The FOS (FPGA Operating System) Demo

Vaishnav, Anuj; Pham, Khoa Dang; Manev, Kristiyan; Koch, Dirk

doi:10.1109/fpl.2019.00081

Cited by 4 publications

(5 citation statements)

References 1 publication

Supporting

Mentioning

Contrasting

Order By: Relevance

“…These units are also available in CPU-FPGA hybrids such as Xilinx Zynq UltraScale+ devices or Intel Stratix-10 SX SoC devices; and these chips include dedicated IOMMUs to protect the memory subsystem from malicious accesses initiated from the FPGA side (e.g., by an accelerator module). Alternatively, MMU functionality can be implemented in the FPGA's soft FPGADefender 111:19 logic (commonly as part of a shell [66]). In this paper, we are, in particular, focusing on FPGA vulnerabilities at the electrical level because protecting a system at the system level is very well studied and, therefore, not further covered here.…”

Section: Softwarementioning

confidence: 99%

“…If the clock source cannot be considered to be stable (e.g., a combinatorial LUT output), the bitstream is rejected. In our systems [17,66], we block configuration access to global clock resources for any partially reconfigurable module by using BitMan [50] for preventing this kind of attack and FPGADefender will detect if partially reconfigurable modules try driving global clock resources.…”

Section: Self-clocking Oscillatorsmentioning

confidence: 99%

“…With the present trend of FPGAs being offered in cloud data centers [24,25,53,68] and also more and more hardware designs being provided as bitstreams (e.g., [10,66]), there is a strong need to investigate FPGA hardware security. While traditionally, the FPGA hardware, as well as the design running on the FPGA, was entirely designed and integrated by one party, we are now increasingly heading towards ecosystems with more complex supply chains.…”

Section: Introductionmentioning

confidence: 99%

See 2 more Smart Citations

FPGAD efender

Matas

Grunchevski

et al. 2020

ACM Trans. Reconfigurable Technol. Syst.

Self Cite

View full text Add to dashboard Cite

Sharing configuration bitstreams rather than netlists is a very desirable feature to protect IP or to share IP without longer CAD tool processing times. Furthermore, an increasing number of systems could hugely benefit from serving multiple users on the same FPGA, for example, for resource pooling in cloud infrastructures. This article researches the threat that a malicious application can impose on an FPGA-based system in a multi-tenancy scenario from a hardware security point of view. In particular, this article evaluates the risk systematically for FPGA power-hammering through short-circuits and self-oscillating circuits, which potentially may cause harm to a system. This risk includes implementing, tuning, and evaluating all FPGA self-oscillators known from the literature but also developing a large number of new power-hammering designs that have not been considered before. Our experiments demonstrate that malicious circuits can be tuned to the point that just 3% of the logic available on an Ultra96 FPGA board can draw the power budget of the entire FPGA board. This fact suggests a waste power potential for datacenter FPGAs in the range of kilowatts. In addition to carefully analyzing FPGA hardware security threats, we present the FPGA virus scanner FPGAD efender , which can detect (possibly) any self-oscillating FPGA circuit, as well as detecting short-circuits, high fanout nets, and a tapping onto signals outside the scope of a module for protecting data center FPGAs, such as Xilinx UltraScale+ devices at the bitstream level.

show abstract

Section: Softwarementioning

confidence: 99%

Section: Self-clocking Oscillatorsmentioning

confidence: 99%

Section: Introductionmentioning

confidence: 99%

See 1 more Smart Citation

FPGAD efender

Matas

Grunchevski

et al. 2020

ACM Trans. Reconfigurable Technol. Syst.

Self Cite

View full text Add to dashboard Cite

show abstract

“…The rise of FPGA cloud computing can be observed in recent years when major cloud vendors such as Amazon [1], Microsoft, Huawei, and Alibaba offer FPGA resources in their infrastructures. Meanwhile, multi-tenancy support for FPGA infrastructure in which more than one user can share the same FPGA resource is desirable and hence attracting active research works in both academic [2] and industry [3].…”

Section: Introductionmentioning

confidence: 99%

Power-hammering through Glitch Amplification – Attacks and Mitigation

Matas

Pham

et al. 2020

2020 IEEE 28th Annual International Symposium on Field-Programmable Custom Computing Machines (FCCM)

Self Cite

View full text Add to dashboard Cite

Recent work on FPGA hardware security showed a huge potential risk through powerhammering which uses high switching activity in order to create excessive dynamic power loads. Virtually all present powerhammering attack scenarios are based on some kind of ring oscillators for which mitigation strategies exist. In this paper, we use a different strategy to create excessive dynamic power consumption: glitch amplification. By carefully designing XOR trees, fast switching wires can be implemented that together with driving high fanout nets can draw enough power to crash an FPGA. In addition to the attack (which is crashing an Ultra96 board), we will present a scanner for detecting malicious glitch amplifying FPGA designs.

show abstract

“…All the research artifacts proposed in this paper were presented at the FPL 2019 Demo Night [36] and are available online under an open-source license 1 . The key contributions of this paper are:…”

Section: Introductionmentioning

confidence: 99%

Fos

Vaishnav

Pham

Powell

et al. 2020

ACM Trans. Reconfigurable Technol. Syst.

Self Cite

View full text Add to dashboard Cite

With FPGAs now being deployed in the cloud and at the edge, there is a need for scalable design methods that can incorporate the heterogeneity present in the hardware and software components of FPGA systems. Moreover, these FPGA systems need to be maintainable and adaptable to changing workloads while improving accessibility for the application developers. However, current FPGA systems fail to achieve modularity and support for multi-tenancy due to dependencies between system components and the lack of standardised abstraction layers. To solve this, we introduce a modular FPGA operating system – FOS, which adopts a modular FPGA development flow to allow each system component to be changed and be agnostic to the heterogeneity of EDA tool versions, hardware and software layers. Further, to dynamically maximise the utilisation transparently from the users, FOS employs resource-elastic scheduling to arbitrate the FPGA resources in both time and spatial domain for any type of accelerators. Our evaluation on different FPGA boards shows that FOS can provide performance improvements in both single-tenant and multi-tenant environments while substantially reducing the development time and, at the same time, improving flexibility.

show abstract

The FOS (FPGA Operating System) Demo

Cited by 4 publications

References 1 publication

FPGAD efender

FPGAD efender

Power-hammering through Glitch Amplification – Attacks and Mitigation

Fos

Contact Info

Product

Resources

About