short-paper

Public Access

Fingerprinting Cloud FPGA Infrastructures

Authors:

Ilias Giechaskiel,

Kasper Rasmussen,

Jakub SzeferAuthors Info & Claims

FPGA '20: Proceedings of the 2020 ACM/SIGDA International Symposium on Field-Programmable Gate Arrays

Pages 58 - 64

https://doi.org/10.1145/3373087.3375322

Published: 24 February 2020 Publication History

Abstract

In recent years, multiple public cloud FPGA providers have emerged, increasing interest in FPGA acceleration of cryptographic, bioinformatic, financial, and machine learning algorithms. To help understand the security of the cloud FPGA infrastructures, this paper focuses on a fundamental question of understanding what an adversary can learn about the cloud FPGA infrastructure itself, without attacking it or damaging it. In particular, this work explores how unique features of FPGAs can be exploited to instantiate Physical Unclonable Functions (PUFs) that can distinguish between otherwise-identical FPGA boards. This paper specifically introduces the first method for identifying cloud FPGA instances by extracting a unique and stable FPGA fingerprint based on PUFs measured from the FPGA boards' DRAM modules. Experiments conducted on the Amazon Web Services (AWS) cloud reveal the probability of renting the same physical board more than once. Moreover, the experimental results show that hardware is not shared among f1.2xlarge, f1.4xlarge, and f1.16xlarge instance types. As the approach used does not violate any restrictions currently placed by Amazon, this paper also presents a set of defense mechanisms that can be added to existing countermeasures to mitigate users' attempts to fingerprint cloud FPGA infrastructures.

References

[1]

Alibaba Cloud. 2019. Elastic Compute Service: Instance Type Families. https://www.alibabacloud.com/help/doc-detail/25378.htm . Accessed: 2019-09--14.

[2]

Amazon Web Services. 2016. Developer Preview -- EC2 Instances (F1) with Programmable Hardware. https://aws.amazon.com/blogs/aws/developer-preview-ec2-instances-f1-with-programmable-hardware/. Accessed: 2019-09--14.

[3]

Amazon Web Services. 2018a. Amazon EC2 F1 Instances Adds New Features and Performance Improvements. https://aws.amazon.com/about-aws/whats-new/2018/07/amazon-ec2-f1-instances-adds-new-features-and-performance-improvements/. Accessed: 2019-09--14.

[4]

Amazon Web Services. 2018b. AWS Shell Interface Specification. https://github.com/aws/aws-fpga/blob/master/hdk/docs/AWS_Shell_Interface_Specification.md . Accessed: 2019-09--14.

[5]

Amazon Web Services. 2019 a. Amazon EC2 F1 Instance Partners. https://aws.amazon.com/ec2/instance-types/f1/partners/. Accessed: 2019-09--14.

[6]

Amazon Web Services. 2019 b. Amazon EC2 Spot Instances Pricing. https://aws.amazon.com/ec2/spot/pricing/. Accessed: 2019-09--14.

[7]

Amazon Web Services. 2019 c. Amazon Elastic Graphics. https://aws.amazon.com/ec2/elastic-graphics/. Accessed: 2019-09--14.

[8]

Amazon Web Services. 2019 d. Amazon Machine Images (AMI). https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/AMIs.html . Accessed: 2019-09--14.

[9]

Amazon Web Services. 2019 e. AWS EC2 FPGA HDK

[10]

SDK Errata. https://github.com/aws/aws-fpga/blob/master/ERRATA.md . Accessed: 2019-09--14.

[11]

Amazon Web Services. 2019 f. AWS EC2 Spot Instances. https://aws.amazon.com/ec2/spot/. Accessed: 2019-09--14.

[12]

Amazon Web Services. 2019 g. Official Repository of the AWS EC2 FPGA Hardware and Software Development Kit. https://github.com/aws/aws-fpga . Accessed: 2019-09--14.

[13]

Baidu Cloud. 2019. FPGA Cloud Compute. https://cloud.baidu.com/product/fpga.html . Accessed: 2019-09--14.

[14]

Lucian Cojocar, Kaveh Razavi, Cristiano Giuffrida, and Herbert Bos. 2019. Exploiting Correcting Codes: On the Effectiveness of ECC Memory Against Rowhammer Attacks. In IEEE Symposium on Security and Privacy (S&P) .

