BU Computer Systems Seminar

Speaker: Shahin Roozkhosh, Ph.D Candidate, Boston University

Talk Title: “The Devil in the FPGA”

Abstract: Given the demands of the modern technological landscape, the rate of change in specialized hardware is ever-increasing. However, with the slow-paced and capital-intensive nature of manufacturing, the industry has witnessed the proliferation of heterogeneous systems. Incorporating various processing technologies such as GPUs, NPUs, TPUs, and FPGAs intensifies the need for coherent data sharing across all processing elements. Thus, integrators have to ensure a unified and consistent view of memory between PEs.

The impact on overall system security remains uncertain. Particularly, the tradeoff for high performance combined with optimized efficiency rather than robust coherence protocols may lead to unknown security vulnerabilities, and this talk emphasizes the extent of such consequences if unaddressed. The gravity of the challenge is recognized, along with the multi-vendors (heterogeneous) acceleration paradigm.

In this talk, we unveil the potential risks associated with integrating custom hardware into the coherence system. By explaining the underlying hardware coherence support, such as synchronization buses and connectivity infrastructure, we showcase how coherence protocols have overlooked security in favor of high performance. Notably, by acknowledging the necessity to maintain a consistent memory, we highlight the threatening potential for security breaches arising from direct and unsupervised communication.

Given the quest for flexible deployment offered by systems hosting integrated heterogeneous elements, the physical coherency connections are in place which creates an unexplored hardware threat model. Therefore, the responsibility falls on the software layers to configure and manage these resources effectively. However, the current mechanisms have not been exposed to  for achieving systematic coherence with tightly integrated PEs such as black boxes designed by third parties.

Motivated by this challenge and multi-vendor trend in modern fabrication, this talk takes the initial steps to study and theorize coherence-based attacks achieved through pragmatic implementation to lay the foundation for the study of counter-measures and emphasize their importance. By introducing a "Coherent Trojan" mimicking the behavior of a cache, we demonstrate how it can practically compromise the CIA triad - Confidentiality, Integrity, and Availability. We will conclude the presentation by examining how a malicious module instantiated in the coherent FPGA, can tamper the execution of a safety-critical task.

Bio: Shahin Roozkhosh is a PhD candidate at Boston University (BU), having joined in 2018 under the supervision of Prof. Renato Mancuso. He obtained his master's degree while pursuing his PhD. Shahin's research focuses on real-time and embedded systems, with a particular interest in hardware and software co-design on multi-core and partially reconfigurable embedded system-on-chip (SoC) platforms.

His work includes practical applications and innovative approaches using on-chip FPGAs, such as coherence-aided routing, spatio-temporal partitioning, cache-bleaching, and on-the-fly tensor acceleration using programmable logic. The latter initiative began during his collaboration with Red Hat, focusing on the development of a relational-memory engine.

Shahin is committed to both academic and practical applications of his work, aiming for real-world impact through his research endeavors.