Location via proxy:   [ UP ]  
[Report a bug]   [Manage cookies]                
Skip to main content
SpringerLink
Log in

A Systematic Literature Review on Vulnerabilities, Mitigation Techniques, and Attacks in Field-Programmable Gate Arrays

  • Review Article--Computer Engineering and Computer Science
  • Published:
Arabian Journal for Science and Engineering Aims and scope Submit manuscript

Abstract

This paper presents a systematic literature review (SLR) of the vulnerabilities of field-programmable gate arrays (FPGAs), based on 51 carefully selected articles from a pool of 271 unique publications sourced from various databases, including IEEE, ACM, and SpringerLink, covering the period from January 2012 to September 2022. The study identifies 22 distinct vulnerabilities and examines 27 types of attacks that exploit these vulnerabilities. We provide detailed descriptions of each vulnerability, including associated threat models, and review various mitigation techniques while highlighting the application of machine learning (ML) in both detection and defense whenever applicable. The significance of this work stems from its focus on a vulnerability-centric approach, where mitigation strategies directly target vulnerabilities rather than simply countering attacks. This approach highlights the critical role of safeguarding bitstream access, which can prevent a broad spectrum of attacks. Additionally, the study notes the absence of common vulnerabilities and exposures (CVE) datasets for the selected period, suggesting a gap in the documentation of FPGA-related vulnerabilities. The findings of this review have important implications for mitigating economic and security risks in FPGA applications, and we suggest potential future research directions, including further integration of ML techniques to enhance FPGA security.

This is a preview of subscription content, log in via an institution to check access.

Access this article

Log in via an institution

Subscribe and save

Springer+ Basic
$34.99 /Month
  • Get 10 units per month
  • Download Article/Chapter or eBook
  • 1 Unit = 1 Article or 1 Chapter
  • Cancel anytime
Subscribe now

Buy Now

Price excludes VAT (USA)
Tax calculation will be finalised during checkout.

Instant access to the full article PDF.

Institutional subscriptions

Fig. 1
Fig. 2
Fig. 3
Fig. 4
Fig. 5
Fig. 6
Fig. 7

Similar content being viewed by others

Explore related subjects

Discover the latest articles, news and stories from top researchers in related subjects.

References

  1. Coughlin, A.; Cusack, G.; Wampler, J.; Keller, E.; Wustrow, E.: Breaking the trust dependence on third party processes for reconfigurable secure hardware. In: Proceedings of the 2019 ACM/SIGDA International symposium on field-programmable gate arrays. FPGA ’19, pp. 282–291. Association for Computing Machinery, New York, NY, USA (2019). https://doi.org/10.1145/3289602.3293895 Accessed 2022-09-29

  2. Fu, H.; Gan, L.; Clapp, R.G.; Ruan, H.; Pell, O.; Mencer, O.; Flynn, M.; Huang, X.; Yang, G.: Scaling reverse time migration performance through reconfigurable dataflow engines. IEEE Micro 34(1), 30–40 (2013)

    Article  Google Scholar 

  3. Huang, Z.; Wang, Q.: Enhancing architecture-level security of SoC designs via the distributed security IPs deployment methodology. J. Info. Sci. Eng. 36(2), 387–421 (2020)

    Google Scholar 

  4. Neshatpour, K.; Makrani, H.M.; Sasan, A.; Ghasemzadeh, H.; Rafatirad, S.; Homayoun, H.: Design space exploration for hardware acceleration of machine learning applications in MapReduce. In: 2018 IEEE 26th Annual international symposium on field-programmable custom computing machines (FCCM), pp. 221–221 (2018). IEEE

  5. Malik, A.; Ullah, A.; Zahir, A.; Qamar, A.; Khattak, S.; Reviriego, P.: Isolation design flow effectiveness evaluation methodology for Zynq SoCs. Electronics 9, 814 (2020). https://doi.org/10.3390/electronics9050814

    Article  Google Scholar 

  6. Geier, M.; Faller, D.; Brändle, M.; Chakraborty, S.: Cost-effective energy monitoring of a Zynq-based real-time system including dual gigabit ethernet. In: 2019 IEEE 27th Annual international symposium on field-programmable custom computing machines (FCCM), pp. 327–327 (2019). https://doi.org/10.1109/FCCM.2019.00068

