scispace - formally typeset
Search or ask a question
Proceedings ArticleDOI

Ensuring Green Computing in Reconfigurable Hardware based Cloud Platforms from Hardware Trojan Attacks

16 Nov 2020-pp 1380-1385
TL;DR: In this paper, the authors analyze how vulnerability in hardware like hardware trojan horses (HTH) can increment power dissipation suddenly at runtime, without affecting the basic security primitives like integrity, confidentiality or availability of the system.
Abstract: Deployment of reconfigurable hardware or field programmable gate arrays (FPGAs) in cloud platforms is the modern trend. Practical scenarios include Amazon’s EC2 F1 cloud services, Microsoft’s Project Catapult and many others. Efficient task scheduling algorithms exist that can ensure green computing, i.e. order the operation of user tasks in the available FPGAs in such a manner that the power dissipated is optimum. But recent literature has exhibited eradication of the hardware root of trust, which is not taken into account by the existing task scheduling algorithms that can facilitate green computing. In this work, we analyze how vulnerability in hardware like hardware trojan horses (HTH) can increment power dissipation suddenly at runtime, without affecting the basic security primitives like integrity, confidentiality or availability of the system. Thus, are difficult to detect but may hamper the system due to unnecessary high power dissipation. We also develop a suitable runtime task scheduling algorithm which schedules the tasks at runtime based on the dynamic status of the resources, such that the power dissipation incurred at runtime is optimum. Finally, we also propose a mechanism via which we can detect affected cloud resources based on the runtime operations. We validate our proposed methodology via simulation based experiments.
Citations
More filters
Book ChapterDOI
01 Jan 2021
TL;DR: In this paper, the authors proposed a method to detect power dissipation attacks that may affect the green computing factor of a system or may drain the power budget of the system and cause early expiry of the computer system.
Abstract: Ensuring security for computer systems is of paramount importance. Analyzing various forms of attacks and defining strategies to prevent them is essential to generate trust among users. In general, to make a system reliable, system designers need to satisfy the basic three requirements, i.e. ensure confidentiality or prevent unauthorized observing of data or information, ensure integrity or prevent unauthorized change of data and ensure availability or facilitate authorized access to information or data at any instant of time and generate proper results within time. These three are commonly known as the CIA requirements [BT18]. However, with time, new attacks have arose like power dissipation attacks that may affect the green computing factor of a system or may drain the power budget of the system and cause early expiry of the system [Guh20, GMSC20]. Hence, it is the responsibility of system designers to analyze new and potential forms of threats that may arise with time and develop security strategies to mitigate them.
References
More filters
Journal ArticleDOI
15 Jul 2014
TL;DR: The threat of hardware Trojan attacks is analyzed; attack models, types, and scenarios are presented; different forms of protection approaches are discussed; and emerging attack modes, defenses, and future research pathways are described.
Abstract: Security of a computer system has been traditionally related to the security of the software or the information being processed. The underlying hardware used for information processing has been considered trusted. The emergence of hardware Trojan attacks violates this root of trust. These attacks, in the form of malicious modifications of electronic hardware at different stages of its life cycle, pose major security concerns in the electronics industry. An adversary can mount such an attack with an objective to cause operational failure or to leak secret information from inside a chip-e.g., the key in a cryptographic chip, during field operation. Global economic trend that encourages increased reliance on untrusted entities in the hardware design and fabrication process is rapidly enhancing the vulnerability to such attacks. In this paper, we analyze the threat of hardware Trojan attacks; present attack models, types, and scenarios; discuss different forms of protection approaches, both proactive and reactive; and describe emerging attack modes, defenses, and future research pathways.

588 citations

Proceedings ArticleDOI
15 Oct 2016
TL;DR: A new cloud architecture that uses reconfigurable logic to accelerate both network plane functions and applications, and is much more scalable than prior work which used secondary rack-scale networks for inter-FPGA communication.
Abstract: Hyperscale datacenter providers have struggled to balance the growing need for specialized hardware (efficiency) with the economic benefits of homogeneity (manageability) In this paper we propose a new cloud architecture that uses reconfigurable logic to accelerate both network plane functions and applications This Configurable Cloud architecture places a layer of reconfigurable logic (FPGAs) between the network switches and the servers, enabling network flows to be programmably transformed at line rate, enabling acceleration of local applications running on the server, and enabling the FPGAs to communicate directly, at datacenter scale, to harvest remote FPGAs unused by their local servers We deployed this design over a production server bed, and show how it can be used for both service acceleration (Web search ranking) and network acceleration (encryption of data in transit at high-speeds) This architecture is much more scalable than prior work which used secondary rack-scale networks for inter-FPGA communication By coupling to the network plane, direct FPGA-to-FPGA messages can be achieved at comparable latency to previous work, without the secondary network Additionally, the scale of direct inter-FPGA messaging is much larger The average round-trip latencies observed in our measurements among 24, 1000, and 250,000 machines are under 3, 9, and 20 microseconds, respectively The Configurable Cloud architecture has been deployed at hyperscale in Microsoft's production datacenters worldwide

