> (processes mission data) (implements-{} mission data))))", measure.replace('_', "-")),
description: format!("GDPR Art. 32.1: {} implementation for personal data security", measure.replace('_', " ")),
severity: super::constraints::ConstraintSeverity::Critical,
});
}
constraints.push(SMTConstraint {
id: "gdpr_art32_security_testing".to_string(),
constraint_type: super::constraints::ConstraintType::Temporal,
expression: "(assert (forall ((system System)) (=> (implements mission system) (and (regularly-tested system.security) (<= system.test_interval 7776000)))))".to_string(), description: "GDPR Art. 32.1.d: Regular testing and evaluation of security effectiveness".to_string(),
severity: super::constraints::ConstraintSeverity::High,
});
constraints.push(SMTConstraint {
id: "gdpr_art32_risk_appropriate".to_string(),
constraint_type: super::constraints::ConstraintType::Safety,
expression: "(assert (forall ((measure SecurityMeasure)) (=> (implements mission measure) (appropriate-to-risk measure (risk-assessment mission)))))".to_string(),
description: "GDPR Art. 32.1: Security measures must be appropriate to risk level".to_string(),
severity: super::constraints::ConstraintSeverity::High,
});
constraints.push(SMTConstraint {
id: "gdpr_art33_breach_notification_72h".to_string(),
constraint_type: super::constraints::ConstraintType::Temporal,
expression: "(assert (forall ((breach DataBreach)) (=> (detects mission breach) (<= (notification-delay breach supervisory_authority) 259200))))".to_string(), description: "GDPR Art. 33.1: Breach notification to supervisory authority within 72 hours".to_string(),
severity: super::constraints::ConstraintSeverity::Critical,
});
constraints.push(SMTConstraint {
id: "gdpr_art34_subject_notification".to_string(),
constraint_type: super::constraints::ConstraintType::Safety,
expression: "(assert (forall ((breach DataBreach)) (=> (and (detects mission breach) (high-risk breach)) (notifies mission breach.affected_subjects))))".to_string(),
description: "GDPR Art. 34.1: High-risk breaches must be communicated to affected data subjects".to_string(),
severity: super::constraints::ConstraintSeverity::High,
});
constraints.push(SMTConstraint {
id: "gdpr_art35_dpia_required".to_string(),
constraint_type: super::constraints::ConstraintType::Safety,
expression: "(assert (=> (high-risk-processing mission) (completed-dpia mission)))".to_string(),
description: "GDPR Art. 35.1: DPIA required for high-risk processing operations".to_string(),
severity: super::constraints::ConstraintSeverity::High,
});
constraints.push(SMTConstraint {
id: "gdpr_art35_systematic_monitoring".to_string(),
constraint_type: super::constraints::ConstraintType::Safety,
expression: "(assert (=> (and (systematic-monitoring mission) (large-scale mission) (public-area mission)) (completed-dpia mission)))".to_string(),
description: "GDPR Art. 35.3.c: DPIA required for systematic monitoring of publicly accessible areas".to_string(),
severity: super::constraints::ConstraintSeverity::High,
});
constraints.push(SMTConstraint {
id: "gdpr_art44_transfer_adequacy".to_string(),
constraint_type: super::constraints::ConstraintType::Safety,
expression: "(assert (forall ((transfer InternationalTransfer)) (=> (performs mission transfer) (or (adequate-country transfer.destination) (appropriate-safeguards transfer)))))".to_string(),
description: "GDPR Art. 44: International transfers only to adequate countries or with appropriate safeguards".to_string(),
severity: super::constraints::ConstraintSeverity::Critical,
});
constraints.push(SMTConstraint {
id: "gdpr_art46_appropriate_safeguards".to_string(),
constraint_type: super::constraints::ConstraintType::Safety,
expression: "(assert (forall ((transfer InternationalTransfer)) (=> (and (performs mission transfer) (not (adequate-country transfer.destination))) (or (standard-contractual-clauses transfer) (binding-corporate-rules transfer) (approved-mechanism transfer)))))".to_string(),
description: "GDPR Art. 46: Appropriate safeguards required for non-adequate country transfers".to_string(),
severity: super::constraints::ConstraintSeverity::Critical,
});
Ok(constraints)
}
pub fn generate_dod_constraints(&self, _mission: &Mission) -> Result<Vec<SMTConstraint>> {
let mut constraints = Vec::new();
let _dod_rules = &self.dod_rules;
constraints.push(SMTConstraint {
id: "dod_ac1_policy_procedures".to_string(),
constraint_type: super::constraints::ConstraintType::Safety,
expression: "(assert (and (exists ((policy AccessControlPolicy)) (documented policy)) (exists ((procedures AccessControlProcedures)) (implemented procedures))))".to_string(),
description: "DoD AC-1: Access control policy and procedures established and documented".to_string(),
severity: super::constraints::ConstraintSeverity::Critical,
});
constraints.push(SMTConstraint {
id: "dod_ac2_account_management".to_string(),
constraint_type: super::constraints::ConstraintType::Safety,
expression: "(assert (forall ((account Account)) (=> (manages mission account) (and (identified account.type) (established account.conditions) (authorized account.access) (monitored account.usage)))))".to_string(),
description: "DoD AC-2: Account management - identify types, establish conditions, authorize access".to_string(),
severity: super::constraints::ConstraintSeverity::Critical,
});
constraints.push(SMTConstraint {
id: "dod_ac3_access_enforcement".to_string(),
constraint_type: super::constraints::ConstraintType::Safety,
expression: "(assert (forall ((access AccessRequest)) (=> (requests mission access) (and (approved access) (authorized access) (before-granting access)))))".to_string(),
description: "DoD AC-3: Access enforcement - approve permissions before granting access".to_string(),
severity: super::constraints::ConstraintSeverity::Critical,
});
constraints.push(SMTConstraint {
id: "dod_ac6_least_privilege".to_string(),
constraint_type: super::constraints::ConstraintType::Safety,
expression: "(assert (forall ((user User) (permission Permission)) (=> (grants mission user permission) (and (necessary permission user.role) (minimal permission user.tasks)))))".to_string(),
description: "DoD AC-6: Least privilege - only necessary permissions for authorized tasks".to_string(),
severity: super::constraints::ConstraintSeverity::Critical,
});
constraints.push(SMTConstraint {
id: "dod_ac7_failed_logon_limit".to_string(),
constraint_type: super::constraints::ConstraintType::Safety,
expression: "(assert (forall ((user User)) (=> (failed-logons user mission) (<= user.consecutive_failures 3))))".to_string(),
description: "DoD AC-7: Enforce limit on consecutive failed logon attempts (max 3)".to_string(),
severity: super::constraints::ConstraintSeverity::High,
});
constraints.push(SMTConstraint {
id: "dod_ac11_session_lock".to_string(),
constraint_type: super::constraints::ConstraintType::Temporal,
expression: "(assert (forall ((session UserSession)) (=> (manages mission session) (and (locks-after-inactivity session) (<= session.inactivity_timeout 900)))))".to_string(), description: "DoD AC-11: Session lock after maximum inactivity period (15 minutes)".to_string(),
severity: super::constraints::ConstraintSeverity::Medium,
});
constraints.push(SMTConstraint {
id: "dod_ac12_session_termination".to_string(),
constraint_type: super::constraints::ConstraintType::Temporal,
expression: "(assert (forall ((session UserSession)) (=> (manages mission session) (or (user-initiated-termination session) (condition-triggered-termination session)))))".to_string(),
description: "DoD AC-12: Automatic session termination based on conditions".to_string(),
severity: super::constraints::ConstraintSeverity::Medium,
});
constraints.push(SMTConstraint {
id: "dod_au1_audit_policy".to_string(),
constraint_type: super::constraints::ConstraintType::Safety,
expression: "(assert (and (exists ((policy AuditPolicy)) (documented policy)) (exists ((procedures AuditProcedures)) (implemented procedures))))".to_string(),
description: "DoD AU-1: Audit and accountability policy and procedures established".to_string(),
severity: super::constraints::ConstraintSeverity::Critical,
});
constraints.push(SMTConstraint {
id: "dod_au2_auditable_events".to_string(),
constraint_type: super::constraints::ConstraintType::Safety,
expression: "(assert (forall ((event AuditableEvent)) (=> (occurs mission event) (and (identified event.type) (logged event) (timestamped event)))))".to_string(),
description: "DoD AU-2: Determine auditable events and log security-relevant events".to_string(),
severity: super::constraints::ConstraintSeverity::Critical,
});
constraints.push(SMTConstraint {
id: "dod_au3_audit_content".to_string(),
constraint_type: super::constraints::ConstraintType::Safety,
expression: "(assert (forall ((record AuditRecord)) (=> (generates mission record) (and (includes record.timestamp) (includes record.event_type) (includes record.user_id) (includes record.outcome)))))".to_string(),
description: "DoD AU-3: Audit records include timestamp, event type, user ID, outcome".to_string(),
severity: super::constraints::ConstraintSeverity::High,
});
constraints.push(SMTConstraint {
id: "dod_au4_audit_storage".to_string(),
constraint_type: super::constraints::ConstraintType::Safety,
expression: "(assert (forall ((storage AuditStorage)) (=> (uses mission storage) (and (sufficient-capacity storage) (protected-from-unauthorized-access storage) (protected-from-modification storage)))))".to_string(),
