RowHammer, RowPress and Beyond: Can We Be Free of Bitflips (Soon)?
#Computer
#Architecture
#DRAM
#High-Bandwidth
#Memory
#RowHammer
We will examine the RowHammer problem in Dynamic Random Access Memory (DRAM), the first example of how a circuit-level failure mechanism can cause a practical and widespread system security vulnerability. RowHammer is the phenomenon that repeatedly accessing a row in a modern DRAM chip predictably causes bitflips in physically-adjacent rows. Building on our initial fundamental work that appeared at ISCA 2014, Google Project Zero demonstrated that this hardware phenomenon can be exploited by user-level programs to gain kernel privileges. Many other works demonstrated other attacks exploiting RowHammer, including remote takeover of a server vulnerable to RowHammer, takeover of a mobile device by a malicious user-level application, and destruction of predictive capabilities of commonly-used deep neural networks.
Unfortunately, the RowHammer problem still plagues cutting-edge DRAM chips, DDR4 and beyond. Based on our recent characterization studies of more than 1500 DRAM chips from six technology generations that appeared at ISCA 2020 and MICRO 2021, we show that RowHammer at the circuit level is getting much worse, newer DRAM chips are much more vulnerable to RowHammer than older ones, and existing mitigation techniques do not work well. We also show that existing proprietary mitigation techniques employed in DDR4 DRAM chips, which are advertised to be Rowhammer-free, can be bypassed via many-sided hammering (also known as TRRespass & Uncovering TRR).
In this talk, we will provide an overview of RowHammer research in academia and industry, with a special focus on recent works that rigorously analyze real chip characteristics and introduce promising solution ideas. We will discuss the effect of RowHammer on High-Bandwidth Memory (HBM) chips and introduce and analyze RowPress, which is a fundamentally different read disturbance phenomenon that also affects all DRAM chips. RowPress greatly (e.g., by 100X) reduces the activation count required to induce bitflips, by keeping an activated row open for a long time. We will also discuss what other problems may be lurking in DRAM and other types of memory, which can potentially threaten the foundations of reliable and secure systems, as memory technologies scale to higher densities. We will conclude by describing and advocating a principled approach to memory robustness (including reliability, security, safety) research that can enable us to better anticipate and prevent such vulnerabilities.
A short accompanying paper, which appeared at ASP-DAC 2023, can be found here and serves as recommended reading:
"Fundamentally Understanding and Solving RowHammer"
Date and Time
Location
Hosts
Registration
- Date: 18 Dec 2023
- Time: 02:45 PM to 04:30 PM
- All times are (UTC-05:00) Eastern Time (US & Canada)
-
Add Event to Calendar
-
154 Summit Street, Newark, NJ 07102
-
NJIT
-
Newark, New Jersey
-
United States
07102
-
Building:
Electrical and Computer Engineering
-
Room Number:
202
-
Click here for Map
- Contact Event
Hosts
-
Dr. Ajay K. Poddar, Email:akpoddar@ieee.org
Dr. Edip Niver, email: edip.niver@njit.edu
Dr. Durga Misra, Email: dmisra@ieee.org
Dr. Anisha M. Apte, Email: anisha_apte@ieee.org
-
Co-sponsored by
IEEE North Jersey Section
- Starts 12 December 2023 10:10 PM
- Ends 18 December 2023 02:10 PM
- All times are (UTC-05:00) Eastern Time (US & Canada)
- No Admission Charge
Speakers
Topic:
RowHammer, RowPress and Beyond: Can We Be Free of Bitflips (Soon)?
We will examine the RowHammer problem in Dynamic Random Access Memory (DRAM), the first example of how a circuit-level failure mechanism can cause a practical and widespread system security vulnerability. RowHammer is the phenomenon that repeatedly accessing a row in a modern DRAM chip predictably causes bitflips in physically-adjacent rows. Building on our initial fundamental work that appeared at ISCA 2014, Google Project Zero demonstrated that this hardware phenomenon can be exploited by user-level programs to gain kernel privileges. Many other works demonstrated other attacks exploiting RowHammer, including remote takeover of a server vulnerable to RowHammer, takeover of a mobile device by a malicious user-level application, and destruction of predictive capabilities of commonly-used deep neural networks.
