Abstract
Recent research has exposed a number of security issues related to the use of FPGAs in embedded system and cloud computing environments. Circuits that deliberately waste power can be carefully crafted by a malicious cloud FPGA user and deployed to cause denial-of-service and fault injection attacks. The main defense strategy used by FPGA cloud services involves checking user-submitted designs for circuit structures that are known to aggressively consume power. Unfortunately, this approach is limited by an attacker’s ability to conceive new designs that defeat existing checkers. In this work, our contributions are twofold. We evaluate a variety of circuit power wasting techniques that typically are not flagged by design rule checks imposed by FPGA cloud computing vendors. The efficiencies of five power wasting circuits, including our new design, are evaluated in terms of power consumed per logic resource. We then show that the source of voltage attacks based on power wasters can be identified. Our monitoring approach localizes the attack and suppresses the clock signal for the target region within 21 μs, which is fast enough to stop an attack before it causes a board reset. All experiments are performed using a state-of-the-art Intel Stratix 10 FPGA.
- Md Mahbub Alam, Shahin Tajik, Fatemeh Ganji, Mark Tehranipoor, and Domenic Forte. 2019. RAM-Jam: Remote temperature and voltage fault attack on FPGAs using memory collisions. In 2019 Workshop on Fault Diagnosis and Tolerance in Cryptography (FDTC’19). 48–55.Google ScholarCross Ref
- Abdulazim Amouri, Jochen Hepp, and Mehdi Tahoori. 2015. Built-in self-heating thermal testing of FPGAs. IEEE Transactions on Computer-Aided Design of Integrated Circuits and Systems 35, 9 (2015), 1546–1556.Google ScholarDigital Library
- AWS. 2020. Amazon ECE F1 Instances. https://aws.amazon.com/ec2/instance-types/f1/.Google Scholar
- Adrian M. Caulfield, Eric S. Chung, Andrew Putnam, Hari Angepat, Jeremy Fowers, Michael Haselman, Stephen Heil, Matt Humphrey, Puneet Kaur, Joo-Young Kim, Daniel Lo, Todd Massengill, Kalin Ovtcharov, Michael Papamichael, Lisa Woods, Sitaram Lanka, Derek Chiou, and Doug Burger. 2016. A cloud-scale acceleration architecture. In IEEE/ACM International Symposium on Microarchitecture (MICRO’16). 1–13. Google ScholarDigital Library
- Alibaba Cloud. 2018. Deep Dive into Alibaba Cloud F3 FPGA as a Service Instances. https://www.alibabacloud.com/blog/deep-dive-into-alibaba-cloud-f3-fpga-as-a-service-instances_594057.Google Scholar
- Naveen Kumar Dumpala, Shivukumar B. Patil, Daniel Holcomb, and Russell Tessier. 2017. Energy efficient loop unrolling for low-cost FPGAs. In IEEE International Symposium on Field-Programmable Custom Computing Machines (FCCM’17). 117–120.Google ScholarCross Ref
- Ilias Giechaskiel, Kasper Rasmussen, and Jakub Szefer. 2019. Reading between the dies: Cross-SLR covert channels on multi-tenant cloud FPGAs. In IEEE International Conference on Computer Design (ICCD’19). 1–10.Google ScholarCross Ref
- Ilias Giechaskiel, Kasper Bonne Rasmussen, and Jakub Szefer. 2019. Measuring long wire leakage with ring oscillators in cloud FPGAs. In International Conference on Field Programmable Logic and Applications (FPL’19). 45–50.Google ScholarCross Ref
- AWS GitHub. 2020. AFI Power. https://github.com/aws/aws-fpga/blob/master/hdk/docs/afi_power.md.Google Scholar
- AWS GitHub. 2020. Clocks and Reset. https://github.com/aws/aws-fpga/blob/master/hdk/docs/AWS_Shell_Interface_Specification.md#ClocksNReset.Google Scholar
- Dennis R. E. Gnad, Cong Dang Khoa Nguyen, Syed Hashim Gillani, and Mehdi B. Tahoori. 2019. Voltage-based covert channels in multi-tenant FPGAs. Cryptology ePrint Archive Report 2019/1394 (2019). https://eprint.iacr.org/2019/1394.Google Scholar
- Dennis R. E. Gnad, Fabian Oboril, Saman Kiamehr, and Mehdi B. Tahoori. 2016. Analysis of transient voltage fluctuations in FPGAs. In 2016 International Conference on Field-Programmable Technology (FPT’16). 12–19.Google Scholar
