{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,3,5]],"date-time":"2026-03-05T15:46:18Z","timestamp":1772725578904,"version":"3.50.1"},"publisher-location":"New York, NY, USA","reference-count":64,"publisher":"ACM","license":[{"start":{"date-parts":[[2023,6,17]],"date-time":"2023-06-17T00:00:00Z","timestamp":1686960000000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.acm.org\/publications\/policies\/copyright_policy#Background"}],"funder":[{"name":"SRC\/DARPA","award":["ACE Center JUMP 2.0"],"award-info":[{"award-number":["ACE Center JUMP 2.0"]}]},{"DOI":"10.13039\/100000001","name":"National Science Foundation","doi-asserted-by":"publisher","award":["2018627"],"award-info":[{"award-number":["2018627"]}],"id":[{"id":"10.13039\/100000001","id-type":"DOI","asserted-by":"publisher"}]},{"DOI":"10.13039\/100006602","name":"Air Force Research Laboratory","doi-asserted-by":"publisher","award":["FA8650-20-C-1719"],"award-info":[{"award-number":["FA8650-20-C-1719"]}],"id":[{"id":"10.13039\/100006602","id-type":"DOI","asserted-by":"publisher"}]}],"content-domain":{"domain":["dl.acm.org"],"crossmark-restriction":true},"short-container-title":[],"published-print":{"date-parts":[[2023,6,17]]},"DOI":"10.1145\/3579371.3589070","type":"proceedings-article","created":{"date-parts":[[2023,6,16]],"date-time":"2023-06-16T20:25:28Z","timestamp":1686947128000},"page":"1-15","update-policy":"https:\/\/doi.org\/10.1145\/crossmark-policy","source":"Crossref","is-referenced-by-count":6,"title":["TEESec: Pre-Silicon Vulnerability Discovery for Trusted Execution Environments"],"prefix":"10.1145","author":[{"ORCID":"https:\/\/orcid.org\/0000-0002-1744-7672","authenticated-orcid":false,"given":"Moein","family":"Ghaniyoun","sequence":"first","affiliation":[{"name":"The Ohio State University, Columbus, Ohio, USA"}]},{"ORCID":"https:\/\/orcid.org\/0000-0001-6184-9954","authenticated-orcid":false,"given":"Kristin","family":"Barber","sequence":"additional","affiliation":[{"name":"Google, Mountain View, California, USA"}]},{"ORCID":"https:\/\/orcid.org\/0009-0003-7249-277X","authenticated-orcid":false,"given":"Yuan","family":"Xiao","sequence":"additional","affiliation":[{"name":"Intel Labs, Santa Clara, California, USA"}]},{"ORCID":"https:\/\/orcid.org\/0000-0002-7585-1075","authenticated-orcid":false,"given":"Yinqian","family":"Zhang","sequence":"additional","affiliation":[{"name":"SUSTech, Shenzhen, China"}]},{"ORCID":"https:\/\/orcid.org\/0000-0002-6474-2201","authenticated-orcid":false,"given":"Radu","family":"Teodorescu","sequence":"additional","affiliation":[{"name":"The Ohio State University, Columbus, Ohio, USA"}]}],"member":"320","published-online":{"date-parts":[[2023,6,17]]},"reference":[{"key":"e_1_3_2_1_1_1","doi-asserted-by":"publisher","DOI":"10.1145\/1314466.1314469"},{"key":"e_1_3_2_1_4_1","doi-asserted-by":"publisher","DOI":"10.1109\/MM.2020.2996616"},{"key":"e_1_3_2_1_6_1","volume-title":"CURE: A Security Architecture with CUstomizable and Resilient Enclaves. In 30th USENIX Security Symposium (USENIX Security 21)","author":"Bahmani Raad","year":"2021","unstructured":"Raad Bahmani , Ferdinand Brasser , Ghada Dessouky , Patrick Jauernig , Matthias Klimmek , Ahmad-Reza Sadeghi , and Emmanuel Stapf . 2021 . CURE: A Security Architecture with CUstomizable and Resilient Enclaves. In 30th USENIX Security Symposium (USENIX Security 21) . 1073--1090. Raad Bahmani, Ferdinand Brasser, Ghada Dessouky, Patrick Jauernig, Matthias Klimmek, Ahmad-Reza Sadeghi, and Emmanuel Stapf. 2021. CURE: A Security Architecture with CUstomizable and Resilient Enclaves. In 30th USENIX Security Symposium (USENIX Security 21). 1073--1090."},{"key":"e_1_3_2_1_7_1","doi-asserted-by":"publisher","DOI":"10.1109\/LCA.2022.3151256"},{"key":"e_1_3_2_1_8_1","volume-title":"Nigel P Smart, and Yuval Yarom.","author":"Benger Naomi","year":"2014","unstructured":"Naomi Benger , Joop Van de Pol , Nigel P Smart, and Yuval Yarom. 2014 . \"Ooh Aah... Just a Little Bit\": a small amount of side channel can go a long way. In Cryptographic Hardware and Embedded Systems-CHES 2014: 16th International Workshop, Busan, South Korea, September 23--26, 2014. Proceedings 16. Springer , 75--92. Naomi Benger, Joop Van de Pol, Nigel P Smart, and Yuval Yarom. 2014. \"Ooh Aah... Just a Little Bit\": a small amount of side channel can go a long way. In Cryptographic Hardware and Embedded Systems-CHES 2014: 16th International Workshop, Busan, South Korea, September 23--26, 2014. Proceedings 16. Springer, 75--92."