A new method to construct the software vulnerability model

With the development of information technology, software plays an increasingly important role in the process of social development. However, at the same time, the number of software vulnerabilities is growing, posing a threat to national security and social stability. Therefore, some scholars and research institutions are paying their attention to the study of software vulnerability. In this paper, we propose a new vulnerability model construction method by considering the vulnerability causes and characteristics. Firstly, the causes and characteristics of software vulnerability are analyzed, and a formal vulnerability model is also established. Based on the causes and characteristics of software vulnerability, we establish the vulnerability model using the extended chemical abstract machine and deduce the software vulnerability through a formal method. We verified the effectiveness and efficiency of the proposed model using software vulnerability datasets. In addition, a prototype system is also designed and implemented. Experimental results show that the proposed model is more effective than other methods in the detection of software vulnerabilities.