59 research outputs found
Trusted IP solution in multi-tenant cloud FPGA platform
Because FPGAs outperform traditional processing cores like CPUs and GPUs in
terms of performance per watt and flexibility, they are being used more and
more in cloud and data center applications. There are growing worries about the
security risks posed by multi-tenant sharing as the demand for hardware
acceleration increases and gradually gives way to FPGA multi-tenancy in the
cloud. The confidentiality, integrity, and availability of FPGA-accelerated
applications may be compromised if space-shared FPGAs are made available to
many cloud tenants. We propose a root of trust-based trusted execution
mechanism called \textbf{TrustToken} to prevent harmful software-level
attackers from getting unauthorized access and jeopardizing security. With safe
key creation and truly random sources, \textbf{TrustToken} creates a security
block that serves as the foundation of trust-based IP security. By offering
crucial security characteristics, such as secure, isolated execution and
trusted user interaction, \textbf{TrustToken} only permits trustworthy
connection between the non-trusted third-party IP and the rest of the SoC
environment. The suggested approach does this by connecting the third-party IP
interface to the \textbf{TrustToken} Controller and running run-time checks on
the correctness of the IP authorization(Token) signals. With an emphasis on
software-based assaults targeting unauthorized access and information leakage,
we offer a noble hardware/software architecture for trusted execution in
FPGA-accelerated clouds and data centers
Multi-Tenant Cloud FPGA: A Survey on Security
With the exponentially increasing demand for performance and scalability in
cloud applications and systems, data center architectures evolved to integrate
heterogeneous computing fabrics that leverage CPUs, GPUs, and FPGAs. FPGAs
differ from traditional processing platforms such as CPUs and GPUs in that they
are reconfigurable at run-time, providing increased and customized performance,
flexibility, and acceleration. FPGAs can perform large-scale search
optimization, acceleration, and signal processing tasks compared with power,
latency, and processing speed. Many public cloud provider giants, including
Amazon, Huawei, Microsoft, Alibaba, etc., have already started integrating
FPGA-based cloud acceleration services. While FPGAs in cloud applications
enable customized acceleration with low power consumption, it also incurs new
security challenges that still need to be reviewed. Allowing cloud users to
reconfigure the hardware design after deployment could open the backdoors for
malicious attackers, potentially putting the cloud platform at risk.
Considering security risks, public cloud providers still don't offer
multi-tenant FPGA services. This paper analyzes the security concerns of
multi-tenant cloud FPGAs, gives a thorough description of the security problems
associated with them, and discusses upcoming future challenges in this field of
study
Defragmenting the Module Layout of a Partially Reconfigurable Device
Modern generations of field-programmable gate arrays (FPGAs) allow for
partial reconfiguration. In an online context, where the sequence of modules to
be loaded on the FPGA is unknown beforehand, repeated insertion and deletion of
modules leads to progressive fragmentation of the available space, making
defragmentation an important issue. We address this problem by propose an
online and an offline component for the defragmentation of the available space.
We consider defragmenting the module layout on a reconfigurable device. This
corresponds to solving a two-dimensional strip packing problem. Problems of
this type are NP-hard in the strong sense, and previous algorithmic results are
rather limited. Based on a graph-theoretic characterization of feasible
packings, we develop a method that can solve two-dimensional defragmentation
instances of practical size to optimality. Our approach is validated for a set
of benchmark instances.Comment: 10 pages, 11 figures, 1 table, Latex, to appear in "Engineering of
Reconfigurable Systems and Algorithms" as a "Distinguished Paper
Strategy for the development of a smart NDVI camera system for outdoor plant detection and agricultural embedded systems
The application of (smart) cameras for process control, mapping, and advanced imaging in agriculture has become an element of precision farming that facilitates the conservation of fertilizer, pesticides, and machine time. This technique additionally reduces the amount of energy required in terms of fuel. Although research activities have increased in this field, high camera prices reflect low adaptation to applications in all fields of agriculture. Smart, low-cost cameras adapted for agricultural applications can overcome this drawback. The normalized difference vegetation index (NDVI) for each image pixel is an applicable algorithm to discriminate plant information from the soil background enabled by a large difference in the reflectance between the near infrared (NIR) and the red channel optical frequency band. Two aligned charge coupled device (CCD) chips for the red and NIR channel are typically used, but they are expensive because of the precise optical alignment required. Therefore, much attention has been given to the development of alternative camera designs. In this study, the advantage of a smart one-chip camera design with NDVI image performance is demonstrated in terms of low cost and simplified design. The required assembly and pixel modifications are described, and new algorithms for establishing an enhanced NDVI image quality for data processing are discussed
- …