},{"key":"e_1_3_2_1_9_1","doi-asserted-by":"publisher","DOI":"10.1145\/3352460.3358310"},{"key":"e_1_3_2_1_10_1","unstructured":"Ferdinand Brasser Urs M\u00fcller Alexandra Dmitrienko Kari Kostiainen Srdjan Capkun and Ahmad-Reza Sadeghi. 2017. Software Grand Exposure: SGX Cache Attacks Are Practical.. In WOOT. 11--11.  Ferdinand Brasser Urs M\u00fcller Alexandra Dmitrienko Kari Kostiainen Srdjan Capkun and Ahmad-Reza Sadeghi. 2017. Software Grand Exposure: SGX Cache Attacks Are Practical.. In WOOT. 11--11."},{"key":"e_1_3_2_1_11_1","volume-title":"Proceedings of the 2021 ACM SIGSAC Conference on Computer and Communications Security. 2875--2889","author":"Buhren Robert","year":"2021","unstructured":"Robert Buhren , Hans-Niklas Jacob , Thilo Krachenfels , and Jean-Pierre Seifert . 2021 . One glitch to rule them all: Fault injection attacks against AMD's secure encrypted virtualization . In Proceedings of the 2021 ACM SIGSAC Conference on Computer and Communications Security. 2875--2889 . Robert Buhren, Hans-Niklas Jacob, Thilo Krachenfels, and Jean-Pierre Seifert. 2021. One glitch to rule them all: Fault injection attacks against AMD's secure encrypted virtualization. In Proceedings of the 2021 ACM SIGSAC Conference on Computer and Communications Security. 2875--2889."},{"key":"e_1_3_2_1_12_1","volume-title":"26th USENIX Security Symposium (USENIX Security 17)","author":"Bulck Jo Van","year":"2017","unstructured":"Jo Van Bulck , Nico Weichbrodt , R\u00fcdiger Kapitza , Frank Piessens , and Raoul Strackx . 2017 . Telling Your Secrets without Page Faults: Stealthy Page Table-Based Attacks on Enclaved Execution . In 26th USENIX Security Symposium (USENIX Security 17) . Vancouver, BC, 1041--1056. Jo Van Bulck, Nico Weichbrodt, R\u00fcdiger Kapitza, Frank Piessens, and Raoul Strackx. 2017. Telling Your Secrets without Page Faults: Stealthy Page Table-Based Attacks on Enclaved Execution. In 26th USENIX Security Symposium (USENIX Security 17). Vancouver, BC, 1041--1056."},{"key":"e_1_3_2_1_14_1","doi-asserted-by":"publisher","DOI":"10.1109\/HPCA.2010.5416657"},{"key":"e_1_3_2_1_15_1","volume-title":"Verifying RISC-V physical memory protection. arXiv preprint arXiv:2211.02179","author":"Cheang Kevin","year":"2022","unstructured":"Kevin Cheang , Cameron Rasmussen , Dayeol Lee , David W Kohlbrenner , Krste Asanovi\u0107 , and Sanjit A Seshia . 2022. Verifying RISC-V physical memory protection. arXiv preprint arXiv:2211.02179 ( 2022 ). Kevin Cheang, Cameron Rasmussen, Dayeol Lee, David W Kohlbrenner, Krste Asanovi\u0107, and Sanjit A Seshia. 2022. Verifying RISC-V physical memory protection. arXiv preprint arXiv:2211.02179 (2022)."},{"key":"e_1_3_2_1_16_1","volume-title":"2019 IEEE European Symposium on Security and Privacy (EuroS P). 142--157","author":"Chen Guoxing","unstructured":"Guoxing Chen , Sanchuan Chen , Yuan Xiao , Yinqian Zhang , Zhiqiang Lin , and Ten H. Lai . 2019. SgxPectre: Stealing Intel Secrets from SGX Enclaves Via Speculative Execution . In 2019 IEEE European Symposium on Security and Privacy (EuroS P). 142--157 . Guoxing Chen, Sanchuan Chen, Yuan Xiao, Yinqian Zhang, Zhiqiang Lin, and Ten H. Lai. 2019. SgxPectre: Stealing Intel Secrets from SGX Enclaves Via Speculative Execution. In 2019 IEEE European Symposium on Security and Privacy (EuroS P). 142--157."},{"key":"e_1_3_2_1_17_1","volume-title":"Sanctum: Minimal Hardware Extensions for Strong Software Isolation. In 25th USENIX Security Symposium (USENIX Security 16)","author":"Costan Victor","year":"2016","unstructured":"Victor Costan , Ilia Lebedev , and Srinivas Devadas . 2016 . Sanctum: Minimal Hardware Extensions for Strong Software Isolation. In 25th USENIX Security Symposium (USENIX Security 16) . Austin, TX, 857--874. Victor Costan, Ilia Lebedev, and Srinivas Devadas. 2016. Sanctum: Minimal Hardware Extensions for Strong Software Isolation. In 25th USENIX Security Symposium (USENIX Security 16). Austin, TX, 857--874."},{"key":"e_1_3_2_1_18_1","volume-title":"2014 47th Annual IEEE\/ACM International Symposium on Microarchitecture. IEEE, 190--202","author":"Evtyushkin Dmitry","year":"2014","unstructured":"Dmitry Evtyushkin , Jesse Elwell , Meltem Ozsoy , Dmitry Ponomarev , Nael Abu Ghazaleh , and Ryan Riley . 2014 . Iso-x: A flexible architecture for hardware-managed isolated execution . In 2014 47th Annual IEEE\/ACM International Symposium on Microarchitecture. IEEE, 190--202 . Dmitry Evtyushkin, Jesse Elwell, Meltem Ozsoy, Dmitry Ponomarev, Nael Abu Ghazaleh, and Ryan Riley. 