[15]

Muhammad E. S. Elrabaa, Mohamed A. Al-Asli, and Marwan H. Abu-Amara. 2019. A Protection and Pay-per-use Licensing Scheme for On-cloud FPGA Circuit IPs. ACM Transactions on Reconfigurable Technology and Systems (TRETS), Vol. 12, 3 (Aug. 2019), 13:1--13:19.

[16]

Xing Gao, Zhang Xu, Haining Wang, Li Li, and Xiaorui Wang. 2018. Reduced Cooling Redundancy: A New Security Vulnerability in a Hot Data Center. In Network and Distributed Systems Security Symposium (NDSS) .

[17]

Ilias Giechaskiel, Kasper B. Rasmussen, and Jakub Szefer. 2019 a. Measuring Long Wire Leakage with Ring Oscillators in Cloud FPGAs. In International Conference on Field Programmable Logic and Applications (FPL) .

[18]

Ilias Giechaskiel, Kasper B. Rasmussen, and Jakub Szefer. 2019 b. Reading Between the Dies: Cross-SLR Covert Channels on Multi-Tenant Cloud FPGAs. In IEEE International Conference on Computer Design (ICCD) .

[19]

Jorge Guajardo, Sandeep S. Kumar, Geert-Jan Schrijen, and Pim Tuyls. 2008. Brand and IP Protection with Physical Unclonable Functions. In IEEE International Symposium on Circuits and Systems (ISCAS) .

[20]

Mohammad A. Islam and Shaolei Ren. 2018. Ohm's Law in Data Centers: A Voltage Side Channel for Timing Power Attacks. In ACM Conference on Computer and Communications Security (CCS) .

[21]

Mohammad A. Islam, Shaolei Ren, and Adam Wierman. 2017. Exploiting a Thermal Side Channel for Power Attacks in Multi-Tenant Data Centers. In ACM Conference on Computer and Communications Security (CCS) .

Digital Library

[22]

Paul Jaccard. 1901. Étude Comparative de la Distribution Florale dans une Portion des Alpes et du Jura. Bulletin del la Société Vaudoise des Sciences Naturelles, Vol. 37 (1901), 547--579.

[23]

Jeremie S. Kim, Minesh Patel, Hasan Hassan, and Onur Mutlu. 2018. The DRAM Latency PUF: Quickly Evaluating Physical Unclonable Functions by Exploiting the Latency-Reliability Tradeoff in Modern Commodity DRAM Devices. In IEEE International Symposium on High Performance Computer Architecture (HPCA) .

[24]

Jonas Krautter, Dennis R. E. Gnad, and Mehdi B. Tahoori. 2019. Mitigating Electrical-level Attacks Towards Secure Multi-Tenant FPGAs in the Cloud. ACM Transactions on Reconfigurable Technology and Systems (TRETS), Vol. 12, 3 (Aug. 2019), 12:1--12:26.

[25]

Joshua Lant, Andrew Attwood, Javier Navaridas, Mikel Lujan, and John Goodacre. 2019. Receive-Side Notification for Enhanced RDMA in FPGA Based Networks. In International Conference on Architecture of Computing Systems (ARCS) .

[26]

Microsoft Research. 2017. Microsoft Unveils Project Brainwave for Real-time AI . https://www.microsoft.com/en-us/research/blog/microsoft-unveils-project-brainwave/. Accessed: 2019-09--14.

[27]

Nimbix, Inc. 2019. Xilinx Alveo Accelerator Cards. https://www.nimbix.net/alveo/. Accessed: 2019-09--14.

[28]

Amir Rahmati, Matthew Hicks, Daniel E. Holcomb, and Kevin Fu. 2015. Probable Cause: The Deanonymizing Effects of Approximate DRAM. In Annual International Symposium on Computer Architecture (ISCA) .

Digital Library

[29]

Sami Rosenblatt, Srivatsan Chellappa, Albert Cestero, Norman Robson, Toshiaki Kirihata, and Srikanth S. Iyer. 2013a. A Self-Authenticating Chip Architecture Using an Intrinsic Fingerprint of Embedded DRAM . IEEE Journal of Solid-State Circuits (JSSC), Vol. 48, 11 (Nov. 2013), 2934--2943.

