FPGAs; hardware security; remote attacks; voltage drop; Denial of Service; Dynamic Power; Heterogeneous computing system; Logic resources; Power; Reconfigurable; Remote attacks; Resource-efficient; Voltage drop; Work analysis; Theoretical Computer Science; Computer Science (all)
Abstract :
[en] Heterogeneous computing systems increasingly leverage FPGAs in the cloud and embedded use cases. With cloud FPGAs being remotely accessible, security is a critical concern. Recent studies show adversaries can exploit FPGA logic to create and remotely deploy malicious power-wasting circuits that consume excessive dynamic power, potentially injecting faults or causing denial of service. This work analyzes the most common reconfigurable power-wasting primitives to assess their power consumption, detection challenges, and attack effectiveness. We further propose new, logic-based, and resource-efficient variations of these circuits and experimentally evaluate them on two families of AMD FPGAs. Finally, we discuss factors influencing attack effectiveness and compare the studied designs’ trade-offs.
Disciplines :
Electrical & electronics engineering
Author, co-author :
Mahmoud, Dina G. ; The American University in Cairo, Cairo, Egypt
Andreani, Simone; EPFL, Lausanne, Switzerland
LENDERS, Vincent ; University of Luxembourg > Interdisciplinary Centre for Security, Reliability and Trust (SNT) > Systems and Network Security Group (SNS) ; Cyber-Defence Campus, armasuisse, Thun, Switzerland
Stojilović, Mirjana ; EPFL, Lausanne, Switzerland
External co-authors :
yes
Language :
English
Title :
ROBoost: A Study of FPGA Logic-Based Power-Wasting Primitives
Publication date :
April 2025
Event name :
21st International Symposium on Applied Reconfigurable Computing. Architectures, Tools, and Applications
Event place :
Seville, Esp
Event date :
09-04-2025 => 11-04-2025
Audience :
International
Main work title :
Applied Reconfigurable Computing. Architectures, Tools, and Applications - 21st International Symposium, ARC 2025, Proceedings
Editor :
Giorgi, Roberto
Publisher :
Springer Science and Business Media Deutschland GmbH
FPGA-based Amazon EC2 F1 computing instances (2022). https://aws.amazon. com/ec2/instance-types/f1/
66906-UltraScale soft error mitigation (SEM) IP-[DRC 23-20] rule violation (PDCN-1569) LUT equation term check, September 2021. https://support.xilinx. com/s/article/66906?language=en_US
Amer, H.H.: Behavior of memory elements in the presence of power supply disturbances. In: 34th Annual Spring Reliability Symposium, “Reliability-Investing in the Future, pp. 45–51. Boxborough, MA, USA, April 1996
Chen, C.H., Bowman, K., Augustine, C., Zhang, Z., Tschanz, J.: Minimum supply voltage for sequential logic circuits in a 22nm technology. In: International Symposium on Low Power Electronics and Design, pp. 181–186. Beijing, China, September 2013
García, A.D.G., Pérez, L.F.G., Acuña, R.F.: Power consumption management on FPGAs. In: 15th International Conference on Electronics, Communications and Computers, pp. 240—245, February 2005
Genesys ZU: Zynq UltraScale+ MPSoC development board (2022). https://digilent.com/reference/programmable-logic/genesys-zu/reference-manual
Giechaskiel, I., Rasmussen, K.B., Szefer, J.: Measuring long wire leakage with ring oscillators in cloud FPGAs. In: 29th International Conference on Field-Programmable Logic and Applications, pp. 45–50. Barcelona, Spain, September 2019
Glamočanin, O., Coulon, L., Regazzoni, F., Stojilović, M.: Are cloud FPGAs really vulnerable to power analysis attacks? In: Design, Automation & Test in Europe Conference & Exhibition (DATE), pp. 1–4. Grenoble, France, March 2020
