Abstract: In the field of computer security，particularly network security，network vulnerability of the model is very important.The ultimate aim is to guide security administrator simulating attack scenarios，analysing the relationships between network vulnerability and building defensive mechanisms.This paper discusses the concept of network vulnerability and modeling development process，introduces some typical vulnerability modeling methods，induding the attack on the tree，plan attacks，infiltration map，privileges upgrade plan，Petri net，the state plans，requires/provides model.In conclusion，the paper summarizes the future direction of development.

摘要： 在计算机安全领域，特别是网络安全领域，对网络系统脆弱性进行建模十分重要，其最终目的就是指导安全管理员仿真攻击场景、分析网络脆弱性之间的关联关系以及建立防御机制。阐述了网络脆弱性的概念及其建模方法发展历程，介绍了攻击树、攻击图、渗透图、特权提升图、Petri net、状态图、需求/产出模型等几种典型的脆弱性建模方法，最后总结了今后的发展方向。