Résumé
Microarchitectural security is one of the most challenging and exciting problems in system security today. With the discovery of transient execution attacks, it has become clear that microarchitectural attacks have significant impact on the security properties of software running on a processor that runs code from various stakeholders (such as, for instance, in the cloud).
This seminar will provide an introduction to transient execution attacks and defenses. It will do so by using standard modeling techniques from the programming language community: we will discuss how to model out-of-order and speculative execution, and how to model attackers that can observe and influence microarchitectural state. Next, we will use these models to explain and illustrate a selection of transient execution attacks. Finally, we briefly discuss defenses, focusing on the precise statement of adequate security objectives for these defenses.
