{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,10,10]],"date-time":"2025-10-10T00:53:46Z","timestamp":1760057626116,"version":"build-2065373602"},"reference-count":36,"publisher":"MDPI AG","issue":"2","license":[{"start":{"date-parts":[[2025,2,16]],"date-time":"2025-02-16T00:00:00Z","timestamp":1739664000000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/creativecommons.org\/licenses\/by\/4.0\/"}],"content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":["Computers"],"abstract":"<jats:p>Spectre variants 1 and 2 pose grave security threats to dynamic branch predictors in modern CPUs. While extensive research has focused on mitigating these attacks, little attention has been given to their energy and power implications. This study presents an empirical analysis of how compiler-based Spectre mitigation techniques influence energy consumption. We collect fine-grained energy readings from an HPC-class CPU via embedded sensors, allowing us to quantify the trade-offs between security and power efficiency. By utilizing a standard suite of microbenchmarks, we evaluate the impact of Spectre mitigations across three widely used compilers, comparing them to a no-mitigation baseline. The results show that energy consumption varies significantly depending on the compiler and workload characteristics. Loop unrolling influences power consumption by altering branch distribution, while speculative execution, when unrestricted, plays a role in conserving energy. Since Spectre mitigations inherently limit speculative execution, they should be applied selectively to vulnerable code patterns to optimize both security and power efficiency. Unlike previous studies that primarily focus on security effectiveness, this work uniquely evaluates the energy costs associated with Spectre mitigations at the compiler level, offering insights for power-efficient security strategies. Our findings underscore the importance of tailoring mitigation techniques to application needs, balancing performance, energy consumption, and security. The study provides practical recommendations for compiler developers to build more secure and energy-efficient software.<\/jats:p>","DOI":"10.3390\/computers14020071","type":"journal-article","created":{"date-parts":[[2025,2,17]],"date-time":"2025-02-17T11:31:17Z","timestamp":1739791877000},"page":"71","update-policy":"https:\/\/doi.org\/10.3390\/mdpi_crossmark_policy","source":"Crossref","is-referenced-by-count":1,"title":["Energy Implications of Mitigating Side-Channel Attacks on Branch Prediction"],"prefix":"10.3390","volume":"14","author":[{"given":"Fahad","family":"Alqurashi","sequence":"first","affiliation":[{"name":"Department of Computer Science, Faculty of Computing and Information Technology, King Abdulaziz University, Jeddah 25732, Saudi Arabia"}]},{"given":"Muhammad","family":"Al-Hashimi","sequence":"additional","affiliation":[{"name":"Department of Computer Science, Faculty of Computing and Information Technology, King Abdulaziz University, Jeddah 25732, Saudi Arabia"}]},{"given":"Mostafa","family":"Saleh","sequence":"additional","affiliation":[{"name":"Department of Computer Science, Faculty of Computing and Information Technology, King Abdulaziz University, Jeddah 25732, Saudi Arabia"}]},{"ORCID":"https:\/\/orcid.org\/0000-0003-3431-6890","authenticated-orcid":false,"given":"Osama","family":"Abulnaja","sequence":"additional","affiliation":[{"name":"Department of Computer Science, Faculty of Computing and Information Technology, King Abdulaziz University, Jeddah 25732, Saudi Arabia"}]}],"member":"1968","published-online":{"date-parts":[[2025,2,16]]},"reference":[{"key":"ref_1","doi-asserted-by":"crossref","first-page":"465","DOI":"10.1109\/COMST.2017.2779824","article-title":"Systematic classification of side-channel attacks: A case study for mobile devices","volume":"20","author":"Spreitzer","year":"2017","journal-title":"IEEE Commun. Surv. Tutorials"},{"key":"ref_2","unstructured":"Kocher, P.C. (1996, January 18\u201322). Timing attacks on implementations of Diffie-Hellman, RSA, DSS, and other systems. Proceedings of the Advances in Cryptology\u2014CRYPTO\u201996: 16th Annual International Cryptology Conference, Santa Barbara, CA, USA. Proceedings 16."