Threat Category: Supply Chain
ID: SPC-7
Threat Description: An adversary with access to production component supplier shipping channels during transfer of system components can substitute a maliciously altered hardware component for a tested and approved component.1
Threat Origin
Supply Chain Attack Framework and Attack Patterns 1
Exploit Examples
Not Applicable
CVE Examples
Not Applicable
Possible Countermeasures
Test systems that contain newly integrated or updated components to detect incorrect function or anomalous behavior prior to production use
References