View: Weaknesses in SEI ETF Categories of Security Vulnerabilities in ICS
Incomplete
Type: Graph
Objective
CWE entries in this view (graph) are associated with the Categories of Security Vulnerabilities in ICS, as published by the Securing Energy Infrastructure Executive Task Force (SEI ETF) in March 2022. Weaknesses and categories in this view are focused on issues that affect ICS (Industrial Control Systems) but have not been traditionally covered by CWE in the past due to its earlier emphasis on enterprise IT software. Note: weaknesses in this view are based on "Nearest IT Neighbor" recommendations and other suggestions by the CWE team. These relationships are likely to change in future CWE versions.
Audience
| Type | Description |
|---|---|
| Hardware Designers | ICS/OT hardware designers can use this view to ensure a minimal set of weaknesses that should be avoided or mitigated during the design process. |
| Product Vendors | Product vendors can use this view to ensure that all aspects of the product lifecycle address these weaknesses. |
| Assessment Tool Vendors | Assessment tool vendors that help to assess potential weaknesses, or avoid them, can use this view to improve their tool's coverage to address more weaknesses. |
| Academic Researchers | Academic researchers can use this view to identify potential research opportunities that could produce better methods for detection or avoidance of weaknesses in ICS/OT products. |
Relationships
ICS Communications- (CWE-1359)
ICS Dependencies (& Architecture)- (CWE-1360)
ICS Supply Chain- (CWE-1361)
ICS Engineering (Constructions/Deployment)- (CWE-1362)
ICS Operations (& Maintenance)- (CWE-1363)
Mapping Notes
Usage: Prohibited
Reasons: View
Rationale:
This entry is a View. Views are not weaknesses and therefore inappropriate to describe the root causes of vulnerabilities.
Comment:
Use this View or other Views to search and navigate for the appropriate weakness.