# Score and Rating

## 1. Score

Our proprietary tool is used to scan the projects to be analyzed. In each rating dimension, the project is ranked based on the tool's scan results and a ranking score is calculated, ranging from 0-100. The ranking scores of several dimensions are weighted to give each project a total score, which serves as the project's final security score. The determination of the weight value of each dimension is based on the APH hierarchical method \[1].

The scoring process involves the following important aspects: 

1\). A higher security score for a project indicates that it is more secure and trustworthy. 

2\). When calculating the ranking score based on the engine's scan results, a reverse ranking is used. For example, if a project has more vulnerabilities detected by the vulnerability scanning engine, its ranking score will be relatively lower.

## 2. Rating

Here is the score and rating comparison table in descending order:

| Score Range | Rating |
| ----------- | ------ |
| 95-100      | AAA    |
| 90-95       | AA     |
| 80-90       | A      |
| 75-80       | BBB    |
| 65-75       | BB     |
| 60-65       | B      |
| 50-60       | CCC    |
| 45-50       | CC     |
| 40-45       | C      |
| 30-40       | DDD    |
| 20-30       | DD     |
| <20         | D      |

This table is used to assign the corresponding rating to the project based on its final security score. The rating system ranges from AAA (highest) to DDD (lowest).

\[1] AHP, <https://en.wikipedia.org/wiki/Analytic_hierarchy_process#Hierarchies_in_the_AHP>