

# International Memory Workshop

# **Tutorial**

14<sup>th</sup> International Memory Workshop (IMW) May 15<sup>th</sup> 2022 Dresden, Germany

**Platinum Sponsors** 



**Gold Sponsors** 









Western Digital.

Silver Sponsors









#### **Agenda**

#### **Tutorials**

09:00AM - 04:00PM

Organizers: Dirk Wouters (RWTH Aachen) and Thomas Mikolajick (NaMLab/TU Dresden)

Part 1 – Ferroelectric Memories 09:00AM – 12:00PM

Chairs: Dirk Wouters (RWTH Aachen)

*Katherine Chiang (TSMC)* 

Laurent Grenouillet CEA-Leti 09:00AM – 10:00AM

"Ferroelectric Random Access Memory (FeRAM)"

Halid Mulaosmanovic, GlobalFoundries 10:00AM – 11:00AM

"Ferroelectric Field Effect Transistors (FeFET)"

Shosuke Fujii Kioxia 11:00AM – 12:00PM

### Part 2 – 3D Memories – Security Aspects of Memories

02:00PM - 04:00PM

Chairs: Antonio Arreghini (imec)

Thomas Mikolajick (Namlab/TU Dresden)

**Onur Mutlu ETH Zurich** 02:00PM – 03:00PM

"Security aspects of DRAM"

Swaroop Ghosh Penn State University 03:00PM - 04:00PM

"Security Aspects in Nonvolatile Memories"

<sup>&</sup>quot;Ferroelectric Tunnel Junction (FTJ)"



Laurent Grenouillet CEA-Leti

Laurent Grenouillet received the Engineer degree in physics in 1998 from the National Institute of Applied Sciences (INSA) in Lyon, France, and the PhD degree in electronic devices in 2001 for his work on the optical spectroscopy of diluted nitrides grown on GaAs substrates. After a post-doctoral position in the field of Molecular Beam Epitaxy, he joined CEA-Leti in 2002 and worked on GaAs-based VCSELs emitting in the 1.1-1.3µm range and single photon sources with quantum dots. In 2006, he joined the Silicon Photonics group where he developed CMOS compatible hybrid III-V on silicon lasers. In 2009, he joined IBM Alliance in Albany as a Leti assignee to contribute to the development of FDSOI technology. Within Albany state-of-the-art facilities, he extensively worked on device integration to improve performance of FDSOI devices (28nm and 14nm node). Back in France at CEA-LETI in 2013, he focused on the performance boosters for the 10nm node FDSOI technology, and took part to the FDSOI technology transfer to Global Foundries (22FDX) in 2015. During that period he joined the Advanced Memory Device Laboratory at CEA-Leti. His current research interests include resistive switching memory devices and selectors, and ferroelectric HfO2-based memories. Laurent Grenouillet authored or coauthored over 80 papers (conferences and journals) and has filed over 40 patents. He serves as committee member of Solid-State Devices and Materials (SSDM) conference.





# 1T-1C FERROELECTRIC RAM

Dr. L. Grenouillet, CEA-Leti | 14th International Memory Workshop, 2022 | Tutorial | 2022-05-15

laurent.grenouillet@cea.fr



**Ferroelectricity basics** 

Ferroelectric HfO<sub>2</sub>: a change of paradigm for NVM

1T-1C FeRAM arrays: basics

HfO<sub>2</sub>-based MFM capacitors integrated above CMOS

HfO<sub>2</sub>-based 1T-1C FeRAM arrays: performance overview

Scalability: challenges and perspectives





## **Ferroelectricity basics**

Ferroelectric HfO<sub>2</sub>: a change of paradigm for NVM

1T-1C FeRAM arrays: basics

HfO<sub>2</sub>-based MFM capacitors integrated above CMOS

HfO<sub>2</sub>-based 1T-1C FeRAM arrays: performance overview

Scalability: challenges and perspectives



#### FERROELECTRIC MATERIAL: SOME BASICS

#### CRYSTALLOGRAPHY





# **FERROELECTRICS:**

Crystallize in a non-centrosymmetric phase → ELECTRIC DIPOLE



#### FERROELECTRIC MATERIAL: SOME BASICS

#### CRYSTALLOGRAPHY

#### **ELECTRIC DIPOLE**







# **FERROELECTRICS:**

Crystallize in a non-centrosymmetric phase → ELECTRIC DIPOLE

1.5



#### FERROELECTRIC MATERIAL: SOME BASICS

# Pup : A : 0 : B

**CRYSTALLOGRAPHY** 

# ELECTRIC DIPOLE



# **FERROELECTRICS:**

- Crystallize in a non-centrosymmetric phase → ELECTRIC DIPOLE
- Show a SPONTANEOUS & SWITCHABLE ELECTRIC POLARIZATION

|6



#### FERROELECTRIC MATERIAL: SOME BASICS

#### CRYSTALLOGRAPHY



#### THERMODYNAMICS (Landau-Ginzburg-Devonshire)



# **FERROELECTRICS:**

2 STABLE POLARIZATION STATES that can be switched by an ELECTRIC FIELD

. \_



#### FERROELECTRIC MATERIAL: SOME BASICS

#### **CRYSTALLOGRAPHY**



#### THERMODYNAMICS (Landau-Ginzburg-Devonshire)



# non-volatile memory

ultra low power



# **FERROELECTRICS:**

FCTRIC FIFLD

2 STABLE POLARIZATION STATES that can be switched by an ELECTRIC FIELD



#### **FERROELECTRIC MATERIAL: SOME BASICS**



# **FERROELECTRICS:**

2 STABLE POLARIZATION STATES that can be switched by an ELECTRIC FIELD



# **FERROELECTRICS:**

2 STABLE POLARIZATION STATES that can be switched by an ELECTRIC FIELD



#### **FERROELECTRICS: KEY DATES**

1921: discovery of the elegant, fundamental physics of ferroelectricity by J. Valasek

# PIEZO-ELECTRIC AND ALLIED PHENOMENA IN ROCHELLE SALT.¹

By J. Valasek.







J. Valasek, Phys. Rev. 17, 475 (1921)

leti ceatech

#### **FERROELECTRICS: KEY DATES**

- 1921: discovery of the elegant, fundamental physics of ferroelectricity by J. Valasek
- 1952: ferroelectric memory invented by Dudley Allen Buck (crosspoint arrays)





1.



#### **FERROELECTRICS: KEY DATES**

- 1921: discovery of the elegant, fundamental physics of ferroelectricity by J. Valasek
- 1952: ferroelectric memory invented by Dudley Allen Buck (crosspoint arrays)
- 1990's: disturb issue solved by adding a select transistor (1T-1C bitcell)





ferroelectric material:  $Pb(Zr_xTi_{1-x})O_3$  (PZT)  $Sr_{1-x}Bi_{2+y}Ta_2O_9$  (SBT)

4096-Bit FRAM® Memory

D. Bondurant, Ferroelectrics, (1990)

"The FeRAM is the world's first integrated 'nonvolatile static RAM'."

| 13

## leti ceatech

#### **FERROELECTRICS: KEY DATES**

- 1921: discovery of the elegant, fundamental physics of ferroelectricity by J. Valasek
- 1952: ferroelectric memory invented by Dudley Allen Buck (crosspoint arrays)
- 1990's: disturb issue solved by adding a select transistor (1T-1C cell)
- Today: main Ferroelectric Random Access Memory (FeRAM) players



INFINEON



**TEXAS INSTRUMENT** 



LAPIS (ROHM)



SKhynix



**FUJITSU** 

Fujitsu has sold more PZT FRAM chips than any emerging memory in history – over 4 billion units since 1999!



#### FERROELECTRIC MEMORY (FERAM) MAIN INTERESTS

#### ATTRACTIVE FEATURES:

Ultra low power: < 10fJ/bit</li>

• **Fast**: < 100ns

Low voltage: < 3V</li>

High endurance: Up to 10<sup>15</sup> cycles

#### Reliability of Ferroelectric Random Access Memory Embedded within 130nm CMOS

J. Rodriguez, K. Remack, J. Gertas, L. Wang, C. Zhou, K. Boku, J. Rodriguez-Lato K. R. Udayakumar, S. Summerfelt, T. Moise Texas instruments Inc. Dallas, Texas USA jez@to.com

> D. Kim, J. Groat, J. Eliason, M. Depner, F. C RAMTRON International Corporation Colorado Springs, Colorado USA



#### **BUT**

#### **DOWNSIDES:**

- PZT is not CMOS friendly (lead)
- PZT is not scalable
- → PZT-based FeRAM limited to niche applications & relaxed nodes (130nm)



#### **OUTLINE**

#### **Ferroelectricity basics**



Ferroelectric HfO<sub>2</sub>: a change of paradigm for NVM

1T-1C FeRAM arrays: basics

HfO<sub>2</sub>-based MFM capacitors integrated above CMOS

HfO<sub>2</sub>-based 1T-1C FeRAM arrays: performance overview

Scalability: challenges and perspectives



#### FERROELECTRIC HfO<sub>2</sub>

> a change of paradigm for NVM





#### FERROELECTRIC HfO<sub>2</sub>

> a change of paradigm for NVM





#### FERROELECTRIC HfO,

> a change of paradigm for NVM



110



#### FERROELECTRIC HfO,

> a change of paradigm for NVM





#### **VARIOUS FERROELECTRIC MEMORIES**







**Embedded memory arrays** 





Artificial synapse (neuromorphics) Vector Matrix Multiplications

| 21

#### leti ceatech

#### **VARIOUS FERROELECTRIC MEMORIES**







**Embedded memory arrays** 

APPLICATION SPACE



Artificial synapse (neuromorphics) Vector Matrix Multiplications



**Ferroelectricity basics** 

Ferroelectric HfO<sub>2</sub>: a change of paradigm for NVM



1T-1C FeRAM arrays: basics

HfO<sub>2</sub>-based MFM capacitors integrated above CMOS

HfO<sub>2</sub>-based 1T-1C FeRAM arrays: performance overview

Scalability: challenges and perspectives

Loo



Bit Line (BL)

State '0' → Pdown

Bit Line (BL)

State '1' → Pup



#### > WRITE '0' and '1' states



- WRITE '0' :
  - precharge BL to GND
  - pulse WL > Vth
  - pulse PL > Vc

- WRITE '1':
  - PL to GND
  - pulse WL > Vth
  - pulse BL > Vc

| 25

#### leti ceatech

#### 1T-1C FeRAM

#### > READ '0' and '1' states



- READ '0':
  - BL floating
  - pulse WL > Vth
  - pulse PL > Vc → small V<sub>BL</sub> elevation (displacement current)
- READ '1':
  - BL floating
  - pulse WL > Vth
  - pulse PL > Vc → high V<sub>BL</sub> elevation (displacement current + switching current)

14





READ operation is destructive!

| 27



READ operation is destructive! → WRITE BACK necessary





#### → READ '0' and '1' states





$$\begin{split} V_{BL}^{NSW} &= \frac{C_D}{C_D + C_{BL}} \times V_{PL} \\ V_{BL}^{SW} &= V_{BL}^{NSW} + \frac{2.\,P_R \times S}{C_D + C_{BL}} \end{split}$$













## > Arrays: bitcell programming





#### > Arrays: bitcell programming





#### **1T-1C FeRAM**

## > Arrays: bitcell programming



| 35



#### Arrays: bitcell programming







#### 1T-1C FeRAM

> Arrays: analog-like characterization with destructive READ operation

## Specific methodology to achieve analog-like characterization



Iterative READ and WRITE operations with scanning  $V_{REF}$  allows to reconstruct '0' and '1' distributions in 1T-1C FeRAM arrays



**Ferroelectricity basics** 

Ferroelectric HfO<sub>2</sub>: a change of paradigm for NVM

1T-1C FeRAM arrays: basics



HfO<sub>2</sub>-based MFM capacitors integrated above CMOS

HfO<sub>2</sub>-based 1T-1C FeRAM arrays: performance overview

Scalability: challenges and perspectives



#### HfO<sub>2</sub>-BASED MFM CAPACITORS INTEGRATION

> BEOL integration in MAD200 test vehicle (130nm node)



MAD200: a versatile platform for assessing BEOL-NVMs (OxRAM, PCRAM... and FeRAM)

| 3



> Thermal budget for crystallization: prerequisite for BEOL integration







[T. Francois et al., IEDM 2019]

 $2.P_R > 30\mu C/cm^2$  demonstrated down to a thermal budget of 350°C



#### HfO<sub>2</sub>-BASED MFM CAPACITORS INTEGRATION

> BEOL integration at 130nm node - Morphological results





[T. Francois et al., IEDM 2019]



> BEOL integration at 130nm node - Morphological results





[T. Francois et al., IEDM 2019]



#### HfO<sub>2</sub>-BASED MFM CAPACITORS INTEGRATION

> BEOL integration at 130nm node - Morphological results



GIXRD characterization demonstrating oIII ferroelectric phase, with ~10nm-thick / 20nm-large cristallites



[T. Francois et al., IEDM 2019]

2019: demonstration of ferroelectric  $Hf_{0.5}Zr_{0.5}O_2$  in BEOL-integrated sub- $\mu m^2$  FeCap (NaMLab/Leti)



> BEOL integration at 130nm node - Electrical results



#### Integration of \$550nm HZO FeCap in BEOL...



#### ... while preserving FEOL CMOS



[T. Francois et al., IEDM 2019]

electrical demonstration of scaled FeRAM capacitors integrated in BEOL without impacting FEOL

1.45



#### HfO<sub>2</sub>-BASED MFM CAPACITORS INTEGRATION

> BEOL integration at 130nm node - Electrical results



#### Switching kinetics on single scaled capacitors (10nm HZO)



Same behavior on 1C and 1T-1C

# After 10<sup>3</sup> wake-up cycles Single Ø600nm (0.28µm²) capacitor



[T. Francois et al., IEDM 2019]

down to 30ns switching capability >50% even at low voltages (2V) Suitable for memory application

146



> BEOL integration at 130nm node - Electrical results



#### **Endurance measurement on single scaled capacitors (10nm HZO)**



[T. Francois et al., IEDM 2019]

Endurance >10<sup>11</sup> cycles (4V) for a BEOL-integrated HZO FeCap



#### HfO<sub>2</sub>-BASED MFM CAPACITORS INTEGRATION

> BEOL integration at 130nm node-Si-implanted HfO<sub>2</sub>



#### Si:HfO<sub>2</sub> (HSO) FeCap in BEOL (thermal budget 450°C)







[L. Grenouillet et al., VLSI 2020]

 ${\rm Si:HfO_2}$  as a BEOL compatible ferroelectric material. Si doping by ion implantation

| 4



BEOL integrated FeCap: area scaling



[R. Alcala et al., EDTM 2022]

Scaling down FeRAM to sub-μm² sizes has a positive impact on reliability: promising for NVM application

| 49



#### HfO<sub>2</sub>-BASED MFM CAPACITORS INTEGRATION

Data retention & Imprint







[R. Alcala et al., EDTM 2022]

Good data retention at 85°C even for Opposite State. Imprint rate increases above 125°C



#### BEOL integration of 3D FeCap

# 3D Scalable, Wake-up Free, and Highly Reliable FRAM Technology with Stress-Engineered HfZrO<sub>x</sub>

Y.D. Lin<sup>1,3</sup>, H.Y. Lee<sup>1,\*</sup>, Y.T. Tang<sup>2</sup>, P.C. Yeh<sup>1</sup>, H.Y. Yang<sup>1</sup>, P.S. Yeh<sup>1</sup>, C.Y. Wang<sup>1</sup>, J.W. Su<sup>1,3</sup>, S.H. Li<sup>1</sup>, S.S. Sheu<sup>1</sup>, T.H. Hou<sup>1</sup>, W.C. Lo<sup>1</sup>, M. H. Lee<sup>4</sup>, M.F. Chang<sup>2</sup>, Y.C. King<sup>3</sup> and C.J. Lin<sup>3</sup>

<sup>1</sup>EOSL, Industrial Technology Research Institute, Hsinchu, Taiwan, \*email: hengyuan@itri.org.tw

<sup>2</sup> Taiwan Semiconductor Research Institute, Hsinchu, Taiwan,

<sup>3</sup>Institute of Electronics Engineering, National Tsing Hua University, Hsinchu, Taiwan

<sup>4</sup>Institute of Electro-Optical Science and Technology, National Taiwan Normal University, Taipei, Taiwan



| Ref.<br>Device          | This work                      |                               |  |
|-------------------------|--------------------------------|-------------------------------|--|
| 1C stacks               | (2D)<br>IL/HfZrO<br>10nm/IL    | (3D)<br>IL*/HfZrO<br>10nm/IL* |  |
| Cycling speed (kHz)     | 625                            | 625                           |  |
| Applied field (MV/cm)   | 2.5                            | 2.2                           |  |
| P <sub>r</sub> (uC/cm²) | 20~32                          | 18~20                         |  |
| Endurance               | 10 <sup>10</sup>               | 10 <sup>9</sup>               |  |
| Retention               | 5x10 <sup>4</sup> .<br>(105°C) | 5x10 <sup>4</sup> .<br>(85°C) |  |

\* 170 uC/cm2: N

[Y.D. Lin et al., IEDM 2019]

2D & 3D 10nm HZO-based FeCap integrated between M6 & M7. Endurance > 109 cycles

151



#### HfO<sub>2</sub>-BASED MFM CAPACITORS INTEGRATION

> Middle Of Line integration





[J. Okuno et al., VLSI 2020]

Advantage of MOL integration: higher thermal budget allowed for crystallization



## **Ferroelectricity basics**

Ferroelectric HfO<sub>2</sub>: a change of paradigm for NVM

1T-1C FeRAM arrays: basics

HfO<sub>2</sub>-based MFM capacitors integrated above CMOS

 $\rightarrow$ 

HfO<sub>2</sub>-based 1T-1C FeRAM arrays: performance overview

Scalability: challenges and perspectives



#### HfO<sub>2</sub>-BASED FERAM ARRAYS

> 16 kbit FeRAM test vehicle (Leti - MAD200v3)



#### 16 kbit 1T-1C FeRAM layout



#### 16 kbit 1T-1C FeRAM chip view





- 3x circuit versions, with FeCap areas = 0.36 / 0.24 / 0.16μm<sup>2</sup>
- Scan chains for bitcell addressing, circuit control and buffering out data
- Sense Amplifiers for (destructive) reading operations
- Internal Pulse Generators for sub-ns programming



#### HfO<sub>2</sub>-BASED FERAM ARRAYS

> 16 kbit FeRAM test vehicle (Leti - MAD200v3)

#### FeRAM bitcell & read operation

- bitcell = 1T FEOL + 1C BEOL Array = 128 Word Lines x 128 Bit Lines
- Polarization state of a bitcell is not directly measurable
- Read operation = attempt to program a '0'
  - if bitcell = '1' → ferro switch detected
  - if bitcell = '0' → no ferro switch detected
  - program back data





155

# leti

#### HfO<sub>2</sub>-BASED FERAM ARRAYS

> 16 kbit FeRAM electrical results (Leti - MAD200v3)

Distributions on Si:HfO<sub>2</sub>-based 16 kbit FeRAM (0.36 μm<sup>2</sup> FeCap, 4.8V/2μs pulses, after wake-up)



Nominal memory operation at V<sub>REF</sub>=0.85V



[T. Francois et al., IEDM 2021]

0 bitfail, large Memory Window

#### HfO2-BASED FERAM ARRAYS

> 16 kbit FeRAM electrical results (Leti - MAD200v3)

Bit Failure [%]

100.00

26.83

7.20

1.93

0.52 0.14 0.05

#### **Memory speed**



#### Endurance Si:HfO<sub>2</sub>-based 16 kbit FeRAM



[T. Francois et al., IEDM 2021]

Excellent switching speed down to 10ns
Endurance > 10<sup>7</sup> cycles using high cycling field

# leti

#### HfO<sub>2</sub>-BASED FERAM ARRAYS

→ 16 kbit FeRAM electrical results (Leti - MAD200v3)

#### Data retention at 125°C



#### 0 bitfail after 3x solder reflow test (T<sub>max</sub>=260°C)



[T. Francois et al., IEDM 2021]

MW open after 10<sup>4</sup>s @125°C with V<sub>REF</sub> = 0.85V Solder reflow compatibility demonstrated for the first time

. . .



#### HfO<sub>2</sub>-BASED FERAM ARRAYS

#### > 64 kbit FeRAM electrical results (SONY)





[J. Okuno et al., VLSI 2020]

100 % bit functionality and 480 mV read margin (1μm² FeCap) Sub 10 ns operation speed and < 2.5 V operating voltage

1.50



#### HfO<sub>2</sub>-BASED FERAM ARRAYS

#### > 16 kbit FeRAM electrical results (Xidian University, Xi'an UniIC Semiconductor)





[W. Xiao et al., Science China 2022]

Integration between M6 & M7 of TaN/HZO/TaN 64µm² FeCap and larger 30 ns switching speed, >10<sup>4</sup> s data retention, and >10<sup>11</sup> cycling capability. > 10<sup>9</sup> write/read cycling for the 1T–1C cell is achieved for the first time at array level.



|                             | Sony<br>(VLSI 2020)         | Sony<br>(IMW 2021,<br>EDTM2022)                                          | Leti<br>(IEDM 2021)                   | Xidian University,<br>Xi'an UniIC<br>Semiconductor |
|-----------------------------|-----------------------------|--------------------------------------------------------------------------|---------------------------------------|----------------------------------------------------|
| Node                        | 130nm                       | 130nm                                                                    | 130nm                                 | 130nm                                              |
| Circuit size                | 64 kbit                     | 64 kbit                                                                  | 16 kbit                               | 16 kbit                                            |
| Ferro material-<br>stack    | TiN / HZO 10nm / TiN        | TiN / HZO 8nm / TiN                                                      | TiN / HSO 10nm / TiN                  | TaN / HZO 20nm /<br>TaN                            |
| Integration, thermal budget | MOL (M1) > 500°C            | MOL (M1) > 500°C                                                         | BEOL (M4-M5) <<br>500°C               | BEOL (M6-M7) <<br>500°C                            |
| Min. write voltage          | 2.5V                        | 2V                                                                       | 2.5V                                  | 3.5V                                               |
| Write speed                 | 14ns at 2.5V (one<br>state) | 16ns at 2V (one state)                                                   | 4ns at 4.8V (both state)              | 30ns                                               |
| Endurance                   | -                           | $>10^{15}$ at 2V<br>(extrapolated)<br>$>10^{10}$ at<br>2V/2.8V(measured) | > 10 <sup>7</sup> at 4V<br>(measured) | > <b>10<sup>9</sup> at 3.5V</b><br>(measured)      |
| Retention                   | -                           | -                                                                        | 125°C 10 <sup>4</sup> s               | 10 <sup>4</sup> s (RT)                             |
| Solder reflow               | -                           | -                                                                        | Yes                                   | -                                                  |

| 6



|                   | NOR FLASH                         | MRAM                              | PCRAM         | OxRAM                                        | FeRAM (PZT)        | FeRAM (HfO <sub>2</sub> )                                      |
|-------------------|-----------------------------------|-----------------------------------|---------------|----------------------------------------------|--------------------|----------------------------------------------------------------|
| Programming power | ~200pJ/bit                        | ~20pJ/bit                         | ~300pJ/bit    | ~100pJ/bit                                   | ~100fJ/bit         | ~100fJ/bit                                                     |
| Write speed       | 20 μs                             | 20 ns                             | 10-100 ns     | 10-100 ns                                    | <100ns             | 14ns @ 2.5V (Sony)<br>4ns @ 4.8V (Leti)                        |
| Endurance         | 10 <sup>5</sup> - 10 <sup>6</sup> | 10 <sup>6-</sup> 10 <sup>15</sup> | 108           | 10 <sup>5</sup> – 10 <sup>6</sup> on 16 kbit | > 10 <sup>15</sup> | > 10 <sup>11</sup> single device<br>10 <sup>9</sup> on 16 kbit |
| Retention         | > 125°C                           | 85°C - 165 °C                     | 165°C         | > 150°C                                      | 125°C              | 125°C – SMT<br>compliant                                       |
| Extra masks       | Very high (>10)                   | Limited (3-5)                     | Limited (3-5) | Low (2)                                      | Low (2)            | Low (2)                                                        |
| Process flow      | Complex                           | Medium                            | Medium        | Simple                                       | Simple             | Simple                                                         |
| Multi-Level Cell  | Yes                               | No                                | Yes           | Yes                                          | No                 | No                                                             |
| Scalability       | Bad                               | Medium                            | High          | High                                         | Poor (130nm)       | Poor (2D)<br>High (3D)                                         |





| 63



#### HfO<sub>2</sub>-BASED FERAM ARRAYS

Scalability towards more advanced nodes?