- Dennis R. E. Gnad, Fabian Oboril, Saman Kiamehr, and Mehdi B. Tahoori. 2019. An experimental evaluation and analysis of transient voltage fluctuations in FPGAs. IEEE Transactions on VLSI Systems 26, 10 (2019), 1817–1830.Google ScholarCross Ref
- Dennis R. E. Gnad, Fabian Oboril, and Mehdi B. Tahoori. 2017. Voltage drop-based fault attacks on FPGAs using valid bitstreams. In International Conference on Field Programmable Logic and Applications (FPL’17). 1–7.Google Scholar
- Intel Corporation. 2019. Intel Stratix 10 Analog to Digital Converter User Guide. Intel Corporation.Google Scholar
- Intel Corporation. 2020. Intel Stratix 10 Logic Array Blocks and Adaptive Logic Modules User Guide. Intel Corporation. https://www.intel.com/content/www/us/en/programmable/documentation/wtw1441782332101.html.Google Scholar
- Chenglu Jin, Vasudev Gohil, Ramesh Karri, and Jeyavijayan Rajendran. 2020. Security of cloud FPGAs: A survey. arxiv arXiv:2005.04867 (2020). http://arxiv.org/abs/2005.04867.Google Scholar
- Ahmed Khawaja, Joshua Landgraf, Rohith Prakash, Michael Wei, Eric Schkufza, and Christopher J. Rossbach. 2018. Sharing, protection, and compatibility for reconfigurable fabric with AmorphOS. In USENIX Symposium on Operating Systems Design and Implementation (OSDI’18). 107–127. Google ScholarDigital Library
- Oliver Knodel, Patrick Lehmann, and Rainer G. Spallek. 2016. RC3E: reconfigurable accelerators in data centres and their provision by adapted service models. In IEEE International Conference on Cloud Computing. 19–26.Google Scholar
- Jonas Krautter, Dennis R. E. Gnad, and Mehdi Tahoori. 2018. FPGAhammer: Remote voltage fault attacks on shared FPGAs, suitable for DFA on AES. IACR Transactions on Cryptographic Hardware and Embedded Systems 2018, 3 (2018), 44–68.Google ScholarCross Ref
- Jonas Krautter, Dennis R. E. Gnad, and Mehdi B. Tahoori. 2019. Mitigating electrical-level attacks towards secure multi-tenant FPGAs in the cloud. ACM Transactions on Reconfigurable Technology and Systems (TRETS) 12, 3 (2019), 1–26. Google ScholarDigital Library
- Fei Li, Deming Chen, Lei He, and Jason Cong. 2003. Architecture evaluation for power-efficient FPGAs. In ACM/SIGDA International Symposium on Field Programmable Gate Arrays (FPGA’03). 175–184. Google ScholarDigital Library
- Fei Li, Yizhou Lin, Lei He, Deming Chen, and Jason Cong. 2005. Power modeling and characteristics of field programmable gate arrays. IEEE Transactions on Computer-Aided Design of Integrated Circuits and Systems 24, 11 (2005), 1712–1724. Google ScholarDigital Library
- Dina Mahmoud and Mirjana Stojilović. 2019. Timing violation induced faults in multi-tenant FPGAs. In Design, Automation & Test in Europe Conference & Exhibition (DATE’19). 1745–1750.Google Scholar
- Kaspar Matas, Tuan La, Nikola Grunchevski, Khoa Pham, and Dirk Koch. 2020. Invited tutorial: FPGA hardware security for datacenters and beyond. In ACM/SIGDA International Symposium on Field-Programmable Gate Arrays (FPGA’20). 11–20. Google ScholarDigital Library
- Kaspar Matas, Tuan Minh La, Khoa Dang Pham, and Dirk Koch. 2020. Power-hammering through glitch amplification–Attacks and mitigation. In IEEE 28th Annual International Symposium on Field-Programmable Custom Computing Machines (FCCM’20). 65–69.Google ScholarCross Ref
- George Provelengios, Daniel Holcomb, and Russell Tessier. 2019. Characterizing power distribution attacks in multi-user FPGA environments. In International Conference on Field Programmable Logic and Applications (FPL’19). 194–201.Google ScholarCross Ref
- George Provelengios, Daniel Holcomb, and Russell Tessier. 2020. Power wasting circuits for cloud FPGA attacks. In International Conference on Field Programmable Logic and Applications (FPL’20). 231–235.Google ScholarCross Ref
- Daniel Chase Savory. 2012. Power Side-Channel DAC Implementations for Xilinx FPGAs. Master’s thesis. Dept. of Electrical and Computer Engineering, Brigham Young University.Google Scholar