2014. Iso-x: A flexible architecture for hardware-managed isolated execution. In 2014 47th Annual IEEE\/ACM International Symposium on Microarchitecture. IEEE, 190--202."},{"key":"e_1_3_2_1_19_1","volume-title":"2020 57th ACM\/IEEE Design Automation Conference (DAC). 1--6.","author":"Fadiheh Mohammad Rahmani","year":"2020","unstructured":"Mohammad Rahmani Fadiheh , Johannes Muller , Raik Brinkmann , Subhasish Mitra , Dominik Stoffel , and Wolfgang Kunz . 2020 . A Formal Approach for Detecting Vulnerabilities to Transient Execution Attacks in Out-of-Order Processors . In 2020 57th ACM\/IEEE Design Automation Conference (DAC). 1--6. Mohammad Rahmani Fadiheh, Johannes Muller, Raik Brinkmann, Subhasish Mitra, Dominik Stoffel, and Wolfgang Kunz. 2020. A Formal Approach for Detecting Vulnerabilities to Transient Execution Attacks in Out-of-Order Processors. In 2020 57th ACM\/IEEE Design Automation Conference (DAC). 1--6."},{"key":"e_1_3_2_1_20_1","volume-title":"Scalable Memory Protection in the PENGLAI Enclave. In 15th USENIX Symposium on Operating Systems Design and Implementation (OSDI 21)","author":"Feng Erhu","year":"2021","unstructured":"Erhu Feng , Xu Lu , Dong Du , Bicheng Yang , Xueqiang Jiang , Yubin Xia , Binyu Zang , and Haibo Chen . 2021 . Scalable Memory Protection in the PENGLAI Enclave. In 15th USENIX Symposium on Operating Systems Design and Implementation (OSDI 21) . 275--294. Erhu Feng, Xu Lu, Dong Du, Bicheng Yang, Xueqiang Jiang, Yubin Xia, Binyu Zang, and Haibo Chen. 2021. Scalable Memory Protection in the PENGLAI Enclave. In 15th USENIX Symposium on Operating Systems Design and Implementation (OSDI 21). 275--294."},{"key":"e_1_3_2_1_21_1","volume-title":"Komodo: Using Verification to Disentangle Secure-Enclave Hardware from Software","author":"Ferraiuolo Andrew","year":"2017","unstructured":"Andrew Ferraiuolo , Andrew Baumann , Chris Hawblitzel , and Bryan Parno . 2017 . Komodo: Using Verification to Disentangle Secure-Enclave Hardware from Software . Association for Computing Machinery , New York, NY, USA . Andrew Ferraiuolo, Andrew Baumann, Chris Hawblitzel, and Bryan Parno. 2017. Komodo: Using Verification to Disentangle Secure-Enclave Hardware from Software. Association for Computing Machinery, New York, NY, USA."},{"key":"e_1_3_2_1_22_1","volume-title":"2021 ACM\/IEEE 48th Annual International Symposium on Computer Architecture (ISCA). IEEE, 874--887","author":"Ghaniyoun Moein","year":"2021","unstructured":"Moein Ghaniyoun , Kristin Barber , Yinqian Zhang , and Radu Teodorescu . 2021 . INTROSPECTRE: A pre-silicon framework for discovery and analysis of transient execution vulnerabilities . In 2021 ACM\/IEEE 48th Annual International Symposium on Computer Architecture (ISCA). IEEE, 874--887 . Moein Ghaniyoun, Kristin Barber, Yinqian Zhang, and Radu Teodorescu. 2021. INTROSPECTRE: A pre-silicon framework for discovery and analysis of transient execution vulnerabilities. In 2021 ACM\/IEEE 48th Annual International Symposium on Computer Architecture (ISCA). IEEE, 874--887."},{"key":"e_1_3_2_1_23_1","volume-title":"Cache Attacks on Intel SGX","author":"G\u00f6tzfried Johannes","unstructured":"Johannes G\u00f6tzfried , Moritz Eckert , Sebastian Schinzel , and Tilo M\u00fcller . 2017. Cache Attacks on Intel SGX . Association for Computing Machinery , New York, NY, USA . Johannes G\u00f6tzfried, Moritz Eckert, Sebastian Schinzel, and Tilo M\u00fcller. 2017. Cache Attacks on Intel SGX. Association for Computing Machinery, New York, NY, USA."},{"key":"e_1_3_2_1_24_1","volume-title":"High-Resolution Side Channels for Untrusted Operating Systems. In 2017 USENIX Annual Technical Conference (USENIX ATC 17)","author":"H\u00e4hnel Marcus","year":"2017","unstructured":"Marcus H\u00e4hnel , Weidong Cui , and Marcus Peinado . 2017 . High-Resolution Side Channels for Untrusted Operating Systems. In 2017 USENIX Annual Technical Conference (USENIX ATC 17) . Santa Clara, CA, 299--312. Marcus H\u00e4hnel, Weidong Cui, and Marcus Peinado. 2017. High-Resolution Side Channels for Untrusted Operating Systems. In 2017 USENIX Annual Technical Conference (USENIX ATC 17). Santa Clara, CA, 299--312."},{"key":"e_1_3_2_1_27_1","doi-asserted-by":"publisher","DOI":"10.1145\/3342195.3387532"},{"key":"e_1_3_2_1_28_1","volume-title":"Inferring Fine-grained Control Flow Inside SGX Enclaves with Branch Shadowing. In 26th USENIX Security Symposium (USENIX Security 17)","author":"Lee Sangho","year":"2017","unstructured":"Sangho Lee , Ming-Wei Shih , Prasun Gera , Taesoo Kim , Hyesoon Kim , and Marcus Peinado . 