Meltdown, Spectre and More: The Dark Side of Speculative Execution
Dario Faggioli, Ph.D. Software Engineer, Virtualization Specialist @ SUSE, will give an on-line talk about "Meltdown, Spectre and More: The Dark Side of Speculative Execution" as part of the cycle of seminars organized by TeCIP Institute for phd.
Abstract: At the beginning of 2018, Meltdown and Spectre taught us that speculative execution can pose some security concerns. During the following months, more Spectre variants, L1TF, MDS, iTLB multihit, TAA, etc, taught us that such concerns should really be taken pretty seriously. What is probably the most interesting thing about this class of security issues, is that they show how some of the fundamental assumptions that CPU designers have been relying on for years were very fragile, if valid at all!
This talk will give a quick overview of speculative execution, and of why and how it suffers from the mentioned issues. We will also show in which ways (without going into the details of actual exploits, though) an attacker can take advantage of these vulnerabilities and compromise a system.
Speaker's Short Biography: Dario is a Virtualization Software Engineer at SUSE. During his Ph.D, he worked on real-time scheduling on Linux, and he's one of the original authors of what today is the SCHED_DEADLINE scheduling class. He's been active in the Open Source virtualization space since ~8 years on projects such as Xen (where he is the maintainer of the hypervisor scheduler), Linux/KVM and also Libvirt and QEMU. His primary focus is on scheduling and on performance evaluation and improvement. Since 2010, he has spoken and presented his work at several events and conferences, like the Linux Kernel Summit, Linux Plumbers, Xen Project Developers Summit, FOSDEM, LinuxLab and OSPM. Just very recently, he's given technical seminars to Computer Architecture students at Italian universities of Pisa and Modena.
The Seminar is open. For more information and to access the talk, contact Prof. Tommaso Cucinotta.