},{"key":"ref_3","doi-asserted-by":"crossref","first-page":"37","DOI":"10.1007\/s00145-009-9049-y","article-title":"Efficient cache attacks on AES, and countermeasures","volume":"23","author":"Tromer","year":"2010","journal-title":"J. Cryptol."},{"key":"ref_4","doi-asserted-by":"crossref","unstructured":"G\u00f6tzfried, J., Eckert, M., Schinzel, S., and M\u00fcller, T. (2017, January 23). Cache attacks on Intel SGX. Proceedings of the 10th European Workshop on Systems Security, Belgrade, Serbia.","DOI":"10.1145\/3065913.3065915"},{"key":"ref_5","doi-asserted-by":"crossref","unstructured":"Moradi, A., Shalmani, M.T.M., and Salmasizadeh, M. (2006, January 10\u201313). A generalized method of differential fault attack against AES cryptosystem. Proceedings of the Cryptographic Hardware and Embedded Systems-CHES 2006: 8th International Workshop, Yokohama, Japan. Proceedings 8.","DOI":"10.1007\/11894063_8"},{"key":"ref_6","unstructured":"Pessl, P., Gruss, D., Maurice, C., Schwarz, M., and Mangard, S. (2016, January 10\u201312). {DRAMA}: Exploiting {DRAM} Addressing for {Cross-CPU} Attacks. Proceedings of the 25th USENIX Security Symposium (USENIX Security 16), Austin, TX, USA."},{"key":"ref_7","unstructured":"Das, M., Sardar, B., and Banerjee, A. (2015, January 16\u201320). Attacks on branch predictors: An empirical exploration. Proceedings of the Information Systems Security: 11th International Conference, ICISS 2015, Kolkata, India. Proceedings 11."},{"key":"ref_8","doi-asserted-by":"crossref","first-page":"693","DOI":"10.1145\/3296957.3173204","article-title":"Branchscope: A new side-channel attack on directional branch predictor","volume":"53","author":"Evtyushkin","year":"2018","journal-title":"ACM SIGPLAN Not."},{"key":"ref_9","unstructured":"Yarom, Y., and Falkner, K. (2014, January 20\u201322). {FLUSH+ RELOAD}: A high resolution, low noise, l3 cache {Side-Channel} attack. Proceedings of the 23rd USENIX Security Symposium (USENIX Security 14), San Diego, CA, USA."},{"key":"ref_10","unstructured":"Irazoqui, G., Inci, M.S., Eisenbarth, T., and Sunar, B. (2014, January 17\u201319). Wait a minute! A fast, Cross-VM attack on AES. Proceedings of the Research in Attacks, Intrusions and Defenses: 17th International Symposium, RAID 2014, Gothenburg, Sweden. Proceedings 17."},{"key":"ref_11","doi-asserted-by":"crossref","unstructured":"G\u00fclmezo\u011flu, B., Inci, M.S., Irazoqui, G., Eisenbarth, T., and Sunar, B. (2015, January 13\u201314). A faster and more realistic flush+ reload attack on AES. Proceedings of the Constructive Side-Channel Analysis and Secure Design: 6th International Workshop, COSADE 2015, Berlin, Germany. Revised Selected Papers 6.","DOI":"10.1007\/978-3-319-21476-4_8"},{"key":"ref_12","doi-asserted-by":"crossref","unstructured":"Gruss, D., Kraft, E., Tiwari, T., Schwarz, M., Trachtenberg, A., Hennessey, J., Ionescu, A., and Fogh, A. (2019, January 11\u201315). Page cache attacks. Proceedings of the 2019 ACM SIGSAC Conference on Computer and Communications Security, London, UK.","DOI":"10.1145\/3319535.3339809"},{"key":"ref_13","first-page":"335","article-title":"Software-based microarchitectural attacks","volume":"60","author":"Gruss","year":"2018","journal-title":"It-Inf. Technol."},{"key":"ref_14","doi-asserted-by":"crossref","first-page":"99","DOI":"10.1007\/s13389-017-0152-y","article-title":"CacheBleed: A timing attack on OpenSSL constant-time RSA","volume":"7","author":"Yarom","year":"2017","journal-title":"J. Cryptogr. Eng."