Ecosyste.ms: Awesome

An open API service indexing awesome lists of open source software.

Awesome Lists | Featured Topics | Projects

https://github.com/microsoft/sca-fuzzer

Revizor - a fuzzer to search for microarchitectural leaks in CPUs
https://github.com/microsoft/sca-fuzzer

fuzzing meltdown security side-channel spectre-vulnerability

Last synced: about 1 month ago
JSON representation

Revizor - a fuzzer to search for microarchitectural leaks in CPUs

Host: GitHub
URL: https://github.com/microsoft/sca-fuzzer
Owner: microsoft
License: mit
Created: 2021-01-29T16:51:17.000Z (almost 4 years ago)
Default Branch: main
Last Pushed: 2024-09-17T10:49:41.000Z (2 months ago)
Last Synced: 2024-09-30T04:41:03.584Z (about 2 months ago)
Topics: fuzzing, meltdown, security, side-channel, spectre-vulnerability
Language: Python
Homepage: https://microsoft.github.io/sca-fuzzer/
Size: 2.83 MB
Stars: 112
Watchers: 12
Forks: 34
Open Issues: 5
Metadata Files:
- Readme: README.md
- Contributing: CONTRIBUTING.md
- License: LICENSE
- Code of conduct: CODE_OF_CONDUCT.md
- Codeowners: .github/CODEOWNERS
- Security: SECURITY.md
- Authors: AUTHORS

Awesome Lists containing this project

README

# Revizor

![GitHub](https://img.shields.io/github/license/microsoft/sca-fuzzer)
![PyPI](https://img.shields.io/pypi/v/revizor-fuzzer)
![GitHub all releases](https://img.shields.io/github/downloads/microsoft/sca-fuzzer/total)
![GitHub contributors](https://img.shields.io/github/contributors/microsoft/sca-fuzzer)

Revizor is a security-oriented fuzzer for detecting information leaks in CPUs, such as [Spectre and Meltdown](https://meltdownattack.com/).
It tests CPUs against [Leakage Contracts](https://arxiv.org/abs/2006.03841) and searches for unexpected leaks.

For more details, see our [Paper](https://dl.acm.org/doi/10.1145/3503222.3507729) (open access [here](https://arxiv.org/abs/2105.06872)), and the follow-up papers ([1](https://arxiv.org/pdf/2301.07642.pdf), [2](https://www.usenix.org/conference/usenixsecurity23/presentation/hofmann)).

## Getting Started and Documentation

You can find a quick start guide at [Quick Start](https://microsoft.github.io/sca-fuzzer/quick-start/).

For information on how to use Revizor, see [User Documentation](https://microsoft.github.io/sca-fuzzer/cli/).

For information on how to contribute to Revizor, see [CONTRIBUTING.md](CONTRIBUTING.md).

## Need Help with Revizor?

If you find a bug in Revizor, don't hesitate to [open an issue](https://github.com/microsoft/sca-fuzzer/issues).

If something is confusing or you need help in using Revizor, we have a [discussion page](https://github.com/microsoft/sca-fuzzer/discussions).

## Citing Revizor

To cite this project, you can use the following references:

1. Original paper that introduced the concept of Model-based Relation Testing as well as the Revizor tool:

Oleksii Oleksenko, Christof Fetzer, Boris Köpf, Mark Silberstein. "[Revizor: Testing Black-box CPUs against Speculation Contracts](https://www.microsoft.com/en-us/research/publication/revizor-testing-black-box-cpus-against-speculation-contracts/)" in Proceedings of the 27th ACM International Conference on Architectural Support for Programming Languages and Operating Systems (ASPLOS), 2022.

2. Theoretical foundations of leakage contract:

Marco Guarnieri, Boris Köpf, Jan Reineke, and Pepe Vila. "[Hardware-software contracts for secure speculation](https://www.microsoft.com/en-us/research/publication/hardware-software-contracts-for-secure-speculation/)" in Proceedings of the 2021 IEEE Symposium on Security and Privacy (SP), 2021.

3. Accessible summary of the two papers above, in a journal format:

Oleksii Oleksenko, Christof Fetzer, Boris Köpf, Mark Silberstein. "Revizor: Testing Black-box CPUs against Speculation Contracts". In IEEE Micro, 2023.

4. Paper that introduced speculation filtering, observation filtering, and contract-based input generation:

Oleksii Oleksenko, Marco Guarnieri, Boris Köpf, and Mark Silberstein. "[Hide and Seek with Spectres: Efficient discovery of speculative information leaks with random testing](https://www.microsoft.com/en-us/research/publication/hide-and-seek-with-spectres-efficient-discovery-of-speculative-information-leaks-with-random-testing/)" in Proceedings of the 2023 IEEE Symposium on Security and Privacy (SP), 2022.

5. Paper that introduced exception-based testing (i.e., focus on Meltdown, Foreshadow) into Revizor:

Jana Hofmann, Emanuele Vannacci, Cédric Fournet, Boris Köpf, and Oleksii Oleksenko. "[Speculation at Fault: Modeling and Testing Microarchitectural Leakage of CPU Exceptions.](https://www.usenix.org/conference/usenixsecurity23/presentation/hofmann)" in Proceedings of 32nd USENIX Security Symposium (USENIX Security), 2023.

## Trademarks

This project may contain trademarks or logos for projects, products, or services. Authorized use of Microsoft
trademarks or logos is subject to and must follow
[Microsoft's Trademark & Brand Guidelines](https://www.microsoft.com/en-us/legal/intellectualproperty/trademarks/usage/general).
Use of Microsoft trademarks or logos in modified versions of this project must not cause confusion or imply Microsoft sponsorship.
Any use of third-party trademarks or logos are subject to those third-party's policies.