Meltdown, Spectre, and the hidden side of a computer's processor

Staff - Faculty of Informatics

Date: 22 February 2018 / 17:30 - 18:30

USI Lugano Campus, room A12, Red building (Via G. Buffi 13)


Paolo Bonzini


Red Hat, Inc.


Thursday, February 22, 2018


USI Lugano Campus, room A12, Red building (Via G. Buffi 13)






At the beginning of the year, a set of three computer vulnerabilities got into the spotlight. In fact, all the ingredients needed to attract attention were there: the core issue was unusually located in the processor rather than the software; almost all personal computers, servers and portable devices were affected to some extent; and the bugs also had two fancy nicknames, "Meltdown" and "Spectre". A closer look at Meltdown and Spectre is instructive even though the practical implications are probably much less frightening than originally reported. This talk will present the basic ideas behind modern processor architectures, including out-of-order execution, branch prediction and caching, and how they can be combined to create a side-channel attack. I will then look at what is software's role in mitigating the issue, and what a longer term fix will look like.




Paolo Bonzini is a Senior Principal Software Engineer at Red Hat, working on virtualization and helping with the maintenance of open source software related to virtualization and emulation. Before working for Red Hat, he obtained a Ph.D. in Informatics from the Università della Svizzera italiana, Lugano (2009).




Prof. Matthias Hauswirth