In light of yet another side-channel attack, Cyberus Technology announces the a public side-channel mitigation test and benchmarking lab. This new lab will enable us to evaluate new side-channel attacks and new mitigations against such attacks in a quick and automated manner.
Since the publication of Meltdown and Spectre in early 2017 a constant stream of side-channel attacks was published. For each of these attacks software and hardware mitigations were published. These different mitigations have induced a performance impact. Thus it has become clear that an automated testing and benchmarking lab is needed.
The Side-Channel Lab we are announcing today will enable evaluation of new side-channel attacks and new mitigations against such attacks in a quick and automated manner. You can find an early demonstration of the lab at https://opensource.sotest.io
The screenshot shows a meltdown sample running on three different hardware platforms and two different Linux kernels. The Linux kernels are configured to run with and without the Meltdown mitigations. We can show that the Meltdown mitigations in the Linux kernel work.
The screenshot above shows part of the detailed test output for each of the different test runs. It shows the full Linux kernel log and the output of the Meltdown test sample.
Our current freely available demo setup features a limited set of machines and operating system kernels. The current version is an early demonstration of the technology and is built on top of our Sotest Test infrastructure.
Sotest has enabled us to develop high-quality software and we believe it to be useful for a wider audience. We are using Sotest internally for fully automated end-to-end testing of our hypervisor technology on many different platforms.
Sotest enables full orchestration of hardware platforms and allows us to take test-driven development to the next level. For more information on Sotest or the Cyberus Side Channel Lab, please contact Jacek Galowicz.