skip to main content
research-article

Mitigating Electrical-level Attacks towards Secure Multi-Tenant FPGAs in the Cloud

Published:13 August 2019Publication History
Skip Abstract Section

Abstract

A rising trend is the use of multi-tenant FPGAs, particularly in cloud environments, where partial access to the hardware is given to multiple third parties. This leads to new types of attacks in FPGAs, which operate not only on the logic level, but also on the electrical level through the common power delivery network. Since FPGAs are configured from the software-side, attackers are enabled to launch hardware attacks from software, impacting the security of an entire system. In this article, we show the first attempt of a countermeasure against attacks on the electrical level, which is based on a bitstream checking methodology. Bitstreams are translated back into flat technology mapped netlists, which are then checked for properties that indicate potential malicious runtime behavior of FPGA logic. Our approach can provide a metric of potential risk of the FPGA bitstream being used in active fault or passive side-channel attacks against other users of the FPGA fabric or the entire SoC platform.

References

  1. Chipworks. 2014. Inside the Samsung Galaxy S5. Retrieved from: https://www.chipworks.com/ko/node/126.Google ScholarGoogle Scholar
  2. iFixit. 2015. Pebble Time Teardown. Retrieved from: https://www.ifixit.com/Teardown/Pebble+Time+Teardown/42382.Google ScholarGoogle Scholar
  3. Amazon Web Services (AWS). 2018. Amazon EC2 F1 Instances. Retrieved from: https://aws.amazon.com/ec2/instance-types/f1/.Google ScholarGoogle Scholar
  4. LWN.net. 2018. FPGA Device Feature List (DFL) Device Drivers. Retrieved from: https://lwn.net/Articles/757283/.Google ScholarGoogle Scholar
  5. Alibaba Cloud. 2018. Instance type families—Alibaba Cloud Documentation Center. Retrieved from: https://www.alibabacloud.com/help/doc-detail/25378.html.Google ScholarGoogle Scholar
  6. OpenCores. 2018. OpenCores—The Reference Community for Free and Open Source Gateware IP cores. Retrieved from: https://opencores.org/.Google ScholarGoogle Scholar
  7. Dakshi Agrawal, Bruce Archambeault, Josyula R. Rao, and Pankaj Rohatgi. 2002. The EM side-channel(s). In Proceedings of the International Workshop on Cryptographic Hardware and Embedded Systems. Springer, 29--45. Google ScholarGoogle ScholarDigital LibraryDigital Library
  8. C. Albrecht. 2005. IWLS 2005 Benchmarks. Technical Report. Cadence Berkeley Labs.Google ScholarGoogle Scholar
  9. Victor M. Alvarez. 2018. YARA—The pattern matching swiss knife for malware researchers. Retrieved from: http://virustotal.github.io/yara/.Google ScholarGoogle Scholar
  10. Karim Arabi, Resve Saleh, and Xiongfei Meng. 2007. Power supply noise in SoCs: Metrics, management, and measurement. IEEE Des. Test. Comput. 24, 3 (Aug. 2007), 236--244. Google ScholarGoogle ScholarDigital LibraryDigital Library
  11. Mathieu Bastian, Sebastien Heymann, and Mathieu Jacomy. 2009. Gephi: An Open Source Software for Exploring and Manipulating Networks. Retrieved from: https://www.aaai.org/ocs/index.php/ICWSM/09/paper/view/154.Google ScholarGoogle Scholar
  12. C. Beckhoff, D. Koch, and J. Torresen. 2010. Short-circuits on FPGAs caused by partial runtime reconfiguration. In Proceedings of the International Conference on Field-Programmable Logic and Applications (FPL’10). IEEE, 596--601. Google ScholarGoogle ScholarDigital LibraryDigital Library
  13. S. Bhunia, M. Abramovici, D. Agrawal, P. Bradley, M. S. Hsiao, J. Plusquellic, and M. Tehranipoor. 2013. Protection against hardware Trojan attacks: Towards a comprehensive solution. IEEE Des. Test 30, 3 (June 2013), 6--17.Google ScholarGoogle ScholarCross RefCross Ref
  14. Dan Boneh, Richard A. DeMillo, and Richard J. Lipton. 1997. On the importance of checking cryptographic protocols for faults. In Proceedings of the International Conference on Advances in Cryptology (EUROCRYPT’97). Springer, 37--51. Google ScholarGoogle ScholarDigital LibraryDigital Library
  15. F. Brglez, D. Bryan, and K. Kozminski. 1989. Combinational profiles of sequential benchmark circuits. In Proceedings of the IEEE International Symposium on Circuits and Systems. 1929--1934.Google ScholarGoogle Scholar
  16. F. Brglez and H. Fujiwara. 1985. A neutral netlist of 10 combinational benchmark circuits and a target translator in Fortran. In Proceedings of the IEEE International Symposium on Circuits and Systems (ISCAS’85). IEEE Press, Piscataway, NJ, 677--692.Google ScholarGoogle Scholar