description: "DoD AU-4: Allocate sufficient audit log storage capacity with protection".to_string(),
severity: super::constraints::ConstraintSeverity::High,
});
constraints.push(SMTConstraint {
id: "dod_au5_audit_failure_response".to_string(),
constraint_type: super::constraints::ConstraintType::Safety,
expression: "(assert (forall ((failure AuditFailure)) (=> (detects mission failure) (and (alerts failure.responsible_personnel) (takes-corrective-action failure)))))".to_string(),
description: "DoD AU-5: Alert personnel and take corrective action on audit logging failures".to_string(),
severity: super::constraints::ConstraintSeverity::High,
});
constraints.push(SMTConstraint {
id: "dod_au9_audit_protection".to_string(),
constraint_type: super::constraints::ConstraintType::Safety,
expression: "(assert (forall ((audit_info AuditInformation)) (=> (stores mission audit_info) (and (protected-from-unauthorized-access audit_info) (protected-from-modification audit_info) (protected-from-deletion audit_info)))))".to_string(),
description: "DoD AU-9: Protect audit information from unauthorized access, modification, deletion".to_string(),
severity: super::constraints::ConstraintSeverity::Critical,
});
constraints.push(SMTConstraint {
id: "dod_ia1_policy_procedures".to_string(),
constraint_type: super::constraints::ConstraintType::Safety,
expression: "(assert (and (exists ((policy IAPolicy)) (documented policy)) (exists ((procedures IAProcedures)) (implemented procedures))))".to_string(),
description: "DoD IA-1: Identification and authentication policy and procedures".to_string(),
severity: super::constraints::ConstraintSeverity::Critical,
});
constraints.push(SMTConstraint {
id: "dod_ia2_user_identification".to_string(),
constraint_type: super::constraints::ConstraintType::Safety,
expression: "(assert (forall ((user User)) (=> (accesses mission user) (and (uniquely-identified user) (authenticated user) (authorized user)))))".to_string(),
description: "DoD IA-2: Uniquely identify and authenticate organizational users".to_string(),
severity: super::constraints::ConstraintSeverity::Critical,
});
constraints.push(SMTConstraint {
id: "dod_ia3_device_identification".to_string(),
constraint_type: super::constraints::ConstraintType::Safety,
expression: "(assert (forall ((device Device)) (=> (connects mission device) (and (uniquely-identified device) (authenticated device) (authorized device)))))".to_string(),
description: "DoD IA-3: Uniquely identify and authenticate devices before connection".to_string(),
severity: super::constraints::ConstraintSeverity::Critical,
});
constraints.push(SMTConstraint {
id: "dod_ia5_authenticator_management".to_string(),
constraint_type: super::constraints::ConstraintType::Safety,
expression: "(assert (forall ((auth Authenticator)) (=> (manages mission auth) (and (verified-identity auth.user) (established-initial-content auth) (protected-from-unauthorized-disclosure auth)))))".to_string(),
description: "DoD IA-5: Manage authenticators - verify identity, establish content, protect from disclosure".to_string(),
severity: super::constraints::ConstraintSeverity::Critical,
});
constraints.push(SMTConstraint {
id: "dod_si1_policy_procedures".to_string(),
constraint_type: super::constraints::ConstraintType::Safety,
expression: "(assert (and (exists ((policy SIPolicy)) (documented policy)) (exists ((procedures SIProcedures)) (implemented procedures))))".to_string(),
description: "DoD SI-1: System and information integrity policy and procedures".to_string(),
severity: super::constraints::ConstraintSeverity::Critical,
});
constraints.push(SMTConstraint {
id: "dod_si2_flaw_remediation".to_string(),
constraint_type: super::constraints::ConstraintType::Temporal,
expression: "(assert (forall ((flaw SecurityFlaw)) (=> (identifies mission flaw) (and (reports flaw) (corrects flaw) (<= (correction-time flaw) (risk-based-timeframe flaw.severity))))))".to_string(),
description: "DoD SI-2: Identify, report, and correct system flaws within risk-based timeframes".to_string(),
severity: super::constraints::ConstraintSeverity::Critical,
});
constraints.push(SMTConstraint {
id: "dod_si3_malicious_code_protection".to_string(),
constraint_type: super::constraints::ConstraintType::Safety,
expression: "(assert (forall ((system System)) (=> (implements mission system) (and (malware-detection system) (malware-prevention system) (signature-updates system) (quarantine-capability system)))))".to_string(),
description: "DoD SI-3: Implement malicious code protection with detection, prevention, updates".to_string(),
severity: super::constraints::ConstraintSeverity::Critical,
});
constraints.push(SMTConstraint {
id: "dod_si4_system_monitoring".to_string(),
constraint_type: super::constraints::ConstraintType::Safety,
expression: "(assert (forall ((system System)) (=> (monitors mission system) (and (detects-attacks system) (detects-indicators system) (identifies-unauthorized-use system) (alerts-personnel system)))))".to_string(),
description: "DoD SI-4: Monitor system for attacks, indicators, unauthorized use".to_string(),
severity: super::constraints::ConstraintSeverity::Critical,
});
constraints.push(SMTConstraint {
id: "dod_si7_software_integrity".to_string(),
constraint_type: super::constraints::ConstraintType::Safety,
expression: "(assert (forall ((software Software)) (=> (uses mission software) (and (integrity-verified software) (digitally-signed software) (checksum-validated software)))))".to_string(),
description: "DoD SI-7: Software, firmware, and information integrity verification".to_string(),
severity: super::constraints::ConstraintSeverity::Critical,
});
constraints.push(SMTConstraint {
id: "dod_si10_input_validation".to_string(),
constraint_type: super::constraints::ConstraintType::Safety,
expression: "(assert (forall ((input UserInput)) (=> (receives mission input) (and (validated input.format) (sanitized input.content) (range-checked input.values)))))".to_string(),
description: "DoD SI-10: Check validity of information inputs - format, content, range".to_string(),
severity: super::constraints::ConstraintSeverity::Critical,
});
constraints.push(SMTConstraint {
id: "dod_cm2_baseline_configuration".to_string(),
constraint_type: super::constraints::ConstraintType::Safety,
expression: "(assert (forall ((system System)) (=> (deploys mission system) (and (documented system.baseline) (maintained system.baseline) (reviewed system.baseline) (approved system.baseline)))))".to_string(),
description: "DoD CM-2: Establish and maintain baseline configurations".to_string(),
severity: super::constraints::ConstraintSeverity::High,
});
constraints.push(SMTConstraint {
id: "dod_cm3_change_control".to_string(),
constraint_type: super::constraints::ConstraintType::Safety,
expression: "(assert (forall ((change SystemChange)) (=> (implements mission change) (and (controlled change) (approved change) (tested change) (documented change)))))".to_string(),
description: "DoD CM-3: Control changes to system - approval, testing, documentation".to_string(),
severity: super::constraints::ConstraintSeverity::High,
});
constraints.push(SMTConstraint {
id: "dod_cm6_configuration_settings".to_string(),
constraint_type: super::constraints::ConstraintType::Safety,
expression: "(assert (forall ((setting ConfigSetting)) (=> (configures mission setting) (and (secure-default setting) (documented setting) (mandatory setting.security_relevant)))))".to_string(),
description: "DoD CM-6: Establish mandatory configuration settings for security".to_string(),
severity: super::constraints::ConstraintSeverity::High,
});
constraints.push(SMTConstraint {
id: "dod_cm7_least_functionality".to_string(),
constraint_type: super::constraints::ConstraintType::Safety,
expression: "(assert (forall ((capability SystemCapability)) (=> (provides mission capability) (or (essential capability) (mission-required capability)))))".to_string(),
description: "DoD CM-7: Configure system to provide only essential capabilities".to_string(),
severity: super::constraints::ConstraintSeverity::Medium,
});
constraints.push(SMTConstraint {
id: "dod_ir1_policy_procedures".to_string(),
constraint_type: super::constraints::ConstraintType::Safety,
expression: "(assert (and (exists ((policy IRPolicy)) (documented policy)) (exists ((procedures IRProcedures)) (implemented procedures))))".to_string(),
description: "DoD IR-1: Incident response policy and procedures established".to_string(),
severity: super::constraints::ConstraintSeverity::Critical,
});
constraints.push(SMTConstraint {
id: "dod_ir4_incident_handling".to_string(),
constraint_type: super::constraints::ConstraintType::Temporal,
expression: "(assert (forall ((incident SecurityIncident)) (=> (detects mission incident) (and (reports incident) (<= (response-time incident) (severity-based-sla incident.severity)) (contains incident) (eradicates incident) (recovers-from incident)))))".to_string(),
description: "DoD IR-4: Incident handling capability with timely response based on severity".to_string(),
severity: super::constraints::ConstraintSeverity::Critical,
});
constraints.push(SMTConstraint {
id: "dod_ir5_incident_monitoring".to_string(),
constraint_type: super::constraints::ConstraintType::Safety,
expression: "(assert (forall ((incident SecurityIncident)) (=> (handles mission incident) (and (tracked incident) (documented incident) (analyzed incident.impact) (maintained incident.history)))))".to_string(),
