Checking for Electrical Level Security Threats in Bitstreams for Multi-Tenant FPGAs

Multi-tenant FPGAs, in which 3rd parties have partial access to the FPGA fabric, are a rising usage trend in cloud and reconfigurable SoCs. This gives rise to new types of attacks in FPGAs, as shown in recent studies. These attacks can operate on the electrical level through the common power delivery network, making them very hard to isolate. Thus, software-controlled FPGA configuration can be exploited to insert hardware trojans, impacting the security of the entire system. The attacks can be separated into fault and side-channel attacks to either actively manipulate a system or quietly extract secret information. In this paper, we show the first attempt of countermeasures against these voltage fluctuation based attacks, by analyzing FPGA bitstreams for malicious logic, basically implementing an FPGA antivirus. We provide a way to check bitstreams for potentially malicious structures, by extending a combination of commercial and opensource tools.