QIF-T0052

high

ERP harvesting

Tier 3 — Demonstrated (Lab-proven)

Legacy status: DEMONSTRATED

Extract event-related potentials (P300, N170, N400) that reveal cognitive states, recognition, and decision-making processes. BCI apps can embed covert stimulus-response protocols.

Technique Details

Tactic: QIF-D.HV
Status: DEMONSTRATED
Bands: N6, N7

✚ Therapeutic Application

Harvesting event-related potentials (ERPs) to extract cognitive responses to specific stimuli

Clinical Analog

ERP-based clinical diagnostics

Treats

ADHD (P300 amplitude)
Alzheimer's (MMN latency)
schizophrenia (P50 gating)
concussion assessment

Neural Impact

2 of 7 neural bands affected

N6 N7

Drag to rotate. Click a region to learn more.

Click or hover over a glowing region to see the attack techniques targeting it and their severity.

DSM-5-TR Diagnostic Mappings

Diagnostic category references for threat modeling, not diagnostic claims.

F32 Major Depressive Disorder F41.1 Generalized Anxiety Disorder F43.10 PTSD F44 Dissociative Disorders F20 Schizophrenia Spectrum F90 ADHD F42 OCD F30 Manic episode F50 Eating Disorders F10 Alcohol-related disorders (F10) F60 Personality Disorders F45 Somatoform disorders F63 Impulse-Control Disorders F01 Vascular dementia F43 PTSD / Trauma F80 Communication Disorders F98.4 Stereotyped movement disorders

Pathway: N7 (PFC/M1) → executive function; N6 (hippocampus/amygdala) → emotion regulation

Following Poldrack (2006), brain region disruption does not uniquely predict psychiatric outcomes.

Scoring

NISS v1.1 NISS:1.1/BI:N/CR:H/CD:H/CV:E/RV:F/NP:N

CVSS v4.0 CVSS:4.0/AV:A/AC:L/AT:P/PR:L/UI:N/VC:H/VI:N/VA:N/SC:H/SI:N/SA:N

2.7Low

Governance

Neurorights at Risk

This technique threatens 5 of the 4 proposed neurorights (Ienca & Andorno, 2017).

MP Mental Privacy CL Cognitive Liberty MI Mental Integrity PC Psychological Continuity DI DI

Consent Complexity

1.20 / 4.0

FDORA §3305 Compliance

Cyber Device

Regulatory Coverage

0.4 / 1.0

524B Requirements

TM VA PM

Regulatory Gaps

! CVSS cannot express neural-specific impacts

Population Vulnerability

CRB vulnerability adjustment (γ=0.30) accounts for age, diagnosis severity, consent capacity, and device dependency.

Population	NISS Base	Adjusted	Severity	Delta
Adult (Default)	2.7	2.7	Low	-
Child (10yr) + ADHD	2.7	3.2	Low	+0.48
Adult with ALS	2.7	3.1	Low	+0.44

Validation Status

Theoretical / Not yet validated. This technique has not been independently tested. See the validation dashboard for what has been tested.

Qinnovate Neural Security Atlas Edit this on GitHub