| Objective | This view (graph) attempts to classify weaknesses based on their inherent characteristics, in a way that is as independent of particular languages, technologies, and frameworks as possible. Ideally, it will only cover weakness-to-weakness relationships, with minimal overlap. Its development is borrowing from - and contributing to - vulnerability theory, which will help CWE become more consistent. Once stable, this hierarchy should be useful in mapping to CWE and identifying theoretical gaps. |