skip to main content
research-article

FPGAPRO: A Defense Framework Against Crosstalk-Induced Secret Leakage in FPGA

Published: 17 November 2021 Publication History

Abstract

With the emerging cloud-computing development, FPGAs are being integrated with cloud servers for higher performance. Recently, it has been explored to enable multiple users to share the hardware resources of a remote FPGA, i.e., to execute their own applications simultaneously. Although being a promising technique, multi-tenant FPGA unfortunately brings its unique security concerns. It has been demonstrated that the capacitive crosstalk between FPGA long-wires can be a side-channel to extract secret information, giving adversaries the opportunity to implement crosstalk-based side-channel attacks. Moreover, recent work reveals that medium-wires and multiplexers in configurable logic block (CLB) are also vulnerable to crosstalk-based information leakage.
In this work, we propose FPGAPRO: a defense framework leveraging Placement, Routing, and Obfuscation to mitigate the secret leakage on FPGA components, including long-wires, medium-wires, and logic elements in CLB. As a user-friendly defense strategy, FPGAPRO focuses on protecting the security-sensitive instances meanwhile considering critical path delay for performance maintenance. As the proof-of-concept, the experimental result demonstrates that FPGAPRO can effectively reduce the crosstalk-caused side-channel leakage by 138 times. Besides, the performance analysis shows that this strategy prevents the maximum frequency from timing violation.

