null
(Ed.)
Cloud and data center applications increasingly leverage FPGAs
because of their performance/watt benefits and flexibility advantages over traditional processing cores such as CPUs and GPUs.
As the rising demand for hardware acceleration gradually leads to
FPGA multi-tenancy in the cloud, there are rising concerns about
the security challenges posed by FPGA virtualization. Exposing
space-shared FPGAs to multiple cloud tenants may compromise
the confidentiality, integrity, and availability of FPGA-accelerated
applications. In this work, we present a hardware/software architecture for domain isolation in FPGA-accelerated clouds and data
centers with a focus on software-based attacks aiming at unauthorized access and information leakage. Our proposed architecture
implements Mandatory Access Control security policies from software down to the hardware accelerators on FPGA. Our experiments
demonstrate that the proposed architecture protects against such
attacks with minimal area and communication overhead.
more »
« less