Glamočanin, O., Kostić, A., Kostić, S., Stojilović, M.: Active wire fences for mul-titenant FPGAs. In: DDECS, pp. 13–20, May 2023
Gnad, D.R.E., Oboril, F., Tahoori, M.B.: Voltage drop-based fault attacks on FPGAs using valid bitstreams. In: FPL, pp. 1–7. Ghent, Belgium, September 2017
Gupta, M.S., Oatley, J.L., Joseph, R., Wei, G.Y., Brooks, D.M.: Understanding voltage variations in chip multiprocessors using a distributed power-delivery network. In: Design, Automation & Test in Europe Conference & Exhibition (DATE), pp. 1–6. Nice, France, April 2007
La, T., Pham, K., Powell, J., Koch, D.: Denial-of-Service on FPGA-based cloud infrastructures-attack and defense. IACR Trans. Cryptographic Hardware Embedded Syst. 2021(3), 441–464 (2021)
Mahmoud, D.G., Andreani, S., Lenders, V., Stojilović, M.: ROBoost: a study of FPGA logic-based power-wasting primitives. Artifacts (2025). https://doi.org/10. 5281/zenodo.14840696
Mahmoud, D.G., Dervishi, D., Hussein, S., Lenders, V., Stojilović, M.: DFAulted: Analyzing and exploiting CPU software faults caused by FPGA-driven undervolt-ing attacks. IEEE Access 10, 134199–216 (2022)
Mahmoud, D.G., Hussein, S., Lenders, V., Stojilović, M.: FPGA-to-CPU under-volting attacks. In: Design, Automation & Test in Europe Conference & Exhibition (DATE), pp. 999–1004, March 2022
Mahmoud, D.G., Shokry, B., Lenders, V., Hu, W., Stojilović, M.: X-Attack 2.0: the risk of power wasters and satisfiability don’t-care hardware trojans to shared cloud FPGAs. IEEE Access 12, 8983–9011 (2024)
Matas, K., La, T.M., Pham, K.D., Koch, D.: Power-hammering through glitch amplification-attacks and mitigation. In: 28th Symposium on Field-Programmable Custom Computing Machines. pp. 65–69. Fayetteville, AR, USA, May 2020
Moini, S., Deric, A., Li, X., Provelengios, G., Burleson, W., Tessier, R., Holcomb, D.: Voltage sensor implementations for remote power attacks on FPGAs. ACM Trans. Reconfigurable Technol. Syst. 16(1) (2022)
Pant, S.: Design and analysis of power distribution networks in VLSI Circuits. Ph.D. thesis, The University of Michigan (2008). https://deepblue.lib.umich.edu/bitstream/handle/2027.42/58508/spant_1.pdf %3Fsequence%3D1
Provelengios, G., Holcomb, D., Tessier, R.: Power wasting circuits for cloud FPGA attacks. In: 30th International Conference on Field-Programmable Logic and Applications, pp. 231–35. Gothenburg, Sweden, August 2020
Digilent reference for PYNQ-Z1. https://digilent.com/reference/programmable-logic/pynq-z1/start
Salman, E., Dasdan, A., Taraporevala, F., Kucukcakar, K., Friedman, E.G.: Exploiting setup-hold-time interdependence in static timing analysis. IEEE Trans. Comput. Aided Des. Integr. Circuits Syst. 26(6), 1114–25 (2007)
Spielmann, D., Glamočanin, O., Stojilović, M.: RDS: FPGA routing delay sensors for effective remote power analysis attacks. IACR Trans. Cryptographic Hardware Embedded Syst. 2023(2), 543–567 (2023)
Stojilović, M., Rasmussen, K., Regazzoni, F., Tahoori, M.B., Tessier, R.: A visionary look at the security of reconfigurable cloud computing. Proc. IEEE 111(12), 1548–71 (2023)
UltraScale architecture system monitor user guide, September 2021
Xilinx Inc.: 7 series FPGAs configurable logic block user guide (UG474), September 2016
Xilinx Inc.: UltraScale architecture configurable logic block user guide (UG574), February 2017
Xilinx Inc.: Zynq-7000 SoC: DC and AC switching characteristics (DS187), December 2020
Zhao, M., Suh, G.E.: FPGA-based remote power side-channel attacks. In: IEEE Symposium on Security and Privacy (SP), pp. 229–244. San Francisco, CA, USA, May 2018