  7. Jarrah, A.; Amri, S.: Optimized FPGA-based implementation of brain tumor detection by combining \(k\)-means and Grey Wolf optimization algorithms. Traitement Du Signal 39, 1879–1891 (2022). https://doi.org/10.18280/ts.390601

    Article  Google Scholar 

  8. Fujii, N.; Koike, N.: IoT Remote group experiments in the cyber laboratory: a FPGA-based remote laboratory in the hybrid cloud. In: 2017 International conference on cyberworlds (CW), pp. 162–165 (2017). IEEE

  9. Asadi, H.; Tahoori, M.B.: Analytical techniques for soft error rate modeling and mitigation of FPGA-based designs. IEEE Trans. Very Large Scale Integr. (VLSI) Syst. 15(12), 1320–1331 (2007)

    Article  Google Scholar 

  10. Tajik, S.; Lohrke, H.; Seifert, J.-P.; Boit, C.: On the power of optical contactless probing: attacking bitstream encryption of FPGAs. In: Proceedings of the 2017 ACM SIGSAC conference on computer and communications security. CCS ’17, pp. 1661–1674. Association for Computing Machinery, New York, NY, USA (2017). https://doi.org/10.1145/3133956.3134039

  11. She, X.; Li, N.: Reducing critical configuration bits via partial TMR for SEU mitigation in FPGAs. IEEE Trans. Nuclear Sci. 64(10), 2626–2632 (2017)

    Article  Google Scholar 

  12. Gnad, D.R.E.; Oboril, F.; Tahoori, M.B.: Voltage drop-based fault attacks on FPGAs using valid bitstreams. In: 2017 27th International conference on field programmable logic and applications (FPL), pp. 1–7 (2017). https://doi.org/10.23919/FPL.2017.8056840

  13. Rakin, A.S.; Luo, Y.; Xu, X.; Fan, D.: Deep-dup: an adversarial weight duplication attack framework to crush deep neural network in multi-tenant FPGA. In: 30th USENIX security symposium (2021)

  14. Luo, Y.; Gongye, C.; Ren, S.; Fei, Y.; Xu, X.: Stealthy-shutdown: practical remote power attacks in multi-tenant FPGAs. In: 2020 IEEE 38th International conference on computer design (ICCD), pp. 545–552. IEEE, Hartford, CT, USA (2020). https://doi.org/10.1109/ICCD50377.2020.00097

  15. Luo, Y.; Xu, X.: A Quantitative defense framework against power attacks on multi-tenant FPGA. In: Proceedings of the 39th International conference on computer-aided design, pp. 1–9 (2020)

  16. Duan, S.; Wang, W.; Luo, Y.; Xu, X.: A Survey of recent attacks and mitigation on FPGA systems. In: 2021 IEEE Computer society annual symposium on VLSI (ISVLSI), pp. 284–289 (2021). IEEE

  17. Lohrke, H.; Tajik, S.; Boit, C.; Seifert, J.-P.: No place to hide: contactless probing of secret data on FPGAs. In: Cryptographic hardware and embedded systems —CHES 2016: 18th International Conference 2016, pp. 147–167. Springer, Berlin, Heidelberg (2016)

  18. Sari, A.; Psarakis, M.: Scrubbing-aware placement for reliable FPGA systems. IEEE Trans. Emerg. Topics Comput. 8(3), 564–576 (2017)

    Article  Google Scholar 

  19. Wei, H.; Yueke, W.; Kefei, X.; Wei, D.: Single event effect vulnerability analysis and on-orbit error rate prediction. In: 2016 IEEE International conference on signal and image processing (ICSIP), pp. 471–477. IEEE, New York (2016).https://doi.org/10.1109/SIPROCESS.2016.7888307

  20. Hinderks, A.; Mayo, F.J.D.; Thomaschewski, J.; Escalona, M.J.: An SLR-tool: search process in practice: a tool to conduct and manage systematic literature review (SLR). In: Proceedings of the ACM/IEEE 42nd international conference on software engineering: companion proceedings, pp. 81–84 (2020)

