TRRespass won the Pwnie Award for “Most Innovative Research” at the annual BlackHat Europe conference this week. Pwnies are the most prestigious industrial awards in the security community. Congratulations to the authors: Pietro Frigo, Emanuele Vannacci, Hasan Hassan, Victor van der Veen, Onur Mutlu, Cristiano Giuffrida, Herbert Bos, and Kaveh Razavi on this prestigious prize!
You were a co-author on TRRespass, which recently won a Best Paper Award at IEEE S&P. What is the significance of this paper?
How was your experience in collaborating with the Systems and Network Security Group at VU Amsterdam on this work?
I am glad that our combined effort with the Systems and Network Security Group at VU Amsterdam won us the Best Paper Award at IEEE S&P. It has been a great experience for me to collaborate with experts in hardware security. I hope there will be more such collaborations that result in impactful research.
Which tools did you use in this work?
I think SoftMC, our FPGA-based DRAM testing infrastructure, was one of the key enablers of this research. We used SoftMC to interface with DDR4 DRAM chips in a much more flexible way than anyone can do using commodity desktop and mobile systems. Specifically, we used SoftMC to communicate with DRAM chips using low-level DDR4 commands as opposed to using load/store instructions provided by typical instruction set architectures. In a way, SoftMC lets us be the memory controller and provides the flexibility of issuing any DDR4 command at any time, which is not possible with commodity systems.
An earlier version of SoftMC that supports DDR3 devices is open-source and can be accessed here. In 2017, we published a paper that describes the design of SoftMC in detail.
I am also involved in maintaining Ramulator, a cycle-accurate DRAM simulator that we describe in this paper, and Scarab, which is a cycle-accurate simulator for state-of-the-art multicore CPUs.
Pietro Frigo, Emanuele Vannacci, Hasan Hassan, Victor van der Veen, Onur Mutlu, Cristiano Giuffrida, Herbert Bos, and Kaveh Razavi, “TRRespass: Exploiting the Many Sides of Target Row Refresh”Proceedings of the 41st IEEE Symposium on Security and Privacy (S&P), San Francisco, CA, USA, May 2020.
Slides (pptx) (pdf)
Lecture Slides (pptx) (pdf)
Talk Video (17 minutes)
Lecture Video (59 minutes)
Best paper award.
Pwnie Award 2020 for Most Innovative Research. Pwnie Awards 2020