Side-Channel Vulnerability Metrics: SVF vs. CSV

Recently two papers have been published on empirically measuring side-channel leakage in processors. The first paper introduced a framework for measuring side-channel leakage called “Side-Channel Vulnerability Factor” (SVF). SVF used phase correlation between victim and attacker programs to quantify leakage. A subsequent paper opposed some of the claims made in the SVF paper and introduced another metric, “Cache Side-channel Vulnerability” (CSV). CSV uses the same concept of measuring correlation between victim and attacker, but instead proposes using direct correlation in place of phase correlation. Another major difference between SVF and CSV is the scope of leakage measurement – CSV is defined to apply to only cache leakage, whereas SVF can be applied to multiple components within a processor. The CSV authors argue that applying SVF yields conclusions which contradicts what they term to be ground truth. In addition to these differences, the two papers used different experimental setups and thus their results were not directly comparable. This paper deconstructs the differences between SVF and CSV. We first provide a general overview of side-channels and background on their modeling and measurement. We then examine the differences between SVF and CSV both quantitatively and qualitatively using a common experimental setup. Finally, building on our examination of differences, we review and rebut claims made in the CSV paper against the SVF framework and metrics.