description: "DoD IR-5: Track and document security incidents with impact analysis".to_string(),
severity: super::constraints::ConstraintSeverity::High,
});
constraints.push(SMTConstraint {
id: "dod_ir6_incident_reporting".to_string(),
constraint_type: super::constraints::ConstraintType::Temporal,
expression: "(assert (forall ((incident SecurityIncident) (personnel Personnel)) (=> (and (detects personnel incident) (organizational-personnel personnel)) (<= (reporting-time personnel incident) (incident-severity-sla incident.severity)))))".to_string(),
description: "DoD IR-6: Require personnel to report suspected incidents within SLA timeframes".to_string(),
severity: super::constraints::ConstraintSeverity::High,
});
constraints.push(SMTConstraint {
id: "dod_ra3_risk_assessment".to_string(),
constraint_type: super::constraints::ConstraintType::Temporal,
expression: "(assert (and (exists ((assessment RiskAssessment)) (and (conducted assessment) (documented assessment) (<= assessment.age 31536000))) (forall ((change SignificantChange)) (=> (implements mission change) (updates assessment)))))".to_string(), description: "DoD RA-3: Conduct and document risk assessment annually and when significant changes occur".to_string(),
severity: super::constraints::ConstraintSeverity::Critical,
});
constraints.push(SMTConstraint {
id: "dod_ra5_vulnerability_monitoring".to_string(),
constraint_type: super::constraints::ConstraintType::Temporal,
expression: "(assert (forall ((system System)) (=> (manages mission system) (and (scans-vulnerabilities system) (<= system.scan_frequency 2592000) (remediates-critical-vulns system) (<= system.critical_remediation_time 259200)))))".to_string(), description: "DoD RA-5: Monitor and scan for vulnerabilities monthly, remediate critical within 72 hours".to_string(),
severity: super::constraints::ConstraintSeverity::Critical,
});
constraints.push(SMTConstraint {
id: "dod_ai_model_integrity".to_string(),
constraint_type: super::constraints::ConstraintType::Safety,
expression: "(assert (forall ((model AIModel)) (=> (deploys mission model) (and (integrity-verified model.weights) (signed model.checksum) (validated model.provenance)))))".to_string(),
description: "DoD AI Extension: AI model integrity verification and provenance validation".to_string(),
severity: super::constraints::ConstraintSeverity::Critical,
});
constraints.push(SMTConstraint {
id: "dod_ai_training_data_security".to_string(),
constraint_type: super::constraints::ConstraintType::Safety,
expression: "(assert (forall ((data TrainingData)) (=> (uses-for-training mission data) (and (classified-appropriately data) (sanitized data.sensitive_content) (access-controlled data)))))".to_string(),
description: "DoD AI Extension: Training data classification, sanitization, and access control".to_string(),
severity: super::constraints::ConstraintSeverity::Critical,
});
constraints.push(SMTConstraint {
id: "dod_ai_adversarial_robustness".to_string(),
constraint_type: super::constraints::ConstraintType::Safety,
expression: "(assert (forall ((model AIModel)) (=> (deploys mission model) (and (tested-adversarial-attacks model) (robustness-verified model) (attack-detection model)))))".to_string(),
description: "DoD AI Extension: AI models must be tested against adversarial attacks".to_string(),
severity: super::constraints::ConstraintSeverity::High,
});
constraints.push(SMTConstraint {
id: "dod_ai_explainability".to_string(),
constraint_type: super::constraints::ConstraintType::Safety,
expression: "(assert (forall ((decision AIDecision)) (=> (makes mission decision) (and (explainable decision.reasoning) (auditable decision.factors) (reviewable decision.process)))))".to_string(),
description: "DoD AI Extension: AI decisions must be explainable and auditable".to_string(),
severity: super::constraints::ConstraintSeverity::High,
});
constraints.push(SMTConstraint {
id: "dod_ai_bias_monitoring".to_string(),
constraint_type: super::constraints::ConstraintType::Temporal,
expression: "(assert (forall ((model AIModel)) (=> (deploys mission model) (and (bias-tested model) (<= model.bias_test_frequency 7776000) (bias-mitigation model)))))".to_string(), description: "DoD AI Extension: AI bias testing and mitigation every 90 days".to_string(),
severity: super::constraints::ConstraintSeverity::High,
});
Ok(constraints)
}
#[allow(dead_code)]
fn processes_personal_data(&self, _mission: &Mission) -> Result<bool> {
Ok(false)
}
fn load_gdpr_constraints() -> Vec<GDPRConstraint> {
vec![
GDPRConstraint::LawfulBasis("Legal basis required for all personal data processing - Art. 6.1".to_string()),
GDPRConstraint::PurposeLimitation("Data processing limited to specified, explicit, legitimate purposes - Art. 5.1.b".to_string()),
GDPRConstraint::DataMinimization("Data processing limited to what is adequate, relevant, and necessary - Art. 5.1.c".to_string()),
GDPRConstraint::Accuracy("Personal data must be accurate and kept up to date - Art. 5.1.d".to_string()),
GDPRConstraint::StorageLimitation("Personal data retention limited to necessary period - Art. 5.1.e".to_string()),
GDPRConstraint::IntegrityConfidentiality("Technical and organizational measures for data security - Art. 5.1.f".to_string()),
GDPRConstraint::Accountability("Controller must demonstrate compliance with GDPR principles - Art. 5.2".to_string()),
GDPRConstraint::LawfulBasis("Consent: Data subject has given consent for specific purpose - Art. 6.1.a".to_string()),
GDPRConstraint::LawfulBasis("Contract: Processing necessary for contract performance - Art. 6.1.b".to_string()),
GDPRConstraint::LawfulBasis("Legal obligation: Processing necessary for compliance with legal obligation - Art. 6.1.c".to_string()),
GDPRConstraint::LawfulBasis("Vital interests: Processing necessary to protect vital interests - Art. 6.1.d".to_string()),
GDPRConstraint::LawfulBasis("Public task: Processing necessary for public interest or official authority - Art. 6.1.e".to_string()),
GDPRConstraint::LawfulBasis("Legitimate interests: Processing necessary for legitimate interests - Art. 6.1.f".to_string()),
GDPRConstraint::LawfulBasis("Consent must be freely given, specific, informed and unambiguous - Art. 7.1".to_string()),
GDPRConstraint::LawfulBasis("Consent withdrawal must be as easy as giving consent - Art. 7.3".to_string()),
GDPRConstraint::LawfulBasis("Consent must be demonstrable by controller - Art. 7.1".to_string()),
GDPRConstraint::LawfulBasis("Consent cannot be bundled with non-essential processing - Art. 7.4".to_string()),
GDPRConstraint::DataMinimization("Special category data processing prohibited unless Art. 9.2 exception applies".to_string()),
GDPRConstraint::DataMinimization("Health data requires specific consent or medical necessity - Art. 9.2.a,h".to_string()),
GDPRConstraint::DataMinimization("Biometric data processing requires Art. 9.2.a explicit consent".to_string()),
GDPRConstraint::DataMinimization("Genetic data processing requires Art. 9.2.a explicit consent".to_string()),
GDPRConstraint::DataMinimization("Political opinions processing requires Art. 9.2.a explicit consent".to_string()),
GDPRConstraint::DataSubjectRights("Information provided in concise, transparent, intelligible form - Art. 12.1".to_string()),
GDPRConstraint::DataSubjectRights("Information provided in clear and plain language - Art. 12.1".to_string()),
GDPRConstraint::DataSubjectRights("Information provided free of charge unless excessive - Art. 12.5".to_string()),
GDPRConstraint::DataSubjectRights("Information provided without undue delay, within one month - Art. 12.3".to_string()),
GDPRConstraint::DataSubjectRights("Identity verification may be required for data subject requests - Art. 12.6".to_string()),
GDPRConstraint::DataSubjectRights("Information provided in writing or electronic form - Art. 12.1".to_string()),
GDPRConstraint::DataSubjectRights("Identity and contact details of controller must be provided - Art. 13.1.a".to_string()),
GDPRConstraint::DataSubjectRights("Contact details of DPO must be provided - Art. 13.1.b".to_string()),
GDPRConstraint::DataSubjectRights("Purposes and legal basis must be provided - Art. 13.1.c".to_string()),
GDPRConstraint::DataSubjectRights("Categories of personal data must be specified - Art. 14.1.d".to_string()),
GDPRConstraint::DataSubjectRights("Recipients or categories of recipients must be provided - Art. 13.1.e".to_string()),
GDPRConstraint::DataSubjectRights("Third country transfers and safeguards must be disclosed - Art. 13.1.f".to_string()),
GDPRConstraint::DataSubjectRights("Retention period or criteria must be provided - Art. 13.2.a".to_string()),
GDPRConstraint::DataSubjectRights("Data subject rights must be explained - Art. 13.2.b".to_string()),
GDPRConstraint::DataSubjectRights("Data subject has right to confirmation of processing - Art. 15.1".to_string()),
GDPRConstraint::DataSubjectRights("Data subject has right to access personal data - Art. 15.1".to_string()),
GDPRConstraint::DataSubjectRights("Purposes of processing must be provided - Art. 15.1.a".to_string()),
GDPRConstraint::DataSubjectRights("Categories of personal data must be provided - Art. 15.1.b".to_string()),
GDPRConstraint::DataSubjectRights("Recipients of data must be provided - Art. 15.1.c".to_string()),
GDPRConstraint::DataSubjectRights("Retention period must be provided - Art. 15.1.d".to_string()),
GDPRConstraint::DataSubjectRights("Right to rectification and erasure must be explained - Art. 15.1.e".to_string()),
