CN115021971A - Hardware security testing method for FPGA cloud platform - Google Patents

Hardware security testing method for FPGA cloud platform Download PDF

Info

Publication number
CN115021971A
CN115021971A CN202210505525.5A CN202210505525A CN115021971A CN 115021971 A CN115021971 A CN 115021971A CN 202210505525 A CN202210505525 A CN 202210505525A CN 115021971 A CN115021971 A CN 115021971A
Authority
CN
China
Prior art keywords
frequency
hardware
fpga
max
module
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
CN202210505525.5A
Other languages
Chinese (zh)
Other versions
CN115021971B (en
Inventor
汤涉
陈哲
王坚
李坤
郭世泽
李玉柏
李桓
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
University of Electronic Science and Technology of China
Original Assignee
University of Electronic Science and Technology of China
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by University of Electronic Science and Technology of China filed Critical University of Electronic Science and Technology of China
Priority to CN202210505525.5A priority Critical patent/CN115021971B/en
Publication of CN115021971A publication Critical patent/CN115021971A/en
Application granted granted Critical
Publication of CN115021971B publication Critical patent/CN115021971B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/14Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
    • H04L63/1433Vulnerability analysis
    • YGENERAL TAGGING OF NEW TECHNOLOGICAL DEVELOPMENTS; GENERAL TAGGING OF CROSS-SECTIONAL TECHNOLOGIES SPANNING OVER SEVERAL SECTIONS OF THE IPC; TECHNICAL SUBJECTS COVERED BY FORMER USPC CROSS-REFERENCE ART COLLECTIONS [XRACs] AND DIGESTS
    • Y02TECHNOLOGIES OR APPLICATIONS FOR MITIGATION OR ADAPTATION AGAINST CLIMATE CHANGE
    • Y02DCLIMATE CHANGE MITIGATION TECHNOLOGIES IN INFORMATION AND COMMUNICATION TECHNOLOGIES [ICT], I.E. INFORMATION AND COMMUNICATION TECHNOLOGIES AIMING AT THE REDUCTION OF THEIR OWN ENERGY USE
    • Y02D10/00Energy efficient computing, e.g. low power processors, power management or thermal management

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Hardware Design (AREA)
  • Computing Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Test And Diagnosis Of Digital Computers (AREA)
  • Tests Of Electronic Circuits (AREA)

Abstract

The invention discloses a hardware security testing method for an FPGA cloud platform, which designs a hardware frequency leak automatic testing circuit, dynamically adjusts the network resource quantity of a ring oscillator under the constraint of physical parameters such as power consumption, temperature and the like, then designs an efficient and rapid automatic frequency sweeping strategy, and dynamically adjusts the working frequency of the ring oscillator network in a certain frequency range to realize the automatic testing of the hardware security of the FPGA cloud platform under the constraint of multiple physical fields. The hardware frequency leak automatic test circuit model provided by the invention can be used for not only an FPGA cloud platform, but also other local models of FPGAs, and has portability and expansibility; the dynamic resource adjustment strategy ensures that physical parameters such as power consumption and temperature of the FPGA do not exceed a threshold value in the testing process, and in addition, the efficient and quick automatic frequency sweeping strategy ensures that the frequency leak test is carried out on the FPGA cloud platform within a limited time, so that the testing efficiency is improved.

