IBM: Let’s Not Speculate: Discovering and Analyzing Speculative Execution Attacks

[…]We plan to release our tool, SPECULATOR , which we used
to investigate speculative execution behavior, as open source.[…]

Speculative execution attacks exploit vulnerabilities at a CPU’s microarchitectural level, which, until recently, remained hidden below the instruction set architecture, largely undocumented by CPU vendors. New speculative execution attacks are released on a monthly basis, showing how aspects of the so-far unexplored microarchitectural attack surface can be exploited. In this paper, we generalize speculative execution related attacks and identify common components. The structured approach that we employed helps us to identify potential new variants of speculative execution attacks. We explore one such variant, SPLITSPECTRE, in depth and demonstrate its applicability to a real-world scenario with the SpiderMonkey JavaScript engine. Further, we introduce SPECULATOR, a novel tool to investigate speculative execution behavior critical to these new microarchitectural attacks. We also present our findings on multiple CPU platforms.!OpenDocument&Highlight=0,RZ3933

Leave a Reply

Please log in using one of these methods to post your comment: Logo

You are commenting using your account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s