Cross−board Power−Based FPGA‚ CPU‚ and GPU Covert Channels

Abstract

FPGAs have become popular hardware accelerators due to their versatile, reconfigurable, and highly parallelizable nature. However, several attacks in multi-tenant and virtualized setups have shown that FPGAs need to be dedicated on a per-user basis in potentially untrusted settings, such as in cloud environment virtual machines. In this chapter, we introduce a new attack that highlights that other aspects of shared infrastructure can also lead to vulnerabilities that break separation of privilege among different users. In particular, we show that sharing a power supply unit (PSU) can be exploited for remote FPGA-to-FPGA, CPU-to-FPGA, and GPU-to-FPGA covert channels between unmodified, off-the-shelf hardware. To demonstrate the attacks, our work uses a novel combination of ``sensing'' and ``stressing'' ring oscillators as receivers on the sink FPGA, and similar power wasting applications on the source FPGA, CPU, or GPU. Experiments are conducted with Xilinx boards containing Artix 7 and Kintex 7 FPGA chips, PSUs by two vendors, as well as CPUs and GPUs of different generations. The results of this work highlight the dangers of shared power supply units in local and cloud FPGAs and therefore a fundamental need to re-think FPGA security for shared infrastructures.