**Ferroelectricity basics** 

Ferroelectric HfO<sub>2</sub>: a change of paradigm for NVM

1T-1C FeRAM arrays: basics

HfO<sub>2</sub>-based MFM capacitors integrated aboveCMOS

HfO<sub>2</sub>-based 1T-1C FeRAM arrays: performance overview



Scalability: challenges and perspectives

164



#### **CHALLENGES AND PERSPECTIVES FOR FERAM SCALING**

Voltage scaling

Si:HfO<sub>2</sub> 16 kbit FeRAM
4.8V → 2.5V programming voltage





[T. Francois et al., IEDM 2021]

Low voltage operation reduces MW



Voltage scaling

#### 10nm HZO → 8nm HZO







[J. Okuno et al., IMW 2021]

Thickness scaling of ferroelectric layer from 10nm down to 8nm enables operation down to 2V

167

# leti

#### CHALLENGES AND PERSPECTIVES FOR FERAM SCALING

Area scaling

10nm Si:HfO<sub>2</sub> 16 kbit FeRAM 0.36μm<sup>2</sup> → 0.16μm<sup>2</sup> FeCap



8nm HZO 64 kbit FeRAM
1μm² → 0.06μm² FeCap



[T. Francois et al., IEDM 2021]

[J. Okuno et al., IMW 2021]

Scaling FeCap area reduces MW



Area scaling

3D Al:HfO<sub>2</sub> FeCap, aspect ratio = 13:1

#### 3D HZO anti-ferroelectric capacitor above FinFET





[P. Polakowski et al., IMW 2014]

[S. -C. Chang et al., IEDM 2021]

Maintaining large FeCap area while reducing footprint is possible using 3D capacitors

16

# leti

#### **CHALLENGES AND PERSPECTIVES FOR FERAM SCALING**

Voltage & Area scaling



[T. Francois et al., IEDM 2021]

Voltage scaling & FeCap area scaling results in switching energy lower than 100 fJ/bit



→ Area scaling – 1T-1C bitcell



→ 1T footprint can be small

Main diffentiator w.r.t. resistive memories (OxRAM, PCM, ...) for which selector needs to drive  $> 100~\mu\text{A}$ 

leti

#### CHALLENGES AND PERSPECTIVES FOR FERAM SCALING

> Bitline Capacitance scaling





- Experiment
  Simulation at CBL 250 fF
  Simulation at CBL 120 fF
- Experimental result meet the estimation
- ✓ Potential to work < 0.05 µm² in leading edge technology
- → 3D structure

[J. Okuno et al., VLSI 2020]

C<sub>BL</sub> expected to decrease for nodes beyond 130nm

- → allows to improve MW at fixed capacitor area
- → allows to decrease capacitor area at fixed MW



Endurance

#### **HZO-based FeRAM arrays (4 kbit)**



[J. Okuno et al., EDTM 2022]

Encouraging endurance results reported at array level (> 10<sup>10</sup> cycles) with recovery phase Better understanding of role of defects needed at the fundamental level, to reduce wake-up and fatigue.

130

| 73



#### **OUTLINE**



Scalability: challenges and perspectives



#### FERROELECTRIC HfO2: TAKE-AWAY MESSAGES FOR FeRAM

- Ferroelectricity in HfO<sub>2</sub> was unveiled 10 years ago
- Ferroelectric HfO<sub>2</sub> currently attracts a lot of attention for non-volatile memory applications:
  - CMOS compatibility
  - Scalability
  - Ultra low power
  - Easy integration
- HfO<sub>2</sub>-based ferroelectric ramdom access memories (FeRAM) are already demonstrating excellent performances at the array level (16kbit – 64 kbit) at 130nm
  - High speed operation < 20ns
  - Low voltage operation < 2.5V
  - Ultra low energy < 100 fJ/bit
  - Endurance > 109 cycles
  - Data retention at 125°C
  - Solder Reflow Compatilibity
- Material and stack improvement and better understanding needed (wake-up, fatigue, imprint ...)
- Destructive reading requires very high endurance and prevents multi-level capability
- HfO<sub>2</sub>-based FeRAM scaling to node < 130 nm is envisioned

leti

#### SPECIAL THANKS TO CEA TEAM ...



Terry François



Justine Barbot





Julie Laguerre Jennifer Izaguirre





Adam Makosiej Bastien Giraud





Simon Martin Niccolo Castellani



Catherine Carabasse Mélanie Louro



Nick Barrett



Philippe Blaise



François Triozon Olivier Billoint Vaxelaire







Elisa Vianello Jean Coignus

Thomas Magis, Catherine Pellissier, Massoud Bedjaoui, Virginie Beugin, Philippe Rodriguez, Guillaume Rodriguez, Sébastien Kerdilès, Hélène Grampeix, Virginie Loup, Pierre-Marie Deleuze, Tifenn Hirtzlin, Filippo Moro, Wassim Hamouda, François Aussenac, Chiara Sabbione, Magali Tessaire, Fred Mazen, Marianne Coig, Olivier Renault, Etienne Nowak, Caroline Coutier, François Andrieu, Thierry Poiroux, Julien Arcamone

... AND TO YOU FOR YOUR ATTENTION!

**QUESTIONS?** 





Halid Mulaosmanovic GlobalFoundries

Halid Mulaosmanovic received the Ph.D. in Information Technology at Politecnico di Milano, Italy, in 2016. He worked as a research fellow at NaMLab, Dresden, Germany, from 2016 to 2021, where his research interests included ferroelectric materials and devices, with a particular focus on ferroelectric field-effect transistors for memory and unconventional applications. Now, he is with GlobalFoundries Inc., Germany, and is involved in ferroelectric memory projects among others.



## **Ferroelectric FETs**

Halid Mulaosmanovic





- > Introduction to Ferroelectric FETs
- > Ferroelectric HfO<sub>2</sub>
- Device characteristics
  - Memory window
  - Switching kinetics
  - · Size dependence
  - · Reliability
  - · (Co)-Integration
- > Ferroelectric FETs beyond memory
- > Conclusions



- Ferroelectric HfO<sub>2</sub>
- Device characteristics
  - Memory window
  - Switching kinetics
  - · Size dependence
  - · Reliability
  - · (Co)-Integration
- > Ferroelectric FETs beyond memory
- Conclusions

### **Ferroelectricity**



perovskite oxide (ABO<sub>3</sub>): PZT, SBT, BTO ...



Courtesy of Fujitsu Semiconductor

- > Polarization is switched between two equivalent states by an external electric field
- Reversibly switchable permanent dipoles appealing for information storage

### **Ferroelectric memory**

#### 1T1C FeRAM





J. F. Scott, Science, 2007

#### 1T FeFET





L. V. Hai, Semi. Sci. Tech., 2010

#### 1C FTJ





H. J. Mao, RCS PCCP, 2015

GlobalFoundries © 2021 All Rights Reserved 5

### **Ferroelectric memory**

#### 1T1C FeRAM





J. F. Scott, Science, 2007

#### 1T FeFET





L. V. Hai, Semi. Sci. Tech., 2010

#### 1C FTJ





H. J. Mao, RCS PCCP, 2015

GlobalFoundries © 2021 All Rights Reserved 6

### **Ferroelectric FET**



- ➤ Write: permanent reversal of polarization under  $V_G = V_G (|E_F| > |E_C|)$   $\rightarrow$  e.g. n-type FeFET:  $P \downarrow$  results in low- $V_T$
- > Read is nondestructive

GlobalFoundries © 2021 All Rights Reserved

### **Ferroelectric FET**



- ➤ Write: permanent reversal of polarization under  $V_G = V_G (|E_F| > |E_C|)$ → e.g. n-type FeFET:  $P \uparrow$  results in **high-V**<sub>T</sub>
- > Read is nondestructive

GlobalFoundries © 2021 All Rights Reserved

### An old idea

#### United States Patent Office

2,791,760

SEMICONDUCTIVE TRANSLATING DEVICE

Ian M. Ross, New Providence, N. J., assignor to Bell Telephone Laboratories, Incorporated, New York, N. Y., a corporation of New York

Application February 18, 1955, Serial No. 489,223 9 Claims. (Cl. 340—173)







"...one feature of this invention comprises altering the conductivity of a path through a semiconductive body by polarizing a ferroelectric maintained in proximity to the body to alter the surface charge on a portion of that body."

GlobalFoundries © 2021 All Rights Reserved

### **FeFET structures**



- ➤ Each of the structures has its particular advantages:
  - MFS: direct contact between FE and S → optimal voltage control of the device
  - MFIS: buffer layer between FE and S → interface quality tailoring; no interdiffusion phenomena
  - MFMIS: S<sub>E</sub>/S<sub>I</sub> tailoring to improve the operation voltage and memory window
- ➤ Also full-BEoL FeFETs have been demonstrated

### **Perovskite FeFETs**







- Excellent endurance and retention
- 64kbit NAND functionality
- However, scaling and integration concerns!

Sakai et al., JJAP, 2004 Sakai et al., IEEE EDL, 2004 Zhang et al., JJAP, 2011



GlobalFoundries © 2021 All Rights Reserved

### Ferroelectricity in HfO<sub>2</sub>

#### Courtesy of FMC



Many stabilization knobs for the ferroelectric phase: doping, stress, annealing, film thickness ...

### Ferroelectric HfO<sub>2</sub>

- → HfO₂ is a simple binary oxide → various mature deposition techniques available
- ➤ Large bandgap (5.3-5.7 eV) → reduced leakage
- ➤ Well known high-k material in semiconductor industry → CMOS compatible
- Robust ferroelectricity even upon aggressive vertical and lateral scaling



T. S. Böscke et al., APL, 2011

GlobalFoundries © 2021 All Rights Reserved

### Ferroelectric Hf<sub>1-x</sub>Zr<sub>x</sub>O<sub>2</sub>

J. Müller, Nano Lett., 2012



- HfO<sub>2</sub> and ZrO<sub>2</sub> have very similar physical and chemical properties
- FE and AFE behavior has been confirmed in HfO<sub>2</sub> ZrO<sub>2</sub> solid solution and in pure ZrO<sub>2</sub> as well

### From MOSFET to HfO<sub>2</sub> FeFET

Courtesy of FMC



- Only a few additional masks needed for FeFET fabrication
- > Full front-end CMOS compatibility make HfO<sub>2</sub> FeFETs attractive

GlobalFoundries © 2021 All Rights Reserved

2008

### Ferroelectric HfSiO in a transistor









Courtesy of U. Schröder, NaMLab

First HfO<sub>2</sub> based FeFET realized in 65 nm technology

### **FeFET evolution**



#### > Rapid progress in material and device development

Mulaosmanovic et al., Nanotechnology, 2021

GlobalFoundries © 2021 All Rights Reserved

### **HKMG FeFET at GF**

### 

22FDX° eFeFET

FEFET NISI
MG
FE
SOI
BOX

mini array devices full wafer map W/L=450nm/450nm



64 kbit AND array W/L=450nm/450nm



- H. Mulaosmanovic, IEDM, 2015
- M. Trentzsch, IEDM, 2016
- S. Dünkel, IEDM, 2017
- S. Beyer, IMW, 2020

- Memory window > 1.5V
- · Retention > 10 years
- Endurance: 10<sup>4</sup> –10<sup>5</sup>
- Low operation voltages (< 4V)</li>
- · Fast access time (ns-regime)
- · Full FEoL CMOS compatibility
- Fine-grained co-integration with CMOS transistors
- · Only 2 structural DUV mask adder
- High scalability ( $L_G = 20 \text{ nm}$ )



- Ferroelectric HfO<sub>2</sub>
- Device characteristics
  - Memory window
  - Switching kinetics
  - · Size dependence
  - Reliability
  - · (Co)-Integration
- Ferroelectric FETs beyond memory
- > Conclusions

### **Memory window**





$$\mathsf{MW} = 2 \cdot \alpha \cdot E_C \cdot t_F$$

- $\triangleright$  Coercive field  $E_C$  relatively invariant
- Thickness of FE  $t_F$  can be increased



S. Migita et al., JJAP, 2018

 $t_{\rm E} = 20 \, \rm nm$ 

- 10<sup>-5</sup>

  10<sup>-6</sup>

  2.9 V

  10<sup>-8</sup>

  -1 0 1 2 3 4

  V<sub>G</sub> [V]

- $MW = 2 \cdot \alpha \cdot E_C \cdot t_F$
- $\triangleright$  Coercive field  $E_C$  relatively invariant
- $\triangleright$  Thickness of FE  $t_F$  can be increased
- MW up to 3 V is achieved
- Stable retention and endurance
- > Possibility of multi-level storage

H. Mulaosmanovic, IEEE T-ED, 2019

GlobalFoundries © 2021 All Rights Reserved

### **Memory window**



= 10 nm





Mulaosmanovic et al., Nanotechnology, 2021

#### $MW = 2 \cdot \alpha \cdot E_C \cdot t_F$



GlobalFoundries © 2021 All Rights Reserved

### **Memory window**





Kim et al., APL, 2014

Ali et al., IEDM, 2019

- Ferroelectric properties tend to rapidly degrade at higher film thicknesses
- Insertion of interlayers (e.g. AIO<sub>v</sub>) may contrast this degradation
- Penalty: integration complexity and larger operation voltage (e.g. 12 V)

GlobalFoundries © 2021 All Rights Reserved

### **Switching kinetics**

Mulaosmanovic et al, IEEE T-ED 67, 5804 (2020)





#### Amplitude variation



#### Pulse width variation



- Significant time-voltage switching dependency
- Trade-off: fast switching → larger amplitudes
- Sub-nanesecond switching demonstrated

GlobalFoundries © 2021 All Rights Reserved





Mulaosmanovic et al, ACS AMI 10, 23997 (2018) Mulaosmanovic et al, IEEE T-ED 67, 5804 (2020)

- > FeFETs undergo switching even upon sub-critical voltage pulses
- > Accumulative effect demonstrated over a broad range of electrical conditions
- Same physical laws governing both one-shot and accumulative switching

GlobalFoundries © 2021 All Rights Reserved

### **Size Dependency**

#### ➤ Large FeFETs:

- $W = 1 \mu m, L = 1 \mu m$
- Gradual switching between 2 states
- > 64 intermediate  $V_T$  states

#### ➤ Ultra-scaled FeFETs:

- W = 80 nm, L = 30 nm
- · Abrupt switching between 2 states
- · Apparently, no intermediate states

H. Mulaosmanovic et al., IEDM, 2015 H. Mulaosmanovic et al., EDTM, 2020



### **Stochastic switching**





- Time-voltage trade-off for ferroelectric switching
- Switching is a stochastic process!
- Unity slope over several decades in the mean  $t_{\text{SW}}$  vs. standard deviation ( $\sigma_{tSW}$ ) plot  $\rightarrow$  Poisson process

H. Mulaosmanovic et al., ACS AMI, 2017



### Reliability

#### **Charge trapping**



- > Screening of MW
- Long read latency
- Degradation of IL
- ➤ Endurance walk-out

#### **Cycling Endurance**



➤ Usually < 10<sup>6</sup> cycles



A. Tan, IEEE EDL, 2021

➤ But, some reports with > 10<sup>10</sup> cycles avalable

#### **Data Retention**



- Proper stack design → robust retention, even at T > 250°C
- ➤ Improper stack → depolarization



GlobalFoundries © 2021 All Rights Reserved

### **Integration**

**Planar** 





28 nm bulk

22 nm FDSOI



Trentzsch, IEDM, 2016

Dünkel, IEDM, 2017

**Vertical 3D** 





K. Florent, IEDM, 2018

#### Fin-FeFET

Omega-FeF<mark>ET</mark>







10<sup>4</sup> V<sub>0s</sub>=0.2V 2 10<sup>3</sup> 10<sup>3</sup> 10<sup>3</sup> 10<sup>-1</sup> 10<sup>-1</sup> 10<sup>-1</sup> 10<sup>-1</sup> 1.5 -1.0 -0.5 0.0 0.5 1.0 1.5

S. De, VLSI, 2021

Chen, IRPS, 2<mark>020</mark>

GlobalFoundries © 2021 All Rights Reserved

### 22 FDSOI FeFET: add-on functionality









- $\succ$  Back bias enables independent tuning of  $V_T$  (HVT and LVT)
- ➤ No polarization disturb
- > Targeting option for read out

H. Mulaosmanovic, Nanoscale, 2021



### 22 FDSOI FeFET: add-on functionality



- Back-gate can act as an independent read-out terminal
- Artificial increase of MW up to 12 V
- ➤ Enables easy V<sub>T</sub> distinction → 4 bit/cell storage
- ➤ Write and read paths are separated → no read disturb

4 bits/cell

H. Mulaosmanovic, Nanoscale, 2021

GlobalFoundries © 2021 All Rights Reserved

### **Co-Integration FeFET + CMOS**

24Mb 0.120μm2 SRAM yield >90% & CMOS within 10% on 28SLPe with FeFET technology



- FeFETs and logic FETs sharing the same active area
- 90 nm gate-to-gate distance







24 Mb D120 QRAM yield

- SRAM yield comparable to the high-volume production CMOS base platform
- Device matching is within 10% of the base platform
- · Can be further improved by target implants

S. Beyer et al., IMW, 2020



- Ferroelectric HfO<sub>2</sub>
- Device characteristics
  - Memory window
  - Switching kinetics
  - · Size dependence
  - · Reliability
  - · (Co)-Integration

#### > Ferroelectric FETs beyond memory

> Conclusions

### **Neuromorphic Computing**





- > Directly or remotely inspired by the computing in biological brains
- Main building blocks: synapses and neurons

### **Ferroelectric synapses**





- ➤ Polycrystalline HfO<sub>2</sub> → multi-domain ferroelectric
- ➤ Gradual switching → analog conductivity tuning
- Spike-timing dependent plasticity (STDP) demonstrated
- Suitable for analog weights in DNNs as well

H. Mulaosmanovic et al., VLSI, 2017

GlobalFoundries © 2021 All Rights Reserved

### **Artificial neurons with CMOS**

G. Indiveri et al., IEEE Trans. Neur. Net., 2006



- ightharpoonup Large capacitor  $C_{mem}$  for the integration of spikes occupies a significant area
- Mimicking of additional neuronal dynamics → dramatic increase of n. of transistors





W = 80 nm; L = 30 nm

- ➤ Integration of gate pulses → integration of spikes coming from other neurons
- ➤ Abrupt switching → firing



H. Mulaosmanovic et al., Nanoscale, 2018

GlobalFoundries © 2021 All Rights Reserved

### **Ferroelectric neurons**



W = 80 nm; L = 30 nm



- Stronger neuronal input signals induce higher firing frequency → firing rate tuning
- Refractory period can be arbitrarily tuned over several orders of magnitude to satisfy circuital requirements (e.g. real-time as well as accelerated-time neuronal dynamics)

H. Mulaosmanovic et al., Nanoscale, 2018

### **Random number generation**





- > Stream of equally probable "1" and "0"
- > Populations of "00", "01", "10" and "11" is nearly matched

H. Mulaosmanovic et al., IEEE EDL, 2018



GlobalFoundries © 2021 All Rights Reserved

### **Frequency multiplication**













- Tune the symmetry of FeFET's I<sub>D</sub>-V<sub>G</sub> by polarization switching and GIDL
- > Frequency multiplication is achieved

Mulaosmanovic et al., Nature Electron. 3, 2020

- > Introduction to Ferroelectric FETs
- Ferroelectric HfO<sub>2</sub>
- > Device characteristics
  - · Memory window
  - Switching kinetics
  - Size dependence
  - Reliability
  - · (Co)-Integration
- > Ferroelectric FETs beyond memory
- Conclusions

### **Conclusions**

- Ferroelectricity intrinsic memory functionality
- > FeFETs very attractive 1T memory solutions for embedded applications
- > Ferroelectric HfO<sub>2</sub> opens new opportunities for FeFETs
- Significant progress in device physics, integration, reliability, and scaling over the years
- Main switching mechanisms revealed
  - → important learning for retention, disturbs, endurance, array operation schemes
- Unconventional applications due to variety of switching patterns
  - → Neuromorphic; Reconfigurable logic-in-memory; Frequency manipulation; Security



#### **GF FeFET Team**

Dr. Sven Beyer

Dr. Stefan Dünkel

Dr. Johannes Müller

Dr. Martin Trentzsch

#### **Partners**







#### **Funding**



This work is funded by the Federal Ministry for Economics and Energy (BMWi) and by the State of Saxony in the framework "Important Project of Common European Interest (IPCEI)."

GlobalFoundries © 2021 All Rights Reserved



Shosuke Fujii Kioxia Corporation

Shosuke Fujii is a Chief Specialist at Kioxia Corporation, currently leading an emerging device technology team. He received the B.S. (2005) and M.S. (2007) degrees in materials science and engineering from Kyoto University, Japan. He joined Toshiba Corporation in 2007, where he was engaged in the research on reliability physics of MONOS memories. From 2009 to 2016, he was engaged in the research of emerging memory cell technology including resistive switching memory and ferroelectric memory. From 2016 to 2018, he was a visiting scholar in Stanford University, where he studied scaling effects of resistive switching memories. He is currently with Kioxia Corporation (renamed from Toshiba Memory Corporation), where he is engaged in research and development of emerging memory devices. He served as a technical committee member for memory reliability in IEEE IRPS in 2014 and 2015, and a tutorial lecturer in IEEE IRPS in 2016. He has been serving as a technical program committee member in VLSI Symposium since 2020.

### **Ferroelectric Tunnel Junction**

Shosuke Fujii KIOXIA

**KIOXIA** 

#### **Outline**

- 1. Ferroelectric tunnel junction
- 2. Ferroelectric HfO<sub>2</sub>-based tunnel junction
- 3. FTJ for emerging application
- 4. Summary

#### **Ferroelectric Tunnel Junction (FTJ)**

✓ Emerging memory that utilizes polarization reversal



→ Demonstration of BaTiO<sub>3</sub> FTJ



#### Mechanism of barrier modulation

- -Single barrier: Screening length of electrodes
- -Composite barrier: Paraelectric layer

L. Wang et al., Nano Letters, 16 (2016) p.3911 © 2016 American Chemical Society [1]

KIOXIA

**Switching Mechanism** 

### Depolarization field, E<sub>dep</sub>, modulates potential profile, inducing TER

#### 

#### Effect of E<sub>dep</sub> on FTJ TER

### **E**<sub>dep</sub> is the TER mechanism, but deceasing memory window

#### Ec > Edep required for stable polarization

$$E_c > E_{dep} = \frac{P}{\varepsilon_{FE}\varepsilon_0} \left(1 + \frac{\varepsilon_{PE}t_{FE}}{\varepsilon_{FE}t_{PE}}\right)^{-1}$$



#### Data reading further destabilizes the polarization

$$E_c > E_{dep} = \frac{P}{\varepsilon_{FE}\varepsilon_0} \left( 1 + \frac{\varepsilon_{PE}t_{FE}}{\varepsilon_{FE}t_{PE}} \right)^{-1} + \frac{\varepsilon_{PE}}{\varepsilon_{FE}t_{PE} + \varepsilon_{PE}t_{FE}} V_{read}$$



Voltage application is inevitable to obtain a sufficient amount of tunneling current, but it decreases the TER.

KIOXIA

#### TER considering data reading

### Precise stack design is needed to obtain a reasonable amount of TER

✓ FTJ with <u>THIN</u> PE

Weak modulation due to small  $E_{dep}$ .

→ Small TER

✓ FTJ with THICK PE

Larger voltage is needed for detectable read current, leading larger E<sub>dep</sub>.