  21. Zhang, J.; Qu, G.: Recent attacks and defenses on FPGA-based systems. ACM Trans. Reconfig. Technol. Syst. (TRETS) 12(3), 1–24 (2019)

    Article  MathSciNet  Google Scholar 

  22. Mahmoud, D.G.; Lenders, V.; Stojilović, M.: Electrical-level attacks on CPUs, FPGAs, and GPUs: survey and implications in the heterogeneous era. ACM Comput. Surv. (CSUR) 55(3), 1–40 (2022)

    Article  Google Scholar 

  23. Venn, M.: Subject guides: systematic reviews for health: 1. Formulate the research question. Accessed: Nov 2022 (2022). https://utas.libguides.com/SystematicReviews/FormulateQuestion

  24. Xu, X.; Zhang, J.: Rethinking FPGA security in the new era of artificial intelligence. In: 2020 21st International symposium on quality electronic design (ISQED), pp. 46–51 (2020). IEEE

  25. He, W.; Torre, E.; Riesgo, T.: A precharge-absorbed DPL logic for reducing early propagation effects on FPGA implementations. In: 2011 International conference on reconfigurable computing and FPGAs, pp. 217–222 (2011). IEEE

  26. Jacobs, A.; Cieslewski, G.; George, A.D.: Overhead and reliability analysis of algorithm-based fault tolerance in FPGA systems. In: 22nd International conference on field programmable logic and applications (FPL), pp. 300–306 (2012). IEEE

  27. Zick, K.M.; Srivastav, M.; Zhang, W.; French, M.: Sensing nanosecond-scale voltage attacks and natural transients in FPGAs. In: Proceedings of the ACM/SIGDA international symposium on field programmable gate arrays. FPGA ’13, pp. 101–104. ACM, New York, NY, USA (2013). https://doi.org/10.1145/2435264.2435283

  28. Hoang, A.-T.; Fujino, T.: Intra-masking dual-rail memory on LUT implementation for SCA-resistant AES on FPGA. ACM Trans. Reconfig. Technol. Syst. 7(2), 10–11019 (2014). https://doi.org/10.1145/2617595

    Article  Google Scholar 

  29. Duncan, A.; Rahman, F.; Lukefahr, A.; Farahmandi, F.; Tehranipoor, M.: FPGA bitstream security: a day in the life. In: 2019 IEEE International test conference (ITC), pp. 1–10 (2019). IEEE

  30. Zhao, M.; Suh, G.E.: FPGA-based remote power side-channel attacks. In: 2018 IEEE symposium on security and privacy (SP), pp. 229–244 (2018). IEEE

  31. Zhang, Z.; Njilla, L.; Kamhoua, C.A.; Yu, Q.: Thwarting security threats from malicious FPGA tools with novel FPGA oriented moving target defense. IEEE Trans. Very Large Scale Integr. Syst. (VLSI) 27, 665–678 (2018)

    Article  Google Scholar 

  32. Ender, M.; Moradi, A.; Paar, C.: The unpatchable silicon: a full break of the bitstream encryption of Xilinx 7-Series FPGAs, pp. 1803–1819 (2020). https://www.usenix.org/conference/usenixsecurity20/presentation/ender Accessed Oct 2022

  33. Hoque, T.; Yang, K.; Karam, R.; Tajik, S.; Forte, D.; Tehranipoor, M.; Bhunia, S.: Hidden in plaintext: an obfuscation-based countermeasure against FPGA bitstream tampering attacks. ACM Trans. Design Autom. Electron. Syst. (TODAES) 25(1), 1–32 (2019)

    Google Scholar 

  34. Huang, Z.; Wang, Q.: MSIPS: Multi-tiered security IPs architecture for secure SoC design. In: 2017 International conference on networking and network applications (NaNA), pp. 203–208 (2017). https://doi.org/10.1109/NaNA.2017.43

  35. Zhang, J.; Lin, Y.; Qu, G.: Reconfigurable binding against FPGA replay attacks. ACM Trans. Design Autom. Electron. Syst. (TODAES) 20(2), 1–20 (2015)

