Revisiting RowHammer - Top Picks in Hardware and Embedded Security - Prof. Onur Mutlu - 30.10.2025

The talk revisits the seminal Rowhammer problem, presenting the 2020 "Revisiting Rowhammer" paper that conducted the largest experimental study to date on real DRAM chips. By testing roughly 1,600 devices from three major vendors across DDR3, DDR4, and LPDDR4 generations, the authors demonstrate that newer memory technologies are far more susceptible, with some chips flipping bits after only 4,800 activations. Key findings include a steep decline in the number of activations required to induce bit flips, the inadequacy of existing mitigation schemes such as increased refresh rates or probabilistic adjacent row activation, and the revelation that industry claims of having “solved” Rowhammer were unfounded. The paper also introduced the HC (hammer count) metric and a comprehensive testing infrastructure that has become the de‑facto standard for subsequent academic and industry research. Prof. Mutlu cites the industry’s reaction: the JEDEC Rowhammer task group was re‑formed, two JEDEC white papers now reference this work, and DDR5 incorporated per‑row activation counting—a direct outcome of the study’s methodology. He also highlights a memorable anecdote where a Micron executive dismissed the need for stronger ECC, underscoring the gap between academic findings and vendor perceptions. The implications are clear: Rowhammer is a worsening scaling issue that threatens data integrity, VM isolation, and cryptographic keys. Without robust, scalable mitigations, future DRAM generations will face escalating security risks, prompting both standards bodies and chip designers to adopt more aggressive countermeasures.