Studying software vulnerabilities

Robin A. Gandhi, Harvey Siy, Yan Wu

Research output: Contribution to journalArticlepeer-review

8 Scopus citations


There have been several research efforts to enumerate and categorize software weaknesses that lead to vulnerabilities. To consolidate these efforts, the Common Weakness Enumeration (CWE) is a community-developed dictionary of software weakness types and their relationships. Yet, using the CWE to study and prevent vulnerabilities in specific software projects is difficult. This article presents a novel approach for using the CWE to organize and integrate the vulnerability information recorded in large project repositories.

Original languageEnglish (US)
Pages (from-to)16-20
Number of pages5
Issue number9-10
StatePublished - 2010

ASJC Scopus subject areas

  • Software
  • Human-Computer Interaction


Dive into the research topics of 'Studying software vulnerabilities'. Together they form a unique fingerprint.

Cite this