GDPRConstraint::DataSubjectRights("Copy of personal data must be provided free - Art. 15.3".to_string()),
GDPRConstraint::DataSubjectRights("Data subject has right to rectification of inaccurate data - Art. 16".to_string()),
GDPRConstraint::DataSubjectRights("Data subject has right to completion of incomplete data - Art. 16".to_string()),
GDPRConstraint::DataSubjectRights("Rectification must be communicated to recipients - Art. 19".to_string()),
GDPRConstraint::DataSubjectRights("Data subject has right to erasure when purpose no longer necessary - Art. 17.1.a".to_string()),
GDPRConstraint::DataSubjectRights("Data subject has right to erasure when consent withdrawn - Art. 17.1.b".to_string()),
GDPRConstraint::DataSubjectRights("Data subject has right to erasure when data unlawfully processed - Art. 17.1.d".to_string()),
GDPRConstraint::DataSubjectRights("Data subject has right to erasure for legal compliance - Art. 17.1.c".to_string()),
GDPRConstraint::DataSubjectRights("Erasure not required when processing necessary for legal claims - Art. 17.3.e".to_string()),
GDPRConstraint::DataSubjectRights("Erasure not required when processing necessary for public interest - Art. 17.3.b".to_string()),
GDPRConstraint::DataSubjectRights("Erasure must be communicated to recipients and search engines - Art. 17.2".to_string()),
GDPRConstraint::DataSubjectRights("Data subject has right to restriction when accuracy contested - Art. 18.1.a".to_string()),
GDPRConstraint::DataSubjectRights("Data subject has right to restriction when processing unlawful - Art. 18.1.b".to_string()),
GDPRConstraint::DataSubjectRights("Data subject has right to restriction when data no longer needed but required for legal claims - Art. 18.1.c".to_string()),
GDPRConstraint::DataSubjectRights("Data subject has right to restriction when legitimate interests objection pending - Art. 18.1.d".to_string()),
GDPRConstraint::DataSubjectRights("Data subject has right to receive data in structured, machine-readable format - Art. 20.1".to_string()),
GDPRConstraint::DataSubjectRights("Data subject has right to transmit data to another controller - Art. 20.1".to_string()),
GDPRConstraint::DataSubjectRights("Portability only applies to consent or contract legal basis - Art. 20.1.a,b".to_string()),
GDPRConstraint::DataSubjectRights("Portability must not adversely affect rights of others - Art. 20.4".to_string()),
GDPRConstraint::DataSubjectRights("Data subject has right to object to legitimate interests processing - Art. 21.1".to_string()),
GDPRConstraint::DataSubjectRights("Data subject has absolute right to object to direct marketing - Art. 21.2".to_string()),
GDPRConstraint::DataSubjectRights("Controller must stop processing unless compelling legitimate grounds - Art. 21.1".to_string()),
GDPRConstraint::DataSubjectRights("Data subject has right not to be subject to automated decision-making - Art. 22.1".to_string()),
GDPRConstraint::DataSubjectRights("Automated decisions with legal effects require Art. 22.2 exception".to_string()),
GDPRConstraint::DataSubjectRights("Automated decisions require human intervention and review rights - Art. 22.3".to_string()),
GDPRConstraint::DataSubjectRights("Automated decisions cannot be based on special category data - Art. 22.4".to_string()),
GDPRConstraint::DataSubjectRights("Profiling logic and significance must be explained - Art. 22.3".to_string()),
GDPRConstraint::IntegrityConfidentiality("Technical measures implemented by design and by default - Art. 25.1".to_string()),
GDPRConstraint::IntegrityConfidentiality("Organizational measures implemented by design and by default - Art. 25.1".to_string()),
GDPRConstraint::DataMinimization("Data minimization by default - only necessary data processed - Art. 25.2".to_string()),
GDPRConstraint::IntegrityConfidentiality("Pseudonymization implemented where applicable - Art. 25.1".to_string()),
GDPRConstraint::IntegrityConfidentiality("Encryption implemented where applicable - Art. 32.1.a".to_string()),
GDPRConstraint::Accountability("Privacy impact assessments for high-risk processing - Art. 35".to_string()),
GDPRConstraint::IntegrityConfidentiality("Pseudonymization and encryption of personal data - Art. 32.1.a".to_string()),
GDPRConstraint::IntegrityConfidentiality("Ability to ensure ongoing confidentiality and integrity - Art. 32.1.b".to_string()),
GDPRConstraint::IntegrityConfidentiality("Ability to restore availability and access in timely manner - Art. 32.1.c".to_string()),
GDPRConstraint::IntegrityConfidentiality("Regular testing and evaluation of security effectiveness - Art. 32.1.d".to_string()),
GDPRConstraint::IntegrityConfidentiality("Security measures appropriate to risk level - Art. 32.1".to_string()),
GDPRConstraint::IntegrityConfidentiality("Risk assessment considers accidental or unlawful destruction - Art. 32.2".to_string()),
GDPRConstraint::IntegrityConfidentiality("Risk assessment considers loss, alteration, unauthorized disclosure - Art. 32.2".to_string()),
GDPRConstraint::IntegrityConfidentiality("All personnel with access must be under confidentiality obligation - Art. 32.4".to_string()),
GDPRConstraint::Accountability("Personal data breaches notified to supervisory authority within 72 hours - Art. 33.1".to_string()),
GDPRConstraint::Accountability("Breach notification includes nature, categories, approximate numbers - Art. 33.3.a,b".to_string()),
GDPRConstraint::Accountability("Breach notification includes likely consequences and measures taken - Art. 33.3.c,d".to_string()),
GDPRConstraint::DataSubjectRights("High-risk breaches communicated to data subjects without undue delay - Art. 34.1".to_string()),
GDPRConstraint::DataSubjectRights("Breach communication includes nature, likely consequences, measures taken - Art. 34.2".to_string()),
GDPRConstraint::Accountability("All breaches documented including facts, effects, remedial action - Art. 33.5".to_string()),
GDPRConstraint::Accountability("DPIA required for high-risk processing operations - Art. 35.1".to_string()),
GDPRConstraint::Accountability("DPIA must include systematic description of processing - Art. 35.7.a".to_string()),
GDPRConstraint::Accountability("DPIA must assess necessity and proportionality - Art. 35.7.b".to_string()),
GDPRConstraint::Accountability("DPIA must assess risks to data subject rights and freedoms - Art. 35.7.c".to_string()),
GDPRConstraint::Accountability("DPIA must include measures to address risks - Art. 35.7.d".to_string()),
GDPRConstraint::Accountability("DPO designated when core activities are regular systematic monitoring - Art. 37.1.b".to_string()),
GDPRConstraint::Accountability("DPO designated when core activities are large scale special category processing - Art. 37.1.c".to_string()),
GDPRConstraint::Accountability("DPO contact details published and communicated to supervisory authority - Art. 37.7".to_string()),
GDPRConstraint::Accountability("DPO involved in all data protection matters - Art. 38.1".to_string()),
GDPRConstraint::IntegrityConfidentiality("International transfers only to adequate countries or with safeguards - Art. 44".to_string()),
GDPRConstraint::IntegrityConfidentiality("Commission adequacy decision required for adequate country transfers - Art. 45".to_string()),
GDPRConstraint::IntegrityConfidentiality("Standard contractual clauses required for non-adequate country transfers - Art. 46.2.c".to_string()),
GDPRConstraint::IntegrityConfidentiality("Binding corporate rules may be used for intra-group transfers - Art. 47".to_string()),
GDPRConstraint::IntegrityConfidentiality("Derogations for specific situations must meet Art. 49 requirements".to_string()),
GDPRConstraint::DataSubjectRights("Data subjects must be informed of international transfers - Art. 13.1.f".to_string()),
GDPRConstraint::IntegrityConfidentiality("Appropriate safeguards must be in place for all transfers - Art. 46.1".to_string()),
GDPRConstraint::Accountability("Transfer impact assessments required for high-risk transfers - Art. 35".to_string()),
GDPRConstraint::Accountability("Processing activities records maintained by controller - Art. 30.1".to_string()),
GDPRConstraint::Accountability("Processing records include controller details, purposes, categories - Art. 30.1.a,b,c".to_string()),
GDPRConstraint::Accountability("Processing records made available to supervisory authority - Art. 30.4".to_string()),
GDPRConstraint::DataMinimization("AI training data must be minimized to necessary features only".to_string()),
GDPRConstraint::PurposeLimitation("AI model purposes must be documented and limited".to_string()),
GDPRConstraint::Accuracy("AI model outputs must have accuracy monitoring and correction mechanisms".to_string()),
GDPRConstraint::IntegrityConfidentiality("AI model weights and parameters must be protected from unauthorized access".to_string()),
GDPRConstraint::DataSubjectRights("AI decision explanations must be available to data subjects".to_string()),
GDPRConstraint::LawfulBasis("Automated profiling requires explicit consent or legitimate interests assessment".to_string()),
GDPRConstraint::StorageLimitation("AI training data must be deleted when no longer necessary for model purpose".to_string()),
GDPRConstraint::IntegrityConfidentiality("AI models must implement differential privacy where applicable".to_string()),
GDPRConstraint::Accountability("AI bias testing and mitigation must be documented and implemented".to_string()),
