BF Vulnerability Model
Irena Bojanova, PI & Lead, NIST Bugs Framework (BF), 2014 – ~~~~ #

The BF software security vulnerability model is presented on Figure 1. Following the BF definitions of bug, fault, error, and weakness, a software security vulnerability is modeled as a causal chain of underlying weaknesses that leads to a security failure. A security bug causes the first weakness, leading to an error. This error becomes the cause (i.e., the fault) for a next weakness and propagates through subsequent weaknesses until a final exploitable error is reached, causing the security failure.

Figure 1. The BF Vulnerability Model -- a chain of improper states (each with one at least ), leading to a security failure..

An exploitation of a vulnerability may result in a fault causing a next vulnerability of only fault type weaknesses – see the propagation through a failure on Figure 2. The bug in the first vulnerability must be fixed to avoid the failure. Occasionally, for an exploit to be harmful, several vulnerabilities must converge at their final exploitable errors – see the converging chains on Figure 2. The bug in at least one of the chains must be fixed to avoid the failure.

Figure 2. BF Vulnerability State Model of propagating and/or conveging vulnerabilities..