2 research outputs found
Trusted IP solution in multi-tenant cloud FPGA platform
Because FPGAs outperform traditional processing cores like CPUs and GPUs in
terms of performance per watt and flexibility, they are being used more and
more in cloud and data center applications. There are growing worries about the
security risks posed by multi-tenant sharing as the demand for hardware
acceleration increases and gradually gives way to FPGA multi-tenancy in the
cloud. The confidentiality, integrity, and availability of FPGA-accelerated
applications may be compromised if space-shared FPGAs are made available to
many cloud tenants. We propose a root of trust-based trusted execution
mechanism called \textbf{TrustToken} to prevent harmful software-level
attackers from getting unauthorized access and jeopardizing security. With safe
key creation and truly random sources, \textbf{TrustToken} creates a security
block that serves as the foundation of trust-based IP security. By offering
crucial security characteristics, such as secure, isolated execution and
trusted user interaction, \textbf{TrustToken} only permits trustworthy
connection between the non-trusted third-party IP and the rest of the SoC
environment. The suggested approach does this by connecting the third-party IP
interface to the \textbf{TrustToken} Controller and running run-time checks on
the correctness of the IP authorization(Token) signals. With an emphasis on
software-based assaults targeting unauthorized access and information leakage,
we offer a noble hardware/software architecture for trusted execution in
FPGA-accelerated clouds and data centers
Multi-Tenant Cloud FPGA: A Survey on Security
With the exponentially increasing demand for performance and scalability in
cloud applications and systems, data center architectures evolved to integrate
heterogeneous computing fabrics that leverage CPUs, GPUs, and FPGAs. FPGAs
differ from traditional processing platforms such as CPUs and GPUs in that they
are reconfigurable at run-time, providing increased and customized performance,
flexibility, and acceleration. FPGAs can perform large-scale search
optimization, acceleration, and signal processing tasks compared with power,
latency, and processing speed. Many public cloud provider giants, including
Amazon, Huawei, Microsoft, Alibaba, etc., have already started integrating
FPGA-based cloud acceleration services. While FPGAs in cloud applications
enable customized acceleration with low power consumption, it also incurs new
security challenges that still need to be reviewed. Allowing cloud users to
reconfigure the hardware design after deployment could open the backdoors for
malicious attackers, potentially putting the cloud platform at risk.
Considering security risks, public cloud providers still don't offer
multi-tenant FPGA services. This paper analyzes the security concerns of
multi-tenant cloud FPGAs, gives a thorough description of the security problems
associated with them, and discusses upcoming future challenges in this field of
study