# RowHammer: A Retrospective

Onur Mutlu<sup>6</sup>, Fellow, IEEE, and Jeremie S. Kim<sup>6</sup>, Student Member, IEEE

Abstract—This retrospective paper describes the RowHammer problem in dynamic random access memory (DRAM), which was initially introduced by Kim et al. at the ISCA 2014 Conference. RowHammer is a prime (and perhaps the first) example of how a circuit-level failure mechanism can cause a practical and widespread system security vulnerability. It is the phenomenon that repeatedly accessing a row in a modern DRAM chip causes bit flips in physically adjacent rows at consistently predictable bit locations. RowHammer is caused by a hardware failure mechanism called DRAM disturbance errors, which is a manifestation of circuit-level cell-to-cell interference in a scaled memory technology. Researchers from Google Project Zero demonstrated in 2015 that this hardware failure mechanism can be effectively exploited by user-level programs to gain kernel privileges on real systems. Many other follow-up works demonstrated other practical attacks exploiting RowHammer. In this paper, we comprehensively survey the scientific literature on RowHammer-based attacks as well as mitigation techniques to prevent RowHammer. We also discuss what other related vulnerabilities may be lurking in DRAM and other types of memories, e.g., NAND flash memory or phase change memory, that can potentially threaten the foundations of secure systems, as the memory technologies scale to higher densities. We conclude by describing and advocating a principled approach to memory reliability and security research that can enable us to better anticipate and prevent such vulnerabilities.

Index Terms—Dynamic random access memory (DRAM), errors, memory systems, reliability, security, technology scaling, vulnerability.

## I. INTRODUCTION AND OUTLINE

EMORY is a key component of all modern computing systems, often determining the overall performance, energy efficiency, and reliability characteristics of the entire system. The push for increasing the density of modern memory technologies via technology scaling, which has resulted in higher capacity (i.e., density) memory and storage at lower cost, has enabled large leaps in the performance of modern computers [173]. This positive trend is clearly visible in especially the dominant main memory and solid-state storage technologies of today, i.e., dynamic random access memory (DRAM) [57], [58], [124], [145], [149] and NAND flash memory [42], [45], [52], respectively. Unfortunately, the same push has also greatly decreased the reliability of modern

Manuscript received January 22, 2019; accepted March 24, 2019. Date of publication May 7, 2019; date of current version July 17, 2020. This paper was recommended by Associate Editor J. Rajendran. (Corresponding author: Onur Mutlu.)

The authors are with the Department of Computer Science, ETH Zürich, 8092 Zürich, Switzerland, and also with the Department of Electrical and Computer Engineering, Carnegie Mellon University, Pittsburgh, PA 15213 USA (e-mail: omutlu@gmail.com).

Digital Object Identifier 10.1109/TCAD.2019.2915318

memory technologies, due to the increasingly smaller memory cell size and increasingly smaller amount of charge that is maintainable in the cell, which makes the memory cell much more vulnerable to various failure mechanisms and noise and interference sources, both in DRAM [112], [114]–[117], [132], [159], [174], [194], [201] and NAND flash nemory [42]–[48], [50]–[53], [162], [164]–[166], [174].

As memory scales down to smaller technology nodes, new failure mechanisms emerge that threaten its correct operation. If such failure mechanisms are not anticipated and corrected, they cannot only degrade system reliability and availability but also, perhaps even more importantly, open up new security vulnerabilities: a malicious attacker can exploit the exposed failure mechanism to take over the entire system. As such, new failure mechanisms in memory can become practical and significant threats to system security.

In this paper, we provide a retrospective of one such example failure mechanism in DRAM, which was initially introduced by Kim *et al.* [132] at the ISCA 2014 conference. We provide a description of the RowHammer problem and its implications by summarizing our ISCA 2014 paper [132], describe solutions proposed by our original work [132], comprehensively examine the many works that build on our original work in various ways, e.g., by developing new security attacks, proposing solutions, and analyzing RowHammer. What comes next in this section provides a roadmap of the entire paper.

In our ISCA 2014 paper [132], we introduce the RowHammer problem in DRAM, which is a prime (and perhaps the first) example of how a circuit-level failure mechanism can cause a practical and widespread system security vulnerability. RowHammer, as it is now popularly referred to, is the phenomenon that repeatedly accessing a row in a modern DRAM chip causes bit flips in physically adjacent rows at consistently predictable bit locations. It is caused by a hardware failure mechanism called DRAM disturbance errors, which is a manifestation of circuit-level cell-to-cell interference in a scaled memory technology. We describe the RowHammer problem and its root causes in Section II.

Inspired by our ISCA 2014 paper's fundamental findings, researchers from Google Project Zero demonstrated in 2015 that this hardware failure mechanism can be effectively exploited by user-level programs to gain kernel privileges on real systems [213], [214]. Tens of other works since then demonstrated other practical attacks exploiting RowHammer, e.g., [12], [31]–[33], [37], [54], [66], [73], [76], [89], [90], [107], [156], [196], [197], [199], [205], [233], [234], [239], [249], and [258]. These include remote takeover of a server vulnerable to RowHammer, takeover of a victim virtual machine (VM) by another VM running on the same system, takeover of a mobile device by a malicious user-level application that requires no permissions, takeover of a

0278-0070 © 2019 IEEE. Personal use is permitted, but republication/redistribution requires IEEE permission. See https://www.ieee.org/publications/rights/index.html for more information.

mobile system quickly by triggering RowHammer using a mobile GPU, and takeover of a remote system by triggering RowHammer on it through the remote direct memory access (RDMA) protocol [6]. We describe the works that build on RowHammer to develop new security attacks in Section III-A.

Our ISCA 2014 paper rigorously and experimentally analyzes the RowHammer problem and examines seven different solutions, multiple of which are already employed in practice to prevent the security vulnerabilities (e.g., increasing the memory refresh rate). We propose a low-cost solution, probabilistic adjacent row activation (PARA), which provides a strong and configurable reliability and security guarantee; a solution whose variants are being adopted by DRAM manufacturers and memory controller designers [5]. We describe this solution and the six other solutions of our original paper in Section II-E. Many other works build on our original paper to propose and evaluate other solutions to RowHammer, and we discuss them comprehensively in Section III-B.

Our ISCA 2014 paper leads to a new mindset that has enabled a renewed interest in hardware security research: general-purpose hardware is fallible, in a very widespread manner, and this causes real security problems. We believe the RowHammer problem will become worse over time since DRAM cells are getting closer to each other with technology scaling. Other similar vulnerabilities may also be lurking in DRAM and other types of memories, e.g., NAND flash memory or phase change memory, that can potentially threaten the foundations of secure systems, as the memory technologies scale to higher densities. Our ISCA 2014 paper advocates a principled system-memory co-design approach to memory reliability and security research that can enable us to better anticipate and prevent such vulnerabilities. We describe promising ongoing and future research directions related to RowHammer (Section IV), including the examination of other potential vulnerabilities in memory (in Section IV-A) and the use of a principled approach to make memory more reliable and more secure (in Section IV-B).

# II. ROWHAMMER PROBLEM: SUMMARY

Memory isolation is a key property of a reliable and secure computing system. An access to one memory address should not have unintended side effects on data stored in other addresses. However, as process technology scales down to smaller dimensions, memory chips become more vulnerable to disturbance, a phenomenon in which different memory cells interfere with each others' operation. We have shown, in our ISCA 2014 paper [132], the existence of disturbance errors in commodity DRAM chips that are sold and used in the field. Repeatedly reading from the same address in DRAM could corrupt data in nearby addresses. Specifically, when a DRAM row is opened (i.e., activated) and closed (i.e., precharged) repeatedly (i.e., hammered), enough times within a DRAM refresh interval, one or more bits in physically adjacent DRAM rows can be flipped to the wrong value. This DRAM failure mode is now popularly called RowHammer [1], [2], [23], [37], [90], [130], [140], [205], [213], [214], [239], [244]. Using a field-programmable gate array (FPGA)-based experimental DRAM testing infrastructure, which we originally developed



Fig. 1. RowHammer error rate versus manufacturing dates of 129 DRAM modules we tested (reproduced from [132]).

for testing retention time issues in DRAM [159],<sup>1</sup> we tested 129 DRAM modules manufactured by three major manufacturers (A, B, and C) in seven recent years (2008–2014) and found that 110 of them exhibited RowHammer errors, the earliest of which dates back to 2010. This is illustrated in Fig. 1, which shows the error rates we found in all 129 modules we tested where modules are categorized based on manufacturing date.<sup>2</sup> In particular, *all* DRAM modules from 2012–2013 were vulnerable to RowHammer, indicating that RowHammer is a recent phenomenon affecting more advanced process technology generations (as also demonstrated repeatedly by various works that come after our ISCA 2014 paper [12], [17], [66], [140], [196], [239]).

## A. RowHammer Mechanisms

In general, disturbance errors occur whenever there is a strong enough interaction between two circuit components (e.g., capacitors, transistors, and wires) that should be isolated from each other. Depending on which component interacts with which other component and also how they interact, many different modes of disturbance are possible.

Among them, our ISCA 2014 paper identifies one particular disturbance mode that affects commodity DRAM chips from all three major manufacturers. When a wordline's voltage is toggled repeatedly, some cells in nearby rows leak charge at a much faster rate than others. Such vulnerable cells, if disturbed enough times, cannot retain enough charge for even 64 ms, the time interval at which they are refreshed. Ultimately, this leads to the cells losing data and experiencing disturbance errors.

Without analyzing existing DRAM chips at the device-level, which is an option not available for us, we cannot make definitive claims about how a wordline interacts with nearby cells to increase their leakiness. Our ISCA 2014 paper hypothesizes, based on past studies and findings, that there may be

<sup>&</sup>lt;sup>1</sup>This infrastructure is currently released to the public, and is described in detail in our HPCA 2017 paper [98]. The infrastructure has enabled many studies [57], [58], [79], [98], [114]–[116], [132], [146], [149], [159], [201] into the failure and performance characteristics of modern DRAM, which were previously not well understood.

<sup>&</sup>lt;sup>2</sup>Test details and experimental setup, along with a listing of all modules and their characteristics, are reported in our original RowHammer paper [132].

three ways of interaction. At least two major DRAM manufacturers have confirmed all three of these hypotheses as potential causes of disturbance errors. First, changing the voltage of a wordline could inject noise into an adjacent wordline through electromagnetic coupling [60], [171], [206]. This partially enables the adjacent row of access-transistors for a short amount of time and facilitates the leakage of charge from vulnerable cells. Thus, if a row is hammered enough times to disturb such vulnerable cells before they get refreshed, charge in such cells get drained to a point that the original cell values are not recoverable any more. Second, bridges are a wellknown class of DRAM faults in which conductive channels are formed between unrelated wires and/or capacitors [19], [20]. One study on embedded DRAM (eDRAM) found that toggling a wordline could accelerate the flow of charge between two bridged cells [103]. Third, it has been reported that toggling a wordline for hundreds of hours can permanently damage it by hot-carrier injection [64]. If some of the hot-carriers are injected into the neighboring rows, this could modify the amount of charge in their cells or alter the characteristics of their access-transistors to increase their leakiness.

Several recent works have tried to examine and model RowHammer at the circuit level; we survey these works in Section III-C.

## B. User-Level RowHammer

Our ISCA 2014 paper also demonstrates that a very simple user-level program [3], [132] can reliably and consistently induce RowHammer errors in three commodity Advanced Micro Devices (AMD) and Intel systems using vulnerable DRAM modules. We released the source code of this program [3], which Google Project Zero later enhanced [4]. Using our user-level RowHammer test program, we showed that RowHammer errors violate two invariants that memory should provide: 1) a read access should not modify data at any address and 2) a write access should modify data only at the address that it is supposed to write to. As long as a row is repeatedly opened, both read and write accesses can induce RowHammer errors, all of which occur in rows other than the one that is being accessed. Since different DRAM rows are mapped (via mechanisms in the system software and the memory controller) to different software pages, our user-level program could reliably corrupt specific bits in pages belonging to other programs. As a result, RowHammer errors can be exploited by a malicious program to breach memory protection and compromise the system. In fact, we hypothesized, in our ISCA 2014 paper, that our user-level program, with some engineering effort, could be developed into a disturbance attack that injects errors into other programs, crashes the system, or hijacks control of the system. We left such research for the future since our primary objective in our ISCA 2014 paper was to understand and prevent RowHammer errors [132].

## C. Characteristics of RowHammer

Our ISCA 2014 paper [132] provides a detailed experimental analysis of various characteristics of RowHammer, including its prevalence across DRAM chips, access pattern dependence, data pattern dependence (DPD), temperature

dependence, address correlation between victim and aggressor memory rows, number of bits in a victim row that flip due to RowHammer in an adjacent row, number of rows that get affected due to RowHammer in an adjacent row, relationship of RowHammer-vulnerable cells with leaky cells that need higher refresh rates, repeatability of RowHammer errors, the fact that a memory row is vulnerable to RowHammer on both adjacent wordlines, and real system demonstration of RowHammer. We omit these analyses here in this retrospective and focus on security vulnerabilities and prevention of RowHammer. We refer the reader to [132] for a rigorous treatment of the characteristics of the RowHammer phenomenon.

One of the key takeaways from our characterization is that RowHammer-induced errors are predictably repeatable. In other words, if a cell's value gets corrupted via RowHammer, the same cell's value is very likely to get corrupted again via RowHammer. This repeatability enables the construction of repeatable security attacks in a controlled manner, which we briefly discuss next and cover in detail in Section III-A.

## D. RowHammer as Security Threat

RowHammer exposes a security threat since it leads to a breach of memory isolation, where accesses to one row (e.g., a user-level memory page) modifies the data stored in another memory row (e.g., a privileged operating system page). As indicated above, malicious software can be written to take advantage of these disturbance errors. We call these disturbance attacks [132], or RowHammer attacks. Such attacks can be used to corrupt system memory, crash a system, or take over the entire system. Confirming the predictions of our ISCA paper [132], researchers from Google Project Zero developed a user-level attack that exploits RowHammer to gain kernel privileges and thus take over an entire system [213], [214]. More recently, researchers showed that RowHammer can be exploited in various ways to take over various classes of systems. As such, the RowHammer problem has widespread and profound real implications on system security, threatening the foundations of memory isolation on top of which modern system security principles are built. We survey the works that exploit RowHammer to build many different security attacks in Section III-A.

## E. RowHammer Solutions

Our ISCA 2014 paper discusses and analyzes seven different countermeasures to the RowHammer problem. Each solution makes a different tradeoff between feasibility, cost, performance, power, and reliability. Among them, we believe our seventh and last solution, called PARA, to be the most efficient with the lowest overhead.