  17. Stuart Byma, J. Gregory Steffan, Hadi Bannazadeh, Alberto Leon Garcia, and Paul Chow. 2014. FPGAs in the cloud: Booting virtualized hardware accelerators with OpenStack. In Proceedings of the International Conference on Field-Programmable Custom Computing Machines (FCCM’14). IEEE, 109--116. Google ScholarGoogle ScholarDigital LibraryDigital Library
  18. Clifford Wolf and Mathias Lasser. 2015. Project IceStorm. Retrieved from: http://www.clifford.at/icestorm/.Google ScholarGoogle Scholar
  19. Cobham Gaisler. 2019. LEON3 Processor. Retrieved from: https://www.gaisler.com/index.php/products/processors/leon3.Google ScholarGoogle Scholar
  20. Jason Cong, Mohammad Ali Ghodrat, Michael Gill, Beayna Grigorian, and Glenn Reinman. 2012. Architecture support for accelerator-rich CMPs. In Proceedings of the Design Automation Conference (DAC’12). IEEE, 843--849. Google ScholarGoogle ScholarDigital LibraryDigital Library
  21. D. Corbett. 2012. The Xilinx Isolation Design Flow for Fault-Tolerant Systems. Retrieved from: https://www.xilinx.com/support/documentation/white_papers/wp412_IDF_for_Fault_Tolerant_Sys.pdf.Google ScholarGoogle Scholar
  22. F. Corno, M. S. Reorda, and G. Squillero. 2000. RT-level ITC’99 benchmarks and first ATPG results. IEEE Des. Test Comput. 17, 3 (July 2000), 44--53. Google ScholarGoogle ScholarDigital LibraryDigital Library
  23. Alexander Czutro, Matthias Sauer, Ilia Polian, and Bernd Becker. 2012. Multi-conditional SAT-ATPG for power-droop testing. In Proceedings of the 17th IEEE European Test Symposium (ETS’12). IEEE.Google ScholarGoogle ScholarCross RefCross Ref
  24. S. Das, P. Whatmough, and D. Bull. 2015. Modeling and characterization of the system-level power delivery network for a dual-core ARM Cortex-A57 cluster in 28nm CMOS. In Proceedings of the International Symposium on Low Power Electronics and Design. 146--151.Google ScholarGoogle Scholar
  25. Ken Eguro and Ramarathnam Venkatesan. 2012. FPGAs for trusted cloud computing. In Proceedings of the International Conference on Field-Programmable Logic and Applications (FPL’12). IEEE, 63--70.Google ScholarGoogle ScholarCross RefCross Ref
  26. Suhaib A. Fahmy, Kizheppatt Vipin, and Shanker Shreejith. 2015. Virtualized FPGA accelerators for efficient cloud computing. In Proceedings of the International Conference on Cloud Computing (CloudCom’15). IEEE, 430--435. Google ScholarGoogle ScholarDigital LibraryDigital Library
  27. Marc Fyrbiak, Sebastian Wallat, Pawel Swierczynski, Max Hoffmann, Sebastian Hoppach, Matthias Wilhelm, Tobias Weidlich, Russell Tessier, and Christof Paar. 2018. HAL—The missing piece of the puzzle for hardware reverse engineering, Trojan detection and insertion. IEEE Trans. Depend. Secure Comput. 16, 3 (2018), 498--510.Google ScholarGoogle ScholarCross RefCross Ref
  28. Emden R. Gansner and Stephen C. North. 2000. An open graph visualization system and its applications to software engineering. Softw.—Pract. Exper. 30, 11 (2000), 1203--1233. Google ScholarGoogle ScholarDigital LibraryDigital Library
  29. Ilias Giechaskiel, Kasper B. Rasmussen, and Ken Eguro. 2018. Leaky wires: Information leakage and covert communication between FPGA long wires. In Proceedings of the Asia Conference on Computer and Communications Security (ASIACCS’18). 15--27. Google ScholarGoogle ScholarDigital LibraryDigital Library
  30. D. R. E. Gnad, F. Oboril, and M. B. Tahoori. 2017. Voltage drop-based fault attacks on FPGAs using valid bitstreams. In Proceedings of the International Conference on Field-Programmable Logic and Applications (FPL’17). IEEE, 4--8.Google ScholarGoogle Scholar
  31. D. R. E. Gnad, S. Rapp, J. Krautter, and M. B. Tahoori. 2018. Checking for electrical level security threats in bitstreams for multi-tenant FPGAs. In Proceedings of the International Conference on Field-Programmable Technology (FPT’18).Google ScholarGoogle Scholar
  32. Ilija Hadžić, Sanjay Udani, and Jonathan M. Smith. 1999. FPGA viruses. In Proceedings of the International Conference on Field-Programmable Logic and Applications (FPL’99), Patrick Lysaght, James Irvine, and Reiner Hartenstein (Eds.). Springer, 291--300. Google ScholarGoogle ScholarDigital LibraryDigital Library
  33. K. A. Hawick and H. A. James. 2008. Enumerating circuits and loops in graphs with self-arcs and multiple-arcs. In Proceedings of the International Conference on Foundations of Computer Science (FCS’08). CSREA, 14--20.Google ScholarGoogle Scholar
  34. Ted Huffmire, Brett Brotherton, Gang Wang, Timothy Sherwood, Ryan Kastner, Timothy E. Levin, Thuy D. Nguyen, and Cynthia E. Irvine. 2007. Moats and drawbridges: An isolation primitive for reconfigurable hardware based systems. In Proceedings of the Symposium on Security and Privacy (S8P’07). IEEE, 281--295. Google ScholarGoogle ScholarDigital LibraryDigital Library
