Visible to the public Trusted Configuration in Cloud FPGAs

TitleTrusted Configuration in Cloud FPGAs
Publication TypeConference Paper
Year of Publication2021
AuthorsZeitouni, Shaza, Vliegen, Jo, Frassetto, Tommaso, Koch, Dirk, Sadeghi, Ahmad-Reza, Mentens, Nele
Conference Name2021 IEEE 29th Annual International Symposium on Field-Programmable Custom Computing Machines (FCCM)
KeywordsBitstream Protection, cloud computing, Cloud FPGA Security, composability, cryptography, Hardware, intellectual property, ip protection, Loading, policy-based governance, Protocols, pubcrawl, resilience, Resiliency, Rogue Circuits Detection, Tools
AbstractIn this paper we tackle the open paradoxical challenge of FPGA-accelerated cloud computing: On one hand, clients aim to secure their Intellectual Property (IP) by encrypting their configuration bitstreams prior to uploading them to the cloud. On the other hand, cloud service providers disallow the use of encrypted bitstreams to mitigate rogue configurations from damaging or disabling the FPGA. Instead, cloud providers require a verifiable check on the hardware design that is intended to run on a cloud FPGA at the netlist-level before generating the bitstream and loading it onto the FPGA, therefore, contradicting the IP protection requirement of clients. Currently, there exist no practical solution that can adequately address this challenge.We present the first practical solution that, under reasonable trust assumptions, satisfies the IP protection requirement of the client and provides a bitstream sanity check to the cloud provider. Our proof-of-concept implementation uses existing tools and commodity hardware. It is based on a trusted FPGA shell that utilizes less than 1% of the FPGA resources on a Xilinx VCU118 evaluation board, and an Intel SGX machine running the design checks on the client bitstream.
DOI10.1109/FCCM51124.2021.00036
Citation Keyzeitouni_trusted_2021