Skip to main content
U.S. flag

An official website of the United States government

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Secure .gov websites use HTTPS
A lock ( ) or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.

The Bugs Framework

The Bugs Framework (BF) is a structured, complete, orthogonal, and language-independent classification of software weaknesses (bugs). Each BF class, such as Injection (INJ) or Memory Use Bugs (MUS), is a taxonomic category of a kind of bugs, defined by all possible cause to consequence transitions, a set of operations, and a set of attributes. BF allows unambiguous descriptions of software vulnerabilities.

Continue to The Bugs Framework website.

Created May 15, 2021, Updated May 17, 2021