Description

Hardware security testing method for FPGA cloud platform
Technical Field
The invention relates to the field of FPGA cloud platform hardware security, in particular to a hardware security testing method for an FPGA cloud platform.
Background
Due to the rapid expansion of the data volume in the information era, companies such as microsoft, Nimbix, amazon, ali, Tencent, Huashi and the like launch the FPGA cloud platform to meet the intensive computing requirements of customers on data, but the security of the FPGA cloud platform is facing a huge challenge. Although the FPGA cloud platform is provided with a series of safety measures to protect the safety of the cloud platform, the existing hardware bugs of the FPGA cloud platform cause serious potential safety hazards to information safety. Therefore, it is necessary to research a hardware security testing method of the FPGA cloud platform, search hardware bugs of the FPGA cloud platform, and protect information security of the cloud.
In order to protect the security of the FPGA cloud platform, researchers at foreign countries have studied hardware security testing on the FPGA cloud platform from the aspects of power consumption, side channel information and the like in recent years. In documents "practical-level attachments to hardware secure Multi-terminal FPGAs in the Cloud", j.krautter, d.r.e.gnd, and m.b.tahoor i, ACM Transactions on reconfiguration technologies and Systems, vol.12, No.3, pp.1-26,2019 and "Voltage drop-based failure attachments on FPGAs using valid bit streams", d.r.e.gna d, f.o. bridge and m.b.taho, 201727 th International reference on Field programmable logic and Applications (FPL), Ghent, Belgium, seput.7, pp.1-7, researchers have deployed FPGAs using Cloud power consuming mechanisms to make FPGAs consume a large amount of power for Cloud protection. By the method, a researcher can test the tolerable maximum power consumption of the FPGA cloud platform to determine whether the power consumption threshold value of the FPGA cloud platform system for maintaining the availability meets the requirement. In the documents "dental-of-Service on FPGA based Cloud infrastructure-adapters and feeds", T.La, K.Pham, J.Powell and D.Koch, IACR Transactions on Cr encrypted firmware and Embedded Systems, vol.2021, No.3, pp.441-464,2021, La et al also discuss using power-hammer circuit to make the FPGA of a Cloud platform consume huge energy, and further to test the sensitivity of security Defense of the FPGA Cloud platform. In documents "imported Tutorial FPGA Hardware Security for Data centers and Beyond", K.Matas, T.La, N.Grunchevski, K.Pham, and D.Koch, proceedings of the 2020ACM/SIGDA International Symposium on Field Programmable Gate Arrays, New York, NY, USA, Feb.2020, pp.11-20, authors introduced a glitch generator as a malicious circuit to consume excessive energy to test whether the Security protection mechanism of FPGA cloud platform Data centers is in effect. Through experimentation, the security protection mechanism can indeed take effect and make data access impossible for anyone. In documents "removed power analysis anchors on FPGAs", f.schellenberg, d.r.e.gnad, a.moradi and m.b.tahoori, 2018Design, Automation & Test in Europe Conference & exception (date),2018, pp.1111-1116, authors found that when a process becomes active in different areas of a multi-tenant FPGA, it interferes with the power distribution network, affecting the normal circuitry in other areas of the FPGA, which affects the stability of the FPGA cloud platform. Then, the author uses a time-to-digital converter to collect the change of the delay value, creates a mapping between the power track and the delay value, and detects whether the FPGA cloud platform is in a safe and stable working state through the information change of the power side channel.
In summary, for analysis and summary of the hardware security testing method of the FPGA cloud platform, most hardware security testing methods increase power consumption until a security threshold is exceeded, so as to trigger a system security mechanism to test the sensitivity and availability of existing security measures of the FPGA cloud platform. However, the testing method cannot find hardware security holes of the FPGA cloud platform in the aspects of physical parameters such as resources and frequency. The hardware security detection method based on the power side channel is based on the premise that the FPGA cloud platform supports multiple tenants, and has no practical application value under the condition that the current multi-tenant is not supported.
The invention provides a hardware security testing method for an FPGA cloud platform aiming at hardware security holes of a cloud FPGA, and provides application of the hardware security testing method in engineering practice. The method can dynamically adjust hardware test circuit resources and working frequency under multi-dimensional physical constraints such as power consumption and temperature, and can quickly find out hardware frequency loopholes of the FPGA cloud platform.
Disclosure of Invention
The invention provides a hardware safety testing method for an FPGA (field programmable gate array) cloud platform, and aims to design a hardware frequency leak automatic testing circuit, dynamically adjust the network resource quantity of a ring oscillator under the constraint of physical parameters such as power consumption, temperature and the like, then design an efficient and rapid automatic frequency sweeping strategy, and realize the automatic testing of the hardware safety of the FPGA cloud platform under the constraint of multiple physical fields by dynamically adjusting the working frequency of the ring oscillator network within a certain frequency range.
The invention provides a hardware security testing method for an FPGA cloud platform, which specifically comprises the following steps:
s1) design hardware frequency leak automatic test circuit structure
Designing a hardware frequency leak automatic test circuit, wherein the automatic test circuit consists of a normal circuit module, a frequency sweep module, a virtual LED module and a ring oscillator network module;
the normal circuit module is one of indications for judging whether the FPGA crashes, if a hardware frequency bug is found in the process of frequency bug safety test, the normal circuit generates an error, and the host interface feeds back abnormal information;
the virtual LED module can display the digital frequency generated by the frequency sweeping module in real time and is used for recording the hardware frequency loophole of the FPGA cloud platform;
the frequency sweep module is an execution module of an efficient and rapid automatic frequency sweep strategy, and can output digital frequency according to the frequency sweep strategy so as to control the ring oscillator network to carry out hardware safety test work; the frequency sweep module consists of a frequency digital controller, a timer and a digital frequency generation circuit, wherein the frequency digital controller and the timer generate different frequency control words M in different time periods according to a frequency sweep strategy, and the digital frequency generation circuit generates corresponding digital frequency f by using the frequency control words M out
The digital frequency generating circuit is the main module for generating digital frequency, and the reference clock F used by the circuit max As an FPGA cloudIn the high-frequency clock provided by the platform, a phase accumulator has N bits, and after the N bits are added with a frequency control word M, a current phase value is updated once in each reference clock period and is sent to a digital frequency mapping lookup table; when the phase accumulator is full, an overflow is generated to complete a periodic action, the period is a frequency period of the output signal, and the overflow frequency of the phase accumulator is the frequency of the output signal;
the phase accumulator converts the high N in the current N-phase value 1 The bit is used as address and sent into digital frequency mapping lookup table, in which 0 or 1 level is stored, and the output digital frequency
Figure BDA0003635794160000031
When frequency control word M is 2 N -1 The desired maximum output frequency of the digital frequency generation circuit is
Figure BDA0003635794160000032
When the frequency control word M is equal to 1, the minimum frequency resolution of the digital frequency generation circuit is obtained to be
Figure BDA0003635794160000033
The ring oscillator network module consists of N max A ring oscillator composition N max Is an integer greater than 1, and plays an important role in hardware security testing. All N max Each ring oscillator is connected with an Enable port, and when the logic level of the Enable port is 0, the ring oscillator network is closed; when the logic level of the Enable port is 1, the ring oscillator network can carry out self-oscillation; enable port and digital frequency signal f out And the ring oscillator network can work under different frequencies by the mode, so that the frequency loophole of the FPGA cloud platform hardware can be tested.
The total consumed power of the whole hardware frequency leak automatic test circuit is P total It consists of three parts: fixed power P consumed by chip after cloud FPGA is powered on 0 (ii) a Power consumed by fixed circuit moduleP 1 The fixed circuit module comprises a normal circuit module, a sweep frequency module and a virtual LED module; and power P consumed by the ring oscillator network module 2 Operating frequency f of ring oscillator network out And the number of resources N max And (4) correlating.
S2) designing dynamic resource adjustment strategy
Considering the highest power consumption P that can be tolerated in FPGA max And maximum on-chip temperature T max Under the constraint of (3), testing the frequency loophole hidden by FPGA hardware, wherein in the testing process, the power consumption and the on-chip temperature of the FPGA are mainly influenced by the network working frequency f of the ring oscillator out And the number of resources N max In order to determine the maximum number of resources N of the ring oscillator network max So that the FPGA power consumption and the on-chip temperature do not exceed the threshold value P respectively in the test process max And T max And simultaneously, the test is more effective, a dynamic resource adjustment strategy based on power consumption and on-chip temperature constraint is provided, a chip with the same model as that of a cloud FPGA chip is selected through local simulation, the hardware frequency leak automatic test circuit designed in the step S1) is deployed on the FPGA, and a fixed ring oscillator network working frequency f is selected out Then, dynamic resource iteration is performed to find the maximum number N of ring oscillators max
S3) designing efficient and rapid automatic frequency sweeping strategy
Designing an efficient and rapid automatic frequency sweeping strategy, and enabling a hardware frequency loophole automatic testing circuit to rapidly test whether frequency loopholes exist in hardware of an FPGA cloud platform within T' time under multi-dimensional physical constraints including power consumption and temperature;
the high-efficiency and quick automatic frequency sweeping strategy is executed by the frequency sweeping module, and the frequency sweeping module can generate various digital frequencies f out
Figure BDA0003635794160000041
Figure BDA0003635794160000042
