Pull the Rug from Under: Malicious Reconfiguration of Executing Program in FPGA and its Defense

The Field Programmable Gate Array (FPGA) has been used for decades in embedded applications where custom hardware is not practical or feasible. However, thanks to increases in size and compute capabilities, the FPGA has become more attractive as an option to supplement a general-purpose Central Processing Unit (CPU) for accelerating complex computations used for encryption, machine learning, and many other applications. Although FPGAs have already appeared in embedded Systems-on-Chip (SoC) and cloud environments, the reconfigurable nature of FPGAs creates security vulnerabilities not found in more traditional accelerators like Graphics Processing Units (GPU). In this paper, we describe a vulnerability in an Altera Cyclone V SoC and demonstrate an attack that exploits this vulnerability. We propose a hardware modification that would provide a defense against this attack, and we implement a Linux kernel module to demonstrate a proof-of-concept for this hardware solution.