  35. Paul Kocher, Joshua Jaffe, and Benjamin Jun. 1999. Differential power analysis. In Proceedings of the Conference on Advances in Cryptology (CRYPTO’99). Springer, 388--397.Google ScholarGoogle ScholarCross RefCross Ref
  36. J. Krautter, D. R. E. Gnad, and M. B. Tahoori. 2018. FPGAhammer: Remote voltage fault attacks on shared FPGAs, suitable for DFA on AES. IACR Trans. Crypto. Hardw. Embedd. Syst. 3 (2018).Google ScholarGoogle Scholar
  37. Jason Luu, Nooruddin Ahmed, Kenneth B. Kent, Jason Anderson, Jonathan Rose, Vaughn Betz, Jeffrey Goeders, Michael Wainberg, Andrew Somerville, Thien Yu, Konstantin Nasartschuk, Miad Nasr, Sen Wang, and Tim Liu. 2014. VTR 7.0. ACM Trans. Reconfig. Technol. Syst. 7, 2 (July 2014), 1--30. Google ScholarGoogle ScholarDigital LibraryDigital Library
  38. A. L. Masle and W. Luk. 2012. Detecting power attacks on reconfigurable hardware. In Proceedings of the International Conference on Field-Programmable Logic and Applications (FPL’12). IEEE, 14--19.Google ScholarGoogle Scholar
  39. A. V. Mezhiba and E. G. Friedman. 2004. Scaling trends of on-chip power distribution noise. Trans. VLSI Syst. 12, 4 (Apr. 2004), 386--394. Google ScholarGoogle ScholarDigital LibraryDigital Library
  40. Enys Mones, Lilla Vicsek, and Tamás Vicsek. 2012. Hierarchy measure for complex networks. PLoS ONE 7, 3 (Mar. 2012), e33799.Google ScholarGoogle ScholarCross RefCross Ref
  41. Tiago P. Peixoto. 2014. The graph-tool python library. figshare.Google ScholarGoogle Scholar
  42. Chethan Ramesh, Shivukumar B. Patil, Siva Nishok Dhanuskodi, George Provelengios, Sebastien Pillement, Daniel Holcomb, and Russell Tessier. 2018. FPGA side channel attacks without physical access. In Proceedings of the International Symposium on Field-Programmable Custom Computing Machines.Google ScholarGoogle ScholarCross RefCross Ref
  43. Jonathan Rose, Jason Luu, Chi Wai Yu, Opal Densmore, Jeffrey Goeders, Andrew Somerville, Kenneth B. Kent, Peter Jamieson, and Jason Anderson. 2012. The VTR project. In Proceedings of the ACM/SIGDA International Symposium on Field-Programmable Gate Arrays (FPGA’12). ACM Press.Google ScholarGoogle ScholarDigital LibraryDigital Library
  44. F. Schellenberg, D. R. E. Gnad, A. Moradi, and M. B. Tahoori. 2018. An inside job: Remote power analysis attacks on FPGAs. In Proceedings of the Conference on Design, Automation 8 Test in Europe (DATE’18). IEEE.Google ScholarGoogle Scholar
  45. Li Shang, Alireza S. Kaviani, and Kusuma Bathala. 2002. Dynamic power consumption in Virtex™-II FPGA family. In Proceedings of the 10th ACM/SIGDA International Symposium on Field-Programmable Gate Arrays (FPGA’02). ACM Press. Google ScholarGoogle ScholarDigital LibraryDigital Library
  46. SpinalHDL contributors. 2019. An FPGA Friendly 32 bit RISC-V CPU implementation. Retrieved from: https://github.com/SpinalHDL/VexRiscv.Google ScholarGoogle Scholar
  47. Tilmann Stöhr, Markus Alt, Asmus Hetzel, and Jürgen Koehl. 1998. Analysis, reduction and avoidance of crosstalk on VLSI chips. In Proceedings of the International Symposium on Physical Design (ISPD’98). ACM, New York, NY, 211--218. Google ScholarGoogle ScholarDigital LibraryDigital Library
  48. Adrian Tang, Simha Sethumadhavan, and Salvatore Stolfo. 2017. CLKSCREW: Exposing the perils of security-oblivious energy management. In Proceedings of the USENIX Security Symposium. Google ScholarGoogle ScholarDigital LibraryDigital Library
  49. M. Tehranipoor and F. Koushanfar. 2010. A survey of hardware Trojan taxonomy and detection. IEEE Des. Test. Comput. 27, 1 (Jan. 2010), 10--25. Google ScholarGoogle ScholarDigital LibraryDigital Library
  50. Clifford Wolf. 2013. Yosys Open SYnthesis Suite. Retrieved from: http://www.clifford.at/yosys/.Google ScholarGoogle Scholar
  51. Mark Zhao and G. Edward Suh. 2018. FPGA-based remote power side-channel attacks. In Proceedings of the Symposium on Security and Privacy (S8P’18). IEEE.Google ScholarGoogle Scholar
  52. Kenneth M. Zick and John P. Hayes. 2012. Low-cost sensing with ring oscillator arrays for healthier reconfigurable systems. ACM Trans. Reconfig. Technol. Syst. 5, 1, Article 1 (Mar. 2012), 26 pages. Google ScholarGoogle ScholarDigital LibraryDigital Library
  53. Kenneth M. Zick, Meeta Srivastav, Wei Zhang, and Matthew French. 2013. Sensing nanosecond-scale voltage attacks and natural transients in FPGAs. In Proceedings of the International Symposium on Field-Programmable Gate Arrays (FPGA’13). ACM, 101--104. Google ScholarGoogle ScholarDigital LibraryDigital Library