→ Small TER



S. Fujii et al., *SSDM* (2021) p.117-118. © 2021 The Japan Society of Applied Physics [2]

#### **Memristive switching**

# Continuous resistance change due to nucleation and expansion of domains → Opportunity for emerging in-memory computing application



Boyn, S., Grollier, J., Lecerf, G. et al. Learning through ferroelectric domain dynamics in solid-state synapses. Nature Communications 8, 14736 (2017). [3] https://doi.org/10.1038/ncomms14736 https://creativecommons.org/licenses/by/4.0/

KIOXIA

#### **Outline**

- 1. Ferroelectric tunnel junction
- 2. Ferroelectric HfO<sub>2</sub>-based tunnel junction
- 3. FTJ for emerging application
- 4. Summary

#### Ferroelectric HfO<sub>2</sub>

- → First reported in 2011
- ✓ Most common high-k material in CMOS technology
- → HfO₂ with various dopant (Si, Y, etc), Hf₀,5Zr₀,5O₂
- 10nm or less (much thinner than conventional ferroelectric material such as PZT)

#### XRD of ferroelectric HfO<sub>2</sub>:



#### Displacement of O atoms contributes to ferroelectricity



S. Fujii et al., VLSI Tech. (2016) p.148. © 2016 IEEE [4]

KIOXIA

#### Combination of FTJ with HfO<sub>2</sub>

### HfO<sub>2</sub>-based FTJ: A CMOS compatible emerging non-volatile memory



#### **Recent Hafnia-FTJ research**

### Most of HfO<sub>2</sub>-FTJ research is on composite barrier structure

|                         | Fraunhofer                                                     | Namlab/Leti                           | UCB                                     | KAIST                          | SNU/SKH                                                      | IBM                  | U Tokyo                      | WD/UCB                                   |
|-------------------------|----------------------------------------------------------------|---------------------------------------|-----------------------------------------|--------------------------------|--------------------------------------------------------------|----------------------|------------------------------|------------------------------------------|
| Top<br>Electrode        | TiN                                                            | TiN                                   | W                                       | TiN                            | TiN                                                          | TiN                  | Al                           | Pt                                       |
| Ferro                   | HfZrO<br>4~8nm                                                 | HfZrO<br>10nm                         | HfZrO<br>1nm                            | HfZrO<br>~5nm                  | HfOx<br>6nm                                                  | HfZrO                | HfZrO<br>4nm                 | HfZrO<br>~2nm                            |
| Interface<br>layer (PE) | SiO <sub>2</sub><br>or Al <sub>2</sub> O <sub>3</sub><br>1~2nm | Al <sub>2</sub> O <sub>3</sub><br>2nm | SiO <sub>2</sub><br>1nm                 | Ta <sub>2</sub> O <sub>5</sub> | SiO <sub>2</sub><br>or Al <sub>2</sub> O <sub>3</sub><br>1nm | WOx                  | SiO <sub>2</sub><br>1nm      | Semicon<br>ductor                        |
| Bottom electrode        | Si-sub                                                         | TiN                                   | Si-sub                                  | TaN                            | Si-sub                                                       | TiN                  | Si-sub                       | LSMO                                     |
| Reference               | IEEE T-ED<br>2022 [5]                                          | IEEE<br>ISCAS<br>2021 [6]             | Adv.<br>Electron.<br>Mater.<br>2021 [7] | IEDM<br>2021<br>[8]            | Nanotech.<br>2021 [9]                                        | EDTM<br>2021<br>[10] | IEEE<br>JEDS<br>2018<br>[11] | Adv.<br>Electron.<br>Mater.<br>2021 [12] |

KIOXIA 11

#### Demonstration of HfO<sub>2</sub>-based FTJ: Device structure

#### Simple cross point structure

No current limiter, such as series resistor or transistor, is required



S. Fujii et al., *VLSI Tech*. (2016) p.148. © 2016 IEEE [4]

#### Demonstration of HfO<sub>2</sub>-based FTJ: Device performance

## FTJ performance is suitable for cross-point architecture



#### **Advantages**

- ✓ Low current operation
- ✓ Self compliance
- ✓ Large non-linearity
- ✓ Intrinsic diode
- → Suitable for cross-point architecture

S. Fujii et al., *VLSI Tech.* (2016) p.148. © 2016 IEEE [4]

KIOXIA

13

#### Distinguish from Resistive RAM and Trap Asist Tunneling

# Clear area scaling → Non-filamentary switching No switching without IL → Consistent with FTJ mechanism





S. Fujii et al., *VLSI Tech*. (2016) p.148. © 2016 IEEE [4]

#### **Device design for FTJ with composite barrier**

### Precise stack design is necessary for performance improvement



 $E_{dep} = \frac{P}{\varepsilon_{FE}} \left( 1 + \frac{\varepsilon_{IL} t_{FE}}{\varepsilon_{FE} t_{IL}} \right)^{-1} < E_{c}$  $t_{\it FE}$ : FE thickness,  $t_{\it IL}$ : IL thickness



© 2021 The Japan Society of Applied Physics [2]

KIOXIA

#### **Device design for FTJ with composite barrier**

### Thickness design is key for performance improvement



#### Thickness control technique: Remote scavenging

#### Remote scavenging process keeps IL thickness as designed



- -Scavenger Ti traps O during crystallization
- -IL thickness is kept as designed while suppressing monoclinic phase

S. Fujii et al., VLSI Technology 2020, p.1 © 2020 IEEE [13]

KIOXIA

17

#### Thickness control technique: Template-induced crystallization(TIC)

## TIC reduces crystallization temperature, keeping IL as designed



- -Crystallization temperature is lowered owing to the assist of template layer.
- -Low temperature PMA keeps PE thickness as designed.

### The improved FTJ shows large TER with low operation current



**Device performance** 

- -Analog resistance change
- -Low operation current
- -Low variability
- -State stability
- -Cycling endurance

n current is

S. Fujii et al., VLSI Technology 2020, p.1 © 2020 IEEE [13] Although low operation current is mandatory for future low power application, too small read current could degrade operation speed

KIOXIA

State stability: Long term data retention

## Stable polarization is achieved by decreasing E<sub>dep</sub>



-E<sub>dep</sub> is increased with IL thickness

-Thin IL with the assist of TL and remote scavenging achieves stable polarization

S. Fujii et al., VLSI Technology 2020, p.1 © 2020 IEEE [13]

KIOXIA

2

#### State stability: Short term relaxation

### Quick electron trapping in LRS immediately after programming



- A quick relaxation is observed after programming
- Electron trapping increases the effective barrier height

S. Fujii et al., VLSI Technology 2020, p.1 © 2020 IEEE [13]

KIOXIA

FE engineering for suppressing quick relaxation

### Quick relaxation is suppressed by FE process optimization



© 2021 The Japan Society of Applied Physics [2]

#### Endurance failure can be described as conventional breakdown model



- Endurance failure is caused by breakdown
- M. Yamaguchi et al., IRPS 2018, 6D.2 © 2018 IEEE [15]



- FTJ breakdown is well normalized by Weibull distribution
- Conventional percolation model is applicable

KIOXIA 23

#### Breakdown mechanism of the HfO<sub>2</sub> FTJ

### **Defects generation in IL determines breakdown**



- Weibull slope is independent of the FE thickness → IL determines the breakdown

M. Yamaguchi et al., IRPS 2020 © 2020 IEEE [16]

#### To improve the endurance

### MFS structure with no IL is promising, but difficult to realize it



KIOXIA 25

#### **Utilizing TIC for fabricating MFS structure**

## The TL improves controllability of stack structure



S. Fujii, VLSI Technology 2020, p.1 © 2020 IEEE [13]

#### MFS FTJ structure

### Novel process technologies could realize the MFS structure



The MFS FTJ using our novel process technologies could further improve operation current and endurance

S. Fujii et al., SSDM (2021) p.117-118. © 2021 The Japan Society of Applied Physics [2]

KIOXIA

27

#### **Outline**

- 1. Ferroelectric tunnel junction
- 2. Ferroelectric HfO<sub>2</sub>-based tunnel junction
- 3. FTJ for emerging applications
- 4. Summary

#### Memristive switching for emerging applications

### Analog resistance change can be utilized for emerging applications





KIOXIA

#### **Memristor-based reinforcement learning**

#### Reinforcement learning (RL)

# State **S**t Action ENVIRONMENT **AGENT**

## In-memory RL with memristive FTJ





 $s_i : a_{t+1} = \max(G_{ij})$ 

- Evaluate state  $\rightarrow$  execute action  $\rightarrow$  get reward Maximize the reward by learning
- Requires massive computation

R. Berdan et al., VLSI Tech. 2019, p.22 © 2019 IEEE [17]

#### In-memory reinforcement learning

## Path-finding demonstration using FTJ memristor crossbar



KIOXIA

#### Impact of variability and relaxation on learning performance

#### FTJ with moderate variability and reduced relaxation shows better performance





S. Fujii et al., VLSI Technology 2020, p.1 © 2020 IEEE [13]

#### **Vector Matrix Multiplication (VMM)**

### Linear computation using FTJ tunneling current



#### Low-power linear computation using nonlinear ferroelectric tunnel junction memristors

Radu Berdan <sup>1,2</sup> ✓, Takao Marukame <sup>1</sup>, Kensuke Ota³, Marina Yamaguchi³, Masumi Saitoh³, Shosuke Fujii3, Jun Deguchi2 and Yoshifumi Nishi1

Analogue in-memory computing using memristors could alleviate the performance constraints imposed by digital von Neumann systems in data-intensive tasks. Conventional linear memristors typically operate at high currents, potentially limiting power efficiency and scalability in practical applications. Here, we show that nonlinear ferroelectric tunnel junction memristors can perform linear computation at ultralow currents. Using logarithmic line drivers, we demonstrate that analogue-voltage-amplitude vector-matrix multiplication (VMM) can be performed in selectorless ferroelectric tunnel junction crossbars by exploiting a device nonlinearity factor that remains constant for multiple conductive states. We also show that our ferroelectric tunnel junction crossbars by exploiting and the conductive states. tion crossbars have the attributes required to scale analogue VMM-intensive applications, such as neural inference en towards energy efficiencies above 100 tera-operations per second per watt.

R. Berdan et al., Nature Electronics (2020) 259 © 2020 Springer Nature [18]



Tunneling current is proportional to conductive domain area, s.



Each state has the same  $\beta$  with different  $\alpha$ (effective conductive area).

**KIOXIA** 

#### **Conversion to linear I-V**

**KIOXIA** 

## VMM operation owing to low variability of FTJ



#### FTJ for emerging applications

Device performance required for various emerging applications are almost the same HfO<sub>2</sub> FTJ is suitable for those applications



KIOXIA 35

#### **Outline**

- 1. Ferroelectric tunnel junction
- 2. Ferroelectric HfO<sub>2</sub>-based tunnel junction
- 3. FTJ for emerging applications
- 4. Summary

#### Summary

#### **Ferroelectric tunnel junction**

- -Depolarization E<sub>dep</sub> is the TER mechanism.
- -Precise stack design is necessary for reasonable TER.
- -Continuous resistance change owing to nucleation and expansion of the domain.

#### HfO<sub>2</sub> FTJ

- -A CMOS compatible emerging memory, having low operation current, low variability, stable memory state, and analog resistance change.
- -Precise stack design can be realized by sophisticated process technologies
- -Cycling endurance and small read current could be improved using MFS structure

#### FTJ for emerging application

- -Analog resistance change with low variability opened an opportunity for emerging computing application, reinforcement learning and vector-matrix-multiplication.
- -Device performance required for various emerging applications are almost the same, and the HfO<sub>2</sub> FTJ is suitable for those applications.

Company names, product names, and service names may be trademarks of their respective companies.

KIOXIA

#### References

- [1] L. Wang, M. R. Cho, Y. J. Shin, J. R. Kim, S. Das, J-G. Yoon, J-S. Chung, and T. W. Noh, "Overcoming the Fundamental Barrier Thickness Limits of Ferroelectric Tunnel Junctions through BaTiO3/SrTiO3 Composite Barriers", Nano Letters, vol 6 (2016) p.3911-3918.
- [2] S. Fujii, M. Yamaguchi, S. Kabuyanagi, K. Ota, and M. Saitoh, "Hafnia-based Ferroelectric Tunnel Junction for Emerging Applications", SSDM 2021, p117-118.
- [3] S. Boyn, J. Grollier, G. Lecerf, et al. "Learning through ferroelectric domain dynamics in solid-state synapses", Nature Communications 8, 14736 (2017).
- [4] S. Fujii, Y. Kamimuta, T. Ino, Y. Nakasaki, R. Takaishi, and M. Saitoh, "First demonstration and performance improvement of ferroelectric HfO2-based resistive switch with low operation current and intrinsic diode property," 2016 IEEE Symposium on VLSI Technology, 2016, p.148-149.
- [5] A. Sünbül et al., "Optimizing Ferroelectric and Interface Layers in HZO-Based FTJs for Neuromorphic Applications," in IEEE Transactions on Electron Devices, vol. 69, no. 2, pp. 808-815 [6] E. Covi et al., "Ferroelectric Tunneling Junctions for Edge Computing," 2021 IEEE International Symposium on Circuits and Systems (ISCAS), 2021, pp. 1-5 [7] Cheema, S. S., Shanker, N., Hsu, C.-H., Datar, A., Bae, J., Kwon, D., Salahuddin, S., One Nanometer HfO2-Based Ferroelectric Tunnel Junctions on Silicon. Adv. Electron. Mater. 2021,

- [8] Y. Goh, et al., "High Performance and Self-rectifying Hafnia-based Ferroelectric Tunnel Junction for Neuromorphic Computing and TCAM Applications", 2021 IEEE International Electron Devices Meeting (IEDM), 2021 p.378-381
- [9] Kyung Kyu Min et al, "Interlayer engineering for enhanced ferroelectric tunnel junction operations in HfO,-based metal-ferroelectric-insulator-semiconductor stack", 2021 Nanotechnology 32 495203
- [10] L. Bégon-Lours et al., "A BEOL Compatible, 2-Terminals, Ferroelectric Analog Non-Volatile Memory," 2021 5th IEEE Electron Devices Technology & Manufacturing Conference (EDTM),
- [11] M. Kobayashi, Y. Tagawa, F. Mo, T. Saraya and T. Hiramoto, "Ferroelectric HfO2 Tunnel Junction Memory With High TER and Multi-Level Operation Featuring Metal Replacement Process," in IEEE Journal of the Electron Devices Society, vol. 7, pp. 134-139
- [12] Prasad, B., Thakare, V., Kalitsov, A., Zhang, Z., Terris, B., Ramesh, R., Large Tunnel Electroresistance with Ultrathin Hf0.5Zr0.5O2 Ferroelectric Tunnel Barriers. Adv. Electron. Mater. 2021, 7 2001074 [13] S. Fujii, M. Yamaguchi, S. Kabuyanagi, K. Ota, and M. Saitoh, "Improved state stability of HfO2 ferroelectric tunnel junction by template-induced crystallization and remote scavenging
- for efficient in-memory reinforcement learning", 2020 IEEE Symposium on VLSI Technology, 2020, p.1-2 [14] S. Kabuyanagi, S. Fujii, K. Usuda, M. Yamaguchi, T. Ino, Y. Nakasaki, R. Takaishi, Y. Kamimuta, M. Saitoh, "Performance improvement by template-induced crystallization in ferroelectric
- HfO2 tunnel junction memory for cross-point high-density application", SSDM (2018) p.205. [15] M. Yamaguchi, S. Fujii, Y. Kamimuta, S. Kabuyanagi, T. Ino, Y. Nakasaki, R. Takaishi, R. Ichihara, M. Saitoh, "Impact of specific failure mechanisms on endurance improvement for HfO2-
- based ferroelectric tunnel junction memory", IEEE International Reliability Physics Symposium (IRPS), 2018, p. 6D2.1-6D2.6.
- [16] M. Yamaguchi, S. Fujii, K. Ota and M. Śaitoh, "Breakdown Lifetime Analysis of HfO2-based Ferroelectric Tunnel Junction (FTJ) Memory for In-Memory Reinforcement Learning," 2020 IEEE International Reliability Physics Symposium (IRPS), 2020, pp. 1-6
- [17] R. Berdan, T. Marukame, S. Kabuyanagi, K. Ota, M. Saitoh, S. Fujii, J. Deguchi, and Y. Nishi, "In-memory reinforcement learning with moderately-stochastic conductance switching of ferroelectric tunnel junction", 2019 Symposium on VLSI Technology, 2019, p.22-23
- [18] R. Berdan, T. Marukame, K. Ota, M. Yamaguchi, M. Saitoh, S. Fújii, J. Deguchi, and Y. Nishi, "Low-power linear computation using nonlinear ferroelectric tunnel junction memristors", Nature Electronics, vol 3 (2020) p. 259-266.



Onur Mutlu ETH Zurich

Onur Mutlu is a Professor of Computer Science at ETH Zurich. He is also a faculty member at Carnegie Mellon University, where he previously held the Strecker Early Career Professorship. His current broader research interests are in computer architecture, systems, hardware security, and bioinformatics. A variety of techniques he, along with his group and collaborators, has invented over the years have influenced industry and have been employed in commercial microprocessors and memory/storage systems. He obtained his PhD and MS in ECE from the University of Texas at Austin and BS degrees in Computer Engineering and Psychology from the University of Michigan, Ann Arbor. He started the Computer Architecture Group at Microsoft Research (2006-2009) and held various product and research positions at Intel Corporation, Advanced Micro Devices, VMware, and Google. He received the Intel Outstanding Researcher Award, IEEE High Performance Computer Architecture Test of Time Award, the IEEE Computer Society Edward J. McCluskey Technical Achievement Award, ACM SIGARCH Maurice Wilkes Award, the inaugural IEEE Computer Society Young Computer Architect Award, the inaugural Intel Early Career Faculty Award, US National Science Foundation CAREER Award, Carnegie Mellon University Ladd Research Award, faculty partnership awards from various companies, and a healthy number of best paper or "Top Pick" paper recognitions at various computer systems, architecture, and security venues. He is an ACM Fellow "for contributions to computer architecture research, especially in memory systems", IEEE Fellow for "contributions to computer architecture research and practice", and an elected member of the Academy of Europe (Academia Europaea). His computer architecture and digital logic design course lectures and materials are freely available on YouTube (https://www.youtube.com/OnurMutluLectures), and his research group makes a wide variety of software and hardware artifacts freely available online (<a href="https://safari.ethz.ch/">https://safari.ethz.ch/</a>). For more information, please see his webpage at <a href="https://people.inf.ethz.ch/omutlu/">https://people.inf.ethz.ch/omutlu/</a>.

# Security Aspects of DRAM The Story of RowHammer

Onur Mutlu

omutlu@gmail.com

https://people.inf.ethz.ch/omutlu

15 May 2022 IMW Tutorial

SAFARI



Carnegie Mellon

How Reliable/Secure/Safe is This Bridge?



# Collapse of the "Galloping Gertie"



SAFARI

Source: AP http://www.wsdot.wa.gov/tnbhistory/connections/connections3.htm 3

# How Secure Are These People?



## Security is about preventing unforeseen consequences

## What Is RowHammer?

- One can predictably induce bit flips in commodity DRAM chips
  - □ >80% of the tested DRAM chips are vulnerable
- First example of how a simple hardware failure mechanism can create a widespread system security vulnerability

WIRED

TWEET

Forget Software-Now Hackers Are Exploiting Physics

SHARE

FORGET SOFTWARE—NOW
HACKERS ARE EXPLOITING
PHYSICS

# An "Early" Position Paper [IMW'13]

Onur Mutlu,
 "Memory Scaling: A Systems Architecture Perspective"
 Proceedings of the 5th International Memory
 Workshop (IMW), Monterey, CA, May 2013. Slides
 (pptx) (pdf)
 EETimes Reprint

## Memory Scaling: A Systems Architecture Perspective

Onur Mutlu
Carnegie Mellon University
onur@cmu.edu
http://users.ece.cmu.edu/~omutlu/

# The DRAM Scaling Problem

- DRAM stores charge in a capacitor (charge-based memory)
  - Capacitor must be large enough for reliable sensing
  - Access transistor should be large enough for low leakage and high retention time
  - Scaling beyond 40-35nm (2013) is challenging [ITRS, 2009]



DRAM capacity, cost, and energy/power hard to scale

SAFARI 7

# As Memory Scales, It Becomes Unreliable

- Data from all of Facebook's servers worldwide
- Meza+, "Revisiting Memory Errors in Large-Scale Production Data Centers," DSN'15.



# Large-Scale Failure Analysis of DRAM Chips

- Analysis and modeling of memory errors found in all of Facebook's server fleet
- Justin Meza, Qiang Wu, Sanjeev Kumar, and Onur Mutlu, "Revisiting Memory Errors in Large-Scale Production Data Centers: Analysis and Modeling of New Trends from the Field" Proceedings of the 45th Annual IEEE/IFIP International Conference on Dependable Systems and Networks (DSN), Rio de Janeiro, Brazil, June 2015.

[Slides (pptx) (pdf)] [DRAM Error Model]

## Revisiting Memory Errors in Large-Scale Production Data Centers: Analysis and Modeling of New Trends from the Field

Justin Meza Qiang Wu\* Sanjeev Kumar\* Onur Mutlu Carnegie Mellon University \* Facebook, Inc.

SAFARI

9

## Infrastructures to Understand Such Issues



Flipping Bits in Memory Without Accessing Them: An Experimental Study of DRAM Disturbance Errors (Kim et al., ISCA 2014)

Adaptive-Latency DRAM: Optimizing DRAM Timing for the Common-Case (Lee et al., HPCA 2015)

AVATAR: A Variable-Retention-Time (VRT)

Aware Refresh for DRAM Systems (Qureshi et al., DSN 2015)

An Experimental Study of Data Retention Behavior in Modern DRAM Devices: Implications for Retention Time Profiling Mechanisms (Liu et al., ISCA 2013)

The Efficacy of Error Mitigation Techniques for DRAM Retention Failures: A

Comparative Experimental Study
(Khan et al., SIGMETRICS 2014)



## Infrastructures to Understand Such Issues



SAFARI

Kim+, "Flipping Bits in Memory Without Accessing Them: An Experimental Study of DRAM Disturbance Errors," ISCA 2014.

11

# SoftMC: Open Source DRAM Infrastructure

- Hasan Hassan et al., "SoftMC: A Flexible and Practical Open-Source Infrastructure for Enabling Experimental DRAM Studies," HPCA 2017.
- Flexible
- Easy to Use (C++ API)
- Open-source github.com/CMU-SAFARI/SoftMC



SAFARI 12

## SoftMC: Open Source DRAM Infrastructure

https://github.com/CMU-SAFARI/SoftMC

# SoftMC: A Flexible and Practical Open-Source Infrastructure for Enabling Experimental DRAM Studies

Hasan Hassan $^{1,2,3}$  Nandita Vijaykumar $^3$  Samira Khan $^{4,3}$  Saugata Ghose $^3$  Kevin Chang $^3$  Gennady Pekhimenko $^{5,3}$  Donghyuk Lee $^{6,3}$  Oguz Ergin $^2$  Onur Mutlu $^{1,3}$ 

 $^1ETH$  Zürich  $^2TOBB$  University of Economics & Technology  $^3C$  arnegie Mellon University  $^4U$ niversity of Virginia  $^5M$ icrosoft Research  $^6NVIDIA$  Research

SAFARI 13

# SoftMC: Open Source DRAM Infrastructure

https://github.com/CMU-SAFARI/SoftMC

# SoftMC: A Flexible and Practical Open-Source Infrastructure for Enabling Experimental DRAM Studies

Hasan Hassan  $^{1,2,3}$  Nandita Vijaykumar  $^3$  Samira Khan  $^{4,3}$  Saugata Ghose  $^3$  Kevin Chang  $^3$  Gennady Pekhimenko  $^{5,3}$  Donghyuk Lee $^{6,3}$  Oguz Ergin  $^2$  Onur Mutlu  $^{1,3}$ 

<sup>1</sup>ETH Zürich <sup>2</sup>TOBB University of Economics & Technology <sup>3</sup>Carnegie Mellon University <sup>4</sup>University of Virginia <sup>5</sup>Microsoft Research <sup>6</sup>NVIDIA Research

SAFARI 1-

# Data Retention in Memory [Liu et al., ISCA 2013]

Retention Time Profile of DRAM looks like this:

64-128ms

>256ms

128-256ms

**Stored value pattern** dependent **Time** dependent

SAFARI

Liu+, "RAIDR: Retention-Aware Intelligent DRAM Refresh," ISCA 2012.

15

## RAIDR: Heterogeneous Refresh [ISCA'12]

Jamie Liu, Ben Jaiyen, Richard Veras, and Onur Mutlu, "RAIDR: Retention-Aware Intelligent DRAM Refresh" Proceedings of the <u>39th International Symposium on</u> <u>Computer Architecture</u> (ISCA), Portland, OR, June 2012. <u>Slides (pdf)</u>

## RAIDR: Retention-Aware Intelligent DRAM Refresh

Jamie Liu Ben Jaiyen Richard Veras Onur Mutlu Carnegie Mellon University

# Analysis of Data Retention Failures [ISCA'13]

Jamie Liu, Ben Jaiyen, Yoongu Kim, Chris Wilkerson, and Onur Mutlu, "An Experimental Study of Data Retention Behavior in Modern DRAM **Devices: Implications for Retention Time Profiling Mechanisms**" Proceedings of the 40th International Symposium on Computer Architecture (ISCA), Tel-Aviv, Israel, June 2013. Slides (ppt) Slides (pdf)

## An Experimental Study of Data Retention Behavior in **Modern DRAM Devices:** Implications for Retention Time Profiling Mechanisms

Jamie Liu Carnegie Mellon University 5000 Forbes Ave. Pittsburgh, PA 15213 jamiel@alumni.cmu.edu

Ben Jaiyen Carnegie Mellon University 5000 Forbes Ave. Pittsburgh, PA 15213 bjaiyen@alumni.cmu.edu

Yoongu Kim Carnegie Mellon University 5000 Forbes Ave. Pittsburgh, PA 15213 yoonguk@ece.cmu.edu

Chris Wilkerson **Intel Corporation** 2200 Mission College Blvd. Santa Clara, CA 95054 chris.wilkerson@intel.com

Onur Mutlu Carnegie Mellon University 5000 Forbes Ave. Pittsburgh, PA 15213 onur@cmu.edu

## Mitigation of Retention Issues [SIGMETRICS'14]

Samira Khan, Donghyuk Lee, Yoongu Kim, Alaa Alameldeen, Chris Wilkerson, and Onur Mutlu,

"The Efficacy of Error Mitigation Techniques for DRAM Retention Failures: A Comparative Experimental Study"

Proceedings of the ACM International Conference on Measurement and Modeling of Computer Systems (SIGMETRICS), Austin, TX, June 2014. [Slides (pptx) (pdf)] [Poster (pptx) (pdf)] [Full data sets]

## The Efficacy of Error Mitigation Techniques for DRAM Retention Failures: A Comparative Experimental Study

Samira Khan<sup>†</sup>∗ samirakhan@cmu.edu

Donghyuk Lee<sup>†</sup> donghyuk1@cmu.edu

Yoongu Kim<sup>†</sup> yoongukim@cmu.edu

Alaa R. Alameldeen\* alaa.r.alameldeen@intel.com chris.wilkerson@intel.com

Chris Wilkerson\*

Onur Mutlu† onur@cmu.edu

<sup>†</sup>Carnegie Mellon University

\*Intel Labs

## Mitigation of Retention Issues [DSN'15]

 Moinuddin Qureshi, Dae Hyun Kim, Samira Khan, Prashant Nair, and Onur Mutlu,

"AVATAR: A Variable-Retention-Time (VRT) Aware Refresh for DRAM Systems"

Proceedings of the <u>45th Annual IEEE/IFIP International Conference on</u> <u>Dependable Systems and Networks</u> (**DSN**), Rio de Janeiro, Brazil, June 2015.