GDPRConstraint::DataSubjectRights("AI system must allow for data subject objection and restriction".to_string()),
GDPRConstraint::IntegrityConfidentiality("AI model updates must preserve privacy guarantees".to_string()),
GDPRConstraint::PurposeLimitation("AI model reuse for new purposes requires new legal basis".to_string()),
]
}
fn load_dod_constraints() -> Vec<DoDConstraint> {
vec![
DoDConstraint::AccessControl("AC-1: Access control policy and procedures - establish, document, implement".to_string()),
DoDConstraint::AccessControl("AC-2: Account management - identify account types, establish conditions".to_string()),
DoDConstraint::AccessControl("AC-3: Access enforcement - approve access permissions before granting".to_string()),
DoDConstraint::AccessControl("AC-4: Information flow enforcement - control information flows within system".to_string()),
DoDConstraint::AccessControl("AC-5: Separation of duties - divide duties and responsibilities".to_string()),
DoDConstraint::AccessControl("AC-6: Least privilege - employ principle of least privilege".to_string()),
DoDConstraint::AccessControl("AC-7: Unsuccessful logon attempts - enforce limit on consecutive failed attempts".to_string()),
DoDConstraint::AccessControl("AC-8: System use notification - display system use notification message".to_string()),
DoDConstraint::AccessControl("AC-11: Session lock - prevent further access by initiating session lock".to_string()),
DoDConstraint::AccessControl("AC-12: Session termination - automatically terminate user session".to_string()),
DoDConstraint::AccessControl("AC-14: Permitted actions without identification - identify user actions without identification".to_string()),
DoDConstraint::AccessControl("AC-17: Remote access - establish usage restrictions for remote access".to_string()),
DoDConstraint::AccessControl("AC-18: Wireless access - establish usage restrictions for wireless access".to_string()),
DoDConstraint::AccessControl("AC-19: Access control for mobile devices - establish usage restrictions for mobile".to_string()),
DoDConstraint::AccessControl("AC-20: Use of external systems - establish usage restrictions for external systems".to_string()),
DoDConstraint::AccessControl("AC-21: Information sharing - facilitate information sharing by enabling access".to_string()),
DoDConstraint::AccessControl("AC-22: Publicly accessible content - designate and protect publicly accessible content".to_string()),
DoDConstraint::AccessControl("AC-23: Data mining protection - employ data mining protection techniques".to_string()),
DoDConstraint::AccessControl("AC-24: Access control decisions - establish criteria for access control decisions".to_string()),
DoDConstraint::AccessControl("AC-25: Reference monitor concept - implement reference monitor concept".to_string()),
DoDConstraint::AuditAccountability("AU-1: Audit policy and procedures - establish, document, implement".to_string()),
DoDConstraint::AuditAccountability("AU-2: Event logging - determine auditable events and log them".to_string()),
DoDConstraint::AuditAccountability("AU-3: Content of audit records - generate audit records with specific content".to_string()),
DoDConstraint::AuditAccountability("AU-4: Audit log storage capacity - allocate sufficient audit log storage".to_string()),
DoDConstraint::AuditAccountability("AU-5: Response to audit logging failures - alert and take action on failures".to_string()),
DoDConstraint::AuditAccountability("AU-6: Audit record review - review and analyze audit records".to_string()),
DoDConstraint::AuditAccountability("AU-7: Audit record reduction - provide audit record reduction capability".to_string()),
DoDConstraint::AuditAccountability("AU-8: Time stamps - protect audit record time stamps".to_string()),
DoDConstraint::AuditAccountability("AU-9: Protection of audit information - protect audit information from unauthorized access".to_string()),
DoDConstraint::AuditAccountability("AU-10: Non-repudiation - protect against false denial of actions".to_string()),
DoDConstraint::AuditAccountability("AU-11: Audit record retention - retain audit records for defined period".to_string()),
DoDConstraint::AuditAccountability("AU-12: Audit record generation - provide audit record generation capability".to_string()),
DoDConstraint::AuditAccountability("AU-13: Monitoring for information disclosure - monitor for unauthorized disclosure".to_string()),
DoDConstraint::AuditAccountability("AU-14: Session audit - provide capability to include/exclude session audit".to_string()),
DoDConstraint::AuditAccountability("AU-16: Cross-organizational auditing - employ mechanisms for coordinated audit".to_string()),
DoDConstraint::IdentificationAuthentication("IA-1: Policy and procedures for identification and authentication".to_string()),
DoDConstraint::IdentificationAuthentication("IA-2: Identification and authentication for organizational users".to_string()),
DoDConstraint::IdentificationAuthentication("IA-3: Device identification and authentication".to_string()),
DoDConstraint::IdentificationAuthentication("IA-4: Identifier management - manage information system identifiers".to_string()),
DoDConstraint::IdentificationAuthentication("IA-5: Authenticator management - manage information system authenticators".to_string()),
DoDConstraint::IdentificationAuthentication("IA-6: Authentication feedback - obscure feedback during authentication".to_string()),
DoDConstraint::IdentificationAuthentication("IA-7: Cryptographic module authentication - require authentication to cryptographic module".to_string()),
DoDConstraint::IdentificationAuthentication("IA-8: Identification and authentication for non-organizational users".to_string()),
DoDConstraint::IdentificationAuthentication("IA-9: Service identification and authentication".to_string()),
DoDConstraint::IdentificationAuthentication("IA-10: Adaptive identification and authentication".to_string()),
DoDConstraint::IdentificationAuthentication("IA-11: Re-authentication - require re-authentication for privileged functions".to_string()),
DoDConstraint::IdentificationAuthentication("IA-12: Identity proofing - require identity proofing for user registrations".to_string()),
DoDConstraint::SystemIntegrity("SI-1: Policy and procedures for system and information integrity".to_string()),
DoDConstraint::SystemIntegrity("SI-2: Flaw remediation - identify, report, and correct system flaws".to_string()),
DoDConstraint::SystemIntegrity("SI-3: Malicious code protection - implement malicious code protection".to_string()),
DoDConstraint::SystemIntegrity("SI-4: System monitoring - monitor system for attacks and indicators".to_string()),
DoDConstraint::SystemIntegrity("SI-5: Security alerts and notices - receive system security alerts and advisories".to_string()),
DoDConstraint::SystemIntegrity("SI-6: Security and privacy function verification".to_string()),
DoDConstraint::SystemIntegrity("SI-7: Software, firmware, and information integrity".to_string()),
DoDConstraint::SystemIntegrity("SI-8: Spam protection - implement spam protection mechanisms".to_string()),
DoDConstraint::SystemIntegrity("SI-10: Information input validation - check validity of information inputs".to_string()),
DoDConstraint::SystemIntegrity("SI-11: Error handling - generate error messages that provide necessary information".to_string()),
DoDConstraint::SystemIntegrity("SI-12: Information handling and retention - handle and retain information".to_string()),
DoDConstraint::SystemIntegrity("SI-13: Predictable failure prevention - employ predictable failure prevention".to_string()),
DoDConstraint::SystemIntegrity("SI-14: Non-persistence - implement non-persistent system components".to_string()),
DoDConstraint::SystemIntegrity("SI-15: Information output filtering - filter information outputs".to_string()),
DoDConstraint::SystemIntegrity("SI-16: Memory protection - implement memory protection for system".to_string()),
DoDConstraint::ConfigurationManagement("CM-1: Policy and procedures for configuration management".to_string()),
DoDConstraint::ConfigurationManagement("CM-2: Baseline configuration - establish and maintain baseline configurations".to_string()),
DoDConstraint::ConfigurationManagement("CM-3: Configuration change control - control changes to system".to_string()),
DoDConstraint::ConfigurationManagement("CM-4: Impact assessments - analyze changes for security and privacy impacts".to_string()),
DoDConstraint::ConfigurationManagement("CM-5: Access restrictions for change - define, document, approve access restrictions".to_string()),
DoDConstraint::ConfigurationManagement("CM-6: Configuration settings - establish mandatory configuration settings".to_string()),
DoDConstraint::ConfigurationManagement("CM-7: Least functionality - configure system to provide essential capabilities only".to_string()),
DoDConstraint::ConfigurationManagement("CM-8: System component inventory - develop and maintain system component inventory".to_string()),
DoDConstraint::IncidentResponse("IR-1: Policy and procedures for incident response".to_string()),
DoDConstraint::IncidentResponse("IR-2: Incident response training - provide incident response training".to_string()),
DoDConstraint::IncidentResponse("IR-3: Incident response testing - test incident response capability".to_string()),
DoDConstraint::IncidentResponse("IR-4: Incident handling - implement incident handling capability".to_string()),
DoDConstraint::IncidentResponse("IR-5: Incident monitoring - track and document system security incidents".to_string()),
