diff --git a/include/trusted-firmware-a.mk b/include/trusted-firmware-a.mk
index ec3e4f4e6b56f9b55110bf1eefb8413e01ae3a78..9f38cfd6646775687a41a845a0c8ddaf1355415c 100644
--- a/include/trusted-firmware-a.mk
+++ b/include/trusted-firmware-a.mk
@@ -1,4 +1,5 @@
 PKG_NAME ?= trusted-firmware-a
+PKG_CPE_ID ?= cpe:/a:arm:arm_trusted_firmware
 
 ifndef PKG_SOURCE_PROTO
 PKG_SOURCE = trusted-firmware-a-$(PKG_VERSION).tar.gz