[Slides (pptx) (pdf)]

# AVATAR: A Variable-Retention-Time (VRT) Aware Refresh for DRAM Systems

Moinuddin K. Qureshi<sup>†</sup> Dae-Hyun Kim<sup>†</sup>

Georgia Institute of Technology

{moin, dhkim, pnair6}@ece.gatech.edu

Samira Khan‡

Prashant J. Nair<sup>†</sup> Onur Mutlu<sup>‡</sup>

<sup>‡</sup>Carnegie Mellon University

{samirakhan, onur}@cmu.edu

19

SAFARI SAFARI

# Mitigation of Retention Issues [DSN'16]

 Samira Khan, Donghyuk Lee, and Onur Mutlu,
 "PARBOR: An Efficient System-Level Technique to Detect Data-Dependent Failures in DRAM"

Proceedings of the <u>45th Annual IEEE/IFIP International Conference on</u>
<u>Dependable Systems and Networks</u> (**DSN**), Toulouse, France, June 2016.
[Slides (pptx) (pdf)]

# PARBOR: An Efficient System-Level Technique to Detect Data-Dependent Failures in DRAM

Samira Khan\* Donghyuk Lee<sup>†‡</sup>
\*University of Virginia <sup>†</sup>Carnegie Mellon University

Onur Mutlu\*†

\*Nvidia \*ETH Zürich

SAFARI

# Mitigation of Retention Issues [MICRO'17]

 Samira Khan, Chris Wilkerson, Zhe Wang, Alaa R. Alameldeen, Donghyuk Lee, and Onur Mutlu,

"Detecting and Mitigating Data-Dependent DRAM Failures by Exploiting Current Memory Content"

Proceedings of the <u>50th International Symposium on Microarchitecture</u> (**MICRO**), Boston, MA, USA, October 2017.

[Slides (pptx) (pdf)] [Lightning Session Slides (pptx) (pdf)] [Poster (pptx) (pdf)]

# Detecting and Mitigating Data-Dependent DRAM Failures by Exploiting Current Memory Content

Samira Khan\* Chris Wilkerson<sup>†</sup> Zhe Wang<sup>†</sup> Alaa R. Alameldeen<sup>†</sup> Donghyuk Lee<sup>‡</sup> Onur Mutlu\*

\*University of Virginia <sup>†</sup>Intel Labs <sup>‡</sup>Nvidia Research \*ETH Zürich

#### SAFARI

# Mitigation of Retention Issues [ISCA'17]

- Minesh Patel, Jeremie S. Kim, and Onur Mutlu,
   "The Reach Profiler (REAPER): Enabling the Mitigation of DRAM
   Retention Failures via Profiling at Aggressive Conditions"
   Proceedings of the 44th International Symposium on Computer
   Architecture (ISCA), Toronto, Canada, June 2017.
   [Slides (pptx) (pdf)]
   [Lightning Session Slides (pptx) (pdf)]
- First experimental analysis of (mobile) LPDDR4 chips
- Analyzes the complex tradeoff space of retention time profiling
- Idea: enable fast and robust profiling at higher refresh intervals & temperatures

## The Reach Profiler (REAPER): Enabling the Mitigation of DRAM Retention Failures via Profiling at Aggressive Conditions

Minesh Patel<sup>§‡</sup> Jeremie S. Kim<sup>‡§</sup> Onur Mutlu<sup>§‡</sup> ETH Zürich <sup>‡</sup>Carnegie Mellon University

# Mitigation of Retention Issues [DSN'19]

Minesh Patel, Jeremie S. Kim, Hasan Hassan, and Onur Mutlu, "Understanding and Modeling On-Die Error Correction in Modern DRAM: An Experimental Study Using Real Devices" Proceedings of the 49th Annual IEEE/IFIP International Conference on Dependable Systems and Networks (DSN), Portland, OR, USA, June 2019.

[Source Code for EINSim, the Error Inference Simulator] **Best paper award.** 

# Understanding and Modeling On-Die Error Correction in Modern DRAM: An Experimental Study Using Real Devices

Minesh Patel $^{\dagger}$  Jeremie S. Kim $^{\ddagger\dagger}$  Hasan Hassan $^{\dagger}$  Onur Mutlu $^{\dagger\ddagger}$   $^{\dagger}ETH$  Zürich  $^{\ddagger}Carnegie$  Mellon University

#### SAFARI

# Mitigation of Retention Issues [MICRO'20]

Minesh Patel, Jeremie S. Kim, Taha Shahroodi, Hasan Hassan, and Onur Mutlu,
 "Bit-Exact ECC Recovery (BEER): Determining DRAM On-Die ECC
 Functions by Exploiting DRAM Data Retention Characteristics"

Proceedings of the 53rd International Symposium on

Microarchitecture (MICRO), Virtual, October 2020.

[Slides (pptx) (pdf)]

[Lightning Talk Slides (pptx) (pdf)]

[Talk Video (15 minutes)]

[Lightning Talk Video (1.5 minutes)]

Best paper award.

# Bit-Exact ECC Recovery (BEER): Determining DRAM On-Die ECC Functions by Exploiting DRAM Data Retention Characteristics

Minesh Patel $^{\dagger}$  Jeremie S. Kim $^{\ddagger\dagger}$  Taha Shahroodi $^{\dagger}$  Hasan Hassan $^{\dagger}$  Onur Mutlu $^{\dagger\ddagger}$   $^{\dagger}$ ETH Zürich  $^{\ddagger}$ Carnegie Mellon University

## Mitigation of Retention Issues [MICRO'21]

Minesh Patel, Geraldo F. de Oliveira Jr., and Onur Mutlu,
 "HARP: Practically and Effectively Identifying Uncorrectable Errors in Memory Chips That Use On-Die Error-Correcting Codes"

Proceedings of the <u>54th International Symposium on Microarchitecture</u> (**MICRO**), Virtual, October 2021.

[Slides (pptx) (pdf)]

[Short Talk Slides (pptx) (pdf)]

[Lightning Talk Slides (pptx) (pdf)]

[Talk Video (20 minutes)]

[Lightning Talk Video (1.5 minutes)]

[HARP Source Code (Officially Artifact Evaluated with All Badges)]



# HARP: Practically and Effectively Identifying Uncorrectable Errors in Memory Chips That Use On-Die Error-Correcting Codes

Minesh Patel ETH Zürich Geraldo F. Oliveira ETH Zürich Onur Mutlu ETH Zürich

25

## More on DRAM Refresh & Data Retention



## SoftMC: Enabling DRAM Infrastructure

Hasan Hassan et al., "SoftMC: A Flexible and Practical Open-Source Infrastructure for Enabling Experimental DRAM Studies," HPCA 2017.

- Flexible
- Easy to Use (C++ API)
- Open-source github.com/CMU-SAFARI/SoftMC



SAFARI 27

# A Curious Phenomenon

# One can predictably induce errors in most DRAM memory chips

29 SAFARI

## DRAM RowHammer

# A simple hardware failure mechanism can create a widespread system security vulnerability



Forget Software—Now Hackers Are Exploiting Physics

BUSINESS CULTURE DESIGN GEAR SCIENCE

SHARE





# FORGET SOFTWARE—NOW HACKERS ARE EXPLOITING

## Modern DRAM is Prone to Disturbance Errors



Repeatedly reading a row enough times (before memory gets refreshed) induces disturbance errors in adjacent rows in most real DRAM chips you can buy today

Flipping Bits in Memory Without Accessing Them: An Experimental Study of DRAM Disturbance Errors, (Kim et al., ISCA 2014)

31

## Most DRAM Modules Are Vulnerable

A company

**B** company

C company

**86%**(37/43)

**83%**(45/54)

**88%** (28/32)

Up to

1.0×10<sup>7</sup>

errors

Up to

2.7×10<sup>6</sup>
errors

Up to

3.3×10<sup>5</sup>
errors

## Recent DRAM Is More Vulnerable



All modules from 2012-2013 are vulnerable

A Simple Program Can Induce Many Errors







33

Download from: https://github.com/CMU-SAFARI/rowhammer

# A Simple Program Can Induce Many Errors







- 1. Avoid cache hits
  - Flush X from cache
- 2. Avoid *row hits* to X
  - Read Y in another row



Download from: https://github.com/CMU-SAFARI/rowhammer

# A Simple Program Can Induce Many Errors







```
loop:
  mov (X), %eax
  mov (Y), %ebx
  clflush (X)
  clflush (Y)
  mfence
  jmp loop
```



Download from: https://github.com/CMU-SAFARI/rowhammer

# A Simple Program Can Induce Many Errors





```
loop:
  mov (X), %eax
  mov (Y), %ebx
  clflush (X)
  clflush (Y)
  mfence
  jmp loop
```



Download from: https://github.com/CMU-SAFARI/rowhammer

# A Simple Program Can Induce Many Errors







```
loop:
  mov (X), %eax
  mov (Y), %ebx
  clflush (X)
  clflush (Y)
  mfence
  jmp loop
```



Download from: https://github.com/CMU-SAFARI/rowhammer

# Observed Errors in Real Systems

| CPU Architecture          | Errors | Access-Rate |
|---------------------------|--------|-------------|
| Intel Haswell (2013)      | 22.9K  | 12.3M/sec   |
| Intel Ivy Bridge (2012)   | 20.7K  | 11.7M/sec   |
| Intel Sandy Bridge (2011) | 16.1K  | 11.6M/sec   |
| AMD Piledriver (2012)     | 59     | 6.1M/sec    |

## A real reliability & security issue

Kim+, "Flipping Bits in Memory Without Accessing Them: An Experimental Study of DRAM Disturbance Errors," ISCA 2014.

39

## One Can Take Over an Otherwise-Secure System

# Flipping Bits in Memory Without Accessing Them: An Experimental Study of DRAM Disturbance Errors

Abstract. Memory isolation is a key property of a reliable and secure computing system — an access to one memory address should not have unintended side effects on data stored in other addresses. However, as DRAM process technology

# Project Zero

Flipping Bits in Memory Without Accessing Them:
An Experimental Study of DRAM Disturbance Errors
(Kim et al., ISCA 2014)

News and updates from the Project Zero team at Google

Exploiting the DRAM rowhammer bug to gain kernel privileges (Seaborn, 2015)

Monday, March 9, 2015

Exploiting the DRAM rowhammer bug to gain kernel privileges

# RowHammer Security Attack Example

- "Rowhammer" is a problem with some recent DRAM devices in which repeatedly accessing a row of memory can cause bit flips in adjacent rows (Kim et al., ISCA 2014).
  - Flipping Bits in Memory Without Accessing Them: An Experimental Study of DRAM Disturbance Errors (Kim et al., ISCA 2014)
- We tested a selection of laptops and found that a subset of them exhibited the problem.
- We built two working privilege escalation exploits that use this effect.
  - Exploiting the DRAM rowhammer bug to gain kernel privileges (Seaborn+, 2015)
- One exploit uses rowhammer-induced bit flips to gain kernel privileges on x86-64 Linux when run as an unprivileged userland process.
- When run on a machine vulnerable to the rowhammer problem, the process was able to induce bit flips in page table entries (PTEs).
- It was able to use this to gain write access to its own page table, and hence gain read-write access to all of physical memory.

Exploiting the DRAM rowhammer bug to gain kernel privileges (Seaborn & Dullien, 2015)

41

# Security Implications



#### Security Implications



It's like breaking into an apartment by repeatedly slamming a neighbor's door until the vibrations open the door you were after

#### More Security Implications (I)



Rowhammer.js: A Remote Software-Induced Fault Attack in JavaScript (DIMVA'16)

#### More Security Implications (II)



Drammer: Deterministic Rowhammer
Attacks on Mobile Platforms, CCS'16 45

Source: https://fossbytes.com/drammer-rowhammer-attack-android-root-devices/

#### More Security Implications (III)

 Using an integrated GPU in a mobile system to remotely escalate privilege via the WebGL interface. IEEE S&P 2018



"GRAND PWNING UNIT" —

# Drive-by Rowhammer attack uses GPU to compromise an Android phone

JavaScript based GLitch pwns browsers by flipping bits inside memory chips.

**DAN GOODIN - 5/3/2018, 12:00 PM** 

## Grand Pwning Unit: Accelerating Microarchitectural Attacks with the GPU

Pietro Frigo Vrije Universiteit Amsterdam p.frigo@vu.nl Cristiano Giuffrida Vrije Universiteit Amsterdam giuffrida@cs.vu.nl Herbert Bos Vrije Universiteit Amsterdam herbertb@cs.vu.nl Kaveh Razavi Vrije Universiteit Amsterdam kaveh@cs.vu.nl

#### More Security Implications (IV)

Rowhammer over RDMA (I) USENIX ATC 2018



BIZ & IT

SCIENCE POLICY

CARS GAMING & CULTURE

#### Packets over a LAN are all it takes to trigger serious Rowhammer bit flips

The bar for exploiting potentially serious DDR weakness keeps getting lower.

**DAN GOODIN - 5/10/2018, 5:26 PM** 

#### Throwhammer: Rowhammer Attacks over the Network and Defenses

Andrei Tatar VU Amsterdam Radhesh Krishnan VU Amsterdam

> Herbert Bos VU Amsterdam

Elias Athanasopoulos University of Cyprus

> Kaveh Razavi VU Amsterdam

Cristiano Giuffrida VU Amsterdam

#### More Security Implications (V)

Rowhammer over RDMA (II)



Nethammer—Exploiting DRAM Rowhammer Bug Through **Network Requests** 



#### Nethammer: **Inducing Rowhammer Faults through Network Requests**

Moritz Lipp Graz University of Technology

Daniel Gruss Graz University of Technology Misiker Tadesse Aga University of Michigan

Clémentine Maurice Univ Rennes, CNRS, IRISA

Michael Schwarz Graz University of Technology

Lukas Raab Graz University of Technology

Lukas Lamster Graz University of Technology

#### More Security Implications (VI)

IEEE S&P 2020



# RAMBleed: Reading Bits in Memory Without Accessing Them

Andrew Kwong University of Michigan ankwong@umich.edu Daniel Genkin

University of Michigan
genkin@umich.edu

Daniel Gruss

Graz University of Technology
daniel.gruss@iaik.tugraz.at

Yuval Yarom
University of Adelaide and Data61
yval@cs.adelaide.edu.au

#### More Security Implications (VII)

USENIX Security 2019

Terminal Brain Damage: Exposing the Graceless Degradation in Deep Neural Networks Under Hardware Fault Attacks

Sanghyun Hong, Pietro Frigo<sup>†</sup>, Yiğitcan Kaya, Cristiano Giuffrida<sup>†</sup>, Tudor Dumitraş

University of Maryland, College Park

†Vrije Universiteit Amsterdam



#### A Single Bit-flip Can Cause Terminal Brain Damage to DNNs

One specific bit-flip in a DNN's representation leads to accuracy drop over 90%

Our research found that a specific bit-flip in a DNN's bitwise representation can cause the accuracy loss up to 90%, and the DNN has 40-50% parameters, on average, that can lead to the accuracy drop over 10% when individually subjected to such single bitwise corruptions...

**Read More** 

#### More Security Implications (VIII)

USENIX Security 2020

#### DeepHammer: Depleting the Intelligence of Deep Neural Networks through Targeted Chain of Bit Flips

Fan Yao
University of Central Florida
fan.yao@ucf.edu

Adnan Siraj Rakin Deliang Fan Arizona State University asrakin@asu.edu dfan@asu.edu

#### Degrade the **inference accuracy** to the level of **Random Guess**

Example: ResNet-20 for CIFAR-10, 10 output classes

Before attack, Accuracy: 90.2% After attack, Accuracy: ~10% (1/10)



#### More Security Implications (IX)

Rowhammer on MLC NAND Flash (based on [Cai+, HPCA 2017])



**Security** 

### Rowhammer RAM attack adapted to hit flash storage

Project Zero's two-year-old dog learns a new trick

By Richard Chirgwin 17 Aug 2017 at 04:27

17 📮 SHARE ▼

From random block corruption to privilege escalation: A filesystem attack vector for rowhammer-like attacks

#### More Security Implications?



53

#### A RowHammer Survey Across the Stack

Onur Mutlu and Jeremie Kim,

"RowHammer: A Retrospective"

<u>IEEE Transactions on Computer-Aided Design of Integrated Circuits and Systems</u> (**TCAD**) Special Issue on Top Picks in Hardware and Embedded Security, 2019.

[Preliminary arXiv version]

[Slides from COSADE 2019 (pptx)]

[Slides from VLSI-SOC 2020 (pptx) (pdf)]

[Talk Video (1 hr 15 minutes, with Q&A)]

#### RowHammer: A Retrospective

Onur Mutlu<sup>§‡</sup> Jeremie S. Kim<sup>‡§</sup> §ETH Zürich <sup>‡</sup>Carnegie Mellon University

#### Understanding RowHammer

#### First RowHammer Analysis

 Yoongu Kim, Ross Daly, Jeremie Kim, Chris Fallin, Ji Hye Lee, Donghyuk Lee, Chris Wilkerson, Konrad Lai, and Onur Mutlu,

<u>"Flipping Bits in Memory Without Accessing Them: An Experimental Study of DRAM Disturbance Errors"</u>

Proceedings of the <u>41st International Symposium on Computer Architecture</u> (**ISCA**), Minneapolis, MN, June 2014.

[Slides (pptx) (pdf)] [Lightning Session Slides (pptx) (pdf)] [Source Code and Data] [Lecture Video (1 hr 49 mins), 25 September 2020]

One of the 7 papers of 2012-2017 selected as Top Picks in Hardware and Embedded Security for IEEE TCAD (<u>link</u>).

#### Flipping Bits in Memory Without Accessing Them: An Experimental Study of DRAM Disturbance Errors

Yoongu Kim<sup>1</sup> Ross Daly\* Jeremie Kim<sup>1</sup> Chris Fallin\* Ji Hye Lee<sup>1</sup> Donghyuk Lee<sup>1</sup> Chris Wilkerson<sup>2</sup> Konrad Lai Onur Mutlu<sup>1</sup>

<sup>1</sup>Carnegie Mellon University <sup>2</sup>Intel Labs

56

#### RowHammer Infrastructure (2012-2014)



SAFARI

Kim+, "Flipping Bits in Memory Without Accessing Them: An Experimental Study of DRAM Disturbance Errors," ISCA 2014.

57

Tested **DRAM** Modules from 2008-2014

(129 total)

