stella-ops.org/git.stella-ops.org
1
0
Fork 0
Code Issues Pull Requests Actions 2 Releases Wiki Activity
Files
7f865d7bc7f38a5ba17f2557580d8db9c8893bd7
git.stella-ops.org/docs/features/unchecked/binaryindex/binary-intelligence-graph-binary-identity-indexing.md

2.1 KiB
Raw Blame History

Binary Intelligence Graph / Binary Identity Indexing

Module

BinaryIndex

Status

IMPLEMENTED

Description

Complete BinaryIndex module with binary identity indexing, ELF feature extraction, vulnerability fingerprint matching, and reachability status tracking. Advisory marked as SUPERSEDED by this implementation.

Implementation Details

  • Modules: src/BinaryIndex/__Libraries/StellaOps.BinaryIndex.Core/, src/BinaryIndex/__Libraries/StellaOps.BinaryIndex.Persistence/, src/BinaryIndex/__Libraries/StellaOps.BinaryIndex.Analysis/
  • Key Classes:
    • BinaryIdentityService (src/BinaryIndex/__Libraries/StellaOps.BinaryIndex.Core/Services/BinaryIdentityService.cs) - binary identity management
    • ElfFeatureExtractor (src/BinaryIndex/__Libraries/StellaOps.BinaryIndex.Core/Services/ElfFeatureExtractor.cs) - ELF feature extraction
    • BinaryVulnerabilityService (src/BinaryIndex/__Libraries/StellaOps.BinaryIndex.Persistence/Services/BinaryVulnerabilityService.cs) - vulnerability matching with Build-ID catalog lookups
    • SignatureMatcher (src/BinaryIndex/__Libraries/StellaOps.BinaryIndex.Analysis/SignatureMatcher.cs) - signature-based vulnerability fingerprint matching
    • ReachGraphBinaryReachabilityService (src/BinaryIndex/__Libraries/StellaOps.BinaryIndex.Analysis/ReachGraphBinaryReachabilityService.cs) - reachability status tracking
  • Models: BinaryIdentity, FixModels (src/BinaryIndex/__Libraries/StellaOps.BinaryIndex.Core/Models/)
  • Persistence: IBinaryVulnAssertionRepository, IBinaryVulnerabilityService (src/BinaryIndex/__Libraries/StellaOps.BinaryIndex.Core/Services/)

E2E Test Plan

  • Verify end-to-end flow: submit binary, extract identity, index in the graph, and query by Build-ID
  • Verify vulnerability fingerprint matching via SignatureMatcher returns correct match scores
  • Verify reachability status tracking integrates with ReachGraph
  • Verify BinaryVulnerabilityService correctly maps match methods (buildid_catalog, delta_signature, etc.)
  • Verify binary identity indexing supports multi-tenant contexts via ITenantContext