References

[4]
2016. Here’s what an Intel Broadwell Xeon with a built-in FPGA looks like. https://www.theregister.co.uk/2016/03/14/intel_xeon_fpga/.
[5]
2017. Enable faster FPGA accelerator development and deployment in the cloud. https://aws.amazon.com/ec2/instance-types/f1/.
[7]
2018. Intel Launches New Datacenter Accelerator with Its Most Powerful FPGA. https://www.top500.org/news/intel-launches-new-datacenter-accelerator-with-its-most-powerful-fpga/.
[11]
Md Mahbub Alam, Shahin Tajik, Fatemeh Ganji, Mark Tehranipoor, and Domenic Forte. 2019. Ram-jam: Remote temperature and voltage fault attack on FPGAs using memory collisions. In 2019 Workshop on Fault Diagnosis and Tolerance in Cryptography (FDTC). IEEE, 48–55.
[12]
Lejla Batina, Shivam Bhasin, Dirmanto Jap, and Stjepan Picek. [n.d.]. CSI-NN: Reverse engineering of neural network architectures through electromagnetic side channel. In 28th USENIX Security Symposium (USENIX Security 19), (2019), 515–532.
[13]
Fei Chen, Yi Shan, Yu Zhang, Yu Wang, Hubertus Franke, Xiaotao Chang, and Kun Wang. 2014. Enabling FPGAs in the cloud. In Proceedings of the 11th ACM Conference on Computing Frontiers. 1–10.
[14]
John D. Corbett. 2013. The Xilinx isolation design flow for fault-tolerant systems. Xilinx White Paper WP412 (2013).
[15]
Elke De Mulder, Pieter Buysschaert, S. B. Ors, Peter Delmotte, Bart Preneel, Guy Vandenbosch, and Ingrid Verbauwhede. 2005. Electromagnetic analysis attack on an FPGA implementation of an elliptic curve cryptosystem. In EUROCON 2005-The International Conference on Computer as a Tool, Vol. 2. IEEE, 1879–1882.
[16]
Shijin Duan, Wenhao Wang, Yukui Luo, and Xiaolin Xu. 2021. A survey of recent attacks and mitigation on FPGA systems. In 2021 IEEE Computer Society Annual Symposium on VLSI (ISVLSI). IEEE, 284–289.
[17]
Rana Elnaggar, Ramesh Karri, and Krishnendu Chakrabarty. 2019. Multi-Tenant FPGA-based reconfigurable systems: Attacks and defenses. In 2019 Design, Automation & Test in Europe Conference & Exhibition (DATE). IEEE, 7–12.
[18]
Farnoud Farahmand, Ahmed Ferozpuri, William Diehl, and Kris Gaj. 2017. Minerva: Automated hardware optimization tool. In 2017 International Conference on ReConFigurable Computing and FPGAs (ReConFig). IEEE, 1–8.
[19]
Martin Gag, Tim Wegner, Ansgar Waschki, and Dirk Timmermann. 2012. Temperature and on-chip crosstalk measurement using ring oscillators in FPGA. In 2012 IEEE 15th International Symposium on Design and Diagnostics of Electronic Circuits & Systems (DDECS). IEEE, 201–204.
[20]
Ilias Giechaskiel, Kasper B. Rasmussen, and Ken Eguro. 2018. Leaky wires: Information leakage and covert communication between FPGA long wires. In Proceedings of the 2018 on Asia Conference on Computer and Communications Security. 15–27.
[21]
Ilias Giechaskiel, Kasper Bonne Rasmussen, and Jakub Szefer. 2019. Measuring long wire leakage with ring oscillators in cloud FPGAs. In 2019 29th International Conference on Field Programmable Logic and Applications (FPL). IEEE, 45–50.
[22]
Ilias Giechaskiel and Jakub Szefer. 2020. Information leakage from FPGA routing and logic elements. In 2020 IEEE/ACM International Conference On Computer Aided Design (ICCAD). IEEE, 1–9.
[23]
Dennis R. E. Gnad, Fabian Oboril, and Mehdi B. Tahoori. 2017. Voltage drop-based fault attacks on FPGAs using valid bitstreams. In 2017 27th International Conference on Field Programmable Logic and Applications (FPL). IEEE, 1–7.
[24]
Google. 2018. Google Colaboratory. https://colab.research.google.com/.
[25]
Guannan Guo, Tsung-Wei Huang, Chun-Xun Lin, and Martin Wong. 2020. An efficient critical path generation algorithm considering extensive path constraints. In 2020 57th ACM/IEEE Design Automation Conference (DAC). IEEE, 1–6.
[26]
Tsung-Wei Huang and Martin D. F. Wong. 2015. OpenTimer: A high-performance timing analysis tool. In 2015 IEEE/ACM International Conference on Computer-Aided Design (ICCAD). IEEE, 895–902.
[27]
Ted Huffmire, Brett Brotherton, Gang Wang, Timothy Sherwood, Ryan Kastner, Timothy Levin, Thuy Nguyen, and Cynthia Irvine. 2007. Moats and drawbridges: An isolation primitive for reconfigurable hardware based systems. In 2007 IEEE Symposium on Security and Privacy (SP’07). IEEE, 281–295.
[28]
Zsolt István, Gustavo Alonso, and Ankit Singla. 2018. Providing multi-tenant services with FPGAs: Case study on a key-value store. In 2018 28th International Conference on Field Programmable Logic and Applications (FPL). IEEE, 119–1195.
[29]
John David Jackson. 2007. Classical Electrodynamics. John Wiley & Sons.
[30]
Behnam Khaleghi, Ali Ahari, Hossein Asadi, and Siavash Bayat-Sarmadi. 2015. FPGA-based protection scheme against hardware trojan horse insertion using dummy logic. IEEE Embedded Systems Letters 7, 2 (2015), 46–50.
