Speaker: Ruiyi Zhang
Date: Monday, March 16, 2026
Time: 11:00 am to noon
Location: EIT 3142
All are welcome!
Abstract:
The security of modern computing depends on the integrity of the underlying CPU microarchitecture. Yet, increasing hardware complexity has introduced implementation flaws that allow software to trigger hardware-level bugs that break core security guarantees. In this talk, I present my research on post-silicon analysis to expose these hidden, cross-generational vulnerabilities in commercial CPUs.
Specifically, I will present a systematic pathway for securing the hardware root of trust by: (1) identifying Zero Day vulnerabilities such as StackWarp, a severe architectural bug affecting all AMD Zen 1-5 CPUs; (2) exposing recurring flaws like CacheWarp, which exploits memory inconsistencies to compromise Trusted Execution Environments (TEEs); and (3) evaluating the efficacy of mitigations through side-channel analysis of privacy-critical applications within Confidential VMs. Together, these contributions expose the critical blind spots between architectural specification and hardware reality, establishing a systematic foundation for a more resilient hardware root of trust.
Biography:
Ruiyi Zhang is a PhD candidate at the CISPA Helmholtz Centre for Information Security, advised by Dr. Michael Schwarz. His research focuses on securing the hardware root of trust through post-silicon analysis, with an emphasis on CPU security, side channels, and TEEs. Ruiyi has identified several high-profile vulnerabilities in modern processors, including StackWarp and CacheWarp on AMD EPYC CPUs, and GhostWrite, the first architectural vulnerability discovered on commercial RISC-V CPUs. His work has appeared in top-tier security and architecture venues—including USENIX Security, IEEE S&P, ACM CCS, NDSS, and ASPLOS—and he has presented his findings at premier industry stages such as Black Hat USA and MEA. Previously, he was a Research Intern at Google Research, specializing in Confidential Computing. His discoveries have prompted widespread microcode and firmware updates and have been integrated into security patches across major cloud providers and hardware manufacturers, including Google Cloud, AWS, Microsoft Azure, Alibaba Cloud, and Supermicro.