Change search
CiteExportLink to record
Permanent link

Direct link
Cite
Citation style
  • apa
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • Other style
More styles
Language
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Other locale
More languages
Output format
  • html
  • text
  • asciidoc
  • rtf
Examining the Impact of Microarchitectural Attacks on Microkernels: a study of Meltdown and Spectre
Linköping University, Department of Computer and Information Science.
Linköping University, Department of Computer and Information Science.
2019 (English)Independent thesis Advanced level (degree of Master (Two Years)), 20 credits / 30 HE creditsStudent thesis
Abstract [en]

Most of today's widely used operating systems are based on a monolithic design and have a very large code size which complicates verification of security-critical applications. One approach to solving this problem is to use a microkernel, i.e., a small kernel which only implements the bare necessities. A system usinga microkernel can be constructed using the operating-system framework Genode, which provides security features and a strict process hierarchy. However, these systems may still be vulnerable to microarchitectural attacks, which can bypassan operating system's security features, exploiting vulnerable hardware.

This thesis aims to investigate whether microkernels are vulnerable to the microarchitectural attacks Meltdown and Spectre version 1 in the context of Genode. Furthermore, the thesis analyzes the execution cost of mitigating Spectre version 1 in a Genode's remote procedure call.

The result shows how Genode does not mitigate the Meltdown attack, which will be confirmed by demonstrating a working Meltdown attack on Genode+Linux. We also determine that microkernels are vulnerable to Spectre by demonstrating a working attack against two microkernels. However, we show that the cost of mitigating this Spectre attack is small, with a cost of < 3 slowdown for remote procedure calls in Genode.

Place, publisher, year, edition, pages
2019. , p. 55
Keywords [en]
Genode, Meltdown, Spectre, Nova, Okl4, microarchitectural attacks, microkernel
National Category
Computer Engineering
Identifiers
URN: urn:nbn:se:liu:diva-159999ISRN: LIU-IDA/LITH-EX-A--19/045--SEOAI: oai:DiVA.org:liu-159999DiVA, id: diva2:1347639
External cooperation
Sectra Communications
Subject / course
Computer Engineering
Supervisors
Examiners
Available from: 2019-09-02 Created: 2019-09-02 Last updated: 2019-09-02Bibliographically approved

Open Access in DiVA

fulltext(1085 kB)51 downloads
File information
File name FULLTEXT01.pdfFile size 1085 kBChecksum SHA-512
ff64c47988c2f60c21a8a63340a87c73bdd8bcaf0cd4725bd083af3574b9203bab1d9b232ea1cfdab2f1f4fd9f07f645531ab52c48998d9a00baad80b4b45f3a
Type fulltextMimetype application/pdf

By organisation
Department of Computer and Information Science
Computer Engineering

Search outside of DiVA

GoogleGoogle Scholar
Total: 51 downloads
The number of downloads is the sum of all downloads of full texts. It may include eg previous versions that are now no longer available

urn-nbn

Altmetric score

urn-nbn
Total: 61 hits
CiteExportLink to record
Permanent link

Direct link
Cite
Citation style
  • apa
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • Other style
More styles
Language
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Other locale
More languages
Output format
  • html
  • text
  • asciidoc
  • rtf