DoDConstraint::IncidentResponse("IR-6: Incident reporting - require personnel to report suspected incidents".to_string()),
DoDConstraint::IncidentResponse("IR-7: Incident response assistance - provide incident response support resource".to_string()),
DoDConstraint::IncidentResponse("IR-8: Incident response plan - establish incident response plan".to_string()),
DoDConstraint::IncidentResponse("IR-9: Information spillage response - respond to information spills".to_string()),
DoDConstraint::IncidentResponse("IR-10: Integrated information security analysis team".to_string()),
DoDConstraint::RiskAssessment("RA-1: Policy and procedures for risk assessment".to_string()),
DoDConstraint::RiskAssessment("RA-2: Security categorization - categorize system and information".to_string()),
DoDConstraint::RiskAssessment("RA-3: Risk assessment - conduct risk assessment and update regularly".to_string()),
DoDConstraint::RiskAssessment("RA-4: Risk assessment update - update risk assessment when significant changes".to_string()),
DoDConstraint::RiskAssessment("RA-5: Vulnerability monitoring and scanning - monitor and scan for vulnerabilities".to_string()),
DoDConstraint::RiskAssessment("RA-6: Technical surveillance countermeasures survey".to_string()),
DoDConstraint::RiskAssessment("RA-7: Risk response - respond to findings from security assessments".to_string()),
DoDConstraint::RiskAssessment("RA-8: Privacy impact assessments - conduct privacy impact assessments".to_string()),
DoDConstraint::RiskAssessment("RA-9: Criticality analysis - identify critical system components".to_string()),
DoDConstraint::RiskAssessment("RA-10: Threat hunting - employ threat hunting capability".to_string()),
]
}
fn load_hipaa_constraints() -> Vec<HIPAAConstraint> {
vec![
HIPAAConstraint::PHIProtection("All PHI must be identified and protected from unauthorized access".to_string()),
HIPAAConstraint::PatientRights("Patients have right to access, amend, and request restrictions on PHI".to_string()),
HIPAAConstraint::MinimumNecessary("Use minimum necessary PHI for intended purpose".to_string()),
HIPAAConstraint::TechnicalSafeguards("Access control, audit controls, integrity, transmission security".to_string()),
HIPAAConstraint::AdministrativeSafeguards("Security management, workforce training, incident procedures".to_string()),
HIPAAConstraint::PhysicalSafeguards("Facility access controls, workstation use, device controls".to_string()),
HIPAAConstraint::BreachNotification("Notify HHS, patients, and media within required timeframes".to_string()),
HIPAAConstraint::BusinessAssociate("BAAs required for all third-party PHI access".to_string()),
]
}
fn load_soc2_constraints() -> Vec<SOC2Constraint> {
vec![
SOC2Constraint::Security("Logical and physical access controls protect against unauthorized access".to_string()),
SOC2Constraint::Security("Information and communications protected during processing and transmission".to_string()),
SOC2Constraint::Security("System monitoring detects and prevents unauthorized access".to_string()),
SOC2Constraint::Availability("System capacity supports committed or agreed service levels".to_string()),
SOC2Constraint::Availability("System monitoring and notification procedures support availability".to_string()),
SOC2Constraint::Availability("Backup and recovery procedures support system availability".to_string()),
SOC2Constraint::ProcessingIntegrity("System processing is complete, valid, accurate, and authorized".to_string()),
SOC2Constraint::ProcessingIntegrity("Data quality controls ensure processing integrity".to_string()),
SOC2Constraint::Confidentiality("Confidential information is protected as committed or agreed".to_string()),
SOC2Constraint::Confidentiality("Confidential information disposal procedures implemented".to_string()),
SOC2Constraint::Privacy("Personal information collected, used, retained as committed or agreed".to_string()),
SOC2Constraint::Privacy("Personal information disposed of to meet privacy commitments".to_string()),
]
}
fn load_iso27001_constraints() -> Vec<ISO27001Constraint> {
vec![
ISO27001Constraint::ISMS("ISMS scope defined and documented including boundaries and applicability".to_string()),
ISO27001Constraint::ISMS("Information security policy established and communicated".to_string()),
ISO27001Constraint::RiskManagement("Risk assessment methodology established and applied".to_string()),
ISO27001Constraint::RiskManagement("Risk treatment plan implemented and monitored".to_string()),
ISO27001Constraint::SecurityControls("A.9 Access Control: User access management and privileged access".to_string()),
ISO27001Constraint::SecurityControls("A.10 Cryptography: Cryptographic key management".to_string()),
ISO27001Constraint::SecurityControls("A.11 Physical Security: Secure areas and equipment protection".to_string()),
ISO27001Constraint::SecurityControls("A.12 Operations Security: Operational procedures and malware protection".to_string()),
ISO27001Constraint::SecurityControls("A.13 Communications Security: Network security and information transfer".to_string()),
ISO27001Constraint::SecurityControls("A.14 System Acquisition: Security in development and support processes".to_string()),
ISO27001Constraint::ContinualImprovement("PDCA cycle implemented for ISMS continual improvement".to_string()),
ISO27001Constraint::ContinualImprovement("Management review conducted at planned intervals".to_string()),
ISO27001Constraint::DocumentationControl("ISMS documentation controlled and maintained".to_string()),
ISO27001Constraint::DocumentationControl("Records of conformity maintained and protected".to_string()),
]
}
fn load_pci_constraints() -> Vec<PCIDSSConstraint> {
vec![
PCIDSSConstraint::NetworkSecurity("Install and maintain firewall configuration to protect cardholder data".to_string()),
PCIDSSConstraint::NetworkSecurity("Do not use vendor-supplied defaults for system passwords and security parameters".to_string()),
PCIDSSConstraint::DataProtection("Protect stored cardholder data with encryption and key management".to_string()),
PCIDSSConstraint::DataProtection("Encrypt transmission of cardholder data across open, public networks".to_string()),
PCIDSSConstraint::VulnerabilityManagement("Protect all systems against malware and regularly update anti-virus".to_string()),
PCIDSSConstraint::VulnerabilityManagement("Develop and maintain secure systems and applications".to_string()),
PCIDSSConstraint::AccessControl("Restrict access to cardholder data by business need-to-know".to_string()),
PCIDSSConstraint::AccessControl("Identify and authenticate access to system components".to_string()),
PCIDSSConstraint::NetworkMonitoring("Restrict physical access to cardholder data environment".to_string()),
PCIDSSConstraint::NetworkMonitoring("Track and monitor all access to network resources and cardholder data".to_string()),
PCIDSSConstraint::SecurityTesting("Regularly test security systems and processes".to_string()),
PCIDSSConstraint::InformationSecurity("Maintain policy that addresses information security for all personnel".to_string()),
]
}
pub fn generate_hipaa_constraints(&self, _mission: &Mission) -> Result<Vec<SMTConstraint>> {
let mut constraints = Vec::new();
constraints.push(SMTConstraint {
id: "hipaa_phi_identification".to_string(),
constraint_type: super::constraints::ConstraintType::Safety,
expression: "(assert (forall ((data HealthData)) (=> (processes mission data) (and (identified-as-phi data) (protected data) (access-controlled data)))))".to_string(),
description: "HIPAA: All PHI must be identified and protected".to_string(),
severity: super::constraints::ConstraintSeverity::Critical,
});
constraints.push(SMTConstraint {
id: "hipaa_minimum_necessary".to_string(),
constraint_type: super::constraints::ConstraintType::Safety,
expression: "(assert (forall ((phi PHI) (purpose Purpose)) (=> (uses mission phi purpose) (minimal-necessary phi purpose))))".to_string(),
description: "HIPAA: Use only minimum necessary PHI for intended purpose".to_string(),
severity: super::constraints::ConstraintSeverity::Critical,
});
constraints.push(SMTConstraint {
id: "hipaa_access_control".to_string(),
constraint_type: super::constraints::ConstraintType::Safety,
expression: "(assert (forall ((user User) (phi PHI)) (=> (accesses user phi) (and (assigned-unique-id user) (role-based-access user phi) (logged-access user phi)))))".to_string(),
description: "HIPAA Technical: Unique user identification and role-based PHI access".to_string(),
severity: super::constraints::ConstraintSeverity::Critical,
});
constraints.push(SMTConstraint {
id: "hipaa_encryption_at_rest".to_string(),
constraint_type: super::constraints::ConstraintType::Safety,
expression: "(assert (forall ((phi PHI)) (=> (stores mission phi) (encrypted-at-rest phi))))".to_string(),
description: "HIPAA Technical: PHI must be encrypted when stored".to_string(),
severity: super::constraints::ConstraintSeverity::Critical,
});
constraints.push(SMTConstraint {
id: "hipaa_encryption_in_transit".to_string(),
constraint_type: super::constraints::ConstraintType::Safety,
expression: "(assert (forall ((phi PHI) (transmission Transmission)) (=> (transmits mission phi transmission) (encrypted-in-transit transmission))))".to_string(),
description: "HIPAA Technical: PHI must be encrypted during transmission".to_string(),
severity: super::constraints::ConstraintSeverity::Critical,
});
constraints.push(SMTConstraint {
id: "hipaa_patient_access_right".to_string(),
