National Academies Press: OpenBook
Suggested Citation:"Front Matter." National Academies of Sciences, Engineering, and Medicine. 2019. Beyond Spectre: Confronting New Technical and Policy Challenges: Proceedings of a Workshop. Washington, DC: The National Academies Press. doi: 10.17226/25418.
×

PROCEEDINGS OF A WORKSHOP

FORUM ON

Cyber
Resilience

WORKSHOP SERIES

Beyond Spectre

CONFRONTING NEW TECHNICAL
AND POLICY CHALLENGES

images

Suggested Citation:"Front Matter." National Academies of Sciences, Engineering, and Medicine. 2019. Beyond Spectre: Confronting New Technical and Policy Challenges: Proceedings of a Workshop. Washington, DC: The National Academies Press. doi: 10.17226/25418.
×

THE NATIONAL ACADEMIES PRESS 500 Fifth Street, NW Washington, DC 20001

This activity was supported by the National Science Foundation under award number CNS-14194917, the National Institute of Standards and Technology under award number 60NANB16D311, and the Office of the Director of National Intelligence under award number 10004154. Any opinions, findings, conclusions, or recommendations expressed in this publication do not necessarily reflect the views of any organization or agency that provided support for the project.

International Standard Book Number-13: 978-0-309-49146-4
International Standard Book Number-10: 0-309-49146-0
Digital Object Identifier: https://doi.org/10.17226/25418

Additional copies of this publication are available from the National Academies Press, 500 Fifth Street, NW, Keck 360, Washington, DC 20001; (800) 624-6242 or (202) 334-3313; http://www.nap.edu.

Copyright 2019 by the National Academy of Sciences. All rights reserved.

Printed in the United States of America

Suggested citation: National Academies of Sciences, Engineering, and Medicine. 2019. Beyond Spectre—Confronting New Technical and Policy Challenges: Proceedings of a Workshop. Forum on Cyber Resilience Workshop Series. Washington, DC: The National Academies Press. doi: https://doi.org/10.17226/25418.

images

Consensus Study Reports published by the National Academies of Sciences, Engineering, and Medicine document the evidence-based consensus on the study’s statement of task by an authoring committee of experts. Reports typically include findings, conclusions, and rec-ommendations based on information gathered by the committee and the committee’s delib-erations. Each report has been subjected to a rigorous and independent peer-review process and it represents the position of the National Academies on the statement of task.

Proceedings published by the National Academies of Sciences, Engineering, and Medicine chronicle the presentations and discussions at a workshop, symposium, or other event con-vened by the National Academies. The statements and opinions contained in proceedings are those of the participants and are not endorsed by other participants, the planning com-mittee, or the National Academies.

For information about other products and activities of the National Academies, please visit www.nationalacademies.org/about/whatwedo.

Suggested Citation:"Front Matter." National Academies of Sciences, Engineering, and Medicine. 2019. Beyond Spectre: Confronting New Technical and Policy Challenges: Proceedings of a Workshop. Washington, DC: The National Academies Press. doi: 10.17226/25418.
×

FORUM ON

Cyber
Resilience

WORKSHOP SERIES

Beyond Spectre

CONFRONTING NEW TECHNICAL
AND POLICY CHALLENGES


PROCEEDINGS OF A WORKSHOP

Anne Johnson and Lynette I. Millett, Rapporteurs

images

THE NATIONAL ACADEMIES PRESS
Washington, DC
www.nap.edu

Suggested Citation:"Front Matter." National Academies of Sciences, Engineering, and Medicine. 2019. Beyond Spectre: Confronting New Technical and Policy Challenges: Proceedings of a Workshop. Washington, DC: The National Academies Press. doi: 10.17226/25418.
×

Image

The National Academy of Sciences was established in 1863 by an Act of Congress, signed by President Lincoln, as a private, nongovernmental institution to advise the nation on issues related to science and technology. Members are elected by their peers for outstanding contributions to research. Dr. Marcia McNutt is president.

