CWE-1192
Improper Identifier for IP Block used in System-On-Chip (SOC)
Description
The System-on-Chip (SoC) does not have unique, immutable identifiers for each of its components.
{"xhtml:p":["A System-on-Chip (SoC) comprises several components (IP) with varied\n trust requirements. It is required that each IP is identified\n uniquely and should distinguish itself from other entities in\n the SoC without any ambiguity. The unique secured identity is\n required for various purposes. Most of the time the identity is used\n to route a transaction or perform certain actions, including \n resetting, retrieving a sensitive information, and acting upon or on\n behalf of something else.","There are several variants of this weakness:"],"xhtml:ul":[{"xhtml:li":["A \"missing\" identifier is when the SoC does not define\n\t any mechanism to uniquely identify the IP.","An \"insufficient\" identifier might provide\n\t some defenses - for example, against the most common\n\t attacks - but it does not protect against everything\n\t that is intended.","A \"misconfigured\" mechanism occurs when a mechanism\n is available but not implemented correctly.","An \"ignored\" identifier occurs when the SoC/IP has not applied\n\t any policies or does not act upon the identifier securely."]}]}
Parent Weaknesses (ChildOf)
Common Consequences
Scope
Impact
Bypass Protection Mechanism
Potential Mitigations
Every identity generated in the SoC should be unique and immutable in hardware. The actions that an IP is trusted or not trusted should be clearly defined, implemented, configured, and tested. If the definition is implemented via a policy, then the policy should be immutable or protected with clear authentication and authorization.
Applicable Platforms
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now