OverviewTopPackageElement
Security Vulnerability Scoring Definition ABE UML Documentation
Summary:AttributesPropertiesDetail:Attributes
Enterprise Domain::Enterprise Risk ABE::Enterprise Security ABE::Security Vulnerability ABE::Security Vulnerability Scoring Definition ABE
Class SecVulnerabilityScoringMetricDefn

The definition of a metric which may be categorized into three groups (Base, Temporal, and Environmental). These three groups are further decomposed into groupings for exploitability and/or impact which define metrics used to score vulnerability severity.

Notes: For example, Base Metrics are grouped into Base Exploitability and Base Impact Metrics. Base Exploitability Metrics include Access Vector, Authentication, and Access Complexity Metrics.

Attributes
CompositeSecVulScoringMetricDefn compositeSecVulScoringMetricDefn compositeSecVulScoringMetricDefn
String datatype datatype

A kind of value that the associated SecVulnerabilityScoringMetricValueDefn can take on, such as numeric, text, and so forth.
String description description

A narrative that explains the purpose of the of the SecVulnerabilityMetricDefn.
String name name

A word, term, or phrase by which the SecVulnerabilityMetricDefn is known and distinguished from other SecVulnerabilityMetricDefns.


Notes: The name for the metric may be assigned by NIST. Examples include Base Metrics, Temporal Metrics, Environmental Metrics, Exploitability and Impact Metrics.

Integer scoringSequence scoringSequence

The order in which the score for the metric is calculated. This ensures that a metric's score upon which another is dependent is calculated first.

Notes: For example, the Base Exploitability Score is calculated after the Access Vector, Authentication, and Access Complexity scores are calculated. Also, the Base Score has to be calculated from the Base Metrics before scoring the Temporal and/or Environmental Metrics.

SecVulnerabilityMetricValueDefn secVulnerabilityMetricValueDefn secVulnerabilityMetricValueDefn
SecVulnerabilityScoringMetricDefnAssignment secVulnerabilityScoringDefnMetric secVulnerabilityScoringDefnMetric
«baseType» TimePeriod validFor validFor

The period of time for which a SecVulnerabilityMetricDefn is applicable.


Properties:
Alias
Classifier Behavior
Is Abstracttrue
Is Activefalse
Is Leaffalse
Keywords
NameSecVulnerabilityScoringMetricDefn
Name Expression
NamespaceSecurity Vulnerability Scoring Definition ABE
Owned Template Signature
OwnerSecurity Vulnerability Scoring Definition ABE
Owning Template Parameter
PackageSecurity Vulnerability Scoring Definition ABE
Qualified NameSID Models::Enterprise Domain::Enterprise Risk ABE::Enterprise Security ABE::Security Vulnerability ABE::Security Vulnerability Scoring Definition ABE::SecVulnerabilityScoringMetricDefn
Representation
Stereotype
Template Parameter
VisibilityPublic

Attribute Details

 compositeSecVulScoringMetricDefn 
Public CompositeSecVulScoringMetricDefn compositeSecVulScoringMetricDefn
Constraints:
Properties:

AggregationNone
Alias
AssociationCompositeSecVulScoringMetricDefnComprisedOf
Association End
ClassSecVulnerabilityScoringMetricDefn
Datatype
Default
Default Value
Is Compositefalse
Is Derivedfalse
Is Derived Unionfalse
Is Leaffalse
Is Orderedfalse
Is Read Onlyfalse
Is Staticfalse
Is Uniquetrue
Keywords
Lower0
Lower Value(0)
Multiplicity0..1
NamecompositeSecVulScoringMetricDefn
Name Expression
NamespaceSecVulnerabilityScoringMetricDefn
OppositesecVulnerabilityScoringMetricDefn
OwnerSecVulnerabilityScoringMetricDefn
Owning Association
Owning Template Parameter
Qualified NameSID Models::Enterprise Domain::Enterprise Risk ABE::Enterprise Security ABE::Security Vulnerability ABE::Security Vulnerability Scoring Definition ABE::SecVulnerabilityScoringMetricDefn::compositeSecVulScoringMetricDefn
Stereotype
Template Parameter
TypeCompositeSecVulScoringMetricDefn
Upper1
Upper Value(1)
VisibilityPublic

 datatype 
Public String datatype

A kind of value that the associated SecVulnerabilityScoringMetricValueDefn can take on, such as numeric, text, and so forth.

