CWE-1331: Improper Isolation of Shared Resources in Network On Chip (NoC)

BaseStable

The Network On Chip (NoC) does not isolate or incorrectly isolates its on-chip-fabric and internal resources such that they are shared between trusted and untrusted agents, creating timing channels.

View on MITRE
Back to CWE Lookup

Extended Description

Typically, network on chips (NoC) have many internal resources that are shared between packets from different trust domains. These resources include internal buffers, crossbars and switches, individual ports, and channels. The sharing of resources causes contention and introduces interference between differently trusted domains, which poses a security threat via a timing channel, allowing attackers to infer data that belongs to a trusted agent. This may also result in introducing network interference, resulting in degraded throughput and latency.

Technical Details

Structure
Simple

Applicable To

Languages
Not Language-Specific
Platforms
Not OS-Specific

Frequently Asked Questions

What is CWE-1331: Improper Isolation of Shared Resources in Network On Chip (NoC)?+

CWE-1331: Improper Isolation of Shared Resources in Network On Chip (NoC) is a Common Weakness Enumeration (CWE) entry maintained by MITRE. The Network On Chip (NoC) does not isolate or incorrectly isolates its on-chip-fabric and internal resources such that they are shared between trusted and untrusted agents, creating timing channels. Typically, network on chips (NoC) have many internal resources that are shared between packets from different trust domains. These resources include internal buffers, crossbars and switches, individual ports, and channels. The sharing of resources causes contention and introduces interference between differently trusted domains, which poses a security threat via a timing channel, allowing attackers to infer data that belongs to a trusted agent. This may also result in introducing network interference, resulting in degraded throughput and latency.

What are the security consequences of Improper Isolation of Shared Resources in Network On Chip (NoC)?+

If exploited, CWE-1331 (Improper Isolation of Shared Resources in Network On Chip (NoC)) it can compromise Confidentiality and Availability, leading to outcomes such as DoS: Resource Consumption (Other), Varies by Context and Other.

How do you prevent or mitigate Improper Isolation of Shared Resources in Network On Chip (NoC)?+

Recommended mitigations for CWE-1331 include: Implement priority-based arbitration inside the NoC and have dedicated buffers or virtual channels for routing secret data from trusted agents.

How is Improper Isolation of Shared Resources in Network On Chip (NoC) detected?+

CWE-1331 can be detected using Manual Analysis. Combining automated tooling with manual review typically yields the best coverage.

Which programming languages are affected by Improper Isolation of Shared Resources in Network On Chip (NoC)?+

CWE-1331 commonly affects Not Language-Specific. Note that weaknesses are often language-agnostic patterns, so secure coding practices apply broadly.

What are real-world examples of Improper Isolation of Shared Resources in Network On Chip (NoC)?+

MITRE documents real CVEs mapped to CWE-1331, including CVE-2021-33096. You can look up the full details of each CVE, including CVSS scores and remediation guidance, on our CVE Lookup tool.

What is the difference between a CWE and a CVE?+

A CWE (Common Weakness Enumeration) like CWE-1331 describes a category of software weakness — the underlying flaw type. A CVE (Common Vulnerabilities and Exposures) identifies a specific, real-world vulnerability in a particular product. In short, a CWE is the kind of mistake, and a CVE is an instance of that mistake being found in software.

Learn More