},{"key":"ref_15","unstructured":"Lipp, M., Schwarz, M., Gruss, D., Prescher, T., Haas, W., Mangard, S., Kocher, P., Genkin, D., Yarom, Y., and Hamburg, M. (2018). Meltdown. arXiv."},{"key":"ref_16","unstructured":"Van Bulck, J., Minkin, M., Weisse, O., Genkin, D., Kasikci, B., Piessens, F., Silberstein, M., Wenisch, T.F., Yarom, Y., and Strackx, R. (2018, January 15\u201317). Foreshadow: Extracting the keys to the intel {SGX} kingdom with transient {Out-of-Order} execution. Proceedings of the 27th USENIX Security Symposium (USENIX Security 18), Baltimore, MD, USA."},{"key":"ref_17","doi-asserted-by":"crossref","first-page":"93","DOI":"10.1145\/3399742","article-title":"Spectre attacks: Exploiting speculative execution","volume":"63","author":"Kocher","year":"2020","journal-title":"Commun. ACM"},{"key":"ref_18","doi-asserted-by":"crossref","unstructured":"Chen, G., Chen, S., Xiao, Y., Zhang, Y., Lin, Z., and Lai, T.H. (2019, January 17\u201319). Sgxpectre: Stealing intel secrets from sgx enclaves via speculative execution. Proceedings of the 2019 IEEE European Symposium on Security and Privacy (EuroS&P), Stockholm, Sweden.","DOI":"10.1109\/EuroSP.2019.00020"},{"key":"ref_19","doi-asserted-by":"crossref","unstructured":"Schwarz, M., Schwarzl, M., Lipp, M., Masters, J., and Gruss, D. (2019, January 23\u201327). Netspectre: Read arbitrary memory over network. Proceedings of the Computer Security\u2013ESORICS 2019: 24th European Symposium on Research in Computer Security, Luxembourg. Proceedings, Part I 24.","DOI":"10.1007\/978-3-030-29959-0_14"},{"key":"ref_20","unstructured":"Kiriansky, V., and Waldspurger, C. (2018). Speculative buffer overflows: Attacks and defenses. arXiv."},{"key":"ref_21","unstructured":"Weisse, O., Van Bulck, J., Minkin, M., Genkin, D., Kasikci, B., Piessens, F., Silberstein, M., Strackx, R., Wenisch, T.F., and Yarom, Y. (2024, October 15). Foreshadow-NG: Breaking the Virtual Memory Abstraction with Transient Out-of-Order Execution. Available online: https:\/\/foreshadowattack.eu\/foreshadow-NG.pdf."},{"key":"ref_22","doi-asserted-by":"crossref","first-page":"47","DOI":"10.1109\/MDAT.2024.3352537","article-title":"Spectre Returns! Speculation Attacks using the Return Stack Buffer","volume":"41","author":"Khasawneh","year":"2024","journal-title":"IEEE Des. Test"},{"key":"ref_23","doi-asserted-by":"crossref","first-page":"2504","DOI":"10.1109\/TSE.2019.2953709","article-title":"oo7: Low-overhead defense against spectre attacks via program analysis","volume":"47","author":"Wang","year":"2019","journal-title":"IEEE Trans. Softw. Eng."},{"key":"ref_24","doi-asserted-by":"crossref","unstructured":"Khasawneh, K.N., Koruyeh, E.M., Song, C., Evtyushkin, D., Ponomarev, D., and Abu-Ghazaleh, N. (2019, January 2\u20136). Safespec: Banishing the spectre of a meltdown with leakage-free speculation. Proceedings of the 2019 56th ACM\/IEEE Design Automation Conference (DAC), Las Vegas, NV, USA.","DOI":"10.1145\/3316781.3317903"},{"key":"ref_25","doi-asserted-by":"crossref","unstructured":"Dong, X., Shen, Z., Criswell, J., Cox, A., and Dwarkadas, S. (2018, January 2). Spectres, virtual ghosts, and hardware support. Proceedings of the 7th International Workshop on Hardware and Architectural Support for Security and Privacy, Los Angeles, CA, USA.","DOI":"10.1145\/3214292.3214297"},{"key":"ref_26","unstructured":"Mcilroy, R., Sevcik, J., Tebbi, T., Titzer, B.L., and Verwaest, T. (2019). Spectre is here to stay: An analysis of side-channels and speculative execution. arXiv."},{"key":"ref_27","unstructured":"Canella, C., Van Bulck, J., Schwarz, M., Lipp, M., Von Berg, B., Ortner, P., Piessens, F., Evtyushkin, D., and Gruss, D. (2019, January 14\u201316). A systematic evaluation of transient execution attacks and defenses. Proceedings of the 28th USENIX Security Symposium (USENIX Security 19), Santa Clara, CA, USA."