Causes, classification, and criticality of information system software vulnerabilities
Objective . The purpose of this paper is to describe the causes of software vulnerabilities, as well as their classification. Eliminating the ambiguity of the concept of software vulnerability criticality. Method . Analysis of existing approaches to the assessment, classification, and identification...
Saved in:
| Published in | Vestnik Dagestanskogo gosudarstvennogo tehničeskogo universiteta. Tehničeskie nauki (Online) Vol. 52; no. 2; pp. 98 - 106 |
|---|---|
| Main Author | |
| Format | Journal Article |
| Language | English |
| Published |
10.08.2025
|
| Online Access | Get full text |
| ISSN | 2073-6185 2542-095X 2542-095X |
| DOI | 10.21822/2073-6185-2025-52-2-98-106 |
Cover
| Summary: | Objective . The purpose of this paper is to describe the causes of software vulnerabilities, as well as their classification. Eliminating the ambiguity of the concept of software vulnerability criticality. Method . Analysis of existing approaches to the assessment, classification, and identification of software vulnerabilities. Modeling, building a UML model, and describing an algorithm. Result. A definition of the criticality of a software vulnerability is proposed. The causes of the software are partially described, and the existing classification of software vulnerabilities is expanded. An example of assessing the criticality of software vulnerabilities based on calculated metrics is given. An example of vulnerability metrics evaluation and prioritization is given. The UML model and vulnerability assessment algorithm are presented. Conclusion . The results of the conducted research expand the list of indicators and the subject area of the description of software vulnerabilities. |
|---|---|
| ISSN: | 2073-6185 2542-095X 2542-095X |
| DOI: | 10.21822/2073-6185-2025-52-2-98-106 |