Trustworthy Platforms & Systems

Enhancing Security of FPGAs in the Cloud

Enhancing awareness about the security risks facing FPGAs, considering the role of FPGAs in cloud computing.

Over the last decade, cloud computing has enabled the delivery of services on demand with advantages such as low startup cost, high-availability, and a major scale-up in computing power. It continues to reinvent itself to offer a wide range of services and workloads. In this process, Field Programmable Gate Arrays (FPGAs) have emerged as a much more robust option to CPUs and GPUs. FPGAs can be configured much more dynamically than instruction-based hardware such as CPUs and GPUs. In the last few years, FPGAs have played a major role in several domains because of their ability to achieve high throughput and predictable latency with low power consumption. However, the deployment of FPGAs in the cloud comes with security issues, which have attracted scant attention so far in the academic world. To address this shortcoming in existing literature, a new research project has been initiated by Mirjana Stojilovic, Scientist at the School of Computer and Communication Sciences, EPFL.

Cloud computing implies a multitenancy environment where several users share the same computing environment, both in terms of applications and physical resources. In that milieu, it is important to consider the security risks arising from the same FPGA being shared by the users. In her proposed study, Mirjana draws attention to the fact that FPGAs are being adopted increasingly in commercial cloud computing, which makes FPGAs susceptible to security hazards. These include Denial of Service (DoS) attacks (wherein an apparently valid design is downloaded and used to reset an FPGA or render it unresponsive), side-channel attacks (which steal secure information), and attacks that generate computational errors.

Capitalizing on her past experience in electromagnetic susceptibility, FPGA architecture and compilation for FPGAs, Mirjana seeks to delve deeper into the as-yet unanswered questions concerning the security of FPGAs. Her research objective is two-pronged: on the one hand, she will focus on attacks that disrupt the power delivery network of FPGAs and propose solutions to detect, control, and even prevent such attacks; on the other, she will propose effective countermeasures for existing attacks that steal secure information.

The ultimate aim of the research is to enhance awareness about the security risks facing FPGAs, which is of critical importance considering the increasing role of FPGAs in the global cloud computing industry.

Further reading:

https://www.cse.wustl.edu/~roger/565M.f12/Paper3.pdf
https://thenewstack.io/developers-fpgas-cloud/
https://blog.esciencecenter.nl/why-use-an-fpga-instead-of-a-cpu-or-gpu-b234cd4f309c
https://infoscience.epfl.ch/record/217374/files/EPFL_TH6903.pdf