Cloud FPGA Cartography using PCIe Contention

Shanquan Tian; Ilias Giechaskiel; Wenjie Xiong; Jakub Szefer

doi:10.1109/FCCM51124.2021.00035

Cloud FPGA Cartography using PCIe Contention

Shanquan Tian, Ilias Giechaskiel, Wenjie Xiong, Jakub Szefer

Electrical and Computer Engineering

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution

16 Scopus citations

Abstract

Public cloud infrastructures allow for easy, on-demand access to FPGA resources. However, the low-level, direct access to the FPGA hardware exposes the infrastructure providers to new types of attacks. Prior work has shown that it is possible to uniquely identify the underlying hardware by creating fingerprints of the different FPGA instances that users rent from a cloud provider, but such work was not able to actually map the cloud FPGA infrastructure itself. Meanwhile, this paper demonstrates that it is possible to reverse-engineer the co-location of FPGA boards inside a cloud FPGA server using PCIe contention. Specifically, this work deduces the Non-Uniform Memory Access (NUMA) locality of FPGA boards within a server by analyzing their mutual PCIe contention during simultaneous use of the PCIe bus. In addition, experiments conducted in data centers located in several geographic regions and repeated at different times are used to calculate the probability that cloud providers allocate FPGA boards co-located in the same server to a user. This paper thus shows that it is possible to map cloud FPGA infrastructures, and learn how FPGA instances are physically co-located within a server. Consequently, this paper also highlights the importance of mitigating these novel avenues for reverse-engineering and mapping of cloud FPGA setups, as they can reveal insights about the cloud infrastructure itself, or assist other single- and multi-tenant attacks.

Original language	English (US)
Title of host publication	Proceedings - 29th IEEE International Symposium on Field-Programmable Custom Computing Machines, FCCM 2021
Publisher	Institute of Electrical and Electronics Engineers Inc.
Pages	224-232
Number of pages	9
ISBN (Electronic)	9780738126739
DOIs	https://doi.org/10.1109/FCCM51124.2021.00035
State	Published - May 2021
Event	29th IEEE International Symposium on Field-Programmable Custom Computing Machines, FCCM 2021 - Virtual, Orlando, United States Duration: May 9 2021 → May 12 2021

Publication series

Name	Proceedings - 29th IEEE International Symposium on Field-Programmable Custom Computing Machines, FCCM 2021

Conference

Conference	29th IEEE International Symposium on Field-Programmable Custom Computing Machines, FCCM 2021
Country/Territory	United States
City	Virtual, Orlando
Period	5/9/21 → 5/12/21

Funding

† The first two authors contributed equally to this work. ∗ This work was supported in part by NSF grant 1901901.

Keywords

Cloud Cartography
Cloud FPGAs
FPGA Fingerprinting
FPGA Security
PCIe Contention

ASJC Scopus subject areas

Software
Artificial Intelligence
Computer Science Applications
Hardware and Architecture

Access to Document

10.1109/FCCM51124.2021.00035

Cite this

Tian, S., Giechaskiel, I., Xiong, W., & Szefer, J. (2021). Cloud FPGA Cartography using PCIe Contention. In Proceedings - 29th IEEE International Symposium on Field-Programmable Custom Computing Machines, FCCM 2021 (pp. 224-232). Article 9444054 (Proceedings - 29th IEEE International Symposium on Field-Programmable Custom Computing Machines, FCCM 2021). Institute of Electrical and Electronics Engineers Inc.. https://doi.org/10.1109/FCCM51124.2021.00035

Tian, Shanquan ; Giechaskiel, Ilias ; Xiong, Wenjie et al. / Cloud FPGA Cartography using PCIe Contention. Proceedings - 29th IEEE International Symposium on Field-Programmable Custom Computing Machines, FCCM 2021. Institute of Electrical and Electronics Engineers Inc., 2021. pp. 224-232 (Proceedings - 29th IEEE International Symposium on Field-Programmable Custom Computing Machines, FCCM 2021).

