SaTC: CORE: Medium: Collaborative: Security of Reconfigurable Cloud Computing

SaTC：核心：媒介：协作：可重构云计算的安全性

• 批准号: 1902532
• 负责人: Russell Tessier
• 金额: $ 69.08万
• 依托单位: University of Massachusetts Amherst
• 依托单位国家: 美国
• 项目类别: Standard Grant
• 财政年份: 2019
• 资助国家: 美国
• 起止时间: 2019-07-01 至 2024-06-30
• 项目状态: 已结题
• 来源: https://www.nsf.gov/awardsearch/showAward?AWD_ID=1902532&HistoricalAwards=false
• 关键词: SaTC; CORE; Medium; Collaborative; Security

Large-scale computer systems that can perform challenging computations can now be leased by the general public for seconds, minutes, or hours at a time. Although these systems typically use microprocessors for most computation, recently, special reconfigurable computer chips called field-programmable gate arrays (FPGAs) have been integrated into these publicly-available systems. Although these chips are more powerful than microprocessors, they have security weaknesses that could put users' data at risk and expose their personal information. This project explores how to secure FPGAs in distributed large-scale computer servers, also known as cloud computing, to prevent information theft and incorrect calculations.As FPGAs grow in size and complexity, cloud FPGA deployments aim to leverage economies of scale to share FPGAs among different, untrusting cloud users who wish to accelerate their machine learning, data search, or other applications with FPGAs. Numerous independent applications may share the same FPGA over time, reside in FPGAs that are in close physical proximity to each other, or even simultaneously reside in a single FPGA. Such uses of multi-tenant FPGAs open the door to numerous potential attack vectors on unsuspecting circuits implemented in the shared FPGAs. This project examines the security vulnerabilities that arise from adding FPGAs into data center environments where such FPGA sharing is possible on a large scale. The initial part of this project quantifies the risks associated with malicious FPGA application behavior, including clandestine data snooping, data leaking, and deliberate attempts by users to degrade or even damage the FPGA infrastructure. To address these vulnerabilities, an active monitoring system continuously checks the FPGAs, detects attacks, and aims to limit malicious behavior at run-time. In parallel, a rules-based resource manager controls resource usage and FPGA allocation in an effort to mitigate FPGA-based attacks. Compile-time rule checks are also implemented. The layered approach enables truly secure multi-tenant FPGAs, allowing sensitive data to be processed securely and cost efficiently with cloud FPGAs. Two specific programs to broaden the impact are: 1)new courses on data center and FPGA security, focused on scalable real-world systems, and 2) a student-run research workshop to allow students to share research ideas and their work. These activities teach undergraduate and graduate students how to leverage cloud FPGA resources for a variety of hardware and software experiments.This award reflects NSF's statutory mission and has been deemed worthy of support through evaluation using the Foundation's intellectual merit and broader impacts review criteria.

能够执行具有挑战性的计算的大型计算机系统现在可以被公众一次租用几秒钟、几分钟或几小时。虽然这些系统通常使用微处理器进行大部分计算，但最近，称为现场可编程门阵列（FPGA）的特殊可重新配置计算机芯片已集成到这些公开可用的系统中。虽然这些芯片比微处理器更强大，但它们存在安全漏洞，可能会使用户的数据处于危险之中，并暴露他们的个人信息。该项目探讨如何在分布式大规模计算机服务器（也称为云计算）中保护FPGA，以防止信息窃取和错误计算。随着FPGA规模和复杂性的增长，云FPGA部署旨在利用规模经济，在不同的、不信任的云用户之间共享FPGA，这些用户希望通过FPGA加速机器学习、数据搜索或其他应用。随着时间的推移，许多独立的应用程序可能共享同一个FPGA，驻留在物理上彼此接近的FPGA中，甚至同时驻留在单个FPGA中。多租户FPGA的这种使用为共享FPGA中实现的不知情电路上的许多潜在攻击载体打开了大门。该项目研究了将FPGA添加到数据中心环境中所产生的安全漏洞，在数据中心环境中可以大规模共享FPGA。该项目的初始部分量化了与恶意FPGA应用程序行为相关的风险，包括秘密数据窥探、数据泄漏以及用户故意降低甚至损坏FPGA基础设施的尝试。为了解决这些漏洞，主动监控系统不断检查FPGA，检测攻击，并旨在限制运行时的恶意行为。同时，基于规则的资源管理器控制资源使用和FPGA分配，以减轻基于FPGA的攻击。还实现了实时规则检查。分层方法实现了真正安全的多租户FPGA，允许使用云FPGA安全且经济高效地处理敏感数据。扩大影响的两个具体计划是：1）关于数据中心和FPGA安全的新课程，重点是可扩展的现实世界系统，以及2）学生运行的研究研讨会，让学生分享研究想法和他们的工作。 这些活动教导本科生和研究生如何利用云FPGA资源进行各种硬件和软件实验。该奖项反映了NSF的法定使命，并且通过使用基金会的知识价值和更广泛的影响力审查标准进行评估，被认为值得支持。

项目成果

Remote Power Side-Channel Attacks on BNN Accelerators in FPGAs

对 FPGA 中 BNN 加速器的远程电源侧通道攻击

• 发表时间: 2021
• 期刊: IEEE/ACM Design Automation and Test in Europe Conference
• 作者: Shayan Moini, Shanquan Tian

Understanding and Comparing the Capabilities of On-Chip Voltage Sensors against Remote Power Attacks on FPGAs

• DOI: 10.1109/mwscas48704.2020.9184683
• 发表时间: 2020-08
• 期刊: 2020 IEEE 63rd International Midwest Symposium on Circuits and Systems (MWSCAS)
• 作者: Shayan Moini;Xiang Li;Peter Stanwicks;George Provelengios;W. Burleson;R. Tessier;Daniel E. Holcomb

Mitigating Voltage Attacks in Multi-Tenant FPGAs

减轻多租户 FPGA 中的电压攻击

• DOI: 10.1145/3451236
• 发表时间: 2021
• 期刊: ACM Transactions on Reconfigurable Technology and Systems
• 影响因子: 2.3
• 作者: Provelengios, George;Holcomb, Daniel;Tessier, Russell
• 通讯作者: Tessier, Russell

Remote Power Attacks on the Versatile Tensor Accelerator in Multi-Tenant FPGAs

• DOI: 10.1109/fccm51124.2021.00037
• 发表时间: 2021-05
• 期刊: 2021 IEEE 29th Annual International Symposium on Field-Programmable Custom Computing Machines (FCCM)
• 作者: Shanquan Tian;Shayan Moini;Adam Wolnikowski;Daniel E. Holcomb;R. Tessier;Jakub Szefer

A Practical Remote Power Attack on Machine Learning Accelerators in Cloud FPGAs

对云 FPGA 中机器学习加速器的实用远程攻击

• DOI: 10.23919/date56975.2023.10136956
• 发表时间: 2023
• 期刊: Automation & Test in Europe Conference & Exhibition (DATE
• 作者: Tian, Shanquan;Moini, Shayan;Holcomb, Daniel;Tessier, Russell;Szefer, Jakub
• 通讯作者: Szefer, Jakub