The first six solutions are as follows.

- Manufacturing better DRAM chips that are not vulnerable.
- 2) Using (strong) error correcting codes (ECCs) to correct RowHammer-induced errors.
- 3) Increasing the refresh rate for all of memory.
- 4) Statically remapping/retiring RowHammer-prone cells via a one-time post-manufacturing analysis.
- 5) Dynamically remapping/retiring RowHammer-prone cells during system operation.

6) Accurately identifying hammered rows during runtime and refreshing their neighbors.<sup>3</sup>

We will not go into significant detail in this summary and retrospective, but none of these first six solutions are very desirable as they come at significant power, performance or cost overheads, as we describe in our original work [132]. We will revisit some of these solutions in Section III-B of this paper, when we survey related work that builds on RowHammer.

Our ISCA 2014 paper's main proposal to prevent RowHammer is a low-overhead mechanism called PARA. The key idea of PARA is simple: every time a row is opened and closed, one or more of its adjacent rows are also opened (i.e., refreshed) with some low probability p (by the memory controller or the DRAM chip). If one particular row happens to be opened and closed repeatedly, then it is statistically certain that the row's adjacent rows will eventually be opened as well, as we show in our original work, assuming p is chosen intelligently and carefully. The main advantages of PARA are that: 1) it is stateless in the sense that it does not require expensive hardware data-structures to count the number of times that rows have been opened or to store the addresses of the aggressor/victim rows and 2) its performance and power consumption overheads are very low due to the infrequent activation of *only adjacent rows* of a closed row. Our ISCA 2014 paper provides a memory-controller-based implementation of PARA, evaluates its reliability guarantee against adversarial access patterns, and empirically examines its performance overhead. We show that by setting the probability of refresh of adjacent rows p to a reasonable yet very low value (e.g., 0.001 or 0.005), PARA provides a strong guarantee against RowHammer and leads to a very small performance overhead of less than 0.75%. More detailed discussion of the implementation and evaluation of PARA can be found in our original work. We will revisit PARA in Section III-B of this paper.

## III. SURVEY OF WORKS THAT BUILD ON ROWHAMMER

RowHammer has spurred a significant amount of research since its publication in 2014. In this section, we provide a categorical survey of the array of works that build off of our original paper that introduces the concept of RowHammer and *disturbance attacks* [132]. We describe seven different types of works.

- 1) Security attacks that exploit the RowHammer vulnerability.
- 2) Defense and mitigation mechanisms against the RowHammer phenomenon and the security attacks.
- 3) Circuit-level studies that aim to understand and model the RowHammer phenomenon.
- 4) Other works that exploit RowHammer for various purposes.
- 5) Works that build platforms to study RowHammer.
- 6) Pop culture references to RowHammer.

<sup>3</sup>Several early patent applications propose to maintain an array of counters ("detection logic") in either the memory controller [25], [27], [88] or in the DRAM chips themselves [26], [28], [87]. If the counters are tagged with the addresses of only the most recently activated rows, the number of required counters can be significantly reduced [88].

 Works that show that the RowHammer phenomenon continues to exist in future generation DRAM chips younger than the ones we examined in our original ISCA 2014 paper.

While we describe the works, we also point out the potential for future research in each topic area.

## A. Exploits Using RowHammer

Inspired by our ISCA 2014 paper's fundamental findings, researchers from Google Project Zero demonstrated in 2015 that RowHammer can be effectively exploited by user-level programs to gain kernel privileges on real systems [213], [214]. Google Project Zero presented two exploits using RowHammer. The first exploit runs as a Native Client (NaCl) program and escalates privilege to escape from the x86-64 sandbox environment. Since NaCl statically validates code before running it, Google Project Zero simply shows that an attacker can modify safe instructions to become unsafe. The second exploit, which is even more powerful, runs as a normal x86-64 process on Linux and escalates privilege to gain access to all of physical memory and thus take over the entire system. The attacker hammers a page table entry (PTE) such that it changes the PTE to point to a page table owned by the attacking process. This gives the attacking process full read-write access to its own page table and hence to all of physical memory, which enables the attacking process to take over the entire system.

Tens of other works since then demonstrated other attacks exploiting RowHammer and we explain several of them in some detail here. One involves the takeover of a victim VM by another attacker VM running on the same system [205]. In [205], the attacker VM writes a memory page that it knows exists in the victim VM at a RowHammer-vulnerable memory location. If memory deduplication merges the victim VM's and attacker VM's duplicate pages to the attacker VM page's location, the attacker can then induce RowHammer failures in the deduplicated page's data, which is shared by both attacker and victim. Since RowHammer attacks modify memory without writes, the deduplication engine does not detect the modification to memory, and the victim VM continues to use the corrupted page. The authors show two attacks using this method. The first attack compromises OpenSSH [10] by modifying the public keys in a victim VM such that the attacker can easily generate a private key that matches the modified public key. It is easier to generate a private key when a public key becomes easily factorable. The second attack compromises the Linux package installation tool, apt-get [8] using two steps. First, the attacker flips a bit in the apt-get domain name of the victim, such that the victim's aptget requests are redirected to a malicious repository. Second, the attacker flips a bit in the page containing the Ubuntu Archive Signing Keys, which are used to check the validity of packages before installation. Thus, this paper exploits the RowHammer vulnerability to break both OpenSSH public key authentication and install malicious software via widely used installation tools.

The Drammer work [239] demonstrates an attack that exploits RowHammer on a mobile device using a malicious user-level application that requires no permissions. This is the first demonstration of RowHammer attacks on

ARM-based systems. The work takes advantage of the deterministic memory allocation patterns in the Android Linux Operating System. By exploiting these deterministic memory allocation patterns, the authors present a methodology for forcing a victim process to allocate its PTE in a RowHammervulnerable region of memory. To do this, the attacker process must essentially allocate all possible memory regions for a page table allocation and then release the page table allocation that contains the RowHammer-vulnerable DRAM cells at bit offsets that enable exploitation. Because of the use of buddy allocation [134] (an allocation scheme that forces allocations to the smallest available contiguous region of memory) in Linux platforms, the attacker does not need to allocate all of memory and risk crashing the system. The researchers found 18 out of 27 phone models to be vulnerable to RowHammer and have since released a mobile application that tests memory for RowHammer-vulnerable cells and aggregates statistics on how widespread the RowHammer phenomenon is on mobile devices. This paper shows that existing mobile systems are widely vulnerable to RowHammer attacks.

Gruss *et al.* [90] demonstrated a remote takeover of a server vulnerable to RowHammer via JavaScript code execution. Since JavaScript is present and enabled by default in every modern browser, this paper demonstrates the proof-of-concept that the RowHammer attack can be launched by a Website to gain root privileges on a system that visits the Website.

Other works that have demonstrated attacks exploiting RowHammer include takeover of a mobile system by triggering RowHammer using the WebGL interface on a mobile GPU [76], [89], takeover of a remote system by triggering RowHammer through the RDMA protocol [156], [233], and various other attacks [12], [31]–[33], [37], [54], [66], [73], [89], [107], [196], [197], [199], [234], [249], [258]. Thus, RowHammer has widespread and profound real implications on system security, as it breaks memory isolation on top of which modern system security principles are built.

This paper has inspired many researchers to exploit RowHammer to devise new attacks. As mentioned earlier, tens of papers were written in top security venues that demonstrate various practical attacks exploiting RowHammer (e.g., [12], [31]–[33], [37], [54], [66], [73], [76], [89], [90], [107], [156], [196], [197], [199], [205], [213], [214], [233], [234], [239], [249], and [258]). These attacks started with Google Project Zero's first work in 2015 [213], [214] and they continue to this date, with the latest ones that we know of being published in late 2018 [31], [33], [54], [156], [197], [233], [234], [258] and mid 2019 [66]. We believe there is a lot more to come in this direction: as systems security researchers understand more about RowHammer, and as the RowHammer phenomenon continues to fundamentally affect memory chips due to technology scaling problems [174], researchers and practitioners will develop different types of attacks to exploit RowHammer in various contexts and in many more creative ways. Various recent reports suggest that new-generation DDR4 DRAM and other DRAM chips are vulnerable to RowHammer [12], [17], [66], [140], [196], as we examine further in Section III-G, so the fundamental security research on RowHammer is likely to continue into the future.

## B. Defenses Against RowHammer

This paper also inspired many solution and mitigation techniques for RowHammer from both researchers and industry practitioners. Apple [21] publicly mentioned, in their critical security release for RowHammer, that they increased the memory refresh rates due to the "original research by Kim et al. [133]." The industry-standard Memtest86 program, which is used to test deployed memory chips for errors, was updated, including a RowHammer test, acknowledging our ISCA 2014 paper [192]. Many academic works developed solutions to RowHammer, working from our original research (e.g., [23], [38], [40], [81], [105], [119], [150], [188], [220], [224], and [240]). Additionally, many patents for solutions to RowHammer have been filed [25]–[28], [30], [88]. We believe such solutions will continue to be generated in both academia and industry, extending RowHammer's impact into the very long term. We cover some of these solutions in this section.

Given that RowHammer is such a critical vulnerability, it is important to find both *immediate* and *long-term* solutions to the RowHammer problem (as well as related problems that might cause similar vulnerabilities). The goal of the immediate solutions is to ensure that existing systems are patched such that the vulnerable DRAM devices that are already in the field cannot be exploited. The goal of the long-term solutions is to ensure that future DRAM devices do not suffer from the RowHammer problem when they are released into the field.

Given that immediate solutions require mechanisms that already exist in systems operating in the field, they are fundamentally more limited. A popular immediate solution, described and analyzed by our ISCA 2014 paper [132], is to increase the refresh rate of memory such that the probability of inducing a RowHammer error before DRAM cells get refreshed is reduced. Several major system manufacturers (including Apple, HP, Cisco, Lenovo, and IBM) have adopted this solution and released security patches that increased DRAM refresh rates (e.g., [21], [75], [100], and [152]) in the memory controllers. While this solution might be practical and effective in reducing the vulnerability, it has the significant drawbacks of increasing energy/power consumption, reducing system performance, and degrading quality of service experienced by user programs. Our paper shows that the refresh rate needs to be increased by  $7.8 \times$  its nominal value today, if we want to eliminate all RowHammer-induced errors we saw in our tests of 129 DRAM modules! Fig. 2 demonstrates this paper: if we examine the most RowHammer-vulnerable module that we test from each manufacturers A, B, and C, we find that completely eliminating the RowHammer-induced errors requires us to reduce the refresh interval from the nominal 64–8.2 ms, leading to a 7.8× increase in the refresh rate. Since DRAM refresh is already a significant burden [59], [112], [114], [158], [194], [201] on energy consumption, performance, and quality of service, increasing it by any significant amount would only exacerbate the problem. Yet, increased refresh rate is likely the most practical *immediate* solution to RowHammer that does not require any significant change to the system.

Other immediate solutions modify the software [38], [105], [106], [136], [188], [213], [240], [248]. For example, ANVIL proposes software-based detection of RowHammer attacks by monitoring via hardware performance counters and selective



Fig. 2. Number of RowHammer-induced errors observed on the most RowHammer-vulnerable module of each DRAM manufacturers A, B, and C, as the refresh interval is varied from 8 to 128 ms (reproduced from [132]).

explicit refreshing of victim rows that are found to be under attack [23]. One short-term approach to mitigating RowHammer attacks is intelligently allocating and physically isolating pages such that RowHammer cannot affect important pages [38], [136], [240]. Brasser et al. [38] extended the physical memory allocator of the operating system to allocate memory in such a way that isolates memory pages of different system entities. Van der Veen et al. [240] prevented DMAbased attacks by isolating DMA buffers with additional buffer rows (i.e., guard rows) that do not store data. This ensures that any DMA-based attack can only induce RowHammer bit flips in the guard rows without affecting rows containing important data. Another approach for mitigating RowHammer statically analyzes code to identify code segments that are probably RowHammer attacks and prevents them prior to execution [105]. ZebRAM [136] reserves odd rows as "safe" rows and even rows as "unsafe" rows such that hammering a safe row should never result in a RowHammer failure in another safe row. The unsafe rows are used as swap space and a portion of safe rows are used as a cache for data in the unsafe-row swap space. Whenever data in unsafe rows is migrated to safe rows, ZebRAM performs software integrity checks and error correction. Unfortunately, such software-based solutions usually: 1) require modifications to system software; 2) might be intrusive to system operation; and/or 3) might cause significant performance or memory space overheads (yet they are still promising to research).

As briefly discussed in Section II-E, our ISCA 2014 paper [132] discusses and analyzes seven short-term and long-term countermeasures to the RowHammer problem. The first six solutions are as follows.

- 1) Making better DRAM chips that are not vulnerable.
- 2) Using (strong) ECCs to correct RowHammer-induced errors
- 3) Increasing the refresh rate for all of memory.
- 4) Statically remapping/retiring RowHammer-prone cells via a one-time post-manufacturing analysis.
- 5) Dynamically remapping/retiring RowHammer-prone cells during system operation.
- 6) Accurately identifying hammered rows during runtime and refreshing their neighbors.

TABLE I
UNCORRECTABLE MULTIBIT ROWHAMMER ERRORS (IN BOLD)
OBSERVED ON THE MOST ROWHAMMER-VULNERABLE MODULE
OF EACH DRAM MANUFACTURERS A, B, AND C
(REPRODUCED FROM [132])

| Module                         | Number of 64-bit words with X errors |        |       |       |
|--------------------------------|--------------------------------------|--------|-------|-------|
|                                | X = 1                                | X = 2  | X = 3 | X = 4 |
| ${\sf A}_{23} \\ {\sf B}_{11}$ | 9,709,721                            | 181856 | 2248  | 18    |
| $B_{11}$                       | 2,632,280                            | 13638  | 47    | 0     |
| $C_{19}^{-}$                   | $141,\!821$                          | 42     | 0     | 0     |

This paper shows that the first six solutions are not very desirable as they come at significant power, performance, or cost overheads. We already discussed the overheads of increasing the refresh rates across the board. Similarly, the use of simple single-error correcting double-error detecting (SECDED) ECCs, as employed in many server and datacenter systems, is not enough to prevent all RowHammer errors, as some cache blocks experience two or more bit flips, which are not correctable by SECDED ECC, as we have shown in our ISCA 2014 paper [132]. Table I demonstrates this by showing how many 64-bit words in the full address-space (0-2 GB) of the most RowHammer-vulnerable DRAM modules of the three major DRAM manufacturers contain 1, 2, 3, or 4 victim cells. While most words have just a single victim, there are also some words with multiple victims. Thus, stronger ECC is very likely required to correct RowHammer errors, which comes at the cost of additional energy, performance, cost, and DRAM capacity overheads.<sup>4</sup> Alternatively, the sixth solution described above, i.e., accurately identifying a row as a hammered row requires keeping track of access counters for a large number of rows in the memory controller [119], potentially leading to very large hardware area and power consumption, and performance, overheads.

