With the increasing use of multicore platforms to realize mixed-criticality systems, understanding the underlying shared resources, such as the memory hierarchy shared among cores, and achieving isolation between co-executing tasks running on the same platform with different criticality levels becomes relevant. In addition to safety considerations, a malicious entity can exploit shared resources to create timing attacks on critical applications. In this paper, we focus on understanding the shared DRAM dual in-line memory module and created a timing attack, that we named the "bank & row conflict bomb", to target a victim task in a multicore platform. We also created a "navigate" algorithm to understand how victim requests are managed by the Memory Controller and provide valuable inputs for designing the bank & row conflict bomb. We performed experimental tests on a 2nd Gen Intel Xeon Processor with an 8GB DDR4-2666 DRAM module to show that such an attack can produce a significant increase in the execution time of the victim task by about 150%, motivating the need for proper countermeasures to help ensure the safety and security of critical applications.

翻译：随着多核平台在实现混合关键性系统中的广泛应用，理解底层共享资源（如核间共享的存储层次结构）以及在同一平台上运行的具有不同关键性级别的协同任务之间实现隔离变得愈发重要。除了安全性考量外，恶意实体可利用共享资源对关键应用发起时序攻击。本文聚焦于共享DRAM双列直插内存模块的理解，并创建了一种名为“bank与行冲突炸弹”的时序攻击，以针对多核平台上的受害任务。我们还设计了“导航”算法来理解内存控制器如何管理受害请求，并为设计bank与行冲突炸弹提供有价值的输入。在配备8GB DDR4-2666 DRAM模块的第二代Intel Xeon处理器上进行的实验测试表明，此类攻击可使受害任务的执行时间显著增加约150%，从而凸显了采取适当对策以确保关键应用安全性和可靠性的必要性。