How the Hardware CVE Classification Works
In this article, we explain how we’re classifying between software and hardware vulnerabilities after the vulnerabilities ID and descriptions are collected.
The classification flow outline is the following:
- First we keep a vulnerability database up-to-date using crawlers and CVE information collecting;
- For each vulnerability that was not classified, we run it through an LLM classifier;
- Multiple classifiers are run over hardware-classified vulnerabilities to reduce the number of false positives by using more advanced LLM models;
The models used for classification are:
- Llama 3
- GPT 3.5
- Mistral 7b
The resulting list contains classifications that is between: hardware, non-hardware, and unclear. The unclear means the LLM would need additional information to know if it’s hardware-related vulnerability or not.
At this point, the list is reduced and is reviewed manually. Each non-hardware vulnerability is marked accordingly. The site is regularly built with the latest vulnerability information collected and classified to that date.
Contribute
If you have information about a vulnerability, threat or would like to suggest an additional source, please reach out to us through the form in our About page.