There are many other works that propose long-term solutions [28], [30], [40], [68], [81], [82], [88], [110], [127], [133], [150], [211], [220], [224], [241], [243], building on our original work. Son *et al.* [224] used a probabilistic mechanism similar to PARA in the original RowHammer paper in addition to a small stack for maintaining access history information to determine whether adjacent rows need to be refreshed to avoid bit flips. References [150], [220], [241], and [243] are counter-based defenses that rely on maintaining access counts to DRAM rows and refreshing adjacent rows when the access count of a row exceeds a predetermined threshold. These works focus on reducing the overhead of counting accesses to DRAM addresses to enable a viable implementation of the sixth solution we described above.

We believe the long-term solution to RowHammer can actually be very simple and low cost: when the memory controller closes a row (after it was activated), it, with a very low probability, refreshes the adjacent rows. The probability value is a

<sup>4</sup>Note that protecting *all* memory rows with strong ECC is likely a wasteful solution for RowHammer because RowHammer-induced bit-flips are access-pattern dependent; they are not randomly occurring bit-flips. Since only a small number of rows can be hammered at a given time, paying the capacity, cost, and energy overheads of extra redundancy required for strong ECC for *all* memory rows, solely to protect them against RowHammer, is likely not an efficient solution to the RowHammer problem.

parameter determined by the system designer or provided programmatically, if needed, to trade off between performance overhead and vulnerability protection guarantees. We show that this probabilistic solution, called PARA, is extremely effective: it eliminates the RowHammer vulnerability, providing much higher reliability guarantees than modern hard disks today, while requiring no storage cost and having negligible performance and energy overheads [132].

PARA is not immediately implementable in an existing system because it requires changes to either the memory controllers or the DRAM chips, depending on where it is implemented. If PARA is implemented in the memory controller, the memory controller needs to obtain information on which rows are adjacent to each other in a DRAM bank. This information is currently unknown to the memory controller as DRAM manufacturers can internally remap rows to other locations [115], [116], [132], [149], [159] for various reasons, including for tolerating various types of faults. However, this information can be simply provided by the DRAM chip to the memory controller using the serial presence detect readonly memory present in modern DRAM modules, as described in our ISCA 2014 paper [132]. It appears that some very recent Intel memory controllers implement a limited variant of PARA, whose adjacent-row activation probability can be chosen by the user via modifications in the BIOS [5]. If PARA is implemented in the DRAM chip, then the hardware interface to the DRAM chip should be such that it allows DRAM-internal refresh operations that are not initiated by an external memory controller. This could be achieved with the addition of a new DRAM command, like the targeted refresh command proposed in a patent by Intel [29]. In 3-D-stacked memory technologies [129], [148], e.g., high bandwidth memory (HBM) [108], [148] or hybrid memory cube (HMC) [7], which combine logic and memory in a tightly integrated fashion, the logic layer can be easily modified to implement PARA.<sup>5</sup> Alternatively, if the memory interface is asynchronous with the processor, a simple controller that is tightly coupled with the memory chip can freely and easily implement PARA internally to the memory chip.

All these implementations of the promising PARA solution are examples of much better cooperation between memory controller and the DRAM chips. Regardless of the exact implementation, we believe RowHammer, and other upcoming reliability vulnerabilities like RowHammer, can be much more easily found, mitigated, and prevented with better cooperation between and co-design of system and memory, i.e., system-memory co-design [173]. System-memory co-design is explored by recent works for mitigating various DRAM-based security and DRAM scaling issues, including retention failures and performance problems

<sup>5</sup>Alternatively, for a solution like PARA to be implemented in the DRAM chip, without modifying the hardware interface to the DRAM chip, one can exploit the timing slack in the DRAM timing parameters that already exist under various conditions. For example, the timing slack in the specified precharge timing parameter or the refresh latency parameter can be exploited by the DRAM chip itself to internally issue refresh operations to targeted rows with some probability. Even though such timing slack exists in DRAM chips, as shown by many recent experimental studies [57], [69], [124], [146], [149], we do not believe this is a robust solution since: 1) the timing slack may not exist under all operating conditions or for all chips and 2) many studies would like to reduce the timing slack as much as possible to improve DRAM performance and energy [57], [69], [124], [146], [149].

(e.g., [56], [57], [59], [97], [112]–[116], [124]–[126], [128], [132], [145]–[147], [149], [158], [159], [163], [173], [181], [201], [203], [215]–[217], [229]–[231], [235], [236], and [250]). Taking the system-memory co-design approach further, providing more intelligence configurability/programmability/patch-ability in the memory controller can greatly ease the tolerance to errors like RowHammer: when a new failure mechanism in memory is discovered, the memory controller can be configured/programmed/patched to execute specialized functions to profile and correct for such mechanisms. We believe this direction is very promising, and several works have explored online profiling mechanisms for fixing retention errors [114]–[117], [194], [201], reducing latency [149], and reducing energy consumption [58]. These works provide examples of how an intelligent memory controller can alleviate the retention failures, and thus the DRAM refresh problem [158], [159], as well as the DRAM latency problem [145], [146].

## C. Circuit-Level Studies of RowHammer

A very recent work [252] presents evidence via 3-D CAD simulations with single charge traps, that the RowHammer effect is governed by the charge pumping process. The RowHammer effect is exacerbated when charge is captured around an aggressor wordline and carriers migrate to victim wordlines. The authors also find that feature size scaling aggravates the RowHammer effect, which could make it more difficult to mitigate in future DRAM generations.

Yun *et al.* [255] provided a study of the effects of irradiating DRAM on the RowHammer phenomenon, with two major findings. First, the study finds that irradiating DRAM with gamma rays increases the number of DRAM rows that are vulnerable to RowHammer. Second, the authors correlated the cells that are vulnerable to RowHammer with those that have low data retention times and they found almost no correlation, corroborating the results of our ISCA 2014 paper.

Lim *et al.* [155] also irradiated DRAM with gamma rays, which results in cells with lower data retention times and cells with a higher susceptibility to RowHammer failures. The authors then performed *temperature annealing* (i.e., a method for baking DRAM at a high temperature to "repair" retentionweak cells) on the DRAM devices and found that cells that experience a higher susceptibility to RowHammer after irradiation maintain the higher susceptibility to RowHammer even after temperature annealing.

Ryu *et al.* [208] presented evidence that hydrogen (H2) annealing of cell-transistors during the dry etch process shows a reduction in interface trap density. Since the RowHammer failure is mainly caused by the traps in the interface (according to the authors' hypotheses), the authors show that this technique can help to improve DRAM reliability against crosstalk and thus alleviate RowHammer attacks.

Park et al. [190], [191] experimentally tested DDR3 devices for RowHammer susceptibility, showed statistical distributions of RowHammer failures across many devices, and presented evidence that the root cause of the RowHammer phenomenon is charge recombination of the victim cell with electrons from the current channels between neighboring cells and their corresponding bitlines.

#### D. Other Works Exploiting RowHammer

There are other papers that build upon RowHammer but do not necessarily show a RowHammer attack or defense. One work shows that the RowHammer phenomenon can be used as a security primitive. Schaller et al. [210] showed that RowHammer can be used as an effective physical unclonable function (PUF), a function that generates unique identifiers (i.e., fingerprints) of a device based on the unique properties of the device due to manufacturing variation. The authors experimentally showed that by reserving a region of memory and inducing RowHammer failures in each of the rows of the region, they can generate bit flips in the region whose locations are unique to the device and can be used to identify the device. A more recent work [256] presents an attack on the RowHammer-based PUF [210] by effectively showing that hammering on rows surrounding the region reserved by the RowHammer-based PUF causes the rows at the edges of the reserved DRAM region to have an increased number of bit flips. This results in a modification of the resulting fingerprint, which then results in an unidentifiable device.

## E. Platforms for Studying RowHammer

Many prior works present ways to make studying RowHammer easier. Reference [74] describes their Raspberry Pi operating system for exploring memory concepts simply due to a direct linear mapping between virtual addressses to physical addresses. This mitigates the difficulty of determining which DRAM rows are physically adjacent. SoftMC [98], [223] is an FPGA-based memory controller implementation that enables testing custom DRAM timing parameter values with direct access to DRAM physical addresses. Drammer [70], [71] is an open-source Android application that tests mobile devices for vulnerability to the RowHammer exploit and gathers data from users to determine how widespread the RowHammer vulnerability is across many generations of mobile devices. MemTest86 [192] is software that tests DRAM for many types of reliability issues. As described above, after our original ISCA 2014 paper, MemTest86 developers added RowHammer testing to their suite, which enables users to test their system for the RowHammer vulnerability. References [31], [106], and [188] provide methods for reverse engineering DRAM address mapping such that attackers can determine the two rows that surround a victim row and hammer the victim row more effectively for causing RowHammer failures. Vila et al. [242] provided an algorithm for determining the eviction set of cache lines in linear time such that an attacker can maximize accesses to DRAM even when caching is unavoidable. Aichinger [17] repurposed a DDR protocol analyzer with a DIMM interposer to count the activations to each row within a 64-ms interval to detect whether RowHammer occurs in any application.

## F. Media References to RowHammer

Our ISCA 2014 work also turned RowHammer into a popular phenomenon (e.g., [1], [2], [16], [39], [65], [83]–[85], [94], [104], [118], [138], [140], [185]–[187], [192], [209], [214], [237], [238], and [244]), which, in turn, has helped make hardware security even more "mainstream" in popular media and the broader security community. It showed that hardware reliability problems can be very serious security threats that

have to be defended against. A well-read article from the Wired magazine, all about RowHammer, is entitled "Forget Software—Now Hackers are Exploiting Physics!" [86], indicating the shift of mindset toward very low-level hardware security vulnerabilities in the popular mainstream security community. Many other popular articles in press have been written about RowHammer, many of which pointing to our ISCA 2014 work [132] as the first demonstration and scientific analysis of the RowHammer problem. Showing that hardware reliability problems can be serious security threats and pulling them to the popular discussion space, and thus influencing the mainstream discourse, creates a very long term impact for the RowHammer problem and thus our original ISCA 2014 paper.

#### G. Persistence of RowHammer Failures in Modern DRAM

Unfortunately, despite the many proposals in industry and academia to fix the RowHammer issue, RowHammer failures still seem to be observable in state-of-the-art DRAM devices in a variety of generations and standards (e.g., DDR4 [12], [17], [140], [196], ECC DRAM [66], LPDDR3, and LPDDR2 DRAM [239]). This persisting phenomenon suggests that the security vulnerabilities might continue in the current generation of DRAM chips as well. As such, it is critical to continue to investigate solutions to the RowHammer vulnerability.

#### H. RowHammer in Broader Context

Springing off from the stir created by RowHammer, we take a step back and argue that there is little that is surprising about the fact that we are seeing disturbance errors in the heavily scaled DRAM chips of today. Disturbance errors are a general class of reliability problems that is present in not only DRAM, but also other memory and storage technologies. All scaled memory technologies, including SRAM [62], [93], [120], flash [42], [45], [46], [50]–[53], [67], [165], [166], [169], [212], and hard disk drives [109], [232], [247], exhibit such disturbance problems. In fact, two of our works experimentally examine read disturb errors in flash memory.

- Our original work in DATE 2012 [42] that provides a rigorous experimental study of error patterns in modern MLC NAND flash memory chips demonstrates the importance of read disturb error patterns.
- 2) Our recent work at DSN 2015 [51] experimentally characterizes the read disturb errors in flash memory, shows that the problem is widespread in recent flash memory chips, and develops mechanisms to correct such errors in the flash memory controller.

Even though the mechanisms that cause the bit flips are different in different technologies, the high-level root cause of the problem, *cell-to-cell interference*, due to the fact that the memory cells are too close to each other, is a fundamental issue that appears and will likely continue to appear in any technology that scales down to small enough technology nodes [53], [252]. Thus, we should expect such problems to continue as we scale any memory technology, including emerging ones, to higher densities.

What sets DRAM disturbance errors apart from other technologies' disturbance errors is that: 1) DRAM is exposed to the user-level programs and manipulated directly by a program's load and store instructions (which we do not anticipate to

change any time soon, since direct data manipulation in main memory is a fundamental component of programming languages and systems) and 2) in modern DRAM, as opposed to other technologies, strong error correction mechanisms are *not* commonly employed (either in the memory controller or the memory chip). The success of DRAM scaling until recently has not relied on a memory controller that corrects errors (other than performing periodic refresh and more recently employing very simple single-ECCs [9], [112], [183], [184], [189], [193]). Instead, DRAM chips were implicitly assumed to be error-free and did *not* require the help of the controller to operate correctly. Thus, such errors were perhaps not as easily anticipated and corrected within the context of DRAM. In contrast, the success of other technologies, e.g., flash memory and hard disks, has heavily relied on the existence of an intelligent controller that plays a key role in correcting errors and making up for reliability problems of the memory chips themselves [52]. This has not only enabled the correct operation of assumed-faulty memory chips but also enabled a mindset where the controllers are co-designed with the chips themselves, covering up the memory technology's deficiencies and hence perhaps enabling better anticipation of errors with technology scaling. This approach is very prominent in modern solid-state drives (SSDs), for example, where the flash memory controller employs a wide variety of error mitigation and correction mechanisms [42]–[48], [50]–[53], [164], including not only sophisticated strong ECC mechanisms but also targeted voltage optimization, retention mitigation and disturbance mitigation techniques. We believe changing the mindset in modern DRAM to a similar mindset of assumed-faulty memory chip and an intelligent memory controller that makes it operate correctly cannot only enable better anticipation and correction of future issues like RowHammer but also better scaling of DRAM into future technology nodes [173].

#### IV. ONGOING AND FUTURE WORK

We believe there is a lot more research to come that will build on RowHammer, from at least three perspectives: 1) the security attack perspective; 2) the defense/mitigation perspective; and 3) a broader understanding, modeling, and prevention perspective.

