Rekhi, S.
and Amberiadis, K.
(2025),
Metrics and Methodology for Hardware Security Constructs, NIST Cybersecurity White Papers (CSWP), National Institute of Standards and Technology, Gaithersburg, MD, [online], https://doi.org/10.6028/NIST.CSWP.45, https://tsapps.nist.gov/publication/get_pdf.cfm?pub_id=959315
(Accessed June 30, 2025)
Official websites use .gov
A .gov website belongs to an official government organization in the United States.
Secure .gov websites use HTTPS
A lock (
) or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.
Metrics and Methodology for Hardware Security Constructs
Published
Author(s)
,
Abstract
Although hardware is commonly believed to be security-resilient, it is often susceptible to vulnerabilities arising from design and implementation flaws. These flaws have the potential to jeopardize not only the hardware's security, but also its operations and critical user information. In this investigation, we present a comprehensive methodology for assessing threats related to some of the most critical hardware weaknesses. The methodology evaluates various weaknesses and the attacks that can potentially exploit them, resulting in two key metrics: a threat metric, which quantifies the number of hardware weaknesses that an attack can exploit, and a sensitivity metric, which measures the number of distinct attacks that can target a hardware system with a specific weakness. These metrics and the accompanying analysis aim to guide security efforts and optimize the trade-offs between hardware security and associated costs.Citation
NIST Cybersecurity White Papers (CSWP) - 45
Report Number
45
Pub Type
NIST Pubs
Download Paper
Keywords
CWE most important hardware weaknesses, CAPEC attack patterns, security metrics
Citation
Issues
If you have any questions about this publication or are having problems accessing it, please contact [email protected].
Created June 5, 2025