<p>Vulnerabilities discovered in software are not only due to programming errors but also due to designflaws. There are a number of methods to avoid design flaws which are all manual processes and needexpertise. We believe that the study of models of classes of vulnerabilities would give developerssufficient knowledge in how to avoid these vulnerabilities. A model of class of vulnerability can alsohelp in the decision making process during the software development process.In this thesis, we present a procedure for modeling a class of vulnerabilities given instances ofVulnerability Cause Graphs (VCGs). Using VCGs will structure the representation of causes tovulnerabilities.The approach presented in this thesis makes it possible to divide the work of modeling a class ofvulnerability without any permanent dependence on any specific persons. The approach is also flexible enough to accommodate new causes of vulnerabilities in software when being discovered.</p>
Identifer | oai:union.ndltd.org:UPSALLA/oai:DiVA.org:liu-51854 |
Date | January 2009 |
Creators | Hiran, Rahul |
Source Sets | DiVA Archive at Upsalla University |
Language | English |
Detected Language | English |
Type | Student thesis, text |
Page generated in 0.0056 seconds