CWE Glossary Definition |
👁 x
|
CWE CATEGORY: ICS Operations (& Maintenance): Human factors in ICS environments
|
Category ID: 1379
Vulnerability Mapping:
PROHIBITED
This CWE ID must not be used to map to real-world vulnerabilities
|
Weaknesses in this category are related to the "Human factors in ICS environments" category from the SEI ETF "Categories of Security Vulnerabilities in ICS" as published in March 2022: "Environmental factors in ICS including physical duress, system complexities, and isolation may result in security gaps or inadequacies in the performance of individual duties and responsibilities." Note: members of this category include "Nearest IT Neighbor" recommendations from the report, as well as suggestions by the CWE team. These relationships are likely to change in future CWE versions.
| Nature |
Type |
ID |
Name |
| MemberOf |
👁 Category
Category - a CWE entry that contains a set of other entries that share a common characteristic. |
1363 |
ICS Operations (& Maintenance)
|
| HasMember |
👁 Class
Class - a weakness that is described in a very abstract fashion, typically independent of any specific language or technology. More specific than a Pillar Weakness, but more general than a Base Weakness. Class level weaknesses typically describe issues in terms of 1 or 2 of the following dimensions: behavior, property, and resource. |
451 |
User Interface (UI) Misrepresentation of Critical Information
|
| HasMember |
👁 Class
Class - a weakness that is described in a very abstract fashion, typically independent of any specific language or technology. More specific than a Pillar Weakness, but more general than a Base Weakness. Class level weaknesses typically describe issues in terms of 1 or 2 of the following dimensions: behavior, property, and resource. |
655 |
Insufficient Psychological Acceptability
|
👁 +
Vulnerability Mapping Notes
|
Usage:
PROHIBITED
(this CWE ID must not be used to map to real-world vulnerabilities)
|
|
Reason:
Category
|
|
Rationale:
This entry is a Category. Using categories for mapping has been discouraged since 2019. Categories are informal organizational groupings of weaknesses that can help CWE users with data aggregation, navigation, and browsing. However, they are not weaknesses in themselves.
|
|
Comments: See member weaknesses of this category.
|
Relationship
Relationships in this category are not authoritative and subject to change. See Maintenance notes.
Maintenance
This category might be subject to CWE Scope Exclusion SCOPE.HUMANPROC (Human/organizational process).
Maintenance
This category was created in CWE 4.7 to facilitate and illuminate discussion about weaknesses in ICS with [ REF-1248] as a starting point. After the release of CWE 4.9 in October 2022, this has been under active review by members of the "Boosting CWE" subgroup of the CWE-CAPEC ICS/OT Special Interest Group (SIG). Subgroup members did not find any CWEs to add to this category in CWE 4.11. There may be some gaps with respect to CWE's current scope, which will require consultation with many CWE stakeholders to resolve.
👁 +
Submissions |
| Submission Date |
Submitter |
Organization |
2022-03-09
(CWE 4.7, 2022-04-28)
|
New Categories of Security Vulnerabilities (NCSV) Technical Project Team (TPT) |
Securing Energy Infrastructure Executive Task Force |
👁 +
Modifications |
| Modification Date |
Modifier |
Organization |
2025-09-09
(CWE 4.18, 2025-09-09)
|
CWE Content Team |
MITRE |
|
updated References
|
2023-06-29
(CWE 4.12, 2023-06-29)
|
CWE Content Team |
MITRE |
|
updated Mapping_Notes
|
2023-04-27
(CWE 4.11, 2023-04-27)
|
CWE Content Team |
MITRE |
|
updated Maintenance_Notes, Mapping_Notes
|
2023-01-31
(CWE 4.10, 2023-01-31)
|
CWE Content Team |
MITRE |
|
updated Description, Maintenance_Notes, Relationship_Notes
|
More information is available — Please edit the custom filter or select a different filter.
|
