Power, Clock, Thermal, and Reset Concerns

A device's real time power consumption may be monitored during security token evaluation and the information gleaned may be used to determine the value of the referenc...

The device is missing or incorrectly implements circuitry or sensors that detect and mitigate the skipping of security-critical CPU instructions when they occur.

Register lock bit protection disables changes to system configuration once the bit is set. Some of the protected registers or lock bits become programmable after power...

The device does not contain or contains incorrectly implemented circuitry or sensors to detect and mitigate voltage and clock glitches and protect sensitive informatio...

Untrusted agents can disable alerts about signal conditions exceeding limits or the response mechanism that handles such alerts.

A hardware device is missing or has inadequate protection features to prevent overheating.

The product provides software-controllable device functionality for capabilities such as power and clock management, but it does not properly limit functional...

The product performs a power save/restore operation, but it does not ensure that the integrity of the configuration state is maintained and/or ...

The device does not write-protect the parametric data values for sensors that scale the sensor value, allowing untrusted software to manipulate the apparent result and...

The security-sensitive hardware module contains semiconductor defects.

Security-critical logic is not set to a known value on reset.

This view organizes weaknesses around concepts that are frequently used or encountered in hardware design. Accordingly, this view can align closely with the perspectiv...