As most of us know, Spectre and Meltdown are modern processor vulnerabilities that surfaced earlier this year – allowing programs to steal data processed on billions of devices. Spectre and Meltdown are two separate flaws, although both exploit caches through side channels, which is why they are often discussed together.
Modern CPUs are incredibly sophisticated. They are capable of executing a sequence of machine instructions ahead and out of order while waiting for memory loads – a process known as speculative execution. More advanced processors can not only speculatively execute the next instruction but also combine this with branch prediction, where the processor accurately predicts in which way the branch will execute based on past history.
Independently discovered and reported, both Spectre and Meltdown attacks pose serious threats to actual systems, since vulnerable speculative execution capabilities and branch predictions are found in microprocessors from Intel, AMD, and ARM that are used in billions of devices.
Real-World Impact Measurement of Spectre and Meltdown patches
Given the complexity of modern CPU architecture, understanding Spectre and Meltdown vulnerabilities is a daunting task and more importantly identifying the performance impact caused by them specific to your infrastructure. Spirent can help test the effects of Spectre and Meltdown patches to make sure your offered services and applications are not impacted – by testing your infrastructure before and after you apply the security software patches.
We at Spirent have been working with our customers to test the effects of Spectre and Meltdown patches on servers in a pre-production environment. The testbed consists of two identical servers – one the control, the other patched to mitigate the effects of Spectre and Meltdown. Specific tests were designed to help customers determine the effect of the patches on actual workloads. In other words, this is real-life – not a laboratory simulation.
Read more for sample test results and findings from the patch-and-control performance of the servers focused on three areas of impact: Compute, network I/O, and storage I/O.