SAN JOSE, Calif. –July 21, 2020: Tortuga Logic, Inc., a cybersecurity company specializing in hardware security, today announced that its CEO, Dr. Jason Oberg, has been appointed to the newly established, Common Weakness Enumeration (CWE™) / Common Attack Pattern Enumeration and Classification (CAPEC™) Board. CWE is sponsored by the U.S. Department of Homeland Security (DHS) Cybersecurity and Infrastructure Security Agency (CISA) and managed by the Homeland Security Systems Engineering and Development Institute (HSSEDI) which is operated by The MITRE Corporation (MITRE). As a charter member, Dr. Oberg will leverage his extensive knowledge in hardware security to help shape the future direction of CWE/CAPEC
Today’s complex systems, control, process, and secure information across a broad range of applications in the Automotive, Datacenter, Edge Computing, and Aerospace/Defense markets. Most of these systems use potentially vulnerable ASICs, SoCs or FPGAs. Ensuring these hardware devices do not introduce security vulnerabilities is paramount to the overall system’s security. Recently, MITRE has taken a leadership role in documenting common weaknesses associated with hardware security and has active participation from several industry leaders including Intel and Tortuga Logic.
“The past 12 months have been an exciting time for the CWE/CAPEC team, extending our focus past software to now include hardware,” said Chris Levendis, CWE/CAPEC project lead at MITRE. “This new Board will play a pivotal role for the future of both software security and now hardware security. CWE/CAPEC will rely on the Board, and Jason’s expertise, to chart a course through the industries ever-evolving security needs.”
“Hardware security is a relatively new phenomenon. Many organizations are looking for industry guidance to properly secure their designs,” said Jason Oberg, CEO of Tortuga Logic. “The recently released CWE 4.1 list provides design and security teams with much-needed guidance for designing, testing, and delivering secure hardware. I am proud to be part of this effort and look forward to helping provide the industry with the hardware security direction it desperately needs.”
In support of CWE’s efforts, Tortuga Logic has introduced new support for validation of Hardware CWEs in its Radix™ products. Radix now provides coverage for 83% of the currently listed Hardware CWEs. This new offering streamlines the detection of hardware weaknesses for pre-silicon hardware security verification. More information on this new offering can be found in the Measurable Hardware Security with CWEs white paper and the new Radix Coverage for Hardware Common Weakness Enumeration (CWE) Guide.