Marco Negro
Exploring Microarchitectural Leakage through Fuzzing.
Rel. Edgar Ernesto Sanchez Sanchez, Marco Guarnieri. Politecnico di Torino, Corso di laurea magistrale in Ingegneria Informatica (Computer Engineering), 2026
Abstract
Microarchitectural security has gained significant attention in recent years, especially after the discovery of the Spectre and Meltdown vulnerabilities, which challenged assumptions about processor isolation guarantees. In response to these vulnerabilities, both manual security analysis and automated testing tool development increased. However, existing automated approaches often rely on ad-hoc heuristics or templates which only find variants of already known vulnerabilities, or focus on generation without feedback, or use inefficient coverage metrics. Moreover, hardware fuzzing lags behind software fuzzing in terms of maturity and effectiveness. Revizor, maintained by Microsoft Azure Research, represents the state-of-the-art in CPU fuzzing. It formalizes microarchitectural leakage through Hardware-Software Contracts and provides a framework for detecting it.
Revizor operates only on commercial black-box CPUs or architectural emulators, which means it has no visibility of the microarchitecture and cannot perform pre-silicon testing
Relatori
Anno Accademico
Tipo di pubblicazione
Numero di pagine
Informazioni aggiuntive
Corso di laurea
Classe di laurea
Aziende collaboratrici
URI
![]() |
Modifica (riservato agli operatori) |
