A little while a go we wrote a paper about security problems in the microcode implementation and application of the IBPB instruction which acts as an important mechanism to mitigate different Spectre variants. As part of this work, we also built the first-ever cross-process Spectre attack that works on a real target. Furthermore, we showed…
All posts by krazavi
Best paper award for REFault
REFault won the Best Paper Award at the 1st Microarchitecture Security Conference (uASC ’25). REFault builds an open-source solutions that turns commodity systems into research platforms for DDR5 memory.
Top Picks for ProTRR
ProTRR has been awarded the “Top Picks in Hardware and Embedded Security”. ProTRR is the first principled in-DRAM mitigation against Rowhammer attacks. It has heavily influenced the design of follow-up work on secure mitigations in both academia and industry. From the award website, Top Picks recognizes the best of the best in hardware security, spanning…
Welcome Matej Bölcskei!
Matej Bölcskei will join as a PhD student starting March 2025.
ETH medal for Flavien Solt
The PhD dissertation of Flavien Solt has won an ETH medal, given to the top 8% of dissertations at ETH Zurich. Congratulations!
Welcome Tobias Kovats!
Tobias Kovats will join as a PhD student starting January 2025.
PhD graduations in 2024
COMSEC had her first PhD graduations in 2024! Congratulations to Dr. Flavien Solt, Dr. Michele Marazzi, and Dr. Johannes Wikner.
HybriDIFT at ICCAD and muCFI at CCS
In October, COMSEC presented HybriDIFT at ICCAD 2024 and muCFI at CCS 2024. HybriDIFT shows how to scale hardware dynamic IFT to large memories by specially treating implicit flows in the design. HybriDIFT is the first dynamic IFT solution that can scale to a serious RISC-V core such as OpenC910. muCFI introduces a new security…
Best BSc thesis award for Max Wipfli
The bachelor thesis of Max Wipfli on building Rowhammer attacks on AMD CPUs has won a best BSc award in the department. Congratulations! The new attack, that we called ZenHammer, could also trigger the first publicly known DDR5 bit flip on AMD Zen4-based platform. We later published an extended version of Max’s thesis at USENIX…
Cascade and ZenHammer at USENIX Security
COMSEC presented two papers at USENIX Security 2024 this month. Cascade shows that generating highly randomized but valid programs is highly effective in finding bugs in open-source RISC-V CPUs. In fact, it finds more bugs than all previous hardware fuzzers combined! ZenHammer shows how one can trigger bit flips from AMD Zen-based CPUs. ZenHammer triggered…