|              | Modula             | $Date^*$       | Timing <sup>†</sup> |                      | Organization |       | Chip                   |            |                          | Victims-per-Module                          |                                         |                                         | $RI_{th}$ (ms) |
|--------------|--------------------|----------------|---------------------|----------------------|--------------|-------|------------------------|------------|--------------------------|---------------------------------------------|-----------------------------------------|-----------------------------------------|----------------|
| Manufacturer | Module             | (yy-ww)        | Freq (MT/s)         | t <sub>RC</sub> (ns) | Size (GB)    | Chips | Size (Gb) <sup>‡</sup> | Pins       | Die Version <sup>§</sup> | Average                                     | Minimum                                 | Maximum                                 | Min            |
|              | A <sub>1</sub>     | 10-08          | 1066                | 50.625               | 0.5          | 4     | 1                      | ×16        | В                        | 0                                           | 0                                       | 0                                       | _              |
|              | $A_2$              | 10-20          | 1066                | 50.625               | 1            | 8     | 1                      | ×8         | F                        | 0                                           | 0                                       | 0                                       | -              |
|              | A <sub>3-5</sub>   | 10-20          | 1066                | 50.625               | 0.5          | 4     | 1                      | ×16        | В                        | 0                                           | 0                                       | 0                                       | -              |
|              | A <sub>6-7</sub>   | 11-24          | 1066                | 49.125               | 1            | 4     | 2                      | ×16        | $\mathcal{D}$            | $7.8 \times 10^{1}$                         | $5.2 \times 10^{1}$                     | $1.0 \times 10^{2}$                     | 21.3           |
|              | A <sub>8-12</sub>  | 11-26          | 1066                | 49.125               | 1            | 4     | 2                      | ×16        | $\mathcal{D}$            | $2.4 \times 10^{2}$                         | $5.4 \times 10^{1}$                     | $4.4 \times 10^{2}$                     | 16.4           |
|              | A <sub>13-14</sub> | 11-50          | 1066                | 49.125               | 1            | 4     | 2                      | ×16        | $\mathcal{D}$            | $8.8 \times 10^{1}$                         | $1.7 \times 10^{1}$                     | $1.6 \times 10^{2}$                     | 26.2           |
| Α            | A <sub>15-16</sub> | 12-22          | 1600                | 50.625               | 1            | 4     | 2                      | ×16        | $\mathcal{D}$            | 9.5                                         | 9                                       | $1.0 \times 10^{1}$                     | 34.4           |
| Total of     | A <sub>17-18</sub> | 12-26          | 1600                | 49.125               | 2            | 8     | 2                      | $\times 8$ | $\mathcal{M}$            | $1.2 \times 10^{2}$                         | $3.7 \times 10^{1}$                     | $2.0 \times 10^{2}$                     | 21.3           |
| 43 Modules   | A <sub>19-30</sub> | 12-40          | 1600                | 48.125               | 2            | 8     | 2                      | $\times 8$ | K                        | $8.6 \times 10^{6}$                         | $7.0 \times 10^{6}$                     | $1.0 \times 10^{7}$                     | 8.2            |
| 45 Wodules   | $A_{31-34}$        | 13-02          | 1600                | 48.125               | 2            | 8     | 2                      | $\times 8$ | -                        | $1.8 \times 10^{6}$                         | $1.0 \times 10^{6}$                     | $3.5 \times 10^{6}$                     | 11.5           |
|              | A <sub>35-36</sub> | 13-14          | 1600                | 48.125               | 2            | 8     | 2                      | $\times 8$ | -                        | $4.0 \times 10^{1}$                         | $1.9 \times 10^{1}$                     | $6.1 \times 10^{1}$                     | 21.3           |
|              | A <sub>37-38</sub> | 13-20          | 1600                | 48.125               | 2            | 8     | 2                      | $\times 8$ | K                        | $1.7 \times 10^{6}$                         | $1.4 \times 10^{6}$                     | $2.0 \times 10^{6}$                     | 9.8            |
|              | A <sub>39-40</sub> | 13-28          | 1600                | 48.125               | 2            | 8     | 2                      | $\times 8$ | K                        | $5.7 \times 10^4$                           | $5.4 \times 10^4$                       | $6.0 \times 10^4$                       | 16.4           |
|              | A <sub>41</sub>    | 14-04          | 1600                | 49.125               | 2            | 8     | 2                      | $\times 8$ | -                        | $2.7 \times 10^{5}$                         | $2.7 \times 10^{5}$                     | $2.7 \times 10^{5}$                     | 18.0           |
|              | A <sub>42-43</sub> | 14-04          | 1600                | 48.125               | 2            | 8     | 2                      | ×8         | K                        | 0.5                                         | 0                                       | 1                                       | 62.3           |
|              | B <sub>1</sub>     | 08-49          | 1066                | 50.625               | 1            | 8     | 1                      | $\times 8$ | $\mathcal{D}$            | 0                                           | 0                                       | 0                                       | _              |
|              | $B_2$              | 09-49          | 1066                | 50.625               | 1            | 8     | 1                      | $\times 8$ | $\varepsilon$            | 0                                           | 0                                       | 0                                       | -              |
|              | $B_3$              | 10-19          | 1066                | 50.625               | 1            | 8     | 1                      | $\times 8$ | $\mathcal{F}$            | 0                                           | 0                                       | 0                                       | -              |
|              | $B_4$              | 10-31          | 1333                | 49.125               | 2            | 8     | 2                      | $\times 8$ | $\mathcal{C}$            | 0                                           | 0                                       | 0                                       | -              |
|              | B <sub>5</sub>     | 11-13          | 1333                | 49.125               | 2            | 8     | 2                      | $\times 8$ | C                        | 0                                           | 0                                       | 0                                       | -              |
|              | B <sub>6</sub>     | 11-16          | 1066                | 50.625               | 1            | 8     | 1                      | $\times 8$ | F                        | 0                                           | 0                                       | 0                                       | -              |
|              | B <sub>7</sub>     | 11-19          | 1066                | 50.625               | 1            | 8     | 1                      | ×8         | F                        | 0                                           | 0                                       | 0                                       | -              |
| D            | B <sub>8</sub>     | 11-25          | 1333                | 49.125               | 2            | 8     | 2                      | ×8         | С                        | 0                                           | 0                                       | 0                                       | -              |
| В            | B <sub>9</sub>     | 11-37          | 1333                | 49.125               | 2            | 8     | 2                      | ×8         | $\mathcal{D}$            | $1.9 \times 10^{6}$                         | $1.9 \times 10^{6}$                     | $1.9 \times 10^{6}$                     | 11.5           |
| Total of     | B <sub>10-12</sub> | 11-46          | 1333                | 49.125               | 2            | 8     | 2                      | ×8         | $\mathcal{D}$            | $2.2 \times 10^{6}$                         |                                         | $2.7 \times 10^6$                       | 11.5           |
| 54 Modules   | Bio                | 11-49          | 1333                | 49.125               | 2            | 8     | 2                      | ×8         | c                        | 0                                           | 0                                       | 0                                       | - 0.0          |
|              | B <sub>14</sub>    | 12-01          | 1866                | 47.125               | 2            | 8     | 2                      | ×8         | $\mathcal{D}$            | $9.1 \times 10^{5}$                         | $9.1 \times 10^{5}$                     |                                         | 9.8            |
|              | B <sub>15-31</sub> | 12-10          | 1866                | 47.125               | 2            | 8     | 2                      | ×8         | $\mathcal{D}$            | $9.8 \times 10^{5}$                         | $7.8 \times 10^{5}$                     | $1.2 \times 10^{6}$                     | 11.5           |
|              | B <sub>32</sub>    | 12-25          | 1600                | 48.125               | 2            | 8     | 2                      | ×8         | ε                        | $7.4 \times 10^{5}$                         |                                         |                                         | 11.5           |
|              | B <sub>33-42</sub> | 12-28          | 1600                | 48.125               | 2            | 8     | 2                      | ×8         | ε                        | $5.2 \times 10^{5}$                         |                                         | $7.3 \times 10^{5}$                     | 11.5           |
|              | B <sub>43-47</sub> | 12-31          | 1600                | 48.125               | 2            | 8     | 2                      | ×8         | ε                        | $4.0 \times 10^5$<br>$1.1 \times 10^5$      |                                         | $5.5 \times 10^{5}$                     | 13.1           |
|              | B <sub>48-51</sub> | 13-19          | 1600                | 48.125               | 2            | 8     | 2                      | ×8         | ε                        |                                             | $7.4 \times 10^4$                       | $1.4 \times 10^{5}$                     | 14.7           |
|              | B <sub>52-53</sub> | 13-40          | 1333                | 49.125               | 2 2          | 8     | 2 2                    | ×8         | $\mathcal{D}$            | $2.6 \times 10^4$<br>$7.5 \times 10^3$      |                                         | $2.9 \times 10^4$<br>$7.5 \times 10^3$  | 21.3<br>26.2   |
|              | B <sub>54</sub>    | 14-07          | 1333                | 49.125               |              |       |                        | ×8         |                          |                                             |                                         |                                         |                |
|              | Cı                 | 10-18          | 1333                | 49.125               | 2            | 8     | 2                      | ×8         | $\mathcal{A}$            | 0                                           | 0                                       | 0                                       | -              |
|              | C <sub>2</sub>     | 10-20          | 1066                | 50.625               | 2            | 8     | 2                      | ×8         | $\mathcal{A}$            | 0                                           | 0                                       | 0                                       | -              |
|              | Cia .              | 10-22          | 1066                | 50.625               | 2            | 8     | 2                      | ×8         | $\mathcal{A}$            | 0                                           | 0                                       | 0                                       | -              |
|              | C <sub>4-5</sub>   | 10-26          | 1333                | 49.125               | 2            | 8     | 2                      | ×8         | В                        | $8.9 \times 10^{2}$                         | $6.0 \times 10^{2}$                     | $1.2 \times 10^{3}$                     | 29.5           |
|              | U <sub>6</sub>     | 10-43          | 1333                | 49.125               | 1            | 8     | 1                      | ×8         | $\tau$                   | 0                                           | 0                                       | 0                                       | -              |
|              | C <sub>7</sub>     | 10-51          | 1333                | 49.125               | 2            | 8     | 2                      | ×8         | В                        | $4.0 \times 10^{2}$                         | $4.0 \times 10^{2}$                     | $4.0 \times 10^{2}$                     | 29.5           |
|              | C <sub>8</sub>     | 11-12          | 1333                | 46.25                | 2 2          | 8     | 2                      | ×8         | B<br>B                   | $6.9 \times 10^2$<br>$9.2 \times 10^2$      | $6.9 \times 10^2$<br>$9.2 \times 10^2$  | $6.9 \times 10^2$                       | 21.3           |
|              | C <sub>9</sub>     | 11-19          | 1333                | 46.25                | 2            | 8     | 2 2                    | ×8         | В                        | 3.2 × 10-                                   | 3.2 × 10 <sup>2</sup>                   | $9.2 \times 10^{2}$                     | 27.9           |
|              | C <sub>10</sub>    | 11-31          | 1333                | 49.125               |              |       |                        | ×8         | В                        |                                             |                                         | 3                                       | 39.3           |
| С            | Cit                | 11-42<br>11-48 | 1333<br>1600        | 49.125<br>48.125     | 2 2          | 8     | 2 2                    | ×8<br>×8   | C                        | $1.6 \times 10^2$<br>$7.1 \times 10^4$      | $1.6 \times 10^2$<br>$7.1 \times 10^4$  | $1.6 \times 10^2$<br>$7.1 \times 10^4$  | 39.3<br>19.7   |
|              | C <sub>12</sub>    | 12-08          | 1333                | 49.125               | 2            | 8     | 2                      | ×8         | c                        | $3.9 \times 10^4$                           | $3.9 \times 10^4$                       | $3.9 \times 10^4$                       | 21.3           |
| Total of     | C <sub>13</sub>    | 12-08          | 1333                | 49.125               | 2            | 8     | 2                      | ×8         | C                        | $3.9 \times 10^{-1}$<br>$3.7 \times 10^{4}$ |                                         | $5.4 \times 10^4$                       | 21.3           |
| 32 Modules   | C <sub>14-15</sub> | 12-12          | 1600                | 48.125               | 2            | 8     | 2                      | ×8         | c                        | $3.7 \times 10^{3}$<br>$3.5 \times 10^{3}$  | $1.2 \times 10^3$                       | $7.0 \times 10^{3}$                     | 27.9           |
|              | C <sub>16-18</sub> | 12-20          | 1600                | 48.125               | 2            | 8     | 2                      | ×8         | ε                        | $1.4 \times 10^{5}$                         | $1.2 \times 10^{5}$ $1.4 \times 10^{5}$ | $1.4 \times 10^{5}$                     | 18.0           |
|              | C <sub>19</sub>    | 12-23          | 1600                | 48.125               | 2            | 8     | 2                      | ×8         | c                        | $6.5 \times 10^4$                           | $6.5 \times 10^4$                       | $6.5 \times 10^4$                       | 21.3           |
|              | C <sub>20</sub>    | 12-24          | 1600                | 48.125               | 2            | 8     | 2                      | ×8         | c                        | $2.3 \times 10^4$                           | $2.3 \times 10^4$                       | $2.3 \times 10^4$                       | 24.6           |
|              | C <sub>21</sub>    | 12-20          | 1600                | 48.125               | 2            | 8     | 2                      | ×8         | c                        | $1.7 \times 10^4$                           | $1.7 \times 10^4$                       | $1.7 \times 10^4$                       | 22.9           |
|              | C <sub>22</sub>    | 12-32          | 1600                | 48.125               | 2            | 8     | 2                      | ×8         | c                        | $2.3 \times 10^4$                           | $1.7 \times 10^4$                       | $3.4 \times 10^4$                       | 18.0           |
|              | C <sub>23-24</sub> | 12-37          | 1600                | 48.125               | 2            | 8     | 2                      | ×8         | c                        | $2.0 \times 10^4$                           | $1.1 \times 10^4$                       | $3.4 \times 10^4$ $3.2 \times 10^4$     | 19.7           |
|              | C <sub>25-30</sub> | 13-11          | 1600                | 48.125               | 2            | 8     | 2                      | ×8         | C                        | $3.3 \times 10^5$                           | $3.3 \times 10^{5}$                     | $3.2 \times 10^{5}$                     | 14.7           |
|              | C <sub>31</sub>    | 13-11          | 1600                | 48.125               | 2            | 8     | 2                      | ×8         | c                        | $3.3 \times 10^{4}$ $3.7 \times 10^{4}$     |                                         | $3.3 \times 10^{4}$ $3.7 \times 10^{4}$ | 21.3           |
|              | C <sub>32</sub>    | 15-55          | 1000                | 40.123               | 2            | 0     | 2                      | ^0         | U                        | 3.7 × 10.                                   | 3.7 × 10°                               | 3.7 × 10°                               | 21.5           |

\* We report the manufacture date marked on the chip packages, which is more accurate than other dates that can be gleaned from a module. We report timing constraints stored in the module's on-board ROM [33], which is read by the system BIOS to calibrate the memory controller. 
‡ The maximum DRAM chip size support by our testing platform is 2Gh. 
§ We report DRAM die versions marked on the chip packages, which typically progress in the following manner:  $\mathcal{M} \to \mathcal{A} \to \mathcal{B} \to \mathcal{C} \to \cdots$ .



#### RowHammer Characterization Results

- 1. Most Modules Are at Risk
- 2. Errors vs. Vintage
- 3. Error = Charge Loss
- 4. Adjacency: Aggressor & Victim
- 5. Sensitivity Studies
- 6. Other Results in Paper
- 7. Solution Space

Flipping Bits in Memory Without Accessing Them: An Experimental Study of DRAM Disturbance Errors, (Kim et al., ISCA 2014)

59

#### 4. Adjacency: Aggressor & Victim



Note: For three modules with the most errors (only first bank)

Most aggressors & victims are adjacent

#### 1 Access Interval (Aggressor)



Note: For three modules with the most errors (only first bank)

Less frequent accesses → Fewer errors

#### 2 Refresh Interval



Note: Using three modules with the most errors (only first bank)

More frequent refreshes -> Fewer errors

61





63

Errors affected by data stored in other cells

#### 6. Other Key Observations [ISCA'14]

- Victim Cells ≠ Retention-Weak Cells
  - Almost no overlap between them
- Errors are repeatable
  - Across ten iterations of testing, >70% of victim cells had errors in every iteration
- As many as 4 errors per cache-line
  - Simple ECC (e.g., SECDED) cannot prevent all errors
- Cells affected by two aggressors on either side
  - Double sided hammering

#### Major RowHammer Characteristics (2014)

 Yoongu Kim, Ross Daly, Jeremie Kim, Chris Fallin, Ji Hye Lee, Donghyuk Lee, Chris Wilkerson, Konrad Lai, and Onur Mutlu,

<u>"Flipping Bits in Memory Without Accessing Them: An Experimental Study of DRAM Disturbance Errors"</u>

Proceedings of the <u>41st International Symposium on Computer Architecture</u> (**ISCA**), Minneapolis, MN, June 2014.

[Slides (pptx) (pdf)] [Lightning Session Slides (pptx) (pdf)] [Source Code and Data] [Lecture Video (1 hr 49 mins), 25 September 2020]

One of the 7 papers of 2012-2017 selected as Top Picks in Hardware and Embedded Security for IEEE TCAD (<u>link</u>).

#### Flipping Bits in Memory Without Accessing Them: An Experimental Study of DRAM Disturbance Errors

Yoongu Kim<sup>1</sup> Ross Daly\* Jeremie Kim<sup>1</sup> Chris Fallin\* Ji Hye Lee<sup>1</sup> Donghyuk Lee<sup>1</sup> Chris Wilkerson<sup>2</sup> Konrad Lai Onur Mutlu<sup>1</sup>

<sup>1</sup>Carnegie Mellon University <sup>2</sup>Intel Labs

SAFARI 65

#### RowHammer is Getting Much Worse (2020)

 Jeremie S. Kim, Minesh Patel, A. Giray Yaglikci, Hasan Hassan, Roknoddin Azizi, Lois Orosa, and Onur Mutlu,

"Revisiting RowHammer: An Experimental Analysis of Modern Devices and Mitigation Techniques"

Proceedings of the <u>47th International Symposium on Computer</u> <u>Architecture</u> (**ISCA**), Valencia, Spain, June 2020.

[Slides (pptx) (pdf)]

[Lightning Talk Slides (pptx) (pdf)]

[Talk Video (20 minutes)]

[Lightning Talk Video (3 minutes)]

## Revisiting RowHammer: An Experimental Analysis of Modern DRAM Devices and Mitigation Techniques

Jeremie S. Kim<sup>§†</sup> Minesh Patel<sup>§</sup> A. Giray Yağlıkçı<sup>§</sup> Hasan Hassan<sup>§</sup> Roknoddin Azizi<sup>§</sup> Lois Orosa<sup>§</sup> Onur Mutlu<sup>§†</sup>

§ETH Zürich †Carnegie Mellon University

#### New RowHammer Dimensions (2021)

 Lois Orosa, Abdullah Giray Yaglikci, Haocong Luo, Ataberk Olgun, Jisung Park, Hasan Hassan, Minesh Patel, Jeremie S. Kim, and Onur Mutlu,

"A Deeper Look into RowHammer's Sensitivities: Experimental Analysis of Real DRAM Chips and Implications on Future Attacks and Defenses"

Proceedings of the <u>54th International Symposium on Microarchitecture</u> (**MICRO**), Virtual, October 2021.

[Slides (pptx) (pdf)]

[Short Talk Slides (pptx) (pdf)]

[Lightning Talk Slides (pptx) (pdf)]

[Talk Video (21 minutes)]

[Lightning Talk Video (1.5 minutes)]

[arXiv version]

#### A Deeper Look into RowHammer's Sensitivities: Experimental Analysis of Real DRAM Chips and Implications on Future Attacks and Defenses

Lois Orosa\* ETH Zürich A. Giray Yağlıkçı\* ETH Zürich Haocong Luo ETH Zürich Ataberk Olgun ETH Zürich, TOBB ETÜ

Jisung Park ETH Zürich

Hasan Hassan ETH Zürich Minesh Patel ETH Zürich

Jeremie S. Kim ETH Zürich Onur Mutlu ETH Zürich

67

#### RowHammer vs. Wordline Voltage (2022)

To appear in DSN 2022

# Under Reduced Wordline Voltage: An Experimental Study Using Real DRAM Devices

A. Giray Yağlıkçı<sup>1</sup> Haocong Luo<sup>1</sup> Geraldo F. de Oliviera<sup>1</sup> Ataberk Olgun<sup>1</sup> Jisung Park<sup>1</sup> Minesh Patel<sup>1</sup> Hasan Hassan<sup>1</sup> Jeremie S. Kim<sup>1</sup> Lois Orosa<sup>1,2</sup> Onur Mutlu<sup>1</sup>

<sup>1</sup>ETH Zürich <sup>2</sup>Galicia Supercomputing Center (CESGA)

#### RowHammer Solutions

#### Two Types of RowHammer Solutions

- Immediate
  - To protect the vulnerable DRAM chips in the field
  - Limited possibilities
- Longer-term
  - To protect future DRAM chips
  - Wider range of protection mechanisms
- Our ISCA 2014 paper proposes both types of solutions
  - Seven solutions in total
  - □ PARA proposed as best solution → already employed in the field

#### Some Potential Solutions (ISCA 2014)

Make better DRAM chips

Cost

Refresh frequently
 Power, Performance

Sophisticated ECC

Cost, Power

Access counters Cost, Power, Complexity

#### Apple's Security Patch for RowHammer

https://support.apple.com/en-gb/HT204934

Available for: OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5

Impact: A malicious application may induce memory corruption to escalate privileges

Description: A disturbance error, also known as Rowhammer, exists with some DDR3 RAM that could have led to memory corruption. This issue was mitigated by increasing memory refresh rates.

CVE-ID

CVE-2015-3693 : Mark Seaborn and Thomas Dullien of Google, working from original research by Yoongu Kim et al (2014)

HP, Lenovo, and many other vendors released similar patches

#### Our Solution to RowHammer

- PARA: Probabilistic Adjacent Row Activation
- Key Idea
  - After closing a row, we activate (i.e., refresh) one of its neighbors with a low probability: p = 0.005
- Reliability Guarantee
  - When p=0.005, errors in one year:  $9.4 \times 10^{-14}$
  - By adjusting the value of p, we can vary the strength of protection against errors

Advantages of PARA

- PARA refreshes rows infrequently
  - Low power
  - Low performance-overhead
    - Average slowdown: 0.20% (for 29 benchmarks)
    - Maximum slowdown: 0.75%
- PARA is stateless
  - Low cost
  - Low complexity
- PARA is an effective and low-overhead solution to prevent disturbance errors

73

#### Requirements for PARA

- If implemented in DRAM chip (done today)
  - Enough slack in timing and refresh parameters
  - Plenty of slack today:
    - Lee et al., "Adaptive-Latency DRAM: Optimizing DRAM Timing for the Common Case," HPCA 2015.
    - Chang et al., "Understanding Latency Variation in Modern DRAM Chips," SIGMETRICS 2016.
    - Lee et al., "Design-Induced Latency Variation in Modern DRAM Chips," SIGMETRICS 2017.
    - Chang et al., "Understanding Reduced-Voltage Operation in Modern DRAM Devices," SIGMETRICS 2017.
    - Ghose et al., "What Your DRAM Power Models Are Not Telling You: Lessons from a Detailed Experimental Study," SIGMETRICS 2018.
    - Kim et al., "Solar-DRAM: Reducing DRAM Access Latency by Exploiting the Variation in Local Bitlines," ICCD 2018.
- If implemented in memory controller
  - Better coordination between memory controller and DRAM
  - Memory controller should know which rows are physically adjacent

75

#### Probabilistic Activation in Real Life (I)



#### Probabilistic Activation in Real Life (II)



SAFARI

https://twitter.com/isislovecruft/status/1021939922754723841

77

#### Seven RowHammer Solutions Proposed

 Yoongu Kim, Ross Daly, Jeremie Kim, Chris Fallin, Ji Hye Lee, Donghyuk Lee, Chris Wilkerson, Konrad Lai, and Onur Mutlu,

<u>"Flipping Bits in Memory Without Accessing Them: An Experimental Study of DRAM Disturbance Errors"</u>

Proceedings of the <u>41st International Symposium on Computer Architecture</u> (**ISCA**), Minneapolis, MN, June 2014.

[Slides (pptx) (pdf)] [Lightning Session Slides (pptx) (pdf)] [Source Code and Data] [Lecture Video (1 hr 49 mins), 25 September 2020]

One of the 7 papers of 2012-2017 selected as Top Picks in Hardware and Embedded Security for IEEE TCAD (<u>link</u>).

#### Flipping Bits in Memory Without Accessing Them: An Experimental Study of DRAM Disturbance Errors

Yoongu Kim<sup>1</sup> Ross Daly\* Jeremie Kim<sup>1</sup> Chris Fallin\* Ji Hye Lee<sup>1</sup> Donghyuk Lee<sup>1</sup> Chris Wilkerson<sup>2</sup> Konrad Lai Onur Mutlu<sup>1</sup>

<sup>1</sup>Carnegie Mellon University <sup>2</sup>Intel Labs

# Main Memory Needs Intelligent Controllers for Security, Safety, Reliability, Scaling

SAFARI 79

Aside: Intelligent Controller for NAND Flash



[DATE 2012, ICCD 2012, DATE 2013, ITJ 2013, ICCD 2013, SIGMETRICS 2014, HPCA 2015, DSN 2015, MSST 2015, JSAC 2016, HPCA 2017, DFRWS 2017, PIEEE 2017, HPCA 2018, SIGMETRICS 2018]

NAND Daughter Board

#### Intelligent Flash Controllers [PIEEE'17]



Proceedings of the IEEE, Sept. 2017

#### Error Characterization, Mitigation, and Recovery in Flash-Memory-Based Solid-State Drives



81

This paper reviews the most recent advances in solid-state drive (SSD) error characterization, mitigation, and data recovery techniques to improve both SSD's reliability and lifetime.

By Yu Cai, Saugata Ghose, Erich F. Haratsch, Yixin Luo, and Onur Mutlu

https://arxiv.org/pdf/1706.08642

#### Detailed Lectures on RowHammer

- Computer Architecture, Fall 2021, Lecture 5
  - RowHammer (ETH Zürich, Fall 2021)
  - https://www.youtube.com/watch?v=7wVKnPj3NVw&list=P
     L5Q2soXY2Zi-Mnk1PxjEIG32HAGILkTOF&index=5
- Computer Architecture, Fall 2021, Lecture 6
  - RowHammer and Secure & Reliable Memory (ETH Zürich, Fall 2021)
  - https://www.youtube.com/watch?v=HNd4skQrt6I&list=PL 5Q2soXY2Zi-Mnk1PxjEIG32HAGILkTOF&index=6

https://www.youtube.com/onurmutlulectures

#### First RowHammer Analysis

Yoongu Kim, Ross Daly, Jeremie Kim, Chris Fallin, Ji Hye Lee, Donghyuk Lee, Chris Wilkerson, Konrad Lai, and Onur Mutlu,

"Flipping Bits in Memory Without Accessing Them: An Experimental **Study of DRAM Disturbance Errors**"

Proceedings of the 41st International Symposium on Computer Architecture (ISCA), Minneapolis, MN, June 2014.

[Slides (pptx) (pdf)] [Lightning Session Slides (pptx) (pdf)] [Source Code and Data] [Lecture Video (1 hr 49 mins), 25 September 2020]

One of the 7 papers of 2012-2017 selected as Top Picks in Hardware and Embedded Security for IEEE TCAD (link).

#### Flipping Bits in Memory Without Accessing Them: An Experimental Study of DRAM Disturbance Errors

Yoongu Kim<sup>1</sup> Ross Daly\* Jeremie Kim<sup>1</sup> Chris Fallin\* Ji Hye Lee<sup>1</sup> Donghyuk Lee<sup>1</sup> Chris Wilkerson<sup>2</sup> Konrad Lai

<sup>1</sup>Carnegie Mellon University <sup>2</sup>Intel Labs

83 SAFARI

#### Retrospective on RowHammer & Future

Onur Mutlu,

"The RowHammer Problem and Other Issues We May Face as **Memory Becomes Denser**"

Invited Paper in Proceedings of the Design, Automation, and Test in Europe Conference (DATE), Lausanne, Switzerland, March 2017. [Slides (pptx) (pdf)]

#### The RowHammer Problem and Other Issues We May Face as Memory Becomes Denser

Onur Mutlu ETH Zürich onur.mutlu@inf.ethz.ch https://people.inf.ethz.ch/omutlu

#### A More Recent RowHammer Retrospective

Onur Mutlu and Jeremie Kim,

"RowHammer: A Retrospective"

<u>IEEE Transactions on Computer-Aided Design of Integrated Circuits and Systems</u> (**TCAD**) Special Issue on Top Picks in Hardware and Embedded Security, 2019.

[Preliminary arXiv version]

[Slides from COSADE 2019 (pptx)]

[Slides from VLSI-SOC 2020 (pptx) (pdf)]

[Talk Video (1 hr 15 minutes, with Q&A)]

#### RowHammer: A Retrospective

Onur Mutlu<sup>§‡</sup> Jeremie S. Kim<sup>‡§</sup> §ETH Zürich <sup>‡</sup>Carnegie Mellon University

SAFARI 85

RowHammer in 2020-2022

#### Revisiting RowHammer

#### RowHammer is Getting Much Worse

 Jeremie S. Kim, Minesh Patel, A. Giray Yaglikci, Hasan Hassan, Roknoddin Azizi, Lois Orosa, and Onur Mutlu,

"Revisiting RowHammer: An Experimental Analysis of Modern Devices and Mitigation Techniques"

Proceedings of the <u>47th International Symposium on Computer</u> <u>Architecture</u> (**ISCA**), Valencia, Spain, June 2020.