[31]
Christian Kison, Omar Mohamed Awad, Marc Fyrbiak, and Christof Paar. 2019. Security implications of intentional capacitive crosstalk. IEEE Transactions on Information Forensics and Security (2019).
[32]
Jonas Krautter, Dennis RE Gnad, Falk Schellenberg, Amir Moradi, and Mehdi B. Tahoori. 2019. Active fences against voltage-based side channels in multi-tenant FPGAs. In 2019 IEEE/ACM International Conference on Computer-Aided Design (ICCAD). IEEE, 1–8.
[33]
Tuan Minh La, Kaspar Matas, Nikola Grunchevski, Khoa Dang Pham, and Dirk Koch. 2020. FPGADefender: Malicious self-oscillator scanning for Xilinx UltraScale+ FPGAs. ACM Transactions on Reconfigurable Technology and Systems (TRETS) 13, 3 (2020), 1–31.
[34]
Pei-Yu Lee, Iris Hui-Ru Jiang, and Tung-Chieh Chen. 2018. Fastpass: Fast timing path search for generalized timing exception handling. In 2018 23rd Asia and South Pacific Design Automation Conference (ASP-DAC). IEEE, 172–177.
[35]
Wenye Liu, Chip-Hong Chang, Fan Zhang, and Xiaoxuan Lou. 2020. Imperceptible misclassification attack on deep learning accelerator by glitch injection. In 2020 57th ACM/IEEE Design Automation Conference (DAC). IEEE, 1–6.
[36]
Yukui Luo, Cheng Gongye, Yunsi Fei, and Xiaolin Xu. 2021. DeepStrike: Remotely-guided fault injection attacks on DNN Accelerator in Cloud-FPGA. arXiv preprint arXiv:2105.09453 (2021).
[37]
Yukui Luo and Xiaolin Xu. 2019. HILL: A hardware isolation framework against information leakage on multi-tenant FPGA long-wires. In 2019 International Conference on Field-Programmable Technology (ICFPT). IEEE, 331–334.
[38]
Yukui Luo and Xiaolin Xu. 2020. A quantitative defense framework against power attacks on multi-tenant FPGA. In 2020 IEEE/ACM International Conference On Computer Aided Design (ICCAD). IEEE, 1–4.
[39]
Morten B. Petersen, Stefan Nikolić, and Mirjana Stojilović. 2021. NetCracker: A peek into the routing architecture of Xilinx 7-Series FPGAs. In The 2021 ACM/SIGDA International Symposium on Field-Programmable Gate Arrays. 11–22.
[40]
George Provelengios, Daniel Holcomb, and Russell Tessier. 2019. Characterizing power distribution attacks in multi-user FPGA environments. In 2019 29th International Conference on Field Programmable Logic and Applications (FPL). IEEE, 194–201.
[41]
George Provelengios, Chethan Ramesh, Shivukumar B. Patil, Ken Eguro, Russell Tessier, and Daniel Holcomb. 2019. Characterization of long wire data leakage in deep submicron FPGAs. In Proceedings of the 2019 ACM/SIGDA International Symposium on Field-Programmable Gate Arrays. 292–297.
[42]
Adnan Siraj Rakin, Yukui Luo, Xiaolin Xu, and Deliang Fan. 2020. Deep-Dup: An adversarial weight duplication attack framework to crush deep neural network in Multi-Tenant FPGA. arXiv preprint arXiv:2011.03006 (2020).
[43]
Chethan Ramesh, Shivukumar B. Patil, Siva Nishok Dhanuskodi, George Provelengios, Sébastien Pillement, Daniel Holcomb, and Russell Tessier. 2018. FPGA side channel attacks without physical access. In 2018 IEEE 26th Annual International Symposium on Field-Programmable Custom Computing Machines (FCCM). IEEE, 45–52.
[44]
Falk Schellenberg, Dennis RE Gnad, Amir Moradi, and Mehdi B. Tahoori. 2018. An inside job: Remote power analysis attacks on FPGAs. In 2018 Design, Automation & Test in Europe Conference & Exhibition (DATE). IEEE, 1111–1116.
[45]
Alexander Schlösser, Dmitry Nedospasov, Juliane Krämer, Susanna Orlic, and Jean-Pierre Seifert. 2012. Simple photonic emission analysis of AES. In International Workshop on Cryptographic Hardware and Embedded Systems. Springer, 41–57.
[46]
Zeinab Seifoori, Seyedeh Sharareh Mirzargar, and Mirjana Stojilović. 2020. Closing leaks: Routing against crosstalk side-channel attacks. In The 2020 ACM/SIGDA International Symposium on Field-Programmable Gate Arrays. 197–203.
[47]
Sergei P. Skorobogatov and Ross J. Anderson. 2002. Optical fault induction attacks. In International Workshop on Cryptographic Hardware and Embedded Systems. Springer, 2–12.
[48]
Steven J. E. Wilton. 2001. A crosstalk-aware timing-driven router for FPGAs. In Proceedings of the 2001 ACM/SIGDA Ninth International Symposium on Field Programmable Gate Arrays. 21–28.
[49]
Xilinx. 2016. 7 Series FPGAs Configurable Logic Block User Guide. UG474 (2016). https://www.xilinx.com/support/documentation/user_guides/ug474_7Series_CLB.pdf.
[51]
Yue Zha and J. Li. 2020. Virtualizing FPGAs in the Cloud. Proceedings of the Twenty-Fifth International Conference on Architectural Support for Programming Languages and Operating Systems (2020).
[52]
Mark Zhao and G. Edward Suh. 2018. FPGA-based remote power side-channel attacks. In 2018 IEEE Symposium on Security and Privacy (SP). IEEE, 229–244.

