A FMEA Analysis on Web Applications
Based on the Failure Mode and Effects Analysis (FMEA) method, this paper identifies the potential causes that lead to the failure of a Web application built on the WordPress platform. Both software vulnerabilities identified in the U.S. National Vulnerability Database (NVD) and other platform administration and configuration processes that can be exploited in cyber-attacks against the Web application are considered. Finally, measures to eliminate potential security breaches are proposed in the form of a best practice guide for managing sensitive data and increasing the level of security for this type of application.
“Final Report of the EBU / SMPTE Task Force for Harmonized Standards for the Exchange of Television Programme Material as Bitstreams,” 1998. Accessed: Mar. 15, 2023. [Online]. Available: https://tech.ebu.ch/docs/techreview/ebu-smpte-tf-bitstreams.pdf.
C. Benevolo, Evaluation of Content Management Systems (CMS): a Supply Analysis, 2017.
“Usage statistics of content management systems.” W3Techs. https://w3techs.com/technologies/overview/content_management (accessed Apr. 5, 2023).
“CMS comparison 2022: The most popular content management systems.” IONOS Digital Guide. https://www.ionos.com/digitalguide/hosting/cms/cms-comparison-a-review-of-the-best-platforms/ (accessed Apr. 2, 2023).
V.M. Cătuneanu and I.C. Bacivarov, Fiabilitatea sistemelor de telecomunicații, Ed. Militară, București, 1985.
“Usage statistics and market share of WordPress.” W3Techs. https://w3techs.com/technologies/details/cm-wordpress (accessed Apr. 28, 2023).
“WordPress 5.0 Bebo.” WordPress. https://wordpress.org/news/2018/12/bebo/ (accessed Mar. 20, 2023).
“WordPress 6.0 Arturo.” WordPress. https://wordpress.org/news/2022/05/arturo/ (accessed Mar. 20, 2023).
“CVE - Common Vulnerabilities and Exposures.” http://cve.mitre.org/ (accessed Mar. 10, 2023).
“NIST Common Vulnerability Scoring System Calculator Version 3.” https://nvd.nist.gov/vuln-metrics/cvss/v3-calculator (accessed Mar. 10, 2023).
“WordPress: Vulnerability Statistics.” CVE Details. https://www.cvedetails.com/product/4096/Wordpress-Wordpress.html (accessed Mar. 10, 2023).
“CVSS scores for WordPress between 2019 and 2022.” CVE Details. https://www.cvedetails.com/cvss-score-charts.php?fromform=1&vendor_id=&product_id=4096&startdate=2019-01-01&enddate=2022-12-31 (accessed Mar. 10, 2023).
“2022 Website Threat Research Report.” SUCURI. https://sucuri.net/reports/2022-hacked-website-report/ (accessed Apr. 10, 2023).
“2021 Website Threat Research Report.” SUCURI. https://sucuri.net/reports/2021-hacked-website-report/ (accessed Apr. 25, 2023).
“Ranking of the most popular database management systems worldwide, as of February 2023.” Statista. https://www.statista.com/statistics/809750/worldwide-popularity-ranking-database-management-systems/ (accessed Apr. 20, 2023).
C. Ciuchi, G. Petrică, a.o. Cybersecurity Guide. (2021). Accessed Apr. 10, 2023. [Online]. Available: https://dnsc.ro/vezi/document/ghid-securitate-cibernetica-2021.
“Top 10 Web Application Security Risks.” OWASP. https://owasp.org/www-project-top-ten/ (accessed Apr. 1, 2023).