Research on Design Vulnerabilities Class
设计类脆弱性研究

This paper analyzes the existing taxonomies of software vulnerability. For Unix/Linux operation systerm, this paper proposes two-dimensional taxonomy of software vulnerability based on location and cause attributes,and describes the classification scheme of software vulnerabilities according to their cause. Design vulnerabilities class is an important class of vulnerabilites, but no existing classification identifies the types of design vulnerabilities in further detail yet. This paper elaborates on the aspect of research on design vulnerabilities and proposes the classification schema which divides design vulnerabilities into following subclasses: limit vulnerabilities, unsatisfied requirement vul- nerabilities, security design vulnerabilities, exception handling vulnerabilities, restricted function vulnerabilities and random result vulnerabilities. This paper gives the definition and typical examples of every subclass.