This work addresses the security implications of unintended bit flips in DRAM cells caused by charge leakage and interference, which jeopardize data integrity, confidentiality, and security mechanisms such as DRAM-based physically unclonable functions. For the first time, it establishes a direct link between device-level physical behavior and system-level security properties by introducing a quantifiable, cell-level vulnerability modeling framework. This framework integrates circuit-level charge leakage analysis, interference path modeling, and mapping to security attributes. The approach systematically reveals the non-uniformity and context dependence of DRAM vulnerability across diverse failure modes, offering both theoretical foundations and practical tools for evaluating and deploying DRAM in security-critical applications.

Dynamic Random Access Memory (DRAM) is pervasive in computer systems. Cell vulnerabilities caused by unintended phenomena (forced retention failure, latency alteration, rowhammer and rowpress) lead to unintended bit flips in memory. These phenomena have been explored as attacks to violate data integrity and confidentiality during normal operation, but also exploited as a benefit in security systems as a method to generate random secret keys and unique device fingerprints (e.g. Physically Unclonable Functions). In both cases, attackers may wish to exploit knowledge of individual cell flip vulnerability to predict the current/future data contents of a set of cells, which can be utilised to break security systems. In this work, we develop a quantitative, cell-level circuit framework that models DRAM vulnerability directly from its physical charge leakage and disturbance pathways. By linking these device-layer behaviours to system-level security properties, our framework enables systematic evaluation of DRAM with respect to volatility (retention), integrity (disturbance-induced modification), and confidentiality (pattern-dependent leakage). We further demonstrate how the framework can be applied to well-known failure modes, revealing non-uniform and context-dependent vulnerability patterns. This work provides both theoretical foundations and practical evaluation tools for evaluating the suitability of DRAM use within security applications.