Schema for NIST reporting format, as described at http://samate.nist.gov/SATE.html Severity on the scale 1 (high) to 5 (low) Probability that the problem is a true positive, from 0 to 1 Tool specific rank for the problem; the scale must be specified separately Human evaluation of the issue; not considered to be part of tool output Severity on the scale 1 (high) to 5 (low) (DEPRECATED) Human analysis will tell whether this is a false-positive (1) or not (0) Human analysis will tell whether the weakness is relevant to security (true), requires attention (poor quality) but may not be relevant to security (quality), exists but is insignificant (insignificant), could not be confirmed (unknown) or is not a weakness (false)