},{"key":"ref_28","doi-asserted-by":"crossref","unstructured":"Herzog, B., Reif, S., Preis, J., Schr\u00f6der-Preikschat, W., and H\u00f6nig, T. (2021, January 26). The price of Meltdown and Spectre: Energy overhead of mitigations at operating system level. Proceedings of the 14th European Workshop on Systems Security, Scotland, UK.","DOI":"10.1145\/3447852.3458721"},{"key":"ref_29","doi-asserted-by":"crossref","unstructured":"Behrens, J., Belay, A., and Kaashoek, M.F. (2022, January 5\u20138). Performance evolution of mitigating transient execution attacks. Proceedings of the Seventeenth European Conference on Computer Systems, Rennes, France.","DOI":"10.1145\/3492321.3519559"},{"key":"ref_30","doi-asserted-by":"crossref","unstructured":"Al-Mulhem, M., and Al-Shaikh, R. (2011, January 25\u201327). Performance Evaluation of Intel and Portland Compilers Using Intel Westmere Processor. Proceedings of the 2011 Second International Conference on Intelligent Systems, Modelling and Simulation, Phnom Penh, Cambodia.","DOI":"10.1109\/ISMS.2011.47"},{"key":"ref_31","doi-asserted-by":"crossref","unstructured":"Sun, C., Le, V., Zhang, Q., and Su, Z. (2016, January 18\u201320). Toward understanding compiler bugs in GCC and LLVM. Proceedings of the 25th International Symposium on Software Testing and Analysis, Saarbr\u00fccken, Germany.","DOI":"10.1145\/2931037.2931074"},{"key":"ref_32","doi-asserted-by":"crossref","unstructured":"Alqurashi, F.S., and Al-Hashimi, M. (2023). An Experimental Approach to Estimation of the Energy Cost of Dynamic Branch Prediction in an Intel High-Performance Processor. Computers, 12.","DOI":"10.20944\/preprints202306.0725.v1"},{"key":"ref_33","doi-asserted-by":"crossref","first-page":"6277","DOI":"10.1007\/s11227-019-02850-5","article-title":"Investigating power efficiency of mergesort","volume":"75","author":"Aljabri","year":"2019","journal-title":"J. Supercomput."},{"key":"ref_34","doi-asserted-by":"crossref","unstructured":"Jenkins, I.R., Anantharaman, P., Shapiro, R., Brady, J.P., Bratus, S., and Smith, S.W. (2020, January 22\u201324). Ghostbusting: Mitigating Spectre with intraprocess memory isolation. Proceedings of the 7th Symposium on Hot Topics in the Science of Security, Lawrence, KS, USA.","DOI":"10.1145\/3384217.3385627"},{"key":"ref_35","doi-asserted-by":"crossref","unstructured":"Saini, S., Hood, R., Chang, J., and Baron, J. (2016, January 12\u201314). Performance evaluation of an Intel Haswell-and Ivy Bridge-based supercomputer using scientific and engineering applications. Proceedings of the 2016 IEEE 18th International Conference on High Performance Computing and Communications; IEEE 14th International Conference on Smart City; IEEE 2nd International Conference on Data Science and Systems (HPCC\/SmartCity\/DSS), Sydney, NSW, Australia.","DOI":"10.1109\/HPCC-SmartCity-DSS.2016.0167"},{"key":"ref_36","doi-asserted-by":"crossref","first-page":"1","DOI":"10.1145\/3177754","article-title":"Rapl in action: Experiences in using rapl for power measurements","volume":"3","author":"Khan","year":"2018","journal-title":"ACM Trans. Model. Perform. Eval. Comput. Syst. (TOMPECS)"}],"container-title":["Computers"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/www.mdpi.com\/2073-431X\/14\/2\/71\/pdf","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,10,9]],"date-time":"2025-10-09T16:35:32Z","timestamp":1760027732000},"score":1,"resource":{"primary":{"URL":"https:\/\/www.mdpi.com\/2073-431X\/14\/2\/71"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2025,2,16]]},"references-count":36,"journal-issue":{"issue":"2","published-online":{"date-parts":[[2025,2]]}},"alternative-id":["computers14020071"],"URL":"https:\/\/doi.org\/10.3390\/computers14020071","relation":{},"ISSN":["2073-431X"],"issn-type":[{"type":"electronic","value":"2073-431X"}],"subject":[],"published":{"date-parts":[[2025,2,16]]}}}