The National Academy of Engineering was established in 1964 under the charter of the National Academy of Sciences to bring the practices of engineering to advising the nation. Members are elected by their peers for extraordinary contributions to engineering. Dr. C. D. Mote, Jr., is president.

The National Academy of Medicine (formerly the Institute of Medicine) was established in 1970 under the charter of the National Academy of Sciences to advise the nation on medical and health issues. Members are elected by their peers for distinguished contributions to medicine and health. Dr. Victor J. Dzau is president.

The three Academies work together as the National Academies of Sciences, Engineering, and Medicine to provide independent, objective analysis and advice to the nation and conduct other activities to solve complex problems and inform public policy decisions. The National Academies also encourage education and research, recognize outstanding contributions to knowledge, and increase public understanding in matters of science, engineering, and medicine.

Learn more about the National Academies of Sciences, Engineering, and Medicine at www.nationalacademies.org.

Suggested Citation:"Front Matter." National Academies of Sciences, Engineering, and Medicine. 2019. Beyond Spectre: Confronting New Technical and Policy Challenges: Proceedings of a Workshop. Washington, DC: The National Academies Press. doi: 10.17226/25418.
×

COMMITTEE ON CYBER RESILIENCE WORKSHOP SERIES

FRED B. SCHNEIDER, NAE,1 Cornell University, Chair

ANITA ALLEN, NAM,2 University of Pennsylvania

ERIC GROSSE, Independent Consultant

BUTLER W. LAMPSON, NAS3/NAE, Microsoft Corporation

SUSAN LANDAU, Tufts University

Staff

LYNETTE I. MILLETT, Director, Forum on Cyber Resilience

EMILY GRUMBLING, Program Officer

SHENAE BRADLEY, Senior Program Assistant

___________________

1 National Academy of Engineering.

2 National Academy of Medicine.

3 National Academy of Sciences.

Suggested Citation:"Front Matter." National Academies of Sciences, Engineering, and Medicine. 2019. Beyond Spectre: Confronting New Technical and Policy Challenges: Proceedings of a Workshop. Washington, DC: The National Academies Press. doi: 10.17226/25418.
×

FORUM ON CYBER RESILIENCE

FRED B. SCHNEIDER, NAE, Cornell University, Chair

YAIR AMIR, Johns Hopkins University

BOB BLAKLEY, CitiGroup

FRED H. CATE, Indiana University

KATHERINE CHARLET, Carnegie Endowment for International Peace

DAVID D. CLARK, NAE, Massachusetts Institute of Technology

RICHARD DANZIG, Center for a New American Security

ERIC GROSSE, Independent Consultant

PAUL C. KOCHER, NAE, Independent Consultant

BUTLER W. LAMPSON, NAS/NAE, Microsoft Corporation

SUSAN LANDAU, Tufts University

JOHN LAUNCHBURY, Galois, Inc.

STEVEN B. LIPNER, NAE, SAFECode

JOHN MANFERDELLI, Northeastern University

DEIRDRE MULLIGAN, University of California, Berkeley

AUDREY L. PLONK, Intel Corporation

TONY W. SAGER, Center for Internet Security

PETER SWIRE, Georgia Institute of Technology

PARISA TABRIZ, Google, Inc.

MARY ELLEN ZURKO, MIT Lincoln Laboratory

Ex Officio

DONNA DODSON, National Institute of Standards and Technology

JEREMY EPSTEIN, National Science Foundation

WILLIAM MARTIN, National Security Agency

Staff

LYNETTE I. MILLETT, Director

EMILY GRUMBLING, Program Officer

KATIRIA ORTIZ, Associate Program Officer

SHENAE BRADLEY, Administrative Assistant

For more information about the Forum, see its website at http://www.cyber-forum.org, or e-mail the Forum at cyberforum@nas.edu.

