This site has been deprecated in favor of https://attack.mitre.org and will remain in place until 11/1/22.
Human-Machine Interface
Description
In computer science and human-computer interaction, the Human-Machine Interface (HMI) refers to the graphical, textual and auditory information the program presents to the user (operator) using computer monitors and audio subsystems, and the control sequences (such as keystrokes with the computer keyboard, movements of the computer mouse, and selections with the touchscreen) the user employs to control the program. Currently the following types of HMI are the most common:
Graphical user interfaces(GUI) accept input via devices such as computer keyboard and mouse and provide articulated graphical output on the computer monitor.
Web-based user interfaces accept input and provide output by generating web pages which are transported via the network and viewed by the user using a web browser program. The operations user must be able to control the system and assess the state of the system. Each control system vendor provides a unique look-and-feel to their basic HMI applications. An older, not gender-neutral version of the term is man-machine interface (MMI).
The system may expose several user interfaces to serve different kinds of users. User interface screens may be optimized to provide the appropriate information and control interface to operations users, engineering users and management users.1
Levels
Notes
In many cases, these involve video screens or computer terminals, push buttons, auditory feedback, flashing lights, etc. The human-machine interface provides means of:2
- Input - allowing the users to control the machine
- Output - allowing the machine to inform the users
Techniques That Apply
- Command-Line Interface
- Commonly Used Port
- Data Destruction
- Data from Information Repositories
- Default Credentials
- Exploit Public-Facing Application
- Exploitation for Privilege Escalation
- Exploitation of Remote Services
- Graphical User Interface
- Indicator Removal on Host
- Internet Accessible Device
- Lateral Tool Transfer
- Loss of View
- Man in the Middle
- Manipulation of View
- Masquerading
- Modify Alarm Settings
- Modify Parameter
- Monitor Process State
- Native API
- Network Connection Enumeration
- Point & Tag Identification
- Project File Infection
- Remote Services
- Remote System Discovery
- Replication Through Removable Media
- Rogue Master
- Screen Capture
- Service Stop
- Spearphishing Attachment
- Standard Application Layer Protocol
- Supply Chain Compromise
- User Execution
- Valid Accounts