constraint_type: super::constraints::ConstraintType::Temporal,
expression: "(assert (forall ((patient Patient) (request AccessRequest)) (=> (requests patient mission request) (<= (response-time request) 2592000))))".to_string(), description: "HIPAA Privacy: Patients have right to access their PHI within 30 days".to_string(),
severity: super::constraints::ConstraintSeverity::High,
});
Ok(constraints)
}
pub fn generate_soc2_constraints(&self, _mission: &Mission) -> Result<Vec<SMTConstraint>> {
let mut constraints = Vec::new();
constraints.push(SMTConstraint {
id: "soc2_security_access_controls".to_string(),
constraint_type: super::constraints::ConstraintType::Safety,
expression: "(assert (forall ((access SystemAccess)) (=> (grants mission access) (and (authorized access) (authenticated access) (monitored access)))))".to_string(),
description: "SOC 2 Security: Logical and physical access controls implemented".to_string(),
severity: super::constraints::ConstraintSeverity::Critical,
});
constraints.push(SMTConstraint {
id: "soc2_security_encryption".to_string(),
constraint_type: super::constraints::ConstraintType::Safety,
expression: "(assert (forall ((data SensitiveData)) (=> (processes mission data) (and (encrypted-at-rest data) (encrypted-in-transit data) (key-management data)))))".to_string(),
description: "SOC 2 Security: Data encryption at rest and in transit with key management".to_string(),
severity: super::constraints::ConstraintSeverity::Critical,
});
constraints.push(SMTConstraint {
id: "soc2_availability_uptime".to_string(),
constraint_type: super::constraints::ConstraintType::Temporal,
expression: "(assert (>= system.uptime_percentage 99.9))".to_string(),
description: "SOC 2 Availability: System availability meets committed service levels (99.9%)".to_string(),
severity: super::constraints::ConstraintSeverity::High,
});
constraints.push(SMTConstraint {
id: "soc2_availability_monitoring".to_string(),
constraint_type: super::constraints::ConstraintType::Safety,
expression: "(assert (forall ((system System)) (=> (operates mission system) (and (monitored system.performance) (alerting system.failures) (backup-recovery system)))))".to_string(),
description: "SOC 2 Availability: Performance monitoring, alerting, and backup/recovery".to_string(),
severity: super::constraints::ConstraintSeverity::High,
});
constraints.push(SMTConstraint {
id: "soc2_integrity_completeness".to_string(),
constraint_type: super::constraints::ConstraintType::Safety,
expression: "(assert (forall ((processing DataProcessing)) (=> (performs mission processing) (and (complete processing) (accurate processing) (authorized processing)))))".to_string(),
description: "SOC 2 Processing Integrity: Data processing is complete, accurate, and authorized".to_string(),
severity: super::constraints::ConstraintSeverity::High,
});
Ok(constraints)
}
pub fn generate_iso27001_constraints(&self, _mission: &Mission) -> Result<Vec<SMTConstraint>> {
let mut constraints = Vec::new();
constraints.push(SMTConstraint {
id: "iso27001_isms_scope".to_string(),
constraint_type: super::constraints::ConstraintType::Safety,
expression: "(assert (exists ((isms ISMS)) (and (defined isms.scope) (documented isms.scope) (implemented isms.scope))))".to_string(),
description: "ISO 27001 4.3: ISMS scope defined, documented, and implemented".to_string(),
severity: super::constraints::ConstraintSeverity::Critical,
});
constraints.push(SMTConstraint {
id: "iso27001_risk_assessment".to_string(),
constraint_type: super::constraints::ConstraintType::Temporal,
expression: "(assert (and (exists ((assessment InfoSecRiskAssessment)) (conducted assessment)) (<= assessment.age 31536000)))".to_string(), description: "ISO 27001 6.1.2: Information security risk assessment conducted annually".to_string(),
severity: super::constraints::ConstraintSeverity::Critical,
});
let iso_control_categories = vec!["access_control", "cryptography", "physical_security", "operations_security", "communications_security", "system_acquisition", "supplier_relationships", "incident_management", "business_continuity", "compliance"];
for category in iso_control_categories {
constraints.push(SMTConstraint {
id: format!("iso27001_control_{}", category),
constraint_type: super::constraints::ConstraintType::Safety,
expression: format!("(assert (forall ((control {}) (system System)) (=> (implements mission system) (implemented-control system control))))", category.to_uppercase().replace('_', "")),
description: format!("ISO 27001 Annex A: {} controls implemented", category.replace('_', " ")),
severity: super::constraints::ConstraintSeverity::High,
});
}
Ok(constraints)
}
pub fn generate_pci_constraints(&self, _mission: &Mission) -> Result<Vec<SMTConstraint>> {
let mut constraints = Vec::new();
constraints.push(SMTConstraint {
id: "pci_req3_data_protection".to_string(),
constraint_type: super::constraints::ConstraintType::Safety,
expression: "(assert (forall ((chd CardholderData)) (=> (stores mission chd) (and (encrypted chd) (key-managed chd) (access-controlled chd)))))".to_string(),
description: "PCI-DSS Req 3: Protect stored cardholder data with encryption and key management".to_string(),
severity: super::constraints::ConstraintSeverity::Critical,
});
constraints.push(SMTConstraint {
id: "pci_req3_data_retention".to_string(),
constraint_type: super::constraints::ConstraintType::Temporal,
expression: "(assert (forall ((chd CardholderData)) (=> (stores mission chd) (and (business-justified chd.retention) (<= chd.retention_period chd.business_requirement)))))".to_string(),
description: "PCI-DSS Req 3.1: Keep cardholder data storage to minimum for business requirements".to_string(),
severity: super::constraints::ConstraintSeverity::High,
});
constraints.push(SMTConstraint {
id: "pci_req4_encryption_transit".to_string(),
constraint_type: super::constraints::ConstraintType::Safety,
expression: "(assert (forall ((transmission CHDTransmission)) (=> (transmits mission transmission) (and (encrypted transmission) (strong-cryptography transmission) (secure-protocols transmission)))))".to_string(),
description: "PCI-DSS Req 4: Encrypt cardholder data transmission over open networks".to_string(),
severity: super::constraints::ConstraintSeverity::Critical,
});
constraints.push(SMTConstraint {
id: "pci_req7_need_to_know".to_string(),
constraint_type: super::constraints::ConstraintType::Safety,
expression: "(assert (forall ((user User) (chd CardholderData)) (=> (accesses user chd) (and (business-need user chd) (role-appropriate user chd) (documented user.access_justification)))))".to_string(),
description: "PCI-DSS Req 7: Restrict access to cardholder data by business need-to-know".to_string(),
severity: super::constraints::ConstraintSeverity::Critical,
});
constraints.push(SMTConstraint {
id: "pci_req8_unique_ids".to_string(),
constraint_type: super::constraints::ConstraintType::Safety,
expression: "(assert (forall ((user User)) (=> (accesses-cardholder-data user mission) (and (unique-id user) (strong-authentication user) (multi-factor-auth user)))))".to_string(),
description: "PCI-DSS Req 8: Unique IDs and strong authentication for cardholder data access".to_string(),
severity: super::constraints::ConstraintSeverity::Critical,
});
constraints.push(SMTConstraint {
id: "pci_req10_logging".to_string(),
constraint_type: super::constraints::ConstraintType::Safety,
expression: "(assert (forall ((access CHDAccess)) (=> (performs mission access) (and (logged access.user) (logged access.timestamp) (logged access.action) (logged access.result)))))".to_string(),
description: "PCI-DSS Req 10: Log all access to cardholder data and system components".to_string(),
severity: super::constraints::ConstraintSeverity::Critical,
});
constraints.push(SMTConstraint {
id: "pci_req10_log_review".to_string(),
constraint_type: super::constraints::ConstraintType::Temporal,
expression: "(assert (forall ((log SecurityLog)) (=> (generates mission log) (and (<= log.review_frequency 86400) (documented log.review_results)))))".to_string(), description: "PCI-DSS Req 10.6: Review security logs daily and document results".to_string(),
severity: super::constraints::ConstraintSeverity::High,
});
constraints.push(SMTConstraint {
id: "pci_req11_vulnerability_scans".to_string(),
constraint_type: super::constraints::ConstraintType::Temporal,
expression: "(assert (forall ((system CardholderSystem)) (=> (manages mission system) (and (quarterly-internal-scans system) (annual-external-scans system) (penetration-testing system)))))".to_string(),
description: "PCI-DSS Req 11: Quarterly vulnerability scans and annual penetration testing".to_string(),
severity: super::constraints::ConstraintSeverity::High,
});
Ok(constraints)
}
}
pub struct StandardsComplianceVerifier {
constraint_generator: StandardsConstraintGenerator,
smt_solver: Box<dyn SMTSolver>,
}
impl StandardsComplianceVerifier {
pub fn new(smt_solver: Box<dyn SMTSolver>) -> Self {
Self {
constraint_generator: StandardsConstraintGenerator::new(),
smt_solver,
}
}
pub async fn verify_compliance(&self, mission: &Mission) -> Result<StandardsComplianceResult> {
let mut all_constraints = Vec::new();
let mut applicable_standards = Vec::new();
let standards_to_check = self.determine_applicable_standards(mission)?;
for standard in &standards_to_check {
applicable_standards.push(standard.clone());
let constraints = match standard {
StandardsFramework::GDPR => {
self.constraint_generator.generate_gdpr_constraints(mission)?
