{"title":"构建多租户云- fpga作为安全基础设施的警示","authors":"Yukui Luo, Yuheng Zhang, Shijin Duan, Xiaolin Xu","doi":"10.1109/ICFPT56656.2022.9974230","DOIUrl":null,"url":null,"abstract":"Security concerns have been raised for multi-tenant cloud-FPGA in many recent works. While these existing works focused on studying the security of diverse cloud-FPGA applications, such as Advanced Encryption Standard (AES), the vulnerabilities associated with the inherent FPGA components are so far under-explored. For the first time, we investigate the robustness of a commonly used communication protocol for data exchange, Advanced eXtensible Interface (AXI), against fault injection attacks in a multi-tenant cloud-FPGA environment. We build an experimental setup with a commodity FPGA development kit and launch fault injection attacks on the shared power distribution network (PDN). To study the in-depth effects of such attacks, we characterize the voltage glitches of different attack patterns in a non-invasive manner, i.e., using electron magnetic measurement. We also mimic the real-world data transmissions using two crafted datasets with different statistical characteristics. The experimental results demonstrate the unique security vulnerabilities of the current AXI protocol in the context of a multi-tenant cloud-FPGA. Last, we discuss potential defense strategies against these vulnerabilities.","PeriodicalId":239314,"journal":{"name":"2022 International Conference on Field-Programmable Technology (ICFPT)","volume":"1 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2022-12-05","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":"{\"title\":\"A Cautionary Note on Building Multi-tenant Cloud-FPGA as a Secure Infrastructure\",\"authors\":\"Yukui Luo, Yuheng Zhang, Shijin Duan, Xiaolin Xu\",\"doi\":\"10.1109/ICFPT56656.2022.9974230\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"Security concerns have been raised for multi-tenant cloud-FPGA in many recent works. While these existing works focused on studying the security of diverse cloud-FPGA applications, such as Advanced Encryption Standard (AES), the vulnerabilities associated with the inherent FPGA components are so far under-explored. For the first time, we investigate the robustness of a commonly used communication protocol for data exchange, Advanced eXtensible Interface (AXI), against fault injection attacks in a multi-tenant cloud-FPGA environment. We build an experimental setup with a commodity FPGA development kit and launch fault injection attacks on the shared power distribution network (PDN). To study the in-depth effects of such attacks, we characterize the voltage glitches of different attack patterns in a non-invasive manner, i.e., using electron magnetic measurement. We also mimic the real-world data transmissions using two crafted datasets with different statistical characteristics. The experimental results demonstrate the unique security vulnerabilities of the current AXI protocol in the context of a multi-tenant cloud-FPGA. Last, we discuss potential defense strategies against these vulnerabilities.\",\"PeriodicalId\":239314,\"journal\":{\"name\":\"2022 International Conference on Field-Programmable Technology (ICFPT)\",\"volume\":\"1 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2022-12-05\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"0\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"2022 International Conference on Field-Programmable Technology (ICFPT)\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/ICFPT56656.2022.9974230\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"2022 International Conference on Field-Programmable Technology (ICFPT)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/ICFPT56656.2022.9974230","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
A Cautionary Note on Building Multi-tenant Cloud-FPGA as a Secure Infrastructure
Security concerns have been raised for multi-tenant cloud-FPGA in many recent works. While these existing works focused on studying the security of diverse cloud-FPGA applications, such as Advanced Encryption Standard (AES), the vulnerabilities associated with the inherent FPGA components are so far under-explored. For the first time, we investigate the robustness of a commonly used communication protocol for data exchange, Advanced eXtensible Interface (AXI), against fault injection attacks in a multi-tenant cloud-FPGA environment. We build an experimental setup with a commodity FPGA development kit and launch fault injection attacks on the shared power distribution network (PDN). To study the in-depth effects of such attacks, we characterize the voltage glitches of different attack patterns in a non-invasive manner, i.e., using electron magnetic measurement. We also mimic the real-world data transmissions using two crafted datasets with different statistical characteristics. The experimental results demonstrate the unique security vulnerabilities of the current AXI protocol in the context of a multi-tenant cloud-FPGA. Last, we discuss potential defense strategies against these vulnerabilities.
求助内容:
应助结果提醒方式:
京公网安备 11010802042870号