[30]

Sami Rosenblatt, Daniel Fainstein, Albert Cestero, John Safran, Norman Robson, Toshiaki Kirihata, and Srikanth S. Iyer. 2013b. Field Tolerant Dynamic Intrinsic Chip ID Using 32 nm High-K/Metal Gate SOI Embedded DRAM . IEEE Journal of Solid-State Circuits (JSSC), Vol. 48, 4 (April 2013), 940--947.

[31]

André Schaller, Wenjie Xiong, Nikolaos A. Anagnostopoulos, Muhammad U. Saleem, Sebastian Gabmeyer, Stefan Katzenbeisser, and Jakub Szefer. 2017. Intrinsic Rowhammer PUFs: Leveraging the Rowhammer Effect for Improved Security. In IEEE International Symposium on Hardware Oriented Security and Trust (HOST) .

[32]

André Schaller, Wenjie Xiong, Nikolaos A. Anagnostopoulos, Muhammad U. Saleem, Sebastian Gabmeyer, Boris Skoric, Stefan Katzenbeisser, and Jakub Szefer. 2018. Decay-Based DRAM PUFs in Commodity Devices. IEEE Transactions on Dependable and Secure Computing (TDSC), Vol. 16, 3 (May 2018), 462--475.

[33]

Takeshi Sugawara, Kazuo Sakiyama, Shoei Nashimoto, Daisuke Suzuki, and Tomoyuki Nagatsuka. 2019. Oscillator without a Combinatorial Loop and its Threat to FPGA in Data Centre. Electronics Letters, Vol. 55, 11 (May 2019), 640--642.

[34]

Soubhagya Sutar, Arnab Raha, and Vijay Raghunathan. 2016. D-PUF: An Intrinsically Reconfigurable DRAM PUF for Device Authentication in Embedded Systems. In International Conference on Compliers, Architectures, and Sythesis of Embedded Systems (CASES) .

Digital Library

[35]

B. M. S. Bahar Talukder, Biswajit Ray, Domenic Forte, and Md Tauhidur Rahman. 2018. PreLatPUF: Exploiting DRAM Latency Variations for Generating Robust Device Signatures. IEEE Access, Vol. 7 (June 2018), 81106--81120.

[36]

Fatemeh Tehranipoor, Nima Karimian, Kan Xiao, and John Chandy. 2015. DRAM-Based Intrinsic Physically Unclonable Functions for System-Level Security and Authentication. In Great Lakes Symposium on VLSI (GLSVLSI) .

[37]

Tencent Cloud. 2019. Cloud Virtual Machine Instance Types. https://intl.cloud.tencent.com/document/product/213/11518 . Accessed: 2019-09--14.

[38]

Texas Advanced Computing Center. 2015. TACC to Launch New Catapult System to Researchers Worldwide. https://www.tacc.utexas.edu/-/tacc-to-launch-new-catapult-system-to-researchers-worldwide . Accessed: 2019-09--14.

[39]

Shanquan Tian and Jakub Szefer. 2019. Temporal Thermal Covert Channels in Cloud FPGAs. In ACM/SIGDA International Symposium on Field-Programmable Gate Arrays (FPGA) .

[40]

Pim Tuyls, Geert-Jan Schrijen, Frans Willems, Tanya Ignatenko, and Boris Skoric. 2007. Secure Key Storage with PUFs. In Security with Noisy Data: On Private Biometrics, Secure Key Storage and Anti-Counterfeiting, Pim Tuyls, Boris Skoric, and Tom Kevenaar (Eds.). Springer, Chapter 15, 269--292.

[41]

Xilinx, Inc. 2017. Xilinx Powers Huawei FPGA Accelerated Cloud Server. https://www.xilinx.com/news/press/2017/xilinx-powers-huawei-fpga-accelerated-cloud-server.html . Accessed: 2019-09--14.

[42]

Xilinx, Inc. 2019. UltraScale Architecture Configuration: User Guide (UG570). https://www.xilinx.com/support/documentation/user_guides/ug570-ultrascale-configuration.pdf . Accessed: 2019-09--14.

[43]

Wenjie Xiong, Nikolaos A. Anagnostopoulos, André Schaller, Stefan Katzenbeisser, and Jakub Szefer. 2019. Spying on Temperature using DRAM. In Design, Automation, and Test in Europe (DATE) .

[44]

Wenjie Xiong, André Schaller, Nikolaos A. Anagnostopoulos, Muhammad U. Saleem, Sebastian Gabmeyer, Stefan Katzenbeisser, and Jakub Szefer. 2016. Run-time Accessible DRAM PUFs in Commodity Devices. In International Conference on Cryptographic Hardware and Embedded Systems (CHES) .

