Popis: |
Cloud and data centers continuously increase FPGA presence in their pools of computing resources. As we head towards FPGA multi-tenancy in the cloud, there are rising security concerns. Space-sharing FPGAs between tenants may jeopardize the confidentiality, integrity, and availability of FPGA-accelerated applications. In this work, we present a hardware/software security architecture for domain isolation in clouds provisioning multi-tenant FPGAs. We focus on software-based attacks aiming unauthorized access and information leakage. We verify the proposed security architecture using Computational Tree Logic and prototype on a cloud set up. Experimental results demonstrate that the proposed architecture preserves domain isolation and protects against software attacks with minimal area, and communication overhead. |