As systems security researchers understand more about RowHammer, and as the RowHammer phenomenon continues to fundamentally affect memory chips due to technology scaling problems [174], researchers and practitioners will develop different types of attacks to exploit RowHammer in various contexts and in many more creative ways. RowHammer is a critical problem that manifests in the difficulties in DRAM scaling and is expected to only become worse in the future [175], [180], [181]. As we discussed, some recent reports suggest that new-generation DRAM chips are vulnerable to RowHammer (e.g., DDR4 [12], [17], [140], [196], ECC [66], [132], and LPDDR3 and LPDDR2 [239]). This indicates that effectively mitigating the RowHammer problem with low overhead is difficult and becomes more difficult as process technology scales further. Even with the wide array of works that build on top of RowHammer, we believe that these papers have yet to scratch the surface of this field of reliability and security, especially as manufacturing technology scaling continues in all technologies. It is critical to deeply understand

the underlying factors of the RowHammer problem (and more generally the crosstalk problem) such that we can effectively prevent these issues across all technologies with minimal overhead. As DRAM cells become even smaller and less reliable, it is likely for them to become even more vulnerable to complicated and different modes of failure that are sensitized only under specific access-patterns and/or data-patterns. As a scalable solution for the future, our ISCA 2014 paper argues for adopting a system-level approach [173] to DRAM reliability and security, in which the DRAM chips, the memory controller, and perhaps the operating system collaborate together to diagnose/treat emerging DRAM failure modes.

We believe that more and more researchers will focus on providing security in all aspects of computing so that such hardware faults that are exposed to the software (and thus the public) are minimized. RowHammer enabled a shift of mindset among mainstream security researchers: generalpurpose hardware is fallible (in a very widespread manner) and its problems are actually exploitable. This shift of mindset enabled many systems security researchers to examine hardware in more depth and understand its inner workings and vulnerabilities better. We believe it is no coincidence that two of the groups that concurrently discovered the heavily publicized Meltdown [157] and Spectre [135] vulnerabilities (Google Project Zero and TU Graz InfoSec) have heavily worked on RowHammer attacks before. We believe this shift in mindset, enabled in good part by the existence and prevalence of RowHammer, will continue to be very be important for discovering and solving other potential vulnerabilities that may rise as a result of both technology scaling and hardware design.

#### A. Other Potential Vulnerabilities

We believe that, as memory technologies scale to higher densities, other problems may start appearing (or may already be going unnoticed) that can potentially threaten the foundations of secure systems. There have been recent large-scale field studies of memory errors showing that both DRAM and NAND flash memory technologies are becoming less reliable [42], [50], [52], [53], [165], [166], [169], [170], [173], [174], [181], [194], [212], [225]–[227]. As detailed experimental analyses of real DRAM and NAND flash chips show, both technologies are becoming much more vulnerable to cellto-cell interference effects [42], [45]-[48], [51]-[53], [132], [164], [173], [174], [176], [181], data retention is becoming significantly more difficult in both technologies [42]–[44], [46], [50], [52], [53], [59], [112], [114]–[116], [158], [159], [162], [165]–[167], [173], [176], [181], [201], and error variation within and across chip, and across operating conditions, is increasingly prominent [42], [46], [55], [57], [124]–[126], [146], [149], [159]. Emerging memory technologies [168], [173], such as phase-change memory [141]–[143], [200], [202], [204], [245], [253], [254], [259], STT-MRAM [61], [137], and RRAM/ReRAM/memristors [246] are likely to exhibit similar and perhaps even more exacerbated reliability issues. We believe, if not carefully accounted for and corrected, these reliability problems may surface as security problems as well, as in the case of RowHammer, especially if the technology is employed as part of the main memory system that is directly exposed to user-level programs.

We briefly examine two example potential vulnerabilities. We believe future work examining these vulnerabilities, among others, are promising for both fixing the vulnerabilities and enabling the effective scaling of memory technology.

1) Data Retention Failures: Data retention is a fundamental reliability problem, and hence a potential vulnerability, in especially charge-based memories like DRAM and flash memory. This is because charge leaks out of the charge storage unit (e.g., the DRAM capacitor or the NAND flash floating gate) over time. As such memories become denser, three major trends make data retention more difficult [50], [112], [158], [159]. First, the number of memory cells increases, leading to the need for more refresh operations to maintain data correctly. Second, the charge storage unit (e.g., the DRAM capacitor) becomes smaller and/or morphs in structure, leading to potentially lower retention times. Third, the voltage margins that separate one data value from another become smaller (e.g., the same voltage window gets divided into more "states" in NAND flash memory, to store more bits per cell), and, as a result, the same amount of charge loss is more likely to cause a bit error in a smaller technology node than in a larger one.

a) DRAM data retention issues: Data retention issues in DRAM are a fundamental scaling limiter of the DRAM technology [112], [159], [173]. We have shown, in recent works based on rigorous experimental analyses of modern DRAM chips [114], [116], [117], [159], [194], [201], that determining the minimum retention time of a DRAM cell is getting significantly more difficult. Thus, determining the correct rate at which to refresh DRAM cells has become more difficult, as also indicated by industry [112]. This is due to two major phenomena, both of which get worse (i.e., become more prominent) with technology scaling. First, DPD: the retention time of a DRAM cell is heavily dependent on the data pattern stored in itself and in the neighboring cells [159]. Second, variable retention time (VRT): the retention time of some DRAM cells can change drastically over time, due to a memoryless random process that results in very fast charge loss via a phenomenon called trap-assisted gate-induced drain leakage [159], [207], [251]. These phenomena greatly complicate the accurate determination of minimum data retention time of DRAM cells. In fact, VRT, as far as we know, is very difficult to test for because there seems to be no way of determining that a cell exhibits VRT until that cell is observed to exhibit VRT and the time scale of a cell exhibiting VRT does not seem to be bounded, given the current experimental data [114], [159], [194], [201]. As a result, some retention errors can easily slip into the field because of the difficulty of the retention time testing. Therefore, data retention in DRAM is a vulnerability that can greatly affect both reliability and security of current and future DRAM generations. We encourage future work to investigate this area further, from both reliability and security, as well as performance and energy efficiency perspectives. Various works in this area provide insights about the retention time properties of modern DRAM devices based on experimental data [98], [114], [116], [117], [159], [194], [201], develop infrastructures to obtain valuable experimental data [98], and provide potential solutions to the DRAM retention time problem [59], [114]–[117], [158], [159], [194], [201], all of which the future works can build on.

Note that data retention failures in DRAM are likely to be investigated heavily to ensure good performance and energy efficiency. And, in fact they already are being investigated for this purpose (see [59], [114]–[117], [158], [194], [201]). We believe it is important for such investigations to ensure no new vulnerabilities (e.g., side channels) open up due to the solutions developed.

b) NAND flash data retention issues: Experimental analysis of modern flash memory devices show that the dominant source of errors in flash memory are data retention errors [42], [52]. As a flash cell wears out, its charge retention capability degrades [42], [50], [52], [53], [165], [166], [169], [212] and the cell becomes leakier. As a result, to maintain the original data stored in the cell, the cell needs to be refreshed [43], [44]. The frequency of refresh increases as wearout of the cell increases. We have shown that performing refresh in an adaptive manner greatly improves the lifetime of modern multilevel cell (MLC) NAND flash memory while causing little energy and performance overheads [43], [44]. Most high-end SSDs today employ such adaptive refresh mechanisms.

As flash memory scales to smaller manufacturing technology nodes and even more bits per cell, data retention becomes a bigger problem. As such, it is critical to understand the issues with data retention in flash memory. Our recent work provides detailed experimental analysis of data retention behavior of planar and 3-D MLC NAND flash memory [50], [52], [53], [165], [166]. We show, among other things, that there is a wide variation in the leakiness of different flash cells: some cells leak very fast, some cells leak very slowly. This variation leads to new opportunities for correctly recovering data from a flash device that has experienced an uncorrectable error: by identifying which cells are fast-leaking and which cells are slow-leaking, one can probabilistically estimate the original values of the cells before the uncorrectable error occurred. This mechanism, called retention failure recovery, leads to significant reductions in bit error rate in modern MLC NAND flash memory [50], [52], [53] and is thus very promising. Unfortunately, it also points to a potential security and privacy vulnerability: by analyzing data and cell properties of a failed device, one can potentially recover the original data. We believe such vulnerabilities can become more common in the future and therefore they need to be anticipated, investigated, and understood.

2) Other Vulnerabilities in NAND Flash Memory: We believe other sources of error (e.g., cell-to-cell interference) and cell-to-cell variation in flash memory can also lead various vulnerabilities. For example, another type of variation (that is similar to the variation in cell leakiness that we described above) exists in the vulnerability of flash memory cells to read disturbance [51]: some cells are much more prone to read disturb effects than others. This wide variation among cells enables one to probabilistically estimate the original values of cells in flash memory after an uncorrectable error has occurred. Similarly, one can probabilistically correct the values of cells in a page by knowing the values of cells in the neighboring page [47]. These mechanisms [47], [51] are devised to improve flash memory reliability and lifetime, but the same phenomena that make them effective in doing so can also lead to potential vulnerabilities, which we believe are worthy of investigation to ensure security and privacy of data in flash memories.

As an example, we have recently shown [48] that it is theoretically possible to exploit vulnerabilities in flash memory programming operations on existing SSDs to cause (malicious) data corruption. This particular vulnerability is caused by the two-step programming method employed in dense flash memory devices, e.g., MLC NAND flash memory. An MLC device partitions the threshold voltage range of a flash cell into four distributions. In order to reduce the number of errors introduced during programming of a cell, flash manufacturers adopt a two-step programming method, where the least significant bit of the cell is partially programmed first to some intermediate threshold voltage, and the most significant bit is programmed later to bring the cell up to its full threshold voltage. We find that two-step programming exposes new vulnerabilities, as both cell-to-cell program interference and read disturbance can disrupt the intermediate value stored within a MLC before the second programming step completes. We show that it is possible to exploit these vulnerabilities on existing SSDs to alter the partially programmed data, causing (malicious) data corruption. We experimentally characterize the extent of these vulnerabilities using contemporary 1X-nm (i.e., 15-19 nm) flash chips [48]. Building on our experimental observations, we propose several new mechanisms for MLC NAND flash that eliminate or mitigate disruptions to intermediate values, removing or reducing the extent of the vulnerabilities, mitigating potential exploits, and increasing flash lifetime by 16% [48]. We believe investigation of such vulnerabilities in flash memory will lead to more robust flash memory devices in terms of both reliability and security, as well as performance. In fact, a recent work from IBM builds on our work [48] to devise a security attack at the file system level [139].

#### B. Prevention

Various reliability problems experienced by scaled memory technologies, if not carefully anticipated, accounted for, and corrected, may surface as security problems as well, as in the case of RowHammer. We believe it is critical to develop principled methods to understand, anticipate, and prevent such vulnerabilities. In particular, principled methods are required for three major steps in the design process.

First, it is critical to understand the potential failure mechanisms and anticipate them beforehand. To this end, developing solid methodologies for failure modeling and prediction is critical. To develop such methodologies, it is essential to have real experimental data from past and present devices. Data available both at the small scale (i.e., data obtained via controlled testing of individual devices, as in, e.g., [42]–[53], [57], [114], [124]–[126], [146], [159], [164]–[166], [193], and [194]) as well as at the large scale (i.e., data obtained during in-the-field operation of the devices, under likely uncontrolled conditions, as in, e.g., [169] and [170]) can enable accurate models for failures, which could aid many purposes, including the development of better reliability mechanisms and prediction of problems before they occur.

Second, it is critical to develop principled architectural methods that can avoid, tolerate, or prevent such failure mechanisms that can lead to vulnerabilities. For this, we advocate co-architecting of the system and the memory together, as we described earlier. Designing intelligent, flexible, configurable, programmable, and patch-able memory controllers that can understand and correct existing and potential failure mechanisms can greatly alleviate the impact of failure mechanisms on reliability, security, performance, and energy efficiency. A system-memory co-design approach can also enable new opportunities, like performing effective processing near or in the memory device (e.g., [13]-[15], [18], [22], [24], [34]–[36], [56], [63], [72], [77], [78], [80], [91], [92], [95], [96], [99], [101], [102], [111], [121]–[123], [151], [153], [154], [160], [161], [172], [178], [179], [182], [195], [198], [215]–[219], [221], [222], [228], [257], and [260]). In addition to designing the memory device together with the controller, we believe it is important to investigate mechanisms for good partitioning of duties across the various levels of transformation in computing, including system software, compilers, and application software.

Third, it is critical to develop principled methods for electronic design, automation, and testing, which are in harmony with the failure modeling/prediction and system reliability methods, which we mentioned in the above two paragraphs. Design, automation, and testing methods need to provide high and predictable coverage of failures and work in conjunction with architectural and across-stack mechanisms. For example, enabling effective and low-cost *online profiling of DRAM* [114]–[116], [149], [159], [194], [201] in a principled manner requires cooperation of failure modeling mechanisms, architectural methods, and design, automation, and testing methods.

## V. Conclusion

We provided a retrospective on the RowHammer problem and our original ISCA 2014 paper [132] that introduced the problem, and a survey of many flourishing works that have built on RowHammer. It is clear that the reliability of memory technologies we greatly depend on is reducing, as these technologies continue to scale to ever smaller technology nodes in pursuit of higher densities. These reliability problems, if not anticipated and corrected, can also open up serious security vulnerabilities, which can be very difficult to defend against, if they are discovered in the field. RowHammer is an example, likely the first one, of a hardware failure mechanism that causes a practical and widespread system security vulnerability. As such, its implications on system security research are tremendous and exciting. We hope the summary, retrospective, and commentary we provide in this paper on the RowHammer phenomenon are useful for understanding the RowHammer problem, its context, mitigation mechanisms, and the large body of work that has built on it in the past five years.

We believe that the need to prevent such reliability and security vulnerabilities at heavily scaled memory technologies opens up new avenues for principled approaches to: 1) understanding, modeling, and prediction of failures and vulnerabilities and 2) architectural as well as design, automation, and testing methods for ensuring reliable and secure operation. We believe the future is very bright for research in reliable and secure memory systems, and many discoveries abound in the exciting yet complex intersection of reliability and security issues in such systems.

