Abstract
Sharing configuration bitstreams rather than netlists is a very desirable feature to protect IP or to share IP without longer CAD tool processing times. Furthermore, an increasing number of systems could hugely benefit from serving multiple users on the same FPGA, for example, for resource pooling in cloud infrastructures.
This article researches the threat that a malicious application can impose on an FPGA-based system in a multi-tenancy scenario from a hardware security point of view. In particular, this article evaluates the risk systematically for FPGA power-hammering through short-circuits and self-oscillating circuits, which potentially may cause harm to a system. This risk includes implementing, tuning, and evaluating all FPGA self-oscillators known from the literature but also developing a large number of new power-hammering designs that have not been considered before. Our experiments demonstrate that malicious circuits can be tuned to the point that just 3% of the logic available on an Ultra96 FPGA board can draw the power budget of the entire FPGA board. This fact suggests a waste power potential for datacenter FPGAs in the range of kilowatts.
In addition to carefully analyzing FPGA hardware security threats, we present the FPGA virus scanner FPGADefender, which can detect (possibly) any self-oscillating FPGA circuit, as well as detecting short-circuits, high fanout nets, and a tapping onto signals outside the scope of a module for protecting data center FPGAs, such as Xilinx UltraScale+ devices at the bitstream level.
- A. C. Aldaya, A. Sarmiento, and S. Sánchez-Solano. 2016-04. AES T-box tampering attack. J. Cryptogr. Eng. 6, 1 (2016-04), 31, 48.Google Scholar
Cross Ref
- R. Amerson, R. Carter, W. Culbertson, P. Kuekes, G. Snider, and L. Albertson. 1996. Plasma: An FPGA for million gate systems. In Proceedings of the 4th International ACM Symposium on Field-Programmable Gate Arrays. 10--16.Google Scholar
- R. Amerson, R. J. Carter, W. B. Culbertson, P. Kuekes, and G. Snider. 1995. Teramac-configurable custom computing. In Proceedings of the IEEE Symposium on FPGAs for Custom Computing Machines. 32--38.Google Scholar
- Avnet. 2018. Ultra96 Hardware User Guide. Retrieved from http://zedboard.org/sites/default/files/documentations/Ultra96-HW-User-Guide-rev-1-0-V0_9_preliminary.pdf.Google Scholar
- Avnet. 2018. Ultra96 Schematics. Retrieved from https://github.com/96boards/documentation/blob/master/consumer/ultra96/ultra96-v1/hardware-docs/files/ultra96-schematics.pdf.Google Scholar
- C. Beckhoff, D. Koch, and J. Torresen. 2010-08. Short-circuits on FPGAs caused by partial runtime reconfiguration. In Proceedings of the International Conference on Field Programmable Logic and Applications. IEEE, 596, 601.Google Scholar
- C. Beckhoff, D. Koch, and J. Torresen. 2012. Go ahead: A partial reconfiguration framework. In Proceedings of the IEEE 20th International Symposium on Field-Programmable Custom Computing Machines. 37--44.Google Scholar
- F. Benz, A. Seffrin, and S. A. Huss. 2012. Bil: A tool-chain for bitstream reverse-engineering. In Proceedings of the 22nd International Conference on Field Programmable Logic and Applications (FPL’12). 735--738.Google Scholar
- E. Biham and A. Shamir. 1997. Differential fault analysis of secret key cryptosystems. In Proceedings of the Annual International Cryptology Conference. Springer, 513--525.Google Scholar
- A. Bradbury, L. James, L. Marques, T. Roberts, P. Vogel, P. Wagner, and S. Elliott. 2019. LowRISC-Running on the FPGA. Retrieved from https://www.lowrisc.org/docs/debug-v0.3/fpga/.Google Scholar