    Article  Google Scholar 

  36. Mal-Sarkar, S.; Krishna, A.; Ghosh, A.; Bhunia, S.: Hardware Trojan attacks in FPGA devices: threat analysis and effective counter measures. In: Proceedings of the 24th edition of the Great Lakes symposium on VLSI, pp. 287–292 (2014)

  37. Zhang, J.-L.; Wang, W.-Z.; Wang, X.-W.; Xia, Z.-H.: Enhancing security of FPGA-based embedded systems with combinational logic binding. J. Comput. Sci. Technol 32(2), 329–339 (2017). https://doi.org/10.1007/s11390-017-1700-8

    Article  MathSciNet  Google Scholar 

  38. ZamanZadeh, S.; Shahabi, S.; Jahanian, A.: Security improvement of FPGA configuration file against the reverse engineering attack. In: 2016 13th International Iranian society of cryptology conference on information security and cryptology (ISCISC), pp. 101–105 (2016). IEEE

  39. Kroeger, T.; Cheng, W.; Danger, J.-L.; Guilley, S.; Karimi, N.: Cross-PUF attacks: targeting FPGA implementation of arbiter-PUFs. J. Electron. Test. 38(3), 261–277 (2022)

    Article  Google Scholar 

  40. Dombrowski, J.; Andel, T.R.; McDonald, J.T.: The application of moving target defense to field programmable gate arrays. In: Proceedings of the 11th Annual cyber and information security research conference, pp. 1–4 (2016)

  41. Olney, B.; Karam, R.: Tunable FPGA bitstream obfuscation with Boolean satisfiability attack countermeasure. ACM Trans. Design Autom. Electron. Syst. (TODAES) 25(2), 1–22 (2020)

    Article  Google Scholar 

  42. Zahid, K.: The detection of malicious modifications in the FPGA. J. Electron. Test. 38(3), 247–260 (2022)

    Article  Google Scholar 

  43. Mahmud, S.; Olney, B.; Karam, R.: Architectural diversity: bio-inspired hardware security for FPGAs. In: 2018 IEEE 3rd International verification and security workshop (IVSW), pp. 48–51 (2018). IEEE

  44. Sozio, C.; Jordan, Z.; Skipper, G.; Lukefahr, A.; Duncan, A.: Patchable hardware security module (PHaSM) for extending FPGA root-of-trust capabilities. In: 2021 IEEE physical assurance and inspection of electronics (PAINE), pp. 1–8 (2021). IEEE

  45. Sun, P.; Cui, A.: A new pay-per-use scheme for the protection of FPGA IP. In: 2019 IEEE International symposium on circuits and systems (ISCAS), pp. 1–5 (2019). IEEE

  46. Wang, Z.; Chen, W.; Yao, Z.; Zhang, F.; Luo, Y.; Tang, X.; Guo, X.; Ding, L.; Peng, C.: Proton-induced single-event effects on 28 nm Kintex-7 FPGA. Microelectron. Reliabil. 107, 113594 (2020)

    Article  Google Scholar 

  47. Zhang, J.; Lin, Y.; Lyu, Y.; Qu, G.: A PUF-FSM binding scheme for FPGA IP protection and pay-per-device licensing. IEEE Trans. Info. Forensics Secur. 10(6), 1137–1150 (2015)

    Article  Google Scholar 

  48. Spenke, A.; Breithaupt, R.; Plaga, R.: An arbiter PUF secured by remote random reconfigurations of an FPGA. In: Trust and trustworthy computing: 9th international conference, TRUST 2016, Vienna, Austria, August 29-30, 2016, Proceedings 9, pp. 140–158 (2016). Springer

  49. Zhang, J.; Wu, Q.; Lyu, Y.; Zhou, Q.; Cai, Y.; Lin, Y.; Qu, G.: Design and implementation of a delay-based PUF for FPGA IP protection. In: 2013 international conference on computer-aided design and computer graphics, pp. 107–114 (2013). IEEE

  50. Barbareschi, M.; Bagnasco, P.: Implementation of a reliable mechanism for protecting IP cores on low-end FPGA devices. Int. J. Embed. Syst. 9(4), 337–352 (2017)

