A good first check for security companies - examine all known attacks for fence instructions, which are rare. (Without a fence instruction, hammering on the same addresses will just cycle the caches, and not go out to DRAM.) Look at the code near them for a hammering loop.
This is a promising attack, because it might be able to break through a virtual machine boundary.
A test for this should be shipped with major Linux distros, and run during install. When someone like Amazon, Rackspace, or Google sends back a few thousand machines as rejects, this will get fixed.
(Fences guarantee only memory ordering, and are typically implemented by flushing to cache, not to RAM.)