%A ZHANG Yan, LI Zhou-jun, DONG Guo-wei and MA Dian-fu %T Novel Taxonomy of Security Weakness in Source Code Based on Three-dimension Tree Model %0 Journal Article %D 2016 %J Computer Science %R 10.11896/j.issn.1002-137X.2016.05.014 %P 76-79 %V 43 %N 5 %U {https://www.jsjkx.com/CN/abstract/article_16019.shtml} %8 2018-12-01 %X We presented a novel taxonomy of security weakness in source code based on three-dimension tree model,which synthetically considers the three aspects:the causes of the defect,the results and its form of expression.Case studies show that compared with CWE and Fortify,the taxonomy in this paper is more accurate and detailed.This paper is not only helpful to establish a kind of relatively complete source code defect classification system,but also very signi-ficant in practice to refine the rules of the security weakness detection.