BF Tool for Formal Specification of Security Vulnerabilities
Irena Bojanova, Inventor/Creator, PI & Lead, NIST Bugs Framework (BF), 2014 – ~~~

The BF tool is a GUI application that works with both the BF relational database and the BF in XML or JSON format; the latter is useful when the database is unavailable \cite{BFTool}. It allows users to create a new BF CVE specification, save it as a machine-readable {\fontfamily{pcr}\selectfont \small .bfcve} file, and open and browse previously created {\fontfamily{pcr}\selectfont \small .bfcve} specifications \cite{labelingDatasets}.

The BF Tool APIs allow downloas of the BF GUI Tool

The BF GUI Tool demonstrates how the BF taxonomy and causation and propagation rules tie together into the strict BF formal language. It uses the BFVUL tool functionality to generate graphical representations of the BF formal specifications to enhance understanding.


BF CITATION:
Bojanova I (2024) Bugs Framework (BF): Formalizing Cybersecurity Weaknesses and Vulnerabilities. (National Institute of Standards and Technology, Gaithersburg, MD), NIST Special Publication (SP), NIST SP 800-231. https://doi.org/10.6028/NIST.SP.800-231