Cited By

View all
  • (2024)Extending FPGA Information Leaks with Trojan Phantom Circuits2024 International Symposium on Secure and Private Execution Environment Design (SEED)10.1109/SEED61283.2024.00011(1-10)Online publication date: 16-May-2024
  • (2024)Circuit Disguise: Detecting Malicious Circuits in Cloud FPGAs without IP Disclosure2024 27th Euromicro Conference on Digital System Design (DSD)10.1109/DSD64264.2024.00055(361-368)Online publication date: 28-Aug-2024
  • (2023)A Survey on FPGA Cybersecurity Design StrategiesACM Transactions on Reconfigurable Technology and Systems10.1145/356151516:2(1-33)Online publication date: 11-Mar-2023
  • Show More Cited By

Index Terms

  1. FPGAPRO: A Defense Framework Against Crosstalk-Induced Secret Leakage in FPGA

    Recommendations

    Comments

    Information & Contributors

    Information

    Published In

    cover image ACM Transactions on Design Automation of Electronic Systems
    ACM Transactions on Design Automation of Electronic Systems  Volume 27, Issue 3
    May 2022
    245 pages
    ISSN:1084-4309
    EISSN:1557-7309
    DOI:10.1145/3498355
    Issue’s Table of Contents

    Publisher

    Association for Computing Machinery

    New York, NY, United States

    Journal Family

    Publication History

    Published: 17 November 2021
    Accepted: 01 September 2021
    Revised: 01 August 2021
    Received: 01 May 2021
    Published in TODAES Volume 27, Issue 3

    Permissions

    Request permissions for this article.

    Check for updates

    Author Tags

    1. Cloud-FPGA
    2. capacitive crosstalk
    3. long-wire
    4. side-channel attack
    5. placement isolation

    Qualifiers

    • Research-article
    • Refereed

    Contributors

    Other Metrics

    Bibliometrics & Citations

    Bibliometrics

    Article Metrics

    • Downloads (Last 12 months)83
    • Downloads (Last 6 weeks)9
    Reflects downloads up to 15 Feb 2025

    Other Metrics

    Citations

    Cited By

    View all
    • (2024)Extending FPGA Information Leaks with Trojan Phantom Circuits2024 International Symposium on Secure and Private Execution Environment Design (SEED)10.1109/SEED61283.2024.00011(1-10)Online publication date: 16-May-2024
    • (2024)Circuit Disguise: Detecting Malicious Circuits in Cloud FPGAs without IP Disclosure2024 27th Euromicro Conference on Digital System Design (DSD)10.1109/DSD64264.2024.00055(361-368)Online publication date: 28-Aug-2024
    • (2023)A Survey on FPGA Cybersecurity Design StrategiesACM Transactions on Reconfigurable Technology and Systems10.1145/356151516:2(1-33)Online publication date: 11-Mar-2023
    • (2023)A Visionary Look at the Security of Reconfigurable Cloud ComputingProceedings of the IEEE10.1109/JPROC.2023.3330729111:12(1548-1571)Online publication date: Dec-2023

    View Options

    Login options

    Full Access

    View options

    PDF

    View or Download as a PDF file.

    PDF

    eReader

    View online with eReader.

    eReader

    Full Text

    View this article in Full Text.

    Full Text

    HTML Format

    View this article in HTML Format.

    HTML Format

    Figures

    Tables

    Media

    Share

    Share

    Share this Publication link

    Share on social media