1. Home
  2. CWE Database
  3. CWE-1261
Base · Medium

CWE-1261: Improper Handling of Single Event Upsets

The hardware logic does not effectively handle when single-event upsets (SEUs) occur.

CWE-1261 · Base Level ·2 Mitigations

Description

The hardware logic does not effectively handle when single-event upsets (SEUs) occur.

Technology trends such as CMOS-transistor down-sizing, use of new materials, and system-on-chip architectures continue to increase the sensitivity of systems to soft errors. These errors are random, and their causes might be internal (e.g., interconnect coupling) or external (e.g., cosmic radiation). These soft errors are not permanent in nature and cause temporary bit flips known as single-event upsets (SEUs). SEUs are induced errors in circuits caused when charged particles lose energy by ionizing the medium through which they pass, leaving behind a wake of electron-hole pairs that cause temporary failures. If these failures occur in security-sensitive modules in a chip, it might compromise the security guarantees of the chip. For instance, these temporary failures could be bit flips that change the privilege of a regular user to root.

Potential Impact

Availability, Access Control

DoS: Crash, Exit, or Restart, DoS: Instability, Gain Privileges or Assume Identity, Bypass Protection Mechanism

Demonstrative Examples

This is an example from [REF-1089]. See the reference for full details of this issue.
Parity is error detecting but not error correcting.
Bad
Due to single-event upsets, bits are flipped in memories.  As a result, memory-parity checks fail, which results in restart and a temporary denial of service of two to three minutes.
Good
Using error-correcting codes could have avoided the restart caused by SEUs.

Mitigations & Prevention

Architecture and Design

Implement triple-modular redundancy around security-sensitive modules.

Architecture and Design

SEUs mostly affect SRAMs. For SRAMs storing security-critical data, implement Error-Correcting-Codes (ECC) and Address Interleaving.

CWE-1384: Improper Handling of Physical or Environmental Conditions

The product does not properly handle unexpected physical or environmental conditions that occur naturally or are artific...

CWE-1254: Incorrect Comparison Logic Granularity

The product's comparison logic is performed over a series of steps rather than across the entire string in one operation...

Frequently Asked Questions

What is CWE-1261?

CWE-1261 (Improper Handling of Single Event Upsets) is a software weakness identified by MITRE's Common Weakness Enumeration. It is classified as a Base-level weakness. The hardware logic does not effectively handle when single-event upsets (SEUs) occur.

How can CWE-1261 be exploited?

Attackers can exploit CWE-1261 (Improper Handling of Single Event Upsets) to dos: crash, exit, or restart, dos: instability, gain privileges or assume identity, bypass protection mechanism. This weakness is typically introduced during the Architecture and Design, Implementation phase of software development.

How do I prevent CWE-1261?

Key mitigations include: Implement triple-modular redundancy around security-sensitive modules.

What is the severity of CWE-1261?

CWE-1261 is classified as a Base-level weakness (Medium abstraction). Its actual severity depends on the specific context and how the weakness manifests in your application.