[Slides (pptx) (pdf)]

[Lightning Talk Slides (pptx) (pdf)]

[Talk Video (20 minutes)]

[Lightning Talk Video (3 minutes)]

## Revisiting RowHammer: An Experimental Analysis of Modern DRAM Devices and Mitigation Techniques

Jeremie S. Kim<sup>§†</sup> Minesh Patel<sup>§</sup> A. Giray Yağlıkçı<sup>§</sup> Hasan Hassan<sup>§</sup> Roknoddin Azizi<sup>§</sup> Lois Orosa<sup>§</sup> Onur Mutlu<sup>§†</sup>

§ETH Zürich †Carnegie Mellon University

#### Key Takeaways from 1580 Chips

- Newer DRAM chips are much more vulnerable to RowHammer (more bit flips, happening earlier)
- There are new chips whose weakest cells fail after only
   4800 hammers
- Chips of newer DRAM technology nodes can exhibit RowHammer bit flips 1) in more rows and 2) farther away from the victim row.
- Existing mitigation mechanisms are NOT effective at future technology nodes

SAFARI 89

#### **DRAM Testing Infrastructures**

Three separate testing infrastructures

- 1. DDR3: FPGA-based SoftMC [Hassan+, HPCA'17] (Xilinx ML605)
- 2. DDR4: FPGA-based SoftMC [Hassan+, HPCA'17] (Xilinx Virtex UltraScale 95)
- 3. LPDDR4: In-house testing hardware for LPDDR4 chips

All provide fine-grained control over DRAM commands, timing parameters and temperature



**DDR4 DRAM testing infrastructure** 

#### 1580 DRAM Chips Tested

|   | _Numbe   | er of Chips | s (Modules | ) Tested |
|---|----------|-------------|------------|----------|
|   |          |             |            | Total    |
| - | 56 (10)  | 88 (11)     | 28 (7)     | 172 (28) |
| - | 80 (10)  | 52 (9)      | 104 (13)   | 236 (32) |
| - | 112 (16) | 24 (3)      | 128 (18)   | 264 (37) |
|   | 264 (43) | 16 (2)      | 108 (28)   | 388 (73) |
| - | 12 (3)   | 180 (45)    | N/A        | 192 (48) |
|   | 184 (46) | N/A         | 144 (36)   | 328 (82) |

#### **1580** total DRAM chips tested from **300** DRAM modules

- Three major DRAM manufacturers {A, B, C}
- Three DRAM types or standards {DDR3, DDR4, LPDDR4}
  - LPDDR4 chips we test implement on-die ECC
- Two technology nodes per DRAM type {old/new, 1x/1y}
  - Categorized based on manufacturing date, datasheet publication date, purchase date, and characterization results

**Type-node:** configuration describing a chip's type and technology node generation: **DDR3-old/new, DDR4-old/new, LPDDR4-1x/1y** 

SAFARI 91

#### 3. Hammer Count (HC) Effects



RowHammer bit flip rates **increase** when going **from old to new** DDR4 technology node generations

RowHammer bit flip rates (i.e., RowHammer vulnerability) increase with technology node generation

#### 5. First RowHammer Bit Flips per Chip



Newer chips from each DRAM manufacturer are more vulnerable to RowHammer

SAFARI

93

#### 5. First RowHammer Bit Flips per Chip

In a DRAM type, HC<sub>first</sub> reduces significantly from old to new chips, i.e., DDR3: 69.2k to 22.4k, DDR4: 17.5k to 10k, LPDDR4: 16.8k to 4.8k

There are chips whose weakest cells fail after only 4800 hammers

#### RowHammer is Getting Much Worse

 Jeremie S. Kim, Minesh Patel, A. Giray Yaglikci, Hasan Hassan, Roknoddin Azizi, Lois Orosa, and Onur Mutlu,

"Revisiting RowHammer: An Experimental Analysis of Modern Devices and Mitigation Techniques"

Proceedings of the <u>47th International Symposium on Computer</u> <u>Architecture</u> (**ISCA**), Valencia, Spain, June 2020.

[Slides (pptx) (pdf)]

[Lightning Talk Slides (pptx) (pdf)]

[Talk Video (20 minutes)]

[Lightning Talk Video (3 minutes)]

## Revisiting RowHammer: An Experimental Analysis of Modern DRAM Devices and Mitigation Techniques

Jeremie S. Kim $\S^{\dagger}$  Minesh Patel $\S$  A. Giray Yağlıkçı $\S$  Hasan Hassan $\S$  Roknoddin Azizi $\S$  Lois Orosa $\S$  Onur Mutlu $\S^{\dagger}$   $\S$ ETH Zürich  $^{\dagger}$ Carnegie Mellon University

#### Detailed Lecture on Revisiting RowHammer

- Computer Architecture, Fall 2020, Lecture 5b
  - RowHammer in 2020: Revisiting RowHammer (ETH Zürich, Fall 2020)
  - https://www.youtube.com/watch?v=gR7XR Eepcg&list=PL5Q2soXY2Zi9xidyIgBxUz7xRPS-wisBN&index=10

https://www.youtube.com/onurmutlulectures

#### TRRespass

#### Industry-Adopted Solutions Do Not Work

 Pietro Frigo, Emanuele Vannacci, Hasan Hassan, Victor van der Veen, Onur Mutlu, Cristiano Giuffrida, Herbert Bos, and Kaveh Razavi,

"TRRespass: Exploiting the Many Sides of Target Row Refresh"

Proceedings of the <u>41st IEEE Symposium on Security and Privacy</u> (**S&P**), San Francisco, CA, USA, May 2020.

[Slides (pptx) (pdf)]

[Lecture Slides (pptx) (pdf)]

[Talk Video (17 minutes)]

[Lecture Video (59 minutes)]

[Source Code]

[Web Article]

Best paper award.

Pwnie Award 2020 for Most Innovative Research. Pwnie Awards 2020

# TRRespass: Exploiting the Many Sides of Target Row Refresh

Pietro Frigo\*<sup>†</sup> Emanuele Vannacci\*<sup>†</sup> Hasan Hassan<sup>§</sup> Victor van der Veen<sup>¶</sup> Onur Mutlu<sup>§</sup> Cristiano Giuffrida\* Herbert Bos\* Kaveh Razavi\*

#### **TRRespass**

- First work to show that TRR-protected DRAM chips are vulnerable to RowHammer in the field
  - Mitigations advertised as secure are not secure
- Introduces the Many-sided RowHammer attack
  - Idea: Hammer many rows to bypass TRR mitigations (e.g., by overflowing proprietary TRR tables that detect aggressor rows)
- (Partially) reverse-engineers the TRR and pTRR mitigation mechanisms implemented in DRAM chips and memory controllers
- Provides an automatic tool that can effectively create manysided RowHammer attacks in DDR4 and LPDDR4(X) chips

SAFARI 99

#### Example Many-Sided Hammering Patterns



**Fig. 12:** Hammering patterns discovered by *TRRespass*. Aggressor rows are in red (■) and victim rows are in blue (■).

#### BitFlips vs. Number of Aggressor Rows



Fig. 10: Bit flips vs. number of aggressor rows. Module  $C_{12}$ : Number of bit flips in bank 0 as we vary the number of aggressor rows. Using SoftMC, we refresh DRAM with standard tREFI and run the tests until each aggressor rows is hammered 500K times.



Fig. 11: Bit flips vs. number of aggressor rows. Module  $A_{15}$ : Number of bit flips in bank 0 as we vary the number of aggressor rows. Using SoftMC, we refresh DRAM with standard tREFI and run the tests until each aggressor rows is hammered 500K times.



Fig. 13: Bit flips vs. number of aggressor rows. Module  $A_{10}$ : Number of bit flips triggered with N-sided RowHammer for varying number of N on Intel Core i7-7700K. Each aggressor row is one row away from the closest aggressor row (i.e., VAVAVA... configuration) and aggressor rows are hammered in a round-robin fashion.

SAFARI

#### TRRespass Vulnerable DRAM Modules

TABLE II: TRRespass results. We report the number of patterns found and bit flips detected for the 42 DRAM modules in our set.

| Madula                        | Date               | Freq. | Size        | Organization |       | MAG        | Found | D D      | Corruptions  |        |                   | Double            |         |
|-------------------------------|--------------------|-------|-------------|--------------|-------|------------|-------|----------|--------------|--------|-------------------|-------------------|---------|
| Module                        | (yy-ww)            | (MHz) | <i>(GB)</i> | Ranks        | Banks | Pins       | MAC   | Patterns | Best Pattern | Total  | $1 \rightarrow 0$ | $0 \rightarrow 1$ | Refresh |
| $A_{0,1,2,3}$                 | 16-37              | 2132  | 4           | 1            | 16    | ×8         | UL    | _        | _            | _      | _                 | _                 | _       |
| $\mathcal{A}_4$               | 16-51              | 2132  | 4           | 1            | 16    | $\times 8$ | UL    | 4        | 9-sided      | 7956   | 4008              | 3948              | _       |
| $\mathcal{A}_5$               | 18-51              | 2400  | 4           | 1            | 8     | ×16        | UL    | _        | _            | _      | _                 | _                 | _       |
| $\mathcal{A}_{6,7}$           | 18-15              | 2666  | 4           | 1            | 8     | ×16        | UL    | _        | _            | _      | _                 | _                 | _       |
| $\mathcal{A}_8$               | 17-09              | 2400  | 8           | 1            | 16    | $\times 8$ | UL    | 33       | 19-sided     | 20808  | 10289             | 10519             | _       |
| $\mathcal{A}_9$               | 17-31              | 2400  | 8           | 1            | 16    | $\times 8$ | UL    | 33       | 19-sided     | 24854  | 12580             | 12274             | _       |
| $\mathcal{A}_{10}$            | 19-02              | 2400  | 16          | 2            | 16    | $\times 8$ | UL    | 488      | 10-sided     | 11342  | 1809              | 11533             | ✓       |
| $\mathcal{A}_{11}$            | 19-02              | 2400  | 16          | 2            | 16    | $\times 8$ | UL    | 523      | 10-sided     | 12830  | 1682              | 11148             | ✓       |
| $\mathcal{A}_{12,13}$         | 18-50              | 2666  | 8           | 1            | 16    | $\times 8$ | UL    | _        | _            | _      | _                 | _                 | _       |
| $\mathcal{A}_{14}$            | 19-08 <sup>†</sup> | 3200  | 16          | 2            | 16    | $\times 8$ | UL    | 120      | 14-sided     | 32723  | 16490             | 16233             | _       |
| ${\cal A}_{15}{}^{\ddagger}$  | 17-08              | 2132  | 4           | 1            | 16    | $\times 8$ | UL    | 2        | 9-sided      | 22397  | 12351             | 10046             | _       |
| $\mathcal{B}_0$               | 18-11              | 2666  | 16          | 2            | 16    | ×8         | UL    | 2        | 3-sided      | 17     | 10                | 7                 | _       |
| $\mathcal{B}_1$               | 18-11              | 2666  | 16          | 2            | 16    | $\times 8$ | UL    | 2        | 3-sided      | 22     | 16                | 6                 | _       |
| $\mathcal{B}_2$               | 18-49              | 3000  | 16          | 2            | 16    | $\times 8$ | UL    | 2        | 3-sided      | 5      | 2                 | 3                 | _       |
| $\mathcal{B}_3$               | 19-08 <sup>†</sup> | 3000  | 8           | 1            | 16    | $\times 8$ | UL    | _        | _            | _      | _                 | _                 | _       |
| $\mathcal{B}_{4,5}$           | 19-08 <sup>†</sup> | 2666  | 8           | 2            | 16    | $\times 8$ | UL    | _        | _            | _      | _                 | _                 | _       |
| $\mathcal{B}_{6,7}$           | 19-08 <sup>†</sup> | 2400  | 4           | 1            | 16    | $\times 8$ | UL    | _        | _            | _      | _                 | _                 | _       |
| $\mathcal{B}_8{^\diamond}$    | 19-08 <sup>†</sup> | 2400  | 8           | 1            | 16    | $\times 8$ | UL    | _        | _            | _      | _                 | _                 | _       |
| $\mathcal{B}_9{^\diamond}$    | 19-08†             | 2400  | 8           | 1            | 16    | $\times 8$ | UL    | 2        | 3-sided      | 12     | _                 | 12                | ✓       |
| $\mathcal{B}_{10,11}$         | 16-13 <sup>†</sup> | 2132  | 8           | 2            | 16    | $\times 8$ | UL    | _        | _            | _      | _                 | _                 | _       |
| $\mathcal{C}_{0,1}$           | 18-46              | 2666  | 16          | 2            | 16    | ×8         | UL    | _        | _            | _      | _                 | _                 | _       |
| $\mathcal{C}_{2,3}$           | 19-08 <sup>†</sup> | 2800  | 4           | 1            | 16    | $\times 8$ | UL    | _        | _            | _      | _                 | _                 | _       |
| $\mathcal{C}_{4,5}$           | 19-08 <sup>†</sup> | 3000  | 8           | 1            | 16    | $\times 8$ | UL    | _        | _            | _      | _                 | _                 | _       |
| $\mathcal{C}_{6,7}$           | 19-08 <sup>†</sup> | 3000  | 16          | 2            | 16    | $\times 8$ | UL    | _        | _            | _      | _                 | _                 | _       |
| $\mathcal{C}_8$               | 19-08†             | 3200  | 16          | 2            | 16    | $\times 8$ | UL    | _        | _            | _      | _                 | _                 | _       |
| $\mathcal{C}_9$               | 18-47              | 2666  | 16          | 2            | 16    | $\times 8$ | UL    | _        | _            | _      | _                 | _                 | _       |
| $\mathcal{C}_{10,11}$         | 19-04              | 2933  | 8           | 1            | 16    | $\times 8$ | UL    | _        | _            | _      | _                 | _                 | _       |
| $\mathcal{C}_{12}^{\ddagger}$ | 15-01 <sup>†</sup> | 2132  | 4           | 1            | 16    | $\times 8$ | UT    | 25       | 10-sided     | 190037 | 63904             | 126133            | ✓       |
| $\mathcal{C}_{13}^{\sharp}$   | 18-49              | 2132  | 4           | 1            | 16    | $\times 8$ | UT    | 3        | 9-sided      | 694    | 239               | 455               | _       |

#### TRRespass Vulnerable Mobile Phones

**TABLE III: LPDDR4(X) results.** Mobile phones tested against *TRRespass* on ARMv8 sorted by production date. We found bit flip inducing RowHammer patterns on 5 out of 13mobile phones.

| Mobile<br>Phone            | Year | SoC            | Memory<br>(GB) | Found<br>Patterns |
|----------------------------|------|----------------|----------------|-------------------|
| Google Pixel               | 2016 | MSM8996        | 4 <sup>†</sup> | ✓                 |
| Google Pixel 2             | 2017 | MSM8998        | 4              | _                 |
| Samsung<br>G960F/DS        | 2018 | Exynos<br>9810 | 4              | _                 |
| Huawei P20 DS              | 2018 | Kirin 970      | 4              | _                 |
| Sony XZ3                   | 2018 | SDM845         | 4              | _                 |
| HTC U12+                   | 2018 | SDM845         | 6              | _                 |
| LG G7 ThinQ                | 2018 | SDM845         | 4 <sup>†</sup> | $\checkmark$      |
| Google Pixel 3             | 2018 | SDM845         | 4              | $\checkmark$      |
| Google Pixel 4             | 2019 | SM8150         | 6              | _                 |
| OnePlus 7                  | 2019 | SM8150         | 8              | $\checkmark$      |
| Samsung<br>G970F/DS        | 2019 | Exynos<br>9820 | 6              | $\checkmark$      |
| Huawei P30 DS              | 2019 | Kirin 980      | 6              | _                 |
| Xiaomi Redmi<br>Note 8 Pro | 2019 | Helio<br>G90T  | 6              | _                 |

103

SAFARI

† LPDDR4 (not LPDDR4X)

#### TRRespass Based RowHammer Attack

**TABLE IV: Time to exploit.** Time to find the first exploitable template on two sample modules from each DRAM vendor.

| Module             | τ (ms) | PTE [81] | RSA-2048 [79] | sudo [27] |
|--------------------|--------|----------|---------------|-----------|
| $\mathcal{A}_{14}$ | 188.7  | 4.9s     | 6m 27s        | _         |
| ${\cal A}_4$       | 180.8  | 38.8s    | 39m 28s       | _         |
| $\mathcal{B}_1$    | 360.7  |          | _             | _         |
| $\mathcal{B}_2$    | 331.2  | _        | _             | _         |
| $\mathcal{C}_{12}$ | 300.0  | 2.3s     | 74.6s         | 54m16s    |
| $\mathcal{C}_{13}$ | 180.9  | 3h 15m   | _             | _         |

 $<sup>\</sup>tau$ : Time to template a single row: time to fill the victim and aggressor rows + hammer time + time to scan the row.

#### TRRespass Key Results

- 13 out of 42 tested DDR4 DRAM modules are vulnerable
  - From all 3 major manufacturers
  - 3-, 9-, 10-, 14-, 19-sided hammer attacks needed
- 5 out of 13 mobile phones tested vulnerable
  - From 4 major manufacturers
  - With LPDDR4(X) DRAM chips
- These results are scratching the surface
  - TRRespass tool is not exhaustive
  - There is a lot of room for uncovering more vulnerable chips and phones

SAFARI 105

TRRespass Key Takeaways

# RowHammer is still an open problem

# Security by obscurity is likely not a good solution

#### Detailed Lecture on TRRespass

- Computer Architecture, Fall 2020, Lecture 5a
  - RowHammer in 2020: TRRespass (ETH Zürich, Fall 2020)
  - https://www.youtube.com/watch?v=pwRw7QqK\_qA&list=PL5 Q2soXY2Zi9xidyIgBxUz7xRPS-wisBN&index=9

https://www.youtube.com/onurmutlulectures

SAFARI 107

#### Industry-Adopted Solutions Do Not Work

 Pietro Frigo, Emanuele Vannacci, Hasan Hassan, Victor van der Veen, Onur Mutlu, Cristiano Giuffrida, Herbert Bos, and Kaveh Razavi,

"TRRespass: Exploiting the Many Sides of Target Row Refresh"

Proceedings of the <u>41st IEEE Symposium on Security and Privacy</u> (**S&P**), San Francisco, CA, USA, May 2020.

[Slides (pptx) (pdf)]

[Lecture Slides (pptx) (pdf)]

[Talk Video (17 minutes)]

[Lecture Video (59 minutes)]

[Source Code]

[Web Article]

Best paper award.

**Pwnie Award 2020 for Most Innovative Research.** Pwnie Awards 2020

# TRRespass: Exploiting the Many Sides of Target Row Refresh

Pietro Frigo\*<sup>†</sup> Emanuele Vannacci\*<sup>†</sup> Hasan Hassan<sup>§</sup> Victor van der Veen<sup>¶</sup> Onur Mutlu<sup>§</sup> Cristiano Giuffrida\* Herbert Bos\* Kaveh Razavi\*

\*Vrije Universiteit Amsterdam

§ETH Zürich

¶Qualcomm Technologies Inc.

# How to Guarantee That a Chip is RowHammer-Free?

#### Hard to Guarantee RowHammer-Free Chips

Lucian Cojocar, Jeremie Kim, Minesh Patel, Lillian Tsai, Stefan Saroiu,
 Alec Wolman, and Onur Mutlu,

"Are We Susceptible to Rowhammer? An End-to-End Methodology for Cloud Providers"

Proceedings of the <u>41st IEEE Symposium on Security and</u> <u>Privacy</u> (**S&P**), San Francisco, CA, USA, May 2020.

[Slides (pptx) (pdf)]

[Talk Video (17 minutes)]

#### Are We Susceptible to Rowhammer? An End-to-End Methodology for Cloud Providers

Lucian Cojocar, Jeremie Kim<sup>§†</sup>, Minesh Patel<sup>§</sup>, Lillian Tsai<sup>‡</sup>, Stefan Saroiu, Alec Wolman, and Onur Mutlu<sup>§†</sup>
Microsoft Research, <sup>§</sup>ETH Zürich, <sup>†</sup>CMU, <sup>‡</sup>MIT

# Uncovering TRR Almost Completely

#### Industry-Adopted Solutions Are Very Poor

 Hasan Hassan, Yahya Can Tugrul, Jeremie S. Kim, Victor van der Veen, Kaveh Razavi, and Onur Mutlu,

"Uncovering In-DRAM RowHammer Protection Mechanisms: A New Methodology, Custom RowHammer Patterns, and Implications"

Proceedings of the <u>54th International Symposium on Microarchitecture</u> (**MICRO**), Virtual, October 2021.

[Slides (pptx) (pdf)]

[Short Talk Slides (pptx) (pdf)]

[Lightning Talk Slides (pptx) (pdf)]

[Talk Video (25 minutes)]

[Lightning Talk Video (100 seconds)]

[arXiv version]

#### Uncovering In-DRAM RowHammer Protection Mechanisms: A New Methodology, Custom RowHammer Patterns, and Implications

Hasan Hassan<sup>†</sup>

†ETH Zürich

Yahya Can Tuğrul<sup>†‡</sup>

Jeremie S. Kim<sup>†</sup>

Victor van der Veen $^{\sigma}$ 

Kaveh Razavi<sup>†</sup> Onur Mutlu<sup>†</sup>

<sup>‡</sup>TOBB University of Economics & Technology <sup>\sigma</sup>Qualcomm Technologies Inc.

#### **U-TRR Summary & Key Results**

#### **Target Row Refresh (TRR):**

a set of obscure, undocumented, and proprietary RowHammer mitigation techniques

We cannot easily study the security properties of TRR

Is TRR fully secure? How can we validate its security guarantees?

**U-TRR** 

A new methodology that leverages *data retention failures* to uncover the inner workings of TRR and study its security



All 45 modules we test are vulnerable

99.9% of rows in a DRAM bank experience at least one RowHammer bit flip

Up to 7 RowHammer bit flips in an 8-byte dataword, making ECC ineffective

TRR does not provide security against RowHammer

U-TRR can facilitate the development of new RowHammer attacks and more secure RowHammer protection mechanisms

SAFARI

113

#### Overview of U-TRR

## **U-TRR:** A new methodology to *uncover* the inner workings of TRR

**Key idea:** Use data retention failures as a side channel to detect when a row is refreshed by TRR



SAFARI

114

### **Analyzing TRR-Protected DDR4 Chips**



\* SoftMC [Hassan+, HPCA'17] enhanced for DDR4

**SAFARI** 

### 115

### J-TRR Analysis Summary



new RowHammer access patterns that circumvent TRR



116

### **Key Takeaways**

### All 45 modules we test are vulnerable

## **99.9% of rows** in a DRAM bank experience at least one RowHammer bit flip

## **ECC is ineffective:** up to 7 RowHammer bit flips in an 8-byte dataword

| Module | Date<br>(yy-ww) | Chip<br>Density<br>(Gbit) | Organization |       |      |                     | Our Key TRR Observations and Results |                        |                       |                 |                     |                        |                            |                                       |  |
|--------|-----------------|---------------------------|--------------|-------|------|---------------------|--------------------------------------|------------------------|-----------------------|-----------------|---------------------|------------------------|----------------------------|---------------------------------------|--|
|        |                 |                           | Ranks        | Banks | Pins | $HC_{first}\dagger$ | Version                              | Aggressor<br>Detection | Aggressor<br>Capacity | Per-Bank<br>TRR | TRR-to-REF<br>Ratio | Neighbors<br>Refreshed | % Vulnerable<br>DRAM Rows† | Max. Bit Flips<br>per Row per Hammer† |  |
| A0     | 19-50           | 8                         | 1            | 16    | 8    | 16K                 | $A_{TRR1}$                           | Counter-based          | 16                    | /               | 1/9                 | 4                      | 73.3%                      | 1.16                                  |  |
| A1-5   | 19-36           | 8                         | 1            | 8     | 16   | 13K-15K             | $A_{TRR1}$                           | Counter-based          | 16                    | /               | 1/9                 | 4                      | 99.2% - 99.4%              | 2.32 - 4.73                           |  |
| A6-7   | 19-45           | 8                         | 1            | 8     | 16   | 13K-15K             | $A_{TRR1}$                           | Counter-based          | 16                    | 1               | 1/9                 | 4                      | 99.3% - 99.4%              | 2.12 - 3.86                           |  |
| A8-9   | 20-07           | 8                         | 1            | 16    | 8    | 12K-14K             | $A_{TRR1}$                           | Counter-based          | 16                    | ✓               | 1/9                 | 4                      | 74.6% - 75.0%              | 1.96 - 2.96                           |  |
| A10-12 | 19-51           | 8                         | 1            | 16    | 8    | 12K-13K             | $A_{TRR1}$                           | Counter-based          | 16                    | /               | 1/9                 | 4                      | 74.6% - 75.0%              | 1.48 - 2.86                           |  |
| A13-14 | 20-31           | 8                         | 1            | 8     | 16   | 11K-14K             | $A_{TRR2}$                           | Counter-based          | 16                    | ✓               | 1/9                 | 2                      | 94.3% - 98.6%              | 1.53 - 2.78                           |  |
| В0     | 18-22           | 4                         | 1            | 16    | 8    | 44K                 | $B_{TRR1}$                           | Sampling-based         | 1                     | Х               | 1/4                 | 2                      | 99.9%                      | 2.13                                  |  |
| B1-4   | 20-17           | 4                         | 1            | 16    | 8    | 159K-192K           | $B_{TRR1}$                           | Sampling-based         | 1                     | ×               | 1/4                 | 2                      | 23.3% - 51.2%              | 0.06 - 0.11                           |  |
| B5-6   | 16-48           | 4                         | 1            | 16    | 8    | 44K-50K             | $B_{TRR1}$                           | Sampling-based         | 1                     | X               | 1/4                 | 2                      | 99.9%                      | 1.85 - 2.03                           |  |
| B7     | 19-06           | 8                         | 2            | 16    | 8    | 20K                 | $B_{TRR1}$                           | Sampling-based         | 1                     | X               | 1/4                 | 2                      | 99.9%                      | 31.14                                 |  |
| B8     | 18-03           | 4                         | 1            | 16    | 8    | 43K                 | $B_{TRR1}$                           | Sampling-based         | 1                     | X               | 1/4                 | 2                      | 99.9%                      | 2.57                                  |  |
| B9-12  | 19-48           | 8                         | 1            | 16    | 8    | 42K-65K             | $B_{TRR2}$                           | Sampling-based         | 1                     | X               | 1/9                 | 2                      | 36.3% - 38.9%              | 16.83 - 24.26                         |  |
| B13-14 | 20-08           | 4                         | 1            | 16    | 8    | 11K-14K             | $B_{TRR3}$                           | Sampling-based         | 1                     | ✓               | 1/2                 | 4                      | 99.9%                      | 16.20 - 18.12                         |  |
| C0-3   | 16-48           | 4                         | 1            | 16    | x8   | 137K-194K           | C <sub>TRR1</sub>                    | Mix                    | Unknown               | /               | 1/17                | 2                      | 1.0% - 23.2%               | 0.05 - 0.15                           |  |
| C4-6   | 17-12           | 8                         | 1            | 16    | x8   | 130K-150K           | $C_{TRR1}$                           | Mix                    | Unknown               | ✓               | 1/17                | 2                      | 7.8% - 12.0%               | 0.06 - 0.08                           |  |
| C7-8   | 20-31           | 8                         | 1            | 8     | x16  | 40K-44K             | $C_{TRR1}$                           | Mix                    | Unknown               | /               | 1/17                | 2                      | 39.8% - 41.8%              | 9.66 - 14.56                          |  |
| C9-11  | 20-31           | 8                         | 1            | 8     | x16  | 42K-53K             | $C_{TRR2}$                           | Mix                    | Unknown               | /               | 1/9                 | 2                      | 99.7%                      | 9.30 - 32.04                          |  |
| C12-14 | 20-46           | 16                        | 1            | 8     | x16  | 6K-7K               | $C_{TRR3}$                           | Mix                    | Unknown               | ✓               | 1/8                 | 2                      | 99.9%                      | 4.91 - 12.64                          |  |