Suggested Citation:"Front Matter." National Academies of Sciences, Engineering, and Medicine. 2019. Beyond Spectre: Confronting New Technical and Policy Challenges: Proceedings of a Workshop. Washington, DC: The National Academies Press. doi: 10.17226/25418.
×

COMPUTER SCIENCE AND TELECOMMUNICATIONS BOARD

FARNAM JAHANIAN, Carnegie Mellon University, Chair

LUIZ ANDRÉ BARROSO, Google, Inc.

STEVEN M. BELLOVIN, NAE, Columbia University

ROBERT F. BRAMMER, Brammer Technology, LLC

DAVID CULLER, NAE, University of California, Berkeley

EDWARD FRANK, Cloud Parity, Inc.

LAURA HAAS, NAE, University of Massachusetts, Amherst

MARK HOROWITZ, NAE, Stanford University

ERIC HORVITZ, NAE, Microsoft Corporation

VIJAY KUMAR, NAE, University of Pennsylvania

BETH MYNATT, Georgia Institute of Technology

CRAIG PARTRIDGE, Colorado State University

DANIELA RUS, NAE, Massachusetts Institute of Technology

FRED B. SCHNEIDER, NAE, Cornell University

MARGO SELTZER, University of British Columbia

MOSHE VARDI, NAS/NAE, Rice University

Staff

JON EISENBERG, Senior Director

LYNETTE I. MILLETT, Director, Forum on Cyber Resilience

SHENAE BRADLEY, Administrative Assistant

EMILY GRUMBLING, Program Officer

RENEE HAWKINS, Financial and Administrative Manager

KATIRIA ORTIZ, Associate Program Officer

For more information on CSTB, see its website at http://www.cstb.org; write to CSTB, National Academies of Sciences, Engineering, and Medicine, 500 Fifth Street, NW, Washington, DC 20001; call (202) 334-2605; or e-mail CSTB at cstb@nas.edu.

Page viii Cite
Suggested Citation:"Front Matter." National Academies of Sciences, Engineering, and Medicine. 2019. Beyond Spectre: Confronting New Technical and Policy Challenges: Proceedings of a Workshop. Washington, DC: The National Academies Press. doi: 10.17226/25418.
×

ACKNOWLEDGMENT OF REVIEWERS

This Proceedings of a Workshop was reviewed in draft form by individuals chosen for their diverse perspectives and technical expertise. The purpose of this independent review is to provide candid and critical comments that will assist the National Academies of Sciences, Engineering, and Medicine in making each published proceedings as sound as possible and to ensure that it meets the institutional standards for objectivity, evidence, and responsiveness to the charge. The review comments and draft manuscript remain confidential to protect the integrity of the deliberative process.

We thank the following individuals for their review of this workshop proceedings:

Edward Frank, NAE,1 Cloud Parity, Inc.,
Ben Hawkes, Google, Inc.,
Mark Hill, University of Wisconsin-Madison, and
John Manferdelli, Northeastern University.

Although the reviewers listed above provided many constructive comments and suggestions, they were not asked to endorse the content of the proceedings, nor did they see the final draft before its release. The review of this proceedings was overseen by Samuel L. Fuller, NAE, Analog Devices. He was responsible for making certain that an independent examination of this proceedings was carried out in accordance with standards of the National Academies and that all review comments were carefully considered. Responsibility for the final content rests entirely with the rapporteurs and the National Academies.

___________________

1 Member, National Academy of Engineering.

Suggested Citation:"Front Matter." National Academies of Sciences, Engineering, and Medicine. 2019. Beyond Spectre: Confronting New Technical and Policy Challenges: Proceedings of a Workshop. Washington, DC: The National Academies Press. doi: 10.17226/25418.
×

Preface

The Forum on Cyber Resilience—a roundtable established in 2015 by the National Academies of Sciences, Engineering, and Medicine—facilitates and enhances the exchange of ideas among scientists, practitioners, and policy makers who are concerned with urgent and important issues related to the resilience of the nation’s computing and communications systems, including the Internet, other critical infrastructures, and commercial systems. Forum activities help inform and engage a broad range of stakeholders around issues involving technology and policy related to cyber resilience, cybersecurity, privacy, and related emerging issues. A key role for the forum is to surface and explore topics that advance the national conversation.

