Large-scale computer systems that can perform challenging computations can now be leased by the general public for seconds, minutes, or hours at a time. Although these systems typically use microprocessors for most computation, recently, special reconfigurable computer chips called field-programmable gate arrays (FPGAs) have been integrated into these publicly-available systems. Although these chips are more powerful than microprocessors, they have security weaknesses that could put users' data at risk and expose their personal information. This project explores how to secure FPGAs in distributed large-scale computer servers, also known as cloud computing, to prevent information theft and incorrect calculations.
As FPGAs grow in size and complexity, cloud FPGA deployments aim to leverage economies of scale to share FPGAs among different, untrusting cloud users who wish to accelerate their machine learning, data search, or other applications with FPGAs. Numerous independent applications may share the same FPGA over time, reside in FPGAs that are in close physical proximity to each other, or even simultaneously reside in a single FPGA. Such uses of multi-tenant FPGAs open the door to numerous potential attack vectors on unsuspecting circuits implemented in the shared FPGAs. This project examines the security vulnerabilities that arise from adding FPGAs into data center environments where such FPGA sharing is possible on a large scale. The initial part of this project quantifies the risks associated with malicious FPGA application behavior, including clandestine data snooping, data leaking, and deliberate attempts by users to degrade or even damage the FPGA infrastructure. To address these vulnerabilities, an active monitoring system continuously checks the FPGAs, detects attacks, and aims to limit malicious behavior at run-time. In parallel, a rules-based resource manager controls resource usage and FPGA allocation in an effort to mitigate FPGA-based attacks. Compile-time rule checks are also implemented. The layered approach enables truly secure multi-tenant FPGAs, allowing sensitive data to be processed securely and cost efficiently with cloud FPGAs. Two specific programs to broaden the impact are: 1)new courses on data center and FPGA security, focused on scalable real-world systems, and 2) a student-run research workshop to allow students to share research ideas and their work. These activities teach undergraduate and graduate students how to leverage cloud FPGA resources for a variety of hardware and software experiments.
This award reflects NSF's statutory mission and has been deemed worthy of support through evaluation using the Foundation's intellectual merit and broader impacts review criteria.