@inproceedings{c6e9f80831464a8998940682a2502f12,

title = "Cloud FPGA Cartography using PCIe Contention",

abstract = "Public cloud infrastructures allow for easy, on-demand access to FPGA resources. However, the low-level, direct access to the FPGA hardware exposes the infrastructure providers to new types of attacks. Prior work has shown that it is possible to uniquely identify the underlying hardware by creating fingerprints of the different FPGA instances that users rent from a cloud provider, but such work was not able to actually map the cloud FPGA infrastructure itself. Meanwhile, this paper demonstrates that it is possible to reverse-engineer the co-location of FPGA boards inside a cloud FPGA server using PCIe contention. Specifically, this work deduces the Non-Uniform Memory Access (NUMA) locality of FPGA boards within a server by analyzing their mutual PCIe contention during simultaneous use of the PCIe bus. In addition, experiments conducted in data centers located in several geographic regions and repeated at different times are used to calculate the probability that cloud providers allocate FPGA boards co-located in the same server to a user. This paper thus shows that it is possible to map cloud FPGA infrastructures, and learn how FPGA instances are physically co-located within a server. Consequently, this paper also highlights the importance of mitigating these novel avenues for reverse-engineering and mapping of cloud FPGA setups, as they can reveal insights about the cloud infrastructure itself, or assist other single- and multi-tenant attacks.",

keywords = "Cloud Cartography, Cloud FPGAs, FPGA Fingerprinting, FPGA Security, PCIe Contention",

author = "Shanquan Tian and Ilias Giechaskiel and Wenjie Xiong and Jakub Szefer",

note = "Publisher Copyright: {\textcopyright} 2021 IEEE.; 29th IEEE International Symposium on Field-Programmable Custom Computing Machines, FCCM 2021 ; Conference date: 09-05-2021 Through 12-05-2021",

year = "2021",

month = may,

doi = "10.1109/FCCM51124.2021.00035",

language = "English (US)",

series = "Proceedings - 29th IEEE International Symposium on Field-Programmable Custom Computing Machines, FCCM 2021",

publisher = "Institute of Electrical and Electronics Engineers Inc.",

pages = "224--232",

booktitle = "Proceedings - 29th IEEE International Symposium on Field-Programmable Custom Computing Machines, FCCM 2021",

address = "United States",

}

Tian, S, Giechaskiel, I, Xiong, W & Szefer, J 2021, Cloud FPGA Cartography using PCIe Contention. in Proceedings - 29th IEEE International Symposium on Field-Programmable Custom Computing Machines, FCCM 2021., 9444054, Proceedings - 29th IEEE International Symposium on Field-Programmable Custom Computing Machines, FCCM 2021, Institute of Electrical and Electronics Engineers Inc., pp. 224-232, 29th IEEE International Symposium on Field-Programmable Custom Computing Machines, FCCM 2021, Virtual, Orlando, United States, 5/9/21. https://doi.org/10.1109/FCCM51124.2021.00035

Cloud FPGA Cartography using PCIe Contention. / Tian, Shanquan; Giechaskiel, Ilias; Xiong, Wenjie et al.
Proceedings - 29th IEEE International Symposium on Field-Programmable Custom Computing Machines, FCCM 2021. Institute of Electrical and Electronics Engineers Inc., 2021. p. 224-232 9444054 (Proceedings - 29th IEEE International Symposium on Field-Programmable Custom Computing Machines, FCCM 2021).

