Bug, Fault, Error, or Weakness: Demystifying Software Security Vulnerabilities

被引:6
|
作者
Bojanova, Irena [1 ]
Galhardo, Carlos Eduardo C. [2 ]
机构
[1] Natl Inst Stand & Technol NIST, Gaithersburg, MD 20899 USA
[2] INME TRO, BR-25250020 Duque De Caxias, RJ, Brazil
来源
IT PROFESSIONAL | 2023年 / 25卷 / 01期
关键词
Software testing; Computer bugs; Taxonomy; NIST; Chatbots; Software debugging; Cognition; DEFECT;
D O I
10.1109/MITP.2023.3238631
中图分类号
TP [自动化技术、计算机技术];
学科分类号
0812 ;
摘要
In this work, we define the notions of software bug, weakness, and vulnerability in the context of cybersecurity and elucidate their causal relations.
引用
收藏
页码:7 / 12
页数:6
相关论文
共 50 条
  • [31] Assessing and Extracting Software Security Vulnerabilities in SOFL Formal Specifications
    Emeka, Busalire Onesmus
    Liu, Shaoying
    [J]. 2018 INTERNATIONAL CONFERENCE ON ELECTRONICS, INFORMATION, AND COMMUNICATION (ICEIC), 2018, : 374 - 377
  • [32] Automated Risk Management Based Software Security Vulnerabilities Management
    Althar, Raghavendra Rao
    Samanta, Debabrata
    Kaur, Manjit
    Singh, Dilbag
    Lee, Heung-No
    [J]. IEEE ACCESS, 2022, 10 : 90597 - 90608
  • [33] On the Design of IoT Security: Analysis of Software Vulnerabilities for Smart Grids
    Mathas, Christos-Minas
    Vassilakis, Costas
    Kolokotronis, Nicholas
    Zarakovitis, Charilaos C.
    Kourtis, Michail-Alexandros
    [J]. ENERGIES, 2021, 14 (10)
  • [34] Improving Software Security by Eliminating the CWE Top 25 Vulnerabilities
    Howard, Michael
    [J]. IEEE SECURITY & PRIVACY, 2009, 7 (03) : 68 - 71
  • [35] Mining the Categorized Software Repositories to Improve the Analysis of Security Vulnerabilities
    Sadeghi, Alireza
    Esfahani, Naeem
    Malek, Sam
    [J]. FUNDAMENTAL APPROACHES TO SOFTWARE ENGINEERING, FASE 2014, 2014, 8411 : 155 - 169
  • [36] An Approach to Obtain Software Security Vulnerabilities Based on Vertical Search
    Li, Xiaohong
    Hu, Chang
    Feng, Zhiyong
    Du, Hongwei
    Ding, Ganggang
    [J]. MEMS, NANO AND SMART SYSTEMS, PTS 1-6, 2012, 403-408 : 3203 - 3206
  • [37] The Security Weakness of Block Cipher Piccolo against Fault Analysis
    Song, Junghwan
    Lee, Kwanhyung
    Jung, Younghoon
    [J]. INTERNATIONAL JOURNAL OF DISTRIBUTED SENSOR NETWORKS, 2014,
  • [38] Using Fault Screeners for Software Error Detection
    Abreu, Rui
    Gonzalez, Alberto
    Zoeteweij, Peter
    van Gemund, Arjan J. C.
    [J]. EVALUATION OF NOVEL APPROACHES TO SOFTWARE ENGINEERING, 2010, 69 : 60 - 74
  • [39] A case study in detecting software security vulnerabilities using constraint optimization
    Weber, M
    Shah, V
    Ren, C
    [J]. FIRST IEEE INTERNATIONAL WORKSHOP ON SOURCE CODE ANALYSIS AND MANIPULATION, PROCEEDINGS, 2001, : 1 - 11
  • [40] A Double-Edged Sword? Software Reuse and Potential Security Vulnerabilities
    Gkortzis, Antonios
    Feitosa, Daniel
    Spinellis, Diomidis
    [J]. REUSE IN THE BIG DATA ERA, 2019, 11602 : 187 - 203
12345