tag: Spectre

Microarchitecture Vulnerabilities: Uncovering The Root Cause Weaknesses
By Jason Oberg - 07 Mar, 2024 - Comments: 0

In early 2018, the tech industry was shocked by the discovery of hardware microarchitecture vulnerabilities that bypassed decades of work put into software and application security. Meltdown and Spectre exploited performance features in modern application processors to leak sensitive information about victim programs to an adversary. This leakage occurs through the hardware itself, meaning th... » read more

New Concepts Required For Security Verification
By Brian Bailey - 28 Aug, 2023 - Comments: 0

Verification for security requires new practices in both the development and verification flows, but tools and methodologies to enable this are rudimentary today. Flows are becoming more complex, especially when they span multiple development groups. Security is special in that it is pervasive throughout the development process, requiring both positive and negative verification. Positive ver... » read more

What’s Required To Secure Chips
By Ed Sperling - 06 Apr, 2023 - Comments: 0

Experts at the Table: Semiconductor Engineering sat down to talk about how to verify that a semiconductor design will be secure, with Mike Borza, Synopsys scientist; John Hallman, product manager for trust and security at Siemens EDA; Pete Hardee, group director for product management at Cadence; Paul Karazuba, vice president of marketing at Expedera; and Dave Kelf, CEO of Breker Verification. ... » read more

How Secure Are RISC-V Chips?
By Jeff Goldman - 05 Jan, 2023 - Comments: 3

When the Meltdown and Spectre vulnerabilities were first uncovered in 2018, they heralded an industry-wide shift in perspective regarding processor security. As the IBM X-Force Threat Intelligence Index put it the following year, "2018 ushered in a new era of hardware security challenges that forced enterprises and the security community to rethink the way they approach hardware security." R... » read more

Prefetch Side Channels Undermine the Isolation Between User and Kernel Space on AMD CPUs
By Technical Paper Link - 08 Aug, 2022 - Comments: 0

This new technical paper titled "AMD Prefetch Attacks through Power and Time" is from researchers at Graz University of Technology and CISPA Helmholtz Center for Information Security. Note, this is a prepublication paper for the USENIX Security Symposium in Boston in August 2022.   This paper includes countermeasures and mitigation strategies, and the paper indicates that the findings were di... » read more

Chip Backdoors: Assessing the Threat
By Jeff Goldman - 04 Aug, 2022 - Comments: 0

In 2018, Bloomberg Businessweek made an explosive claim: Chinese spies had implanted backdoors in motherboards used by some high-profile customers, including the U.S. Department of Defense. All of those customers issued strongly worded denials. Most reports of hardware backdoors have ended up in exchanges like these. There are allegations and counter-allegations about specifics. But as hardw... » read more

RETBLEED: New Spectre-BTI Attack (ETH Zurich)
By Technical Paper Link - 13 Jul, 2022 - Comments: 0

New Spectre-BTI attack that "leaks arbitrary kernel memory." It's detailed in this research paper titled “RETBLEED: Arbitrary Speculative Code Execution with Return Instructions” from researchers at ETH Zürich. Mitigations are available. Abstract "Modern operating systems rely on software defenses against hardware attacks. These defenses are, however, as good as the assumptions they m... » read more

Hardware Dynamic IFT Mechanism That Scales to Complex Open-Source RISC-V Processors
By Technical Paper Link - 20 Jun, 2022 - Comments: 0

New technical paper titled "CellIFT: Leveraging Cells for Scalable and Precise Dynamic Information Flow Tracking in Hardware Designs" by researchers at ETH Zurich and Intel.  Paper to be presented at USENIX Security 2022 (August 10-12, 2022) in Boston, MA, USA. Partial Abstract "We introduce CELLIFT, a new design point in the space of dynamic IFT [Information flow tracking] for hardware. C... » read more

Verifying Side-Channel Security Pre-Silicon
By Bryon Moyer - 03 Mar, 2022 - Comments: 1

As security grows in importance, side-channel attacks pose a unique challenge because they rely on physical phenomena that aren’t always modeled for the design verification process. While everything can be hacked, the goal is to make it so difficult that an attacker concludes it isn't worth the effort. For side-channel attacks, the pre-silicon design is the best place to address any known ... » read more

Why Banks Should Be More Worried About Security
By John Koon - 03 Mar, 2022 - Comments: 1

At about 10:30 a.m. on Friday, Feb. 5, 2016, Jubail Bin-Huda, a joint director of Bangladesh Bank, and a colleague went to pick up the latest Society for Worldwide Interbank Financial Telecommunication (SWIFT) acknowledgement messages from the printer. When they got to the printer, they found nothing had been printed. They restarted the printer manually, but it still didn't work. They had no... » read more

← Older posts

  • Sponsors

About

Navigation

Connect With Us

Copyright ©2013-2024 SMG   |  Terms of Service  |  Privacy Policy