Computer Science > Cryptography and Security
[Submitted on 23 Oct 2023 (v1), revised 9 Jan 2024 (this version, v2), latest version 2 May 2024 (v3)]
Title:Understanding Read Disturbance in High Bandwidth Memory: An Experimental Analysis of Real HBM2 DRAM Chips
View PDF HTML (experimental)Abstract:DRAM read disturbance is a significant and worsening safety, security, and reliability issue of modern DRAM chips that can be exploited to break memory isolation. Two prominent examples of read-disturb phenomena are RowHammer and RowPress. However, no prior work extensively studies read-disturb phenomena in modern high-bandwidth memory (HBM) chips. In this work, we experimentally demonstrate the effects of read disturbance and uncover the inner workings of undocumented in-DRAM read disturbance mitigation mechanisms in HBM.
Our characterization of six real HBM2 DRAM chips shows that (1) the number of read disturbance bitflips and the number of row activations needed to induce the first read disturbance bitflip significantly varies between different HBM2 chips and different 3D-stacked channels, pseudo channels, banks, and rows inside an HBM2 chip. (2) The DRAM rows at the end and in the middle of a DRAM bank exhibit significantly fewer read disturbance bitflips than the rest of the rows. (3) It takes fewer additional activations to induce more read disturbance bitflips in a DRAM row if the row exhibits the first bitflip already at a relatively high activation count. (4) HBM2 chips exhibit read disturbance bitflips with only two row activations when rows are kept active for an extremely long time.
We show that a modern HBM2 DRAM chip implements undocumented read disturbance defenses that can track potential aggressor rows based on how many times they are activated, and refresh their victim rows with every 17 periodic refresh operations. We draw key takeaways from our observations and discuss their implications for future read disturbance attacks and defenses. We explain how our findings could be leveraged to develop both i) more powerful read disturbance attacks and ii) more efficient read disturbance defense mechanisms.
Submission history
From: Ataberk Olgun [view email][v1] Mon, 23 Oct 2023 08:01:48 UTC (2,593 KB)
[v2] Tue, 9 Jan 2024 14:37:39 UTC (3,989 KB)
[v3] Thu, 2 May 2024 15:03:47 UTC (4,797 KB)
References & Citations
Bibliographic and Citation Tools
Bibliographic Explorer (What is the Explorer?)
Litmaps (What is Litmaps?)
scite Smart Citations (What are Smart Citations?)
Code, Data and Media Associated with this Article
CatalyzeX Code Finder for Papers (What is CatalyzeX?)
DagsHub (What is DagsHub?)
Gotit.pub (What is GotitPub?)
Papers with Code (What is Papers with Code?)
ScienceCast (What is ScienceCast?)
Demos
Recommenders and Search Tools
Influence Flower (What are Influence Flowers?)
Connected Papers (What is Connected Papers?)
CORE Recommender (What is CORE?)
arXivLabs: experimental projects with community collaborators
arXivLabs is a framework that allows collaborators to develop and share new arXiv features directly on our website.
Both individuals and organizations that work with arXivLabs have embraced and accepted our values of openness, community, excellence, and user data privacy. arXiv is committed to these values and only works with partners that adhere to them.
Have an idea for a project that will add value for arXiv's community? Learn more about arXivLabs.