Hardware implementation with control of ring oscillator networkThe frequency leak frequency sweep test works, the frequency sweep test is carried out in multiple rounds, the frequency interval is smaller and smaller as the number of frequency sweep rounds is increased, and the time for carrying out the hardware frequency leak test on each frequency is shorter.
The invention designs a dynamic resource adjustment strategy and an efficient and rapid automatic frequency sweeping strategy by providing a hardware frequency loophole automatic test circuit. The invention is a remote hardware security test method for an FPGA cloud platform, and a hardware frequency leak test method for an FPGA cloud is not proposed by other researchers, wherein the hardware frequency leak automatic test circuit model is firstly designed and proposed in the invention, and the circuit model not only can be used for the FPGA cloud platform, but also can be applied to FPGAs of other local models, and has portability and expansibility; the dynamic resource adjustment strategy provided by the invention can ensure that physical parameters such as power consumption, temperature and the like of the FPGA do not exceed a threshold value in the test process of the test circuit, so as to prevent the test process from being blocked by safety measures of the FPGA cloud platform. The efficient and rapid automatic frequency sweeping strategy can ensure that the frequency leak test is carried out on the FPGA cloud platform within the limited time T', and compared with a one-by-one frequency testing method, the testing efficiency can be effectively improved.
Drawings
FIG. 1 is a flow chart of a hardware security testing method for an FPGA cloud platform according to the present invention;
FIG. 2 is a diagram of a circuit for automatically testing hardware frequency loopholes according to the present invention;
FIG. 3 is the internal structure diagram of the sweep frequency module of the present invention
FIG. 4 is a block diagram of a digital frequency generation circuit of the present invention;
fig. 5 is a schematic diagram of an abnormal information feedback result according to an embodiment of the present invention.
Detailed Description
The embodiments of the present invention will be described in more detail below with reference to the accompanying drawings and reference numerals, so that those skilled in the art can implement the embodiments after studying the description. It should be understood that the embodiments described in this example are only for illustrating the present invention and are not to be construed as limiting the present invention.
The invention mainly designs a hardware frequency loophole automatic test circuit, determines the maximum deployment resource of a ring oscillator network by using a dynamic resource adjustment strategy under the constraint of physical parameters such as power consumption, temperature and the like, designs an efficient and rapid automatic frequency sweeping strategy, realizes the automatic test of the hardware safety of an FPGA cloud platform under the constraint of multiple physical fields by dynamically adjusting the working frequency of the ring oscillator network, and has the flow of a hardware safety test method for the FPGA cloud platform as shown in figure 1.
The hardware safety testing method for the FPGA cloud platform comprises the following specific steps:
s1) design hardware frequency leak automatic test circuit structure
The invention designs a hardware frequency leak automatic test circuit, which has a structure shown in figure 2 and consists of a normal circuit module, a frequency sweep module, a virtual LED module and a ring oscillator network module.
(1) The normal circuit module is one of the indications for judging whether the FPGA crashes. If the hardware frequency leak is found in the process of frequency leak safety test, the normal circuit generates errors, and the host interface feeds back abnormal information.
(2) The virtual LED module can display the digital frequency generated by the frequency sweeping module in real time and is used for recording the hardware frequency loophole of the FPGA cloud platform.
(3) The frequency sweep module is an execution module of an automatic frequency sweep strategy with high efficiency and high speed. The method can output digital frequency according to a frequency sweeping strategy so as to control a ring oscillator network to carry out hardware safety test work. The internal structure of the frequency sweep module is shown in fig. 3, and is composed of a frequency digital controller, a timer and a digital frequency generation circuit. The frequency word controller and the timer generate different frequency control words M in different time periods according to the frequency sweep strategy, and the digital frequency generation circuit generates corresponding digital frequencies f by using the frequency control words M out
The digital frequency generating circuit is a main module for generating digital frequency, and the internal structure thereof is shown in fig. 4.
Wherein, the reference clock F max The high-frequency clock is provided for the FPGA cloud platform. The phase accumulator is N bits (N can be 32 bits in engineering)Specifically, determined by hardware resources), and a new phase value is updated once per reference clock cycle and sent to the digital frequency mapping look-up table after being added to the frequency control word M. When the phase accumulator is full, an overflow occurs to complete a periodic operation, where the period is a frequency period of the output signal, and the overflow frequency of the phase accumulator is the frequency of the output signal.
The phase accumulator converts the new N-phase value to a high N 1 The bits are sent as addresses into a digital frequency mapping look-up table. The digital frequency mapping lookup table stores 0 or 1 level, and the output digital frequency
Figure BDA0003635794160000051
When the frequency control word M is 2 N -1 The desired maximum output frequency of the digital frequency generation circuit is
