MIT Builds Custom OS to Study Chip Functionality

Researchers at MIT’s Computer Science and Artificial Intelligence Laboratory (CSAIL) have developed Fractal, a specialized operating system kernel designed to expose the inner workings of modern processors with unprecedented clarity. According to the project’s lead, Joseph Ravichandran, the kernel removes the “noise” of traditional operating systems to reveal previously unknown hardware behaviors, including evidence that Apple’s M1 chip is susceptible to “Phantom” speculative attacks.

How does Fractal change the way we analyze chips?

Traditional operating systems aren’t built for microarchitecture research. They manage privilege levels and address spaces in ways that inject activity into every measurement, blurring the results. Fractal inverts this model by booting directly on bare metal.

According to the MIT team, Fractal uses a technique called “multi-privilege concurrency.” This allows a single experiment to switch privilege levels at runtime while executing the same instructions in the same address space. They achieved this through a new construct called the “outer kernel thread,” which executes with kernel privileges but sits inside a user process’s memory.

Joseph Ravichandran describes Fractal as an “electron microscope of operating systems.” By removing background noise, the team can produce flat baselines and clean signals, ensuring that changes in results are caused by the hardware itself, not the software managing it.

What vulnerabilities did Fractal find in Apple’s M1?

When applied to Apple’s M1 processor, Fractal uncovered gaps in the chip’s CSV2 ARM specification. While the protection successfully blocks a user-mode program from making the kernel speculatively execute a chosen target, Fractal revealed a different flaw: the CPU still fetches the target into the instruction cache before the protection kicks in.

This fetch is observable through a side channel, meaning user code can influence what the kernel pulls into its caches. The MIT team also produced the first evidence that Apple Silicon exhibits “Phantom” speculation. Previously, this class of misprediction—where ordinary instructions are misinterpreted as branches—was only demonstrated on Intel and AMD processors.

Why did Fractal overturn previous research on Apple Silicon?

The power of Fractal is best seen in its ability to correct prior errors. Earlier research on the M1’s conditional branch predictor suggested that cross-privilege training worked on performance cores (P-cores) but not on efficiency cores (E-cores).

Using Fractal, the MIT team proved this finding was wrong. They showed that the conditional branch predictor has no privilege isolation on either core type. According to Ravichandran, the earlier result was likely an artifact of macOS quietly migrating threads between different cores during system calls, creating a false signal.

Because Fractal allows the researcher to change the privilege level without changing anything else, the privilege level becomes a “true independent variable.”

Will Fractal become a standard for the security community?

The MIT team didn’t build Fractal as a one-off experiment. It supports x86_64, ARM64, and RISC-V, and includes over 31,000 lines of code. To make it accessible, they included POSIX system calls, a C library, and ports of standard tools like GCC and vim.

Mengyuan Li, an assistant professor at the University of Southern California, notes that Fractal turns an “ad hoc microarchitectural reverse-engineering workflow into reusable research infrastructure.”

The long-term goal is for Fractal to function like QEMU or FFmpeg—a shared, foundational tool that the entire community uses to ensure hardware results are reliable and accurate.

Frequently Asked Questions

What is a kernel in this context?
A kernel is the core program of an operating system that manages the communication between hardware and software.

What is speculative execution?
It’s a performance optimization where a CPU guesses which path a program will take and executes those instructions in advance. If the guess is wrong, the work is discarded, but the process can leave traces in the cache that hackers use for “side-channel” attacks.

Is my Apple M1 chip currently at risk?
The MIT team disclosed these findings to Apple’s product security team. While the research identifies theoretical vulnerabilities, the “execute phase” of these attacks remains blocked on the M1.