Read Time:23 Second
Description
Security-critical logic is not set to a known value on reset.
Modes of Introduction:
– Implementation
Related Weaknesses
Consequences
Access Control, Authentication, Authorization: Varies by Context
Potential Mitigations
Phase: Implementation
Description:
Design checks should be performed to identify any uninitialized flip-flops used for security-critical functions.
Phase: Architecture and Design
Description:
All registers holding security-critical information should be set to a specific value on reset.