ABSTRACT Several thousand software design vulnerabilities have been reported through established databases. But they need to be structured and classified to be optimally usable in the pursuit of minimal and effective mitigation mechanism. In order we developed a criterion set for a communicative description of the same to serve the purpose as a taxonomic description of security vulnerabilities, arising in the design phase of Software development lifecycle. This description is a part of an effort to identify appropriate strategies for mitigating security flaws at the design level. In addition, an analysis is also carried out on the basis of frequency and severity of vulnerabilities identified under each class and the same has been intrinsically presented.
