Vulnerability Discovery Models in Terms of System Dynamics

So far a few Vulnerability Discovery Models have been published. Such models will allow effective resource allocation for patch development and update as well as for software upgrade. The models are also needed for evaluating the risk of vulnerability exploitation and information security. Here are examined Anderson Thermodynamic Model (2002), Rescorla Linear and Exponential Model (2005) and Alhazmi–Malaiya Logistic Model for the vulnerability discovery process in terms of system dynamics as examples. The models are presented both analytically and in the system dynamics language. The applicability of the proposed models and their significance are shortly discussed.