[45]

Jiliang Zhang and Gang Qu. 2019. Recent Attacks and Defenses on FPGA-based Systems. ACM Transactions on Reconfigurable Technology and Systems (TRETS), Vol. 12, 3 (Aug. 2019), 14:1--14:24.

Digital Library

Cited By

Trochatos TEtim ASzefer J(2024)Covert-channels in FPGA-enabled SmartSSDsACM Transactions on Reconfigurable Technology and Systems10.1145/363531217:2(1-23)Online publication date: 30-Apr-2024
https://dl.acm.org/doi/10.1145/3635312
Fang CMiao NWang HZhou JSheaves TEmmert JSasan AHomayoun HMeng WJensen CCremers CKirda E(2023)Gotcha! I Know What You Are Doing on the FPGA Cloud: Fingerprinting Co-Located Cloud FPGA Accelerators via Measuring Communication LinksProceedings of the 2023 ACM SIGSAC Conference on Computer and Communications Security10.1145/3576915.3616606(2024-2037)Online publication date: 15-Nov-2023
https://dl.acm.org/doi/10.1145/3576915.3616606
Frank FXiong WAnagnostopoulos NSchaller AArul TKoushanfar FKatzenbeisser SRührmair USzefer J(2023)Abusing Commodity DRAMs in IoT Devices to Remotely Spy on TemperatureIEEE Transactions on Information Forensics and Security10.1109/TIFS.2023.327125218(2991-3005)Online publication date: 1-Jan-2023
https://dl.acm.org/doi/10.1109/TIFS.2023.3271252
Show More Cited By

Index Terms

Fingerprinting Cloud FPGA Infrastructures
1. Hardware
  1. Integrated circuits
    1. Reconfigurable logic and FPGAs
2. Security and privacy
  1. Security in hardware
    1. Hardware attacks and countermeasures

Recommendations

Cross-VM Covert- and Side-Channel Attacks in Cloud FPGAs
The availability of FPGAs in cloud data centers offers rapid, on-demand access to reconfigurable hardware compute resources that users can adapt to their own needs. However, the low-level access to the FPGA hardware and associated resources such as the ...
Gotcha! I Know What You Are Doing on the FPGA Cloud: Fingerprinting Co-Located Cloud FPGA Accelerators via Measuring Communication Links
CCS '23: Proceedings of the 2023 ACM SIGSAC Conference on Computer and Communications Security

In recent decades, due to the emerging requirements of computation acceleration, cloud FPGAs have become popular in public clouds. Major cloud service providers, e.g. AWS and Microsoft Azure have provided FPGA computing resources in their infrastructure ...
Covert-Hammer: Coordinating Power-Hammering on Multi-tenant FPGAs via Covert Channels
FPGA '24: Proceedings of the 2024 ACM/SIGDA International Symposium on Field Programmable Gate Arrays

With the rise of AI, end of Moore's law, and the digitization of public services, the demand for accelerated computing is growing. To address this demand, major cloud service providers like Amazon Web Services, Microsoft Azure, and Google Cloud Platform ...

Comments

Please enable JavaScript to view thecomments powered by Disqus.

Information & Contributors

Information

Published In

cover image ACM Conferences

FPGA '20: Proceedings of the 2020 ACM/SIGDA International Symposium on Field-Programmable Gate Arrays

February 2020

346 pages

ISBN:9781450370998

DOI:10.1145/3373087

General Chair:
Stephen Neuendorffer
Xilinx, USA
,
Program Chair:
Lesley Shannon
Simon Fraser University, Canada

Copyright © 2020 ACM.

Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]

Sponsors

SIGDA: ACM Special Interest Group on Design Automation

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 24 February 2020

Permissions

Request permissions for this article.