Figure BDA0003635794160000052
When the frequency control word M is 1, the minimum frequency resolution of the digital frequency generation circuit is obtained as
Figure BDA0003635794160000053
(4) The ring oscillator network module consists of N max (N max Is an integer larger than 1, and the specific value is determined by a subsequent dynamic resource adjustment strategy) ring oscillators, which play an important role in hardware security testing. All N max The ring oscillators are connected with an Enable port (see figure 2), and when the logic level of the Enable port is 0, the ring oscillator network is closed; when the logic level of the Enable port is 1, the ring oscillator network can carry out self oscillation. Enable signal port and digital frequency signal f out And the ring oscillator network can work under different frequencies by the mode, so that the test of the frequency loophole of the FPGA cloud platform hardware is realized.
The total consumed power of the whole hardware frequency leak automatic test circuit is P total It consists of three parts: fixed work consumed by chip after cloud FPGA (field programmable Gate array) is powered onRate P 0 (ii) a Power P consumed by fixed circuit module 1 The fixed circuit module comprises a normal circuit module, a sweep frequency module and a virtual LED module; power consumed by ring oscillator network module P 2 (f out ,N max ) Operating frequency f of ring oscillator network out And the number of resources N max And (4) correlating.
S2) design dynamic resource adjustment strategy
The invention considers the highest power consumption P which can be tolerated by FPGA max And maximum on-chip temperature T max The frequency loophole hidden by the FPGA hardware is tested under the constraint of (1). In the test process, the power consumption and the on-chip temperature of the FPGA are mainly influenced by the network working frequency f of the ring oscillator out And the number of resources N max The influence of (c). Number of resources N max Too high can cause the power consumption of the FPGA chip or the on-chip temperature to exceed the threshold value in the test process; if the resources are too low, the hardware bug of the FPGA cannot be found in the testing process.
For determining the maximum number of resources N of a ring oscillator network max So that the power consumption of the FPGA and the temperature on the chip do not exceed the threshold value P respectively in the test process max And T max And meanwhile, the test is more effective, and the invention provides a dynamic resource adjustment strategy based on power consumption and on-chip temperature constraint. Selecting a chip with the same model as a cloud FPGA chip through local simulation, deploying a hardware frequency leak automatic test circuit shown in figure 2 on an FP GA, and selecting a fixed ring oscillator network working frequency f out (see S21) and then performing dynamic resource iteration to find the maximum number of ring oscillators N max . Dynamic resource adjustment strategy for determining maximum resource quantity N of ring oscillator network max The main steps are as follows:
s21) initializing the ring oscillator network module (the Enable end signal frequency of the ring oscillator network module is f out Enable terminal connected to each ring oscillator for controlling operation of the ring oscillator) is provided out =F max The number of resource deployment is N ro The initial resource adjustment step λ is equal to N ro /2, initial simulated Power consumption P total (0) 0, the initial on-chip temperature T (0) ═ 0, the current simulation time i equals 1, ∈ 1W, and δ equals 1 ℃ (∈, δ are two constants for determining convergence of the algorithm, see S25 in detail), and then jump to S22);
s22) obtaining power consumption P through the ith simulation test total (i) And the on-chip temperature T (i), and then jumping to S23);
s23) when P total (i)≥P max Or T (i) ≧ T max When so, go to S24); otherwise, go to S25);
s24) adjusting step length lambda 'to lambda/2, and resetting the number of ring oscillators to be N' ro =N ro λ', let i ═ i +1, and then jump to S22).
S25) when | P total (i)-P total (i-1) | ≧ ε or | T (i) -T (i-1) | ≧ δ, jumping to S26); otherwise, jump to S27), where | x | represents an absolute value operation;
s26) adjusting the step length λ ″, λ'/2, and resetting the number of ring oscillators to N ″ ro =N′ ro + λ ", let i equal to i +1, and then jump to S22);
s27) making N max =N′ ro And completing the dynamic resource adjustment strategy.
S3) designing efficient and rapid automatic frequency sweeping strategy
The invention considers the problem of testing efficiency in the process of testing the hardware frequency loophole. During the test, the quantity of the fixed ring oscillator resources is more accurate if the test time per frequency is longer or the test frequency is more, but the problem of low test efficiency is caused. In order to improve the testing efficiency, the hardware frequency loophole of the FPGA is found in a shorter time, and a frequency testing scheme and testing time need to be designed reasonably. The invention designs an efficient and rapid automatic frequency sweeping strategy, and enables a hardware frequency loophole automatic testing circuit to rapidly test whether frequency loopholes exist in hardware of an FPGA cloud platform within T' time under multi-dimensional physical constraints such as power consumption, temperature and the like.
The high-efficiency and quick automatic frequency sweep strategy is executed by the frequency sweep module which can generate more frequencyDigital frequency f out
Figure BDA0003635794160000071
Figure BDA0003635794160000072