- R. K. Brayton, G. D. Hachtel, C. McMullen, and A. Sangiovanni-Vincentelli. 1984. Logic Minimization Algorithms for VLSI Synthesis. Vol. 2. Springer Science 8 Business Media.Google Scholar
- C. Chiasson and V. Betz. 2013. Should FPGAs abandon the pass-gate? In Proceedings of the 23rd International Conference on Field Programmable Logic and Applications. 1--8.Google Scholar
- Intel Corp. 2018. White Paper: Secure Device Manager for Intel Stratix 10 Devices Provides FPGA and SoC Security. Retrieved from https://www.intel.com/content/dam/www/programmable/us/en/pdfs/literature/wp/wp-01252-secure-device-manager-for-fpga-soc-security.pdf.Google Scholar
- J. Danger, S. Guilley, S. Bhasin, and M. Nassar. 2009. Overview of dual rail with precharge logic styles to thwart implementation-level attacks on hardware cryptoprocessors. In Proceedings of the 3rd International Conference on Signals, Circuits and Systems (SCS). 1--8.Google Scholar
- C. Drake. 2018. Python Electronic Design Automation. Retrieved from https://pyeda.readthedocs.io/en/latest/2llm.html.Google Scholar
- Q. Gautier, A. Althoff, Pingfan Meng, and R. Kastner. 2016. Spector: An OpenCL FPGA benchmark suite. In Proceedings of the International Conference on Field-Programmable Technology (FPT’16).Google Scholar
- K. Georgopoulos, K. Bakanov, I. Mavroidis, I. Papaefstathiou, A. Ioannou, P. Malakonakis, K. D. Pham, D. Koch, and L. Lavagno. 2019. A Novel Framework for Utilising Multi-FPGAs in HPC Systems. 153--189.Google Scholar
- Ilias Giechaskiel, Kasper B. Rasmussen, and Ken Eguro. 2018. Leaky wires: Information leakage and covert communication between FPGA long wires. In Proceedings of the 2018 on Asia Conference on Computer and Communications Security (ASIACCS'18). ACM, New York, NY, USA, 15--27.Google Scholar
Digital Library
- I. Giechaskiel, K. Rasmussen, and J. Szefer. 2019. Measuring long wire leakage with ring oscillators in cloud FPGAs. In Proceedings of the International Conference on Field-Programmable Logic and Applications (FPL’19).Google Scholar
- D. Gnad, F. Oboril, and M. Tahoori. 2017. Voltage drop-based fault attacks on FPGAs using valid bitstreams. In Proceedings of the 27th International Conference on Field Programmable Logic and Applications (FPL’17). IEEE, 1--7.Google Scholar
- T. Güneysu and A. Moradi. 2011. Generic side-channel countermeasures for reconfigurable devices. In Cryptographic Hardware and Embedded Systems, Bart Preneel and Tsuyoshi Takagi (Eds.). Springer, Berlin, 33--48.Google Scholar
- I. Hadžić, S. Udani, and J. Smith. 1999. FPGA viruses. In Proceedings of the International Workshop on Field Programmable Logic and Applications. Springer, 291--300.Google Scholar
- A. Hagberg, P. Swart, and D. Schult. 2014. NetworkX—Software for Complex Networks. Retrieved from https://networkx.github.io/.Google Scholar
- Amazon Inc. 2019. Amazon EC2 F1 Instances. Retrieved from https://aws.amazon.com/ec2/instance-types/f1/.Google Scholar
- Alibaba Inc. 2019. Deep Dive into Alibaba Cloud F3 FPGA as a Service Instances. Retrieved from https://www.alibabacloud.com/blog/deep-dive-into-alibaba-cloud-f3-fpga-as-a-service-instances_594057.Google Scholar
- Amazon Inc. 2020. AWS FPGA: Programmer’s View of the Custom Logic. Retrieved from https://github.com/aws/aws-fpga/blob/master/hdk/docs/Programmer_View.md.Google Scholar
- Baidu Inc. 2020. FPGA Cloud Server. Retrieved from https://cloud.baidu.com/product/fpga.html.Google Scholar
- Nimbix Inc. 2020. Xilinx Alveo Accelerator Cards. Retrieved from https://www.nimbix.net/alveo.Google Scholar
- Xilinx Inc. 2018. Using Encryption and Authentication to Secure an UltraScale/UltraScale+ FPGA Bitstream. Retrieved from https://www.xilinx.com/support/documentation/application_notes/xapp1267-encryp-efuse-program.pdf.Google Scholar