## ACKNOWLEDGMENTS

This paper is based on two previous papers the authors have written on RowHammer, one that first scientifically introduced and analyzed the phenomenon in ISCA 2014 [132] and the other that provided an analysis and future outlook on RowHammer [174]. This paper is a result of the research done together with many students and collaborators over the course of the past eight years. In particular, three Ph.D. theses have shaped the understanding that led to this paper. These are Yoongu Kim's thesis entitled "Architectural Techniques to Enhance DRAM Scaling" [131], Yu Cai's thesis entitled "NAND Flash Memory: Characterization, Analysis, Modeling and Mechanisms" [49] and his continued followon work after his thesis, summarized in [52] and [53], and Donghyuk Lee's thesis entitled "Reducing DRAM Latency at Low Cost by Exploiting Heterogeneity" [144]. They also acknowledge various funding agencies (NSF, SRC, Intel Science and Technology Center for Cloud Computing, CyLab) and industrial partners (AliBaba, AMD, Google, Facebook, HP Labs, Huawei, IBM, Intel, Microsoft, Nvidia, Oracle, Qualcomm, Rambus, Samsung, Seagate, VMware) who have supported the presented and other related work in our group generously over the years. The first version of the talk associated with this paper was delivered at a CMU CyLab Partners Conference in September 2015. Other versions of the talk were delivered as part of an Invited Session at DAC 2016, with a collaborative accompanying paper entitled "Who Is the Major Threat to Tomorrow's Security? You, the Hardware Designer" [41], at DATE 2017 [174], and at the Top Picks in Hardware and Embedded Security workshop, co-located with ICCAD 2018 [11], where RowHammer was selected as a Top Pick among hardware and embedded security papers published between 2012 and 2017. The most recent version of the associated talk was delivered at COSADE 2019 [177].

## REFERENCES

- [1] RowHammer Discussion Group. Accessed: Apr. 20, 2019. [Online].
   Available: https://groups.google.com/forum/#!forum/rowhammer-discuss
- [2] RowHammer on Twitter. Accessed: Apr. 20, 2019. [Online]. Available: https://twitter.com/search?q=rowhammer
- [3] RowHammer: Source Code for Testing the Row Hammer Error Mechanism in DRAM Devices. Accessed: Apr. 20, 2019. [Online]. Available: https://github.com/CMU-SAFARI/rowhammer
- [4] Test DRAM for Bit Flips Caused by the RowHammer Problem. Accessed: Apr. 20, 2019. [Online]. Available: https://github.com/google/rowhammer-test
- [5] Tweet About RowHammer Mitigation on x210. Accessed: Apr. 20, 2019. [Online]. Available: https://twitter.com/isislovecruft/ status/1021939922754723841
- [6] (2009). RDMA Consortium. [Online]. Available: http://www.rdmaconsortium.org
- [7] (2012). Hybrid Memory Consortium. [Online]. Available: http://www.hybridmemorycube.org
- [8] (2017). apt-get Linux Man Page. [Online]. Available: https://linux.die.net/man/8/apt-get
- [9] "ECC brings reliability and power efficiency to mobile devices," Micron Technol. Inc., Boise, ID, USA, Rep., 2017. [Online]. Available: https://www.micron.com/~/media/documents/products/whitepaper/ecc\_for\_mobile\_devices\_white\_paper.pdf
- [10] (2017). OpenSSH. https://www.openssh.com/
- [11] (2017). Top Picks in Hardware and Embedded Security— Workshop Collocated With ICCAD 2018. [Online]. Available: https://wp.nyu.edu/toppicksinhardwaresecurity/

- [12] M. T. Aga, Z. B. Aweke, and T. Austin, "When good protections go bad: Exploiting anti-DoS measures to accelerate RowHammer attacks," in *Proc. HOST*, 2017, pp. 8–13.
- [13] S. Aga et al., "Compute caches," in Proc. HPCA, Austin, TX, USA, 2017, pp. 481–492.
- [14] J. Ahn, S. Hong, S. Yoo, O. Mutlu, and K. Choi, "A scalable processing-in-memory accelerator for parallel graph processing," in *Proc. ISCA*, Portland, OR, USA, 2015, pp. 105–117.
- [15] J. Ahn, S. Yoo, O. Mutlu, and K. Choi, "PIM-enabled instructions: A low-overhead, locality-aware processing-in-memory architecture," in *Proc. ISCA*, Portland, OR, USA, 2015, pp. 336–348.
- [16] B. Aichinger. (Sep. 2014). The Known Failure Mechanism in DDR3 Memory Referred to as Row Hammer. [Online]. Available: http://ddrdetective.com/files/6414/1036/5710/The\_ Known\_Failure\_Mechanism\_in\_DDR3\_memory\_referred\_to\_as\_Row\_ Hammer.pdf
- [17] B. Aichinger, "DDR memory errors caused by row hammer," in *Proc. HPEC*, Waltham, MA, USA, 2015, pp. 1–5.
- [18] B. Akin, F. Franchetti, and J. C. Hoe, "Data reorganization in memory using 3D-stacked DRAM," in *Proc. ISCA*, Portland, OR, USA, 2015, pp. 131–143.
- [19] Z. Al-Ars, S. Hamdioui, A. Van De Goor, G. Gaydadjiev, and J. Vollrath, "DRAM-specific space of memory tests," in *Proc. ITC*, Santa Clara, CA, USA, 2006, pp. 1–10.
- [20] Z. Al-Ars, "DRAM fault analysis and test generation," Ph.D. dissertation, Elect. Eng. Math. Comput. Sci., TU Delft, Delft, The Netherlands, 2005.
- [21] About the Security Content of Mac EFI Security Update 2015-001, Apple Inc., Cupertino, CA, USA, Jun. 2015. [Online]. Available: https://support.apple.com/en-us/HT204934
- [22] H. Asghari-Moghaddam, Y. H. Son, J. H. Ahn, and N. S. Kim, "Chameleon: Versatile and practical near-DRAM acceleration architecture for large memory systems," in *Proc. MICRO*, Taipei, Taiwan, 2016, pp. 1–13.
- [23] Z. B. Aweke *et al.*, "ANVIL: Software-based protection against next-generation RowHammer attacks," in *Proc. ASPLOS*, Atlanta, GA, USA, 2016, pp. 743–755.
- [24] O. O. Babarinsa and S. Idreos, "JAFAR: Near-data processing for databases," in *Proc. SIGMOD*, Melbourne, VIC, Australia, 2015, pp. 2069–2070.
- [25] K. S. Bains et al., "Row hammer refresh command," U.S. Patent Appl. 14/068 677, Feb. 27, 2014.
- [26] K. S. Bains, J. B. Halbert, S. Sah, and Z. Greenfield, "Method, apparatus and system for providing a memory refresh," U.S. Patent Appl. 13/625741, Mar. 27, 2014.
- [27] K. S. Bains J. B. Halbert, C. P. Mozak, T. Z. Schoenborn, and Z. Greenfield, "Row hammer refresh command," U.S. Patent Appl. 13/539 415, Jan. 2, 2014.
- [28] K. Bains and J. Halbert, "Distributed row hammer tracking," U.S. Patent Appl. 13/631781, Apr. 3, 2014.
- [29] K. Bains *et al.*, "Row hammer refresh command," U.S. Patent 9 117 544 B2, 2015.
- [30] K. S. Bains and J. B. Halbert, "Row hammer monitoring based on stored row hammer threshold value," U.S. Patent 9 032 141, May 12, 2015.
- [31] A. Barenghi, L. Breveglieri, N. Izzo, and G. Pelosi, "Software-only reverse engineering of physical DRAM mappings for RowHammer attacks," in *Proc. IVSW*, 2018, pp. 19–24.
- [32] S. Bhattacharya and D. Mukhopadhyay, "Curious case of RowHammer: Flipping secret exponent bits using timing analysis," in *Proc. CHES*, Santa Barbara, CA, USA, 2016, pp. 602–624.
- [33] S. Bhattacharya and D. Mukhopadhyay, "Advanced fault attacks in software: Exploiting the RowHammer bug," in Fault Tolerant Architectures for Cryptography and Hardware Security. Singapore: Springer, 2018.
- [34] A. Boroumand et al., "LazyPIM: An efficient cache coherence mechanism for processing-in-memory," *IEEE Comput. Archit. Lett.*, vol. 16, no. 1, pp. 46–50, Jan./Jun. 2017.
- [35] A. Boroumand et al., "Google workloads for consumer devices: Mitigating data movement bottlenecks," in Proc. ASPLOS, Williamsburg, VA, USA, 2018, pp. 316–331.
- [36] A. Boroumand et al., "CoNDA: Enabling efficient near-data accelerator communication by optimizing data movement," in Proc. ISCA, 2019.
- [37] E. Bosman, K. Razavi, H. Bos, and C. Giuffrida, "Dedup Est Machina: Memory deduplication as an advanced exploitation vector," in *Proc. S&P*, San Jose, CA, USA, 2016, pp. 987–1004.

- [38] F. Brasser, L. Davi, D. Gens, C. Liebchen, and A.-R. Sadeghi, "Can't touch this: Practical and generic software-only defenses against RowHammer attacks," in *Proc. USENIX Security*, 2017, pp. 117–130.
- [39] S. Brown. (Dec. 2018). Rowhammer: The Evolution of a New Generation of Attacks. [Online]. Available: https://cyware.com/news/ rowhammer-the-evolution-of-a-new-generation-of-attacks-7baa0a3c
- [40] L. Bu, J. Dofe, Q. Yu, and M. A. Kinsy, "SRASA: A generalized theoretical framework for security and reliability analysis in computing systems," *J. Hardw. Syst. Security*, pp. 1–19, Sep. 2018.
- [41] W. Burleson, O. Mutlu, and M. Tiwari, "Who is the major threat to tomorrow's security? You, the hardware designer," in *Proc. DAC*, Austin, TX, USA, 2016, pp. 1–5.
- [42] Y. Cai, E. F. Haratsch, O. Mutlu, and K. Mai, "Error patterns in MLC NAND flash memory: Measurement, characterization, and analysis," in *Proc. DATE*, Dresden, Germany, 2012, pp. 521–526.
- [43] Y. Cai et al., "Flash correct-and-refresh: Retention-aware error management for increased flash memory lifetime," in *Proc. ICCD*, Montreal, QC, Canada, 2012, pp. 94–101.
- [44] Y. Cai et al., "Error analysis and retention-aware error management for NAND flash memory," *Intel Technol. J.*, vol. 17, no. 1, pp. 140–164, 2013.
- [45] Y. Cai, O. Mutlu, E. F. Haratsch, and K. Mai "Program interference in MLC NAND flash memory: Characterization, modeling, and mitigation," in *Proc. ICCD*, Asheville, NC, USA, 2013, pp. 123–130.
- [46] Y. Cai, E. F. Haratsch, O. Mutlu, and K. Mai, "Threshold voltage distribution in MLC NAND flash memory: Characterization, analysis, and modeling," in *Proc. DATE*, Grenoble, France, 2013, pp. 1285–1290.
- [47] Y. Cai et al., "Neighbor-cell assisted error correction for MLC NAND flash memories," in *Proc. SIGMETRICS*, Austin, TX, USA, 2014, pp. 491–504.
- [48] Y. Cai et al., "Vulnerabilities in MLC NAND flash memory programming: Experimental analysis, exploits, and mitigation techniques," in Proc. HPCA, Austin, TX, USA, 2017, pp. 49–60.
- [49] Y. Cai, "NAND flash memory: Characterization, analysis, modeling and mechanisms," Ph.D. dissertation, Elect. Comput. Eng., Carnegie Mellon Univ., Pittsburgh, PA, USA, 2012.
- [50] Y. Cai, Y. Luo, E. F. Haratsch, K. Mai, and O. Mutlu, "Data retention in MLC NAND flash memory: Characterization, optimization, and recovery," in *Proc. HPCA*, Burlingame, CA, USA, 2015, pp. 551–563.
- [51] Y. Cai, Y. Luo, S. Ghose, and O. Mutlu, "Read disturb errors in MLC NAND flash memory: Characterization, mitigation, and recovery," in *Proc. DSN*, Rio de Janeiro, Brazil, 2015, pp. 438–449.
- [52] Y. Cai, S. Ghose, E. F. Haratsch, Y. Luo, and O. Mutlu, "Error characterization, mitigation, and recovery in flash-memory-based solid-state drives," *Proc. IEEE*, vol. 105, no. 9, pp. 1666–1704, Sep. 2017.
- [53] Y. Cai, S. Ghose, E. F. Haratsch, Y. Luo, and O. Mutlu, "Errors in flash-memory-based solid-state drives: Analysis, mitigation, and recovery," arXiv preprint arXiv:1711.11427, Nov. 2017.
- [54] S. Carre, M. Desjardins, A. Facon, and S. Guilley, "OpenSSL Bellcore's protection helps fault attack," in *Proc. DSD*, Prague, Czech Republic, 2018, pp. 500–507.
- [55] K. Chandrasekar et al., "Exploiting expendable process-margins in DRAMs for run-time performance optimization," in *Proc. DATE*, Dresden, Germany, 2014, pp. 1–6.
- [56] K. K. Chang et al., "Low-cost inter-linked subarrays (LISA): Enabling fast inter-subarray data movement in DRAM," in HPCA, Barcelona, Spain, 2016, pp. 568–580.
- [57] K. K. Chang et al., "Understanding latency variation in modern DRAM chips: Experimental characterization, analysis, and optimization," in Proc. SIGMETRICS, Antibes, France, 2016, pp. 323–336.
- [58] K. K. Chang et al., "Understanding reduced-voltage operation in modern DRAM devices: Experimental characterization, analysis, and mechanisms," in Proc. SIGMETRICS, Urbana, IL, USA, 2017, p. 52.
- [59] K. K.-W. Chang et al., "Improving DRAM performance by parallelizing refreshes with accesses," in Proc. HPCA, Orlando, FL, USA, 2014, pp. 356–367.
- [60] M. C.-T. Chao, H.-Y. Yang, R.-F. Huang, S.-C. Lin, and C.-Y. Chin, "Fault models for embedded-DRAM macros," in *Proc. DAC*, San Francisco, CA, USA, 2009, pp. 714–719.
- [61] E. Chen et al., "Advances and future prospects of spin-transfer torque random access memory," *IEEE Trans. Magn.*, vol. 46, no. 6, pp. 1873–1878, Jun. 2010.
- [62] Q. Chen, H. Mahmoodi, S. Bhunia, and K. Roy, "Modeling and testing of SRAM for new failure mechanisms due to process variations in nanoscale CMOS," in *Proc. VTS*, Palm Springs, CA, USA, 2005, pp. 292–297.

