1. Home
  2. CWE Database
  3. CWE-1192
Base · Medium

CWE-1192: Improper Identifier for IP Block used in System-On-Chip (SOC)

The System-on-Chip (SoC) does not have unique, immutable identifiers for each of its components.

CWE-1192 · Base Level ·1 Mitigations

Description

The System-on-Chip (SoC) does not have unique, immutable identifiers for each of its components.

A System-on-Chip (SoC) comprises several components (IP) with varied trust requirements. It is required that each IP is identified uniquely and should distinguish itself from other entities in the SoC without any ambiguity. The unique secured identity is required for various purposes. Most of the time the identity is used to route a transaction or perform certain actions, including resetting, retrieving a sensitive information, and acting upon or on behalf of something else. There are several variants of this weakness:

Potential Impact

Access Control

Bypass Protection Mechanism

Mitigations & Prevention

Architecture and Design

Every identity generated in the SoC should be unique and immutable in hardware. The actions that an IP is trusted or not trusted should be clearly defined, implemented, configured, and tested. If the definition is implemented via a policy, then the policy should be immutable or protected with clear authentication and authorization.

CWE-657: Violation of Secure Design Principles

The product violates well-established principles for secure design.

Frequently Asked Questions

What is CWE-1192?

CWE-1192 (Improper Identifier for IP Block used in System-On-Chip (SOC)) is a software weakness identified by MITRE's Common Weakness Enumeration. It is classified as a Base-level weakness. The System-on-Chip (SoC) does not have unique, immutable identifiers for each of its components.

How can CWE-1192 be exploited?

Attackers can exploit CWE-1192 (Improper Identifier for IP Block used in System-On-Chip (SOC)) to bypass protection mechanism. This weakness is typically introduced during the Architecture and Design, Implementation, Operation phase of software development.

How do I prevent CWE-1192?

Key mitigations include: Every identity generated in the SoC should be unique and immutable in hardware. The actions that an IP is trusted or not trusted should be clearly defined, impl

What is the severity of CWE-1192?

CWE-1192 is classified as a Base-level weakness (Medium abstraction). Its actual severity depends on the specific context and how the weakness manifests in your application.