stella-ops.org/git.stella-ops.org
1
0
Fork 0
Code Issues Pull Requests Actions 2 Releases Wiki Activity
Files
fa4823f46c4bc090294580a9136fb6b0e11e50f9
git.stella-ops.org/docs/features/unchecked/signals/sbom-to-symbol-component-reachability-mapping.md

1.6 KiB
Raw Blame History

SBOM-to-symbol component reachability mapping

Module

Signals

Status

IMPLEMENTED

Description

SBOM correlation and function-level proof linking services map symbols to SBOM components and generate reachability facts.

Implementation Details

  • Modules: src/Signals/StellaOps.Signals/Services/
  • Key Classes:
    • SbomCorrelationService (src/Signals/StellaOps.Signals/Services/ISbomCorrelationService.cs) - correlates call-graph symbols with SBOM component identifiers
    • FuncProofLinkingService (src/Signals/StellaOps.Signals/Services/IFuncProofLinkingService.cs) - links function-level evidence to SBOM components for reachability proof
    • HotSymbolsController (src/Signals/StellaOps.Signals/Api/HotSymbolsController.cs) - API for querying hot (reachable) symbols mapped to SBOM components
    • HotSymbolIndex (src/Signals/StellaOps.Signals/Models/HotSymbolIndex.cs) - index of frequently called/reachable symbols
  • Interfaces: ISbomCorrelationService, IFuncProofLinkingService
  • Source: Feature matrix scan

E2E Test Plan

  • Ingest a call graph and an SBOM, then verify SbomCorrelationService maps symbols to their SBOM components
  • Verify FuncProofLinkingService generates function-level reachability proof linking symbols to components
  • Query hot symbols via HotSymbolsController and verify reachable symbols are returned with their SBOM component references
  • Verify mapping accuracy: submit a known symbol and confirm it maps to the correct SBOM package
  • Verify unmapped symbols are flagged as unknown components