- [63] P. Chi et al., "PRIME: A novel processing-in-memory architecture for neural network computation in ReRAM-based main memory," in Proc. ISCA, Seoul, South Korea, 2016, pp. 27–39.
- [64] P. C.-F. Chia, S.-J. Wen, and S. H. Baeg, "New DRAM HCI qualification method emphasizing on repeated memory access," in *Proc. Integr. Rel. Workshop*, 2010, pp. 142–144.
- [65] C. Cimpanu. (Nov. 2018). Rowhammer Attacks Can Now Bypass ECC Memory Protections. [Online]. Available: https:// www.zdnet.com/article/rowhammer-attacks-can-now-bypass-eccmemory-protections/
- [66] L. Cojocar et al., "Exploiting correcting codes: On the effectiveness of ECC memory against RowHammer attacks," in Proc. S&P, 2019.
- [67] J. Cooke, "The inconvenient truths of NAND flash memory," in Proc. Flash Memory Summit, 2007.
- [68] J.-L. Danger et al., "CCFI-cache: A transparent and flexible hardware protection for code and control-flow integrity," in *Proc. DSD*, Prague, Czech Republic, 2018, pp. 529–536.
- [69] A. Das, H. Hassan, and O. Mutlu, "VRL-DRAM: Improving DRAM performance via variable refresh latency," in *Proc. DAC*, San Francisco, CA, USA, 2018, pp. 1–6.
- [70] Drammer App Source Code. Accessed: Apr. 20, 2019. [Online]. Available: https://github.com/vusec/drammer-app
- [71] Drammer Source Code. Accessed: Apr. 20, 2019. [Online]. Available: https://github.com/vusec/drammer
- [72] A. Farmahini-Farahani, J. H. Ahn, K. Morrow, and N. S. Kim, "NDA: Near-DRAM acceleration architecture leveraging commodity DRAM devices and standard memory modules," in *Proc. HPCA*, Burlingame, CA, USA, 2015, pp. 283–295.
- [73] A. P. Fournaris, L. P. Fraile, and O. Koufopavlou, "Exploiting hardware vulnerabilities to attack embedded system devices: A survey of potent microarchitectural attacks," *Electronics*, vol. 6, no. 3, p. 52, 2017.
- [74] P. Francis-Mezger and V. M. Weaver, "A Raspberry Pi operating system for exploring advanced memory system concepts," in *Proc. Memsys*, Alexandria, VA, USA, 2018, pp. 354–364.
- [75] T. Fridley and O. Santos. (Mar. 2015). Mitigations Available for the DRAM Row Hammer Vulnerability. [Online]. Available: http://blogs.cisco.com/security/mitigations-available-for-the-dram-row-hammer-vulnerability
- [76] P. Frigo, C. Giuffrida, H. Bos, and K. Razavi, "Grand pwning unit: Accelerating microarchitectural attacks with the GPU," in *Proc. IEEE S&P*, San Francisco, CA, USA, 2018, pp. 195–210.
- [77] M. Gao, G. Ayers, and C. Kozyrakis, "Practical near-data processing for in-memory analytics frameworks," in *Proc. PACT*, San Francisco, CA, USA, 2015, pp. 113–124.
- [78] M. Gao and C. Kozyrakis, "HRL: Efficient and flexible reconfigurable logic for near-data processing," in *Proc. HPCA*, Barcelona, Spain, 2016, pp. 126–137.
- [79] S. Ghose et al., "What your DRAM power models are not telling you: Lessons from a detailed experimental study," in Proc. SIGMETRICS, Irvine, CA, USA, 2018, p. 110.
- [80] S. Ghose, K. Hsieh, A. Boroumand, R. Ausavarungnirun, and O. Mutlu, "The processing-in-memory paradigm: Mechanisms to enable adoption," in *Beyond-CMOS Technologies for Next Generation Computer Design*. Cham, Switzerland: Springer, 2019.
- [81] H. Gomez, A. Amaya, and E. Roa, "DRAM Row-Hammer attack reduction using dummy cells," in *Proc. NORCAS*, Copenhagen, Denmark, 2016, pp. 1–4.
- [82] S.-L. Gong, "Memory protection techniques for DRAM scalinginduced errors," Ph.D. dissertation, Elect. Comput. Eng., Univ. Texas at Austin, Austin, TX, USA, 2018.
- [83] D. Goodin. (2016). Cutting-Edge Hack Gives Super User Status by Exploiting DRAM Weakness. [Online]. Available: https:// arstechnica.com/information-technology/2015/03/cutting-edge-hackgives-super-user-status-by-exploiting-dram-weakness/
- [84] D. Goodin. (2016). Once Thought Safe, DDR4 Memory Shown to Be Vulnerable to Rowhammer. [Online]. Available: https:// arstechnica.com/information-technology/2016/03/once-thought-safeddr4-memory-shown-to-be-vulnerable-to-rowhammer/
- [85] D. Goodin. (2016). Using Rowhammer Bitflips to Root Android Phones Is Now a Thing. [Online]. Available: https://arstechnica.com/ information-technology/2016/10/using-rowhammer-bitflips-to-rootandroid-phones-is-now-a-thing/
- [86] A. Greenberg. (2016). Forget Software—Now Hackers Are Exploiting Physics. [Online]. Available: https://www.wired.com/2016/08/new-form-hacking-breaks-ideas-computers-work/

- [87] Z. Greenfield, J. B. Halbert, and K. S. Bains, "Method, apparatus and system for determining a count of accesses to a row of memory," U.S. Patent Appl. 13/626479, Mar. 27, 2014.
- [88] Z. Greenfield et al., "Row hammer condition monitoring," U.S. Patent Appl. 13/539 417, Jan. 2, 2014.
- [89] D. Gruss et al., "Another flip in the wall of RowHammer defenses," in Proc. IEEE S&P, San Francisco, CA, USA, 2018, pp. 245–261.
- [90] D. Gruss, C. Maurice, and S. Mangard, "Rowhammer.js: A remote software-induced fault attack in JavaScript," in *Proc. 13th Int. Conf. Detect. Intrusions Malware Vulnerability Assessment (DIMVA)*, vol. 9721, Jun. 2016, pp. 300–321.
- [91] B. Gu et al., "Biscuit: A framework for near-data processing of big data workloads," in Proc. ISCA, Seoul, South Korea, 2016, pp. 153–165.
- [92] Q. Guo et al., "3D-stacked memory-side acceleration: Accelerator and system design," in Proc. WoNDP, 2014.
- [93] Z. Guo et al., "Large-scale SRAM variability characterization in 45 nm CMOS," IEEE J. Solid-State Circuits, vol. 44, no. 11, pp. 3174–3192, Nov. 2009.
- [94] R. Harris. (Dec. 2014). Flipping DRAM Bits—Maliciously. [Online]. Available: http://www.zdnet.com/article/flipping-dram-bits-maliciously/
- [95] M. Hashemi, Khubaib, E. Ebrahimi, O. Mutlu, and Y. N. Patt, "Accelerating dependent cache misses with an enhanced memory controller," in *Proc. ISCA*, Seoul, South Korea, 2016, pp. 444–455.
- [96] M. Hashemi, O. Mutlu, and Y. N. Patt, "Continuous runahead: Transparent hardware acceleration for memory intensive workloads," in *Proc. MICRO*, Taipei, Taiwan, 2016, pp. 1–12.
- [97] H. Hassan et al., "ChargeCache: Reducing DRAM latency by exploiting row access locality," in Proc. HPCA, Barcelona, Spain, 2016, pp. 581–593.
- [98] H. Hassan *et al.*, "SoftMC: A flexible and practical open-source infrastructure for enabling experimental DRAM studies," in *Proc. HPCA*, Austin, TX, USA, 2017, pp. 241–252.
- [99] S. M. Hassan *et al.*, "Near data processing: Impact and optimization of 3D memory system architecture on the uncore," in *Proc. Memsys*, Washington, DC, USA, 2015, pp. 11–21.
- [100] Hewlett-Packard Enterprise. (2015). HP Moonshot Component Pack Version 2015.05.0. [Online]. Available: http://h17007.www1.hp.com/ us/en/enterprise/servers/products/moonshot/component-pack/index. aspx
- [101] K. Hsieh et al., "Accelerating pointer chasing in 3D-stacked memory: Challenges, mechanisms, evaluation," in Proc. ICCD, 2016, pp. 25–32.
- [102] K. Hsieh et al., "Transparent offloading and mapping (TOM): Enabling programmer-transparent near-data processing in GPU systems," in Proc. ISCA, 2016, pp. 204–216.
- [103] R.-F. Huang, H.-Y. Yang, M. C.-T. Chao, and S.-C. Lin, "Alternate hammering test for application-specific DRAMs and an industrial case study," in *Proc. DAC*, San Francisco, CA, USA, 2012, pp. 1012–1017.
- [104] I. Ilascu. (Nov. 2018). ECC Memory Vulnerable to RowHammer Attack. [Online]. Available: https://www.bleepingcomputer.com/ news/security/ecc-memory-vulnerable-to-rowhammer-attack/
- [105] G. Irazoqui et al., "MASCAT: Stopping microarchitectural attacks before execution," IACR Cryptol. ePrint Archive, vol. 2016, p. 1196, Jul. 2016.
- [106] N. Izzo, "Reliably achieving and efficiently preventing RowHammer attacks," Ph.D. dissertation, Dipartimento di Elettronica, Informazione e Bioingegneria, Politecnico Milano, Milan, Italy, 2017.
- [107] Y. Jang et al., "SGX-Bomb: Locking down the processor via RowHammer attack," in Proc. SysTEX, 2017, Art. no. 5.
- [108] JESD235 High Bandwidth Memory (HBM) DRAM, JEDEC, Arlington, VA, USA, 2013.
- [109] W. Jiang et al., "Cross-track noise profile measurement for adjacent-track interference study and write-current optimization in perpendicular recording," J. Appl. Phys., vol. 93, no. 10, pp. 6754–6756, 2003.
- [110] A. K. Jones, R. Melhem, and D. Kline, "Holistic energy efficient crosstalk mitigation in DRAM," in *Proc. IGSC*, 2017, pp. 1–6.
- [111] M. Kang, M.-S. Keel, N. R. Shanbhag, S. Eilert, and K. Curewitz, "An energy-efficient VLSI architecture for pattern recognition via deep embedding of computation in SRAM," in *Proc. ICASSP*, 2014, pp. 8376–8330.
- pp. 8326–8330.
  [112] U. Kang et al., Co-Architecting Controllers and DRAM to Enhance DRAM Process Scaling, vol. 14. Minneapolis, MN, USA: Memory Forum. 2014.
- [113] C. Keller, F. Gürkaynak, H. Kaeslin, and N. Felber, "Dynamic memory-based physically unclonable function for the generation of unique identifiers and true random numbers," in *Proc. ISCAS*, 2014, pp. 2740–2743.

- [114] S. Khan et al., "The efficacy of error mitigation techniques for DRAM retention failures: A comparative experimental study," in Proc. SIGMETRICS, 2014, pp. 519–532.
- [115] S. Khan, C. Wilkerson, D. Lee, A. R. Alameldeen, and O. Mutlu, "A case for memory content-based detection and mitigation of datadependent failures in DRAM," *IEEE Comput. Archit. Lett.*, vol. 16, no. 2, pp. 88–93, Jul./Dec. 2016.
- [116] S. Khan, D. Lee, and O. Mutlu, "PARBOR: An efficient system-level technique to detect data-dependent failures in DRAM," in *Proc. DSN*, 2016, pp. 239–250.
- [117] S. Khan et al., "Detecting and mitigating data-dependent DRAM failures by exploiting current memory content," in Proc. MICRO, Boston, MA, USA, 2017, pp. 27–40.
- [118] S. Khandelwal. (May 2018). Nethammer—Exploiting DRAM RowHammer Bug Through Network Requests. [Online]. Available: https://thehackernews.com/2018/05/remote-rowhammer-attack.html
- [119] D.-H. Kim, P. J. Nair, and M. K. Qureshi, "Architectural support for mitigating row hammering in DRAM memories," *IEEE Comput. Archit. Lett.*, vol. 14, no. 1, pp. 9–12, Jan./Jun. 2015.
- [120] D. Kim et al., "Variation-aware static and dynamic writability analysis for voltage-scaled bit-interleaved 8-T SRAMs," in Proc. ISLPED, 2011, pp. 145–150.
- [121] D. Kim, J. Kung, S. Chai, S. Yalamanchili, and S. Mukhopadhyay, "Neurocube: A programmable digital neuromorphic architecture with high-density 3D memory," in *Proc. ISCA*, Seoul, South Korea, 2016, pp. 380–392.
- [122] G. Kim et al., "Toward standardized near-data processing with unrestricted data placement for GPUs," in Proc. SC, 2017, pp. 1–12.
- [123] J. S. Kim et al., "GRIM-filter: Fast seed location filtering in DNA read mapping using processing-in-memory technologies," BMC Genomics, vol. 19, p. 89, May 2018.
- [124] J. Kim, M. Patel, H. Hassan, and O. Mutlu, "Solar-DRAM: Reducing DRAM access latency by exploiting the variation in local bitlines," in *Proc. ICCD*, 2018, pp. 282–291.
- [125] J. S. Kim, M. Patel, H. Hassan, and O. Mutlu, "The DRAM latency PUF: Quickly evaluating physical unclonable functions by exploiting the latency-reliability tradeoff in modern commodity DRAM devices," in *Proc. HPCA*, 2018, pp. 194–207.
- [126] J. S. Kim, M. Patel, H. Hassan, L. Orosa, and O. Mutlu, "D-RaNGe: Using commodity DRAM devices to generate true random numbers with low latency and high throughput," in *Proc. HPCA*, 2019, pp. 582–595.
- [127] M. Kim, J. Choi, H. Kim, and H.-J. Lee, "An effective DRAM address remapping for mitigating RowHammer errors," *IEEE Trans. Comput.*, to be published.
- [128] Y. Kim et al., "A case for subarray-level parallelism (SALP) in DRAM," in Proc. ISCA, 2012, pp. 368–379.
- [129] Y. Kim, W. Yang, and O. Mutlu, "Ramulator: A fast and extensible DRAM simulator," *IEEE Comput. Archit. Lett.*, vol. 15, no. 1, pp. 45–49, Jan./Jun. 2016.
- [130] Y. Kim et al., "RowHammer: Reliability analysis and security implications," arXiv preprint arXiv:1603.00747, Feb. 2016.
- [131] Y. Kim, "Architectural techniques to enhance DRAM scaling," Ph.D. dissertation, Elect. Comput. Eng., Carnegie Mellon Univ., Pittsburgh, PA, USA, 2015.
- [132] Y. Kim et al., "Flipping bits in memory without accessing them: An experimental study of DRAM disturbance errors," in Proc. ISCA, 2014, pp. 361–372.
- [133] D. Kline, R. Melhem, and A. K. Jones, "Sustainable fault management and error correction for next-generation main memories," in *Proc. IGSC*, Orlando, FL, USA, 2017, pp. 1–6.
- [134] K. C. Knowlton, "A fast storage allocator," Commun. ACM, vol. 8, no. 10, pp. 623–624, 1965.
- [135] P. Kocher et al., "Spectre attacks: Exploiting speculative execution," in Proc. S&P, 2018, pp. 19–37.
- [136] R. K. Konoth *et al.*, "ZebRAM: Comprehensive and compatible software protection against RowHammer attacks," in *Proc. OSDI*, 2018, pp. 697–710.
- [137] E. Kültürsay, M. Kandemir, A. Sivasubramaniam, and O. Mutlu, "Evaluating STT-RAM as an energy-efficient main memory alternative," in *Proc. ISPASS*, Austin, TX, USA, 2013, pp. 256–267.
- [138] M. Kumar. (May 2018). New RowHammer Attack Can Hijack Computers Remotely Over the Network. [Online]. Available: https://thehackernews.com/2018/05/rowhammer-attack-exploit.html
- [139] A. Kurmus et al., "From random block corruption to privilege escalation: A filesystem attack vector for RowHammer-like attacks," in Proc. WOOT, 2017.

