Keynotes
Onur Mutlu, ETH Zurich
RowHammer and Beyond
Abstract:
We will discuss the RowHammer problem in DRAM, which is a prime (and
likely the first) example of how a circuit-level failure mechanism in
DRAM can cause a practical and widespread system security
vulnerability. RowHammer is the phenomenon that repeatedly accessing
a row in a modern DRAM chip predictably causes errors in
physically-adjacent rows. It is caused by a hardware failure mechanism
called read disturb errors. Building on our initial fundamental work,
Google Project Zero demonstrated that this hardware phenomenon can be
exploited by user-level programs to gain kernel privileges. Many other
recent works demonstrated other attacks exploiting RowHammer,
including remote takeover of a server vulnerable to RowHammer. We will
analyze the root causes of the problem and examine solution
directions. We will also discuss what other problems may be lurking in
DRAM and other types of memories, e.g., NAND flash and Phase Change
Memory, which can potentially threaten the foundations of reliable and
secure systems, as the memory technologies scale to higher densities.
A short accompanying yet outdated paper, appearing at DATE 2017, can be
found here:
The RowHammer Problem and Other Issues We May Face as Memory Becomes Dense, Onur Mutlu ETH Zurich
Bio:
Onur Mutlu is a Professor of Computer Science at ETH Zurich. He is also a faculty member at Carnegie Mellon University, where he previously held Strecker Early Career Professorship. His current broader research interests are in computer architecture, systems, hardware security, and bioinformatics. A variety of techniques he, along with his group and collaborators, has invented over the years have influenced industry and have been employed in commercial microprocessors and memory/storage systems. He obtained his PhD and MS in ECE from the University of Texas at Austin and BS degrees in Computer Engineering and Psychology from the University of Michigan, Ann Arbor. He started the Computer Architecture Group at Microsoft Research (2006-2009), and held various product and research positions at Intel Corporation, Advanced Micro Devices, VMware, and Google. He received the inaugural IEEE Computer Society Young Computer Architect Award, the inaugural Intel Early Career Faculty Award, US National Science Foundation CAREER Award, Carnegie Mellon University Ladd Research Award, faculty partnership awards from various companies, and a healthy number of best paper or "Top Pick" paper recognitions at various computer systems, architecture, and hardware security venues. He is an ACM Fellow "for contributions to computer architecture research, especially in memory systems", IEEE Fellow for "contributions to computer architecture research and practice", and an elected member of the Academy of Europe (Academia Europaea). For more information, please see his webpage at ETH Zurich.
Ramesh Karri, New York University
Towards High-Level Approaches to Hardware Cyber Security
Abstract:
Designers use third-party intellectual property (IP) cores and
outsource various steps in the integrated circuit (IC) design and
manufacturing flow. As a result, security vulnerabilities have been
rising. This is forcing IC designers and end users to re-evaluate their
trust in ICs. If an attacker gets hold of an unprotected IC, he can
reverse engineer the IC and pirate the IP. Similarly, if an attacker
gets hold of a design, she can insert malicious circuits and backdoors
into the design.
In this talk I will outline High-Level Design for Trust techniques that
we developed to prevent these and similar attacks: Locking/Obfuscation
and Secure Sourcing of IPs for High-Level Integration.
Locking/Obfuscation implements a built-in obfuscation mechanism in ICs
to prevent reverse engineering. Secure sourcing can thwart Trojan
insertion in 3rd party Intellectual Properties.
I will wrap up the presentation by pointing out why hardware security is
an essential objective from economics, security, and safety aspects and
offer my vision of the developing field of hardware cybersecurity.
Bio:
Ramesh Karri is a Professor of Electrical and Computer Engineering at
New York University. He co-directs the
NYU Center for Cyber Security. He is also leads the Cyber Security thrust of
the NY State Center for Advanced Telecommunications Technologies at NYU.
He co-founded the Trust-Hub and organizes the
Embedded Systems Challenge, the
annual red team blue team event. Ramesh Karri has a Ph.D. in Computer
Science and Engineering, from the University of California at San Diego
and a B.E in ECE from Andhra University. His research and education
activities in hardware cybersecurity include trustworthy ICs; processors
and cyber-physical systems; security-aware computer-aided design, test,
verification, validation, and reliability; nano meets security; hardware
security competitions, benchmarks and metrics; biochip security;
additive manufacturing security. He has published over 200 articles in
leading journals and conference proceedings.
Ramesh Karri's work on hardware cybersecurity received best paper award
nominations (ICCD 2015 and DFTS 2015), awards (ITC 2014, CCS 2013, DFTS
2013 and VLSI Design 2012, ACM Student Research Competition at DAC 2012,
ICCAD 2013, DAC 2014, ACM Grand Finals 2013, Kaspersky Challenge and
Embedded Security Challenge). He also received the Humboldt Fellowship
and the National Science Foundation CAREER Award. Ramesh Karri
co-founded the IEEE/ACM Symposium on Nanoscale Architectures (NANOARCH).
