FSTab: Feature–Security Mapping Overview
- FSTab is a formal mapping linking observable software features with corresponding security properties, threats, and vulnerabilities.
- It facilitates systematic auditing and black-box vulnerability prediction by correlating frontend features with backend risks using metrics like PMI and Laplace smoothing.
- FSTab underpins robust security engineering in LLMs, OS kernels, and feature taxonomies, aiding compliance and informed design decisions.
A Feature–Security Table (FSTab) is a formal, systematic mapping between software features and associated security properties, threats, mitigation mechanisms, or vulnerabilities. FSTab provides a bidirectional interface: it allows for the auditing, classification, and prediction of security risks or mechanisms based on observable features, and supports model or system-centric evaluation of vulnerability persistence and compartmentalization. FSTab is employed for program analysis and security engineering, as well as for black-box attacks leveraging knowledge of typical feature–vulnerability pairings in code generated by LLMs, system kernels, or functional security frameworks (Kordonsky et al., 2 Feb 2026, Steffin et al., 10 Oct 2025, Hermann et al., 8 Jan 2025).
1. Formal Models and Instantiations of FSTab
FSTab is formalized as a mapping from features —concretely observable functional units such as “user_login_with_password,” “upload_file,” or kernel-level memory domains—to an ordered multimap of security-related objects. The codomain depends on the application:
- LLM Code Security: For LLMs, , where is a set of vulnerability rule IDs (e.g., CWE, CodeQL rule).
- Operating System Security: In iOS kernel architecture, FSTab pairs features (SPTM, TXM, Exclaves) with security goals, mechanisms, trust boundaries, and inter-process communication (IPC) models.
- Security Taxonomies: In implementation-level feature taxonomies, each row of FSTab cross-references a feature with formal descriptions, standards mappings, supported frameworks, and representative code constructs.
Mathematically, the LLM FSTab approximates the conditional distribution
using Pointwise Mutual Information (PMI) and Laplace-smoothed frequency estimates: where
This abstraction supports data-driven FSTabs tailored to LLMs, kernels, or security standards.
2. Construction Methodologies
The construction of an FSTab proceeds in sequential phases, which depend on the target platform and objective:
LLM-Driven FSTab Construction (Kordonsky et al., 2 Feb 2026):
- Data Generation: Synthesize a corpus of programs by sampling the code model with a suite of prompts, including multiple semantic rephrasings.
- Automatic Labeling:
- Frontend Feature Extraction: Employ AST- or regex-based analysis to extract frontend features, heuristically mapping each handler/function to a unique .
- Backend Vulnerability Scanning: Use static analyzers (e.g., CodeQL, Semgrep) to identify vulnerabilities, obtaining rule IDs .
- Co-occurrence Counting and Scoring: For each pair, record counts . Compute PMI scores.
- Diversity-Promoted Selection: Use a greedy algorithm with a penalty factor to limit selection of over-represented vulnerabilities, ensuring a broad and unambiguous mapping.
System Security FSTab Construction (Steffin et al., 10 Oct 2025):
- For compartmentalized system features (e.g., SPTM, TXM, Exclaves), FSTab is constructed by formalizing each feature’s security goals, corresponding enforcement mechanisms (e.g., memory typing ), explicit trust domains, and the IPC routes used to transfer or isolate authority.
Feature Taxonomy FSTab Construction (Hermann et al., 8 Jan 2025):
- Each feature is given a formal description, standard mappings (ISO/NIST/CC), supporting frameworks, and a canonical code snippet. This is organized as a multi-column tabular resource supporting programmatic queries.
3. Security Contexts and Applications
Black-Box Prediction and Attack (Kordonsky et al., 2 Feb 2026): FSTab enables black-box attacks whereby, given only the set of observable UI features and the model identifier , an adversary retrieves top- expected vulnerabilities per feature from . The aggregate, , prioritizes probable back-end vulnerabilities for exploitation, even without code access. Attack metrics are: with population averages:
OS Kernel Security Layering (Steffin et al., 10 Oct 2025): The FSTab classifies kernel features (SPTM, TXM, Exclaves) and formalizes security layering. SPTM enforces microkernel-style partitioning at the memory management level ( and policy bitmatrices), while TXM secures code-signing and entitlements, decoupled from kernel privilege, and Exclaves isolate hardware-rich domains (e.g., ANE, sensors) behind an additional boundary.
Feature Location and Standards Mapping (Hermann et al., 8 Jan 2025): FSTab catalogs 68 implementation-level security features with full mapping to ISO/NIST/CC controls, framework support, and code representations, supporting feature location, audit, and secure design decisions.
