CWE-1278: Missing Protection Against Hardware Reverse Engineering Using Integrated Circuit (IC) Imaging Techniques

Base Incomplete Simple

CWE版本: 4.18

更新日期: 2025-09-09

弱点描述

Information stored in hardware may be recovered by an attacker with the capability to capture and analyze images of the integrated circuit using techniques such as scanning electron microscopy.

常见后果

影响范围: Confidentiality

技术影响: Varies by Context

说明: A common goal of malicious actors who reverse engineer ICs is to produce and sell counterfeit versions of the IC.

潜在缓解措施

阶段: Architecture and Design

描述: The cost of secret extraction via IC reverse engineering should outweigh the potential value of the secrets being extracted. Threat model and value of secrets should be used to choose the technology used to safeguard those secrets. Examples include IC camouflaging and obfuscation, tamper-proof packaging, active shielding, and physical tampering detection information erasure.

引入模式

阶段	说明
Architecture and Design	-

适用平台

编程语言

Not Language-Specific (Undetermined)

操作系统

Not OS-Specific (Undetermined)

技术

Not Technology-Specific (Undetermined)

关键信息

CWE ID: CWE-1278

抽象级别: Base

结构: Simple

状态: Incomplete

CWE-1278: Missing Protection Against Hardware Reverse Engineering Using Integrated Circuit (IC) Imaging Techniques

弱点描述

常见后果

潜在缓解措施

引入模式

适用平台

编程语言

操作系统

技术

关键信息

相关弱点

相关攻击模式

CWE-1278: Missing Protection Against Hardware Reverse Engineering Using Integrated Circuit (IC) Imaging Techniques

弱点描述

常见后果

潜在缓解措施

引入模式

适用平台

编程语言

操作系统

技术

关键信息

相关弱点

ChildOf CWE-693

相关攻击模式