The Performance Cost of Security

• Main Author: Bowen, Lucy R
• Format: Others
• Published: DigitalCommons@CalPoly 2019
• Subjects: Security; Microarchitecture Attack; Cache Attack; Timing Attack; Meltdown; Spectre; Information Security; Risk Analysis; Systems Architecture
• Online Access: https://digitalcommons.calpoly.edu/theses/2002; https://digitalcommons.calpoly.edu/cgi/viewcontent.cgi?article=3412&context=theses

Historically, performance has been the most important feature when optimizing computer hardware. Modern processors are so highly optimized that every cycle of computation time matters. However, this practice of optimizing for performance at all costs has been called into question by new microarchitectural attacks, e.g. Meltdown and Spectre. Microarchitectural attacks exploit the effects of microarchitectural components or optimizations in order to leak data to an attacker. These attacks have caused processor manufacturers to introduce performance impacting mitigations in both software and silicon. To investigate the performance impact of the various mitigations, a test suite of forty-seven different tests was created. This suite was run on a series of virtual machines that tested both Ubuntu 16 and Ubuntu 18. These tests investigated the performance change across version updates and the performance impact of CPU core number vs. default microarchitectural mitigations. The testing proved that the performance impact of the microarchitectural mitigations is non-trivial, as the percent difference in performance can be as high as 200%.