512 citations

Journal ArticleDOI
TL;DR: A novel noninvasive, multiple-parameter side-channel analysisbased Trojan detection approach that uses the intrinsic relationship between dynamic current and maximum operating frequency of a circuit to isolate the effect of a Trojan circuit from process noise.
Abstract: Hardware Trojan attack in the form of malicious modification of a design has emerged as a major security threat. Sidechannel analysis has been investigated as an alternative to conventional logic testing to detect the presence of hardware Trojans. However, these techniques suffer from decreased sensitivity toward small Trojans, especially because of the large process variations present in modern nanometer technologies. In this paper, we propose a novel noninvasive, multiple-parameter side-channel analysisbased Trojan detection approach. We use the intrinsic relationship between dynamic current and maximum operating frequency of a circuit to isolate the effect of a Trojan circuit from process noise. We propose a vector generation approach and several design/test techniques to improve the detection sensitivity. Simulation results with two large circuits, a 32-bit integer execution unit (IEU) and a 128-bit advanced encryption standard (AES) cipher, show a detection resolution of 1.12 percent amidst ±20 percent parameter variations. The approach is also validated with experimental results. Finally, the use of a combined side-channel analysis and logic testing approach is shown to provide high overall detection coverage for hardware Trojan circuits of varying types and sizes.

207 citations

DOI
01 Jan 2015
TL;DR: The EPFL combinational benchmark suite consists of 23 combinational circuits designed to challenge modern logic optimization tools, available to the public and distributed in all Verilog, VHDL, BLIF and AIGER formats.
Abstract: In this paper, we present the EPFL combinational benchmark suite. We aim at completing existing benchmark suites by focusing only on natively combinational benchmarks. The EPFL combinational benchmark suite consists of 23 combinational circuits designed to challenge modern logic optimization tools. It is further divided into three parts. The first part includes 10 arithmetic benchmarks, e.g., square-root, hypotenuse, divisor, multiplier etc.. The second part consists of 10 random/control benchmarks, e.g., round-robin arbiter, lookahead XY router, alu control unit, memory controller etc.. The third part contains 3 very large circuits, featuring more than ten million gates each. All benchmarks have a moderate number of inputs/outputs ranging from few tens to about one thousand. The EPFL benchmark suite is available to the public and distributed in all Verilog, VHDL, BLIF and AIGER formats. In addition to providing the benchmarks, we keep track of the best optimization results, mapped into LUT-6, for size and depth metrics. Better logic implementations can be submitted online. After combinational equivalence checking tests, the best LUT-6 realizations will be included in the benchmark suite together with the author’s name and affiliation.

195 citations

Journal ArticleDOI
02 May 2006
TL;DR: In this paper, the authors compare and contrast two methods for implementing modular reconfiguration in Virtex FPGAs, one of which offers simplicity and fast reconfigure times, but limits the geometry and connectivity of the system.
Abstract: Modular systems implemented on field-programmable gate arrays (FPGAs) can benefit from being able to load and unload modules at run-time, a concept that is of much interest in the research community. Although dynamic partial reconfiguration is possible in Virtex and Spartan series FPGAs, the configuration architecture of these devices is not amenable to modular reconfiguration, a limitation which has relegated research to theoretical or compromised resource allocation models. Two methods for implementing modular reconfiguration in Virtex FPGAs are compared and contrasted. The first method offers simplicity and fast reconfiguration times, but limits the geometry and connectivity of the system. The second method, developed recently, enables modules to be allocated arbitrary areas of the FPGA, bridging the gap between theory and reality and unlocking the latent potential of dynamic reconfiguration. The cost of this advancement is increased reconfiguration time. The second method has been demonstrated in three applications, including the first reported implementation of modular reconfiguration in a Virtex-4 device.

161 citations