CARDIS 2021 was accompanied by the Fall School on Nano-Electronics for Secure Systems (NESSY). NESSY is aimed at PhD students, postdocs and interested individuals and is supposed to offer the opportunity for networking, discussions, and collaboration. CARDIS 2021 and NESSY shared an invited talk.

Fall School on Nano-Electronics for Secure Systems, 10.-11.11.2021

The Fall School on Nano-Electronics for Secure Systems (NESSY) explores security challenges of emerging nano-technologies and the electronic systems they comprise. Manufacturing technology advancements and the increasing hardware complexity have resulted in a shift of focus of attackers towards the hardware level. Emerging nano-technologies and architectures provide new opportunities for achieving security targets, but also raise questions about their vulnerabilities to new types of hardware attacks.

The Fall School is aimed at PhD students, postdocs and interested individuals interested in studying and tackling the completely new security challenges due to the ongoing transition to radically new types of nano-electronic devices. The two-day school includes two tutorials (see below) with hands-on demonstrations, an invited talk and a poster session where the participants will be able to present their research.

As a presence-only event, it will offer ample opportunity for networking, discussions, and collaboration. It will be in person (3G regulation apply at this moment, but they may get replaced by 2G until November).

The Call for Student Posters is out now!

NESSY is organized jointly by the Institute for IT Security of the Universität zu Lübeck and the DFG Priority Program "Nano Security: From Nano-Electronics to Secure Systems (SPP 2253)".

Important Dates

Submission deadline: October 7, 2021
Notification of acceptance: October 14, 2021
NESSY dates: November 10-11, 2021

All deadlines are 23:59:59 Anywhere on Earth (AoE).


Kaveh Razavi, Patrick Jattke - "Compromising Modern Systems with Rowhammer"


This tutorial takes you through all the steps of a Rowhammer attack on modern systems. In the first part of the tutorial, we will explain the basic operations of a DRAM device that you need to know for triggering Rowhammer bit flips. We then show you how to reverse engineer the DRAM addressing functions using a timing attack on the CPU's memory controller. You will apply this knowledge in a hands-on assignment to reverse engineer the addressing function on an Intel-based system. In the second part of the tutorial, we will discuss the in-DRAM Target Row Refresh mitigations and how they can be bypassed to trigger Rowhammer bit flips on recent DDR4 devices. Armed with this knowledge, you will build a Rowhammer fuzzer that can generate suitable access patterns that trigger bit flips. We will conclude by discussing how you can turn these bit flips into effective end-to-end exploits.


Kaveh Razavi leads the COMSEC group ( as an assistant professor in the Department of Information Technology and Electrical Engineering at ETH Zurich. Previously he established the hardware security track at the VUSec group in Amsterdam, first as a postdoc and later as an assistant professor. His research interests are in the area of systems security and more broadly, computer systems. Most recently his team has been studying the (in)effectiveness of mitigations deployed against hardware vulnerabilities and how these mitigations can be improved.

Patrick Jattke is a PhD student in the Department of Information Technology and Electrical Engineering at ETH Zurich since 2020. He has broad interests in many different facets of hardware security, especially DRAM and microarchitectural security. Previously, he worked on advanced optimization strategies for making Fully Homomorphic Encryption accessible to non-experts.

Prof. Dr. Mehdi B. Tahoori, Dennis Gnad, Jonas Krautter - "Secure sharing of FPGAs in the Cloud: New Challenges at the Technology Level"


The shared FPGA platform in the cloud is based on the concept that the FPGA real estate can be shared among various users, probably event at different privilege levels. Such multi-tenancy comes with new security challenges, in which one user, while being completely logically isolated from another, can cause security breaches to another user on the same FPGA. In addition, such a hardware security vulnerability does not require physical access to the hardware to perform measurements or fault attacks, hence it can be done completely remotely. This hands-on tutorial will explore the remote active and passive attacks at the electrical level for multi-tenant FPGAs in the cloud and discusses possible countermeasures to deal with such security vulnerabilities.


Mehdi Tahoori is currently a Full Professor and the Chair of Dependable Nano-Computing at Karlsruhe Institute of Technology, Germany. He received the B.S. degree in computer engineering from the Sharif University of Technology, Tehran, Iran, in 2000, and the M.S. and Ph.D. degrees in electrical engineering from Stanford University, Stanford, CA, in 2002 and 2003, respectively. In 2003, he was an Assistant Professor with the Department of Electrical and Computer Engineering, Northeastern University, where he became an Associate Professor in 2009. He has authored over 400 publications in major journals and conference proceedings on dependable computing and emerging nanotechnologies, and holds several US and European patents. He was the editor-in-chief of Microelectronic Reliability journal, and associate editor of ACM JETC and IET Computers and Digital Techniques. He is currently associate editor for IEEE Design and Test Magazine, and coordinating editor for Springer Journal of Electronic Testing (JETTA). He was the program chair of VLSI Test Symposium and General Chair of European Test Symposium. Prof. Tahoori was a recipient of the National Science Foundation Early Faculty Development (CAREER) Award. He has received a number of best paper nominations and awards at various conferences and journals. He is a fellow of the IEEE.

Dennis Gnad received his B.Eng. degree in Computer Engineering from Hochschule Pforzheim University, Germany in 2011, where he did his Bachelor Thesis in Cooperation with Texas Instruments Germany. In 2015, he received his M.Sc. in Computer Science from Karlsruhe Institute of Technology (KIT), Germany. In his Master Thesis he worked with the ITEC/CES group of Prof. Henkel with Dr. Shafique. In 2015, he became a PhD student at the ITEC/CDNC group of Prof. Mehdi Tahoori and later received his PhD degree (Dr.-Ing.) in 2020 with distinction (summa cum laude), and the dissertation "Remote Attacks on FPGA Hardware". His current research interests are in hardware security, primarily focussed on FPGA-based systems.

Jonas Krautter received his B.Sc. and M.Sc. degrees in Computer Science from Karlsruhe Institute of Technology in 2015 and 2018 respectively. He is now a PhD student at the CDNC group of Prof. Mehdi B. Tahoori at Karlsruhe Institute of Technology since April 2018, working on hardware security.

Technical Program

Dates and Times are UTC +01:00.

Wednesday, November 10

09:00-12:30 UTC +01:00
Tutorial #1: "Compromising Modern Systems with Rowhammer"
Kaveh Razavi and Patrick Jattke
Room: Lübeck 1+2
12:30-14:00 UTC +01:00
Room: Radisson Blu Restaurant
14:00-17:30 UTC +01:00
Tutorial #2: "Secure sharing of FPGAs in the Cloud: New Challenges at the Technology Level"
Mehdi Tahoori, Dennis Gnad and Jonas Krautter
Room: Lübeck 1+2
18:00-20:00 UTC +01:00
Room: Radisson Blu Restaurant

Thursday, November 11

08:30-11:30 UTC +01:00
Poster Session
Room: TBA
11:30-12:50 UTC +01:00
Room: TBA
13:00-14:00 UTC +01:00
Keynote: Security challenges and opportunities in emerging device technologies: a case study on flexible electronics
Room: Lübeck 1+2