},
StandardsFramework::DoD => {
self.constraint_generator.generate_dod_constraints(mission)?
},
StandardsFramework::HIPAA => {
self.constraint_generator.generate_hipaa_constraints(mission)?
},
StandardsFramework::SOC2 => {
self.constraint_generator.generate_soc2_constraints(mission)?
},
StandardsFramework::ISO27001 => {
self.constraint_generator.generate_iso27001_constraints(mission)?
},
StandardsFramework::PciDss => {
self.constraint_generator.generate_pci_constraints(mission)?
},
_ => {
Vec::new()
}
};
all_constraints.extend(constraints);
}
let smt_result = self.smt_solver.solve(&all_constraints)?;
let violations = self.analyze_violations(&smt_result, &all_constraints)?;
let evidence = self.generate_certification_evidence(&smt_result, &all_constraints)?;
Ok(StandardsComplianceResult {
overall_compliant: violations.is_empty() && smt_result.satisfiable,
mission_id: mission.name.clone(),
verification_timestamp: Utc::now(),
applicable_standards,
violations,
certification_evidence: evidence,
})
}
fn determine_applicable_standards(&self, mission: &Mission) -> Result<Vec<StandardsFramework>> {
let mut standards = Vec::new();
standards.push(StandardsFramework::ISO27001);
if self.involves_eu_personal_data(mission)? {
standards.push(StandardsFramework::GDPR);
}
if self.involves_government_data(mission)? {
standards.push(StandardsFramework::DoD);
}
Ok(standards)
}
fn involves_eu_personal_data(&self, mission: &Mission) -> Result<bool> {
let mut eu_data_indicators = 0;
for step in &mission.steps {
if let Ok(params_json) = serde_json::to_string(&step.parameters) {
let params_lower = params_json.to_lowercase();
if params_lower.contains("eu-") ||
params_lower.contains("europa") ||
params_lower.contains(".eu") {
eu_data_indicators += 1;
}
let gdpr_data_types = [
"email", "name", "address", "phone", "ip_address",
"biometric", "genetic", "health", "racial", "political",
"religious", "union", "sexual", "criminal", "location"
];
for data_type in gdpr_data_types {
if params_lower.contains(data_type) {
eu_data_indicators += 1;
}
}
let eu_regions = [
"eu-west", "eu-central", "eu-north", "eu-south",
"ireland", "germany", "france", "netherlands",
"stockholm", "milan", "london", "frankfurt"
];
for region in eu_regions {
if params_lower.contains(region) {
eu_data_indicators += 1;
}
}
if params_lower.contains("gdpr") ||
params_lower.contains("data_subject") ||
params_lower.contains("consent") {
eu_data_indicators += 2; }
}
}
if let Some(description) = mission.description.as_ref() {
let desc_lower = description.to_lowercase();
if desc_lower.contains("eu") ||
desc_lower.contains("europe") ||
desc_lower.contains("gdpr") {
eu_data_indicators += 1;
}
}
let involves_eu_data = eu_data_indicators >= 3;
if involves_eu_data {
tracing::info!("Mission '{}' involves EU personal data (indicators: {})",
mission.name, eu_data_indicators);
}
Ok(involves_eu_data)
}
fn involves_government_data(&self, mission: &Mission) -> Result<bool> {
let mut gov_data_indicators = 0;
for step in &mission.steps {
if let Ok(params_json) = serde_json::to_string(&step.parameters) {
let params_lower = params_json.to_lowercase();
let gov_domains = [
".gov", ".mil", ".state.", "federal", "department",
"agency", "bureau", "commission", "administration"
];
for domain in gov_domains {
if params_lower.contains(domain) {
gov_data_indicators += 2; }
}
let gov_classifications = [
"classified", "secret", "top_secret", "confidential",
"cui", "pii", "phi", "fisma", "fedramp", "nist"
];
for classification in gov_classifications {
if params_lower.contains(classification) {
gov_data_indicators += 1;
}
}
let gov_systems = [
"clearance", "security_level", "authorization",
"compliance", "audit", "federal", "state", "local"
];
for system in gov_systems {
if params_lower.contains(system) {
gov_data_indicators += 1;
}
}
let gov_agencies = [
"dod", "defense", "homeland", "dhs", "fbi", "cia",
"nsa", "treasury", "irs", "census", "veterans", "va"
];
for agency in gov_agencies {
if params_lower.contains(agency) {
gov_data_indicators += 2;
}
}
}
}
if let Some(description) = mission.description.as_ref() {
let desc_lower = description.to_lowercase();
if desc_lower.contains("government") ||
desc_lower.contains("federal") ||
desc_lower.contains("public sector") ||
desc_lower.contains("compliance") {
gov_data_indicators += 1;
}
}
let name_lower = mission.name.to_lowercase();
if name_lower.contains("gov") ||
name_lower.contains("federal") ||
name_lower.contains("compliance") ||
name_lower.contains("audit") {
gov_data_indicators += 1;
}
let involves_gov_data = gov_data_indicators >= 2;
if involves_gov_data {
tracing::info!("Mission '{}' involves government data (indicators: {})",
mission.name, gov_data_indicators);
}
Ok(involves_gov_data)
}
fn analyze_violations(&self, smt_result: &SMTResult, _constraints: &[SMTConstraint]) -> Result<Vec<ComplianceViolation>> {
let mut violations = Vec::new();
if !smt_result.satisfiable {
violations.push(ComplianceViolation {
standard: StandardsFramework::GDPR,
article_section: "Art. 6".to_string(),
violation_type: "Legal basis missing".to_string(),
severity: ComplianceViolationLevel::Critical,
description: "No legal basis found for personal data processing".to_string(),
remediation: "Establish legal basis under GDPR Art. 6.1".to_string(),
smt_proof: smt_result.model.clone().unwrap_or_default(),
});
}
Ok(violations)
}
fn generate_certification_evidence(&self, smt_result: &SMTResult, constraints: &[SMTConstraint]) -> Result<CertificationEvidence> {
Ok(CertificationEvidence {
smt_proofs: vec![smt_result.model.clone().unwrap_or_default()],
constraint_hashes: constraints.iter().map(|c| self.hash_constraint(c)).collect(),
audit_trail_hash: self.generate_audit_hash(smt_result)?,
verification_signature: self.sign_verification(smt_result)?,
standards_versions: self.get_standards_versions(),
})
}
fn hash_constraint(&self, constraint: &SMTConstraint) -> String {
format!("hash:{}", constraint.id)
}
fn generate_audit_hash(&self, _result: &SMTResult) -> Result<String> {
Ok("audit_hash_placeholder".to_string())
}
fn sign_verification(&self, _result: &SMTResult) -> Result<String> {
Ok("signature_placeholder".to_string())
}
fn get_standards_versions(&self) -> HashMap<StandardsFramework, String> {
let mut versions = HashMap::new();
versions.insert(StandardsFramework::GDPR, "2018".to_string());
versions.insert(StandardsFramework::DoD, "NIST SP 800-53 Rev 5".to_string());
versions
}
}
#[cfg(test)]
mod tests {
use super::*;
use crate::smt::solver::Z3Solver;
#[test]
fn test_standards_constraint_generation() {
let generator = StandardsConstraintGenerator::new();
let mission = crate::engine::Mission {
name: "test".to_string(),
description: Some("test mission".to_string()),
version: "1.0".to_string(),
steps: vec![],
config: None,
};
let gdpr_constraints = generator.generate_gdpr_constraints(&mission).unwrap();
assert!(!gdpr_constraints.is_empty());
let dod_constraints = generator.generate_dod_constraints(&mission).unwrap();
assert!(!dod_constraints.is_empty());
let hipaa_constraints = generator.generate_hipaa_constraints(&mission).unwrap();
assert!(!hipaa_constraints.is_empty());
let soc2_constraints = generator.generate_soc2_constraints(&mission).unwrap();
assert!(!soc2_constraints.is_empty());
let iso27001_constraints = generator.generate_iso27001_constraints(&mission).unwrap();
assert!(!iso27001_constraints.is_empty());
let pci_constraints = generator.generate_pci_constraints(&mission).unwrap();
assert!(!pci_constraints.is_empty());
}
#[tokio::test]
async fn test_compliance_verification() {
let solver = Box::new(Z3Solver::new(5000));
let verifier = StandardsComplianceVerifier::new(solver);
let mission = crate::engine::Mission {
name: "test".to_string(),
description: Some("test mission".to_string()),
version: "1.0".to_string(),
steps: vec![],
config: None,
};
let result = verifier.verify_compliance(&mission).await.unwrap();
assert!(result.overall_compliant); }
}