A guide to aid conversion from CWEs to Security Rules for use with Radix security verification tools.
MITRE’s hardware Common Weakness Enumeration (CWE) database aggregates hardware weaknesses that are the root causes of vulnerabilities in deployed parts. A complete list can be found on the MITRE Hardware Design Webpage. Hardware CWEs are ideal to be used alongside internally developed security requirements databases and have been developed and submitted by both government and commercial design teams such as the Intel Corporation and Tortuga Logic. This guide can be used in conjunction with the CWE list as a resource to aid conversion from CWEs to Security Rules for use with Tortuga Logic’s Radix security verification tools. It also serves as a guide for design and verification teams to help them answer the question: “what security vulnerabilities should I verify?”
Click here to read more.
Leave a Reply