Reference
Severity model
How severity, exploitability, and rail-safety impact combine into the final score.
Inputs
- Severity (S)
- 0–10, derived from CVSS where available, otherwise from check metadata.
- Exploitability (E)
- 0–1, evidence of active exploitation in the wild.
- Rail-safety impact (R)
- 0–2 multiplier, set by asset class and topology.
- Exposure (X)
- 0–1, network reachability of the affected asset.
Final score
final = clamp( S * (0.5 + 0.5 * E) * (1 + R) * (0.5 + 0.5 * X), 0, 10 )