MIT researchers have built an operating system from scratch — not for general use, but to study the inner workings of computer processors with precision previously impossible. Their creation, called Fractal, has already uncovered new security behaviors in Apple's M1 chip and overturned conclusions from earlier academic research.
The project, led by Joseph Ravichandran at MIT CSAIL, was born from a fundamental problem: if you want to study how a modern processor behaves under experimental conditions, running experiments on macOS or Linux introduces so much noise that results are hard to trust. Interrupts, scheduler thrashing, and address-space management all distort the measurements. And on Apple Silicon, the problem is getting worse — Apple is deprecating the low-level interfaces researchers relied on.
So the team built Fractal: a bare-metal OS kernel that boots directly on supported hardware with nothing else running underneath. At 31,000+ lines of code, it supports x86_64, ARM64, and RISC-V architectures, includes a C library and a set of familiar POSIX system calls, and even runs ports of vim, GCC, and dash. Researchers can port existing experiment code with minimal changes.
The 'Electron Microscope of Operating Systems'
Fractal's key innovation is a concept Ravichandran calls the outer kernel thread — a thread that lives in user-process memory but executes with kernel privileges. This lets a single experiment switch between privilege levels at runtime while running identical instructions in the same address space, producing near-zero background noise and flat measurement baselines.
"We're using hardware in ways it wasn't designed for," Ravichandran told MIT News. "It's not even obvious that this is a possible thing you could do with the hardware. But we found a way to pull all these different primitives off. It's like a microscope. If you've got a hand magnifying glass, you can see a little bit. But if you had an electron microscope, now we're really talking. That's what Fractal is."
What Fractal Found Inside Apple's M1
The team's first major investigation targeted the M1 chip's branch predictor — the component that guesses which code to execute next to avoid pipeline stalls. The results were striking:
Confirmed protection. The M1's ARM CSV2 specification does block user-mode code from steering kernel speculation via the indirect branch predictor's execute stage, exactly as designed.
An unintended side channel. Before CSV2 protection kicks in, the CPU still fetches the indirect branch target into the instruction cache. That fetch is observable via side-channel timing, meaning user code can influence what data the kernel pulls into its caches across the privilege boundary. The same vulnerability exists between processes with different address space identifiers.
First Phantom speculation evidence on Apple Silicon. Phantom — a speculative attack class previously shown only on AMD and Intel CPUs, where ordinary instructions are misinterpreted as branches — also affects the M1. Fractal demonstrated that Phantom fetches succeed across both privilege levels and ASIDs, though the execute phase remains blocked.
Overturned prior research. Earlier work claimed the M1's conditional branch predictor had cross-privilege training on performance cores but not efficiency cores. Fractal showed there is no privilege isolation at all on either core type. The earlier conclusion was an artifact of macOS quietly migrating threads between cores during system calls.
"For us, it is a true independent variable," Ravichandran said. "You change the privilege level, nothing else changes. The only thing that could explain whether the attack succeeds or not is the privilege level."
Why This Matters Beyond MIT
Fractal represents a shift in how hardware security research is conducted. Until now, chip researchers patched general-purpose operating systems to run experiments — a workflow that's inherently noisy, hard to reproduce, and increasingly blocked by platform vendors. The MIT team hopes Fractal will become standard shared infrastructure, like QEMU or FFmpeg, that the whole research community can build on.
The researchers disclosed all M1 findings to Apple's product security team, who also reviewed the Fractal tool itself. The full paper was presented at the 2026 IEEE Symposium on Security and Privacy.
Modern processors are extraordinarily complex black boxes, and the industry is still uncovering speculative execution vulnerabilities years after Spectre and Meltdown were disclosed. Tools like Fractal give researchers the clean-room environment needed to understand what these chips are actually doing — and what security boundaries they may or may not enforce.
Ravichandran summarized the mission simply: "We're pulling back the curtain on how these chips really work."
For more on chip architecture developments, read about AMD and Intel's joint ACE architecture for AI compute and the industry's accelerating investment in chip infrastructure.
Top comments (0)