A Brief History of Spectre and Meltdown

Meltdown could allow hackers to circumvent the hardware barrier between applications run by users and the computer’s core memory. It is named ‘Meltdown’ because the “vulnerability basically melts security boundaries which are normally enforced by the hardware,” states the official website hosted by the Graz University of Technology. “This attack allows a program to access the memory, and thus also the secrets of other programs and the operating system.” Meltdown flaw refers to melting the security boundary between the computer’s core memory and memory of user applications.  This enables a hacker to trespass the memory area to steal secrets and sensitive data present on the system. CVE-2017-5754 is the official reference to Meltdown.Meltdown flaw was independently reported by below three teams —

Jann Horn from Google Project ZeroWerner Haas and Thomas Prescher from Cyberus TechnologyDaniel Gruss, Stefan Mangard, Moritz Lipp, and Michael Schwarz from Graz University of Technology

Spectre flaw allows hackers to mimic fair applications to retrieve secret information. The name ‘Spectre’ derived from ‘speculative execution’.  CVE-2017-5753 and CVE-2017-5715 are the official references to Spectre.  Spectre was independently discovered and reported by two people:

Jann Horn (Google Project Zero) andPaul Kocher in collaboration with Daniel Genkin (University of Pennsylvania and University of Maryland), Mike Hamburg(Rambus), Moritz Lipp (Graz University of Technology), and Yuval Yarom (University of Adelaide and Data61)

Meltdown flaw seems to impact only Intel-based processors whereas Spectre is more general in nature and impact all major processors architectures and difficult to fix.

The problem is in Genes

These twin flaws are like a problematic DNA that does not have a permanent cure.  For instance, in case of autoimmune diseases like psoriasis, doctor tries to mitigate the problem rather curing the disease itself.  We have Spectre here which is not only harder to exploit but it is also harder to mitigate.​It is surprising to know that Meltdown has introduced around the year 1995.  The arrival of these flaws made people think about open source processor.  

What is Open Source Hardware (OSH)?

As a reference to popular term Open Source Software (OSS). Open Source Hardware (OSH) refers to providing free and open tools that form essential components in developing a new chip under open source license. Looks interesting? However the OGH is not a recently evolved concept, several companies shown interest in the past.​In the world of OSH, we will see three projects have been developing for quite some time. They are: OpenSPARC, OpenRISC & RISC-V and OpenPower. Let us see the details of these open source processor architectures and how they differ each other.  

OpenSPARC

OpenSPARC  (Open Scalable Processor ARChitecture) project is taken up by Sun Microsystems in the year 2006. There exist two versions called OpenSPARC T1 and OpenSPARC T2 under an open source license. These 64-bit processors were earlier known as UltraSPARC. OpenSPARC processors implemented CMT (chip multithreaded) and can boot operating systems like Solaris, Linux, FreeBSD. These two projects have full-fledged chipset containing processor design source code, simulation tools, verification suits, hypervisor source code, etc. However, these two processors are more than a decade age old with no or limited fan base. The future of T1 and T2 is in the hands of consumers and Oracle.  

OpenRISC & RISC-V

OpenRISC offers an open design for a processor based on established reduced instruction set computing (RISC) principles meant for networking and embedded devices.   There two implementations exist namely e OpenRISC 1000 and e OpenRISC 1200. As the OpenRISC 1000 is available in both 32-bit and 64-bit architectures and considered stable. Linux kernel and other real-time OS like FreeRTOS, eCos, and  QEMU ported to OpenRISC family. RISC-V is an open instruction set architecture (ISA) based on RISC principles.  The project began in 2010 at the University of California, Berkeley.  RISC-V ISA is free and anyone to design, manufacture and sell RISC-V chips and software.  To promote the RISC-V ecosystem, RISC-V Foundation with more than 100 members was set up. The members include companies like IBM, AMD, Google, IBM. Nvidia, NXP, Qualcomm and Western Digital. In Nov 2017, Western Digital announced its interest to use the RISC-V ISA across its existing product stack line.  

OpenPower

​The OpenPOWER Foundation was created by IBM in 2013 to enable the customization of POWER (Performance Optimized With Enhanced RISC) processors.  The foundation has more than 250 members.  Some of the foundation members include AMD, HP, Google, NVidia, Rackspace, Tyan, Mellanox.  

Conclusion

An unpleasant situation created Meltdown and Spectre flaws revived the need for an open source processor. Linux as an open source project stands successfully after facing various challenges over more than two decades.  Who knows open source processors could transform our lives as Linux did for us. Please share your thoughts about open processors in the comment section below.