BF Challenges – Contribute your time and tallent!
Irena Bojanova, PI & Lead, NIST Bugs Framework (BF), 2014 – ~~~~

CWE2BF challenge: Create CWE2BF mappings and unambigous BFCWE specifications. Start creating matrices of meaningful (cause, operation, consequence) BF weakness triples. BFCVE challenge: Create a comprehensively labeled dataset of software security vulnerability specifications using BF’s formalism (taxonomy and LL(1) formal grammar) . BF Backtracking: Create tools bactracking from failure to bug utilizing the BE taxonomy, and causation and propagation rules - including BF matrices of meaningful (cause, operation, conseqeunce) weakness triples. BFAI: Create ML & AI tools for automated generation of unambiguous BFCVE vulnerability specifications.

  1. I. Bojanova, ML & AI Generated Formal Software Security Vulnerability Specifications, NIST Building the Future (BTF), July, 2023

  2. I. Bojanova, An Ontology of Software and Firmware Bugs and Weaknesses & a Repository of Formally Described Software and Firmware Security Vulnerabilities, NIST CHIPS Metrology R&D Program, February, 2023

//to be added//