Overview
FPGAs are increasingly being used in cloud and data server environments. Although current cloud FPGAs are typically used by a single user at a time, there is interest in allowing multiple users to simultaneously share a cloud FPGA. These multi-tenant scenarios can lead to a variety of threats involving data snooping, fault induction, and board reset.
Our work explores two main types of attacks on multi-tenant FPGAs. We show that inter-wire crosstalk can be used to extract information from an unsuspecting victim if an FPGA routing channel is shared. Our work shows that an Advanced Encryption Standard (AES) key can be extracted by monitoring activity on a single channel wire. Our second attack vector examines the use of power wasters to induce faults in neighboring FPGA circuits. Ring oscillators, shift register, and other circuits can be used to deliberately waste significant on-chip power, lowering the power supply voltage of a victim circuit. The reduced voltage can lead directly to circuit faults that expose encryption keys and other sensitive device information.
In our recent work, we develop effective approaches to identify voltage attacks and suppress them before they can cause board reset. This system has been applied to an Intel Stratix 10 device. We also show that a machine learning circuit (binarized neural network) can be attacked in a multi-tenant scenario. We use a time-to-digital converter (TDC) to extract input images as they are processed by the BNN circuitry. No physical or logical connections between the attacker and victim circuits exist.
