From Random Observations to Automated Leakage Discovery

Michael Schwarz

"Microarchitectural security is still a relatively young research area. There are still many discoveries to be made, even for beginners in the field. Simple experiments with seemingly random, weird observations later turn out to be side channels or even processor vulnerabilities. However, even for domain experts, designing experiments to discover new side-channel leakage can be a tedious and time-consuming process that also requires a non-negligible amount of luck." This talk will show how automation can help in this discovery process. It will cover recent advances in tooling and automation for microarchitectural leakage discovery, drawing parallels to the field of software testing. Although automation is still in an early stage when compared to software testing, it will show that the current approaches can already discover previously unknown side channels and transient-execution attacks.