CWE-1334
Unauthorized Error Injection Can Degrade Hardware Redundancy
AI Translation Available
An unauthorized agent can inject errors into a redundant block to deprive the system of redundancy or put the system in a degraded operating mode.
Status
draft
Abstraction
base
Affected Platforms
Extended Description
AI Translation
To ensure the performance and functional reliability of certain components, hardware designers can implement hardware blocks for redundancy in the case that others fail. This redundant block can be prevented from performing as intended if the design allows unauthorized agents to inject errors into it. In this way, a path with injected errors may become unavailable to serve as a redundant channel. This may put the system into a degraded mode of operation which could be exploited by a subsequent attack.
Technical Details
AI Translation
Common Consequences
integrity
availability
Impacts
dos: crash, exit, or restart
dos: instability
quality degradation
dos: resource consumption (cpu)
dos: resource consumption (memory)
dos: resource consumption (other)
reduce performance
reduce reliability
unexpected state
Potential Mitigations
Phases:
architecture and design
implementation
integration
Descriptions:
•
Ensure the design does not allow error injection in modes intended for normal run-time operation. Provide access controls on interfaces for injecting errors.
•
Add an access control layer atop any unprotected interfaces for injecting errors.
•
Disallow error injection in modes which are expected to be used for normal run-time operation. Provide access controls on interfaces for injecting errors.