RowHammer and Beyond

Mutlu, Onur

doi:10.1007/978-3-030-16350-1_1

Cited by 8 publications

(3 citation statements)

References 82 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…You, the Hardware Designer" [41], at DATE 2017 [176], and at the Top Picks in Hardware and Embedded Security workshop, co-located with ICCAD 2018 [11], where RowHammer was selected as a Top Pick among hardware and embedded security papers published between 2012-2017. The most recent version of the associated talk was delivered at COSADE 2019 [179]. commercial microprocessors and memory/storage systems.…”

Section: Acknowledgmentsmentioning

confidence: 99%

RowHammer: A Retrospective

Mutlu

Kim

2020

IEEE Trans. Comput.-Aided Des. Integr. Circuits Syst.

Self Cite

155

129

View full text Add to dashboard Cite

This retrospective paper describes the RowHammer problem in Dynamic Random Access Memory (DRAM), which was initially introduced by Kim et al. at the ISCA 2014 conference [133]. RowHammer is a prime (and perhaps the first) example of how a circuit-level failure mechanism can cause a practical and widespread system security vulnerability. It is the phenomenon that repeatedly accessing a row in a modern DRAM chip causes bit flips in physically-adjacent rows at consistently predictable bit locations. RowHammer is caused by a hardware failure mechanism called DRAM disturbance errors, which is a manifestation of circuit-level cell-to-cell interference in a scaled memory technology.Researchers from Google Project Zero demonstrated in 2015 that this hardware failure mechanism can be effectively exploited by user-level programs to gain kernel privileges on real systems. Many other follow-up works demonstrated other practical attacks exploiting RowHammer. In this article, we comprehensively survey the scientific literature on RowHammer-based attacks as well as mitigation techniques to prevent RowHammer. We also discuss what other related vulnerabilities may be lurking in DRAM and other types of memories, e.g., NAND flash memory or Phase Change Memory, that can potentially threaten the foundations of secure systems, as the memory technologies scale to higher densities. We conclude by describing and advocating a principled approach to memory reliability and security research that can enable us to better anticipate and prevent such vulnerabilities.

show abstract

Section: Acknowledgmentsmentioning

confidence: 99%

RowHammer: A Retrospective

Mutlu

Kim

2020

IEEE Trans. Comput.-Aided Des. Integr. Circuits Syst.

Self Cite

155

129

View full text Add to dashboard Cite

show abstract

“…This means that RowHammer is a potential threat across all DRAM generations and designs. Kim et al [62] show that RowHammer appears to be an e ect of continued DRAM technology scaling [62,88,90,91], which means that as manufacturers increase DRAM storage density, their chips are potentially more susceptible to RowHammer. This increase in RowHammer vulnerability is often quanti ed for a given DRAM chip by measuring the number of times a single row must be activated (i.e., single-sided RowHammer) to induce the rst bit ip.…”

Section: Introductionmentioning

confidence: 99%

“…Unfortunately, there has been no work since the original RowHammer paper [62] that provides a rigorous characterization-based study to demonstrate how chips' vulnerabilities to RowHammer (i.e., the minimum number of activations required to induce the rst RowHammer bit ip) scale across di erent DRAM technology generations. While many works [5,63,89,90,91] speculate that modern chips are more vulnerable, there is no rigorous experimental study that demonstrates exactly how the minimum activation count to induce the rst RowHammer bit ip and other RowHammer characteristics behave in modern DRAM chips. Such an experimental study would enable us to predict future chips' vulnerability to RowHammer and estimate whether existing RowHammer mitigation mechanisms can e ectively prevent RowHammer bit ips in modern and future chips.…”

Section: Introductionmentioning

confidence: 99%

Revisiting RowHammer: An Experimental Analysis of Modern DRAM Devices and Mitigation Techniques

Kim¹,

Patel²,

Yağlıkçı³

et al. 2020

Preprint

Self Cite

View full text Add to dashboard Cite

RowHammer is a circuit-level DRAM vulnerability, rst rigorously analyzed and introduced in 2014, where repeatedly accessing data in a DRAM row can cause bit ips in nearby rows. The RowHammer vulnerability has since garnered signi cant interest in both computer architecture and computer security research communities because it stems from physical circuit-level interference e ects that worsen with continued DRAM density scaling. As DRAM manufacturers primarily depend on density scaling to increase DRAM capacity, future DRAM chips will likely be more vulnerable to RowHammer than those of the past. Many RowHammer mitigation mechanisms have been proposed by both industry and academia, but it is unclear whether these mechanisms will remain viable solutions for future devices, as their overheads increase with DRAM's vulnerability to RowHammer.In order to shed more light on how RowHammer a ects modern and future devices at the circuit-level, we rst present an experimental characterization of RowHammer on 1580 DRAM chips (408× DDR3, 652× DDR4, and 520× LPDDR4) from 300 DRAM modules (60× DDR3, 110× DDR4, and 130× LPDDR4) with RowHammer protection mechanisms disabled, spanning multiple di erent technology nodes from across each of the three major DRAM manufacturers. Our studies de nitively show that newer DRAM chips are more vulnerable to RowHammer: as device feature size reduces, the number of activations needed to induce a RowHammer bit ip also reduces, to as few as 9.6k (4.8k to two rows each) in the most vulnerable chip we tested.We evaluate ve state-of-the-art RowHammer mitigation mechanisms using cycle-accurate simulation in the context of real data taken from our chips to study how the mitigation mechanisms scale with chip vulnerability. We nd that existing mechanisms either are not scalable or su er from prohibitively large performance overheads in projected future devices given our observed trends of RowHammer vulnerability. Thus, it is critical to research more e ective solutions to RowHammer.

show abstract