    Article  Google Scholar 

  51. Duncan, A.; Skipper, G.; Stern, A.; Nahiyan, A.; Rahman, F.; Lukefahr, A.; Tehranipoor, M.; Swany, M.: FLATS: filling logic and testing spatially for FPGA authentication and tamper detection. In: 2019 IEEE international symposium on hardware oriented security and trust (HOST), pp. 81–90 (2019). IEEE

  52. Labafniya, M.; Saeidi, R.: Secure FPGA design by filling unused spaces. ISeCure 11(1), 47–55 (2019)

    Google Scholar 

  53. Khaleghi, B.; Ahari, A.; Asadi, H.; Bayat-Sarmadi, S.: FPGA-based protection scheme against hardware Trojan horse insertion using dummy logic. IEEE Embed. Syst. Lett. 7(2), 46–50 (2015)

    Article  Google Scholar 

  54. Ye, M.; Feng, X.; Wei, S.: HISA: Hardware isolation-based secure architecture for CPU-FPGA embedded systems. In: 2018 IEEE/ACM international conference on computer-aided design (ICCAD), pp. 1–8 (2018). ACM

  55. Sayeeshwari, S.; Prabhu, E.: A simple countermeasure to mitigate buffer overflow attack using minimalistic hardware-integrated software simulation for FPGA. In: 2022 IEEE international conference on electronics, computing and communication technologies (CONECCT), pp. 1–4 (2022). IEEE

  56. Weissman, Z.; Tiemann, T.; Moghimi, D.; Custodio, E.; Eisenbarth, T.; Sunar, B.: JackHammer: efficient Rowhammer on heterogeneous FPGA-CPU platforms. IACR Trans. Cryptogr. Hardw. Embed. Syst. (2020). https://doi.org/10.13154/tches.v2020.i3.169-195

    Article  Google Scholar 

  57. Giechaskiel, I.; Szefer, J.: Information leakage from FPGA routing and logic elements. In: Proceedings of the 39th international conference on computer-aided design, pp. 1–9 (2020)

  58. Zamanzadeh, S.; Jahanian, A.: Scalable security path methodology: a cost-security trade-off to protect FPGA IPs against active and passive tampers. In: 2017 Asian hardware oriented security and trust symposium (AsianHOST), pp. 85–90 (2017). IEEE

  59. Vliegen, J.; Mentens, N.; Verbauwhede, I.: Secure, remote, dynamic reconfiguration of FPGAs. ACM Trans. Reconfig. Technol. Syst. 7(4), 1–19 (2015). https://doi.org/10.1145/2629423

    Article  Google Scholar 

  60. Yao, Y.; Kiaei, P.; Singh, R.; Tajik, S.; Schaumont, P.: Programmable Ro (Pro): a multipurpose countermeasure against side-channel and fault injection attack. (2021) arXiv:2106.13784

  61. Schultz, T.; Jha, R.; Casto, M.; Dupaix, B.: Vulnerabilities and reliability of ReRAM based PUFs and memory logic. IEEE Trans. Reliabil. 69(2), 690–698 (2019)

    Article  Google Scholar 

  62. Nannipieri, P.; Di Matteo, S.; Baldanzi, L.; Crocetti, L.; Belli, J.; Fanucci, L.; Saponara, S.: True random number generator based on Fibonacci-Galois ring oscillators for FPGA. Appl. Sci. 11(8), 3330 (2021)

    Article  Google Scholar 

  63. Zhang, F.; Wang, Z.; Shen, H.; Yang, B.; Wu, Q.; Ren, K.: DARPT: defense against remote physical attack based on TDC in multi-tenant scenario. In: Proceedings of the 59th ACM/IEEE design automation conference, pp. 559–564 (2022)

  64. Staub, D.; Jha, R.; Kapp, D.: A CRISPR-Cas-inspired mechanism for detecting hardware Trojans in FPGA devices. (2020) https://doi.org/10.48550/arXiv.2005.07332

  65. Proulx, A.; Chouinard, J.-Y.; Fortier, P.; Miled, A.: A survey on FPGA cybersecurity design strategies. ACM Trans. Reconfig. Technol. Syst. (2022). https://doi.org/10.1145/3561515

