SHIELD: An Adaptive and Lightweight Defense against the Remote Power Side-Channel Attacks on Multi-tenant FPGAs
Authors:
Mahya Morid Ahmadi,
Faiq Khalid,
Radha Vaidya,
Florian Kriebel,
Andreas Steininger,
Muhammad Shafique
Abstract:
Dynamic partial reconfiguration enables multi-tenancy in cloud-based FPGAs, which presents security challenges for tenants, IPs, and data. Malicious users can exploit FPGAs for remote side-channel attacks (SCAs), and shared on-chip resources can be used for attacks. Logical separation can ensure design integrity, but on-chip resources can still be exploited. Conventional SCA mitigation can help, b…
▽ More
Dynamic partial reconfiguration enables multi-tenancy in cloud-based FPGAs, which presents security challenges for tenants, IPs, and data. Malicious users can exploit FPGAs for remote side-channel attacks (SCAs), and shared on-chip resources can be used for attacks. Logical separation can ensure design integrity, but on-chip resources can still be exploited. Conventional SCA mitigation can help, but it requires significant effort, and bitstream checking techniques are not highly accurate. An active on-chip defense mechanism is needed for tenant confidentiality. Toward this, we propose a lightweight shielding technique utilizing ring oscillators (ROs) to protect applications against remote power SCA. Unlike existing RO-based approaches, in our methodology, an offline pre-processing stage is proposed to carefully configure power monitors and an obfuscating circuit concerning the resource constraints of the board. Detection of power fluctuations due to application execution enables the obfuscating circuit to flatten the power consumption trace. To evaluate the effectiveness of the proposed SHIELD, we implemented it on a Xilinx Zynq-7000 FPGA board executing an RSA encryption algorithm. Due to the SHIELD, the number of traces required to extract the encryption key is increased by 166x, making an attack extremely hard at run-time. Note that the proposed SHIELD does not require any modification in the target application. Our methodology also shows up to 54% less power consumption and up to 26% less area overhead than the state-of-the-art random noise-addition-based defense.
△ Less
Submitted 11 March, 2023;
originally announced March 2023.
Architectural-Space Exploration of Heterogeneous Reliability and Checkpointing Modes for Out-of-Order Superscalar Processors
Authors:
Bharath Srinivas Prabakaran,
Mihika Dave,
Florian Kriebel,
Semeen Rehman,
Muhammad Shafique
Abstract:
Reliability has emerged as a key topic of interest for researchers around the world to detect and/or mitigate the side effects of decreasing transistor sizes, such as soft errors. Traditional solutions, like DMR and TMR, incur significant area and power overheads, which might not always be applicable due to power restrictions. Therefore, we investigate alternative heterogeneous reliability modes t…
▽ More
Reliability has emerged as a key topic of interest for researchers around the world to detect and/or mitigate the side effects of decreasing transistor sizes, such as soft errors. Traditional solutions, like DMR and TMR, incur significant area and power overheads, which might not always be applicable due to power restrictions. Therefore, we investigate alternative heterogeneous reliability modes that can be activated at run-time based on the system requirements, while reducing the power and area overheads of the processor. Our heterogeneous reliability modes are successful in reducing the processor vulnerability by 87% on average, with area and power overheads of 10% and 43%, respectively. To further enhance the design space of heterogeneous reliability, we investigate combinations of efficient compression techniques like Distributed Multi-threaded Checkpointing, Hash-based Incremental Checkpointing, and GNU zip, to reduce the storage requirements of data that are backed-up at an application checkpoint. We have successfully reduced checkpoint sizes by a factor ~6x by combining various state compression techniques. We use gem5 to implement and simulate the state compression techniques and the heterogeneous reliability modes discussed in this paper.
△ Less
Submitted 12 July, 2019; v1 submitted 19 November, 2018;
originally announced November 2018.