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution

TY - GEN

T1 - Cloud FPGA Cartography using PCIe Contention

AU - Tian, Shanquan

AU - Giechaskiel, Ilias

AU - Xiong, Wenjie

AU - Szefer, Jakub

PY - 2021/5

Y1 - 2021/5

N2 - Public cloud infrastructures allow for easy, on-demand access to FPGA resources. However, the low-level, direct access to the FPGA hardware exposes the infrastructure providers to new types of attacks. Prior work has shown that it is possible to uniquely identify the underlying hardware by creating fingerprints of the different FPGA instances that users rent from a cloud provider, but such work was not able to actually map the cloud FPGA infrastructure itself. Meanwhile, this paper demonstrates that it is possible to reverse-engineer the co-location of FPGA boards inside a cloud FPGA server using PCIe contention. Specifically, this work deduces the Non-Uniform Memory Access (NUMA) locality of FPGA boards within a server by analyzing their mutual PCIe contention during simultaneous use of the PCIe bus. In addition, experiments conducted in data centers located in several geographic regions and repeated at different times are used to calculate the probability that cloud providers allocate FPGA boards co-located in the same server to a user. This paper thus shows that it is possible to map cloud FPGA infrastructures, and learn how FPGA instances are physically co-located within a server. Consequently, this paper also highlights the importance of mitigating these novel avenues for reverse-engineering and mapping of cloud FPGA setups, as they can reveal insights about the cloud infrastructure itself, or assist other single- and multi-tenant attacks.

AB - Public cloud infrastructures allow for easy, on-demand access to FPGA resources. However, the low-level, direct access to the FPGA hardware exposes the infrastructure providers to new types of attacks. Prior work has shown that it is possible to uniquely identify the underlying hardware by creating fingerprints of the different FPGA instances that users rent from a cloud provider, but such work was not able to actually map the cloud FPGA infrastructure itself. Meanwhile, this paper demonstrates that it is possible to reverse-engineer the co-location of FPGA boards inside a cloud FPGA server using PCIe contention. Specifically, this work deduces the Non-Uniform Memory Access (NUMA) locality of FPGA boards within a server by analyzing their mutual PCIe contention during simultaneous use of the PCIe bus. In addition, experiments conducted in data centers located in several geographic regions and repeated at different times are used to calculate the probability that cloud providers allocate FPGA boards co-located in the same server to a user. This paper thus shows that it is possible to map cloud FPGA infrastructures, and learn how FPGA instances are physically co-located within a server. Consequently, this paper also highlights the importance of mitigating these novel avenues for reverse-engineering and mapping of cloud FPGA setups, as they can reveal insights about the cloud infrastructure itself, or assist other single- and multi-tenant attacks.

KW - Cloud Cartography

KW - Cloud FPGAs

KW - FPGA Fingerprinting

KW - FPGA Security

KW - PCIe Contention

UR - http://www.scopus.com/inward/record.url?scp=85107636104&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=85107636104&partnerID=8YFLogxK

U2 - 10.1109/FCCM51124.2021.00035

DO - 10.1109/FCCM51124.2021.00035

M3 - Conference contribution

AN - SCOPUS:85107636104

T3 - Proceedings - 29th IEEE International Symposium on Field-Programmable Custom Computing Machines, FCCM 2021

SP - 224

EP - 232

BT - Proceedings - 29th IEEE International Symposium on Field-Programmable Custom Computing Machines, FCCM 2021

PB - Institute of Electrical and Electronics Engineers Inc.

T2 - 29th IEEE International Symposium on Field-Programmable Custom Computing Machines, FCCM 2021

Y2 - 9 May 2021 through 12 May 2021

ER -

Tian S, Giechaskiel I, Xiong W, Szefer J. Cloud FPGA Cartography using PCIe Contention. In Proceedings - 29th IEEE International Symposium on Field-Programmable Custom Computing Machines, FCCM 2021. Institute of Electrical and Electronics Engineers Inc. 2021. p. 224-232. 9444054. (Proceedings - 29th IEEE International Symposium on Field-Programmable Custom Computing Machines, FCCM 2021). doi: 10.1109/FCCM51124.2021.00035

Cloud FPGA Cartography using PCIe Contention

Abstract

Publication series

Conference

Funding

Keywords

ASJC Scopus subject areas

Access to Document

Other files and links

Fingerprint

Cite this