2017 . Inferring Fine-grained Control Flow Inside SGX Enclaves with Branch Shadowing. In 26th USENIX Security Symposium (USENIX Security 17) . Vancouver, BC, 557--574. Sangho Lee, Ming-Wei Shih, Prasun Gera, Taesoo Kim, Hyesoon Kim, and Marcus Peinado. 2017. Inferring Fine-grained Control Flow Inside SGX Enclaves with Branch Shadowing. In 26th USENIX Security Symposium (USENIX Security 17). Vancouver, BC, 557--574."},{"key":"e_1_3_2_1_29_1","volume-title":"2022 IEEE Symposium on Security and Privacy (SP). 337--351","author":"Li Mengyuan","year":"2022","unstructured":"Mengyuan Li , Luca Wilke , Jan Wichelmann , Thomas Eisenbarth , Radu Teodorescu , and Yinqian Zhang . 2022 . A Systematic Look at Ciphertext Side Channels on AMD SEV-SNP . In 2022 IEEE Symposium on Security and Privacy (SP). 337--351 . Mengyuan Li, Luca Wilke, Jan Wichelmann, Thomas Eisenbarth, Radu Teodorescu, and Yinqian Zhang. 2022. A Systematic Look at Ciphertext Side Channels on AMD SEV-SNP. In 2022 IEEE Symposium on Security and Privacy (SP). 337--351."},{"key":"e_1_3_2_1_30_1","volume-title":"28th USENIX Security Symposium (USENIX Security 19)","author":"Li Mengyuan","year":"2019","unstructured":"Mengyuan Li , Yinqian Zhang , Zhiqiang Lin , and Yan Solihin . 2019 . Exploiting Unprotected I\/O Operations in AMD's Secure Encrypted Virtualization . In 28th USENIX Security Symposium (USENIX Security 19) . Santa Clara, CA, 1257--1272. Mengyuan Li, Yinqian Zhang, Zhiqiang Lin, and Yan Solihin. 2019. Exploiting Unprotected I\/O Operations in AMD's Secure Encrypted Virtualization. In 28th USENIX Security Symposium (USENIX Security 19). Santa Clara, CA, 1257--1272."},{"key":"e_1_3_2_1_31_1","volume-title":"30th USENIX Security Symposium (USENIX Security 21)","author":"Li Mengyuan","year":"2021","unstructured":"Mengyuan Li , Yinqian Zhang , Huibo Wang , Kang Li , and Yueqiang Cheng . 2021 . CIPHERLEAKS: Breaking Constant-time Cryptography on AMD SEV via the Ciphertext Side Channel . In 30th USENIX Security Symposium (USENIX Security 21) . 717--732. Mengyuan Li, Yinqian Zhang, Huibo Wang, Kang Li, and Yueqiang Cheng. 2021. CIPHERLEAKS: Breaking Constant-time Cryptography on AMD SEV via the Ciphertext Side Channel. In 30th USENIX Security Symposium (USENIX Security 21). 717--732."},{"key":"e_1_3_2_1_32_1","volume-title":"TLB Poisoning Attacks on AMD Secure Encrypted Virtualization. In Annual Computer Security Applications Conference. 609--619","author":"Li Mengyuan","year":"2021","unstructured":"Mengyuan Li , Yinqian Zhang , Huibo Wang , Kang Li , and Yueqiang Cheng . 2021 . TLB Poisoning Attacks on AMD Secure Encrypted Virtualization. In Annual Computer Security Applications Conference. 609--619 . Mengyuan Li, Yinqian Zhang, Huibo Wang, Kang Li, and Yueqiang Cheng. 2021. TLB Poisoning Attacks on AMD Secure Encrypted Virtualization. In Annual Computer Security Applications Conference. 609--619."},{"key":"e_1_3_2_1_33_1","doi-asserted-by":"publisher","DOI":"10.1145\/356989.357005"},{"key":"e_1_3_2_1_34_1","volume-title":"27th USENIX Security Symposium (USENIX Security 18)","author":"Lipp Moritz","year":"2018","unstructured":"Moritz Lipp , Michael Schwarz , Daniel Gruss , Thomas Prescher , Werner Haas , Anders Fogh , Jann Horn , Stefan Mangard , Paul Kocher , Daniel Genkin , Yuval Yarom , and Mike Hamburg . 2018 . Meltdown: Reading Kernel Memory from User Space . In 27th USENIX Security Symposium (USENIX Security 18) . 973--990. Moritz Lipp, Michael Schwarz, Daniel Gruss, Thomas Prescher, Werner Haas, Anders Fogh, Jann Horn, Stefan Mangard, Paul Kocher, Daniel Genkin, Yuval Yarom, and Mike Hamburg. 2018. Meltdown: Reading Kernel Memory from User Space. In 27th USENIX Security Symposium (USENIX Security 18). 973--990."},{"key":"e_1_3_2_1_35_1","volume-title":"2016 IEEE International Symposium on High Performance Computer Architecture (HPCA). 406--418","author":"Liu Fangfei","unstructured":"Fangfei Liu , Qian Ge , Yuval Yarom , Frank Mckeen , Carlos Rozas , Gernot Heiser , and Ruby B. Lee . 2016. CATalyst: Defeating last-level cache side channel attacks in cloud computing . In 2016 IEEE International Symposium on High Performance Computer Architecture (HPCA). 406--418 . Fangfei Liu, Qian Ge, Yuval Yarom, Frank Mckeen, Carlos Rozas, Gernot Heiser, and Ruby B. Lee. 2016. CATalyst: Defeating last-level cache side channel attacks in cloud computing. In 2016 IEEE International Symposium on High Performance Computer Architecture (HPCA). 