4. Metrics and Model-Centric Analysis
FSTab provides a foundation for quantifying vulnerability persistence and transfer across code generation models, rephrasings, and application domains (Kordonsky et al., 2 Feb 2026). Four key metrics are defined:
- Feature–Vulnerability Recurrence (FVR): For each , the fraction of pairs recurring in the set of programs containing .
- Rephrasing Vulnerability Persistence (RVP): Fraction of pairs persistent across multiple prompt rephrasings for a given task.
- Domain Vulnerability Recurrence (DVR): Recurrence of vulnerability patterns within a specific domain .
- Cross-Domain Transfer (CDT): Proportion of vulnerabilities present both within and outside domain , capturing model-intrinsic vs. domain-specific patterns.
A high CDT-DVR gap (universality gap) implies that vulnerability patterns are model-intrinsic rather than domain-restricted.
5. Empirical Findings and Representative Tables
LLM Vulnerability Prediction
On LLM-generated code, the FSTab-based black-box attack achieves, for Claude-4.5 Opus on Internal Tools, , . With cross-domain exclusion (training without the target application domain), models such as GPT-5.2 retain and . The universality gap () is consistently positive, indicating significant cross-domain generalization (Kordonsky et al., 2 Feb 2026).
Persistence metrics for leading models: | Model | FVR (%) | RVP (%) | DVR (%) | CDT (%) | |--------------|---------|---------|---------|------------| | GPT-5.2 | 37.5 | 23.2 | 33.9 | 42.3 | | Composer | — | 35.5 | 46.4 | — | | Grok | — | 12.0 | 27.9 | 57.3 |
This demonstrates that the FSTab abstraction is highly effective for black-box vulnerability inference.
OS Security Layer FSTab
An FSTab for modern iOS security architecture (Steffin et al., 10 Oct 2025):
| Feature | Security Goals | Key Mechanisms | Trust Boundary | IPC/Transport Model |
|---|---|---|---|---|
| SPTM | Prevent arbitrary page-table writes; memory isolation; PRIVATE frame confidentiality | Physical-frame typing ; validity ; multi-level dispatch | Domains SPTM, XNU, TXM, SK, HIB | XNU→GXF/GENTER→SPTM; TXM→SVC#0→SPTM; SK→HVC#0→SPTM |
| TXM | Enforce code-signing/entitlements; code isolation | Domain-limited SPTM calls; SPTM-guarded memory types | Domain = TXM | XNU→GENTER/SPTM(domain=TXM); TXM→SVC(#0/37/38)→SPTM |
| Exclaves | Protect sensor/ANE pipelines, privacy indicator integrity | SK_DOMAIN memory; per-domain resource tables; Tightbeam IPC | SK_GL1; per-Conclave domains | exclaves_ctl_trap (trap-88)→kernel; Tightbeam; xnuproxy |
This table demonstrates explicit trust boundaries and formal compartmentalization, raising the bar against monolithic kernel compromise.
Security Feature Taxonomy FSTab
A machine-readable FSTab catalogs 68 security features (Hermann et al., 8 Jan 2025), each cross-referenced by:
- ISO 27001/2, NIST SP 800-53, NIST CSF, and Common Criteria mappings
- Supported frameworks (e.g., Spring Security, OWASP ESAPI, AppleSec)
- Code/API usage examples
Sample extracted entry:
| Feature | Description | Code/API Example |
|---|---|---|
| Authentication | Verification of a subject’s claimed identity | securityContext.getAuthentication() |
| Authorization | Grant/deny access rights to an authenticated subject | @PreAuthorize("hasRole('ROLE_USER')") |
| Encryption | Transforming plaintext to ciphertext | cipher.doFinal(plainBytes) |
This resource enables conformance analysis and aids feature location in large software projects.
6. Significance and Emerging Directions
FSTab frameworks unify disparate efforts in feature-based security reasoning and threat modeling. In the LLM context, the existence of strong cross-domain transfer and persistent mappings exposes an underexplored attack surface: black-box adversaries that exploit model-consistent code generation patterns. In layered OS architectures, FSTabs enable rigorous characterization of isolation boundaries, actor privileges, and policy enforcement, thus supporting both system hardening and formal verification. In feature taxonomies, the FSTab abstraction provides an actionable vocabulary for tracking, locating, and auditing security features.
A plausible implication is that as code generation and compartmentalized system designs proliferate, FSTab-like tables will become essential artifacts for robust security architecture, cross-domain vulnerability assessment, and automated compliance analysis.