Rowhammer bit flips in DRAM enable software attackers to fully compromise a great variety of systems. Hardware mitigations can be precise and efficient but suffer from long deployment cycles and very limited or no update capabilities. Consequently, refined attack methods have repeatedly bypassed deployed hardware protections, repeatedly leaving commodity systems vulnerable to Rowhammer attacks.

In this paper, we present Memory Band-Aid, a principled defense-in-depth against Rowhammer. Memory Band-Aid is no replacement for long-term, efficient hardware mitigations but a defense-in-depth that is activated when hardware mitigations are discovered to be insufficient on a specific system generation. For this purpose, Memory Band-Aid introduces per-thread and per-bank rate limits for DRAM accesses in the memory controller, ensuring that the minimum number of row activations for Rowhammer bit flips cannot be reached. We implement a proof-of-concept of Memory Band-Aid on Ubuntu Linux and test it on 3 Intel and 3 AMD systems. In a micro-benchmark to cause DRAM pressure, we observe a slow down up to a factor of 5.2. In a collection of realistic Phoronix macro-benchmarks, we observe a low overhead of 0 % to 9.4 %. Both overheads only apply to untrusted throttled workloads, e.g., sandboxes, for instance in browsers. Especially as Memory Band-Aid can be enabled on demand, we conclude that Memory Band-Aid is an important defense-in-depth that should be deployed in practice as a second defense layer.

Rowhammer is a disturbance error in Dynamic Random-Access Memory (DRAM) that can be deliberately triggered from software by repeatedly reading, i. e., hammering, proximate memory locations in different DRAM rows. While numerous studies evaluated the Rowhammer effect, in particular how it can be triggered and how it can be exploited, most studies only use a small sample size of Dual In-line Memory Modules (DIMMs). Only few studies provided indication for the prevalence of the effect, with clear limitations to specific hardware configurations or FPGA-based experiments with precise control of the DIMM, limiting how far the results can be generalized.

In this paper, we perform the frist large-scale study of the Rowhammer effect involving 1 006 data sets from 822 systems. We measure Rowhammer prevalence in a fully automated crossplatform framework, FLIPKIT, using the available state-of-theart software-based DRAM and Rowhammer tools. Our framework automatically gathers information about the DRAM and uses 5 tools to reverse-engineer the DRAM addressing functions, and based on the reverse-engineered functions uses 7 tools to mount Rowhammer. We distributed the framework online and via USB thumb drives to thousands of participants from December 30, 2024, to June 30, 2025. Overall, we collected 1 006 datasets from systems with various CPUs, DRAM generations, and vendors. Our study reveals that out of 1 006 datasets, 453 (371 of the 822 unique systems) succeeded in the first stage of reverseengineering the DRAM addressing functions, indicating that successfully and reliably recovering DRAM addressing functions remains a significant open problem. In the second stage, 126 (12.5 % of all datasets) exhibited bit flips in our fully automated Rowhammer attacks. Our results show that fully-automated, i. e., weaponizable, Rowhammer attacks work on a lower share of systems than FPGA-based and lab experiments indicated but with 12.5 % enough to be a practical vector for threat actors. Furthermore, our results highlight that the two most pressing research challenges around Rowhammer exploitability are more reliable reverse-engineering addressing functions, as 50 % of datasets without bit flips failed in the DRAM reverse-engineering stage, and reliable Rowhammer attacks across diverse processor microarchitectures1, as only 12.5 % of datasets contained bit flips. Addressing each of these challenges could double the number of systems susceptible to Rowhammer and make Rowhammer a more pressing threat in real-world scenarios. 

We introduce WireTrust, a VPN architecture for ARMv8-A devices that leverages ARM TrustZone to mitigate OS-level vulnerabilities. Contrary to commodity VPNs, WireTrust does not rely on the security of the OS, its network stack, or its routing tables to provide a secure VPN full tunnel. WireTrust operates transparently to applications on the device and enforces that all IP traffic is routed exclusively through the VPN tunnel, blocking attempts to bypass it even if the OS has been compromised. WireTrust ensures that packets outside the tunnel are discarded before they reach the OS, significantly reducing the device’s attack surface that is exposed to the public internet. Extending the WireGuard VPN, we implement a proof of concept on real hardware, show that WireTrust's additions to the trusted computing base account for 6.61%, and measure a performance penalty of 2.12% - 5.50% on TCP throughput and 1.40% on latency compared to stock WireGuard.

