PV4 CloudFORMALchecks common security best-practices and user-specified queries of a cloud configuration

Application domain/field

Type of tool

Security analyser?

Expected input

cfn (CloudFormation) configuration file

Format:

.json file

Expected output

.owl file that can be opened, navigated and queried in Protégé. The models are automatically checked against common security best-practices. For each of these properties it will determine whether it is TRUE, FALSE or UNKNOWN. These results are outputted in a .csv file.

Internals

Encodes AWS CloudFormation templates into Description Logic models.
Security

Links

Repository: https://github.com/claudiacauli/CloudFORMAL

Last commit date

25 February 2021

Related papers

https://doi.org/10.1007/978-3-030-81685-8_36 (CAV '21)

Last publication date

15 July 2021

ProVerB specific

View/edit source (Markdown)



ProVerB is a part of SLEBoK. Last updated: July 2022.