CWE - CWE-1189: Improper Isolation of Shared Resources on System-on-a-Chip (SoC) (4.10)

弱点ID：1189

抽象：根据
Structure:Simple

查看自定义信息：

描述

The System-On-a-Chip (SoC) does not properly isolate shared resources between trusted and untrusted agents.

扩展描述

A System-On-a-Chip (SoC) has a lot of functionality, but it may have a limited number of pins or pads. A pin can only perform one function at a time. However, it can be configured to perform multiple different functions. This technique is called pin multiplexing. Similarly, several resources on the chip may be shared to multiplex and support different features or functions. When such resources are shared between trusted and untrusted agents, untrusted agents may be able to access the assets intended to be accessed only by the trusted agents.

关系

该表显示了与该弱点相关的弱点和高级类别。这些关系定义为childof，parentof，ementof，并深入了解可能存在于较高和较低抽象水平的类似项目。此外，定义了诸如Peerof和Canalsobe之类的关系，以显示用户可能想要探索的类似弱点。

与观点“研究概念”相关（CWE-1000）

Nature	类型	ID	Name
ChildOf	班级- a weakness that is described in a very abstract fashion, typically independent of any specific language or technology. More specific than a Pillar Weakness, but more general than a Base Weakness. Class level weaknesses typically describe issues in terms of 1 or 2 of the following dimensions: behavior, property, and resource.	668	Exposure of Resource to Wrong Sphere
ChildOf	基础 - 仍然主要独立于资源或技术的弱点，但有足够的细节来提供特定的检测和预防方法。基本水平的弱点通常用以下维度的2或3来描述问题：行为，财产，技术，语言和资源。	653	不当隔离或分隔
父母	基础 - 仍然主要独立于资源或技术的弱点，但有足够的细节来提供特定的检测和预防方法。基本水平的弱点通常用以下维度的2或3来描述问题：行为，财产，技术，语言和资源。	1303	微构造资源的非透明共享
peerof	基础 - 仍然主要独立于资源或技术的弱点，但有足够的细节来提供特定的检测和预防方法。基本水平的弱点通常用以下维度的2或3来描述问题：行为，财产，技术，语言和资源。	1331	芯片网络中共享资源的不当隔离（NOC）

与视图“硬件设计”相关（CWE-1194）

Nature	类型	ID	Name
成员	类别 - 包含共享共同特征的其他条目的CWE条目。	1198	Privilege Separation and Access Control Issues
peerof	基础 - 仍然主要独立于资源或技术的弱点，但有足够的细节来提供特定的检测和预防方法。基本水平的弱点通常用以下维度的2或3来描述问题：行为，财产，技术，语言和资源。	1331	芯片网络中共享资源的不当隔离（NOC）

Modes Of Introduction

The different Modes of Introduction provide information about how and when this weakness may be introduced. The Phase identifies a point in the life cycle at which introduction may occur, while the Note provides a typical scenario related to introduction during the given phase.

阶段	Note
建筑和设计
执行

适用的平台

This listing shows possible areas for which the given weakness could appear. These may be for specific named Languages, Operating Systems, Architectures, Paradigms, Technologies, or a class of such platforms. The platform is listed along with how frequently the given weakness appears for that instance.

Languages

班级：不是特定语言的（不确定的患病率）

技术

班级: System on Chip（不确定的患病率）

Common Consequences

This table specifies different individual consequences associated with the weakness. The Scope identifies the application security area that is violated, while the Impact describes the negative technical impact that arises if an adversary succeeds in exploiting this weakness. The Likelihood provides information about how likely the specific consequence is expected to be seen relative to the other consequences in the list. For example, there may be high likelihood that a weakness will be exploited to achieve a certain impact, but a low likelihood that it will be exploited to achieve a different impact.

范围	影响	Likelihood
访问控制	Technical Impact:Bypass Protection Mechanism 如果受信任用户使用的资源与不信任的用户共享，则不受信任的用户可能能够修改受信任用户共享资源的功能。
Integrity	Technical Impact:Quality Degradation 共享资源的功能可能会有意降级。

示例的例子

示例1

Consider the following SoC design. The Hardware Root of Trust (HRoT) local SRAM is memory mapped in the core{0-N} address space. The HRoT allows or disallows access to private memory ranges, thus allowing the sram to function as a mailbox for communication between untrusted and trusted HRoT partitions.

