Trusted IP solution in multi-tenant cloud FPGA platform

Because FPGAs outperform traditional processing cores like CPUs and GPUs in terms of performance per watt and flexibility, they are being used more and more in cloud and data center applications. There are growing worries about the security risks posed by multi-tenant sharing as the demand for hardware acceleration increases and gradually gives way to FPGA multi-tenancy in the cloud. The confidentiality, integrity, and availability of FPGA-accelerated applications may be compromised if space-shared FPGAs are made available to many cloud tenants. We propose a root of trust-based trusted execution mechanism called \textbf{TrustToken} to prevent harmful software-level attackers from getting unauthorized access and jeopardizing security. With safe key creation and truly random sources, \textbf{TrustToken} creates a security block that serves as the foundation of trust-based IP security. By offering crucial security characteristics, such as secure, isolated execution and trusted user interaction, \textbf{TrustToken} only permits trustworthy connection between the non-trusted third-party IP and the rest of the SoC environment. The suggested approach does this by connecting the third-party IP interface to the \textbf{TrustToken} Controller and running run-time checks on the correctness of the IP authorization(Token) signals. With an emphasis on software-based assaults targeting unauthorized access and information leakage, we offer a noble hardware/software architecture for trusted execution in FPGA-accelerated clouds and data centers

Multi-Tenant Cloud FPGA: A Survey on Security

With the exponentially increasing demand for performance and scalability in cloud applications and systems, data center architectures evolved to integrate heterogeneous computing fabrics that leverage CPUs, GPUs, and FPGAs. FPGAs differ from traditional processing platforms such as CPUs and GPUs in that they are reconfigurable at run-time, providing increased and customized performance, flexibility, and acceleration. FPGAs can perform large-scale search optimization, acceleration, and signal processing tasks compared with power, latency, and processing speed. Many public cloud provider giants, including Amazon, Huawei, Microsoft, Alibaba, etc., have already started integrating FPGA-based cloud acceleration services. While FPGAs in cloud applications enable customized acceleration with low power consumption, it also incurs new security challenges that still need to be reviewed. Allowing cloud users to reconfigure the hardware design after deployment could open the backdoors for malicious attackers, potentially putting the cloud platform at risk. Considering security risks, public cloud providers still don't offer multi-tenant FPGA services. This paper analyzes the security concerns of multi-tenant cloud FPGAs, gives a thorough description of the security problems associated with them, and discusses upcoming future challenges in this field of study

Defragmenting the Module Layout of a Partially Reconfigurable Device

Modern generations of field-programmable gate arrays (FPGAs) allow for partial reconfiguration. In an online context, where the sequence of modules to be loaded on the FPGA is unknown beforehand, repeated insertion and deletion of modules leads to progressive fragmentation of the available space, making defragmentation an important issue. We address this problem by propose an online and an offline component for the defragmentation of the available space. We consider defragmenting the module layout on a reconfigurable device. This corresponds to solving a two-dimensional strip packing problem. Problems of this type are NP-hard in the strong sense, and previous algorithmic results are rather limited. Based on a graph-theoretic characterization of feasible packings, we develop a method that can solve two-dimensional defragmentation instances of practical size to optimality. Our approach is validated for a set of benchmark instances.Comment: 10 pages, 11 figures, 1 table, Latex, to appear in "Engineering of Reconfigurable Systems and Algorithms" as a "Distinguished Paper

Strategy for the development of a smart NDVI camera system for outdoor plant detection and agricultural embedded systems

The application of (smart) cameras for process control, mapping, and advanced imaging in agriculture has become an element of precision farming that facilitates the conservation of fertilizer, pesticides, and machine time. This technique additionally reduces the amount of energy required in terms of fuel. Although research activities have increased in this field, high camera prices reflect low adaptation to applications in all fields of agriculture. Smart, low-cost cameras adapted for agricultural applications can overcome this drawback. The normalized difference vegetation index (NDVI) for each image pixel is an applicable algorithm to discriminate plant information from the soil background enabled by a large difference in the reflectance between the near infrared (NIR) and the red channel optical frequency band. Two aligned charge coupled device (CCD) chips for the red and NIR channel are typically used, but they are expensive because of the precise optical alignment required. Therefore, much attention has been given to the development of alternative camera designs. In this study, the advantage of a smart one-chip camera design with NDVI image performance is demonstrated in terms of low cost and simplified design. The required assembly and pixel modifications are described, and new algorithms for establishing an enhanced NDVI image quality for data processing are discussed