Tuan La scite author profile

Tuan La

5Publications

9Citation Statements Received

133Citation Statements Given

How they've been cited

148

How they cite others

106

133

Affiliations

University of Manchester

Publications

Order By: Most citations

Power-hammering through Glitch Amplification – Attacks and Mitigation

Matas

Pham

et al. 2020

View full text Add to dashboard Cite

Recent work on FPGA hardware security showed a huge potential risk through powerhammering which uses high switching activity in order to create excessive dynamic power loads. Virtually all present powerhammering attack scenarios are based on some kind of ring oscillators for which mitigation strategies exist. In this paper, we use a different strategy to create excessive dynamic power consumption: glitch amplification. By carefully designing XOR trees, fast switching wires can be implemented that together with driving high fanout nets can draw enough power to crash an FPGA. In addition to the attack (which is crashing an Ultra96 board), we will present a scanner for detecting malicious glitch amplifying FPGA designs.

show abstract

FPGAD efender

Matas

Grunchevski

et al. 2020

ACM Trans. Reconfigurable Technol. Syst.

View full text Add to dashboard Cite

Sharing configuration bitstreams rather than netlists is a very desirable feature to protect IP or to share IP without longer CAD tool processing times. Furthermore, an increasing number of systems could hugely benefit from serving multiple users on the same FPGA, for example, for resource pooling in cloud infrastructures. This article researches the threat that a malicious application can impose on an FPGA-based system in a multi-tenancy scenario from a hardware security point of view. In particular, this article evaluates the risk systematically for FPGA power-hammering through short-circuits and self-oscillating circuits, which potentially may cause harm to a system. This risk includes implementing, tuning, and evaluating all FPGA self-oscillators known from the literature but also developing a large number of new power-hammering designs that have not been considered before. Our experiments demonstrate that malicious circuits can be tuned to the point that just 3% of the logic available on an Ultra96 FPGA board can draw the power budget of the entire FPGA board. This fact suggests a waste power potential for datacenter FPGAs in the range of kilowatts. In addition to carefully analyzing FPGA hardware security threats, we present the FPGA virus scanner FPGAD efender , which can detect (possibly) any self-oscillating FPGA circuit, as well as detecting short-circuits, high fanout nets, and a tapping onto signals outside the scope of a module for protecting data center FPGAs, such as Xilinx UltraScale+ devices at the bitstream level.

show abstract

Invited Tutorial

Matas

Grunchevski

et al. 2020

View full text Add to dashboard Cite

Denial-of-Service on FPGA-based Cloud Infrastructures — Attack and Defense

Pham

Powell

et al. 2021

TCHES

View full text Add to dashboard Cite

This paper presents attacks targeting the FPGAs of AWS F1 instances at the electrical level through power-hammering, where excessive dynamic power is used to crash FPGA instances. We demonstrate different power-hammering attacks that pass all AWS security fences implemented on F1 instances, including the FPGA vendor design rule checks. In addition, we fingerprint the FPGA instances to observe the responsiveness of the instances, which indicates a successful denial-of-service attack. Most importantly, we provide an FPGA virus scanner framework, which was improved to support large datacenter FPGAs for preventing such attacks, including virtually all currently demonstrated side-channel attacks. Our experiments showed that an AWS F1 instance crashes immediately by starting an FPGA design demanding 369W. By using FPGA-fingerprinting, we found that crashed instances are unavailable for about one to over 200 hours.

show abstract

Demo: A Closer Look at Malicious Bitstreams

Matas

Powell

et al. 2020

View full text Add to dashboard Cite

scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.

Contact Info

customersupport@researchsolutions.com

10624 S. Eastern Ave., Ste. A-614

Henderson, NV 89052, USA

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

Blog Terms and Conditions API Terms Privacy Policy Contact Cookie Preferences Do Not Sell or Share My Personal Information

Made with 💙 for researchers

Part of the Research Solutions Family.

Tuan La

Power-hammering through Glitch Amplification – Attacks and Mitigation

FPGAD efender

Invited Tutorial

Denial-of-Service on FPGA-based Cloud Infrastructures — Attack and Defense

Demo: A Closer Look at Malicious Bitstreams

Contact Info

Product

Resources

About