In October 2018, the forum brought together researchers, public and private sector stakeholders, and other experts to explore the technical and policy implications of newly discovered computer hardware flaws, such as Spectre and Meltdown, that can arise from speculative execution and other micro-architectural structures. This proceedings summarizes presentations made by invited speakers and other remarks by workshop participants. In keeping with the workshop’s exploratory purpose, the proceedings does not contain findings or recommendations. Nor, in keeping with National

Suggested Citation:"Front Matter." National Academies of Sciences, Engineering, and Medicine. 2019. Beyond Spectre: Confronting New Technical and Policy Challenges: Proceedings of a Workshop. Washington, DC: The National Academies Press. doi: 10.17226/25418.
×

Academies guidelines for workshop proceedings, does it necessarily report consensus views of the workshop participants or organizing committee. A planning group appointed to oversee all forum workshops was limited to planning the workshop, and this workshop proceedings was prepared by the workshop rapporteurs and forum staff as a factual summary of what occurred at the workshop. The document draws on prepared remarks of workshop speakers, comments made by workshop participants, and ensuing discussions.

The first chapter summarizes the introduction to the workshop and reproduces background material provided to all participants. Chapters 2 through 4 summarize panel presentations and associated discussions. Chapter 5 describes the content of the final plenary discussion, highlighting some of the broader themes that emerged throughout the workshop. The agenda of the workshop is in Appendix A. Short biographical sketches of the steering committee members and speakers appear in Appendixes B and C, respectively.

My sincere thanks to the planning group, forum members, and staff who helped organize the workshop, as well as to the invited speakers for their thoughtful remarks and enthusiastic participation in the discussions that ensued. Writing support was provided by Anne Frances Johnson and Kathleen Pierce, Creative Science Writing. I also extend our appreciation to the National Science Foundation, the National Security Agency and the Office of the Director of National Intelligence, and the National Institute of Standards and Technology for their support and encouragement of forum activities.

Fred B. Schneider, Chair
Forum on Cyber Resilience

Suggested Citation:"Front Matter." National Academies of Sciences, Engineering, and Medicine. 2019. Beyond Spectre: Confronting New Technical and Policy Challenges: Proceedings of a Workshop. Washington, DC: The National Academies Press. doi: 10.17226/25418.
×

This page intentionally left blank.

