CWE

Common Weakness Enumeration

A Community-Developed List of Software & Hardware Weakness Types

2021 CWE Most Important Hardware Weaknesses
CWE Top 25 Most Dangerous Weaknesses
Home > CWE List > CWE- Individual Dictionary Definition (4.9)  
ID

CWE CATEGORY: ICS Dependencies (& Architecture): External Digital Systems

Category ID: 1368
+ Summary
Weaknesses in this category are related to the "External Digital Systems" category from the SEI ETF "Categories of Security Vulnerabilities in ICS" as published in March 2022. Note: members of this category include "Nearest IT Neighbor" recommendations from the report, as well as suggestions by the CWE team. These relationships are likely to change in future CWE versions.
+ Membership
NatureTypeIDName
MemberOfCategoryCategory - a CWE entry that contains a set of other entries that share a common characteristic.1360ICS Dependencies (& Architecture)
HasMemberClassClass - a weakness that is described in a very abstract fashion, typically independent of any specific language or technology. More specific than a Pillar Weakness, but more general than a Base Weakness. Class level weaknesses typically describe issues in terms of 1 or 2 of the following dimensions: behavior, property, and resource.610Externally Controlled Reference to a Resource in Another Sphere
HasMemberClassClass - a weakness that is described in a very abstract fashion, typically independent of any specific language or technology. More specific than a Pillar Weakness, but more general than a Base Weakness. Class level weaknesses typically describe issues in terms of 1 or 2 of the following dimensions: behavior, property, and resource.1357Reliance on Uncontrolled Component
+ Notes

Maintenance

This category was created in CWE 4.7 to facilitate and illuminate discussion about weaknesses in ICS. It is under active development. In future versions, new weaknesses will be added based on input from the CWE-CAPEC ICS/OT Special Interest Group (SIG). However, there may be some issues that are outside of the current scope of CWE, which will require consultation with many CWE stakeholders to resolve.
+ References
[REF-1248] Securing Energy Infrastructure Executive Task Force (SEI ETF). "Categories of Security Vulnerabilities in ICS". ICS Dependencies (& Architecture). 2022-03-09. <https://inl.gov/wp-content/uploads/2022/03/SEI-ETF-NCSV-TPT-Categories-of-Security-Vulnerabilities-ICS-v1_03-09-22.pdf>.
+ Content History
+ Submissions
Submission DateSubmitterOrganization
2022-03-09New Categories of Security Vulnerabilities (NCSV) Technical Project Team (TPT)Securing Energy Infrastructure Executive Task Force
More information is available — Please select a different filter.
Page Last Updated: October 13, 2022