- Xilinx Inc. 2018. Vivado 2018.02. Retrieved from https://www.xilinx.com/products/design-tools/vivado.html.Google Scholar
- Xilinx Inc. 2019. Delivering a Generation Ahead at 20nm and 16nm. Retrieved from https://www.xilinx.com/about/generation-ahead-16nm.html.Google Scholar
- Xilinx Inc. 2019. UltraScale Architecture DSP Slice. Retrieved from https://www.xilinx.com/support/documentation/user_guides/ug579-ultrascale-dsp.pdf.Google Scholar
- Xilinx Inc. 2019. UltraScale Architecture Memory Resources. Retrieved from https://www.xilinx.com/support/documentation/user_guides/ug573-ultrascale-memory-resources.pdf.Google Scholar
- Xilinx Inc. 2019. Zynq UltraScale+ MPSoC Data Sheet: DC and AC Switching Characteristics. Retrieve from https://www.xilinx.com/support/documentation/data_sheets/ds925-zynq-ultrascale-plus.pdf.Google Scholar
- Y. Ishai, A. Sahai, and D. Wagner. 2003. Private circuits: Securing hardware against probing attacks. In Advances in Cryptology, Dan Boneh (Ed.). Springer, Berlin, 463--481.Google Scholar
- H. Kalte, G. Lee, M. Porrmann, and U. Rackert. 2005. REPLICA: A bitstream manipulation filter for module relocation in partial reconfigurable systems. In Proceedings of the 19th IEEE International Parallel and Distributed Processing Symposium.Google Scholar
- N. Kamoun, L. Bossuet, and A. Ghazel. 2009. Correlated power noise generator as a low cost DPA countermeasures to secure hardware AES cipher. In Proceedings of the 3rd International Conference on Signals, Circuits and Systems (SCS). 1--6.Google Scholar
- Dirk Koch. 2012. Partial Reconfiguration on FPGAs: Architectures, Tools and Applications. Vol. 153. Springer Science 8 Business Media.Google Scholar
- D. Koch, F. Hannig, and D. Ziener. 2016. FPGAs for Software Programmers (1st ed.). Springer.Google Scholar
- J. Krautter, D. Gnad, F. Schellenberg, A. Moradi, and M. Tahoori. 2019. Active Fences against Voltage-based Side Channels in Multi-Tenant FPGAs. Retrieved from https://eprint.iacr.org/2019/1152.pdf.Google Scholar
- J. Krautter, D. R. E. Gnad, and M. B. Tahoori. 2018. FPGAhammer: Remote voltage fault attacks on shared FPGAs, suitable for DFA on AES. IACR Trans. Cryptogr. Hardware Embed. Syst. 2018, 3 (Aug. 2018), 44--68.Google Scholar
- J. Krautter, D. Gnad, and M. Tahoori. 2019. Mitigating electrical-level attacks towards secure multi-tenant FPGAs in the cloud. ACM Trans. Reconfig. Technol. Syst. 12, 3, Article 12 (Aug. 2019), 26 pages.Google Scholar
Digital Library
- C. Lattner. 2019. Clang: A C Language Family Frontend for LLVM. Retrieved from https://clang.llvm.org/.Google Scholar
- D. Lewis, E. Ahmed, G. Baeckler, V. Betz, M. Bourgeault, D. Cashman, D. Galloway, M. Hutton, C. Lane, A. Lee, P. Leventis, S. Marquardt, C. McClintock, K. Padalia, B. Pedersen, G. Powell, B. Ratchev, S. Reddy, J. Schleicher, K. Stevens, R. Yuan, R. Cliff, and J. Rose. 2005. The Stratix II logic and routing architecture. In Proceedings of the ACM/SIGDA 13th International Symposium on Field-programmable Gate Arrays (FPGA’05). ACM, New York, NY, 14--20.Google Scholar
- L. Ma, F. B. Muslim, and L. Lavagno. 2016. High performance and low power Monte Carlo methods to option pricing models via high level design and synthesis. In Proceedings of the European Symposium on Computer Modeling and Simulation (EMS’16). 157--162.Google Scholar
- M. Majer, J. Teich, A. Ahmadinia, and C. Bobda. 2007. The Erlangen Slot Machine: A dynamically reconfigurable FPGA-based computer. J. VLSI Signal Process. Syst. 47, 1 (Apr. 2007), 15--31.Google Scholar
