27 lines
1.5 KiB
Markdown
27 lines
1.5 KiB
Markdown
# Falsification Conditions Per Finding
|
|
|
|
## Module
|
|
Scanner
|
|
|
|
## Status
|
|
IMPLEMENTED
|
|
|
|
## Description
|
|
Each vulnerability finding includes falsification conditions -- specific criteria that would disprove the finding, enabling evidence-based triage and automatic dismissal when conditions are met.
|
|
|
|
## Implementation Details
|
|
- **Core Models**:
|
|
- `src/Scanner/__Libraries/StellaOps.Scanner.Core/Models/FalsificationConditions.cs` - Falsification conditions model attached to findings
|
|
- **Falsifiability Generation**:
|
|
- `src/Scanner/__Libraries/StellaOps.Scanner.Explainability/Falsifiability/FalsifiabilityGenerator.cs` - Generates falsification criteria per finding
|
|
- `src/Scanner/__Libraries/StellaOps.Scanner.Explainability/Falsifiability/FalsifiabilityCriteria.cs` - Criteria model defining what would disprove a finding
|
|
- **DSSE Integration**:
|
|
- `src/Scanner/__Libraries/StellaOps.Scanner.Explainability/Dsse/ExplainabilityPredicateSerializer.cs` - Serializes falsification conditions in DSSE predicates
|
|
|
|
## E2E Test Plan
|
|
- [ ] Scan an image and verify vulnerability findings include falsification conditions
|
|
- [ ] Verify falsification criteria specify concrete conditions (e.g., "function X is not called", "package Y is not in runtime classpath")
|
|
- [ ] Verify automatic dismissal occurs when falsification conditions are met by evidence (e.g., reachability proves function is unreachable)
|
|
- [ ] Verify falsification conditions are serialized in explainability predicates
|
|
- [ ] Verify triage UI displays falsification conditions to help analysts evaluate findings
|