Practical Implementations of Remote Power Side-Channel and Fault-Injection Attacks on Multitenant FPGAs

Cloud computing environments increasingly provision FPGAs because of their fine-grained, highly parallel, and flexible hardware architecture. The availability of FPGAs in the cloud fueled research on the security risks associated with exposing FPGA fabric to remote users. The most notable result is the discovery that remote access to cloud FPGAs presents an entirely new attack surface: that of remotely executed electrical-level attacks, which leverage shared power-delivery networks (PDNs). Two types of threats stand out: power analysis and fault-injection attacks. This chapter begins with a description of the corresponding threat models. Then, it elaborates on the practical implementations of the attacks in two steps. In the first, the FPGA circuits able to pick up a secret signal from the shared PDN (i.e., on-chip voltage-drop sensors) or inject a disturbance into it (i.e., power wasters) are presented. In the second, the experimental results of attacks on various FPGA boards, including data center acceleration cards, are shown and discussed. Finally, to facilitate future research, the implementations of a selection of the FPGA circuits enabling the attacks are shared as open source.

Practical Implementations of Remote Power Side-Channel and Fault-Injection Attacks on Multitenant FPGAs

X-Attack 2.0: The Risk of Power Wasters and Satisfiability Don’t-Care Hardware Trojans to Shared Cloud FPGAs

X-HEEP Poster - EcoCloud Event 2023

Evaluating, Exploiting, and Hiding Power Side-Channel Leakage of Remote FPGAs

X-Attack 2.0: The Risk of Power Wasters and Satisfiability Don’t-Care Hardware Trojans to Shared Cloud FPGAs

Evaluating, Exploiting, and Hiding Power Side-Channel Leakage of Remote FPGAs

X-HEEP Poster - EcoCloud Event 2023