This paper introduces a novel benchmark dataset designed to evaluate the capabilities of Vision Language Models (VLMs) on tasks that combine visual reasoning with subject-specific background knowledge in the German language. In contrast to widely used English-language benchmarks that often rely on artificially difficult or decontextualized problems, this dataset draws from real middle school curricula across nine domains including mathematics, history, biology, and religion. The benchmark includes over 2,000 open-ended questions grounded in 486 images, ensuring that models must integrate visual interpretation with factual reasoning rather than rely on superficial textual cues. We evaluate thirteen state-of-the-art open-weight VLMs across multiple dimensions, including domain-specific accuracy and performance on adversarial crafted questions. Our findings reveal that even the strongest models achieve less than 45% overall accuracy, with particularly poor performance in music, mathematics, and adversarial settings. Furthermore, the results indicate significant discrepancies between success on popular benchmarks and real-world multimodal understanding. We conclude that middle school-level tasks offer a meaningful and underutilized avenue for stress-testing VLMs, especially in non-English contexts. The dataset and evaluation protocol serve as a rigorous testbed to better understand and improve the visual and linguistic reasoning capabilities of future AI systems.

Antikörper gegen CGRP oder seinen Rezeptor (Eptinezumab, Erenumab, Fremanezumab, Galcanezumab, im Folgenden: „CGRP(R)-Antikörper“) sind moderne, spezifische Migräneprophylaktika, die im GKV-Bereich nur für therapierefraktäre Patienten erstattungsfähig sind. Hier wurde untersucht, welchen Effekt diese Regelung auf die Auswahl der behandelten Patienten hat und wie sich die Neubewertung von Erenumab durch den Gemeinsamen Bundesausschuss ab Oktober 2022 ausgewirkt hat.

This study explores a simulation-based approach to improve machine availability in a manufacturing environment by integrating Smart Manufacturing principles and sensor-based modeling. Focusing on the case study of a paper envelope production line in a manufacturing plant in Peru, the study applies SIMIO software to simulate and compare two operational scenarios: the existing configuration without sensors and a proposed configuration with predictive sensors. In addition, the impact of unscheduled interruptions of the cutting machine on production was analyzed. Post-SIMIO simulation, real-world machine testing yielded a mean time between failures (MTBF) of 11.5 hours, a mean time to repair (MTTR) of 52 minutes, 78.5% operational availability, and an average daily output of 5400 envelopes. Simulating sensor detection of paper jams, blade breakage, and misalignment resulted in 92.3% availability in the enhanced scenario. This represents a notable improvement of 13.8% compared to the real-world scenario. These findings demonstrate that SIMIO's digital modelling and sensor-based predictive techniques can boost production capacity, decrease downtime, and increase machine availability without transforming the physical system. This study emphasizes the importance of simulation and smart manufacturing in optimizing industrial performance and reducing costs. 

We explored perceptual and aesthetic effects of repetition, variation, and deviation in visual structures. Based on previous findings in aesthetics research, we hypothesized that non-obvious order or complex variations of shape or color stimulate perception and potentially evoke interest. People trained in design or fine arts created six sets of visual structures, each on a 6x6 grid by a) repetition of a module consisting of four dark-grey elements (two rectangles and two triangles), b) variation through systematic rotation of the module, and c) deviation from this ordered variation by altering one element of each module. Furthermore, they varied color by replacing one element in each module of each structure with a light-grey element. Another group rated these images block-wise in randomized order on liking, interest, powerfulness of affect, and obviousness of order on a 7-point-scale. In addition, we collected responses to an open question regarding the individual focus when rating powerfulness of affect and we asked for each person’s background and interest in art and design. Visual structures appeared most interesting and powerful to participants when they showed a systematic variation (b) compared to a repetition of the modules (a) or a deviation from order (c). Images gained higher liking ratings the more obviously ordered they appeared, whereas obviousness of order played a less clear role for powerfulness of affect and showed no significant effect on interest evaluations. Color variations had no overall positive aesthetic effect. In response to our open question, some participants reported that they experienced less powerfulness of affect when elements showed a simple order but also when they appeared to be arranged arbitrarily. Future studies could assess how intentional a structure appears; this could apply not only to ordered structures, but also to apparently deliberate deviations from order.

