At the beginning of 2018, Intel and other processors were affected by Meltdown, Spectre, L1TF, SGXSpectre, SWAPGSAttack, Zombieload, MDS vulnerability. The vulnerability impact was far-reaching. Intel has also greatly strengthened its investment in security and constantly searched for new solutions.
With the 60-person team specializing in security research, Intel has specially formed a “STORM” team, known as STrategic Offensive Research & Mitigations, including 12 security elites, specializing in the use of known vulnerabilities and its harm. Recently, the Intel STORM team proposed a memory-based vulnerability hardware repair solution “SAPM”, called Speculative-Access Protected Memory, which blocks any predictive attacks by deploying hardware patches in CPU memory as Meltdown, Foreshadow, MDS, SpectreRSB, Spoiler…
“SAPM can be applied to specific memory ranges, with the attribute that any memory access to such memory type will be instruction-level serialized, meaning that any speculative execution beyond the SAPM-accessing instruction will be stopped pending the successful retirement of this SAPM-accessing instruction,” Intel STORM developers said in their short description of SAPM’s basic principles.
It does not specifically fix one or some of the discovered vulnerabilities, but directly defends against the flaws in the principle of predictive attacks, so the team believes that in addition to defending against existing attacks, it can prevent new vulnerability in the future Intel processors. This method will also cause CPU performance loss to a certain extent, but it is believed that the impact is much smaller than the current solution.