    Article  Google Scholar 

  66. Agrawal, R.; Castro, L.; Yang, G.; Juvekar, C.; Yazicigil, R.; Chandrakasan, A.; Vaikuntanathan, V.; Joshi, A.: FAB: An FPGA-based accelerator for bootstrappable fully homomorphic encryption. In: 2023 IEEE International symposium on high-performance computer architecture (HPCA), pp. 882–895 (2023). IEEE

  67. Di Matteo, S.; Gerfo, M.L.; Saponara, S.: VLSI design and FPGA implementation of an NTT hardware accelerator for homomorphic seal-embedded library. IEEE Access 11, 72498–72508 (2023)

    Article  Google Scholar 

  68. Ch, M.L.; Raj, A.B.; Abhikshit, L.: Design and implementation of a secure physical unclonable function in FPGA. In: 2020 Second international conference on inventive research in computing applications (ICIRCA), pp. 1083–1089 (2020). IEEE

Download references

Acknowledgements

This work was supported by the Interdisciplinary Research Center for Intelligent Secure Systems at King Fahd University of Petroleum & Minerals under Grant INSS2310. All co-authors contributed equally to this work.

Author information

Authors and Affiliations

  1. Computer Engineering Department, King Fahd University of Petroleum & Minerals, 31261, Dhahran, Saudi Arabia

    Ali Alsuwaiyan, Aliyu Abubakar Habib, Ali Bello Imoukhuede, Mohamed Osman Omar, Aiman El-Maleh, Abdulaziz Tabbakh & Muhamad Felemban

  2. Interdisciplinary Research Center for Intelligent Secure Systems, King Fahd University of Petroleum & Minerals, 31261, Dhahran, Saudi Arabia

    Ali Alsuwaiyan, Aiman El-Maleh, Abdulaziz Tabbakh & Muhamad Felemban

  3. Software Engineering Department, Ontario Tech University, 2000 Simcoe St N, Oshawa, ON, L1G 0C5, Canada

    Md Al Maruf, Mansour Alqarni & Akramul Azim

Authors
  1. Ali Alsuwaiyan
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Aliyu Abubakar Habib
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Ali Bello Imoukhuede
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Mohamed Osman Omar
    View author publications

    You can also search for this author in PubMed Google Scholar

  5. Md Al Maruf
    View author publications

    You can also search for this author in PubMed Google Scholar

  6. Mansour Alqarni
    View author publications

    You can also search for this author in PubMed Google Scholar

  7. Aiman El-Maleh
    View author publications

    You can also search for this author in PubMed Google Scholar

  8. Abdulaziz Tabbakh
    View author publications

    You can also search for this author in PubMed Google Scholar

  9. Muhamad Felemban
    View author publications

    You can also search for this author in PubMed Google Scholar

  10. Akramul Azim
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Ali Alsuwaiyan.

Bibliographic Information of the Included Papers

Bibliographic Information of the Included Papers

This section presents Table 10, which provides bibliographic details of the papers that have been included in this systematic review. The table serves as a resource, offering the list of 51 included articles that have been carefully selected and analyzed for their significance and relevance to the research topic at hand. The primary objective of this table is to help the reader identify articles that have successfully met the criteria of the quality assessment conducted as part of the review process. The References section comprehensively encompasses all pertinent references, including those that have been utilized to substantiate this review, as in the related work section.

Rights and permissions

Springer Nature or its licensor (e.g. a society or other partner) holds exclusive rights to this article under a publishing agreement with the author(s) or other rightsholder(s); author self-archiving of the accepted manuscript version of this article is solely governed by the terms of such publishing agreement and applicable law.

Reprints and permissions

About this article

Check for updates. Verify currency and authenticity via CrossMark

Cite this article

Alsuwaiyan, A., Habib, A.A., Imoukhuede, A.B. et al. A Systematic Literature Review on Vulnerabilities, Mitigation Techniques, and Attacks in Field-Programmable Gate Arrays. Arab J Sci Eng (2024). https://doi.org/10.1007/s13369-024-09562-w

Download citation

  • Received:

  • Accepted:

  • Published:

  • DOI: https://doi.org/10.1007/s13369-024-09562-w

Keywords

Search

Navigation