Mitigating Voltage Attacks in Multi-Tenant FPGAs-Reference-Cited by-同舟云学术

Mitigating Voltage Attacks in Multi-Tenant FPGAs

Published:2021-07-29 Issue:2 Volume:14 Page:1-24
ISSN:1936-7406
Container-title:ACM Transactions on Reconfigurable Technology and Systems
language:en
Short-container-title:ACM Trans. Reconfigurable Technol. Syst.

Author:

Provelengios George¹,Holcomb Daniel¹,Tessier Russell¹

Affiliation:

1. University of Massachusetts Amherst, MA, USA

Abstract

Recent research has exposed a number of security issues related to the use of FPGAs in embedded system and cloud computing environments. Circuits that deliberately waste power can be carefully crafted by a malicious cloud FPGA user and deployed to cause denial-of-service and fault injection attacks. The main defense strategy used by FPGA cloud services involves checking user-submitted designs for circuit structures that are known to aggressively consume power. Unfortunately, this approach is limited by an attacker’s ability to conceive new designs that defeat existing checkers. In this work, our contributions are twofold. We evaluate a variety of circuit power wasting techniques that typically are not flagged by design rule checks imposed by FPGA cloud computing vendors. The efficiencies of five power wasting circuits, including our new design, are evaluated in terms of power consumed per logic resource. We then show that the source of voltage attacks based on power wasters can be identified. Our monitoring approach localizes the attack and suppresses the clock signal for the target region within 21 μs, which is fast enough to stop an attack before it causes a board reset. All experiments are performed using a state-of-the-art Intel Stratix 10 FPGA.

Funder

NSF

Intel's Corporate Research Council

Publisher

Association for Computing Machinery (ACM)

Subject

General Computer Science

Link

https://dl.acm.org/doi/pdf/10.1145/3451236

Reference41 articles.

1. Built-in self-heating thermal testing of FPGAs;Amouri Abdulazim;IEEE Transactions on Computer-Aided Design of Integrated Circuits and Systems,2015

2. AWS. 2020. Amazon ECE F1 Instances. https://aws.amazon.com/ec2/instance-types/f1/. AWS. 2020. Amazon ECE F1 Instances. https://aws.amazon.com/ec2/instance-types/f1/.

3. Alibaba Cloud. 2018. Deep Dive into Alibaba Cloud F3 FPGA as a Service Instances. https://www.alibabacloud.com/blog/deep-dive-into-alibaba-cloud-f3-fpga-as-a-service-instances_594057. Alibaba Cloud. 2018. Deep Dive into Alibaba Cloud F3 FPGA as a Service Instances. https://www.alibabacloud.com/blog/deep-dive-into-alibaba-cloud-f3-fpga-as-a-service-instances_594057.

Cited by 16 articles. 订阅此论文施引文献订阅此论文施引文献，注册后可以免费订阅5篇论文的施引文献，订阅后可以查看论文全部施引文献

1. AHD-LAM: A New Mitigation Method against Voltage-Drop Attacks in Multi-tenant FPGAs;2023 Asian Hardware Oriented Security and Trust Symposium (AsianHOST);2023-12-13

2. Covert-channels in FPGA-enabled SmartSSDs;ACM Transactions on Reconfigurable Technology and Systems;2023-12-04

3. A Visionary Look at the Security of Reconfigurable Cloud Computing;Proceedings of the IEEE;2023-12

4. On the Malicious Potential of Xilinx’ Internal Configuration Access Port (ICAP);ACM Transactions on Reconfigurable Technology and Systems;2023-11-17

5. Cross-board Power-Based FPGA, CPU, and GPU Covert Channels;Security of FPGA-Accelerated Cloud Computing Environments;2023-09-18