CWE-1189: Improper Isolation of Shared Resources on System-on-a-Chip (SoC)
查看自定义信息:
The System-On-a-Chip (SoC) does not properly isolate shared resources between trusted and untrusted agents.
A System-On-a-Chip (SoC) has a lot of functionality, but it may have a limited number of pins or pads. A pin can only perform one function at a time. However, it can be configured to perform multiple different functions. This technique is called pin multiplexing. Similarly, several resources on the chip may be shared to multiplex and support different features or functions. When such resources are shared between trusted and untrusted agents, untrusted agents may be able to access the assets intended to be accessed only by the trusted agents. ![]() ![]()
![]() ![]()
![]()
![]() Languages 班级:不是特定语言的(不确定的患病率) 技术 班级: System on Chip(不确定的患病率) ![]()
示例1 Consider the following SoC design. The Hardware Root of Trust (HRoT) local SRAM is memory mapped in the core{0-N} address space. The HRoT allows or disallows access to private memory ranges, thus allowing the sram to function as a mailbox for communication between untrusted and trusted HRoT partitions. We assume that the threat is from malicious software in the untrusted domain. We assume this software has access to the core{0-N} memory map and can be running at any privilege level on the untrusted cores. The capability of this threat in this example is communication to and from the mailbox region of SRAM modulated by the hrot_iface. To address this threat, information must not enter or exit the shared region of SRAM through hrot_iface when in secure or privileged mode.
![]()
提供更多信息 - 请选择其他过滤器。
|
使用共同弱点枚举(CWE)和本网站的相关参考Terms of Use。CWE由美国国土安全部(DHS)网络安全和基础设施安全局(CISA) and managed by the国土安全系统工程和开发研究所(HSSEDI)由manbetx客户端首页(MITER)。版权所有©2006–2023,Miter Comanbetx客户端首页rporation。CWE,CWSS,CWRAF和CWE徽标是Miter Corporation的商标。manbetx客户端首页 |