**SAFARI** 

### **Effect on Individual Rows**



All 45 modules we tested are vulnerable to our new RowHammer access patterns

Our RowHammer access patterns cause bit flips in more than 99.9% of the rows

### Bypassing ECC with New RowHammer Patterns



Modules from all three vendors have many 8-byte data chunks with 3 and more (up to 7) RowHammer bit flips

Conventional DRAM ECC cannot protect against our new RowHammer access patterns

SAFARI

119

### Many Observations & Results in the Paper

- More observations on the TRRs of the three vendors
- Detailed description of the crafted access patterns
- Hammers per aggressor row sensitivity analysis
- Observations and results for individual modules
- •

| Module | Date<br>(yy-ww) | Chip<br>Density<br>(Gbit) | Organization |       |      |                        | Our Key TRR Observations and Results |                        |                       |                 |                     |                        |                            |                                       |  |
|--------|-----------------|---------------------------|--------------|-------|------|------------------------|--------------------------------------|------------------------|-----------------------|-----------------|---------------------|------------------------|----------------------------|---------------------------------------|--|
|        |                 |                           | Ranks        | Banks | Pins | $HC_{first}^{\dagger}$ | Version                              | Aggressor<br>Detection | Aggressor<br>Capacity | Per-Bank<br>TRR | TRR-to-REF<br>Ratio | Neighbors<br>Refreshed | % Vulnerable<br>DRAM Rows† | Max. Bit Flips<br>per Row per Hammer† |  |
| A0     | 19-50           | 8                         | 1            | 16    | 8    | 16 <i>K</i>            | $A_{TRR1}$                           | Counter-based          | 16                    | ✓               | 1/9                 | 4                      | 73.3%                      | 1.16                                  |  |
| A1-5   | 19-36           | 8                         | 1            | 8     | 16   | 13K-15K                | $A_{TRR1}$                           | Counter-based          | 16                    | ✓               | 1/9                 | 4                      | 99.2% - 99.4%              | 2.32 - 4.73                           |  |
| A6-7   | 19-45           | 8                         | 1            | 8     | 16   | 13K-15K                | $A_{TRR1}$                           | Counter-based          | 16                    | ✓               | 1/9                 | 4                      | 99.3% - 99.4%              | 2.12 - 3.86                           |  |
| A8-9   | 20-07           | 8                         | 1            | 16    | 8    | 12K-14K                | $A_{TRR1}$                           | Counter-based          | 16                    | ✓               | 1/9                 | 4                      | 74.6% - 75.0%              | 1.96 - 2.96                           |  |
| A10-12 | 19-51           | 8                         | 1            | 16    | 8    | 12K-13K                | $A_{TRR1}$                           | Counter-based          | 16                    | ✓               | 1/9                 | 4                      | 74.6% - 75.0%              | 1.48 - 2.86                           |  |
| A13-14 | 20-31           | 8                         | 1            | 8     | 16   | 11K-14K                | $A_{TRR2}$                           | Counter-based          | 16                    | ✓               | 1/9                 | 2                      | 94.3% - 98.6%              | 1.53 - 2.78                           |  |
| B0     | 18-22           | 4                         | 1            | 16    | 8    | 44K                    | $B_{TRR1}$                           | Sampling-based         | 1                     | X               | 1/4                 | 2                      | 99.9%                      | 2.13                                  |  |
| B1-4   | 20-17           | 4                         | 1            | 16    | 8    | 159K-192K              | $B_{TRR1}$                           | Sampling-based         | 1                     | ×               | 1/4                 | 2                      | 23.3% - 51.2%              | 0.06 - 0.11                           |  |
| B5-6   | 16-48           | 4                         | 1            | 16    | 8    | 44K-50K                | $B_{TRR1}$                           | Sampling-based         | 1                     | X               | 1/4                 | 2                      | 99.9%                      | 1.85 - 2.03                           |  |
| B7     | 19-06           | 8                         | 2            | 16    | 8    | 20K                    | $B_{TRR1}$                           | Sampling-based         | 1                     | ×               | 1/4                 | 2                      | 99.9%                      | 31.14                                 |  |
| B8     | 18-03           | 4                         | 1            | 16    | 8    | 43K                    | $B_{TRR1}$                           | Sampling-based         | 1                     | ×               | 1/4                 | 2                      | 99.9%                      | 2.57                                  |  |
| B9-12  | 19-48           | 8                         | 1            | 16    | 8    | 42K-65K                | $B_{TRR2}$                           | Sampling-based         | 1                     | ×               | 1/9                 | 2                      | 36.3% - 38.9%              | 16.83 - 24.26                         |  |
| B13-14 | 20-08           | 4                         | 1            | 16    | 8    | 11K-14K                | $B_{TRR3}$                           | Sampling-based         | 1                     | ✓               | 1/2                 | 4                      | 99.9%                      | 16.20 - 18.12                         |  |
| C0-3   | 16-48           | 4                         | 1            | 16    | x8   | 137K-194K              | C <sub>TRR1</sub>                    | Mix                    | Unknown               | /               | 1/17                | 2                      | 1.0% - 23.2%               | 0.05 - 0.15                           |  |
| C4-6   | 17-12           | 8                         | 1            | 16    | x8   | 130K-150K              | $C_{TRR1}$                           | Mix                    | Unknown               | /               | 1/17                | 2                      | 7.8% - 12.0%               | 0.06 - 0.08                           |  |
| C7-8   | 20-31           | 8                         | 1            | 8     | x16  | 40K-44K                | $C_{TRR1}$                           | Mix                    | Unknown               | /               | 1/17                | 2                      | 39.8% - 41.8%              | 9.66 - 14.56                          |  |
| C9-11  | 20-31           | 8                         | 1            | 8     | x16  | 42K-53K                | $C_{TRR2}$                           | Mix                    | Unknown               | ✓               | 1/9                 | 2                      | 99.7%                      | 9.30 - 32.04                          |  |
| C12-14 | 20-46           | 16                        | 1            | 8     | x16  | 6K-7K                  | $C_{TRR3}$                           | Mix                    | Unknown               | /               | 1/8                 | 2                      | 99.9%                      | 4.91 - 12.64                          |  |

### Uncovering TRR Can Help Future Solutions

 Hasan Hassan, Yahya Can Tugrul, Jeremie S. Kim, Victor van der Veen, Kaveh Razavi, and Onur Mutlu,

"Uncovering In-DRAM RowHammer Protection Mechanisms: A New Methodology, Custom RowHammer Patterns, and Implications"

Proceedings of the <u>54th International Symposium on Microarchitecture</u> (**MICRO**), Virtual, October 2021.

[Slides (pptx) (pdf)]

Short Talk Slides (pptx) (pdf)

[Lightning Talk Slides (pptx) (pdf)]

[Talk Video (25 minutes)]

[Lightning Talk Video (100 seconds)]

[arXiv version]

### Uncovering In-DRAM RowHammer Protection Mechanisms: A New Methodology, Custom RowHammer Patterns, and Implications

Hasan Hassan<sup>†</sup>

†ETH Zürich

Yahya Can Tuğrul<sup>†‡</sup>

Jeremie S.  $Kim^{\dagger}$ 

Victor van der Veen $^{\sigma}$ 

Kaveh Razavi<sup>†</sup> Onur Mutlu<sup>†</sup>

‡TOBB University of Economics & Technology

 $^{\sigma}$  Qualcomm Technologies Inc.

121

### New RowHammer Characteristics

### RowHammer Has Many Dimensions

 Lois Orosa, Abdullah Giray Yaglikci, Haocong Luo, Ataberk Olgun, Jisung Park, Hasan Hassan, Minesh Patel, Jeremie S. Kim, and Onur Mutlu,

"A Deeper Look into RowHammer's Sensitivities: Experimental Analysis of Real DRAM Chips and Implications on Future Attacks and Defenses"

Proceedings of the <u>54th International Symposium on Microarchitecture</u> (**MICRO**), Virtual, October 2021.

[Slides (pptx) (pdf)]

[Short Talk Slides (pptx) (pdf)]

[Lightning Talk Slides (pptx) (pdf)]

[Talk Video (21 minutes)]

[Lightning Talk Video (1.5 minutes)]

[arXiv version]

### A Deeper Look into RowHammer's Sensitivities: Experimental Analysis of Real DRAM Chips and Implications on Future Attacks and Defenses

Lois Orosa\* ETH Zürich A. Giray Yağlıkçı\* ETH Zürich Haocong Luo ETH Zürich Ataberk Olgun ETH Zürich. TOBB ETÜ Jisung Park ETH Zürich

Hasan Hassan ETH Zürich Minesh Patel ETH Zürich

Jeremie S. Kim ETH Zürich Onur Mutlu ETH Zürich

123

124

### **Our Goal**

Description of the second







To find effective and efficient attacks and defenses

### **DRAM Testing Infrastructures**

Two separate testing infrastructures

1. DDR3: FPGA-based SoftMC (Xilinx ML605)

2. DDR4: FPGA-based SoftMC (Xilinx Virtex UltraScale+ XCU200)



Fine-grained control over **DRAM commands**, **timing parameters** and **temperature** (±0.1°C)

SAFARI 125

### **DRAM Chips Tested**



### **Summary of The Study & Key Results**

- 272 DRAM chips from four major manufacturers
- 6 major takeaways from 16 novel observations
- A RowHammer bit flip is more likely to occur
  - 1) in a bounded range of temperature
  - 2) if the aggressor row is active for longer time
  - 3) in certain physical regions of the DRAM module under attack
- Our novel observations can inspire and aid future work
  - Craft more effective attacks
  - Design more effective and efficient defenses

SAFARI 127

# Example Attack Improvement 3: Bypassing Defenses with Aggressor Row Active Time

Activating aggressor rows as frequently as possible:



Keeping aggressor rows active for a longer time:



**Reduces** the minimum activation count to induce a bit flip by 36%

Bypasses defenses that do not account for this reduction

# **Key Takeaways from Spatial Variation Analysis**

### **Key Takeaway 5**

RowHammer vulnerability **significantly varies** across DRAM rows and columns due to **design-induced** and **manufacturing-process-induced** variation

### **Key Takeaway 6**

The distribution of the minimum activation count to observe bit flips ( $HC_{first}$ ) exhibits a diverse set of values in a subarray but similar values across subarrays in the same DRAM module

SAFARI 129

### **Spatial Variation across Rows**

The **minimum activation count** to observe bit flips  $(HC_{first})$  across **DRAM rows**:



The RowHammer vulnerability significantly varies across DRAM rows

130

### **Spatial Variation across Rows**



The RowHammer vulnerability significantly varies across DRAM rows

SAFARI 131

### **Spatial Variation across Rows**



### **OBSERVATION 12**

A small fraction of DRAM rows are significantly more vulnerable to RowHammer than the vast majority of the rows

### **Spatial Variation across Columns**



#### **OBSERVATION 13**

Certain columns are **significantly more vulnerable** to RowHammer than other columns

SAFARI 133

### **Example Defense Improvements**

• Example 1: Leveraging variation across DRAM rows



- Example 2: Leveraging variation with temperature
  - A DRAM cell experiences bit flips within a bounded temperature range
     no bit flips
     Vulnerable Temperature Range
     Temperature

• A row can be disabled within the row's vulnerable temperature range

Disable RowA Disable RowB Temperature

### Many More Analyses In The Paper

 Lois Orosa, Abdullah Giray Yaglikci, Haocong Luo, Ataberk Olgun, Jisung Park, Hasan Hassan, Minesh Patel, Jeremie S. Kim, and Onur Mutlu,

"A Deeper Look into RowHammer's Sensitivities: Experimental Analysis of Real DRAM Chips and Implications on Future Attacks and Defenses"

Proceedings of the <u>54th International Symposium on Microarchitecture</u> (**MICRO**), Virtual, October 2021.

[Slides (pptx) (pdf)]

[Short Talk Slides (pptx) (pdf)]

[Lightning Talk Slides (pptx) (pdf)]

[Talk Video (21 minutes)]

[Lightning Talk Video (1.5 minutes)]

[arXiv version]

### A Deeper Look into RowHammer's Sensitivities: Experimental Analysis of Real DRAM Chips and Implications on Future Attacks and Defenses

Lois Orosa\* ETH Zürich A. Giray Yağlıkçı\* ETH Zürich Haocong Luo ETH Zürich Ataberk Olgun ETH Zürich, TOBB ETÜ

Jisung Park ETH Zürich

Hasan Hassan ETH Zürich Minesh Patel ETH Zürich Jeremie S. Kim ETH Zürich Onur Mutlu ETH Zürich

135

### More RowHammer Analysis

### RowHammer vs. Wordline Voltage (2022)

To appear in DSN 2022

# Under Reduced Wordline Voltage: An Experimental Study Using Real DRAM Devices

A. Giray Yağlıkçı<sup>1</sup> Haocong Luo<sup>1</sup> Geraldo F. de Oliviera<sup>1</sup> Ataberk Olgun<sup>1</sup> Jisung Park<sup>1</sup> Minesh Patel<sup>1</sup> Hasan Hassan<sup>1</sup> Jeremie S. Kim<sup>1</sup> Lois Orosa<sup>1,2</sup> Onur Mutlu<sup>1</sup>

<sup>1</sup>ETH Zürich <sup>2</sup>Galicia Supercomputing Center (CESGA)

SAFARI 137

### Sneak Peak: RowHammer vs. Voltage [DSN'22]

- Voltage swing on a DRAM row's wordline causes RowHammer
- No prior study on the impact of voltage on RowHammer



RowHammer vulnerability can be reduced via voltage scaling

### New RowHammer Solutions

### BlockHammer Solution in 2021

 A. Giray Yaglikci, Minesh Patel, Jeremie S. Kim, Roknoddin Azizi, Ataberk Olgun, Lois Orosa, Hasan Hassan, Jisung Park, Konstantinos Kanellopoulos, Taha Shahroodi, Saugata Ghose, and Onur Mutlu,

"BlockHammer: Preventing RowHammer at Low Cost by Blacklisting Rapidly-Accessed DRAM Rows"

Proceedings of the <u>27th International Symposium on High-Performance</u> Computer Architecture (**HPCA**), Virtual, February-March 2021.

[Slides (pptx) (pdf)]

[Short Talk Slides (pptx) (pdf)]

[Talk Video (22 minutes)]

[Short Talk Video (7 minutes)]

## **BlockHammer: Preventing RowHammer at Low Cost** by Blacklisting Rapidly-Accessed DRAM Rows

A. Giray Yağlıkçı<sup>1</sup> Minesh Patel<sup>1</sup> Jeremie S. Kim<sup>1</sup> Roknoddin Azizi<sup>1</sup> Ataberk Olgun<sup>1</sup> Lois Orosa<sup>1</sup> Hasan Hassan<sup>1</sup> Jisung Park<sup>1</sup> Konstantinos Kanellopoulos<sup>1</sup> Taha Shahroodi<sup>1</sup> Saugata Ghose<sup>2</sup> Onur Mutlu<sup>1</sup>

<sup>1</sup>ETH Zürich <sup>2</sup>University of Illinois at Urbana–Champaign

### **RowHammer Solution Approaches**

- More robust DRAM chips and/or error-correcting codes
- Increased refresh rate



### Two Key Challenges



### **Scalability**

with worsening RowHammer vulnerability

Fewer activations allowed for aggressive applications



### **Compatibility**

with commodity DRAM chips

141

### **Our Goal**

To prevent RowHammer efficiently and scalably without knowledge of or modifications to DRAM internals

SAFARI 143

### BlockHammer Key Idea

**Selectively throttle** memory accesses that may cause RowHammer bit-flips

### BlockHammer Overview of Approach

### **RowBlocker**

Tracks row activation rates using area-efficient Bloom filters

Blacklists rows that are activated at a high rate

Throttles activations targeting a blacklisted row

No row can be activated at a high enough rate to induce bit-flips

### AttackThrottler

Identifies threads that perform a RowHammer attack

Reduces memory bandwidth usage of identified threads

Greatly reduces the **performance degradation** and **energy wastage** a RowHammer attack inflicts on a system

SAFARI 145

# **Evaluation Scaling with RowHammer Vulnerability**

- System throughput (weighted speedup)
- Job turnaround time (harmonic speedup)
- Unfairness (maximum slowdown)
- DRAM energy consumption



BlockHammer's performance and energy overheads remain negligible (<0.6%)



BlockHammer scalably provides **much higher performance** (71% on average) and **lower energy consumption** (32% on average) than state-of-the-art mechanisms

### **Key Results: BlockHammer**

- Competitive with state-of-the-art mechanisms when there is no attack
- Superior performance and DRAM energy when RowHammer attack present
- Better hardware area scaling with RowHammer vulnerability
- Security Proof
- Addresses Many-Sided Attacks
- Evaluation of 14 mechanisms representing four mitigation approaches
  - Comprehensive Protection
  - Compatibility with Commodity DRA
  - Scalability with RowHammer Vulne
  - Deterministic Protection



SAFARI

147

### A Takeaway

# Main Memory Needs Intelligent Controllers for Security, Safety, Reliability, Scaling

### More RowHammer in 2020-2022

### RowHammer in 2020 (I)



### RowHammer in 2020 (II)

S&P Program ▼ Call For... ▼ Attend ▼ Workshops ▼ Session #5: Rowhammer Room 2 Session chair: Michael Franz (UC Irvine) **RAMBleed: Reading Bits in Memory Without Accessing Them** Andrew Kwong (University of Michigan), Daniel Genkin (University of Michigan), Daniel Gruss Data61) Are We Susceptible to Rowhammer? An End-to-End Methodology for Cloud Providers Lucian Cojocar (Microsoft Research), Jeremie Kim (ETH Zurich, CMU), Minesh Patel (ETH Zu (Microsoft Research), Onur Mutlu (ETH Zurich, CMU) Leveraging EM Side-Channel Information to Detect Rowhammer Attacks Zhenkai Zhang (Texas Tech University), Zihao Zhan (Vanderbilt University), Daniel Balasubrar Peter Volgyesi (Vanderbilt University), Xenofon Koutsoukos (Vanderbilt University)

TRRespass: Exploiting the Many Sides of Target Row Refresh

Pietro Frigo (Vrije Universiteit Amsterdam, The Netherlands), Emanuele Vannacci (Vrije Universiteit Ams Veen (Qualcomm Technologies, Inc.), Onur Mutlu (ETH Zürich), Cristiano Giuffrida (Vrije Unive The Netherlands), Kaveh Razavi (Vrije Universiteit Amsterdam, The Netherlands)

SAFARI

RowHammer in 2020 (III)

29™ USENIX SECURITY SYMPOSIUM

ATTEND

PROGRAM

**PARTICIPATE** 

SPONSORS

**ABOUT** 

DeepHammer: Depleting the Intelligence of Deep Neural Networks through Targeted Chain of Bit Flips Fan Yao, University of Central Florida; Adnan Siraj Rakin and Deliang Fan, Arizona State University

AVAILABLE MEDIA 🗍 🗐 🕞

Show details >

SAFARI

151

152

### HotOS XVIII

The 18th Workshop on Hot Topics in Operating Systems

31 May 1 June-3 June 2021, Cyberspace, People's Couches, and Zoon

# Stop! Hammer Time: Rethinking Our Approach to Rowhammer Mitigations

SAFARI 153

RowHammer in 2021 (II)

30<sup>1H</sup> USENIX SECURITY SYMPOSIUM

ATTEND

PROGRAM

PARTICIPAT

SPONSORS

ABOU<sup>-</sup>

SMASH: Synchronized Many-sided Rowhammer Attacks from JavaScript

### RowHammer in 2021 (III)



Session 10A: Security & Privacy III

Session Chair: Hoda Naghibijouybari (Binghamton)

9:00 PM CEST - 9:15 PM CEST

A Deeper Look into RowHammer's Sensitivities: Experimental Analysis of Real DRAM Chips and Implications on Future Attacks and Defenses

Lois Orosa, Abdullah Giray Yaglikci, Haocong Luo (ETH Zurich); Ataberk Olgun (TOBB University of Economics and Technology); Jisung Park, Hasan Hassan, Minesh Patel, Jeremie S. Kim, Onur Mutlu (ETH Zurich)

Paper

9:15 PM CEST - 9:30 PM CEST

Uncovering In-DRAM RowHammer Protection Mechanisms: A New Methodology, Custom RowHammer Patterns, and Implications

Hasan Hassan (ETH Zurich); Yahya Can Tugrul (TOBB University of Economics and Technology); Jeremie S. Kim (ETH Zurich); Victor van der Veen (Qualcomm); Kaveh Razavi, Onur Mutlu (ETH Zurich)

Paper

SAFARI 155

RowHammer in 2022 (I)

MAY 22-26, 2022 AT THE HYATT REGENCY, SAN FRANCISCO, CA

# 43rd IEEE Symposium on Security and Privacy

BLACKSMITH: Scalable Rowhammering in the Frequency Domain

SpecHammer: Combining Spectre and Rowhammer for New Speculative Attacks

PROTRR: Principled yet Optimal In-DRAM Target Row Refresh

### RowHammer in 2022 (II)



Randomized Row-Swap: Mitigating Row Hammer by Breaking Spatial Correlation between Aggressor and Victim Rows

SAFARI 157

RowHammer in 2022 (III)

### **HPCA 2022**

The 28th IEEE International Symposium on High-Performance Computer Architecture (HPCA-28), Seoul, South Korea

# SafeGuard: Reducing the Security Risk from Row-Hammer via Low-Cost Integrity Protection

Mithril: Cooperative Row Hammer Protection on Commodity DRAM Leveraging
Managed Refresh



### **IRPS 2022**

# The Price of Secrecy: How Hiding Internal DRAM Topologies Hurts Rowhammer Defenses

Stefan Saroiu, Alec Wolman, Lucian Cojocar Microsoft

SAFARI 159

More to Come...

# Future Memory Reliability/Security Challenges

### Future of Main Memory Security

- DRAM is becoming less reliable → more vulnerable
- Due to difficulties in DRAM scaling, other problems may also appear (or they may be going unnoticed)
- Some errors may already be slipping into the field
  - Read disturb errors (Rowhammer)
  - Retention errors
  - Read errors, write errors
  - **...**
- These errors can also pose security vulnerabilities

### Future of Main Memory Security

- DRAM
- Flash memory
- Emerging Technologies
  - Phase Change Memory
  - STT-MRAM
  - RRAM, memristors
  - **...**

SAFARI 163

A Takeaway

# Main Memory Needs Intelligent Controllers for Security, Safety, Reliability, Scaling

# Intelligent Memory Controllers Can Avoid Many Failures & Enable Better Scaling

SAFARI 165

### Architecting Future Memory for Security

- Understand: Methods for vulnerability modeling & discovery
  - Modeling and prediction based on real (device) data and analysis
  - Understanding vulnerabilities
  - Developing reliable metrics
- Architect: Principled architectures with security as key concern
  - Good partitioning of duties across the stack
  - Cannot give up performance and efficiency
  - Patch-ability in the field
- Design & Test: Principled design, automation, (online) testing
  - Design for security
  - High coverage and good interaction with system reliability methods

### Understand and Model with Experiments (DRAM)



SAFARI

Kim+, "Flipping Bits in Memory Without Accessing Them: An Experimental Study of DRAM Disturbance Errors," ISCA 2014.

167

### Understand and Model with Experiments (Flash)



[DATE 2012, ICCD 2012, DATE 2013, ITJ 2013, ICCD 2013, SIGMETRICS 2014, HPCA 2015, DSN 2015, MSST 2015, JSAC 2016, HPCA 2017, DFRWS 2017, PIEEE 2017, HPCA 2018, SIGMETRICS 2018]

NAND Daughter Board

Cai+, "Error Characterization, Mitigation, and Recovery in Flash Memory Based Solid State Drives," Proc. IEEE 2017.

