| Recurring |
one_organization, multiple_organization |
(a) The software failure incident related to the Rowhammer attack has happened again at the same organization, Vrije Universiteit in Amsterdam. Researchers from the VUSec research group at Vrije Universiteit published a paper detailing a new form of the Rowhammer attack called "GLitch," which targets Android phones [71440].
(b) The software failure incident has also happened at multiple organizations. The researchers demonstrated that the Rowhammer attack could work on Android phones, specifically targeting older phones like the LG Nexus 5, HTC One M8, or LG G2. Additionally, Google mentioned that they tested the attack on newer phones and found them to be susceptible to Rowhammer as well [71440]. |
| Phase (Design/Operation) |
design |
(a) The software failure incident described in the articles is primarily related to the design phase. The failure is attributed to a hacking technique known as "Rowhammer," which manipulates the physical electric charge in memory chips to corrupt data in unexpected ways. This attack exploits the fundamental properties of computer hardware, making it difficult to fully fix with a software patch [71440]. The attack involves inducing bit flips in memory to change data stored there, allowing hackers to run malicious code on Android phones remotely when victims visit specific web pages. The attack targets specific hardware components like ARM processors and GPUs, demonstrating a deep understanding of the system's design vulnerabilities [71440].
(b) The software failure incident is not directly related to operation or misuse of the system. Instead, it focuses on the exploitation of hardware vulnerabilities through a sophisticated hacking technique. The attack does not rely on user operation or misuse but rather on the inherent design flaws in the system's hardware components [71440]. |
| Boundary (Internal/External) |
within_system, outside_system |
(a) The software failure incident described in the articles is primarily within_system. The failure is related to a hacking technique known as "Rowhammer" that manipulates the physical electric charge in memory chips to corrupt data in unexpected ways. This attack exploits the fundamental properties of computer hardware, specifically memory chips, to induce bit flips and gain control over the system. The attack targets Android phones by running malicious code when a victim visits a specially crafted web page, demonstrating a vulnerability within the system's memory handling mechanisms [71440].
(b) Additionally, the articles mention that the software failure incident involves some elements that originate from outside the system. For example, the attack is executed remotely over the internet, indicating an external source initiating the attack on the Android phones. The attack leverages the GPU and a browser-based graphics code library (WebGL) to induce bit flips in memory, showcasing how external factors can be utilized to exploit vulnerabilities within the system [71440]. |
| Nature (Human/Non-human) |
non-human_actions, human_actions |
(a) The software failure incident in the articles is primarily due to non-human actions. The incident involves a hacking technique known as "Rowhammer," which manipulates the physical electric charge in memory chips to corrupt data in unexpected ways. This attack exploits the fundamental properties of computer hardware, specifically the electric charge leakage in memory cells, to induce bit flips and gain control over the system. The attack is not caused by human actions but rather by exploiting the inherent physics of how computers function [71440].
(b) While the software failure incident is primarily due to non-human actions as described above, it is important to note that the researchers who discovered and demonstrated the GLitch attack, a new form of the Rowhammer attack, are human actors. These researchers from the VUSec research group at Vrije Universiteit in Amsterdam developed the technique to run malicious code on Android phones remotely by exploiting the Rowhammer vulnerability. Their actions in researching and developing this attack contributed to the software failure incident [71440]. |
| Dimension (Hardware/Software) |
hardware, software |
(a) The software failure incident in the articles is primarily related to hardware. The incident involves a hacking technique known as "Rowhammer," which manipulates the physical electric charge in memory chips to corrupt data in unexpected ways. This attack exploits the fundamental properties of computer hardware, specifically memory chips, to induce bit flips and gain control over the system [71440].
(b) The software failure incident also has elements related to software. While the attack technique itself is based on hardware vulnerabilities, the researchers were able to run malicious code on Android phones by exploiting these hardware vulnerabilities remotely through a carefully crafted web page. This demonstrates a software-related vulnerability in the browser that allowed the attackers to execute code within the privileges of the browser [71440]. |
| Objective (Malicious/Non-malicious) |
malicious |
(a) The software failure incident described in the articles is malicious in nature. The incident involves a hacking technique known as "Rowhammer" being used against Android phones over the internet by manipulating the physical electric charge in memory chips to corrupt data in unexpected ways. The attack, named "GLitch," allows hackers to run malicious code on Android phones when the victim visits a carefully crafted web page, demonstrating a remote, smartphone-targeted implementation of the Rowhammer attack [71440]. The attack is intentional and aims to exploit vulnerabilities in the system for malicious purposes. |
| Intent (Poor/Accidental Decisions) |
unknown |
(a) The intent of the software failure incident:
- The software failure incident related to the Rowhammer attack on Android phones was not due to poor decisions but rather due to exploiting the physical properties of computer hardware to manipulate memory and induce bit flips [71440]. |
| Capability (Incompetence/Accidental) |
accidental |
(a) The software failure incident described in the articles is not related to development incompetence. The incident involves a sophisticated hacking technique known as "Rowhammer" being used against Android phones over the internet, exploiting the physical properties of computer hardware to induce bit flips in memory and run malicious code on smartphones remotely [71440].
(b) The software failure incident is accidental in nature as it involves hackers finding a way to use the Rowhammer attack against Android phones by manipulating the physical electric charge in memory chips to corrupt data in unexpected ways. This attack was not caused by incompetence but rather by exploiting the actual physics inherent in how computers function [71440]. |
| Duration |
temporary |
The software failure incident described in the articles is more aligned with a **temporary** failure rather than a permanent one. This is evident from the fact that the attack described, known as "GLitch," is a specific technique that exploits the Rowhammer vulnerability in Android phones by inducing bit flips in memory to run malicious code on the device. The attack is detailed as a new form of the Rowhammer attack and requires a specific pattern of bit flips to gain control over the browser when a victim visits a crafted web page. The attack is also limited to certain older Android phones and the Firefox browser, indicating a specific set of circumstances under which it can be executed [71440]. |
| Behaviour |
value, other |
(a) crash: The articles do not mention any instances of a crash related to the software failure incident. [71440]
(b) omission: The software failure incident does not involve the system omitting to perform its intended functions at an instance(s). [71440]
(c) timing: The software failure incident does not involve the system performing its intended functions correctly, but too late or too early. [71440]
(d) value: The software failure incident involves the system performing its intended functions incorrectly. The Rowhammer attack manipulates the physical electric charge in memory chips to corrupt data in unexpected ways, inducing bit flips in memory to change ones to zeros and vice versa, leading to running malicious code on Android phones when victims visit a carefully crafted web page. This results in the system performing its functions incorrectly. [71440]
(e) byzantine: The software failure incident does not involve the system behaving erroneously with inconsistent responses and interactions. [71440]
(f) other: The software failure incident involves the system behaving in a way not described in the options (a to e). The attack exploits the most fundamental properties of computer hardware by manipulating the physical electric charge in memory chips to corrupt data in unexpected ways, leading to running malicious code on Android phones remotely when victims visit a specific web page. This behavior is not a typical failure mode like a crash, omission, timing, or byzantine behavior. [71440] |