406--418."},{"key":"e_1_3_2_1_36_1","volume-title":"2015 IEEE Symposium on Security and Privacy. 605--622","author":"Liu Fangfei","unstructured":"Fangfei Liu , Yuval Yarom , Qian Ge , Gernot Heiser , and Ruby B. Lee . 2015. Last-Level Cache Side-Channel Attacks are Practical . In 2015 IEEE Symposium on Security and Privacy. 605--622 . Fangfei Liu, Yuval Yarom, Qian Ge, Gernot Heiser, and Ruby B. Lee. 2015. Last-Level Cache Side-Channel Attacks are Practical. In 2015 IEEE Symposium on Security and Privacy. 605--622."},{"key":"e_1_3_2_1_37_1","volume-title":"Proceedings. Springer, 69--90","author":"Moghimi Ahmad","year":"2017","unstructured":"Ahmad Moghimi , Gorka Irazoqui , and Thomas Eisenbarth . 2017 . Cachezoom: How SGX amplifies the power of cache attacks. In Cryptographic Hardware and Embedded Systems-CHES 2017: 19th International Conference, Taipei, Taiwan, September 25--28, 2017 , Proceedings. Springer, 69--90 . Ahmad Moghimi, Gorka Irazoqui, and Thomas Eisenbarth. 2017. Cachezoom: How SGX amplifies the power of cache attacks. In Cryptographic Hardware and Embedded Systems-CHES 2017: 19th International Conference, Taipei, Taiwan, September 25--28, 2017, Proceedings. Springer, 69--90."},{"key":"e_1_3_2_1_38_1","doi-asserted-by":"publisher","DOI":"10.1145\/3292006.3300022"},{"key":"e_1_3_2_1_39_1","doi-asserted-by":"publisher","DOI":"10.1145\/3193111.3193112"},{"key":"e_1_3_2_1_40_1","doi-asserted-by":"publisher","DOI":"10.5555\/1756516.1756531"},{"key":"e_1_3_2_1_41_1","volume-title":"Cache attacks and counter-measures: the case of AES. The Cryptographers' Track at the RSA Conference on Topics in Cryptology (CT-RSA)","author":"Osvik Dag Arne","year":"2006","unstructured":"Dag Arne Osvik , Adi Shamir , and Eran Tromer . 2006. Cache attacks and counter-measures: the case of AES. The Cryptographers' Track at the RSA Conference on Topics in Cryptology (CT-RSA) ( 2006 ), 1--20. Dag Arne Osvik, Adi Shamir, and Eran Tromer. 2006. Cache attacks and counter-measures: the case of AES. The Cryptographers' Track at the RSA Conference on Topics in Cryptology (CT-RSA) (2006), 1--20."},{"key":"e_1_3_2_1_42_1","unstructured":"Colin Percival. 2005. Cache missing for fun and profit.  Colin Percival. 2005. Cache missing for fun and profit."},{"key":"e_1_3_2_1_43_1","volume-title":"30th USENIX Security Symposium (USENIX Security 21)","author":"Puddu Ivan","year":"2021","unstructured":"Ivan Puddu , Moritz Schneider , Miro Haller , and Srdjan Capkun . 2021 . Frontal Attack: Leaking Control-Flow in SGX via the CPU Frontend . In 30th USENIX Security Symposium (USENIX Security 21) . 663--680. Ivan Puddu, Moritz Schneider, Miro Haller, and Srdjan Capkun. 2021. Frontal Attack: Leaking Control-Flow in SGX via the CPU Frontend. In 30th USENIX Security Symposium (USENIX Security 21). 663--680."},{"key":"e_1_3_2_1_44_1","volume-title":"ZombieLoad: Cross-Privilege-Boundary Data Sampling. In CCS '19 Proceedings of the 2019 ACM SIGSAC Conference on Computer and Communications Security. 753--768","author":"Schwarz Michael","year":"2019","unstructured":"Michael Schwarz , Moritz Lipp , Daniel Moghimi , Jo Van Bulck , Julian Stecklina , Thomas Prescher , and Daniel Gruss . 2019 . ZombieLoad: Cross-Privilege-Boundary Data Sampling. In CCS '19 Proceedings of the 2019 ACM SIGSAC Conference on Computer and Communications Security. 753--768 . Michael Schwarz, Moritz Lipp, Daniel Moghimi, Jo Van Bulck, Julian Stecklina, Thomas Prescher, and Daniel Gruss. 2019. ZombieLoad: Cross-Privilege-Boundary Data Sampling. In CCS '19 Proceedings of the 2019 ACM SIGSAC Conference on Computer and Communications Security. 753--768."},{"key":"e_1_3_2_1_45_1","volume-title":"DIMVA 2017, Bonn, Germany, July 6--7, 2017, Proceedings 14","author":"Schwarz Michael","year":"2017","unstructured":"Michael Schwarz , Samuel Weiser , Daniel Gruss , Cl\u00e9mentine Maurice , and Stefan Mangard . 2017 . Malware guard extension: Using SGX to conceal cache attacks. In Detection of Intrusions and Malware, and Vulnerability Assessment: 14th International Conference , DIMVA 2017, Bonn, Germany, July 6--7, 2017, Proceedings 14 . Springer, 3--24. Michael Schwarz, Samuel Weiser, Daniel Gruss, Cl\u00e9mentine Maurice, and Stefan Mangard. 2017. Malware guard extension: Using SGX to conceal cache attacks. In Detection of Intrusions and Malware, and Vulnerability Assessment: 14th International Conference, DIMVA 2017, Bonn, Germany, July 6--7, 2017, Proceedings 14. Springer, 3--24."