A New View on Classification of Software Vulnerability Mitigation Methods
Software vulnerability mitigation is a well-known research area, and many methods have been proposed for it. Some papers try to classify these methods from different specific points of views. In this paper, we aggregate all proposed classifications and present a comprehensive classification of vulnerability mitigation methods. We define software vulnerability as a kind of software fault, and correspond the classes of software vulnerability mitigation methods accordingly. In this paper, the software vulnerability mitigation methods are classified into vulnerability prevention, vulnerability tolerance, vulnerability removal and vulnerability forecasting. We define each vulnerability mitigation method in our new point of view and indicate some methods for each class. Our general point of view helps to consider all of the proposed methods in this review. We also identify the fault mitigation methods that might be effective in mitigating the software vulnerabilities but are not yet applied in this area. Based on that, new directions are suggested for the future research.