The ring oscillator network is controlled to perform hardware frequency vulnerability testing work. The frequency sweep test is carried out in multiple rounds, and the frequency interval is smaller and smaller as the number of frequency sweep rounds is increased. The main steps of the efficient and rapid automatic frequency sweeping strategy are as follows:
s31) initializing the minimum sweep interval f s Setting a frequency division coefficient D (D is an integer power of 2), and inputting a clock frequency F max Maximum number of sweep wheels
Figure BDA0003635794160000073
(wherein
Figure BDA0003635794160000074
Rounding down), testing the total time length T', setting the current frequency sweeping wheel number r to be 1, and then jumping to S32);
s32) if R is less than or equal to R, jumping to S33); otherwise, the FPGA cloud platform has no hardware bug and jumps to S310);
s33) generating a set of testing frequencies for the r-th round
Figure BDA0003635794160000075
Wherein
Figure BDA0003635794160000076
Then jump to S34);
s34) calculating the frequency control word set M ═ M in round r 1 ,M 2 ,…M n ,…,2 N-1 Therein of
Figure BDA0003635794160000077
Figure BDA0003635794160000078
(N is the number of bits in the phase accumulator) and then jumps to S35;
s35) setting the timer duration of the r-th round
Figure BDA0003635794160000079
n is 1 (here, the initialization n is 1, and the round shares the same
Figure BDA00036357941600000710
Frequency to be tested, n is from 1 to
Figure BDA00036357941600000711
Corresponds to M 1 And f 1 To
Figure BDA00036357941600000712
And
Figure BDA00036357941600000713
all tested, accumulated in S38), and then jump to S36);
s36) if
Figure BDA00036357941600000714
Frequency control word M n And the generated digital frequency f out =f n Controlling the ring oscillation network to carry out hardware frequency loophole test work, and then jumping to S37); otherwise, r ═ r +1, go to S32);
s37) if at
Figure BDA00036357941600000715
Within the time length, Hardware Target Shutdown information is not fed back (information fed back to the host by FPGA Hardware indicates that the FPGA is closed, errors occur and the like, see FIG. 5), and the operation goes to S38; otherwise, go to S39);
s38) let n be n +1, and go to S36);
s39) virtual LED module displays the current frequency (current frequency control word M) n ) At this time, finding a hardware frequency bug of the FPGA cloud platform, and jumping to S310);
s310) completing an efficient and rapid automatic frequency sweeping strategy.
In the automatic test circuit for the hardware frequency vulnerability, as the number of the frequency sweeping wheels increases, the finer the scanning frequency interval is, and the shorter the time for testing the hardware frequency vulnerability of each frequency is.
The hardware security testing method for the FPGA cloud platform can be used for carrying out hardware security testing on the FPGA cloud platform through the hardware frequency bug automatic testing circuit, and provides a powerful means for quickly searching the hardware frequency bug of the FPGA cloud platform under the constraints of multiple physical fields such as power consumption, temperature and the like.
Examples
According to the content of the invention, the hardware frequency loophole automatic test circuit is loaded on the Xilinx Ultrascale + and Virtex 7 series chips to carry out hardware security test. The hardware frequency vulnerability automatic test circuit is compiled through host-side vivado software, generates bit streams and loads the bit streams to an FPGA chip. The test flow is as follows:
1. writing RLT level codes of a hardware frequency loophole automatic test circuit, wherein the number N of initialized ring oscillators in the hardware frequency loophole automatic test circuit max Which accounts for half the total number of LUTs in an FPGA chip (two LUTs are used for one ring oscillator).
2. Executing a dynamic resource adjustment policy to determine a final N max
3. The adjusted RLT level code is generated into a bitstream by vivado.
4. And loading the bit stream of the hardware frequency loophole automatic test circuit to the FPGA chip.
5. And after the loading is successful, the high-efficiency and quick automatic frequency sweeping strategy automatically starts to be executed.
Experimental results show that the hardware security testing method successfully explores hardware frequency holes of two types of FPGA chips, and the experimental results are shown in table 1 and fig. 5:
TABLE 1 hardware safety test results
Chip series Type number Whether to feed back abnormal information Whether or not there is a frequency hole
Ultrascale+ xcvu9p-flgb2104-2-i Is that Is that
Virtex 7 xc7vx485tffg1761-2 Is that Is that
In table 1, xcvu9p is a chip of the same type as the FPGA cloud platform, and after a hardware test circuit is loaded on the chip, the host end receives the abnormal information feedback shown in fig. 5 within a limited time T', which proves that the chip of the FPGA cloud platform has a hardware frequency leak, and the frequency is fed back to researchers by the virtual LED module. The frequency vulnerability expansibility implementation is also carried out, the testing is carried out on an xc7vx485 chip, and the related frequency vulnerability is also found.
After the host receives the abnormal information feedback result, the FPGA is disconnected from the host, new design logic cannot be reloaded, the FPGA can be recovered to be used only by restarting the FPGA, and the frequency bugs of the two types of FPGAs are proved to exist. FIG. 5 shows that a popup window prompt message is fed back to the connected host after an error occurs in the FPGA.
The embodiments described above are only a part of the embodiments of the present invention, and not all of them. All other embodiments, which can be obtained by a person skilled in the art without making any creative effort based on the embodiments in the present invention, belong to the protection scope of the present invention.

