@inproceedings{f29e803c2a9749d68ccb07e0b7898ff4,
title = "SoK: Hardware Defenses Against Speculative Execution Attacks",
abstract = "Speculative execution attacks leverage the speculative and out-of-order execution features in modern computer processors to access secret data or execute code that should not be executed. Secret information can then be leaked through a covert channel. While software patches can be installed for mitigation on existing hardware, these solutions can incur big performance overhead. Hardware mitigation is being studied extensively by the computer architecture community. It has the benefit of preserving software compatibility and the potential for much smaller performance overhead than software solutions.This paper presents a systematization of the hardware defenses against speculative execution attacks that have been proposed. We show that speculative execution attacks consist of 6 critical attack steps. We propose defense strategies, each of which prevents a critical attack step from happening, thus preventing the attack from succeeding. We then summarize 20 hardware defenses and overhead-reducing features that have been proposed. We show that each defense proposed can be classified under one of our defense strategies, which also explains why it can thwart the attack from succeeding. We discuss the scope of the defenses, their performance overhead, and the security-performance trade-offs that can be made.",
keywords = "Hardware Security, Speculative Execution Attacks",
author = "Guangyuan Hu and Zecheng He and Lee, {Ruby B.}",
note = "Publisher Copyright: {\textcopyright} 2021 IEEE.; 1st International Symposium on Secure and Private Execution Environment Design, SEED 2021 ; Conference date: 20-09-2021 Through 21-09-2021",
year = "2021",
doi = "10.1109/SEED51797.2021.00023",
language = "English (US)",
series = "Proceedings - 2021 International Symposium on Secure and Private Execution Environment Design, SEED 2021",
publisher = "Institute of Electrical and Electronics Engineers Inc.",
pages = "108--120",
booktitle = "Proceedings - 2021 International Symposium on Secure and Private Execution Environment Design, SEED 2021",
address = "United States",
}