- S. S. Mirzargar and M. Stojilovic. 2019. Physical side-channel attacks and covert communication on FPGAs: A survey. In Proceedings of the 29th International Conference on Field-Programmable Logic and Applications (FPL’19).Google Scholar
- OpenCores. 2020. Free and Open Source gateware IP cores. Retrieved from https://opencores.org/.Google Scholar
- K. Pham, E. Horta, D. Koch, A. Vaishnav, and T. Kuhn. 2018. IPRDF: An isolated partial reconfiguration design flow for Xilinx FPGAs. In Proceedings of the IEEE 12th International Symposium on Embedded Multicore/Many-core Systems-on-Chip (MCSoC’18). 36--43.Google Scholar
- K. D. Pham, E. Horta, and D. Koch. 2017. BITMAN: A tool and API for FPGA bitstream manipulations. In Proceedings of the Design, Automation 8 Test in Europe Conference 8 Exhibition (DATE’17). IEEE, 894--897.Google Scholar
- K. D. Pham, A. Vaishnav, M. Vesper, and D. Koch. 2018. ZUCL: A ZYNQ UltraScale+ framework for OpenCL HLS applications. In Proceedings of the 5th International Workshop on FPGAs for Software Programmers (FSP’18).Google Scholar
- G. Provelengios, D. Holcomb, and R. Tessier. 2019. Characterizing power distribution attacks in multi-user FPGA environments. In Proceedings of the 29th International Conference on Field-Programmable Logic and Applications (FPL’19).Google Scholar
- A. Putnam, A. Caulfield, E. Chung, D. Chiou, K. Constantinides, J. Demme, H. Esmaeilzadeh, J. Fowers, G. Gopal, J. Gray, M. Haselman, S. Hauck, S. Heil, A. Hormati, J. Kim, S. Lanka, J. Larus, E. Peterson, S. Pope, A. Smith, J. Thong, P. Xiao, and D. Burger. 2014. A reconfigurable fabric for accelerating large-scale datacenter services. In Proceedings of the 41st Annual International Symposium on Computer Architecuture (ISCA’14). IEEE Press, Piscataway, NJ, 13--24.Google Scholar
- C. Ramesh, S. Patil, S. Dhanuskodi, G. Provelengios, S. Pillement, D. Holcomb, and R. Tessier. 2018. FPGA side channel attacks without physical access. In Proceedings of the IEEE 26th Annual International Symposium on Field-Programmable Custom Computing Machines (FCCM’18). IEEE, 45--52.Google Scholar
- F. Schellenberg, D. Gnad, A. Moradi, and M. Tahoori. 2018. An inside job: Remote power analysis attacks on FPGAs. In Proceedings of the Design, Automation 8 Test in Europe Conference 8 Exhibition (DATE’18). IEEE, 1111--1116.Google Scholar
- F. Schellenberg, D. R. E. Gnad, A. Moradi, and M. B. Tahoori. 2018. Remote inter-chip power analysis side-channel attacks at board-level. In Proceedings of the IEEE/ACM International Conference on Computer-Aided Design (ICCAD’18). 1--7.Google Scholar
- T. Sugawara, K. Sakiyama, S. Nashimoto, D. Suzuki, and T. Nagatsuka. 2019. Oscillator without a combinatorial loop and its threat to FPGA in data centre. Electron. Lett. 55, 11 (2019), 640--642.Google Scholar
Cross Ref
- P. Swierczynski, G. Becker, A. Moradi, and C. Paar. 2018-03-01. Bitstream fault injections (BiFI)-automated fault attacks against SRAM-based FPGAs. IEEE Trans. Comput. 67, 3 (2018-03-01), 348, 360.Google Scholar
Cross Ref
- P. Swierczynski, M. Fyrbiak, P. Koppe, A. Moradi, and C. Paar. 2017. Interdiction in practice—Hardware Trojan against a high-security USB flash drive. J. Cryptogr. Eng. 7, 3 (1 Sep 2017), 199--211.Google Scholar
Cross Ref
- P. Swierczynski, M. Fyrbiak, P. Koppe, and C. Paar. 2015-08. FPGA Trojans through detecting and weakening of cryptographic primitives. IEEE Trans. Comput.-Aid. Design Integr. Circ. Syst. 34, 8 (2015-08), 1236--1249.Google Scholar
- SymbiFlow. 2019. Project X-Ray. Retrieved from https://github.com/SymbiFlow/prjxray.Google Scholar
- V. Taraate. 2019. Advanced HDL Synthesis and SOC Prototyping. Springer US.Google Scholar
