It's been a while since the recognition explosion they got back in 2019, but preventing side-channel attacks is still an important part of our cybersecurity. An exotic approach towards information stealing, side-channel attacks marred CPU designs from both AMD and Intel, with vulnerabilities proving severe enough that companies preferred to roll out performance-degrading patches rather than let customers operate in insecure hardware. Now,
a new MIT framework by the name of Metior [PDF] aims to improve the world's capability to better understand side-channel attacks and perhaps improve how to defend against them.
Metior is an analysis framework built by the Massachusetts Institute of Technology that aims to simplify hardware and software design frameworks to improve defense capabilities against known (and unknown) side-channel attacks. Essentially, Metior enables engineers to quantitatively evaluate how much information an attacker can steal with a given side-channel attack.
It's essentially a simulation sandbox, where chip designers and other engineers can find what combination of defenses maximizes their protection against side-channel attacks, according to their use-case. Because you can quantitively measure how much information is stolen, you can calculate the impact of it being stolen (according to your system and program and every other variable), which means you can now decide to bake in protections from the most impactful types of attacks.
www.tomshardware.com
