Speculative Execution Attack Methodologies (SEAM): An overview and component modelling of Spectre, Meltdown and Foreshadow attack methods

Abstract

Speculative execution has made a significant impact in the processing speed of computing devices over the last circa 20 years. The functionality of modern CPU's to be able to ‘speculatively’ execute instructions ahead and ‘out-of-order’ of the normal process has increasingly optimized performance. However, vulnerabilities inherent in the speculative execution design are being increasingly discovered. This paper will provide an overview of some of the published works of these CPU vulnerabilities. In addition to providing an overview, this paper presents SEAM: Speculative Execution Attack Methodologies. Representing the attacks via Speculative Execution Attack Schemas (SE Attack Schemas) of the attack types provides further granularity to the attacks. The SE Schemas of existing exploits can potentially be used in future research to identify specific attack approaches and enable scrutiny of the underlying complexity in a more organized manner.