Fourth Workshop on DRAM Security (DRAMSec)
The Fourth Workshop on DRAM Security (DRAMSec) at ISCA 2024 addresses persistent DRAM security challenges like Rowhammer attacks, side-channel vulnerabilities, and DoS threats. Keynote speakers discuss evolving threats and future solutions. Participants can attend in person or remotely.
Read original article
The Fourth Workshop on DRAM Security (DRAMSec) is a crucial event co-located with ISCA 2024, focusing on the security challenges surrounding DRAM technology. Despite efforts to enhance DRAM security, attacks like Half-Double, RowPress, side-channel, Denial-of-Service (DoS), and cold-boot attacks persist. The workshop aims to address these issues and explore new security solutions that require scrutiny from academia. Notable topics include Rowhammer attacks on RISC-V, malicious inter-process page sharing, and the security benefits of emerging industry solutions. Keynote speakers will discuss the evolution of Rowhammer attacks and future directions. The workshop program includes paper presentations, panels, and discussions led by industry experts and academics. Participants have the option for hybrid attendance, allowing remote participation upon request. The workshop chairs include representatives from Google and Georgia Tech, with a program committee comprising experts from various institutions and industry sponsors. The event serves as a platform for collaboration and innovation in tackling DRAM security challenges.
Related
Vulnerability in Popular PC and Server Firmware
Eclypsium found a critical vulnerability (CVE-2024-0762) in Intel Core processors' Phoenix SecureCore UEFI firmware, potentially enabling privilege escalation and persistent attacks. Lenovo issued BIOS updates, emphasizing the significance of supply chain security.
Memory Model: The Hard Bits
This chapter explores OCaml's memory model, emphasizing relaxed memory aspects, compiler optimizations, weakly consistent memory, and DRF-SC guarantee. It clarifies data races, memory classifications, and simplifies reasoning for programmers. Examples highlight data race scenarios and atomicity.
CISA and Partners Guidance for Memory Safety in Critical Open Source Projects
CISA, FBI, and Australian Cyber Security Centre collaborate on memory safety guidance for open source projects. Emphasizes risk understanding, roadmap creation, and collaboration with the open source community for enhanced cybersecurity.
Hardware FPGA DPS-8M Mainframe and FNP Project
A new project led by Dean S. Anderson aims to implement the DPS‑8/M mainframe architecture using FPGAs to run Multics OS. Progress includes FNP component implementation and transitioning software gradually. Ongoing development updates available.
The good, the bad, and the weird (2018)
Trail of Bits delves into "weird machines" in software exploitation, complex code snippets evading security measures. Techniques like Hoare triples and dynamic_casts aid in identifying and preventing exploitation, crucial in evolving security landscapes.
4 commentsIn 2021 there was "Panopticon: A Complete In-DRAM Rowhammer Mitigation" (linked from https://dramsec.ethz.ch/2021.html ).
Related
Vulnerability in Popular PC and Server Firmware
Eclypsium found a critical vulnerability (CVE-2024-0762) in Intel Core processors' Phoenix SecureCore UEFI firmware, potentially enabling privilege escalation and persistent attacks. Lenovo issued BIOS updates, emphasizing the significance of supply chain security.
Memory Model: The Hard Bits
This chapter explores OCaml's memory model, emphasizing relaxed memory aspects, compiler optimizations, weakly consistent memory, and DRF-SC guarantee. It clarifies data races, memory classifications, and simplifies reasoning for programmers. Examples highlight data race scenarios and atomicity.
CISA and Partners Guidance for Memory Safety in Critical Open Source Projects
CISA, FBI, and Australian Cyber Security Centre collaborate on memory safety guidance for open source projects. Emphasizes risk understanding, roadmap creation, and collaboration with the open source community for enhanced cybersecurity.
Hardware FPGA DPS-8M Mainframe and FNP Project
A new project led by Dean S. Anderson aims to implement the DPS‑8/M mainframe architecture using FPGAs to run Multics OS. Progress includes FNP component implementation and transitioning software gradually. Ongoing development updates available.
The good, the bad, and the weird (2018)
Trail of Bits delves into "weird machines" in software exploitation, complex code snippets evading security measures. Techniques like Hoare triples and dynamic_casts aid in identifying and preventing exploitation, crucial in evolving security landscapes.