I am a senior principal researcher in the Office of the CTO, Azure for Operators at Microsoft. My research focuses on building trusted and secure systems, but I am interested in all aspects of systems research.

I am very proud when my research has impact in practice. Over the years, together with my colleagues, I have been fortunate to:

  • influence the DRAM industry to start addressing the threat of Rowhammer attacks.
  • ship a cloud service used by 20+ million users.
  • build the reference implementation of the firmware TPM.
  • build one of the first face recognition-based payment systems, six years before Amazon Go was launched.

Prior to coming to Microsoft, I was a faculty member of the Computer Science Department at the University of Toronto. I received my Ph.D. from the Computer Science & Engineering department at the University of Washington. I am an ACM Distinguished Member.

The good folks at Microsoft Research recorded a podcast with me on Rowhammer and wrote a blog post on my work and background.


June '22
Row-sampling (e.g., PARA) is a simple, practical, and strong form of Rowhammer defense. But only if properly configured. We published a short paper at DRAMSec 2022 describing how to configure such a defense.
Watch the 15-minute presentation.
June '22
On multi-socket Intel workloads, normal cloud workloads can access memory at rates approaching (and even bypassing) today DRAM's Rowhammer thresholds. Why? Because of cache coherency -- DRAM is the point of coherency on Intel multi-socket servers. To hammer memory, just launch a simple producer-consumer workload where the producer runs on socket 0, the consumer on socket 1, and they share a lock. Boom!
Read more in Kevin's paper on MOESI-prime published at ISCA 2022.
Mar '22
DRAM vendors today choose to keep the internal topologies of DRAM devices secret. This decision introduces significant practical challenges for designers of memory controllers who wish to provide their own forms of Rowhammer defenses. We wrote up about three such challenges in an invited paper to IRPS 2022.
Watch the 20-minute presentation.

Recent Publications

How to Configure Row-Sampling-Based Rowhammer Defenses
Stefan Saroiu and Alec Wolman
DRAMSec 2022
MOESI-prime: Preventing Coherence-Induced Hammering in Commodity Workloads
Kevin Loughlin, Stefan Saroiu, Alec Wolman, Yatin A. Manerkar, and Baris Kasikci
ISCA 2022
The Price of Secrecy: How Hiding Internal DRAM Topologies Hurts Rowhammer Defenses
Stefan Saroiu, Alec Wolman, and Lucian Cojocar
IRPS 2022

Recent Service