RowHammer attacks are a growing security and reliability concern for DRAMs and computer systems as they can induce many bit errors that overwhelm error detection and correction capabilities. System-level solutions are needed as process technology and circuit improvements alone are unlikely to provide complete protection against RowHammer attacks in the future. This paper introduces RAMPART, a novel approach to mitigating RowHammer attacks and improving server memory system reliability by remapping addresses in each DRAM in a way that confines RowHammer bit flips to a single device for any victim row address. When RAMPART is paired with Single Device Data Correction (SDDC) and patrol scrub, error detection and correction methods in use today, the system can detect and correct bit flips from a successful attack, allowing the memory system to heal itself. RAMPART is compatible with DDR5 RowHammer mitigation features, as well as a wide variety of algorithmic and probabilistic tracking methods. We also introduce BRC-VL, a variation of DDR5 Bounded Refresh Configuration (BRC) that improves system performance by reducing mitigation overhead and show that it works well with probabilistic sampling methods to combat traditional and victim-focused mitigation attacks like Half-Double. The combination of RAMPART, SDDC, and scrubbing enables stronger RowHammer resistance by correcting bit flips from one successful attack. Uncorrectable errors are much less likely, requiring two successful attacks before the memory system is scrubbed.

翻译：摘要：RowHammer攻击对DRAM及计算机系统的安全性与可靠性构成日益严重的威胁，因其可诱发大量位错误，超出错误检测与纠正能力。由于仅靠工艺技术与电路改进难以在未来彻底防御RowHammer攻击，亟需系统级解决方案。本文提出RAMPART——一种通过在每个DRAM内重新映射地址来将RowHammer位翻转限制于单个设备（针对任意受害行地址）的新型方法，旨在缓解RowHammer攻击并提升服务器内存系统可靠性。当RAMPART与当前使用的单设备数据校正（SDDC）及巡检清理技术结合时，系统可检测并纠正成功攻击导致的位翻转，实现内存系统自我修复。RAMPART兼容DDR5 RowHammer缓解特性及多种算法与概率追踪方法。本文还提出BRC-VL——一种改进型DDR5有界刷新配置（BRC）变体，通过降低缓解开销提升系统性能，并证明其与概率采样方法结合能有效对抗传统攻击及Half-Double等针对缓解措施的定向攻击。RAMPART、SDDC与清理技术的协同作用可通过纠正单次成功攻击的位翻转实现更强的RowHammer抗性。不可纠正错误的发生概率大幅降低，需在内存系统清理前经历两次成功攻击才能产生。