Reading Club, A Taxonomy Of Computer Program Security Flaws

Image by Helena Cuerva from Pixabay


In this week’s reading club, we recommend paper (23 pages long), A Taxonomy of Computer Program Security Flaws, with Examples by Carl E. Landwehr, Alan R. Bull, John P. McDermott, and William S. Choi.

If you want to learn about application security, by example, this paper is for you.

Taxonomy (noun) — a system for naming and organizing things, especially plants and animals, into groups that share similar qualities [source].

You will find fifty examples of security flaws classified by:

  • Genesis — malicious, intentional, incongruity
  • Time — during development, maintenance, operation
  • Location — software, hardware

Originally published at on June 26, 2020.




Founder of Tentamen, software testing agency.

Love podcasts or audiobooks? Learn on the go with our new app.

Recommended from Medium

Zain never refunds ,Mobily fool me around — which carriers An expatriate should choose in the…

RVSM Monitoring Frequently Asked Questions

BANANO Community Event: Predict Copa America & UEFA Euro (30k BAN and cryptomonKeys NFTs prizes!)

X Swap Protocol

Calaxy Joins hashport’s Validator Swarm

Agnostic Cloud Security controls from Microsoft

HTTPS on GitHub Pages with a Custom Domain

{UPDATE} Linda's Cases: Brighton's Hidden Secrets Hack Free Resources Generator

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store
Karlo Smid

Karlo Smid

Founder of Tentamen, software testing agency.

More from Medium

The Journey from Manual to Automation — Part Two

Open Source Assessment Use Case: TETRA™ detected significant improvements in the quality of the…

Intetics’ TETRA™ performed an in-depth audit and assessment of the product in order to measure technical debts, evaluate product efficiency, and rate compliance with industry standards.

Enterprise Continuous Testing in 1500 words

Security Testing: the QE perspective