Request Permissions

Check for updates

Badges

Author Tags

Qualifiers

Short-paper

Funding Sources

Conference

FPGA '20

Sponsor:

SIGDA

FPGA '20: The 2020 ACM/SIGDA International Symposium on Field-Programmable Gate Arrays

February 23 - 25, 2020

CA, Seaside, USA

Acceptance Rates

Overall Acceptance Rate 125 of 627 submissions, 20%

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

23
Total Citations
View Citations
1,140
Total Downloads

Downloads (Last 12 months)220
Downloads (Last 6 weeks)17

Reflects downloads up to 12 Nov 2024

Other Metrics

View Author Metrics

Citations

Cited By

Trochatos TEtim ASzefer J(2024)Covert-channels in FPGA-enabled SmartSSDsACM Transactions on Reconfigurable Technology and Systems10.1145/363531217:2(1-23)Online publication date: 30-Apr-2024
https://dl.acm.org/doi/10.1145/3635312
Fang CMiao NWang HZhou JSheaves TEmmert JSasan AHomayoun HMeng WJensen CCremers CKirda E(2023)Gotcha! I Know What You Are Doing on the FPGA Cloud: Fingerprinting Co-Located Cloud FPGA Accelerators via Measuring Communication LinksProceedings of the 2023 ACM SIGSAC Conference on Computer and Communications Security10.1145/3576915.3616606(2024-2037)Online publication date: 15-Nov-2023
https://dl.acm.org/doi/10.1145/3576915.3616606
Frank FXiong WAnagnostopoulos NSchaller AArul TKoushanfar FKatzenbeisser SRührmair USzefer J(2023)Abusing Commodity DRAMs in IoT Devices to Remotely Spy on TemperatureIEEE Transactions on Information Forensics and Security10.1109/TIFS.2023.327125218(2991-3005)Online publication date: 1-Jan-2023
https://dl.acm.org/doi/10.1109/TIFS.2023.3271252
Stojilović MRasmussen KRegazzoni FTahoori MTessier R(2023)A Visionary Look at the Security of Reconfigurable Cloud ComputingProceedings of the IEEE10.1109/JPROC.2023.3330729111:12(1548-1571)Online publication date: Dec-2023
https://doi.org/10.1109/JPROC.2023.3330729
Ahmadi MAlrahis LSinanoglu OShafique M(2023)FPGA-Patch: Mitigating Remote Side-Channel Attacks on FPGAs using Dynamic Patch Generation2023 IEEE/ACM International Symposium on Low Power Electronics and Design (ISLPED)10.1109/ISLPED58423.2023.10244526(1-6)Online publication date: 7-Aug-2023
https://doi.org/10.1109/ISLPED58423.2023.10244526
Ahmadi MAlrahis LSinanoglu OShafique M(2023)ShapeShifter: Protecting FPGAs from Side-Channel Attacks with Isofunctional Heterogeneous Modules2023 IEEE 29th International Symposium on On-Line Testing and Robust System Design (IOLTS)10.1109/IOLTS59296.2023.10224883(1-7)Online publication date: 3-Jul-2023
https://doi.org/10.1109/IOLTS59296.2023.10224883
Zhu HCao WZhang X(2023)PDNSig: Identifying Multi-Tenant Cloud FPGAs with Power Distribution Network-Based Signatures2023 IEEE/ACM International Conference on Computer Aided Design (ICCAD)10.1109/ICCAD57390.2023.10323545(1-8)Online publication date: 28-Oct-2023
https://doi.org/10.1109/ICCAD57390.2023.10323545
Smith KViszlai JSeifert LBaker JSzefer JChong F(2023)Fast Fingerprinting of Cloud-based NISQ Quantum Computers2023 IEEE International Symposium on Hardware Oriented Security and Trust (HOST)10.1109/HOST55118.2023.10133778(1-12)Online publication date: 1-May-2023
https://doi.org/10.1109/HOST55118.2023.10133778
Glamočanin OShrivastava SYao JArdo NPayer MStojilović M(2023)Instruction-Level Power Side-Channel Leakage Evaluation of Soft-Core CPUs on Shared FPGAsJournal of Hardware and Systems Security10.1007/s41635-023-00135-17:2-3(72-99)Online publication date: 4-Oct-2023
https://doi.org/10.1007/s41635-023-00135-1
Giechaskiel ITian SSzefer J(2023)Contention-Based Threats Between Single-Tenant Cloud FPGA InstancesSecurity of FPGA-Accelerated Cloud Computing Environments10.1007/978-3-031-45395-3_6(137-172)Online publication date: 18-Sep-2023
https://doi.org/10.1007/978-3-031-45395-3_6
Show More Cited By

View Options

View options

PDF

View or Download as a PDF file.

eReader

View online with eReader.

Get Access

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Publication

Media

Figures

Other

Tables

View Table of Contents