Latest ARM processors are approaching the computational power of x86
architectures while consuming much less energy. Consequently, supply follows
demand with Amazon EC2, Equinix Metal and Microsoft Azure offering ARM-based
instances, while Oracle Cloud Infrastructure is about to add such support. We
expect this trend to continue, with an increasing number of cloud providers
offering ARM-based cloud instances.
ARM processors are more energy-efficient leading to substantial electricity
savings for cloud providers. However, a malicious cloud provider could
intentionally reduce the CPU voltage to further lower its costs. Running
applications malfunction when the undervolting goes below critical thresholds.
By avoiding critical voltage regions, a cloud provider can run undervolted
instances in a stealthy manner.
This practical experience report describes a novel attack scenario: an attack
launched by the cloud provider against its users to aggressively reduce the
processor voltage for saving energy to the last penny. We call it the Scrooge
Attack and show how it could be executed using ARM-based computing instances.
We mimic ARM-based cloud instances by deploying our own ARM-based devices using
different generations of Raspberry Pi. Using realistic and synthetic workloads,
we demonstrate to which degree of aggressiveness the attack is relevant. The
attack is unnoticeable by our detection method up to an offset of -50mV. We
show that the attack may even remain completely stealthy for certain workloads.
Finally, we propose a set of client-based detection methods that can identify
undervolted instances. We support experimental reproducibility and provide
instructions to reproduce our results.Comment: European Commission Project: LEGaTO - Low Energy Toolset for
Heterogeneous Computing (EC-H2020-780681