| Title | Stealthy-Shutdown: Practical Remote Power Attacks in Multi - Tenant FPGAs |
| Publication Type | Conference Paper |
| Year of Publication | 2020 |
| Authors | Luo, Yukui, Gongye, Cheng, Ren, Shaolei, Fei, Yunsi, Xu, Xiaolin |
| Conference Name | 2020 IEEE 38th International Conference on Computer Design (ICCD) |
| Date Published | oct |
| Keywords | Acceleration, attack surface, denial-of-service, field programmable gate arrays, FPGA, Metrics, multi-tenant, power attack, Power demand, pubcrawl, Resiliency, Scalability, Sensors, side-channel, Task Analysis, Threshold voltage, Tools |
| Abstract | With the deployment of artificial intelligent (AI) algorithms in a large variety of applications, there creates an increasing need for high-performance computing capabilities. As a result, different hardware platforms have been utilized for acceleration purposes. Among these hardware-based accelerators, the field-programmable gate arrays (FPGAs) have gained a lot of attention due to their re-programmable characteristics, which provide customized control logic and computing operators. For example, FPGAs have recently been adopted for on-demand cloud services by the leading cloud providers like Amazon and Microsoft, providing acceleration for various compute-intensive tasks. While the co-residency of multiple tenants on a cloud FPGA chip increases the efficiency of resource utilization, it also creates unique attack surfaces that are under-explored. In this paper, we exploit the vulnerability associated with the shared power distribution network on cloud FPGAs. We present a stealthy power attack that can be remotely launched by a malicious tenant, shutting down the entire chip and resulting in denial-of-service for other co-located benign tenants. Specifically, we propose stealthy-shutdown: a well-timed power attack that can be implemented in two steps: (1) an attacker monitors the realtime FPGA power-consumption detected by ring-oscillator-based voltage sensors, and (2) when capturing high power-consuming moments, i.e., the power consumption by other tenants is above a certain threshold, she/he injects a well-timed power load to shut down the FPGA system. Note that in the proposed attack strategy, the power load injected by the attacker only accounts for a small portion of the overall power consumption; therefore, such attack strategy remains stealthy to the cloud FPGA operator. We successfully implement and validate the proposed attack on three FPGA evaluation kits with running real-world applications. The proposed attack results in a stealthy-shutdown, demonstrating severe security concerns of co-tenancy on cloud FPGAs. We also offer two countermeasures that can mitigate such power attacks. |
| DOI | 10.1109/ICCD50377.2020.00097 |
| Citation Key | luo_stealthy-shutdown_2020 |
Stealthy-Shutdown: Practical Remote Power Attacks in Multi - Tenant FPGAs