User-Friendly Security Assessment System Using a CVSS V4.0 Dashboard

Cyber Security is an essential element for responding to serious threats posed by digital 2 technology. The Common Vulnerability Scoring System (CVSS) is a key indicator for eval- 3 uating software security risks. However, CVSS results—expressed as numerical scores 4 or vector strings—are difficult for general users and managers to intuitively understand 5 and judge. This complexity hinders effective risk management. This study aimed to im- 6 prove the usability and satisfaction of a cybersecurity assessment simulator by designing a 7 user-friendly UI/UX. The design proposal focused on three core principles for intuitive 8 understanding of detailed CVSS V4.0 indicator values: Firstly, data Visualization: Using a 9 clear color scheme (red/yellow/green) to distinguish risk levels at a glance. Tooltips were 10 implemented to provide detailed information on hover. secondly, clear Information Hier- 11 archy: The CVSS V4.0 groups (Base, Threat, Environment, Supplemental) were arranged 12 logically, with the Basic Group at the top center for visibility. Supplemental information 13 was provided using a drill-down approach. lastly, Interactivity and Accessibility: Features 14 like data filtering/sorting and a responsive UI were included. Accessibility was addressed 15 by providing patterns and text labels alongside colors for color vision deficiency. The 16 proposed dashboard-type UI/UX was implemented as a web service and tested against the 17 existing CVSS V4.0 calculator. Experiments showed a significant improvement in usability, 18 design satisfaction (e.g., visual satisfaction 8.9 points, readability 9.0 points), and overall 19 UI/UX satisfaction (83%) compared to the existing system. No significant difference was 20 found in items evaluating interaction or certain usability metrics. This was attributed to 21 the system being primarily information-providing rather than a two-way interactive tool. 22 The study successfully designed a visualized UI/UX for the CVSS V4.0 simulator, making 23 risk assessment results more accessible. Future work will focus on improving the system 24 structure to enable two-way interaction and enhance overall usability metrics.