Inception at USENIX Security

Inception is a new class of transient execution attacks which we made public in August during USENIX Security. Inception can leak arbitrary memory from the kernel on all AMD Zen CPUs including the latest Zen 4 CPU. Due to its impact, Inception was featured on ETH news and many tech and popular news outlets. Examples…


COMSEC had one presentation at the flagship S&P conference this year. REGA shows how to build a stateless and scalable in-DRAM Rowhammer mitigation by cleanly separating the duties of DRAM’s sense amplifiers. REGA also includes the first open source model of a modern DRAM chip called REM.

Golden owl for COMSEC

The student association of ETH Zurich has awarded D-ITET’s 2022 Golden Owl to the COMSEC group for good teaching. According to the feedback, the students appreciated our efforts around the revamped Computer Engineering course in the ITET’s BSc program which features a new educational OS kernel that runs on top of RISC-V CPUs. Kudos to…

Presentation at MICRO

Flavien Solt presented his paper at MICRO’22 conference on how design validation and testing tools can be improved using a novel categorization of existing errata documents. More information can be found here.

USENIX Security presentations

COMSEC has two presentations this week at the annual USENIX Security conference. CellIFT shows a novel approach for scalable Information Flow Tracking (IFT) in RTL. CellIFT is open source and ready to be used on in many new projects that can benefit from IFT, such as finding hardware vulnerabilities. Retbleed shows that return instructions leak information…

Retbleed in the news

We disclosed Retbleed during July patch Tuesday. Retbleed shows that similar to indirect branches, return instructions leak sensitive information during speculative execution. Retbleed was covered in an ETH news article and many news items in popular media such as WIRED, Ars Technica, The Register, Watson, Heise and podcasts such as Security Now!

QIF Europe award

Patrick Jattke was awarded the Qualcomm Innovation Fellowship Europe for his research proposal on using machine learning techniques to improve Rowhammer testing. The competition was fierce, with Patrick’s proposal being the only one that was awarded in the cyber security domain. Qualcomm’s press release with the description of Patrick’s project can be found here.

Federally funded ERC grant

Kaveh Razavi has received an ERC Starting Grant to investigate proactive microarchitectural security at the hardware design stage. Due to Switzerland’s non-association status, the grant will be paid out by the Swiss federal government. We have multiple open PhD and PostDoc positions. Consider applying if you are interested in the topics of hardware and systems…