Unfortunately, the RowHammer problem still plagues cutting-edge DRAM chips, DDR4 and beyond. Based on our recent characterization studies of more than 1500 DRAM chips from six technology generations that appeared at ISCA 2020 and MICRO 2021, we show that RowHammer at the circuit level is getting much worse, newer DRAM chips are much more vulnerable to RowHammer than older ones, and existing mitigation techniques do not work well. We also show that existing proprietary mitigation techniques employed in DDR4 DRAM chips, which are advertised to be Rowhammer-free, can be bypassed via many-sided hammering (also known as TRRespass & Uncovering TRR).
In this talk, we will provide an overview of RowHammer research in academia and industry, with a special focus on recent works that rigorously analyze real chip characteristics and introduce promising solution ideas. We will discuss the effect of RowHammer on High-Bandwidth Memory (HBM) chips and introduce and analyze RowPress, which is a fundamentally different read disturbance phenomenon that also affects all DRAM chips. RowPress greatly (e.g., by 100X) reduces the activation count required to induce bitflips, by keeping an activated row open for a long time. We will also discuss what other problems may be lurking in DRAM and other types of memory, which can potentially threaten the foundations of reliable and secure systems, as memory technologies scale to higher densities. We will conclude by describing and advocating a principled approach to memory robustness (including reliability, security, safety) research that can enable us to better anticipate and prevent such vulnerabilities.
A short accompanying paper, which appeared at ASP-DAC 2023, can be found here and serves as recommended reading:
"Fundamentally Understanding and Solving RowHammer"
Biography:
Onur Mutlu is a Professor of Computer Science at ETH Zurich. He is currently on sabbatical as a Visiting Professor at Stanford University. He is also a faculty member at Carnegie Mellon University, where he previously held the Strecker Early Career Professorship. His current broader research interests are in computer architecture, systems, hardware security, and bioinformatics. A variety of techniques he, along with his group and collaborators, has invented over the years have influenced industry and have been employed in commercial microprocessors and memory/storage systems. He obtained his PhD and MS in ECE from the University of Texas at Austin and BS degrees in Computer Engineering and Psychology from the University of Michigan, Ann Arbor. He started the Computer Architecture Group at Microsoft Research (2006-2009), and held various product and research positions at Intel Corporation, Advanced Micro Devices, VMware, and Google. His honors include a Google Open Source Peer Bonus Award, Huawei OlympusMons Award for Storage Systems Research, Google Security and Privacy Research Award, Intel Outstanding Researcher Award, IEEE High Performance Computer Architecture Test of Time Award, NVMW Persistent Impact Prize, IEEE Computer Society Edward J. McCluskey Technical Achievement Award, ACM SIGARCH Maurice Wilkes Award, the inaugural IEEE Computer Society Young Computer Architect Award, Carnegie Mellon University Ladd Research Award, faculty partnership awards from various companies, and a healthy number of best paper or "Top Pick" paper recognitions at various computer systems, architecture, and security venues. He is an ACM Fellow, IEEE Fellow, and an elected member of the Academy of Europe. His computer architecture and digital logic design course lectures and materials are freely available on YouTube (https://www.youtube.com/OnurMutluLectures), and his research group makes a wide variety of software and hardware artifacts freely available online (https://safari.ethz.ch/ and https://github.com/CMU-SAFARI). For more information, please see his webpage at https://people.inf.ethz.ch/omutlu/.
Email:
Address:ECE Dept, ETH/ Carnegie Mellon University, Pittsburg, Pennsylvania, United States, 15213
Agenda
Event Time: 2:45 PM to 4:30 PM
ECE 202, NJIT, Newark
3:45 PM to 3:00 PM Refreshments and Networking
3:00 PM to 4:30 PM Talk by Professor Onur Mutlu of ETH/Carnegie Mellon/Stanford
Seminar is in ECEC 202. All Welcome: There is no fee/charge for attending IEEE technical seminar. You don't have to be an IEEE Member to attend. Refreshments are free for all attendees. Please invite your friends and colleagues to take advantage of this talk.
Onur Mutlu of ETH/ Carnegie Mellon University