TY - GEN
T1 - Empirical Study of Proposed Meltdown Attack Implementation on BOOM v3
AU - Lin, Chien Hsiang
AU - Su, Yi Pei
AU - Chen, Yean Ru
AU - Chou, Yu Ting
AU - Chen, Sao Jie
N1 - Publisher Copyright:
© 2022 IEEE.
PY - 2022
Y1 - 2022
N2 - In recent years, the discovery of transient attacks such as Spectre and Meltdown has brought a huge impact on many processor manufacturers. Therefore, these manufacturers must pay more attention to the security verification of their products and understand the principles of these transient attacks in order to avoid developing products with security vulnerabilities. The Meltdown attack exploits the hardware vulnerability of permission checking and the out-of-order execution feature that is implemented on modern processors, thereby leaking some protected important data. In this paper, we provide a sample code of Meltdown attack to show the open source RISC-V processor-BOOM v3 (Berkeley Out-of-Order Machine) which is claimed to have mitigation mechanism for Meltdown attack is still vulnerable. We also analyze the implementation of BOOM's permission check and the features of out-of-order to illustrate why our sample attack can attack it successfully. According to our experimental results, the simulation time of this code costs 3.9 ms to show that BOOM v3 will be affected by Meltdown attack.
AB - In recent years, the discovery of transient attacks such as Spectre and Meltdown has brought a huge impact on many processor manufacturers. Therefore, these manufacturers must pay more attention to the security verification of their products and understand the principles of these transient attacks in order to avoid developing products with security vulnerabilities. The Meltdown attack exploits the hardware vulnerability of permission checking and the out-of-order execution feature that is implemented on modern processors, thereby leaking some protected important data. In this paper, we provide a sample code of Meltdown attack to show the open source RISC-V processor-BOOM v3 (Berkeley Out-of-Order Machine) which is claimed to have mitigation mechanism for Meltdown attack is still vulnerable. We also analyze the implementation of BOOM's permission check and the features of out-of-order to illustrate why our sample attack can attack it successfully. According to our experimental results, the simulation time of this code costs 3.9 ms to show that BOOM v3 will be affected by Meltdown attack.
UR - http://www.scopus.com/inward/record.url?scp=85137498223&partnerID=8YFLogxK
UR - http://www.scopus.com/inward/citedby.url?scp=85137498223&partnerID=8YFLogxK
U2 - 10.1109/MWSCAS54063.2022.9859354
DO - 10.1109/MWSCAS54063.2022.9859354
M3 - Conference contribution
AN - SCOPUS:85137498223
T3 - Midwest Symposium on Circuits and Systems
BT - MWSCAS 2022 - 65th IEEE International Midwest Symposium on Circuits and Systems, Proceedings
PB - Institute of Electrical and Electronics Engineers Inc.
T2 - 65th IEEE International Midwest Symposium on Circuits and Systems, MWSCAS 2022
Y2 - 7 August 2022 through 10 August 2022
ER -