Practical Implementations of Remote Power Side-Channel and Fault-Injection Attacks on Multitenant FPGAs

Cloud computing environments increasingly provision FPGAs because of their fine-grained, highly parallel, and flexible hardware architecture. The availability of FPGAs in the cloud fueled research on the security risks associated with exposing FPGA fabric to remote users. The most notable result is the discovery that remote access to cloud FPGAs presents an entirely new attack surface: that of remotely executed electrical-level attacks, which leverage shared power-delivery networks (PDNs). Two types of threats stand out: power analysis and fault-injection attacks. This chapter begins with a description of the corresponding threat models. Then, it elaborates on the practical implementations of the attacks in two steps. In the first, the FPGA circuits able to pick up a secret signal from the shared PDN (i.e., on-chip voltage-drop sensors) or inject a disturbance into it (i.e., power wasters) are presented. In the second, the experimental results of attacks on various FPGA boards, including data center acceleration cards, are shown and discussed. Finally, to facilitate future research, the implementations of a selection of the FPGA circuits enabling the attacks are shared as open source.