CWE CATEGORY: ICS Operations (& Maintenance): Compliance/Conformance with Regulatory Requirements
Category ID: 1383
Summary
Weaknesses in this category are related to the "Compliance/Conformance with Regulatory Requirements" category from the SEI ETF "Categories of Security Vulnerabilities in ICS" as published in March 2022. Note: members of this category include "Nearest IT Neighbor" recommendations from the report, as well as suggestions by the CWE team. These relationships are likely to change in future CWE versions.
Membership
Nature
Type
ID
Name
MemberOf
Category - a CWE entry that contains a set of other entries that share a common characteristic.
Pillar - a weakness that is the most abstract type of weakness and represents a theme for all class/base/variant weaknesses related to it. A Pillar is different from a Category as a Pillar is still technically a type of weakness that describes a mistake, while a Category represents a common characteristic used to group related things.
This category was created in CWE 4.7 to facilitate and illuminate discussion about weaknesses in ICS. It is under active development. In future versions, new weaknesses will be added based on input from the CWE-CAPEC ICS/OT Special Interest Group (SIG). However, there may be some issues that are outside of the current scope of CWE, which will require consultation with many CWE stakeholders to resolve.