PV4 ⊧ CloudFORMALchecks common security best-practices and user-specified queries of a cloud configuration

Application domain/field

Infrastructure as Code (IaC)
Security analysis
Configuration files
Cloud infrastructure

Type of tool

Security analyser?

Expected input

cfn (CloudFormation) configuration file

Format:

.json file

Expected output

.owl file that can be opened, navigated and queried in Protégé. The models are automatically checked against common security best-practices. For each of these properties it will determine whether it is TRUE, FALSE or UNKNOWN. These results are outputted in a .csv file.

Internals

Encodes AWS CloudFormation templates into Description Logic models.

Security

Last publication date

15 July 2021

ProVerB specific

Markdown description: view/edit
Contained in the ProVerB22 dataset (paper + artefact)

Program
Verification
Book

PV4 ⊧ CloudFORMALchecks common security best-practices and user-specified queries of a cloud configuration

Application domain/field

Type of tool

Expected input

Expected output

Internals

Links

Related papers

Last publication date

ProVerB specific

ProgramVerificationBook

PV4 ⊧ CloudFORMALchecks common security best-practices and user-specified queries of a cloud configuration

Application domain/field

Type of tool

Expected input

Expected output

Internals

Links

Related papers

Last publication date

ProVerB specific

Program
Verification
Book