Security Vulnerabilities in Microprocessors
Article ID: 3151
DOI: https://doi.org/10.30564/ssid.v3i1.3151
Abstract
Keywords
Full Text:

References
[1] TechTerms, “Clock Cycle,” 2010. [Online]. Available: https://techterms.com/definition/clockcycle.[Accessed 15 11 2019].
[2] S. Eggers, J. Emer, H. Levy, J. Lo, R. Stamm and D.Tullsen, “Simultaneous multithreading: a platform for next-generation processors,” IEEE Micro, vol.17, no. 5, pp. 12-19, 1997.
[3] Intel, “Deep Dive: Introduction to Speculative Execution Side Channel Methods,” 2019. [Online].Available: https://software.intel.com/security-software-guidance/insights/deep-dive-introduction-speculative-execution-side-channel-methods.[Accessed 11 11 2019].
[4] Wideskills, “C++ Control Flow Structures,” 2015.[Online]. Available: https://www.wideskills.com/c-plusplus/c-plusplus-control-flow-structures. [Accessed 13 11 2019].
[5] Micron, “Speed vs. Latency (Whitepaper),” 01 05 2015. [Online]. Available:https://pics.crucial.com/wcsstore/CrucialSAS/pdf/en-us-c3-whitepaper-speed-vs-latency-letter.pdf. [Accessed 12 11 2019].
[6] J. Hruska, “How L1 and L2 CPU Caches Work, and Why They’re an Essential Part of Modern Chips,”2018. [Online]. Available: https://www.extremetech.com/extreme/188776-how-l1-and-l2-cpu-cacheswork-and-why-theyre-an-essential-part-of-modernchips. [Accessed 11 11 2019].
[7] J. Horn, M. Lipp, M. Schwarz, D. Gruss, T. Prescher,W. Haas, A. Fogh, S. Mangard, P. Kocher, D.Genkin, Y. Yarom and M. Hamburg, “Meltdown: Reading Kernel Memory from User Space,” 2017.[Online].Available: https://meltdownattack.com/meltdown.pdf. [Accessed 11 11 2019].
[8] M. Rouse, “side-channel attack,” 2019. [Online].Available:https://searchsecurity.techtarget.com/definition/side-channel-attack. [Accessed 11 11 2019].
[9] J. Horn, W. Haas, T. Prescher, D. Gruss, M. Lipp, S.Mangard and M. Schwarz, “Spectre Attacks:Exploiting Speculative Execution,” 2017. [Online]. Available:https://spectreattack.com/spectre.pdf. [Accessed 12 11 2019].
[10] J. Horn, “Reading privileged memory with a side-channel,” 2018. [Online]. Available: https://googleprojectzero.blogspot.com/search?q=spectre.[Accessed 12 11 2019].
[11] Graz University of Technology, “Meltdown and Spectre,” 2018. [Online]. Available: https://meltdownattack.com/. [Accessed 14 11 2019].
[12] ARM, “Vulnerability of Speculative Processors to Cache Timing Side-Channel Mechanism,”2019.[Online]. Available: https://developer.arm.com/support/arm-security-updates/speculative-processor-vulnerability. [Accessed 14 11 2019].
[13] P. Kocher, “Spectre Attacks: Exploiting Speculative Execution,” 17 04 2018. [Online]. Available:https://www.rsaconference.com/usa/us-2018/agenda/spectre-attacks-exploiting-speculative-execution-4. [Accessed 12 11 2019].
[14] Oxford Dictionary of English, Mitigation, 3rd ed.,Oxford: Oxford University Press, 2019.
[15] J. Edge, “Kernel address space layout randomization,” 2013. [Online]. Available:https://lwn.net/Articles/569635/. [Accessed 13 11 2019].
[16] J. Corbet, “KAISER: hiding the kernel from user space,” 2017. [Online]. Available:https://lwn.net/Articles/738975/. [Accessed 13 11 2019].
[17] Technopedia, “Trusted Computing Base (TCB),”2019. [Online]. Available:https://www.techopedia.com/definition/4145/trusted-computing-base-tcb.[Accessed 13 11 2019].
[18] “syscalls - Linux system calls,” 2019. [Online].Available: http://man7.org/linux/man-pages/man2/syscalls.2.html. [Accessed 13 11 2019].
[19] M. Rouse, “context switch,” 2012. [Online]. Available:https://whatis.techtarget.com/definition/context-switch. [Accessed 13 11 2019].
[20] Redhat, “4.4. Virtual Memory: The Details,” N/A.[Online]. Available:https://access.redhat.com/documentation/en-US/Red_Hat_Enterprise_Linux/4/html/Introduction_To_System_Administration/s1-memory-virt-details.html. [Accessed 13 11 2019].
[21] P. J. Denning, “The Working Set Model for Program Behavior,” Massachusetts Institute of Technology,Cambridge, Massachusetts, 1968.
[22] B. Jang, D. Schaa, P. Mistry and D. Kaeli, “Exploiting Memory Access Patterns to Improve Memory Performance in Data-Parallel Architectures,” IEEE Transactions on Parallel and Distributed Systems, vol. 22,no. 1, pp. 105-118, 2011.
[23] B. Gregg, “KPTI/KAISER Meltdown Initial Performance Regressions,” 2018. [Online].Available:http://www.brendangregg.com/blog/2018-02-09/kpti-kaiser-meltdown-performance.html. [Accessed 13 11 2019].
[24] Swiat, “Mitigating speculative execution side channel hardware vulnerabilities,” 2018. [Online].Available: https://msrc-blog.microsoft.com/2018/03/15/mitigating-speculative-execution-side-channel-hardware-vulnerabilities/. [Accessed 13 11 2019].
[25] Microsoft, “Microsoft Bug Bounty Program,” 2019.[Online]. Available:https://www.microsoft.com/enus/msrc/bounty?rtc=1. [Accessed 13 11 2019].
[26] T. Myerson, “Understanding the performance impact of Spectre and Meltdown mitigations on Windows Systems,” 2018. [Online]. Available: https://www.microsoft.com/security/blog/2018/01/09/understanding-the-performance-impact-of-spectre-and-meltdown-mitigations-on-windows-systems/. [Accessed 13 11 2019].
[27] Apple, “About the security content of macOS High Sierra 10.13.3, Security Update 2018-001 Sierra,and Security Update 2018-001 El Capitan,” 2019.[Online]. Available: https://support.apple.com/en-us/HT208465. [Accessed 14 11 2019].
[28] Apple, “About speculative execution vulnerabilities in ARM-based and Intel CPUs,” 2018. [Online]. Available: https://support.apple.com/en-us/HT208394. [Accessed 13 11 2019].
[29] Apple, “How to enable full mitigation for Microarchitectural Data Sampling (MDS) vulnerabilities,”2019. [Online]. Available: https://support.apple.com/en-gb/HT210108. [Accessed 13 11 2019].
Refbacks
- There are currently no refbacks.

This work is licensed under a Creative Commons Attribution-NonCommercial 4.0 International License.