Comprehensive Categorization: Violation of Secure Design Principles

The product has a dependency on a third-party component that contains one or more known vulnerabilities.

The product performs an operation at a privilege level that is higher than the minimum level required, which creates new weaknesses or amplifies the consequences of ot...

The System-on-Chip (SoC) does not have unique, immutable identifiers for each of its components.

The Network On Chip (NoC) does not isolate or incorrectly isolates its on-chip-fabric and internal resources such that they are shared between trusted and untrusted ag...

The System-On-a-Chip (SoC) does not properly isolate shared resources between trusted and untrusted agents.

The product does not properly compartmentalize or isolate functionality, processes, or resources that require different privilege levels, rights, or permissions.

The product does not sufficiently protect all possible paths that a user can take to access restricted functionality or resources.

The product has a protection mechanism that is too difficult or inconvenient to use, encouraging non-malicious users to disable or bypass the mechanism, whether by acc...

The product uses security features in a way that prevents the product's administrator from tailoring security settings to reflect the environment in which the product ...

Hardware structures shared across execution contexts (e.g., caches and branch predictors) can violate the expected architecture isolation between contexts.

When the product encounters an error condition or failure, its design requires it to fall back to a state that is less secure than other options that are available, su...

The product does not perform access checks on a resource every time the resource is accessed by an entity, which can create resultant weaknesses if that entity's right...

A protection mechanism relies exclusively, or to a large extent, on the evaluation of a single condition or the integrity of a single object or entity in order to make...

The product uses a protection mechanism whose strength depends heavily on its obscurity, such that knowledge of its algorithms or key data is sufficient to defeat the ...

A UI function for a security feature appears to be supported and gives feedback to the user that suggests that it is supported, but the underlying functionality is not...

The product uses a more complex mechanism than necessary, which could lead to resultant weaknesses when the mechanism is not correctly understood, modeled, configured,...

The product violates well-established principles for secure design.

This view organizes weaknesses around categories that are of interest to large-scale software assurance research to support the elimination of weaknesses using ta...