Suggested Citation:"Front Matter." National Academies of Sciences, Engineering, and Medicine. 2019. Beyond Spectre: Confronting New Technical and Policy Challenges: Proceedings of a Workshop. Washington, DC: The National Academies Press. doi: 10.17226/25418.
×
Page R1
Suggested Citation:"Front Matter." National Academies of Sciences, Engineering, and Medicine. 2019. Beyond Spectre: Confronting New Technical and Policy Challenges: Proceedings of a Workshop. Washington, DC: The National Academies Press. doi: 10.17226/25418.
×
Page R2
Suggested Citation:"Front Matter." National Academies of Sciences, Engineering, and Medicine. 2019. Beyond Spectre: Confronting New Technical and Policy Challenges: Proceedings of a Workshop. Washington, DC: The National Academies Press. doi: 10.17226/25418.
×
Page R3
Suggested Citation:"Front Matter." National Academies of Sciences, Engineering, and Medicine. 2019. Beyond Spectre: Confronting New Technical and Policy Challenges: Proceedings of a Workshop. Washington, DC: The National Academies Press. doi: 10.17226/25418.
×
Page R4
Suggested Citation:"Front Matter." National Academies of Sciences, Engineering, and Medicine. 2019. Beyond Spectre: Confronting New Technical and Policy Challenges: Proceedings of a Workshop. Washington, DC: The National Academies Press. doi: 10.17226/25418.
×
Page R5
Suggested Citation:"Front Matter." National Academies of Sciences, Engineering, and Medicine. 2019. Beyond Spectre: Confronting New Technical and Policy Challenges: Proceedings of a Workshop. Washington, DC: The National Academies Press. doi: 10.17226/25418.
×
Page R6
Suggested Citation:"Front Matter." National Academies of Sciences, Engineering, and Medicine. 2019. Beyond Spectre: Confronting New Technical and Policy Challenges: Proceedings of a Workshop. Washington, DC: The National Academies Press. doi: 10.17226/25418.
×
Page R7
Page viii Cite
Suggested Citation:"Front Matter." National Academies of Sciences, Engineering, and Medicine. 2019. Beyond Spectre: Confronting New Technical and Policy Challenges: Proceedings of a Workshop. Washington, DC: The National Academies Press. doi: 10.17226/25418.
×
Page R8
Suggested Citation:"Front Matter." National Academies of Sciences, Engineering, and Medicine. 2019. Beyond Spectre: Confronting New Technical and Policy Challenges: Proceedings of a Workshop. Washington, DC: The National Academies Press. doi: 10.17226/25418.
×
Page R9
Suggested Citation:"Front Matter." National Academies of Sciences, Engineering, and Medicine. 2019. Beyond Spectre: Confronting New Technical and Policy Challenges: Proceedings of a Workshop. Washington, DC: The National Academies Press. doi: 10.17226/25418.
×
Page R10
Suggested Citation:"Front Matter." National Academies of Sciences, Engineering, and Medicine. 2019. Beyond Spectre: Confronting New Technical and Policy Challenges: Proceedings of a Workshop. Washington, DC: The National Academies Press. doi: 10.17226/25418.
×
Page R11
Suggested Citation:"Front Matter." National Academies of Sciences, Engineering, and Medicine. 2019. Beyond Spectre: Confronting New Technical and Policy Challenges: Proceedings of a Workshop. Washington, DC: The National Academies Press. doi: 10.17226/25418.
×
Page R12
Next: 1 Workshop Context and the Story of Spectre »
Beyond Spectre: Confronting New Technical and Policy Challenges: Proceedings of a Workshop Get This Book
×
MyNAP members save 10% online.
Login or Register to save!
Download Free PDF

In 2017, researchers discovered a vulnerability in microprocessors used in computers and devices all over the world. The vulnerability, named Spectre, combines side effects from caching and speculative execution, which are techniques that have been used for many years to increase the speed at which computers operate. The discovery upends a number of common assumptions about cybersecurity and draws attention to the complexities of the global supply chain and global customer base for the vast range of devices and cloud capabilities that all computer users rely on. In October 2018, the Forum on Cyber Resilience hosted a workshop to explore the implications of this development. This publication summarizes the presentations and discussions from the workshop.

  1. ×

    Welcome to OpenBook!

    You're looking at OpenBook, NAP.edu's online reading room since 1999. Based on feedback from you, our users, we've made some improvements that make it easier than ever to read thousands of publications on our website.

    Do you want to take a quick tour of the OpenBook's features?

    No Thanks Take a Tour »
  2. ×

    Show this book's table of contents, where you can jump to any chapter by name.

    « Back Next »
  3. ×

    ...or use these buttons to go back to the previous chapter or skip to the next one.

    « Back Next »
  4. ×

    Jump up to the previous page or down to the next one. Also, you can type in a page number and press Enter to go directly to that page in the book.

    « Back Next »
  5. ×

    Switch between the Original Pages, where you can read the report as it appeared in print, and Text Pages for the web version, where you can highlight and search the text.

    « Back Next »
  6. ×

    To search the entire text of this book, type in your search term here and press Enter.

    « Back Next »
  7. ×

    Share a link to this book page on your preferred social network or via email.

    « Back Next »
  8. ×

    View our suggested citation for this chapter.

    « Back Next »
  9. ×

    Ready to take your reading offline? Click here to buy this book in print or download it as a free PDF, if available.

    « Back Next »
Stay Connected!