| Recurring |
one_organization, multiple_organization |
(a) The software failure incident related to the DRAMMER attack on Android phones has happened again within the same organization, specifically with the researchers in Amsterdam. The group had previously worked on Rowhammer attacks and had shown they could target data stored in the cloud. This incident marks the first time anyone had used the Rowhammer attack on a mobile device, specifically targeting Android phones [48804].
(b) The software failure incident related to the DRAMMER attack on Android phones has the potential to impact multiple organizations or platforms beyond just mobile phones. The researchers involved in the attack mentioned that the design of the attack is very general and could potentially apply not just on mobile platforms but also in the cloud and even in the browser on desktop computers. This indicates that the impact of this attack could be much broader than just mobile phones, potentially affecting various commodity platforms [48804]. |
| Phase (Design/Operation) |
design, operation |
(a) The software failure incident related to the design phase is evident in the article. The vulnerability identified by researchers in Amsterdam targets a phone's dynamic random access memory using an attack called Rowhammer. This attack manipulates the physical properties of hardware, posing a digital threat that cannot be patched with software alone. The attack involves executing a program that repeatedly accesses the same "row" of transistors on a memory chip, causing a bit to "flip" and altering data, creating a foothold for gaining control over the device [48804].
(b) The software failure incident related to the operation phase is also highlighted in the article. The DRAMMER attack starts with a victim downloading a seemingly innocuous app laced with malware to execute the hack. Once the victim downloads the malicious app, DRAMMER can take over a phone within minutes or even seconds and runs without any indication. The victim can interact with the sham app, switch to other apps, and even put the phone in "sleep" mode, and the attack continues running [48804]. |
| Boundary (Internal/External) |
within_system |
The software failure incident described in the article is primarily within_system. The vulnerability exploited by the DRAMMER attack targets a phone's dynamic random access memory (DRAM) using an attack called Rowhammer, which involves manipulating the physical properties of hardware to gain control of Android phones [48804]. The attack takes advantage of a flaw within the system's memory allocation mechanism (ION memory allocator) to access and manipulate the DRAM, ultimately leading to gaining root access and full control of the handset [48804]. The attack does not rely on external factors but rather on exploiting vulnerabilities inherent within the Android operating system and the memory management system. |
| Nature (Human/Non-human) |
non-human_actions |
(a) The software failure incident in the article is related to non-human actions. The vulnerability exploited by the researchers in Amsterdam, known as the DRAMMER attack, targets a phone's dynamic random access memory using an attack called Rowhammer. This attack manipulates the physical properties of hardware, specifically the memory chip, to cause bit flips and gain control of Android phones. The attack is not introduced by human actions but rather takes advantage of a vulnerability in the hardware that can't be patched with software alone [48804]. |
| Dimension (Hardware/Software) |
hardware, software |
(a) The software failure incident in the articles is related to hardware vulnerabilities. Researchers in Amsterdam demonstrated a hack targeting Android phones by manipulating the physical properties of hardware, specifically the phone's dynamic random access memory (DRAM) using an attack called Rowhammer. This hardware vulnerability allows attackers to take control of Android phones by causing bit flips in the memory chips [Article 48804].
(b) The software failure incident is also related to software vulnerabilities. The attack, known as DRAMMER, exploits a vulnerability in the Android operating system that allows attackers to gain root access to the handset, manipulate data, and take control of the device. The software features DRAMMER exploits are fundamental to the operating system, making it difficult to remove or alter without impacting the user experience. Google is working on a patch to address this software vulnerability, but fixing it in existing phones is challenging [Article 48804]. |
| Objective (Malicious/Non-malicious) |
malicious |
(a) The software failure incident described in the article is malicious in nature. Researchers in Amsterdam demonstrated a hack called DRAMMER attack that targets Android phones' dynamic random access memory using an attack called Rowhammer. The attack involves manipulating the physical properties of hardware to gain control of Android phones, potentially putting all data on the device at risk. The attack is executed by downloading a seemingly innocuous app laced with malware to execute the hack, allowing the attackers to achieve root access and full control of the handset [48804].
(b) The software failure incident is non-malicious in the sense that it is not caused by unintentional factors. The attack was carefully planned and executed by the researchers to demonstrate the vulnerability of Android phones to such attacks. The researchers intentionally developed the attack and used specific techniques to exploit the vulnerability in the hardware, showcasing the potential risks associated with such vulnerabilities [48804]. |
| Intent (Poor/Accidental Decisions) |
|
(a) The intent of the software failure incident was not due to poor decisions but rather a sophisticated attack that exploited a vulnerability in Android phones' dynamic random access memory (DRAM) using the Rowhammer attack technique. The researchers in Amsterdam demonstrated how this type of hack could allow them to take control of Android phones by manipulating the physical properties of hardware, specifically targeting the DRAM to flip bits and gain control over the device [48804]. This incident was not a result of poor decisions but rather a well-thought-out and executed attack by the researchers to showcase a potential security threat. |
| Capability (Incompetence/Accidental) |
accidental |
(a) The software failure incident related to development incompetence is not explicitly mentioned in the provided article. Therefore, it is unknown if the incident was due to contributing factors introduced due to lack of professional competence by humans or the development organization.
(b) The software failure incident related to an accidental factor is evident in the article. The vulnerability identified by researchers in Amsterdam, known as the DRAMMER attack, targeted a phone's dynamic random access memory using an attack called Rowhammer. This attack was demonstrated on Android phones for the first time, showing how manipulating the physical properties of hardware can pose a digital threat that cannot be patched with software alone [48804]. |
| Duration |
permanent |
(a) The software failure incident described in the article is more of a permanent nature. The vulnerability identified by the researchers in Amsterdam, known as the DRAMMER attack, targets a phone's dynamic random access memory (DRAM) using an attack called Rowhammer. This attack potentially places all data on an Android phone at risk and is not easily patchable with software alone. The article mentions that even though Google is working on a patch to make the attack harder to execute, it is challenging to fix in existing phones, as some of the software features DRAMMER exploits are fundamental to the operating system and difficult to remove without impacting the user experience [48804]. |
| Behaviour |
other |
(a) crash: The software failure incident described in the article is not related to a crash where the system loses state and does not perform any of its intended functions. The incident involves a security vulnerability in Android phones that allows attackers to take control of the device by manipulating the physical properties of hardware [48804].
(b) omission: The software failure incident is not related to a failure due to the system omitting to perform its intended functions at an instance(s). Instead, it involves a security vulnerability that allows attackers to exploit the dynamic random access memory (DRAM) of Android phones to gain control of the device [48804].
(c) timing: The software failure incident is not related to a failure due to the system performing its intended functions correctly but too late or too early. It is focused on a security vulnerability that can be exploited to take control of Android phones by manipulating the physical properties of hardware [48804].
(d) value: The software failure incident is not related to a failure due to the system performing its intended functions incorrectly. It is centered around a security vulnerability that allows attackers to manipulate the DRAM of Android phones to gain control of the device [48804].
(e) byzantine: The software failure incident is not related to a failure due to the system behaving erroneously with inconsistent responses and interactions. It is about a security vulnerability in Android phones that can be exploited to take control of the device by manipulating the physical properties of hardware [48804].
(f) other: The behavior of the software failure incident can be categorized as a security vulnerability that allows attackers to exploit the physical properties of hardware, specifically the DRAM, to gain control of Android phones. This vulnerability poses a significant threat to the security and privacy of users' data on the affected devices [48804]. |