About CWESourcesA number of external sources have been used to help build and compile the CWE List over the years. Taxonomies
Taxonomies
Seven Pernicious Kingdoms: A Taxonomy of Software Security Errors This paper aims to help developers and security practitioners understand common types of coding errors that lead to vulnerabilities. By organizing these errors into a simple taxonomy, it is possible to teach developers to recognize categories of problems that lead to vulnerabilities and identify existing errors as they build software. - Katrina Tsipenyuk, Brian Chess, Gary McGraw, NIST Workshop on Software Security Assurance Tools, Techniques, and Metrics, Long Beach, CA, November 2005. PDF of
Paper (73 KB) The CLASP Application Security Process CLASP (Comprehensive, Lightweight Application Security Process) provides a well-organized and structured approach for moving security concerns into the early stages of the software development lifecycle, whenever possible. - John Viega, Secure Software, Inc., 2005. PDF of Paper (1.5 MB) The Preliminary List of Vulnerability Examples for Researchers (PLOVER) As part of MITRE's participation in the NIST workshops in support of the Software Assurance Metrics and Tool Evaluation (SAMATE) project, some work that started many years ago based on MITRE's work in assigning CVE names to publicly known vulnerabilities was pulled together and presented as input to the Common Weakness Enumeration initiative. In addition to an informal taxonomy, PLOVER includes concepts for a general "vulnerability theory," identification of research gaps, discussion of terminology, and a mapping from PLOVER categories to 1500 CVE names, including an index of hard-to-classify examples. - Steve Christey, NIST Workshop Defining the State of the Art of Software Security Tools, Gaithersburg, MD, August 2005. PDF of Paper (358 KB) The Ten Most Critical Web Application Security Vulnerabilities The Open Web Application Security Project (OWASP) is dedicated to helping organizations understand and improve the security of their web applications and web services. This list was created to focus corporations and government agencies on the most serious of these vulnerabilities. It represents the combined wisdom of OWASP experts, whose experience includes many years of application security work for governments, financial services, pharmaceuticals and manufacturing, as well as developing tools and technology. - The Open Web Application Security Project (OWASP), January 2004. PDF of
Paper (from here) The Web Security Threat Classification The Web Security Threat Classification is a cooperative effort to clarify and organize the threats to the security of a web site. The members of the Web Application Security Consortium have created this project to develop and promote industry standard terminology for describing these issues. Application developers, security professionals, software vendors, and compliance auditors will have the ability to access a consistent language for web security related issues.- Web Application Security Consortium, November 2005. PDF of
Paper (from here) 19 Deadly Sins of Software Security Programming Flaws and How to Fix Them This book is for software developers--regardless of platform, language, or type of application--outlines the "19 deadly sins" of software security and shows how to fix each one. - Michael Howard, David LeBlanc, John Viega, McGraw-Hill Osborne Media, ISBN: 0-07-226085-8, July 2005. PDF of Taxonomy's Graphical Tree (12 KB) A Software Flaw Taxonomy: Aiming Tools at Security In this paper, the authors have coalesced previous efforts to categorize security problems as well as incident reports in order to create a security flaw taxonomy. The authors correlate this taxonomy with available information about current high-priority security threats, and make observations regarding the results. The authors also suggest that this taxonomy is suitable for tool developers and to outline possible areas of future research. - Sam Weber, Paul A. Karger, Amit Paradkar, IBM Research Division, Software Engineering at Secure Systems - Building Trustworthy Applications (SESS'05) St. Louis, Missouri, June 2005. PDF of
Paper (128 KB) A Taxonomy of Security Faults in the UNIX Operating System This thesis defines a classification of security faults in the Unix operating system and the criteria used to categorize the faults and present the different fault types. - Taimur Aslam, Purdue University, August 1995. PDF of Paper (556 KB) A Taxonomy of UNIX System and Network Vulnerabilities This paper builds on prior work to present another taxonomy, and argue that this classification scheme highlights characteristics of the vulnerabilities it classifies in a more useful way than other work. The unique contribution of this work is an analysis of how to use the Protection Analysis work to improve security of existing systems, and how to write programs with minimal exploitable security flaws. - Matt Bishop, Department of Computer Science University of California at Davis, CSE-95-10, May 1995. PDF of Paper (100 KB) A Taxonomy of Computer Program Security Flaws, with Examples This paper provides a taxonomy for computer program security flaws together with an appendix that carefully documents 50 actual security flaws. These flaws have all been described previously in the open literature, but in widely separated places. For those new to the field of computer security, they provide a good introduction to the characteristics of security flaws and how they can arise. - Carl E. Landwehr, Alan R. Bull, John P. McDermott, William S. Choi, Center for Computer High Assurance Systems Information Technology Division, NRL/FR/5542--93-9591, November 1993. PDF of Paper (220 KB) Protection Analysis: Final Report The Protection Analysis project was initiated at ISA by ARPA IPTO to further understand operating system security vulnerabilities and, where possible, identify automatable techniques for detecting such vulnerabilities in existing system software. - Richard Bisbey and Dennis Hollingworth, Information Sciences Institute, University of Southern California, ARPA ORDER NO. 2223, ISI/SR-78-13 May 1978. PDF of Paper (3.2 MB) The RISOS Project: Security Analysis and Enhancements of Computer Operating Systems The protection of computer resources, data of value, and individual privacy has motivated a concern for security of EDP installations, especially of the operating systems. In this report, three commercial operating systems are analyzed and security enhancements suggested. Because of the similarity of operating systems and their security problems, specific security flaws are formally classified according to a taxonomy developed here. This classification leads to a clearer understanding of security flaws and aids in analyzing new systems. - Robert P. Abbott, Janet S. Chin, James. E. Donnelley, William L. Konigsford, Shigeru Tokubo, and Douglas A. Webb, Lawrence Livermore Laboratory TR NBSIR-76-1041, April 1976. PDF of Paper (4 MB) Papers
Papers
|