| Recurring |
one_organization, multiple_organization |
(a) The software failure incident related to the EngineerMode tool being a potential security vulnerability has happened again within the same organization, OnePlus. The tool was found on multiple OnePlus phone models, including OnePlus 3, OnePlus 5, OnePlus 3T, and OnePlus 5T [65170, 65136]. OnePlus acknowledged the issue and stated that they would remove the adb root function from EngineerMode in an upcoming software update to address the security concern [65136].
(b) The incident involving the EngineerMode tool potentially granting hackers full access to devices is not specific to OnePlus only. The tool is a customized version of a Qualcomm app that contains the backdoor, protected with a hard-coded password [65136]. This indicates that similar incidents could potentially occur with other devices using Qualcomm chips or similar testing tools. |
| Phase (Design/Operation) |
design, operation |
(a) The software failure incident related to the design phase can be seen in the articles [65170, 65136]. The incident involved a factory testing app called "Engineer Mode" being pre-loaded on OnePlus phones, acting as a backdoor that potentially granted hackers full access to the devices. This app was not immediately accessible from the user interface but could be accessed with some software probing, allowing attackers to gain root access to the devices. The presence of this app in the final release was a design oversight, as such apps are typically disabled or removed before devices are shipped to consumers to prevent abuse of privileges.
(b) The software failure incident related to the operation phase can also be observed in the same articles [65170, 65136]. The operation failure occurred as users who had physical access to the OnePlus devices could exploit the Engineer Mode tool to gain unrestricted privileges on the phones. While OnePlus stated that full root access would still require physical access to the device, the fact that the tool existed on the devices and could be accessed meant that there was a security lapse in the operation of the devices. |
| Boundary (Internal/External) |
within_system |
(a) The software failure incident related to the OnePlus phones and the EngineerMode tool can be categorized as within_system. The incident was caused by a backdoor tool called EngineerMode that was left on the devices by OnePlus, granting unauthorized access to files and software [65170, 65136]. The tool was not immediately accessible from the user interface but could be accessed with some software probing, potentially giving hackers root access to the devices [65136]. OnePlus acknowledged the issue and stated that they would remove the adb root function from EngineerMode in an upcoming software update [65136]. |
| Nature (Human/Non-human) |
non-human_actions, human_actions |
(a) The software failure incident in this case was primarily due to non-human actions. The incident involved a backdoor tool called EngineerMode that was left on OnePlus phones, granting virtually unlimited access to files and software. This tool was discovered by security researchers and was found to be a customized version of a Qualcomm app containing a backdoor protected with a hard-coded password [65170, 65136].
(b) However, human actions also played a role in this software failure incident. The decision to keep the EngineerMode app on the devices, despite it being a potential security risk, was a choice made by the company to avoid additional operations in the factory. This practice of keeping such tools for convenience is known as "security by obscurity," which is a common practice in the industry [65136]. |
| Dimension (Hardware/Software) |
hardware, software |
(a) The software failure incident occurring due to hardware:
- The incident involving the EngineerMode backdoor on OnePlus phones was due to a testing tool left on the devices, which granted hackers virtually unlimited access to files and software [Article 65170].
- The EngineerMode software, which acted as a backdoor, was found on multiple OnePlus phone models, indicating a hardware-related issue in the devices themselves [Article 65136].
(b) The software failure incident occurring due to software:
- The presence of the EngineerMode software, which granted unauthorized access to the devices, was a software-related issue that allowed for the exploitation of the backdoor [Article 65170].
- The EngineerMode app, which was pre-loaded on OnePlus phones, was a software flaw that could potentially grant hackers full access to the devices, indicating a software-related vulnerability [Article 65136]. |
| Objective (Malicious/Non-malicious) |
malicious |
(a) The software failure incident described in the articles is malicious in nature. Hackers were able to exploit a backdoor tool called EngineerMode that was left on OnePlus phones, granting them virtually unlimited access to files and software on the devices [65170, 65136]. The tool allowed unauthorized users to escalate their privileges to gain full "root" access to the phones, which could potentially lead to serious security breaches and harm to the system. The incident involved intentional actions by external actors to exploit the vulnerability for malicious purposes. |
| Intent (Poor/Accidental Decisions) |
poor_decisions |
(a) The intent of the software failure incident was poor_decisions. The incident involving the EngineerMode tool on OnePlus phones was due to poor decisions made by the company. The tool, which acted as a backdoor granting unauthorized access to files and software, was left on the devices by OnePlus. Despite being a diagnostic tool meant for factory testing and after-sales support, the tool had the potential to provide unrestricted privileges to hackers if they had physical access to the device. OnePlus initially downplayed the severity of the issue but later decided to modify EngineerMode to address the security concerns raised by researchers and users [65170, 65136]. |
| Capability (Incompetence/Accidental) |
development_incompetence, accidental |
(a) The software failure incident in the articles can be attributed to development incompetence. The incident involved a factory testing app called "Engineer Mode" being left on OnePlus phones, potentially granting hackers full access to the devices. The app was not properly secured and could be accessed with some simple commands, giving attackers root access to the devices [65170, 65136].
(b) Additionally, the incident can also be categorized as accidental, as the presence of the backdoor app "Engineer Mode" on OnePlus phones was not intentional but rather a result of oversight during the development and testing process. The app, which was meant for factory testing, was not removed or disabled before the devices were shipped to consumers, leading to the security vulnerability [65170, 65136]. |
| Duration |
permanent |
(a) The software failure incident in the articles seems to be permanent as it was caused by a backdoor tool called EngineerMode that was pre-loaded on OnePlus phones, potentially granting hackers full access to the devices [65170, 65136]. The tool was not immediately accessible from the user interface but could be accessed with some software probing, allowing attackers to gain root access to the devices. This backdoor tool was present on almost all OnePlus phone models except the original OnePlus One, indicating a widespread issue affecting millions of smartphones [65136]. The incident was considered a major security lapse and a significant oversight in OnePlus's security screening and device vetting processes [65136]. |
| Behaviour |
value, other |
(a) crash: The software failure incident reported in the articles does not involve a crash where the system loses state and does not perform any of its intended functions. Instead, the incident involves a backdoor access tool called EngineerMode that grants unauthorized access to files and software on OnePlus phones [65170, 65136].
(b) omission: The incident does not involve a failure due to the system omitting to perform its intended functions at an instance(s). Instead, the issue lies in the presence of a factory testing app called EngineerMode that acts as a backdoor, potentially granting hackers full access to the device [65170, 65136].
(c) timing: The failure is not related to the system performing its intended functions too late or too early. The issue with EngineerMode on OnePlus phones is more about unauthorized access and security vulnerabilities rather than timing-related failures [65170, 65136].
(d) value: The software failure incident does involve a failure due to the system performing its intended functions incorrectly. The EngineerMode tool on OnePlus phones allows for unauthorized access and escalation of privileges, which is not the intended function of a factory testing app [65170, 65136].
(e) byzantine: The incident does not involve the system behaving erroneously with inconsistent responses and interactions, which would fall under the category of a byzantine failure. The issue with EngineerMode on OnePlus phones is more about unauthorized access and security vulnerabilities [65170, 65136].
(f) other: The behavior of the software failure incident can be categorized as a security vulnerability due to the presence of a backdoor access tool (EngineerMode) on OnePlus phones, which allows for unauthorized access to files and software. This unauthorized access poses a risk to user data and device security [65170, 65136]. |