Index Terms

  1. Mitigating Electrical-level Attacks towards Secure Multi-Tenant FPGAs in the Cloud

      Recommendations

      Comments

      Login options

      Check if you have access through your login credentials or your institution to get full access on this article.

      Sign in

      Full Access

      • Published in

        cover image ACM Transactions on Reconfigurable Technology and Systems
        ACM Transactions on Reconfigurable Technology and Systems  Volume 12, Issue 3
        Special Section on Security in FPGAs and Regular Articles
        September 2019
        150 pages
        ISSN:1936-7406
        EISSN:1936-7414
        DOI:10.1145/3357092
        • Editor:
        • Deming Chen
        Issue’s Table of Contents

        Copyright © 2019 ACM

        Publisher

        Association for Computing Machinery

        New York, NY, United States

        Publication History

        • Published: 13 August 2019
        • Accepted: 1 April 2019
        • Revised: 1 February 2019
        • Received: 1 October 2018
        Published in trets Volume 12, Issue 3

        Permissions

        Request permissions about this article.

        Request Permissions

        Check for updates

        Qualifiers

        • research-article
        • Research
        • Refereed

      PDF Format

      View or Download as a PDF file.

      PDF

      eReader

      View online with eReader.

      eReader

      HTML Format

      View this article in HTML Format .

      View HTML Format
      About Cookies On This Site

      We use cookies to ensure that we give you the best experience on our website.

      Learn more

      Got it!