Constraints:
Properties:

AggregationNone
Alias
Association
Association End
ClassSecVulnerabilityScoringMetricDefn
Datatype
Default
Default Value
Is Compositefalse
Is Derivedfalse
Is Derived Unionfalse
Is Leaffalse
Is Orderedfalse
Is Read Onlyfalse
Is Staticfalse
Is Uniquetrue
Keywords
Lower1
Lower Value
MultiplicityNone (1)
Namedatatype
Name Expression
NamespaceSecVulnerabilityScoringMetricDefn
Opposite
OwnerSecVulnerabilityScoringMetricDefn
Owning Association
Owning Template Parameter
Qualified NameSID Models::Enterprise Domain::Enterprise Risk ABE::Enterprise Security ABE::Security Vulnerability ABE::Security Vulnerability Scoring Definition ABE::SecVulnerabilityScoringMetricDefn::datatype
Stereotyperequired
Template Parameter
TypeString
Upper1
Upper Value
VisibilityPublic

 description 
Public String description

A narrative that explains the purpose of the of the SecVulnerabilityMetricDefn.

Constraints:
Properties:

AggregationNone
Alias
Association
Association End
ClassSecVulnerabilityScoringMetricDefn
Datatype
Default
Default Value
Is Compositefalse
Is Derivedfalse
Is Derived Unionfalse
Is Leaffalse
Is Orderedfalse
Is Read Onlyfalse
Is Staticfalse
Is Uniquetrue
Keywords
Lower1
Lower Value
MultiplicityNone (1)
Namedescription
Name Expression
NamespaceSecVulnerabilityScoringMetricDefn
Opposite
OwnerSecVulnerabilityScoringMetricDefn
Owning Association
Owning Template Parameter
Qualified NameSID Models::Enterprise Domain::Enterprise Risk ABE::Enterprise Security ABE::Security Vulnerability ABE::Security Vulnerability Scoring Definition ABE::SecVulnerabilityScoringMetricDefn::description
Stereotyperequired
Template Parameter
TypeString
Upper1
Upper Value
VisibilityPublic

 name 
Public String name

A word, term, or phrase by which the SecVulnerabilityMetricDefn is known and distinguished from other SecVulnerabilityMetricDefns.


Notes: The name for the metric may be assigned by NIST. Examples include Base Metrics, Temporal Metrics, Environmental Metrics, Exploitability and Impact Metrics.

Constraints:
Properties:

AggregationNone
Alias
Association
Association End
ClassSecVulnerabilityScoringMetricDefn
Datatype
Default
Default Value
Is Compositefalse
Is Derivedfalse
Is Derived Unionfalse
Is Leaffalse
Is Orderedfalse
Is Read Onlyfalse
Is Staticfalse
Is Uniquetrue
Keywords
Lower1
Lower Value
MultiplicityNone (1)
Namename
Name Expression
NamespaceSecVulnerabilityScoringMetricDefn
Opposite
OwnerSecVulnerabilityScoringMetricDefn
Owning Association
Owning Template Parameter
Qualified NameSID Models::Enterprise Domain::Enterprise Risk ABE::Enterprise Security ABE::Security Vulnerability ABE::Security Vulnerability Scoring Definition ABE::SecVulnerabilityScoringMetricDefn::name
Stereotyperequired
Template Parameter
TypeString
Upper1
Upper Value
VisibilityPublic

 scoringSequence 
Public Integer scoringSequence

The order in which the score for the metric is calculated. This ensures that a metric's score upon which another is dependent is calculated first.

Notes: For example, the Base Exploitability Score is calculated after the Access Vector, Authentication, and Access Complexity scores are calculated. Also, the Base Score has to be calculated from the Base Metrics before scoring the Temporal and/or Environmental Metrics.

