Guillaume DIDIER — Academic Website

Member of Jan Reineke's Real-Time and Embedded Systems Lab at Universität des Saarlandes.

My ORCID is 0009-0007-9076-7318

Contact

• lastname at cs.uni-saarland.de
• firstname dot lastname dot 2014 at polytechnique.org

Research interests

I am chiefly interested in micro-architectural security. I have worked in the past on cache attacks on Intel CPUs, and characterizing prefetchers, but I am now aiming expanding to formal security guarantees using leakage contracts.

I can be interested by other low level topics, including operating systems and their security, computer-architecture, and systems topics like computer networks.

Publications

PhD Thesis

Studying hardware prefetchers using cache side channels, École Normale Supérieure - PSL, 2023

Caches are essential to the performance of modern CPUs. Hardware prefetchers attempt to fetch lines into the cache before these are requested. This aims at reducing the number of cache misses, especially cold misses. Most modern CPU designs include prefetchers, but the manufacturers disclose very little about those prefetchers. However, prefetchers may have a security impact, potentially leaking private information. Consequently, uncovering and documenting their behavior is valuable to the academic communities in security and high-performance computing.
Nevertheless, this endeavor is challenging. Prefetchers only affect the cache state, usually deduced by timing memory accesses. Unfortunately, memory accesses influence the prefetchers; hence this method interferes with the experiments. To work around this issue, we started with the idea of using the Flush+Flush cache channel, which uses the clflush instruction. This instruction is not a memory access; hence, it does not influence the prefetchers. However, significant variability and noise hamper this primitive on modern CPUs. Our first contribution was to identify the interconnect between cores as the source of this noise, model clflush execution time, and use this knowledge to improve Flush+Flush to be as accurate a primitive as the reliable Flush+Reload. This made our initial strategy viable to achieve our second contribution. We built a framework, CacheObserver, written in Rust, that uses Flush+Flush to monitor the cache state of a range of addresses in response to a sequence of memory accesses. Using this framework, we uncovered behavior of the L2 Stream prefetcher on Intel's Coffee Lake and Whiskey Lake CPUs. We also showed that this prefetcher interacted with the L2 adjacent cache line prefetcher, the other L2 prefetcher included in those CPUs.

Available at HAL and theses.fr

International Conferences with Peer-review

• (Upcoming) WiP: Flush-based Cache Attacks on Modern / Multi-Socket x86 Systems, Extended Abstract,
  Guillaume DIDIER, Augustin LUCAS, Thomas ROKICKI, uASC — 2nd Microarchitecture Security Conference, 2025.
• Characterizing Prefetchers using CacheObserver, DOI, PDF, HAL, code
  Guillaume DIDIER, Clémentine MAURICE, Antoine GEIMER, Walid J. GHANDOUR, SBAC-PAD, 2022.
• Calibration Done Right: Noiseless Flush+Flush Attacks, DOI, PDF, HAL, code
  Guillaume DIDIER, Clémentine MAURICE, DIMVA 2021.

International Workshops with Peer-review

• Cache Attacks in Modern/Multi-Socket x86 Systems (Work in Progress), HAL, PDF
  Guillaume DIDIER, Augustin LUCAS, Thomas ROKICKI, HS3 2025 - 1st Workshop on Hardware-Supported Software Security, 2025.

Non peer-reviewed Pre-print

• Preprint: Flush-based Cache Attacks on Modern / Multi-Socket x86 Systems, HAL, PDF
  Guillaume Didier, Thomas Rokicki, Augustin Lucas, HAL, 2025.

Teaching

Universität des Saarlandes

Security at the Hardware-Software Interface (Seminar)

As a joint Instructor with Jan Reineke and Gideon Mohr, I coached students to prepare their presentations of papers in this paper reading seminar, focusing on Information Flow Tracking and Hardware-Software leakage contracts, and graded the presentations, reports and class interaction of the students.

System Architecture (SysArch)

Course Website

As a Course Assistant, I gave two lectures, and more generally ensured the course ran smoothly, managing tutors and course materials.

ENS Rennes

Sys1 — Introductions aux Réseau, Lecturer, L3 Informatique

I taught as co-instructor with Martin Quinson, this introduction to C Programming and Computer Networks, in Fall 2023 and 2024. I was in charge of the second half of the module, dealing with Computer Networks, with programming assignemnts in C, as the sole Lecturer. I also re-designed this module in depth, to adapt to the recruitment on the new MPI track, and to the new Agrégation d'Informatique.

See my course website for Fall 2024 (in French).

Supervision of the Rust PLM Programming Project, M1 Informatique

I co-supervised, along with Martin Quinson a rewrite in Rust of his Programmer's Learning Machine project by a group of 3 M1 Students from ENS Rennes, as their M1 semester long programming project.

Intro to Cybersecurity Guest Course, TA / Co-instructor, L3 Informatique

Four iteration of the class, from 2019 to 2022, the first two with Clémentine Maurice, the next two with Mohamed Sabt

This elective project-based course, in the first year of the ENS Rennes curriculum (L3), has the student work in pair on different projects, reading one or two research papers, and then implementing a project related to it. The students were graded on a project report and defense, on the quality of their work, their understanding and explanation of the paper.

As a TA / Co-instructor, I proposed half of the project idea, supervised all the project sessions, and graded reports and defenses.

Université de Rennes

• Low Level Programming, M1 Cyber, Chargé de TD, Fall 2021. Faculty: Emmanuel Fleury.

J'ai assuré les TPs de programmations sur l'ensemble du semestre, et assurer une relecture noté du code des étudiants chaque semaine.

Carnegie Mellon University

• 18-600 Foundation of Computer Systems, Lab Development, Summer 2018
• 18-600 Foundation of Computer Systems, Teaching Assistant, Fall 2018
• 15-213/18-213/15-213 Introduction to Computer Systems / 18-613 Foundation of Computer Systems, Lead Teaching Assistant.

The Introduction to Computer Systems class is CMU's signature course based on Computer Systems: A Programmer's Perspective. It covers topics like number binary representation, assembly, stack discipline, caches, virtual memory, process management, memory allocation, concurrency and unix network programming, with 7 practical assignments. Foundation of Computer Systems is a graduate level course in the MS ECE, including additional computer architecture content.

During my master in Electrical and Computer Engineering at Carnegie Mellon, I first rewrote tshlab, the shell lab, used by both the ECE Graduate version of the course (18-600), and the combined CS/ECE undergrad & CS graduate course (15-213/18-213/15-513). I then TAed the MS ECE graduate class in Fall 2018, and then was the Lead TA in charge of the MS ECE specific content in Spring 2019, after both courses team merged.

TA responsibilities included lab development, recitations, office-hours (6h/week in Spring 2019), answering question on the course forum, and exam question testing and development.

As a Lead TA, I also had to manage the ECE TAs to ensure that the MS ECE specific content were properly prepared and deployed.