In the quest for higher performance, modern CPUs make heavy use of speculative execution. Unfortunately, speculative execution opens the possibility of side-channel attacks in which malicious parties can read the memory of co-located processes, OSes, and VMs (e.g., Meltdown, Spectre). Similarly, in the quest for higher memory capacities, modern DRAMs have drastically increased the density of memory cells on a chip. This high cell density opens the possibility of attacks that cause bit flips in DRAM (e.g., Rowhammer). A single bit flip is sufficient to lead to serious security breaches, such as privilege escalation, remote login, or factoring an RSA private key.
Unfortunately, no single silver bullet for stopping these types of attacks exists. These attacks all stem from hardware “bugs.” While fixing each particular bug is feasible, the hardware life-cycle is very long, and the fixes often come with serious performance and cost overheads. Software-based fixes offer a faster response, but also may impose significant overhead. The goal of this session is to discuss the state of the art techniques in performing such attacks and defending against them using both hardware and software.