Description
The System-on-Chip (SoC) implements a Security Identifier mechanism to differentiate what actions are allowed or disallowed when a transaction originates from an entity. However, the Security Identifiers are not correctly implemented.
Modes of Introduction:
– Architecture and Design
Related Weaknesses
Consequences
Confidentiality, Integrity, Availability, Access Control: Modify Memory, Read Memory, DoS: Resource Consumption (Other), Execute Unauthorized Code or Commands, Gain Privileges or Assume Identity, Quality Degradation
Potential Mitigations
Phase: Architecture and Design
Description:
Security Identifier Decoders must be reviewed for design inconsistency and common weaknesses.
Phase: Implementation
Description:
Access and programming flows must be tested in pre-silicon and post-silicon testing.