- S. Trimberger and J. Moore. 2014-08. FPGA security: Motivations, features, and applications. Proc. IEEE 102, 8 (2014-08), 1248, 1265.Google Scholar
Cross Ref
- A. Vaishnav, J. R. G. Ordaz, and D. Koch. 2017. A security library for FPGA interlays. In Proceedings of the 27th International Conference on Field Programmable Logic and Applications (FPL’17). 1--4.Google Scholar
- A. Vaishnav, K. D. Pham, D. Koch, and J. Garside. 2018. Resource elastic virtualization for FPGAs using OpenCL. In 2018 28th International Conference on Field Programmable Logic and Applications (FPL). 111--1117.Google Scholar
- A. Vaishnav, K. D. Pham, K. Manev, and D. Koch. 2019. The FOS (FPGA Operating System) Demo. Retrieved from https://github.com/khoapham/fos.Google Scholar
- M. Vesper, D. Koch, and K. Pham. 2017. PCIeHLS: An OpenCL HLS framework. In Proceedings of the 4th International Workshop on FPGAs for Software Programmers (FSP’17). 1--6.Google Scholar
- R. Watanabe, S. Ura, Q. Zhao, and T. Yoshida. 2019. Implementation of FPGA building platform as a cloud service. In Proceedings of the 10th International Symposium on Highly-Efficient Accelerators and Reconfigurable Technologies (HEART’19). ACM, New York, NY, Article 6, 6 pages.Google Scholar
- A. Wild, A. Moradi, and T. Güneysu. 2018. GliFreD: Glitch-free duplication towards power-equalized circuits on FPGAs. IEEE Trans. Comput. 67, 3 (Mar. 2018), 375--387.Google Scholar
Cross Ref
- Clifford Wolf. 2019. PicoRV32. Retrieved from https://github.com/cliffordwolf/picorv32.Google Scholar
- T. Zhang, J. Wang, S. Guo, and Z. Chen. 2019. A comprehensive FPGA reverse engineering tool-chain: From bitstream to RTL code. IEEE Access 7 (2019), 38379--38389.Google Scholar
Cross Ref
- M. Zhao and G. Suh. 2018. FPGA-based remote power side-channel attacks. In Proceedings of the IEEE Symposium on Security and Privacy (SP’18). IEEE, 229--244.Google Scholar
- K. Zick and J. Hayes. 2012-03-01. Low-cost sensing with ring oscillator arrays for healthier reconfigurable systems. ACM Trans. Reconfig. Technol. Syst. 5, 1 (2012-03-01), 1, 26.Google Scholar
Digital Library
- K. Zick, M. Srivastav, W. Zhang, and M. French. 2013. Sensing nanosecond-scale voltage attacks and natural transients in FPGAs. In Proceedings of the ACM/SIGDA International Symposium on Field Programmable Gate Arrays. ACM, 101--104.Google Scholar
Index Terms
FPGADefender: Malicious Self-oscillator Scanning for Xilinx UltraScale + FPGAs
Recommendations
Mitigating Electrical-level Attacks towards Secure Multi-Tenant FPGAs in the Cloud
Special Section on Security in FPGAs and Regular ArticlesA rising trend is the use of multi-tenant FPGAs, particularly in cloud environments, where partial access to the hardware is given to multiple third parties. This leads to new types of attacks in FPGAs, which operate not only on the logic level, but ...
Cryptography for Next Generation TLS: Implementing the RFC 7748 Elliptic Curve448 Cryptosystem in Hardware
DAC '17: Proceedings of the 54th Annual Design Automation Conference 2017With RFC 7748 the two elliptic curves Curve25519 and Curve448 were proposed for the next generation of TLS. Both curves were designed and optimized purely for software implementation; their implementation in hardware or physical protection against side-...
Towards bidirectional LUT-level detection of hardware Trojans
AbstractFPGAs are field-programmable and reconfigurable integrated circuits; consequently, they entail numerous security concerns. For example, malicious functions such as hardware Trojans (HTs), can be inserted into the circuits in both ...






Comments