Description
This white paper describes the roadmap towards scoring systems for weakness findings within the context of the Static Code Analysis (SCA) approach. The white paper frames the discussion of scoring systems for SCA, describes some of the unique challenges, provides a survey of existing approaches and outlines the requirements for a weakness scoring system, with the emphasis on the role of standards and information exchange in this area.