Implemented defenses should show "and" instead of "or"

[kityansiu]

In DeliveryDrone.aadl:

			actuation: system Actuation
			{
				-- VERDICT Component Properties
				CASE_Consolidated_Properties::componentType => Hardware;
				CASE_Consolidated_Properties::hasSensitiveInfo => true;
				CASE_Consolidated_Properties::insideTrustedBoundary => true;
				CASE_Consolidated_Properties::pedigree => InternallyDeveloped;

				
				-- VERDICT Cyber Defense and DAL Mitigations
				CASE_Consolidated_Properties::physicalAccessControl => 7;
				CASE_Consolidated_Properties::supplyChainSecurity => 7;
				CASE_Consolidated_Properties::systemAccessControl => 7;
			};

MBAA Result (Security Failure Paths tab) shows the following in the Implemented Defenses column:

But it should really be: actuation:physicalAccessControl and systemAccessControl.

It's currently displaying "or" because it is reading the following from Defenses.csv:

Have to modify Defenses.csv, or think of some other way to read that both defenses are listed under actuation in the aadl file.

[AbhaMoitra]

If you look at lines 8 and 9 in the Defenses.csv shown in the screen capture above, they are both "correct" representation. Each line of this file is related to a Capec on a component/connection and for it the ApplicableDefenseProperties as well as the information about presence of those properties in the implementation is presented. If for a Capec we have "A or B" as mitigation then they will appear over 2 lines in Defenses.csv. If both "A" and "B" are implemented in the AADL model then SOTERIA++ needs to reflect that in the console output.

A simple solution would be for SOTERIA++ to use "and" instead of "or" in "Implemented Defenses" if multiple items are present.