Revizor: Testing Black-Box CPUs Against Speculation Contracts

Revizor: Testing Black-Box CPUs Against Speculation Contracts

Speculative execution attacks such as Spectre and Meltdown exploit microarchitectural optimizations to leak information across security domains. These vulnerabilities often stay undetected for years because we lack the tools for systematic analysis of CPUs to find them. In this article, we introduce...

Full description

Saved in:
Bibliographic Details
Published in:IEEE MICRO Vol. 43; no. 4; pp. 37 - 44
Main Authors: Oleksenko, Oleksii, Fetzer, Christof, Kopf, Boris, Silberstein, Mark
Format: Journal Article
Language:English
Published: Los Alamitos IEEE 01-07-2023
The Institute of Electrical and Electronics Engineers, Inc. (IEEE)
Subjects:
Black boxes
Central Processing Unit
Closed box
Contracts
Leakage
Leaks
Microarchitecture
Optimization
Security
Systematics
Testing
Online Access:Get full text
Tags: Add Tag
No Tags, Be the first to tag this record!
Description
Summary:Speculative execution attacks such as Spectre and Meltdown exploit microarchitectural optimizations to leak information across security domains. These vulnerabilities often stay undetected for years because we lack the tools for systematic analysis of CPUs to find them. In this article, we introduce such a tool, called Revizor, which automatically detects microarchitectural leakage in black-box CPUs. The key idea is to employ speculation contracts to model the expected information leaks, and then to use randomized testing to compare the CPU’s leakage against the model and thus detect unexpected leaks. We showcase the effectiveness of this approach on Intel CPUs, where we demonstrate that Revizor is capable of detecting both known and previously unknown speculative leaks.
ISSN:0272-1732
1937-4143
DOI:10.1109/MM.2023.3273009