QIF-T0059

medium

Pattern lock (learned pathway persistence)

Tier 5 — Theoretical (Modeled / Simulated)

Legacy status: THEORETICAL

Embed recurring attack patterns that survive system resets by exploiting learned neural pathways or stored calibration data. Leverages neuroplasticity -- brain adapts to malicious patterns, making them harder to remove.

Technique Details

Tactic: QIF-C.IM
Status: THEORETICAL
Bands: S1, S2, N7

✚ Therapeutic Application

Exploitation of learned neural pathway persistence to maintain BCI-mediated influence across sessions

Clinical Analog

Motor learning and neural rehabilitation (learned pathway strengthening)

Treats

stroke motor rehabilitation
speech therapy
BCI skill acquisition

Neural Impact

3 of 7 neural bands affected

S1 S2 N7

Drag to rotate. Click a region to learn more.

Click or hover over a glowing region to see the attack techniques targeting it and their severity.

DSM-5-TR Diagnostic Mappings

Diagnostic category references for threat modeling, not diagnostic claims.

F20 Schizophrenia Spectrum F32 Major Depressive Disorder F90 ADHD F42 OCD F30 Manic episode F43 PTSD / Trauma F80 Communication Disorders F60 Personality Disorders F63 Impulse-Control Disorders F01 Vascular dementia F98.4 Stereotyped movement disorders

Pathway: N7 (PFC/M1) → executive function

Following Poldrack (2006), brain region disruption does not uniquely predict psychiatric outcomes.

Scoring

NISS v1.1 NISS:1.1/BI:L/CR:H/CD:H/CV:I/RV:P/NP:S

CVSS v4.0 CVSS:4.0/AV:A/AC:H/AT:P/PR:L/UI:N/VC:L/VI:H/VA:L/SC:N/SI:H/SA:L

7.4High

Governance

Neurorights at Risk

This technique threatens 4 of the 4 proposed neurorights (Ienca & Andorno, 2017).

MP Mental Privacy CL Cognitive Liberty MI Mental Integrity PC Psychological Continuity

Consent Complexity

0.80 / 4.0

FDORA §3305 Compliance

Non-Cyber Device (missing: software)

Regulatory Coverage

0.5 / 1.0

524B Requirements

TM VA SA PM

Regulatory Gaps

! CVSS cannot express neural-specific impacts
! High neural impact (NISS >= 7.0) without IEC 62443 coverage
! Consent complexity under-matches neural impact (CCI/NISS mismatch)
! Threat not yet in regulatory threat catalogs

Population Vulnerability

CRB vulnerability adjustment (γ=0.30) accounts for age, diagnosis severity, consent capacity, and device dependency.

Population	NISS Base	Adjusted	Severity	Delta
Adult (Default)	7.4	7.4	High	-
Child (10yr) + ADHD	7.4	8.7	High	+1.30
Adult with ALS	7.4	8.6	High	+1.19

Validation Status

Theoretical / Not yet validated. This technique has not been independently tested. See the validation dashboard for what has been tested.

Qinnovate Neural Security Atlas Edit this on GitHub