Constraints:
Properties:

AggregationNone
Alias
Association
Association End
ClassSecVulnerabilityScoringMetricDefn
Datatype
Default
Default Value
Is Compositefalse
Is Derivedfalse
Is Derived Unionfalse
Is Leaffalse
Is Orderedfalse
Is Read Onlyfalse
Is Staticfalse
Is Uniquetrue
Keywords
Lower1
Lower Value
MultiplicityNone (1)
NamescoringSequence
Name Expression
NamespaceSecVulnerabilityScoringMetricDefn
Opposite
OwnerSecVulnerabilityScoringMetricDefn
Owning Association
Owning Template Parameter
Qualified NameSID Models::Enterprise Domain::Enterprise Risk ABE::Enterprise Security ABE::Security Vulnerability ABE::Security Vulnerability Scoring Definition ABE::SecVulnerabilityScoringMetricDefn::scoringSequence
Stereotype
Template Parameter
TypeInteger
Upper1
Upper Value
VisibilityPublic

 secVulnerabilityMetricValueDefn 
Public SecVulnerabilityMetricValueDefn secVulnerabilityMetricValueDefn
Constraints:
Properties:

AggregationNone
Alias
AssociationSecVulnerabilityScoringMetricDefnTakesOn
Association End
ClassSecVulnerabilityScoringMetricDefn
Datatype
Default
Default Value
Is Compositefalse
Is Derivedfalse
Is Derived Unionfalse
Is Leaffalse
Is Orderedfalse
Is Read Onlyfalse
Is Staticfalse
Is Uniquetrue
Keywords
Lower0
Lower Value(0)
Multiplicity*
NamesecVulnerabilityMetricValueDefn
Name Expression
NamespaceSecVulnerabilityScoringMetricDefn
OppositesecVulnerabilityScoringMetricDefn
OwnerSecVulnerabilityScoringMetricDefn
Owning Association
Owning Template Parameter
Qualified NameSID Models::Enterprise Domain::Enterprise Risk ABE::Enterprise Security ABE::Security Vulnerability ABE::Security Vulnerability Scoring Definition ABE::SecVulnerabilityScoringMetricDefn::secVulnerabilityMetricValueDefn
Stereotype
Template Parameter
TypeSecVulnerabilityMetricValueDefn
Upper*
Upper Value(*)
VisibilityPublic

 secVulnerabilityScoringDefnMetric 
Public SecVulnerabilityScoringMetricDefnAssignment secVulnerabilityScoringDefnMetric
Constraints:
Properties:

AggregationNone
Alias
AssociationSecVulnerabilityScoringMetricDefnDescribes
Association End
ClassSecVulnerabilityScoringMetricDefn
Datatype
Default
Default Value
Is Compositefalse
Is Derivedfalse
Is Derived Unionfalse
Is Leaffalse
Is Orderedfalse
Is Read Onlyfalse
Is Staticfalse
Is Uniquetrue
Keywords
Lower0
Lower Value(0)
Multiplicity*
NamesecVulnerabilityScoringDefnMetric
Name Expression
NamespaceSecVulnerabilityScoringMetricDefn
OppositesecVulnerabilityScoringMetricDefn
OwnerSecVulnerabilityScoringMetricDefn
Owning Association
Owning Template Parameter
Qualified NameSID Models::Enterprise Domain::Enterprise Risk ABE::Enterprise Security ABE::Security Vulnerability ABE::Security Vulnerability Scoring Definition ABE::SecVulnerabilityScoringMetricDefn::secVulnerabilityScoringDefnMetric
Stereotype
Template Parameter
TypeSecVulnerabilityScoringMetricDefnAssignment
Upper*
Upper Value(*)
VisibilityPublic

 validFor 
Public «baseType» TimePeriod validFor

The period of time for which a SecVulnerabilityMetricDefn is applicable.

Constraints:
Properties:

AggregationNone
Alias
Association
Association End
ClassSecVulnerabilityScoringMetricDefn
Datatype
Default
Default Value
Is Compositefalse
Is Derivedfalse
Is Derived Unionfalse
Is Leaffalse
Is Orderedfalse
Is Read Onlyfalse
Is Staticfalse
Is Uniquetrue
Keywords
Lower1
Lower Value
MultiplicityNone (1)
NamevalidFor
Name Expression
NamespaceSecVulnerabilityScoringMetricDefn
Opposite
OwnerSecVulnerabilityScoringMetricDefn
Owning Association
Owning Template Parameter
Qualified NameSID Models::Enterprise Domain::Enterprise Risk ABE::Enterprise Security ABE::Security Vulnerability ABE::Security Vulnerability Scoring Definition ABE::SecVulnerabilityScoringMetricDefn::validFor
Stereotype
Template Parameter
Type«baseType» TimePeriod
Upper1
Upper Value
VisibilityPublic

OverviewTopPackageElement
Security Vulnerability Scoring Definition ABE UML Documentation
Summary:AttributesPropertiesDetail:Attributes