},{"key":"e_1_3_2_1_46_1","volume-title":"Proceedings of the 16th ACM-IEEE International Conference on Formal Methods and Models for System Design. 1--10","author":"Sanjit","unstructured":"Sanjit A. Seshia and Pramod Subramanyan. 2018. UCLID5: integrating modeling, verification, synthesis and learning . In Proceedings of the 16th ACM-IEEE International Conference on Formal Methods and Models for System Design. 1--10 . Sanjit A. Seshia and Pramod Subramanyan. 2018. UCLID5: integrating modeling, verification, synthesis and learning. In Proceedings of the 16th ACM-IEEE International Conference on Formal Methods and Models for System Design. 1--10."},{"key":"e_1_3_2_1_47_1","doi-asserted-by":"publisher","DOI":"10.1145\/2897845.2897885"},{"key":"e_1_3_2_1_48_1","volume-title":"Proceedings of the 22nd ACM SIGSAC Conference on Computer and Communications Security. 1169--1184","author":"Sinha Rohit","year":"2015","unstructured":"Rohit Sinha , Sriram Rajamani , Sanjit Seshia , and Kapil Vaswani . 2015 . Moat: Verifying confidentiality of enclave programs . In Proceedings of the 22nd ACM SIGSAC Conference on Computer and Communications Security. 1169--1184 . Rohit Sinha, Sriram Rajamani, Sanjit Seshia, and Kapil Vaswani. 2015. Moat: Verifying confidentiality of enclave programs. In Proceedings of the 22nd ACM SIGSAC Conference on Computer and Communications Security. 1169--1184."},{"key":"e_1_3_2_1_49_1","volume-title":"31st USENIX Security Symposium (USENIX Security 22)","author":"Solt Flavien","year":"2022","unstructured":"Flavien Solt , Ben Gras , and Kaveh Razavi . 2022 . {CellIFT}: Leveraging Cells for Scalable and Precise Dynamic Information Flow Tracking in {RTL} . In 31st USENIX Security Symposium (USENIX Security 22) . 2549--2566. Flavien Solt, Ben Gras, and Kaveh Razavi. 2022. {CellIFT}: Leveraging Cells for Scalable and Precise Dynamic Information Flow Tracking in {RTL}. In 31st USENIX Security Symposium (USENIX Security 22). 2549--2566."},{"key":"e_1_3_2_1_50_1","volume-title":"Proceedings of the 2017 ACM SIGSAC conference on computer and communications security. 2435--2450","author":"Subramanyan Pramod","year":"2017","unstructured":"Pramod Subramanyan , Rohit Sinha , Ilia Lebedev , Srinivas Devadas , and Sanjit A Seshia . 2017 . A formal foundation for secure remote execution of enclaves . In Proceedings of the 2017 ACM SIGSAC conference on computer and communications security. 2435--2450 . Pramod Subramanyan, Rohit Sinha, Ilia Lebedev, Srinivas Devadas, and Sanjit A Seshia. 2017. A formal foundation for secure remote execution of enclaves. In Proceedings of the 2017 ACM SIGSAC conference on computer and communications security. 2435--2450."},{"key":"e_1_3_2_1_51_1","doi-asserted-by":"publisher","DOI":"10.1109\/ISCA.2005.22"},{"key":"e_1_3_2_1_52_1","doi-asserted-by":"publisher","DOI":"10.1109\/ACCESS.2020.2974487"},{"key":"e_1_3_2_1_53_1","volume-title":"Proceedings of the 14th international conference on Architectural support for programming languages and operating systems","volume":"44","author":"Tiwari Mohit","year":"2009","unstructured":"Mohit Tiwari , Hassan M.G. Wassel , Bita Mazloom , Shashidhar Mysore , Frederic T. Chong , and Timothy Sherwood . 2009 . Complete information flow tracking from the gates up . In Proceedings of the 14th international conference on Architectural support for programming languages and operating systems , Vol. 44 . 109--120. Mohit Tiwari, Hassan M.G. Wassel, Bita Mazloom, Shashidhar Mysore, Frederic T. Chong, and Timothy Sherwood. 2009. Complete information flow tracking from the gates up. In Proceedings of the 14th international conference on Architectural support for programming languages and operating systems, Vol. 44. 109--120."},{"key":"e_1_3_2_1_54_1","volume-title":"31st USENIX Security Symposium (USENIX Security 22)","author":"Trippel Timothy","year":"2022","unstructured":"Timothy Trippel , Kang G Shin , Alex Chernyakhovsky , Garret Kelly , Dominic Rizzo , and Matthew Hicks . 2022 . Fuzzing hardware like software . In 31st USENIX Security Symposium (USENIX Security 22) . 3237--3254. Timothy Trippel, Kang G Shin, Alex Chernyakhovsky, Garret Kelly, Dominic Rizzo, and Matthew Hicks. 2022. Fuzzing hardware like software. In 31st USENIX Security Symposium (USENIX Security 22). 3237--3254."