Yukui Luo’s PhD Dissertation Defense

Title:
Securing FPGA as a Shared Cloud-Computing Resource: Threats and Mitigations

Committee Members:
Prof. Xiaolin Xu (Advisor)
Prof. Yunsi Fei
Prof. Xue Lin

Abstract:
With the widespread adoption of cloud computing, the demand for programmable hardware acceleration devices, such as field-programmable gate arrays (FPGA), has increased. These devices benefit the growth of efficient hardware accelerators, making cloud computing possible for a wide range of research and commercial projects, including genetic engineering, intensive online secure trading, the Artificial Intelligence (AI) interface, etc. To further improve the performance of FPGA-enabled cloud computing, one promising technology is to virtualize the hardware resources of an FPGA device, which allows multiple users to share the same FPGA. This solution can provide on-demand FPGA instances, significantly improving the hardware utilization and energy efficiency of the cloud FPGA. However, due to the hardware reconfigurability of FPGA, current virtualization technologies used for multi-tenant CPU and GPU instances are incompatible with multi-tenant FPGA.

We aim to enhance the security of multi-tenant FPGA by defining the threat model and evaluating security concerns from the perspectives of confidentiality, data integrity, and availability. As part of this goal, we constructed multi-tenant FPGA prototypes and demonstrated potential attacks. These attacks serve as preliminary steps toward developing a secure multi-tenant FPGA virtualization system. This system involves hardware and software co-design, which extends the multi-tenant isolation from software to hardware, ultimately resulting in a secure FPGA shared cloud computing service.