Weaknesses
A Weakness is a weakness or business-related breakdown that can affect projects under certain conditions. SD Elements tracks an official set of Weaknesses and their conditions, and additional Weaknesses can be managed as well.
| The official Weaknesses are read-only. |
Weakness details
-
Title: The title of the Weakness.
-
Risk rating: The risk score of the Weakness, which is analogous to the priority of a Countermeasure.
-
Text: A text description of the Weakness. A brief description of the impact of a Weakness not being addressed or mitigated.
This field uses Markdown for rich text formatting. -
Common Weakness Enumeration Identifier: An optional list of Common Weakness Enumeration (CWE) identifiers that track common software weaknesses.
-
Rules: The section titled Applicable to a Project when the following rules are met shows the rules for the Weakness. A Weakness always appears in a project if there are no rules.
Create a custom Weakness
To create a custom Weakness follow the steps below.
-
The user has the permission Global Roles → Customization → Customize content.
-
Select the menu option Library → Weaknesses.
-
Click + Weakness on the top right. A new page will appear.
-
Fill in the required fields.
-
Click Save.
The Weakness is added to the system: custom or orginal Countermeasures can be associated with the new Weakness.
Delete a custom Weakness
Delete a custom Weakness by first moving all assigned Countermeasures to an existing Weakness. To delete a custom Weakness follow the steps below.
-
The user has the permission Global Roles → Customization → Customize content.
-
Select the menu opton Library → Weaknesses.
-
Search for the Weakness and select it.
-
Click Delete Weakness (represented by trash icon).
-
Select an existing Weakness to move any affected Countermeasures.
-
Click Delete.
The Weakness is removed from the system. All affected Countermeasures are assigned to the selected Weakness.
View a Weakness in read-only mode
Examine a read-only version of a library Weakness by following the steps below.
-
The user has the permission Global Roles → User Management → Modify own user settings.
-
Select the menu option Library → Weaknesses.
-
Search for specific Weaknesses by name or filter by type (built-in, built-in modified, or custom).
Weaknesss matching the filter are displayed in the list view. A Weakness you select is presented in full detail, but you cannot modify it in this view.
Edit a Library Weakness
Make custom changes to the title, risk rating, or text of an existing Library Weakness.
-
The user has the permission Global Roles → Customization → Customize content.
-
Select the menu option Library → Weaknesses.
-
Select the Weakness that you want to customize.
-
Click the 'pencil icon' to open up the edit form of the Weakness.
-
Edit any of the following fields:
-
Title
-
Risk rating
-
Text
-
Applicability Rules
-
-
Click Save Weakness.
The custom or buit-in modified Library Weakness is saved with its new details and now appears as Modified in the edit form of the Library.
Revert changes to a Library Weakness
Return any modified fields of a Weakness back to their original content.
-
The user has the permission Global Roles → Customization → Customize content.
-
Select the menu option Library → Weaknesses.
-
Select the modified Weakness containing content that you want to revert.
-
Click the 'pencil icon' to open up the edit form of the Weakness.
-
Select the Revert checkbox for any of the following fields:
-
Title
-
Risk Rating
-
Text
-
Applicability Rules
-
-
Click Save Weakness.
The modified fields of the Weakness that you selected are reverted back to their default details.
Custom rules
In addition to creating your own Library Weaknesses with optional rules, you can do the following with built-in SD Elements Weaknesses:
-
Create custom rules
-
Edit existing rules
-
Delete one or more rules
-
Revert all rule changes and additions
Create a custom Applicability rule
To create a custom applicability rule for a built-in Weakness, follow the steps below.
-
The user has the permission Global Roles → Customization → Customize content.
-
Select the menu option Library → Weaknesses.
-
Select the Weakness that you decided should have a new rule.
-
Click the 'pencil icon' to open up the edit form of the Weakness.
-
Click Add Another Rule at the bottom of the Applicable Rules section.
-
Select one or more match conditions for the rule.
-
Click Save Weakness at the bottom right of the Edit Weakness page.
Edit a rule
To edit a rule for a built-in Weakness, follow the steps below.
-
The user has the permission Global Roles → Customization → Customize content.
-
Select the menu option Library → Weaknesses.
-
Select the Weakness that has a rule you decided needs editing.
-
Click the 'pencil icon' to open up the edit form of the Weakness.
-
Add or remove match conditions until the applicability rule is satisfactory.
-
Click Save Weakness at the bottom right of the Edit Weakness page.
Delete a rule
To delete a rule from a built-in Weakness, follow the steps below.
-
The user has the permission Global Roles → Customization → Customize content.
-
Select the menu option Library → Weaknesses.
-
Select the Weakness that has a rule you don’t need.
-
Click the 'pencil icon' to open up the edit form of the Weakness.
-
Click Delete at the bottom of the unwanted match condition within the Applicability Rule section.
-
Click Save Weakness.
Revert changes made to a custom rule
To revert all changes made to rules for a built-in Weakness, follow the steps below.
-
The user has the permission Global Roles → Customization → Customize content.
-
Select the menu option Library → Weaknesses.
-
Select the Weakness that has rule changes you want to revert.
-
Click the 'pencil icon' to open up the edit form of the Weakness.
-
On edit form, select revert modified fields in top right coerner which will open up the revert menu panel.
-
Select the fields you want to revert.
-
Click Restore. The fields will be updated back to base content. User may continue to edit the weakness.
-
Click Save to make changes permanent.