Bug, Fault, Error, or Weakness: Demystifying Software Security Vulnerabilities

被引:6
|
作者
Bojanova, Irena [1 ]
Galhardo, Carlos Eduardo C. [2 ]
机构
[1] Natl Inst Stand & Technol NIST, Gaithersburg, MD 20899 USA
[2] INME TRO, BR-25250020 Duque De Caxias, RJ, Brazil
来源
IT PROFESSIONAL | 2023年 / 25卷 / 01期
关键词
Software testing; Computer bugs; Taxonomy; NIST; Chatbots; Software debugging; Cognition; DEFECT;
D O I
10.1109/MITP.2023.3238631
中图分类号
TP [自动化技术、计算机技术];
学科分类号
0812 ;
摘要
In this work, we define the notions of software bug, weakness, and vulnerability in the context of cybersecurity and elucidate their causal relations.
引用
收藏
页码:7 / 12
页数:6
相关论文
共 50 条
  • [1] Mining Bug Databases for Unidentified Software Vulnerabilities
    Wijayasekara, Dumidu
    Manic, Milos
    Wright, Jason L.
    McQueen, Miles
    [J]. 2012 5TH INTERNATIONAL CONFERENCE ON HUMAN SYSTEM INTERACTIONS (HSI 2012), 2012, : 89 - 96
  • [2] Labeling Software Security Vulnerabilities
    Bojanova, Irena
    Guerrerio, John J.
    [J]. IT PROFESSIONAL, 2023, 25 (05) : 64 - 70
  • [3] Software Metrics as Indicators of Security Vulnerabilities
    Medeiros, Nadia
    Ivaki, Naghmeh
    Costa, Pedro
    Vieira, Marco
    [J]. 2017 IEEE 28TH INTERNATIONAL SYMPOSIUM ON SOFTWARE RELIABILITY ENGINEERING (ISSRE), 2017, : 216 - 227
  • [4] The Research on Software Security Vulnerabilities Mining
    Liu Shuyu
    Kong Weiguang
    Yang Diwei
    [J]. PROCEEDINGS OF THE INTERNATIONAL CONFERENCE ON TECHNOLOGY MANAGEMENT AND INNOVATION (TMI 2010), 2010, : 333 - 335
  • [5] On the Detection and Analysis of Software Security Vulnerabilities
    Wijesiriwardana, Chaman
    Wimalaratne, Prasad
    [J]. 2017 IEEE INTERNATIONAL CONFERENCE ON IOT AND ITS APPLICATIONS (IEEE ICIOT), 2017,
  • [6] Software Security Vulnerabilities: Baselining and Benchmarking
    Rotella, Pete
    [J]. 2018 IEEE/ACM 1ST INTERNATIONAL WORKSHOP ON SECURITY AWARENESS FROM DESIGN TO DEPLOYMENT (SEAD), 2018, : 3 - 10
  • [7] On the Emulation of Vulnerabilities through Software Fault Injection
    Cerveira, Frederico
    Barbosa, Raul
    Mercier, Marta
    Madeira, Henrique
    [J]. 2017 13TH EUROPEAN DEPENDABLE COMPUTING CONFERENCE (EDCC 2017), 2017, : 73 - 78
  • [8] A Study of Security Vulnerabilities and Software Weaknesses in Vehicles
    Xiong, Wenjun
    Gulsever, Melek
    Kaya, Koray Mustafa
    Lagerstrom, Robert
    [J]. SECURE IT SYSTEMS, NORDSEC 2019, 2019, 11875 : 204 - 218
  • [9] Software Security Vulnerabilities Seen As Feature Interactions
    Jourdan, Guy-Vincent
    [J]. FEATURE INTERACTIONS IN SOFTWARE AND COMMUNICATION SYSTEMS X, 2009, : 149 - 159
  • [10] Mapping Software Faults with Web Security Vulnerabilities
    Fonseca, Jose
    Vieira, Marco
    [J]. 2008 IEEE INTERNATIONAL CONFERENCE ON DEPENDABLE SYSTEMS & NETWORKS WITH FTCS & DCC, 2008, : 257 - +
12345