},{"key":"e_1_3_2_1_55_1","doi-asserted-by":"publisher","DOI":"10.5555\/2724966.2725064"},{"key":"e_1_3_2_1_56_1","volume-title":"Proceedings for the 27th USENIX Security Symposium. USENIX Association, 991--1008","author":"Bulck Jo Van","year":"2018","unstructured":"Jo Van Bulck , Marina Minkin , Ofir Weisse , Daniel Genkin , Baris Kasikci , Frank Piessens , Mark Silberstein , Thomas F Wenisch , Yuval Yarom , and Raoul Strackx . 2018 . Foreshadow: Extracting the keys to the Intel SGX kingdom with transient out-of-order execution . In Proceedings for the 27th USENIX Security Symposium. USENIX Association, 991--1008 . Jo Van Bulck, Marina Minkin, Ofir Weisse, Daniel Genkin, Baris Kasikci, Frank Piessens, Mark Silberstein, Thomas F Wenisch, Yuval Yarom, and Raoul Strackx. 2018. Foreshadow: Extracting the keys to the Intel SGX kingdom with transient out-of-order execution. In Proceedings for the 27th USENIX Security Symposium. USENIX Association, 991--1008."},{"key":"e_1_3_2_1_57_1","doi-asserted-by":"publisher","DOI":"10.1145\/3243734.3243822"},{"key":"e_1_3_2_1_58_1","unstructured":"Stephan van Schaik Andrew Kwong Daniel Genkin and Yuval Yarom. 2020. SGAxe: How SGX Fails in Practice. https:\/\/sgaxeattack.com\/.  Stephan van Schaik Andrew Kwong Daniel Genkin and Yuval Yarom. 2020. SGAxe: How SGX Fails in Practice. https:\/\/sgaxeattack.com\/."},{"key":"e_1_3_2_1_59_1","doi-asserted-by":"publisher","DOI":"10.1109\/SP.2019.00087"},{"key":"e_1_3_2_1_60_1","volume-title":"Proceedings of the 2019 ACM Asia Conference on Computer and Communications Security. 73--85","author":"Werner Jan","year":"2019","unstructured":"Jan Werner , Joshua Mason , Manos Antonakakis , Michalis Polychronakis , and Fabian Monrose . 2019 . The severest of them all: Inference attacks against secure virtual enclaves . In Proceedings of the 2019 ACM Asia Conference on Computer and Communications Security. 73--85 . Jan Werner, Joshua Mason, Manos Antonakakis, Michalis Polychronakis, and Fabian Monrose. 2019. The severest of them all: Inference attacks against secure virtual enclaves. In Proceedings of the 2019 ACM Asia Conference on Computer and Communications Security. 73--85."},{"key":"e_1_3_2_1_61_1","unstructured":"Clifford Wolf. [n. d.]. Yosys Open SYnthesis Suite. http:\/\/www.clifford.at\/yosys\/.  Clifford Wolf. [n. d.]. Yosys Open SYnthesis Suite. http:\/\/www.clifford.at\/yosys\/."},{"key":"e_1_3_2_1_63_1","volume-title":"SPEECHMINER: A Framework for Investigating and Measuring Speculative Execution Vulnerabilities. Network and Distributed System Security Symposium (NDSS)","author":"Xiao Yuan","year":"2020","unstructured":"Yuan Xiao , Yinqian Zhang , and Radu Teodorescu . 2020 . SPEECHMINER: A Framework for Investigating and Measuring Speculative Execution Vulnerabilities. Network and Distributed System Security Symposium (NDSS) (2020). Yuan Xiao, Yinqian Zhang, and Radu Teodorescu. 2020. SPEECHMINER: A Framework for Investigating and Measuring Speculative Execution Vulnerabilities. Network and Distributed System Security Symposium (NDSS) (2020)."},{"key":"e_1_3_2_1_64_1","volume-title":"Controlled-Channel Attacks: Deterministic Side Channels for Untrusted Operating Systems. In 2015 IEEE Symposium on Security and Privacy. 640--656","author":"Xu Yuanzhong","year":"2015","unstructured":"Yuanzhong Xu , Weidong Cui , and Marcus Peinado . 2015 . Controlled-Channel Attacks: Deterministic Side Channels for Untrusted Operating Systems. In 2015 IEEE Symposium on Security and Privacy. 640--656 . Yuanzhong Xu, Weidong Cui, and Marcus Peinado. 2015. Controlled-Channel Attacks: Deterministic Side Channels for Untrusted Operating Systems. In 2015 IEEE Symposium on Security and Privacy. 640--656."},{"key":"e_1_3_2_1_65_1","volume-title":"Towards Developing High Performance RISC-V Processors Using Agile Methodology. In 2022 55th IEEE\/ACM International Symposium on Microarchitecture (MICRO). IEEE, 1178--1199","author":"Xu Yinan","year":"2022","unstructured":"Yinan Xu , Zihao Yu , Dan Tang , Guokai Chen , Lu Chen , Lingrui Gou , Yue Jin , Qianruo Li , Xin Li , Zuojun Li , 2022 . Towards Developing High Performance RISC-V Processors Using Agile Methodology. In 2022 55th IEEE\/ACM International Symposium on Microarchitecture (MICRO). IEEE, 1178--1199 . Yinan Xu, Zihao Yu, Dan Tang, Guokai Chen, Lu Chen, Lingrui Gou, Yue Jin, Qianruo Li, Xin Li, Zuojun Li, et al. 2022. Towards Developing High Performance RISC-V Processors Using Agile Methodology. In 2022 55th IEEE\/ACM International Symposium on Microarchitecture (MICRO). IEEE, 1178--1199."