Semiconductor Defects in Hardware Logic with Security-Sensitive Implications

The security-sensitive hardware module contains semiconductor defects.


Description

A semiconductor device can fail for various reasons. While some are manufacturing and packaging defects, the rest are due to prolonged use or usage under extreme conditions. Some mechanisms that lead to semiconductor defects include encapsulation failure, die-attach failure, wire-bond failure, bulk-silicon defects, oxide-layer faults, aluminum-metal faults (including electromigration, corrosion of aluminum, etc.), and thermal/electrical stress. These defects manifest as faults on chip-internal signals or registers, have the effect of inputs, outputs, or intermediate signals being always 0 or always 1, and do not switch as expected. If such faults occur in security-sensitive hardware modules, the security objectives of the hardware module may be compromised.

Demonstrations

The following examples help to illustrate the nature of this weakness and describe methods or techniques which can be used to mitigate the risk.

Note that the examples here are by no means exhaustive and any given weakness may have many subtle varieties, each of which may require different detection methods or runtime controls.

Example One

The network-on-chip implements a firewall for access control to peripherals from all IP cores capable of mastering transactions.

A manufacturing defect in this logic manifests itself as a logical fault, which always sets the output of the filter to "allow" access.

Post-manufacture testing must be performed to ensure that hardware logic implementing security functionalities is defect-free.

See Also

Comprehensive Categorization: Protection Mechanism Failure

Weaknesses in this category are related to protection mechanism failure.

Physical Access Issues and Concerns

Weaknesses in this category are related to concerns of physical access.

Power, Clock, Thermal, and Reset Concerns

Weaknesses in this category are related to system power, voltage, current, temperature, clocks, system state saving/restoring, and resets at the platform and SoC level.

Comprehensive CWE Dictionary

This view (slice) covers all the elements in CWE.

Weakness Base Elements

This view (slice) displays only weakness base elements.


Common Weakness Enumeration content on this website is copyright of The MITRE Corporation unless otherwise specified. Use of the Common Weakness Enumeration and the associated references on this website are subject to the Terms of Use as specified by The MITRE Corporation.