BF Vulnerability Specification Model
Irena Bojanova, Inventor/Creator, PI & Lead, NIST Bugs Framework (BF), 2014 – ~~~~
The BF software security vulnerability specification model is presented on Figure 1. Following the BF definitions of bug, fault, error, and weakness, a software security vulnerability is modeled as a causal chain of underlying weaknesses that leads to a security failure. A security bug causes the first weakness, leading to an error. This error becomes the cause (i.e., the fault) for a next weakness and propagates through subsequent weaknesses until a final/exploitable error is reached, causing the security failure.
The bug is an improper opration. A fault is an improper operand. The operation defect type can be code or specification. The operand fault type can be name, data, type, address, or size. ‘Name’ is about a resolved or bound object, function, data type, or namespace; ‘data’, ‘type’, ‘address’, and ‘size’ are about an object.
Exploitation of a vulnerability may result in a fault causing a next vulnerability of only fault type weaknesses. The bug in the first vulnerability must be fixed to avoid the failure. Occasionally, for an exploit to be harmful, several vulnerabilities must converge at their final errors. The bug in at least one of the chains must be fixed to avoid the failure.