Claims (3)

1. A hardware security testing method for an FPGA cloud platform is characterized by comprising the following steps:
s1) design hardware frequency leak automatic test circuit structure
Designing a hardware frequency leak automatic test circuit, wherein the automatic test circuit consists of a normal circuit module, a frequency sweep module, a virtual LED module and a ring oscillator network module;
the normal circuit module is one of indications for judging whether the FPGA crashes, if a hardware frequency bug is found in the process of frequency bug safety test, the normal circuit generates an error, and the host interface feeds back abnormal information;
the virtual LED module can display the digital frequency generated by the frequency sweeping module in real time and is used for recording the hardware frequency loophole of the FPGA cloud platform;
the frequency sweep module is an execution module of an efficient and rapid automatic frequency sweep strategy, and can output digital frequency according to the frequency sweep strategy so as to control the ring oscillator network to carry out hardware safety test work; the frequency sweep module consists of a frequency word controller, a timer and a digital frequency generation circuit, wherein the frequency word controller and the timer generate different frequency control words M in different time periods according to a frequency sweep strategy, and the digital frequency generation circuit uses the frequency control words M to generate corresponding digital frequencies f out
The digital frequency generating circuit is the main module for generating digital frequency, and the reference clock F used by the circuit max The high-frequency clock is provided for the FPGA cloud platform, a phase accumulator has N bits, and after the N bits are added with a frequency control word M, a current phase value is updated once per reference clock period and is sent to a digital frequency mapping lookup table; when the phase accumulator is full, an overflow is generated to complete a periodic action, the period is a frequency period of the output signal, and the overflow frequency of the phase accumulator is the frequency of the output signal;
the phase accumulator will beHigh N in the first N phase bit value 1 The bits are sent into a digital frequency mapping lookup table as addresses, 0 or 1 level is stored in the digital frequency mapping lookup table, and the output digital frequency
Figure FDA0003635794150000011
When the frequency control word M is 2 N-1 The desired maximum output frequency of the digital frequency generation circuit is
Figure FDA0003635794150000012
When the frequency control word M is equal to 1, the minimum frequency resolution of the digital frequency generation circuit is obtained to be
Figure FDA0003635794150000013
The ring oscillator network module consists of N max A ring oscillator composition N max Is an integer greater than 1, plays an important role in hardware security testing, and all N max Each ring oscillator is connected with an Enable port, and when the logic level of the Enable port is 0, the ring oscillator network is closed; when the logic level of the Enable port is 1, the ring oscillator network can carry out self-oscillation; enable port and digital frequency signal f out The ring oscillator network can work under different frequencies by the mode, so that the frequency loophole of the FPGA cloud platform hardware can be tested;
the total consumed power of the whole hardware frequency leak automatic test circuit is P total It consists of three parts: the fixed power P0 consumed by the chip after the cloud FPGA is electrified; power P consumed by fixed circuit module 1 The fixed circuit module comprises a normal circuit module, a sweep frequency module and a virtual LED module; and power P consumed by the ring oscillator network module 2 Operating frequency f of ring oscillator network out And the number of resources N max Correlation;
s2) designing dynamic resource adjustment strategy
Considering the highest power consumption P that can be tolerated in FPGA max And maximum on-chip temperature T max The frequency bug hidden by the FPGA hardware is tested under the constraint that the power consumption and the on-chip temperature of the FPGA are mainly influenced by the network working frequency f of the ring oscillator in the test process out And the number of resources N max To determine the maximum number of resources N of the ring oscillator network max So that the FPGA power consumption and the on-chip temperature do not exceed the threshold value P respectively in the test process max And T max And simultaneously, the test is more effective, a dynamic resource adjustment strategy based on power consumption and on-chip temperature constraint is provided, a chip with the same model as that of a cloud FPGA chip is selected through local simulation, the hardware frequency leak automatic test circuit designed in the step S1) is deployed on the FPGA, and a fixed ring oscillator network working frequency f is selected out Then, dynamic resource iteration is performed to find the maximum number N of ring oscillators max
S3) designing efficient and rapid automatic frequency sweeping strategy
Designing an efficient and rapid automatic frequency sweeping strategy, and enabling a hardware frequency loophole automatic testing circuit to rapidly test whether frequency loopholes exist in hardware of an FPGA cloud platform within T' time under multi-dimensional physical constraints including power consumption and temperature;
the high-efficiency and quick automatic frequency sweeping strategy is executed by a frequency sweeping module, and the frequency sweeping module can generate various digital frequencies f out
Figure FDA0003635794150000021
Figure FDA0003635794150000022
The frequency sweep test of hardware frequency loopholes is carried out by controlling the ring oscillator network, the frequency sweep test is carried out in multiple rounds, the frequency interval is smaller and smaller as the number of frequency sweep rounds is increased, and the time for carrying out the hardware frequency loophole test on each frequency is shorter.
2. The hardware security testing method for the FPGA cloud platform of claim 1, wherein said dynamic resource adjustment strategy is adopted in said step S2)Determining the maximum number of resources N of a ring oscillator network max The main steps are as follows:
s21) initializing the Enable end signal frequency f of the ring oscillator network module out =F max The number of resource deployment is N ro The initial resource adjustment step λ is equal to N ro /2, initial simulated Power consumption P total (0) When the initial on-chip temperature T (0) is 0, the current simulation time i is 1, epsilon is 1W, and delta is 1 ℃, wherein two constants of epsilon and delta are used for judging the convergence of the algorithm, and then the process goes to S22);
s22) obtaining power consumption P through the ith simulation test total (i) And the on-chip temperature T (i), and then jumping to S23);
s23) when P total (i)≥P max Or T (i) ≧ T max When so, go to S24); otherwise, go to S25);
s24) adjusting step length lambda 'to lambda/2, and resetting the number of ring oscillators to be N' ro =N ro - λ', let i ═ i +1, then jump to S22);
s25) when | P total (i)-P total (i-1) | ≧ ε or | T (i) -T (i-1) | ≧ δ, jumping to S26); otherwise, jump to S27), where | x | represents the absolute value operation;
s26) adjusting the step length λ ″, λ'/2, and resetting the number of ring oscillators to N ″ ro =N′ ro + λ ", let i equal to i +1, and then jump to S22);
s27) making N max =N″ ro And completing the dynamic resource adjustment strategy.
3. The hardware security testing method for the FPGA cloud platform according to claim 2, wherein the main steps of the efficient and fast automatic frequency sweeping strategy in the step S3) are as follows:
s31) initializing the minimum sweep interval f s Setting a frequency division coefficient D and an input clock frequency F max Maximum number of sweep wheels
Figure FDA0003635794150000031
Figure FDA0003635794150000032
Testing the total duration T', setting the current sweep wheel number r as 1, and then jumping to S32), wherein D is an integer power of 2,
Figure FDA0003635794150000033
represents rounding down;
s32) if R is less than or equal to R, jumping to S33); otherwise, the FPGA cloud platform has no hardware frequency loophole, and jumps to S310);
s33) generating a set of testing frequencies for the r-th round
Figure FDA0003635794150000034
Wherein
Figure FDA0003635794150000035
Then jump to S34);
s34) calculating a frequency control word set M ═ M in the r-th round 1 ,M 2 ,...M n ,...,2 N-1 Therein of
Figure FDA0003635794150000036
Figure FDA0003635794150000037
Then jump to S35);
s35) setting the timer duration of the r-th round
Figure FDA0003635794150000038
Initializing n to 1 and then jumping to S36);
s36) if
Figure FDA0003635794150000039
Frequency control word M n And the generated digital frequency f out =f n Controlling the ring oscillation network to perform hardware frequency vulnerability test work, and then jumping to S37); otherwise, r ═ r +1, go to S32);
s37) if at
Figure FDA00036357941500000310
Within the time length, Hardware Target Shutdown information is not fed back, and the operation jumps to S38); otherwise, go to S39);
s38) let n be n +1, and go to S36);
s39) the virtual LED module displays the current frequency control word M n At this moment, finding the hardware frequency bug of the FPGA cloud platform, and jumping to S310);
s310) completing an efficient and rapid automatic frequency sweeping strategy.
CN202210505525.5A 2022-05-10 2022-05-10 Hardware security testing method for FPGA cloud platform Active CN115021971B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202210505525.5A CN115021971B (en) 2022-05-10 2022-05-10 Hardware security testing method for FPGA cloud platform