We assume that the threat is from malicious software in the untrusted domain. We assume this software has access to the core{0-N} memory map and can be running at any privilege level on the untrusted cores. The capability of this threat in this example is communication to and from the mailbox region of SRAM modulated by the hrot_iface. To address this threat, information must not enter or exit the shared region of SRAM through hrot_iface when in secure or privileged mode.

Observed Examples

参考	描述
CVE-2019-6260	底板管理控制器（BMC）设备实现了不需要身份验证的高级高性能总线（AHB）桥梁，以进行任意读取和写入对主机的BMC物理地址空间的访问，甚至可能是网络[Ref-1138]。

潜在的缓解

阶段：建筑和设计

Strategy: Separation of Privilege

共享资源时，请避免混合不同信任水平的代理。

不受信任的代理商不应与可信赖的代理人共享资源。

Weakness Ordinalities

Ordinality	描述
基本的	（弱点独立于其他弱点的地方）

检测方法

自动化动态分析

Pre-silicon / post-silicon: Test access to shared systems resources (memory ranges, control registers, etc.) from untrusted software to verify that the assets are not incorrectly exposed to untrusted agents. Note that access to shared resources can be dynamically allowed or revoked based on system flows. Security testing should cover such dynamic shared resource allocation and access control modification flows.

有效性：高

会员资格

此成员关系表显示了其他CWE类别和视图，将此弱点称为成员。该信息通常可用于理解弱点适合外部信息源的何处。

Nature	类型	ID	Name
成员	看法- a subset of CWE entries that provides a way of examining CWE content. The two main view structures are Slices (flat lists) and Graphs (containing relationships between entries).	1343	2021 CWE中最重要的硬件弱点列表中的弱点

Related Attack Patterns

CAPEC-ID	攻击模式名称
CAPEC-124	共享资源操纵

参考s

[REF-1036] Ali Abbasi and Majid Hashemi. "Ghost in the PLC Designing an Undetectable Programmable Logic Controller Rootkit via Pin Control Attack". 2016. <https://www.blackhat.com/docs/eu-16/materials/eu-16-abbasi-ghost-ghost-in-the-plc-designing-an-undetectable-programboblemable-logic-logic-controller-rootloller-rootkit-rootkit-wp.pdf>。

[Ref-1138] Stewart Smith。“ CVE-2019-6260：从主机处理器中获得BMC的控制”。2019年。<https://www.flamingspork.com/blog/2019/01/23/cve-2019-6260：GAINNE-control-control-of-bmc-bmc-from-the-host-processor/>。

Content History

提交
提交日期	提交者	组织
2019-10-15	Arun Kanuparthi，Hareesh Khattri，Parbati Kumar Manna，Narasimha Kumar v Mangipudi	Intel Corporation
2019-10-15
Contributions
贡献日期	贡献者	组织
2021-07-16		Tortuga逻辑
2021-07-16	Provided Demonstrative Example for Hardware Root of Trust
2021-10-22	Hareesh Khattri	Intel Corporation
2021-10-22	提供了观察到的例子
2022-04-18	Hareesh Khattri	Intel Corporation
2022-04-18	changed detection method
Modifications
Modification Date	修饰符	组织
2020-08-20	CWE内容团队	MITRE
2020-08-20	更新的common_cconsquences，描述，名称，势_METIGITATION，RELSSED_ATTACK_PATTERNS，关系
2020-12-10	CWE内容团队	MITRE
2020-12-10	更新的关系
2021-07-20	CWE内容团队	MITRE
2021-07-20	更新了示范_examples
2021-10-28	CWE内容团队	MITRE
2021-10-28	更新的描述，观察到的示例，参考，关系，弱点_ordinalities
2022-10-13	CWE内容团队	MITRE
2022-10-13	更新的distion_factor
先前的输入名称
改变日期	Previous Entry Name
2020-08-20	Improper Isolation of Shared Resources on System-on-Chip (SoC)


	站点地图\|Terms of Use\|隐私政策\|Contact Us\| 使用共同弱点枚举（CWE）和本网站的相关参考Terms of Use。CWE由美国国土安全部（DHS）网络安全和基础设施安全局(CISA) and managed by the国土安全系统工程和开发研究所（HSSEDI）由manbetx客户端首页（MITER）。版权所有©2006–2023，Miter Comanbetx客户端首页rporation。CWE，CWSS，CWRAF和CWE徽标是Miter Corporation的商标。manbetx客户端首页

普遍的弱点

CWE-1189: Improper Isolation of Shared Resources on System-on-a-Chip (SoC)