- [140] M. Lanteigne. (Mar. 2016). How RowHammer Could Be Used to Exploit Weaknesses in Computer Hardware. [Online]. Available: http://www.thirdio.com/rowhammer.pdf
- [141] B. C. Lee, E. Ipek, O. Mutlu, and D. Burger, "Architecting phase change memory as a scalable DRAM alternative," in *Proc. ISCA*, 2009, pp. 2–13.
- [142] B. C. Lee, E. Ipek, O. Mutlu, and D. Burger, "Phase change memory architecture and the quest for scalability," *Commun. ACM*, vol 53, no. 7, pp. 99–106, 2010.
- [143] B. C. Lee *et al.*, "Phase change technology and the future of main memory," *IEEE Micro*, vol. 30, no. 1, p. 143, Jan./Feb. 2010.
- [144] D. Lee, "Reducing DRAM latency at low cost by exploiting heterogeneity," *arXiv preprint arXiv:1604.0804*, Apr. 2016.
- [145] D. Lee et al., "Tiered-latency DRAM: A low latency and low cost DRAM architecture," in Proc. HPCA, 2013, pp. 615–626.
- [146] D. Lee et al., "Adaptive-latency DRAM: Optimizing DRAM timing for the common-case," in Proc. HPCA, 2015, pp. 489–501.
- [147] D. Lee, L. Subramanian, R. Ausavarungnirun, J. Choi, and O. Mutlu, "Decoupled direct memory access: Isolating CPU and IO traffic by leveraging a dual-data-port DRAM," in *Proc. PACT*, San Francisco, CA, USA, 2015, pp. 174–187.
- [148] D. Lee, S. Ghose, G. Pekhimenko, S. Khan, and O. Mutlu, "Simultaneous multi-layer access: Improving 3D-stacked memory bandwidth at low cost," ACM Trans. Archit. Code Optim., vol. 12, no. 4, pp. 1–29, 2016.
- [149] D. Lee et al., "Design-induced latency variation in modern DRAM chips: Characterization, analysis, and latency reduction mechanisms," Proc. ACM Meas. Anal. Comput. Syst., vol. 1, no. 1, pp. 1–36, 2017.
- [150] E. Lee, S. Lee, G. E. Suh, and J. H. Ah, "TWiCe: Time window counter based row refresh to prevent row-hammering," *IEEE Comput. Archit. Lett.*, vol. 17, no. 1, pp. 96–99, Jan./Jun. 2018.
- [151] J. H. Lee, J. Sim, and H. Kim, "BSSync: Processing near memory for machine learning workloads with bounded staleness consistency models," in *Proc. PACT*, San Francisco, CA, USA, 2015, pp. 241–252.
- [152] Row Hammer Privilege Escalation, Lenovo, Hong Kong, Mar. 2015.
  [Online]. Available: https://support.lenovo.com/us/en/product\_security/row\_hammer
- [153] S. Li et al., "Drisa: A DRAM-based reconfigurable in-situ accelerator," in Proc. MICRO, 2017, pp. 288–301.
- [154] S. Li et al., "Pinatubo: A processing-in-memory architecture for bulk bitwise operations in emerging non-volatile memories," in *Proc. DAC*, Austin, TX, USA, 2016, pp. 1–6.
- [155] C. Lim, K. Park, and S. Baeg, "Active precharge hammering to monitor displacement damage using high-energy protons in 3x-nm SDRAM," *IEEE Trans. Nucl. Sci.*, vol. 64, no. 2, pp. 859–866, Feb. 2017.
- [156] M. Lipp et al. (2018). Nethammer: Inducing RowHammer Faults Through Network Requests. [Online]. Available: https://arxiv.org/abs/1805.04956
- [157] M. Lipp et al., "Meltdown: Reading kernel memory from user space," in Proc. USENIX Security, 2018, pp. 973–990.
- [158] J. Liu, B. Jaiyen, R. Veras, and O. Mutlu, "RAIDR: Retention-aware intelligent DRAM refresh," in *Proc. ISCA*, 2012, pp. 1–12.
- [159] J. Liu, B. Jaiyen, Y. Kim, C. Wilkerson, and O. Mutlu, "An experimental study of data retention behavior in modern DRAM devices: Implications for retention time profiling mechanisms," in *Proc. ISCA*, 2013, pp. 60–71.
- [160] Z. Liu, I. Calciu, M. Herlihy, and O. Mutlu, "Concurrent data structures for near-memory computing," in *Proc. SPAA*, 2017, pp. 235–245.
- [161] G. H. Loh et al., "A processing in memory taxonomy and a case for studying fixed-function PIM," in Proc. WoNDP, 2013.
- [162] Y. Luo, Y. Cai, S. Ghose, J. Choi, and O. Mutlu, "WARM: Improving NAND flash memory lifetime with write-hotness aware retention management," in *Proc. MSST*, Santa Clara, CA, USA, 2015, pp. 1–14.
- [163] Y. Luo et al., "Characterizing application memory error vulnerability to optimize data center cost via heterogeneous-reliability memory," in Proc. DSN, Atlanta, GA, USA, 2014, pp. 467–478.
- [164] Y. Luo, S. Ghose, Y. Cai, E. F. Haratsch, and O. Mutlu, "Enabling accurate and practical online flash channel modeling for modern MLC NAND flash memory," *IEEE J. Sel. Areas Commun.*, vol. 34, no. 9, pp. 2294–2311, Sep. 2016.
- [165] Y. Luo et al., "HeatWatch: Improving 3D NAND flash memory device reliability by exploiting self-recovery and temperature awareness," in Proc. HPCA, 2018, pp. 504–517.
- [166] Y. Luo, S. Ghose, Y. Cai, E. F. Haratsch, and O. Mutlu, "Improving 3D NAND flash memory lifetime by tolerating early retention loss and process variation," *Proc. ACM Meas. Anal. Comput. Syst.*, vol. 2, no. 3, pp. 1–48, 2018.

- [167] J. A. Mandelman *et al.*, "Challenges and future directions for the scaling of dynamic random-access memory (DRAM)," *IBM J. Res. Develop.*, vol. 46, nos. 2–3, pp. 187–212, Mar. 2002.
- [168] J. Meza et al., "A case for efficient hardware-software cooperative management of storage and memory," in Proc. WEED, 2013.
- [169] J. Meza et al., "A large-scale study of flash memory errors in the field," in Proc. SIGMETRICS, 2015, pp. 177–190.
- [170] J. Meza, Q. Wu, S. Kumar, and O. Mutlu, "Revisiting memory errors in large-scale production data centers: Analysis and modeling of new trends from the field," in *Proc. DSN*, 2015, pp. 415–426.
- [171] D.-S. Min et al., "Wordline coupling noise reduction techniques for scaled DRAMs," in Proc. Symp. VLSI Circuits, 1990, pp. 81–82.
- [172] A. Morad, L. Yavits, and R. Ginosar, "GP-SIMD processing-in-memory," ACM Trans. Archit. Code Optim., vol. 11, no. 4, 2015, Art. no. 53.
- [173] O. Mutlu, "Memory scaling: A systems architecture perspective," in Proc. IMW, 2013, pp. 1–5.
- [174] O. Mutlu, "The RowHammer problem and other issues we may face as memory becomes denser," in *Proc. DATE*, 2017, pp. 1116–1121.
- [175] O. Mutlu, "Memory scaling: A systems architecture perspective," in Proc. MemCon, 2013, pp. 21–25.
- [176] O. Mutlu, "Error analysis and management for MLC NAND flash memory," in *Proc. Flash Memory Summit*, 2014.
- [177] O. Mutlu, "RowHammer and beyond," in *Proc. COSADE*, 2019, pp. 3–12.
- [178] O. Mutlu, S. Ghose, J. Gómez-Luna, and R. Ausavarungnirun, "Enabling practical processing in and near memory for data-intensive computing," in *Proc. DAC*, 2019.
- [179] O. Mutlu, S. Ghose, J. Gómez-Luna, and R. Ausavarungnirun, "Processing data where it makes sense: Enabling in-memory computation," in *Proc. MICPRO*, 2019, pp. 28–41.
- [180] O. Mutlu et al., "The main memory system: Challenges and opportunities," Commun. Korean Inst. Inf. Sci. Eng., pp. 26–41, Feb. 2015.
- [181] O. Mutlu and L. Subramanian, "Research problems and opportunities in memory systems," *Supercomput. Front. Innov. Int. J.*, vol. 1, no. 3, pp. 19–55, 2014.
- [182] L. Nai et al., "GraphPIM: Enabling instruction-level PIM offloading in graph computing frameworks," in Proc. HPCA, Austin, TX, USA, 2017, pp. 457–468.
- [183] P. Nair, C.-C. Chou, and M. K. Qureshi, "A case for refresh pausing in DRAM memory systems," in *Proc. HPCA*, Shenzhen, China, 2013, pp. 627–638.
- [184] P. J. Nair, V. Sridharan, and M. K. Qureshi, "XED: Exposing on-die error detection information for strong memory reliability," in *Proc. ISCA*, Seoul, South Korea, 2016, pp. 341–353.
- [185] E. Nashilov. (Nov. 2018). Scientists Have Made the Rowhammer More Dangerous. [Online]. Available: https://threatpost.ru/dutch-researchers-made-rowhammer-even-more-dangerous/29378/?es\_p=8358650
- [186] L. H. Newman. (Nov. 2018). An Ingenious Data Hack Is More Dangerous Than Anyone Feared. [Online]. Available: https:// www.wired.com/story/rowhammer-ecc-memory-data-hack/
- [187] S. Nichols. (Nov. 2018). 3 Is the Magic Number (of Bits): Flip 'em at Once and Your ECC Protection Can Be RowHammer'd. [Online]. Available: https://www.theregister.co.uk/2018/11/21/rowhammer\_ecc\_server\_protection/
- [188] S. Oh and J. Kim, "Reliable RowHammer attack and mitigation based on reverse engineering memory address mapping algorithms," in *Proc. WISA*, Jeju-do, South Korea, 2018, pp. 146–158.
- [189] T.-Y. Oh et al., "25.1 a 3.2Gbps/pin 8Gb 1.0V LPDDR4 SDRAM with integrated ECC engine for sub-1V DRAM core operation," in Proc. ISSCC, San Francisco, CA, USA, 2014, pp. 430–431.
- [190] K. Park, C. Lim, D. Yun, and S. Baeg, "Experiments and root cause analysis for active-precharge hammering fault in DDR3 SDRAM under 3× nm technology," *Microelectron. Rel.*, vol. 57, pp. 39–46, Feb. 2016.
- [191] K. Park, D. Yun, and S. Baeg, "Statistical distributions of row-hammering induced failures in DDR3 components," *Microelectron. Rel.*, vol. 67, pp. 143–149, Dec. 2016.
- [192] PassMark Software. (2015). *MemTest86: The Original Industry Standard Memory Diagnostic Utility*. [Online]. Available: http://www.memtest86.com/troubleshooting.htm
- [193] M. Patel, J. S. Kim, H. Hassan, and O. Mutlu, "Understanding and modeling on-die error correction in modern DRAM: An experimental study using real devices," in *Proc. DSN*, Portland, OR, USA, 2019.
- [194] M. Patel, J. S. Kim, and O. Mutlu, "The reach profiler (REAPER): Enabling the mitigation of DRAM retention failures via profiling at aggressive conditions," in *Proc. ISCA*, Toronto, ON, Canada, 2017, pp. 255–268.