Abstract

This work presents detailed 3D modelling and simulation of the mechanical effects induced by lightning strikes in protected carbon fibre-reinforced polymer laminates. Firstly, physically based models that represent the mechanical overpressure that results from a lightning strike are revisited. In particular, this paper compares the implementation of an analytical strong shock wave approximation with the solutions obtained from computational fluid dynamics (CFD), considering different equations of state, to represent the supersonic expansion of the hot plasma channel when simulating the mechanical damage induced by lightning strikes. The assessment of the pressure profiles, the numerical predictions of the displacement and velocity fields and the analysis of the predicted damage maps show that, for two lightning protection layers, the effects of the supersonic plasma expansion loads obtained from the strong shock wave approximation compare reasonably well with those obtained from CFD, independently of the equation of state solved numerically. Subsequently, the predictions of the 3D modelling strategy of the mechanical response of composite laminates subjected to lightning strike employing the strong shock wave approximation are compared with mechanical deformation measurements obtained from lab-scale lightning test results. Accurate deflection and out-of-plane velocity fields are predicted, validating the 3D modelling strategy. Moreover, the predicted damage maps correlate well with the (bulk) damage identified by C-scan (considering only the damaged area below the second ply).

Life-Cycle Performance of Structures and Infrastructure Systems in Diverse Environments contains the lectures and papers presented at the Ninth International Symposium on Life-Cycle Civil Engineering (IALCCE 2025, Melbourne, Australia, 15–19 July, 2025). This book includes the full papers of 228 contributions presented at IALCCE 2025, including the Fazlur R. Khan Lecture, seven Keynote Lectures, and 220 technical papers.

The papers cover recent advances and cutting-edge research in the field of life-cycle civil engineering, including emerging concepts, new theories and innovative applications related to life-cycle design, assessment, inspection, monitoring, repair, maintenance, rehabilitation, and management of structures and infrastructure systems under uncertainty. Major topics covered include: life-cycle carbon assessment of civil infrastructure systems, life-cycle design and assessment for structures and infrastructure systems, life-cycle management of civil infrastructure,  whole life costing,  life-cycle risk analysis and optimization of civil infrastructure, and life-cycle  digital tools for civil engineering, among others.

This open access book provides both an up-to-date overview of the field of life-cycle civil engineering and significant contributions to the process of making more rational decisions to mitigate the life-cycle risk and improve the life-cycle safety, reliability, resilience, and sustainability of structures and infrastructure systems exposed to diverse environments in a changing climate for the purpose of enhancing the welfare of society. It will serve as a valuable reference to all concerned with life-cycle of civil engineering systems, including students, researchers, practitioners, consultants, contractors, decision makers, and representatives of managing bodies and public authorities from all branches of civil engineering.

The design review process is part of the building permit in Germany. In a paper-based process, the exchange of information is performed by sending a set of documents and drawings to the relevant parties.

Documents and drawings in the format PDF become more accepted by building authorities in Germany. Also, the application of BIM in the construction industry is increasing. The change of accepted digital formats requires also adjusted methods for the exchange of information. Especially the problem of transferring meta data related to documents arises.

Existing proposals for the exchange of meta data given in codes are analyzed in this paper. The suitability for design review processes is evaluated and legal issues are considered. Known methods for the exchange of meta data are only partly suitable in the context of design review processes. Hence, a proposal for standardized meta data in design review processes for buildings is developed.