Insights

Riverside Research Secure & Resilient Systems Team Develops Spectre Implementation

Mar 31, 2023

The Riverside Research Secure & Resilient Systems team has accomplished a major development in the world of Spectre speculative execution vulnerabilities: a new implementation that enables the vulnerability to work across computer processes.

Riverside Research Secure & Resilient Systems Team Develops Spectre Implementation -

Spectre is a hardware vulnerability that hackers can use to steal private information from your computer by tricking it into revealing secrets that it is not supposed to. This development allowed the team to better characterize the security risks of Spectre-class vulnerabilities.

About the Spectre Implementation

Spectre exploits the common speculative execution features found in most computers and is a hardware-based side-channel exploit. Spectre code changes the computer’s ability to predict incoming instructions from the user, leading to the potential extraction of data. Discovery of new Spectre variants are relatively common, and research in Spectre prevention has been a crucial area of study to ensure electronic data can remain secure.

The team’s work was published in the 17th International Conference on Cyber Warfare and Security and the research was presented at the conference. The paper was authored by intern and lead author Michael Shepherd and Secure & Resilient Systems team members Scott Brookes and Robert Denz, and represents the Secure & Resilient Systems team’s dedication to research, publication, and open-source initiatives.

“The team’s recent research is a testament to Riverside Research’s commitment to better understand the threat of vulnerabilities that cross the hardware and software abstraction boundary,” remarked Robert Denz, Director of Secure & Resilient Systems. “This specialized knowledge will allow Riverside Research to better serve our national security partners in the safe, effective, and secure design of their existing and future systems.”