- [195] A. Pattnaik et al., "Scheduling techniques for GPU architectures with processing-in-memory capabilities," in *Proc. PACT*, Haifa, Israel, 2016, pp. 31–44.
- [196] P. Pessl, D. Gruss, C. Maurice, M. Schwarz, and S. Mangard, "DRAMA: Exploiting DRAM addressing for cross-CPU attacks," in Proc. USENIX Security, Austin, TX, USA, 2016, pp. 565–581.
- [197] D. Poddebniak, J. Somorovsky, S. Schinzel, M. Lochter, and P. Rosler, "Attacking deterministic signature schemes using fault attacks," in *Proc. EuroS&P*, London, U.K., 2018, pp. 338–352.
- [198] S. H. Pugsley et al., "NDC: Analyzing the impact of 3D-stacked memory+logic devices on MapReduce workloads," in Proc. ISPASS, Monterey, CA, USA, 2014, pp. 190–200.
- [199] R. Qiao and M. Seaborn, "A new approach for RowHammer attacks," in *Proc. HOST*, McLean, VA, USA, 2016, pp. 161–166.
- [200] M. K. Qureshi, V. Srinivasan, and J. A. Rivers, "Scalable high performance main memory system using phase-change memory technology," in *Proc. ISCA*, Austin, TX, USA, 2009, pp. 24–33.
- [201] M. K. Qureshi, D.-H. Kim, S. Khan, P. J. Nair, and O. Mutlu, "AVATAR: A variable-retention-time (VRT) aware refresh for DRAM systems," in *Proc. DSN*, Rio de Janeiro, Brazil, 2015, pp. 427–437.
- [202] M. K. Qureshi et al., "Enhancing lifetime and security of PCM-based main memory with start-gap wear leveling," in Proc. MICRO, New York, NY, USA, 2009, pp. 14–23.
- [203] A. Rahmati, M. Hicks, D. E. Holcomb, and K. Fu, "Probable cause: The deanonymizing effects of approximate DRAM," in *Proc. ISCA*, Portland, OR, USA, 2016, pp. 604–615.
- [204] S. Raoux et al., "Phase-change random access memory: A scalable technology," IBM J. Res. Develop., vol. 52, nos. 4–5, pp. 465–479, Jul. 2008.
- [205] K. Razavi et al., "Flip Feng Shui: Hammering a needle in the software stack," in Proc. USENIX Security, Austin, TX, USA, 2016, pp. 1–18.
- [206] M. Redeker, B. F. Cockburn, and D. G. Elliott, "An investigation into crosstalk noise in DRAM structures," in *Proc. MTDT*, 2002, pp. 123–129.
- [207] P. J. Restle, J. W. Park, and B. F. Lloyd, "DRAM variable retention time," in *Proc. IEDM*, San Francisco, CA, USA, 1992, pp. 807–810.
- [208] S.-W. Ryu et al., "Overcoming the reliability limitation in the ultimately scaled DRAM using silicon migration technique by hydrogen annealing," in *Proc. IEDM*, San Francisco, CA, USA, 2017, pp. 21.6.1–21.6.4.
- [209] J. Sanders. (Jun. 2018). Every Android Device From the Last 6 Years May Be At Risk to RAMPage Vulnerability. [Online]. Available: https://www.techrepublic.com/article/every-android-device-from-the-last-6-years-may-be-at-risk-to-rampage-vulnerability/
- [210] A. Schaller *et al.*, "Intrinsic RowHammer PUFs: Leveraging the RowHammer effect for improved security," in *Proc. HOST*, McLean, VA, USA, 2017, pp. 1–7.
- [211] R. Schilling, M. Werner, P. Nasahl, and S. Mangard, "Pointing in the right direction-securing memory accesses in a faulty world," in *Proc.* ACSAC, 2018, pp. 595–604.
- [212] B. Schroeder, R. Lagisetty, and A. Merchant, "Flash reliability in production: The expected and the unexpected," in *Proc. USENIX FAST*, Santa Clara, CA, USA, 2016, pp. 67–80.
- [213] M. Seaborn and T. Dullien. (2015). Exploiting the DRAM RowHammer Bug to Gain Kernel Privileges. [Online]. Available: http://googleprojectzero.blogspot.com.tr/2015/03/exploiting-dram-rowhammer-bug-to-gain.html
- [214] M. Seaborn and T. Dullien, "Exploiting the DRAM RowHammer bug to gain kernel privileges," in *Proc. BlackHat*, 2016.
- [215] V. Seshadri et al., "RowClone: Fast and energy-efficient in-DRAM bulk data copy and initialization," in *Proc. MICRO*, Davis, CA, USA, 2013, pp. 185–197.
- [216] V. Seshadri et al., "Gather-scatter DRAM: In-DRAM address translation to improve the spatial locality of non-unit strided accesses," in Proc. MICRO, Waikiki, HI, USA, 2015, pp. 267–280.
- [217] V. Seshadri et al., "Fast bulk bitwise AND and OR in DRAM," IEEE Comput. Archit. Lett., vol. 14, no. 2, pp. 127–131, Jul./Dec. 2015.
- [218] V. Seshadri et al., "Ambit: In-memory accelerator for bulk bitwise operations using commodity DRAM technology," in *Proc. MICRO*, Boston, MA, USA, 2017, pp. 273–287.
- [219] V. Seshadri and O. Mutlu, "Chapter four—Simple operations in memory to reduce data movement," Adv. Comput., vol. 106, pp. 107–166, Jun. 2017.
- [220] S. M. Seyedzadeh, A. K. Jones, and R. Melhem, "Counter-based tree structure for row hammering mitigation in DRAM," *IEEE Comput. Archit. Lett.*, vol. 16, no. 1, pp. 18–21, Jan./Jun. 2017.

- [221] A. Shafiee et al., "ISAAC: A convolutional neural network accelerator with in-situ analog arithmetic in crossbars," in Proc. ISCA, Seoul, South Korea, 2016, pp. 14–26.
- [222] G. Singh et al., "NAPEL: Near-memory computing application performance prediction via ensemble learning," in Proc. DAC, 2019.
- [223] SoftMC Source Code. Accessed: Apr. 20, 2019. [Online]. Available: https://github.com/CMU-SAFARI/SoftMC
- [224] M. Son, H. Park, J. Ahn, and S. Yoo, "Making DRAM stronger against row hammering," in *Proc. DAC*, Austin, TX, USA, 2017, pp. 1–6.
- [225] V. Sridharan *et al.*, "Memory errors in modern systems: The good, the bad, and the ugly," in *Proc. ASPLOS*, Istanbul, Turkey, 2015, pp. 297–310.
- [226] V. Sridharan and D. Liberty, "A study of DRAM failures in the field," in *Proc. SC*, Salt Lake City, UT, USA, 2012, pp. 1–11.
- [227] V. Sridharan, J. Stearley, N. DeBardeleben, S. Blanchard, and S. Gurumurthi, "Feng Shui of supercomputer memory positional effects in DRAM and SRAM faults," in *Proc. SC*, Denver, CO, USA, 2013, pp. 1–11.
- [228] Z. Sura et al., "Data access optimization in a processing-in-memory system," in Proc. CF, 2015, Art. no. 6.
- [229] S. Sutar et al., "D-PUF: An intrinsically reconfigurable DRAM PUF for device authentication and random number generation," ACM Trans. Embedded Comput. Syst., vol. 17, no. 1, 2018, Art. no. 17.
- [230] S. Sutar, A. Raha, and V. Raghunathan, "D-PUF: An intrinsically reconfigurable DRAM PUF for device authentication in embedded systems," in *Proc. CASES*, Pittsburgh, PA, USA, 2016, pp. 1–10.
- [231] Q. Tang et al., "A DRAM based physical unclonable function capable of generating > 10<sup>32</sup> challenge response pairs per 1Kbit array for secure chip authentication," in *Proc. CICC*, Austin, TX, USA, 2017, pp. 1–4.
- [232] Y. Tang, X. Che, H. J. Lee, and J.-G. Zhu, "Understanding adjacent track erasure in discrete track media," *IEEE Trans. Magn.*, vol. 44, no. 12, pp. 4780–4783, Dec. 2008.
- [233] A. Tatar et al., "Throwhammer: RowHammer attacks over the network and defenses," in Proc. USENIX ATC, Boston, MA, USA, 2018, pp. 213–225.
- [234] A. Tatar *et al.*, "Defeating software mitigations against RowHammer: A surgical precision hammer," in *Proc. RAID*, 2018, pp. 47–66.
- [235] F. Tehranipoor, N. Karimian, K. Xiao, and J. Chandy, "DRAM based intrinsic physical unclonable functions for system level security," in *Proc. GLVLSI*, Pittsburgh, PA, USA, 2015, pp. 15–20.
- [236] F. Tehranipoor, N. Karimian, W. Yan, and J. A. Chandy, "Investigation of DRAM PUFs reliability under device accelerated aging effects," in *Proc. ISCAS*, Baltimore, MD, USA, 2017, pp. 1–4.
- [237] L. Tung. (Mar. 2015). 'RowHammer' DRAM Flaw Could Be Widespread, Says Google. [Online]. Available: https://www.zdnet.com/article/rowhammer-dram-flaw-could-be-widespread-says-google/
- [238] L. Tung. (May 2018). Android Alert: This New Type of RowHammer GPU Attack Can Hijack Your Phone Remotely. [Online]. Available: https://www.zdnet.com/article/android-alert-this-new-type-of-rowhammer-gpu-attack-can-hijack-your-phone-remotely/
- [239] V. van der Veen et al., "Drammer: Deterministic RowHammer attacks on mobile platforms," in *Proc. CCS*, Vienna, Austria, 2016, pp. 1675–1689.
- [240] V. van der Veen et al., "GuardION: Practical mitigation of DMA-based RowHammer attacks on ARM," in Proc. DIMVA, Saclay, France, 2018, pp. 92–113.
- [241] S. Vig, S. Bhattacharya, D. Mukhopadhyay, and S.-K. Lam, "Rapid detection of RowHammer attacks using dynamic skewed hash tree," in *Proc. HASP*, Los Angeles, CA, USA, 2018, Art. no. 7.
- [242] P. Vila, B. Köpf, and J. F. Morales, "Theory and practice of finding eviction sets," in *Proc. S&P*, 2019.
- [243] Y. Wang, Y. Liu, P. Wu, and Z. Zhang, "Detect DRAM disturbance error by using disturbance bin counters," *IEEE Comput. Archit. Lett.*, vol. 18, no. 1, pp. 35–38, Jan./Jun. 2019.
- [244] Wikipedia. *Row Hammer*. Accessed: Apr. 20, 2019. [Online]. Available: https://en.wikipedia.org/wiki/Row\_hammer
- [245] H.-S. P. Wong et al., "Phase change memory," Proc. IEEE, vol. 98, no. 12, pp. 2201–2227, Dec. 2010.
- [246] H.-S. P. Wong et al., "Metal-oxide RRAM," Proc. IEEE, vol. 100, no. 6, pp. 1951–1970, Jun. 2012.
- [247] R. Wood, M. Williams, A. Kavcic, and J. Miles, "The feasibility of magnetic recording at 10 terabits per square inch on conventional media," *IEEE Trans. Magn.*, vol. 45, no. 2, pp. 917–923, Feb. 2009.

- [248] X.-C. Wu, T. Sherwood, F. T. Chong, and Y. Li, "Protecting page tables from RowHammer attacks using monotonic pointers in DRAM true-cells," in *Proc. ASPLOS*, Providence, RI, USA, 2019, pp. 645–657.
- [249] Y. Xiao, X. Zhang, Y. Zhang, and R. Teodorescu, "One bit flips, one cloud flops: Cross-VM row hammer attacks and privilege escalation," in *Proc. USENIX Security*, Austin, TX, USA, 2016, pp. 19–35.
- [250] W. Xiong et al., "Run-time accessible DRAM PUFs in commodity devices," in Proc. CHES, Santa Barbara, CA, USA, 2016, pp. 432–453.
- [251] D. S. Yaney, C. Y. Lu, R. A. Kohler, M. J. Kelly, and J. T. Nelson, "A meta-stable leakage phenomenon in DRAM charge storage—Variable hold time," in *Proc. IEDM*, Washington, DC, USA, 1987, pp. 336–339.
- [252] T. Yang and X.-W. Lin, "Trap-assisted DRAM row hammer effect," IEEE Electron Device Lett., vol. 40, no. 3, pp. 391–394, Mar. 2019.
- [253] H. Yoon, J. Meza, R. Ausavarungnirun, R. A. Harding, and O. Mutlu, "Row buffer locality aware caching policies for hybrid memories," in *Proc. ICCD*, Montreal, QC, Canada, 2012, pp. 337–344.
- [254] H. Yoon, J. Meza, R. Ausavarungnirun, N. P. Jouppi, and O. Mutlu, "Efficient data mapping and buffering techniques for multilevel cell phase-change memories," ACM Trans. Archit. Code Optim., vol. 11, no. 4, 2015, Art. no. 40.
- [255] D. Yun, M. Park, C. Lim, and S. Baeg, "Study of TID effects on one row hammering using gamma in DDR4 SDRAMs," in *Proc. IRPS*, Burlingame, CA, USA, 2018, pp. P-SE.2-1–P-SE.2-5.
- [256] S. Zeitouni, D. Gens, and A.-R. Sadeghi, "It's hammer time: How to attack (RowHammer-based) DRAM-PUFs," in *Proc. DAC*, San Francisco, CA, USA, 2018, Art. no. 65.
- [257] D. Zhang et al., "TOP-PIM: Throughput-oriented programmable processing in memory," in *Proc. HPDC*, Vancouver, BC, Canada, 2014, pp. 85–98.
- [258] Z. Zhang et al., "Triggering RowHammer hardware faults on ARM: A revisit," in Proc. ASHES, Toronto, ON, Canada, 2018, pp. 24–33.
- [259] P. Zhou, B. Zhao, J. Yang, and Y. Zhang, "A durable and energy efficient main memory using phase change memory technology," in *Proc. ISCA*, Austin, TX, USA, 2009, pp. 14–23.
- [260] Q. Zhu, T. Graf, H. E. Sumbul, L. Pileggi, and F. Franchetti, "Accelerating sparse matrix-matrix multiplication with 3D-stacked logic-in-memory hardware," in *Proc. HPEC*, Waltham, MA, USA, 2013, pp. 1–6.



**Onur Mutlu** (S'00–M'06–SM'13–F'19) received the B.S. degree in computer engineering and psychology from the University of Michigan, Ann Arbor, MI, USA, and the M.S. and Ph.D. degrees in ECE from the University of Texas at Austin, TX, USA.

He is a Professor of Computer Science with ETH Zürich, Switzerland. He is also a faculty member with Carnegie Mellon University, Pittsburgh, PA, USA, where he previously held the Strecker Early Career Professorship. He started the Computer

Architecture Group at Microsoft Research (2006–2009), and held various product and research positions at Intel Corporation, AMD, VMware, and Google. A variety of techniques he, along with his group and collaborators, has invented over the years have influenced industry and have been employed in commercial microprocessors and memory/storage systems. His current research interests include computer architecture, systems, hardware security, and bioinformatics.

Prof. Mutlu was a recipient of the inaugural IEEE Computer Society Young Computer Architect Award, the inaugural Intel Early Career Faculty Award, the U.S. National Science Foundation CAREER Award, the Carnegie Mellon University Ladd Research Award, the faculty partnership awards from various companies, and a healthy number of best paper or "Top Pick" paper recognitions at various computer systems, architecture, and hardware security venues. He is an ACM Fellow "for contributions to computer architecture research, especially in memory systems," an IEEE Fellow for "contributions to computer architecture research and practice," and an Elected Member of the Academy of Europe (Academia Europaea). His computer architecture and digital circuit design course lectures and materials are freely available on YouTube, and his research group makes a wide variety of software and hardware artifacts freely available online. For more information, please see his webpage at https://people.inf.ethz.ch/omutlu/.



Jeremie S. Kim (S'13) received the B.S. and M.S. degrees in electrical and computer engineering from Carnegie Mellon University, Pittsburgh, PA, USA, in 2015. He is currently pursuing the Ph.D. degree with Carnegie Mellon University and ETH Zürich, Switzerland, under the supervision of O. Mutlu.

His current research interests include computer architecture, memory latency/power/reliability, hardware security, and bioinformatics. He has several publications in the above areas.