SoK: Hardware Defenses Against Speculative Execution Attacks

Guangyuan Hu, Zecheng He, Ruby B. Lee

Research output: Chapter in Book/Report/Conference proceedingConference contribution

4 Scopus citations

Abstract

Speculative execution attacks leverage the speculative and out-of-order execution features in modern computer processors to access secret data or execute code that should not be executed. Secret information can then be leaked through a covert channel. While software patches can be installed for mitigation on existing hardware, these solutions can incur big performance overhead. Hardware mitigation is being studied extensively by the computer architecture community. It has the benefit of preserving software compatibility and the potential for much smaller performance overhead than software solutions.This paper presents a systematization of the hardware defenses against speculative execution attacks that have been proposed. We show that speculative execution attacks consist of 6 critical attack steps. We propose defense strategies, each of which prevents a critical attack step from happening, thus preventing the attack from succeeding. We then summarize 20 hardware defenses and overhead-reducing features that have been proposed. We show that each defense proposed can be classified under one of our defense strategies, which also explains why it can thwart the attack from succeeding. We discuss the scope of the defenses, their performance overhead, and the security-performance trade-offs that can be made.

Original languageEnglish (US)
Title of host publicationProceedings - 2021 International Symposium on Secure and Private Execution Environment Design, SEED 2021
PublisherInstitute of Electrical and Electronics Engineers Inc.
Pages108-120
Number of pages13
ISBN (Electronic)9781665420259
DOIs
StatePublished - 2021
Event1st International Symposium on Secure and Private Execution Environment Design, SEED 2021 - Virtual, Online, United States
Duration: Sep 20 2021Sep 21 2021

Publication series

NameProceedings - 2021 International Symposium on Secure and Private Execution Environment Design, SEED 2021

Conference

Conference1st International Symposium on Secure and Private Execution Environment Design, SEED 2021
Country/TerritoryUnited States
CityVirtual, Online
Period9/20/219/21/21

All Science Journal Classification (ASJC) codes

  • Artificial Intelligence
  • Computer Networks and Communications
  • Hardware and Architecture
  • Information Systems and Management
  • Safety, Risk, Reliability and Quality

Keywords

  • Hardware Security
  • Speculative Execution Attacks

Fingerprint

Dive into the research topics of 'SoK: Hardware Defenses Against Speculative Execution Attacks'. Together they form a unique fingerprint.

Cite this