1. Home
  2. CWE Database
  3. CWE-1331
Base · Medium

CWE-1331: Improper Isolation of Shared Resources in Network On Chip (NoC)

The Network On Chip (NoC) does not isolate or incorrectly isolates its on-chip-fabric and internal resources such that they are shared between trusted and untrusted agents, creating timing channels.

CWE-1331 · Base Level ·1 CVEs ·1 Mitigations

Description

The Network On Chip (NoC) does not isolate or incorrectly isolates its on-chip-fabric and internal resources such that they are shared between trusted and untrusted agents, creating timing channels.

Typically, network on chips (NoC) have many internal resources that are shared between packets from different trust domains. These resources include internal buffers, crossbars and switches, individual ports, and channels. The sharing of resources causes contention and introduces interference between differently trusted domains, which poses a security threat via a timing channel, allowing attackers to infer data that belongs to a trusted agent. This may also result in introducing network interference, resulting in degraded throughput and latency.

Potential Impact

Confidentiality, Availability

DoS: Resource Consumption (Other), Varies by Context, Other

Demonstrative Examples

Consider a NoC that implements a one-dimensional mesh network with four nodes. This supports two flows: Flow A from node 0 to node 3 (via node 1 and node 2) and Flow B from node 1 to node 2. Flows A and B share a common link between Node 1 and Node 2. Only one flow can use the link in each cycle.
One of the masters to this NoC implements a cryptographic algorithm (RSA), and another master to the NoC is a core that can be exercised by an attacker. The RSA algorithm performs a modulo multiplication of two large numbers and depends on each bit of the secret key. The algorithm examines each bit in the secret key and only performs multiplication if the bit is 1. This algorithm is known to be prone to timing attacks. Whenever RSA performs multiplication, there is additional network traffic to the memory controller. One of the reasons for this is cache conflicts.
Since this is a one-dimensional mesh, only one flow can use the link in each cycle. Also, packets from the attack program and the RSA program share the output port of the network-on-chip. This contention results in network interference, and the throughput and latency of one flow can be affected by the other flow's demand.
Attack
The attacker runs a loop program on the core they control, and this causes a cache miss in every iteration for the RSA algorithm. Thus, by observing network-traffic bandwidth and timing, the attack program can determine when the RSA algorithm is doing a multiply operation (i.e., when the secret key bit is 1) and eventually extract the entire, secret key.
There may be different ways to fix this particular weakness.
Good
Implement priority-based arbitration inside the NoC and have dedicated buffers or virtual channels for routing secret data from trusted agents.

Mitigations & Prevention

Architecture and DesignImplementation

Implement priority-based arbitration inside the NoC and have dedicated buffers or virtual channels for routing secret data from trusted agents.

Detection Methods

  • Manual Analysis Moderate — Providing marker flags to send through the interfaces coupled with examination of which users are able to read or manipulate the flags will help verify that the proper isolation has been achieved and is effective.

Real-World CVE Examples

CVE IDDescription
CVE-2021-33096Improper isolation of shared resource in a network-on-chip leads to denial of service

CWE-653: Improper Isolation or Compartmentalization

The product does not properly compartmentalize or isolate functionality, processes, or resources that require different ...

CWE-668: Exposure of Resource to Wrong Sphere

The product exposes a resource to the wrong control sphere, providing unintended actors with inappropriate access to the...

CWE-1189: Improper Isolation of Shared Resources on System-on-a-Chip (SoC)

The System-On-a-Chip (SoC) does not properly isolate shared resources between trusted and untrusted agents.

Frequently Asked Questions

What is CWE-1331?

CWE-1331 (Improper Isolation of Shared Resources in Network On Chip (NoC)) is a software weakness identified by MITRE's Common Weakness Enumeration. It is classified as a Base-level weakness. The Network On Chip (NoC) does not isolate or incorrectly isolates its on-chip-fabric and internal resources such that they are shared between trusted and untrusted agents, creating timing channels.

How can CWE-1331 be exploited?

Attackers can exploit CWE-1331 (Improper Isolation of Shared Resources in Network On Chip (NoC)) to dos: resource consumption (other), varies by context, other. This weakness is typically introduced during the Architecture and Design, Implementation phase of software development.

How do I prevent CWE-1331?

Key mitigations include: Implement priority-based arbitration inside the NoC and have dedicated buffers or virtual channels for routing secret data from trusted agents.

What is the severity of CWE-1331?

CWE-1331 is classified as a Base-level weakness (Medium abstraction). It has been observed in 1 real-world CVEs.