高速以太网

Down for upgrades? Measuring the Impact of Spectre and Meltdown

作者:

Blog - Down for upgrades? Measuring the Impact of Spectre and Meltdown

As most of us know, Spectre and Meltdown are modern processor vulnerabilities that surfaced earlier this year – allowing programs to steal data processed on billions of devices.

As most of us know, Spectre and Meltdown are modern processor vulnerabilities that surfaced earlier this year – allowing programs to steal data processed on billions of devices. Spectre and Meltdown are two separate flaws, although both exploit caches through side channels, which is why they are often discussed together.

Exploiting Vulnerabilities

Modern CPUs are incredibly sophisticated. They are capable of executing a sequence of machine instructions ahead and out of order while waiting for memory loads – a process known as speculative execution. More advanced processors can not only speculatively execute the next instruction but also combine this with branch prediction, where the processor accurately predicts in which way the branch will execute based on past history.

Spectre Meltdown

Independently discovered and reported, both Spectre and Meltdown attacks pose serious threats to actual systems, since vulnerable speculative execution capabilities and branch predictions are found in microprocessors from Intel, AMD, and ARM that are used in billions of devices.

Real-World Impact Measurement of Spectre and Meltdown patches

Given the complexity of modern CPU architecture, understanding Spectre and Meltdown vulnerabilities is a daunting task and more importantly identifying the performance impact caused by them specific to your infrastructure. Spirent can help test the effects of Spectre and Meltdown patches to make sure your offered services and applications are not impacted – by testing your infrastructure before and after you apply the security software patches.

Performance Summary

We at Spirent have been working with our customers to test the effects of Spectre and Meltdown patches on servers in a pre-production environment. The testbed consists of two identical servers – one the control, the other patched to mitigate the effects of Spectre and Meltdown. Specific tests were designed to help customers determine the effect of the patches on actual workloads. In other words, this is real-life – not a laboratory simulation.

Read more for sample test results and findings from the patch-and-control performance of the servers focused on three areas of impact: Compute, network I/O, and storage I/O.

喜欢我们的内容吗?

在这里订阅我们的博客

博客订阅

标签Ethernet+IP
Malathi Malla
Malathi Malla

Malathi Malla主管思博伦的云、数据中心和虚拟化分部。她负责的是产品营销、技术营销和产品管理业务,推进各类云和IP解决方案的入市战略。她在多家硅谷创业企业和大型企业拥有超过14年的高技术从业经验,包括Citrix、IBM、Sterling Commerce(AT&T的软件分部)和Comergent Technologies。Malathi还在开放联网基金会和OpenDayLight等多个开源社区担任思博伦的首席营销代表。欢迎通过LinkedIn或关注Twitter上的@malathimalla,与Malathi交流并建立联系。