Seven pernicious kingdoms: a taxonomy of software security errors

Taxonomies can help software developers and security practitioners understand the common coding mistakes that affect security. The goal is to help developers avoid making these mistakes and more readily identify security problems whenever possible. Because developers today are by and large unaware of the security problems they can (unknowingly) introduce into code, a taxonomy of coding errors should provide a real tangible benefit to the software security community. Although the taxonomy proposed here is incomplete and imperfect, it provides an important first step. It focuses on collecting common errors and explaining them in a way that makes sense to programmers. This new taxonomy is made up of two distinct kinds of sets, which we're stealing from biology: a phylum (a type of coding error, such as illegal pointer value) and a kingdom (a collection of phyla that shares a common theme, such as input validation and representation). Both kingdoms and phyla naturally emerge from a soup of coding rules relevant to enterprise software, and it's for this reason that this taxonomy is likely to be incomplete and might lack certain coding errors. In some cases, it's easier and more effective to talk about a category of errors than to talk about any particular attack. Although categories are certainly related to attacks, they aren't the same as attack patterns.