### An Example Intelligent Controller



Proceedings of the IEEE, Sept. 2017

### Error Characterization, Mitigation, and Recovery in Flash-Memory-Based Solid-State Drives

This paper reviews the most recent advances in solid-state drive (SSD) error characterization, mitigation, and data recovery techniques to improve both SSD's reliability and lifetime.

By Yu Cai, Saugata Ghose, Erich F. Haratsch, Yixin Luo, and Onur Mutlu

https://arxiv.org/pdf/1706.08642

169

### Collapse of the "Galloping Gertie" (1940)



### Another Example (1994)



**SAFARI** 

Source: By 최광모 - Own work, CC BY-SA 4.0, https://commons.wikimedia.org/w/index.php?curid=35197984

### 171

### Yet Another Example (2007)



### A More Recent Example (2018)



SAFARI

Source: AFP / Valery HACHE, https://www.capitalfm.co.ke/news/2018/08/genoa-bridge-collapse-what-we-know/

173

### The Takeaway, Again

# In-Field Patch-ability (Intelligent Memory) Can Avoid Such Failures

### An Early Proposal for Intelligent Controllers [IMW'13]

Onur Mutlu,
 "Memory Scaling: A Systems Architecture Perspective"
 Proceedings of the 5th International Memory
 Workshop (IMW), Monterey, CA, May 2013. Slides
 (pptx) (pdf)
 EETimes Reprint

### Memory Scaling: A Systems Architecture Perspective

Onur Mutlu
Carnegie Mellon University
onur@cmu.edu
http://users.ece.cmu.edu/~omutlu/

https://people.inf.ethz.ch/omutlu/pub/memory-scaling memcon13.pdf

### Industry Is Writing Papers About It, Too

### **DRAM Process Scaling Challenges**

#### Refresh

- · Difficult to build high-aspect ratio cell capacitors decreasing cell capacitance
- · Leakage current of cell access transistors increasing

### **♦ tWR**

- · Contact resistance between the cell capacitor and access transistor increasing
- · On-current of the cell access transistor decreasing
- · Bit-line resistance increasing

#### VRT

Occurring more frequently with cell capacitance decreasing







### Industry Is Writing Papers About It, Too

### **DRAM Process Scaling Challenges**

#### Refresh

Difficult to build high-aspect ratio cell capacitors decreasing cell capacitance
 THE MEMORY FORUM 2014

# Co-Architecting Controllers and DRAM to Enhance DRAM Process Scaling

Uksong Kang, Hak-soo Yu, Churoo Park, \*Hongzhong Zheng, \*\*John Halbert, \*\*Kuljit Bains, SeongJin Jang, and Joo Sun Choi

Samsung Electronics, Hwasung, Korea / \*Samsung Electronics, San Jose / \*\*Intel



Final Thoughts on RowHammer

### Before RowHammer (I)

### Using Memory Errors to Attack a Virtual Machine

Sudhakar Govindavajhala \* Andrew W. Appel Princeton University {sudhakar,appel}@cs.princeton.edu

We present an experimental study showing that soft memory errors can lead to serious security vulnerabilities in Java and .NET virtual machines, or in any system that relies on type-checking of untrusted programs as a protection mechanism. Our attack works by sending to the JVM a Java program that is designed so that almost any memory error in its address space will allow it to take control of the JVM. All conventional Java and .NET virtual machines are vulnerable to this attack. The technique of the attack is broadly applicable against other language-based security schemes such as proof-carrying code.

We measured the attack on two commercial Java Virtual Machines: Sun's and IBM's. We show that a single-bit error in the Java program's data space can be exploited to execute arbitrary code with a probability of about 70%, and multiple-bit errors with a lower probability.

Our attack is particularly relevant against smart cards or tamper-resistant computers, where the user has physical access (to the outside of the computer) and can use various means to induce faults; we have successfully used heat. Fortunately, there are some straightforward defenses against this attack.

### 7 Physical fault injection

If the attacker has physical access to the outside of the machine, as in the case of a smart card or other tamper-resistant computer, the attacker can induce memory errors. We considered attacks on boxes in form factors ranging from a credit card to a palmtop to a desktop PC.

We considered several ways in which the attacker could induce errors.<sup>4</sup>

**IEEE S&P 2003** 

https://www.cs.princeton.edu/~appel/papers/memerr.pdf

179

### Before RowHammer (II)

### **Using Memory Errors to Attack a Virtual Machine**

Sudhakar Govindavajhala \* Andrew W. Appel Princeton University {sudhakar,appel}@cs.princeton.edu



Figure 3. Experimental setup to induce memory errors, showing a PC built from surplus components, clip-on gooseneck lamp, 50-watt spotlight bulb, and digital thermometer. Not shown is the variable AC power supply for the lamp.

**IEEE S&P 2003** 

# A simple memory error can be induced by software



### Forget Software-Now Hackers Are Exploiting Physics

BUSINESS CULTURE DESIGN GEAR SCIENCE



# FORGET SOFTWARE—NOW HACKERS ARE EXPLOITING PHYSICS

### RowHammer: Retrospective

- New mindset that has enabled a renewed interest in HW security attack research:
  - □ Real (memory) chips are vulnerable, in a simple and widespread manner
     → this causes real security problems
  - □ Hardware reliability → security connection is now mainstream discourse
- Many new RowHammer attacks...
  - Tens of papers in top security & architecture venues
  - More to come as RowHammer is getting worse (DDR4 & beyond)
- Many new RowHammer solutions...
  - Apple security release; Memtest86 updated
  - Many solution proposals in top venues (latest in ASPLOS 2022)
  - Principled system-DRAM co-design (in original RowHammer paper)

More to come...

### Perhaps Most Importantly...

- RowHammer enabled a shift of mindset in mainstream security researchers
  - General-purpose hardware is fallible, in a widespread manner
  - Its problems are exploitable
- This mindset has enabled many systems security researchers to examine hardware in more depth
  - And understand HW's inner workings and vulnerabilities
- It is no coincidence that two of the groups that discovered Meltdown and Spectre heavily worked on RowHammer attacks before
  - More to come...

SAFARI 183

### Conclusion

### Summary: RowHammer

- Memory reliability is reducing
- Reliability issues open up security vulnerabilities
  - Very hard to defend against
- Rowhammer is a prime example
  - First example of how a simple hardware failure mechanism can create
     a widespread system security vulnerability
  - Its implications on system security research are tremendous & exciting
- Bad news: RowHammer is getting worse
- Good news: We have a lot more to do
  - We are now fully aware hardware is easily fallible
  - We are developing both attacks and solutions
  - We are developing principled models, methodologies, solutions

SAFARI 185

### A RowHammer Survey Across the Stack

Onur Mutlu and Jeremie Kim,

"RowHammer: A Retrospective"

<u>IEEE Transactions on Computer-Aided Design of Integrated Circuits and Systems</u> (**TCAD**) Special Issue on Top Picks in Hardware and Embedded Security, 2019.

[Preliminary arXiv version]

[Slides from COSADE 2019 (pptx)]

[Slides from VLSI-SOC 2020 (pptx) (pdf)]

[Talk Video (1 hr 15 minutes, with Q&A)]

### RowHammer: A Retrospective

Onur Mutlu<sup>§‡</sup> Jeremie S. Kim<sup>‡§</sup> §ETH Zürich <sup>‡</sup>Carnegie Mellon University

## Detailed Lectures on RowHammer

- Computer Architecture, Fall 2021, Lecture 5
  - RowHammer (ETH Zürich, Fall 2021)
  - https://www.youtube.com/watch?v=7wVKnPj3NVw&list=P
     L5Q2soXY2Zi-Mnk1PxjEIG32HAGILkTOF&index=5
- Computer Architecture, Fall 2021, Lecture 6
  - RowHammer and Secure & Reliable Memory (ETH Zürich, Fall 2021)
  - https://www.youtube.com/watch?v=HNd4skQrt6I&list=PL 5Q2soXY2Zi-Mnk1PxjEIG32HAGILkTOF&index=6

https://www.youtube.com/onurmutlulectures

SAFARI 187



# Funding Acknowledgments

- Alibaba, AMD, ASML, Google, Facebook, Hi-Silicon, HP Labs, Huawei, IBM, Intel, Microsoft, Nvidia, Oracle, Qualcomm, Rambus, Samsung, Seagate, VMware, Xilinx
- NSF
- NIH
- GSRC
- SRC
- CyLab
- EFCL

# Thank you!

189

## Acknowledgments



Think BIG, Aim HIGH!

https://safari.ethz.ch

## SAFARI Research Group

https://safari.ethz.ch/safari-newsletter-december-2021/



Think Big, Aim High

**ETH** zürich





191

# Security Aspects of DRAM The Story of RowHammer

Onur Mutlu

omutlu@gmail.com

https://people.inf.ethz.ch/omutlu

15 May 2022 IMW Tutorial

SAFARI



Carnegie Mellon



Swaroop Ghosh Pennsylvania State University

Swaroop Ghosh received the B.E. from IIT, Roorkee and Ph.D. from Purdue. He is an Associate Professor at Penn State. Prior to that, he was a Senior Research and Development Engineer at Intel. His research interests include low-power circuits, hardware security, quantum computing and digital testing for nanometer technologies.

## Security Aspects of Non-Volatile Memories

Dr. Swaroop Ghosh

School of Electrical Engineering and Computer Science, The Pennsylvania State University











Lab of Green & Secure Integrated Circuit Systems (LOGICS)

## Why Emerging NVM?



## Why Emerging NVMs?





Instruction Per Cycle (IPC)

IPC (SRAM vs. MRAM)

Last 4 benchmark: write extensive



Con: Long write latency, PennState

Lab of Green & Secure Integrated Circuit Systems (LOGICS)

## Non-Volatile Memory Design Space



## **Emerging NVM Application**





## **Outline**

- · Basics of hardware security
- CMOS security primitives
- Emerging technologies
- Application in security
- Security vulnerabilities and defenses
- Conclusions



Lab of Green & Secure Integrated Circuit Systems (LOGICS)

#### **Side Channel Attacks**



- Possible sources: electrical, ambient, acoustical, temporal...
- Objective: extract valuable information



## **Semiconductor Supply Chain**



- Profit driven business model that relies on outsourcing
  - · Security vulnerabilities present at many stages of design and manufacturing process
- Attacks
  - · Counterfeiting
  - Hardware Trojan Horses
  - Cloning
  - Overproduction
  - · Reverse engineering
  - · Non-invasive tampering



Lab of Green & Secure Integrated Circuit Systems (LOGICS)

## IC Recycling/Counterfeiting





## **Hardware Trojans**



- Undesirable/ unintended design features to
  - · Bypass security features
  - Bypasses convention test methods
  - Triggers in-field failures





Lab of Green & Secure Integrated Circuit Systems (LOGICS)

## **Reverse Engineering and Cloning**



- Delayering of chip, identification of gates and their connectivity information, and, reconstruction of netlist
  - Goals: competitive analysis, cloning and overproduction, siphoning profit

## **Non-Invasive Tampering**













heat

magnet



- Objective is to
  - · Bypass security features
  - · Launch denial-of-service attack
  - · Extract valuable information



Lab of Green & Secure Integrated Circuit Systems (LOGICS)

#### **Outline**

- · Basics of hardware security
- CMOS security primitives
- Emerging technologies
- Application in security
- Security vulnerabilities and defenses
- Conclusions

## **Recycling Sensor**



Case-1

Fresh Stressed (t=0)

Shaded chips are flagged recycled

Case-2



Aged RO is compared with fresh RO

Recycling of shaded chips are masked

- Challenges
  - Process variation results in wrong decision or masking
  - · Limited by aging of RO and delay sensitivity of RO on aging
- Prevents recycling/counterfeit ICs



Lab of Green & Secure Integrated Circuit Systems (LOGICS)

## **Physically Unclonable Functions**



- PUF replaces the hardcoded key with a challenge response system
  - Response is generated from physical properties of the chip
  - Cannot be cloned
- · Prevents cloning, counterfeit IC



## **Physically Unclonable Functions**



• Different chips produce different responses for same challenge



Lab of Green & Secure Integrated Circuit Systems (LOGICS)

## **Physically Unclonable Functions**



#### **True Random Number Generator**

Direct amplification



Oscillator sampling



Discrete time chaos





Key generation and seed generation for authentication, secure communication

PennStaterie, Craig S., and Alvin Connelly. "A noise-based Labrof Green & Secure Integrated Circuit Systems (LOGICS)
Fundamental Theory and Applications, IEEE Transactions on 47, no. 5 (2000): 615-621.

## **Encryption Engines**

- Ensures privacy in communication
- Requires extensive shift, XOR and addition operation
  - Prone to side channel attack



## Hardware Security Primitives- Key Requirements

| Security primitive | Key Requirements                                 |
|--------------------|--------------------------------------------------|
| Recycling sensor   | Low process variation, high sensitivity to usage |
| PUF                | High process variation, nonlinearity             |
| TRNG               | High entropy                                     |
| Encryption         | Recursive shift, multiplication, addition        |
| Miscellaneous      | Sensitivity to ambient parameters                |



Lab of Green & Secure Integrated Circuit Systems (LOGICS)

#### **Outline**

- Basics of hardware security
- CMOS security primitives
- Emerging technologies
- Application in security
- Security vulnerabilities and defenses
- Conclusions

## **Emerging Technologies**

- Opportunities
  - Non-volatility, electroforming, asymmetric read/write, retention, magnetization noise, stochastic resistance, nonlinearity, random DW dynamics...
- Challenges
  - Vulnerabilities
- Need deeper understanding for right application





Lab of Green & Secure Integrated Circuit Systems (LOGICS)

## **Recent Commercialization of Emerging NVMs**





Intel unveils its Optane hyperfast memory

Intel released few key details around its new non-volatile memory

# STT- MRAM

AD XPOINT® Technology:

An Innovative, High-Density Design

Cross Point Structure

Convert Poin

#### ReRAM



Western Digital to Use 3D ReRAM as Storage Class Memory for Special-Purpose SSDs by Anton Shilov on August 12, 2016 8:00 AM EST



Published: March 9, 2017

Penn Everspin unveils a new low latency, PCIe NVMe card based on Spin Torque MRAM

## **NVM: Resistive RAM (ReRAM)**

- ReRAM Features
  - · Bits stored as resistance state
  - Low R → Data "0", High R → Data "1"
  - Possible Oxides: HfO<sub>2</sub>, TiO<sub>2</sub>, TaO<sub>x</sub>,WO<sub>x</sub>
- Offers lowest footprint (4F<sup>2</sup> for xpoint)





Lab of Green & Secure Integrated Circuit Systems (LOGICS)

## **NVM: Spin Torque Transfer RAM (STTRAM)**

- STTRAM Features
  - Magnetic Tunnel Junction (MTJ) as Storage element
  - MTJ consists of free (FL) and pinned (PL) magnetic layer
  - · Bits stored as resistance state
  - Magnetic Orientation
    - Data "0": Parallel (Low resistance)
    - Data "1": Anti-parallel (High resistance)



## **Domain Wall Memory**

#### DWM Features

- · Three components: Read MTJ, Write MTJ, Nanowire
- · Bits are stored in nanowire that acts like a shift register
- · Access mechanism is serial





Lab of Green & Secure Integrated Circuit Systems (LOGICS)

## **NVM: Ferroelectric FET (FeFET)**

#### FeFET features

- Ferroelectric (FE) layer between metal gate and dielectric layer
- Stores data as polarization state (+ve or -ve) of FE layer
- Inherent 3-terminal structure allows isolation of read and write ports
- If +ve  $V_{GS}$  > gate critical voltage  $\rightarrow$  polarization switches to positive



#### **Outline**

- · Basics of hardware security
- CMOS security primitives
- Emerging technologies
- Application in security
- Security vulnerabilities and defenses
- Conclusions



Lab of Green & Secure Integrated Circuit Systems (LOGICS)

## **Exploiting Persistence-Obfuscation**



Output **NV-FeFET** 1.5

- Average delay overhead: 1.7X
- Average leakage overhead: 0.9X
- Average total power overhead: 0.6X
- Average area overhead: 2.3X



0.2



■ AOI21 (CTCG4) ■ OAI21 (CTCG4)

Comparative Analysis of CTCG2 (FeFET)

## **Exploiting Variations- Physically Unclonable Functions**

- Design
  - PV in emerging NVM
  - RRAM based design using RC signal delay to generate PUF response









Govindaraj, ICCD'17 Lab of Green & Secure Integrated Circuit Systems (LOGICS)

#### **MRAM PUF**

- Employs random initialization of the MTJ due to physical variations in the MTJ
- · Variations create random tilt of energy barrier
- MTJ free layer is prone to prefer certain initial orientation much similar to SRAM PUF
- Intra-die HD of 0.0225 and an entropy of 0.99
- Decreasing the aspect ratio at constant volume and increasing the volume at constant aspect ratio is proposed to increase the tilt angle variation and enhance the stability of the PUF





| PUF Types       | $\mathcal{D}_{int\taua}$ | $\mathcal{D}_{inter}$ | $\rho(Y^n) \le$ | area $(\mu  \text{m}^2)$ |
|-----------------|--------------------------|-----------------------|-----------------|--------------------------|
| SRAM            | 0.078                    | 0.49                  | 0.94            | 51.99                    |
| Latch           | 0.26                     | 0.3                   | 0.71            | 531.25                   |
| D flip-flop     | 0.19                     | 0.39                  | 0.81            | 765.63                   |
| Arbiter         | 0.07                     | 0.46                  | 0.5-0.9         | 690.56                   |
| Ring Oscillator | 0.099                    | 0.46                  | 0.86            | 7774.2                   |
| Memristor *     | -                        | $\simeq 0.5$          | -               | -                        |
| STT-PUF*        | $\sim 10e-6$             | $\simeq 0.5$          | 0.985           | 6.79                     |
| MRAM            | 0.0225                   | 0.47                  | 0.99            | 6.74                     |

Das, Jayita, Kevin Scott, Srinath Rajaram, Drew Burgett, and Sanjukta Bhanja. "MRAM PUF: A Novel Geometry Based Magnetic PUF With Integrated CMOS." (2015).



## **DWM-Relay PUF**



- · Operation of relay-PUF
  - · DW nucleation
  - Race
  - Sense
  - Relay
  - · Race...
- · Variation in DW velocity due to variation is exploited
- Hamming distance=50%





Lab of Green & Secure Integrated Circuit Systems (LOGICS)

## **Memory PUF**

- DW is raced in memory array (pinned: '0' (red), remaining: '1' (green))
- Uneven number of '0's and '1's at high voltage
- Temperature variation changes response
- · Hamming distance is ~44%



## **Spintronic TRNG**

- Key ideas:
  - · Reset the MTJ to AP state
  - Excite the free layer of the MTJ to the bifurcation point by applying a current pulse
  - · Magnetization settle in random state due to thermal noise
  - · To improve randomness and kill correlation bits are XOR'ed with each other
- Reset pulse is detrimental to MTJ reliability
- Sharing of reset and sense circuit makes sense MTJ susceptible to read disturb

   Description Descri



Choi, Won Ho, L. V. Yang, Jongyeon Kim, Abhishek Deshpande, Gyuseong Kang, Jian-ping Wang, and Chris H. Kim. "A Magnetic Tunnel Junction based True Random Number Generator with conditional perturb and real-time output probability tracking." In Electron Devices Meeting (IEDM), 2014 IEEE International, pp. 12-5. IEEE, 2014.



Lab of Green & Secure Integrated Circuit Systems (LOGICS)

#### **RRAM TRNG**

RTN to generate random bit strings



## **Spintronic Encryption Engine**

- SubByte: The DW-based Look-Up Table (LUT) is used to save leakage power
- · ShiftRows: To mimic cyclic rotation in nanowire, redundant bits are employed in DW nanowire
- MixColumns: multiplication by shift and addition. For addition domain wall XOR gate is employed
- AddRoundKey: This step XORs the SM with the round key





] Wang, Yuhao, Hao Yu, Dennis Sylvester, and Pingfan Kong. "Energy efficient in-memory aes encryption based on nonvolatile domain-wall nanowire." In Design, Automation and Test in Europe Conference and Exhibition (DATE), 2014, pp. 1-4. IEEE, 2014.



Lab of Green & Secure Integrated Circuit Systems (LOGICS)

#### **Outline**

- Basics of hardware security
- CMOS security primitives
- Emerging technologies
- Application in security
- Security vulnerabilities and defenses
- Conclusions

## Side Channel Attack & System Level Overview

#### **Side Channel Attack (SCA)**

- Powerful physical attack
- Attacks the weakness of the physical implementation of a crypto-algorithm
- Implements divide and conquer approach
  - Let's say, the key is 128bit.
  - The possible cases are 2128
  - SCA attacks one byte at a time
  - Complexity reduces to 16 x  $2^8 = 2^{12}$



Attack Model:

Hacket has physical access to the system and can measure the power drawn by the system (LOGICS)

## Advanced Encryption Standard (AES)





## Write/Read Current of All Rounds of AES



## Attack Steps and Result



## **Correlation Analysis**



Leaks the first byte of the key in just 15traces!

\*Published in ICCD, 2017



Lab of Green & Secure Integrated Circuit Systems (LOGICS)

## Side Channel Vulnerability of Other NVMs





## **NVM Issues- Supply Noise**





- Noise depends on the data pattern
- Noise can propagate to other memory bank and affecting parallel operation

Supply Noise can be leveraged to launch fault injection/information leakage attack (HASP'18, ISLPED'18)

Lab of Green & Secure Integrated Circuit Systems (LOGICS)

#### **Parallel Accesses**



- Read/write takes multiple clock cycles
- Parallel operations on independent banks
  - Increases throughput
- Worsen supply noise
- Operations can affect each other

## **Supply Noise Induced Fault Injection**





- Victim/adversary writes P11/P00 in Bank<sub>x</sub>/Bank<sub>v</sub> simultaneously
- Victim incurs both
  - Self inflicted bounce
  - Adversary inflicted bounce



Lab of Green & Secure Integrated Circuit Systems (LOGICS)

## Impact of Supply Noise on Write Operation

- Supply noise:
  - 0 to 50mV: No failure
  - 50 to 120mV:  $0 \rightarrow 1$  write fails
  - > 120mV: both write polarity fails





## Impact of Supply Noise on Read Operation

Supply noise:

- 0 to 150mV : No failure- > 150mV : Read '1' Fails







Lab of Green & Secure Integrated Circuit Systems (LOGICS)



Lab of Green and secure Integrated Circuit Systems (LOGICS

## Supply Noise-Induced Row Hammer Attack

- Retention Failure
- Data→ Not reliable anymore
- Read Failure
- 0 is read as 1 or vice versa
- Write failure
- 1→0 or 0→1 flipping fails





## Retention Failure/Rowhammer

| Vol. of FL<br>(cm³)     | Thermal<br>Stability | Base Ret.<br>Time |
|-------------------------|----------------------|-------------------|
| 1.041x10 <sup>-17</sup> | 37.99                | ~1year            |
| 0.973x10 <sup>-17</sup> | 35.50                | ~1month           |
| 0.845x10 <sup>-17</sup> | 32.10                | ~1day             |
| 0.758x10 <sup>-17</sup> | 28.95                | ~1hr              |
| 0.681x10 <sup>-17</sup> | 24.85                | ~1min             |





- Higher Volume → Higher base retention → higher write current of metals and higher write current because Bump [mV]
- For LLC, low base retention desired!
- Retention time reduces as ground bounce increases
- Lower Base Retention → lower attack duration



Lab of Green & Secure Integrated Circuit Systems (LOGICS)

## **Information Leakage Attacks**



Information Leakage Attack

## **Trojan Attack Model**

- Adversary adds Trojans (design or fabrication)
- Adversary deploy a program after chip is in the market
  - Program writes one particular L1 cache address  $N_{tr}$  times with specific data pattern  $\rightarrow$  Trojan triggers
- Once triggered
  - Fault injected to victim's write/read
  - Victim's data is copied to adversary's address space





Lab of Green & Secure Integrated Circuit Systems (LOGICS)

## **NVM Trojan Trigger**









## **NVM Trojan Payload**



- Payload 1: Information leakage (copy data from one cell to another)
- Payload 2: Write failure (by injecting supply noise)
- Payload 3: Read failure (by injecting supply noise)





Lab of Green & Secure Pringerted Circlet Byster's (LOGICS)

#### **Conclusions**

- Hardware supply chain presents several new attack surfaces
- Conventional CMOS technologies offer limited randomness, variations and noise sources
- Emerging NVMs possess novel ingredients suitable for security
- We reviewed multiple techniques and their security applications
- We also covered security challenges

## **Open Research Problems**

- Various new flavors of devices
  - SOT-MRAM
  - PMA-MTJ
  - Skyrmionic memory
- Application areas of hardware primitives
  - Data non-repudiation
  - System security issues e.g., buffer overflow
  - Machine learning



Lab of Green & Secure Integrated Circuit Systems (LOGICS)

## Thank you!

- Acknowledgements
  - Collaborators: Anupam Chattopadhyay, Shivam Bhasin, Jongsun Park, Rashmi Jha





Semiconductor Research Corporation











































