CWE-1331: Improper Isolation of Shared Resources in Network On Chip (NoC)
Typically, network on chips (NoC) have many internal resources that are shared between packets from different trust domains. These resources include internal buffers, crossbars and switches, individual ports, and channels. The sharing of resources causes contention and introduces interference between differently trusted domains, which poses a security threat via a timing channel, allowing attackers to infer data that belongs to a trusted agent. This may also result in introducing network interference, resulting in degraded throughput and latency.
Modes of Introduction
| Phase | Note |
|---|---|
| Architecture and Design | |
| Implementation |
Applicable Platforms
| Type | Class | Name | Prevalence |
|---|---|---|---|
| Language | Not Language-Specific | ||
| Operating_system | Not OS-Specific | ||
| Architecture | Not Architecture-Specific | ||
| Technology | Security Hardware | ||
| Technology | Not Technology-Specific |
Relationships
| View | Weakness | |||||||
|---|---|---|---|---|---|---|---|---|
| # ID | View | Status | # ID | Name | Abstraction | Structure | Status | |
| CWE-1000 | Research Concepts | Draft | CWE-653 | Improper Isolation or Compartmentalization | Class | Simple | Draft | |
| CWE-1000 | Research Concepts | Draft | CWE-668 | Exposure of Resource to Wrong Sphere | Class | Simple | Draft | |
| CWE-1194 | Hardware Design | Draft | CWE-1189 | Improper Isolation of Shared Resources on System-on-a-Chip (SoC) | Base | Simple | Stable | |
Common Attack Pattern Enumeration and Classification (CAPEC)
The Common Attack Pattern Enumeration and Classification (CAPECâ„¢) effort provides a publicly available catalog of common attack patterns that helps users understand how adversaries exploit weaknesses in applications and other cyber-enabled capabilities.
CAPEC at Mitre.org