- Falk Schellenberg, Dennis R. E. Gnad, Amir Moradi, and Mehdi B. Tahoori. 2018. An inside job: Remote power analysis attacks on FPGAs. In Design, Automation & Test in Europe Conference & Exhibition (DATE’18). 1111–1116.Google Scholar
- Linda L. Shen, Ibrahim Ahmed, and Vaughn Betz. 2019. Fast voltage transients on FPGAs: Impact and mitigation strategies. In IEEE International Symposium on Field-Programmable Custom Computing Machines (FCCM’19). 271–279.Google ScholarCross Ref
- Takeshi Sugawara, Kazuo Sakiyama, Shoei Nashimoto, Daisuke Suzuki, and Tomoyuki Nagatsuka. 2019. Oscillator without a combinatorial loop and its threat to FPGA in data centre. Electronics Letters 55, 11 (2019), 640–642.Google ScholarCross Ref
- Tomoyuki Takahashi, Takumi Uezono, Michihiro Shintani, Kazuya Masu, and Takashi Sato. 2009. On-die parameter extraction from path-delay measurements. In IEEE Asian Solid-State Circuits Conference. 101–104.Google ScholarCross Ref
- Terasic Technologies. 2019. DE10-Pro User’s Manual. Terasic Technologies.Google Scholar
- Shuang Xie and Wai Tung Ng. 2014. Delay-line temperature sensors and VLSI thermal management demonstrated on a 60nm FPGA. In IEEE International Symposium on Circuits and Systems (ISCAS’14). 2571–2574.Google ScholarCross Ref
- Sadegh Yazdanshenas. 2019. Datacenter-Optimized FPGAs. Ph.D. Dissertation. Department of Electrical and Computer Engineering, University of Toronto.Google Scholar
- Mark Zhao and G. Edward Suh. 2018. FPGA-based remote power side-channel attacks. In IEEE Symposium on Security and Privacy (S&P’18). 229–244.Google Scholar
- Kenneth M Zick and John P Hayes. 2010. On-line sensing for healthier FPGA systems. In ACM/SIGDA International Symposium on Field Programmable Gate Arrays (FPGA). 239–248. Google ScholarDigital Library
- Kenneth M. Zick and John P. Hayes. 2012. Low-cost sensing with ring oscillator arrays for healthier reconfigurable systems. ACM Transactions on Reconfigurable Technology and Systems 5, 1 (2012), 1–26. Google ScholarDigital Library
- Kenneth M. Zick, Meeta Srivastav, Wei Zhang, and Matthew French. 2013. Sensing nanosecond-scale voltage attacks and natural transients in FPGAs. In Proceedings of the ACM/SIGDA International Symposium on Field Programmable Gate Arrays (FPGA’13). 101–104. Google ScholarDigital Library
- Daniel Ziener, Florian Baueregger, and Jürgen Teich. 2010. Using the power side channel of FPGAs for communication. In IEEE International Symposium on Field-Programmable Custom Computing Machines (FCCM’10). 237–244. Google ScholarDigital Library
Index Terms
- Mitigating Voltage Attacks in Multi-Tenant FPGAs
Recommendations
Mitigating Electrical-level Attacks towards Secure Multi-Tenant FPGAs in the Cloud
Special Section on Security in FPGAs and Regular ArticlesA rising trend is the use of multi-tenant FPGAs, particularly in cloud environments, where partial access to the hardware is given to multiple third parties. This leads to new types of attacks in FPGAs, which operate not only on the logic level, but ...
Covert-Hammer: Coordinating Power-Hammering on Multi-tenant FPGAs via Covert Channels
FPGA '24: Proceedings of the 2024 ACM/SIGDA International Symposium on Field Programmable Gate ArraysWith the rise of AI, end of Moore's law, and the digitization of public services, the demand for accelerated computing is growing. To address this demand, major cloud service providers like Amazon Web Services, Microsoft Azure, and Google Cloud Platform ...
LoopBreaker: Disabling Interconnects to Mitigate Voltage-Based Attacks in Multi-Tenant FPGAs
2021 IEEE/ACM International Conference On Computer Aided Design (ICCAD)FPGAs are being offered in the cloud as accelerator resources that can be shared among multiple users (i.e. tenants). Recently, various approaches have shown that fault attacks launched from one tenant region to another are possible, leading to timing ...
Comments