},{"key":"e_1_3_2_1_66_1","volume-title":"Proceedings of the Twentieth International Conference on Architectural Support for Programming Languages and Operating Systems","volume":"43","author":"Zhang Danfeng","unstructured":"Danfeng Zhang , Yao Wang , G. Edward Suh , and Andrew C. Myers . 2015. A Hardware Design Language for Timing-Sensitive Information-Flow Security . In Proceedings of the Twentieth International Conference on Architectural Support for Programming Languages and Operating Systems , Vol. 43 . 503--516. Danfeng Zhang, Yao Wang, G. Edward Suh, and Andrew C. Myers. 2015. A Hardware Design Language for Timing-Sensitive Information-Flow Security. In Proceedings of the Twentieth International Conference on Architectural Support for Programming Languages and Operating Systems, Vol. 43. 503--516."},{"key":"e_1_3_2_1_67_1","volume-title":"2018 51st Annual IEEE\/ACM International Symposium on Microarchitecture (MICRO). IEEE, 68--81","author":"Zhang Sizhuo","year":"2018","unstructured":"Sizhuo Zhang , Andrew Wright , Thomas Bourgeat , and Arvind Arvind . 2018 . Composable building blocks to open up processor design . In 2018 51st Annual IEEE\/ACM International Symposium on Microarchitecture (MICRO). IEEE, 68--81 . Sizhuo Zhang, Andrew Wright, Thomas Bourgeat, and Arvind Arvind. 2018. Composable building blocks to open up processor design. In 2018 51st Annual IEEE\/ACM International Symposium on Microarchitecture (MICRO). IEEE, 68--81."},{"key":"e_1_3_2_1_68_1","doi-asserted-by":"publisher","DOI":"10.1145\/2382196.2382230"},{"key":"e_1_3_2_1_69_1","volume-title":"Proceedings of the 2014 ACM SIGSAC Conference on Computer and Communications Security. 990--1003","author":"Zhang Yinqian","year":"2014","unstructured":"Yinqian Zhang , Ari Juels , Michael K Reiter , and Thomas Ristenpart . 2014 . Cross-tenant side-channel attacks in PaaS clouds . In Proceedings of the 2014 ACM SIGSAC Conference on Computer and Communications Security. 990--1003 . Yinqian Zhang, Ari Juels, Michael K Reiter, and Thomas Ristenpart. 2014. Cross-tenant side-channel attacks in PaaS clouds. In Proceedings of the 2014 ACM SIGSAC Conference on Computer and Communications Security. 990--1003."},{"key":"e_1_3_2_1_70_1","volume-title":"Sonic-BOOM: The 3rd Generation Berkeley Out-of-Order Machine. (May","author":"Zhao Jerry","year":"2020","unstructured":"Jerry Zhao , Ben Korpan , Abraham Gonzalez , and Krste Asanovic . 2020. Sonic-BOOM: The 3rd Generation Berkeley Out-of-Order Machine. (May 2020 ). Jerry Zhao, Ben Korpan, Abraham Gonzalez, and Krste Asanovic. 2020. Sonic-BOOM: The 3rd Generation Berkeley Out-of-Order Machine. (May 2020)."},{"key":"e_1_3_2_1_71_1","volume-title":"ENCLYZER: Automated Analysis of Transient Data Leaks on Intel SGX. In 2022 IEEE International Symposium on Secure and Private Execution Environment Design (SEED). 145--156","author":"Zhou Jiuqin","year":"2022","unstructured":"Jiuqin Zhou , Yuan Xiao , Radu Teodorescu , and Yinqian Zhang . 2022 . ENCLYZER: Automated Analysis of Transient Data Leaks on Intel SGX. In 2022 IEEE International Symposium on Secure and Private Execution Environment Design (SEED). 145--156 . Jiuqin Zhou, Yuan Xiao, Radu Teodorescu, and Yinqian Zhang. 2022. ENCLYZER: Automated Analysis of Transient Data Leaks on Intel SGX. In 2022 IEEE International Symposium on Secure and Private Execution Environment Design (SEED). 145--156."}],"event":{"name":"ISCA '23: 50th Annual International Symposium on Computer Architecture","location":"Orlando FL USA","acronym":"ISCA '23","sponsor":["SIGARCH ACM Special Interest Group on Computer Architecture","IEEE"]},"container-title":["Proceedings of the 50th Annual International Symposium on Computer Architecture"],"original-title":[],"link":[{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3579371.3589070","content-type":"unspecified","content-version":"vor","intended-application":"text-mining"}],"deposited":{"date-parts":[[2025,6,17]],"date-time":"2025-06-17T16:46:39Z","timestamp":1750178799000},"score":1,"resource":{"primary":{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3579371.3589070"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2023,6,17]]},"references-count":64,"alternative-id":["10.1145\/3579371.3589070","10.1145\/3579371"],"URL":"https:\/\/doi.org\/10.1145\/3579371.3589070","relation":{},"subject":[],"published":{"date-parts":[[2023,6,17]]},"assertion":[{"value":"2023-06-17","order":2,"name":"published","label":"Published","group":{"name":"publication_history","label":"Publication History"}}]}}