Mithril: Cooperative Row Hammer Protection on Commodity DRAM Leveraging Managed Refresh

We configure a multi-sided RH attack that targets multiple victims [15, 16], typically 32 in total. The adversarial pattern for BlockHammer in performance is configured to blacklist specific profiled rows that share the CBF (counting bloom filter) entry with the benign threads. Each is activated just enough to reach the blacklist threshold. This effectively throttles benign workloads, especially memory-intensive types. Each RH attack or adversarial pattern runs simultaneously with the 15 other benign workloads.

We reconfigure BlockHammer¹¹1 BlockHammer uses a pair of interleaved counting bloom filters (CBFs) similar to Count-min Sketch algorithm. Each CBF is reset at every CBF lifetime ($t_{CBF}$), which typically matches tREFW. There exists a certain blacklist threshold ($N_{BL}$) of ACT that triggers a delay on a certain row when it is surpassed. The delay time ($t_{Delay}$) is calculated as $(t_{CBF}-N_{BL}{\times}\text{tRC})/(Flip_{TH}-N_{BL})$. Thread-level scheduling support is built on top of these to throttle the aggressor thread itself. to match our simulation environment and our target $Flip_{TH}$ values. For (CBF size, $N_{BL}$) pairs, we used (1K, 17.1K), (1K, 8.6K), (1K, 4.3K), (2K, 2.1K), (4K, 1.1K), and (8K, 0.49K) for $Flip_{TH}$ from 50K to 1.5K. Under our system of four banks per thread, the number of ACTs per row easily exceeds 700 (as opposed to 109 ACTs in the original BlockHammer system with more banks per thread [56]), especially for memory-intensive workloads. Because $N_{BL}$ must be lower than $Flip_{TH}/2$ (750 for a $Flip_{TH}$ value of 1.5K), it is difficult to set an appropriate $N_{BL}$ value that distinguishes benign accesses from aggressor accesses and fulfill RH-protection at a $Flip_{TH}$ value of 1.5K while also incurring minimal performance overhead.

Other prior schemes not compatible with RFM are also configured for a fair comparison with Mithril. TWiCe and Graphene are configured using the equations provided in each work to be applied to the DDR5 specification. PARA is configured to satisfy a failure probability of $10^{-15}$. CBT is configured to follow the configuration in the original work [49, 48].

Mithril+ shows nearly zero performance overhead at all $Flip_{TH}$ levels. The performance of Mithril degrades, with the amount depending on the target $Flip_{TH}$ and $RFM_{TH}$ configurations. There exists a performance-area trade-off for every $Flip_{TH}$, which is amplified as $Flip_{TH}$ value becomes smaller.

Mithril can support the recently observed $Flip_{TH}$ values of approximately 6.25K [29] with an $RFM_{TH}$ of 128, which results in performance overhead of less than 0.5% and a table size per bank of 1KB. Mithril can also support lower $Flip_{TH}$ values, though at the cost of around 2% of the performance and 4KB of area overhead. The area overhead of Mithril+ is identical to that of Mithril, with only negligible performance overhead.

Figure 10 shows the performance and the energy overhead of other RFM-interface-compatible schemes of PARFM and BlockHammer on multiple workloads for $Flip_{TH}$ values ranging from 50K to 1.5K. First, on normal workloads (Figure 10(a)), both Mithril+ and Mithril show small performance degradation of less than 2%, superior to that of both PARFM and BlockHammer. BlockHammer is particularly vulnerable at the low $Flip_{TH}$ of 1.5K because it is prone to misidentifying benign threads and throttling them under such a condition.

Second, at the multi-sided RH (Figure 10(b)), BlockHammer exhibits a better aggregate IPC of up to 5% for higher $Flip_{TH}$ values, but it degrades again at a low $Flip_{TH}$ value. This occurs because when BlockHammer successfully identifies RH attacking threads and throttles them, benign threads can benefit in return. However, this again leads to vulnerabilities during misclassifications when $Flip_{TH}$ is lower than, for instance, 1.5K. The performance of Mithril and PARFM are agnostic with regard to the access patterns.

Lastly, regarding the performance of BlockHammer with an adversarial pattern (Figure 10(c)), the performance of BlockHammer degrades severely, with as much as a 17% drop in the aggregate IPC. This implies the possibility of a critical performance (not RH) attack on systems equipped with BlockHammer, as its throttling feature works as a double-edged sword depending on how effectively it identifies RH attacking threads.

The energy overhead of Mithril and Mithril+ are less than 0.4%, even when $Flip_{TH}$ is 1.5K. These values are much smaller than that of PARFM and slightly higher than that of BlockHammer (Figure 10(d)). This occurs because the adaptive refresh policy successfully identifies ordinary workloads, skipping many of the RFM commands and not triggering additional preventive refreshes. PARFM shows the energy overhead in cases when every RFM command triggers a preventive refresh. BlockHammer causes only minimal logic energy because it is a throttling-based scheme.

The table size overhead of Mithril is much smaller than that of BlockHammer at all $Flip_{TH}$ levels. Figure 10(e) shows the table size overhead for each scheme. PARFM is omitted due to its negligible overhead, and that of Mithril+ is identical to Mithril. The table size of Mithril is up to 60$\times$ and a minimum of 4$\times$ smaller than that of BlockHammer at all $Flip_{TH}$ levels. The table size comparison is discussed further in Section VI-E.

Mithril and Mithril+ also show competitive performance and energy overhead compared to the RFM-non-compatible prior works of PARA, CBT, TWiCe, and Graphene. Under both normal workloads and a multi-sided RH attack situation (Figure 11(a), (b)), Mithril+ shows performance degradation of less than 0.2%, comparable to those of TWiCe, Graphene, or CBT. The performance degradation of Mithril is worse than those of other schemes but is limited to less than 2% even at the low $Flip_{TH}$ of 1.5K. The energy overhead of Mithril is comparable to those of TWiCe and Graphene at less than 1% even when $Flip_{TH}$ is 1.5K (Figure 11(c)).

Mithril-(256/128/64/32) denote different $RFM_{TH}$ values ranging from 256 to 32.

We report the counter table size of each scheme in units of KB per bank (see Table VI-E). While MC-side schemes benefit from their use of faster transistors, abundant wiring resources, and a relaxed area budget, the number of total banks is much higher (1,024), and the target $Flip_{TH}$ must be pessimistic. DRAM-side schemes benefit from fewer banks (32) to support per device and more accurate $Flip_{TH}$ values, but they are hindered by slower transistors and a tighter area/wiring budget.

Mithril shows lower or competitive area overhead in terms of the KB per bank, reaching 0.024$mm^{2}$ when $Flip_{TH}$ equals 6.25K. This represents 1% of a single DDR5 chip [28] when multiplied by 32 to cover 32 banks per chip. While both Graphene and Mithril share fundamentally the same CbS algorithm as their tracking mechanism, their table size overhead differs for several reasons. First, as an advantage for Mithril, it does not require a table reset due to the wrapping counter scheme, resulting in two-fold reduction. Also, the per-entry bit width of the counter CAM is smaller in Mithril because the maximum value is bounded to $M$ (Theorem 1), which is smaller than the Graphene case for maximum number of ACTs in the tREFW window. At a $Flip_{TH}$ value of 1.5K, we ensure that $RFM_{TH}$ is small to minimize the performance drop, resulting in increased $N_{entry}$ and area overhead.