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202210505525.5A CN115021971B (en) 2022-05-10 2022-05-10 Hardware security testing method for FPGA cloud platform

Publications (2)

Publication Number Publication Date
CN115021971A true CN115021971A (en) 2022-09-06
CN115021971B CN115021971B (en) 2023-06-09

Family

ID=83068813

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202210505525.5A Active CN115021971B (en) 2022-05-10 2022-05-10 Hardware security testing method for FPGA cloud platform

Country Status (1)

Country Link
CN (1) CN115021971B (en)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN117310458A (en) * 2023-11-29 2023-12-29 北京飘石科技有限公司 Final testing method and device for FPGA chip

Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20060056560A1 (en) * 2004-09-13 2006-03-16 Nortel Networks Limited Method and apparatus for synchronizing internal state of frequency generators on a communications network
US8229344B1 (en) * 2009-08-26 2012-07-24 Bae Systems Information And Electronic Systems Integration Inc. RF communication receiver vulnerability assessment
CN103532793A (en) * 2013-10-28 2014-01-22 中国航天科工集团第二研究院七〇六所 Automatic penetration testing method for information system security
CN107390109A (en) * 2017-06-09 2017-11-24 苏州迅芯微电子有限公司 The automatically testing platform and its Software Architecture Design method of high-speed ADC chip
CN113917881A (en) * 2021-12-13 2022-01-11 深圳市华杰智通科技有限公司 Radio frequency parameter automatic adjusting system and method based on FPGA
CN114121305A (en) * 2021-11-23 2022-03-01 浙江大学 Sensor safety detection method and system based on frequency sweep technology

Patent Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20060056560A1 (en) * 2004-09-13 2006-03-16 Nortel Networks Limited Method and apparatus for synchronizing internal state of frequency generators on a communications network
US8229344B1 (en) * 2009-08-26 2012-07-24 Bae Systems Information And Electronic Systems Integration Inc. RF communication receiver vulnerability assessment
CN103532793A (en) * 2013-10-28 2014-01-22 中国航天科工集团第二研究院七〇六所 Automatic penetration testing method for information system security
CN107390109A (en) * 2017-06-09 2017-11-24 苏州迅芯微电子有限公司 The automatically testing platform and its Software Architecture Design method of high-speed ADC chip
CN114121305A (en) * 2021-11-23 2022-03-01 浙江大学 Sensor safety detection method and system based on frequency sweep technology
CN113917881A (en) * 2021-12-13 2022-01-11 深圳市华杰智通科技有限公司 Radio frequency parameter automatic adjusting system and method based on FPGA

Non-Patent Citations (2)

* Cited by examiner, † Cited by third party
Title
韦智康等: "安全级数字化仪控系统鉴定试验研究", 《自动化博览》 *
韦智康等: "安全级数字化仪控系统鉴定试验研究", 《自动化博览》, 31 December 2011 (2011-12-31) *

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN117310458A (en) * 2023-11-29 2023-12-29 北京飘石科技有限公司 Final testing method and device for FPGA chip
CN117310458B (en) * 2023-11-29 2024-01-30 北京飘石科技有限公司 Final testing method and device for FPGA chip

Also Published As

Publication number Publication date
CN115021971B (en) 2023-06-09

Similar Documents

Publication Publication Date Title
Yao et al. {DeepHammer}: Depleting the intelligence of deep neural networks through targeted chain of bit flips
CN107193731B (en) Fuzzy test coverage improvement method using control variation
Peng et al. A moving-target defense strategy for cloud-based services with heterogeneous and dynamic attack surfaces
US7486060B1 (en) Switching voltage regulator comprising a cycle comparator for dynamic voltage scaling
US7983870B2 (en) Integrated circuit and method for determining the operating range of an integrated circuit
CN115021971A (en) Hardware security testing method for FPGA cloud platform
Li et al. Learning-based modeling and optimization for real-time system availability
US11409323B2 (en) Delay monitoring scheme for critical path timing margin
Li et al. Integrating reinforcement learning and optimal power dispatch to enhance power grid resilience
KR102655398B1 (en) Chariging method and apparatus optimized based on electrochemical modeling
US20160179577A1 (en) Method of Managing the Operation of an Electronic System with a Guaranteed Lifetime
Zhao et al. A universal self-calibrating dynamic voltage and frequency scaling (dvfs) scheme with thermal compensation for energy savings in fpgas
CN107861873B (en) Test case priority adjusting method based on two-attribute hierarchical adjustment
Mead et al. Defeating drone jamming with hardware sandboxing
CN104834499A (en) Apparatus and method for stabilizing output sequence of real random number generator
KR20170057648A (en) Apparatus and method for designing of specification of energy storage system
US7898285B2 (en) Optimal local supply voltage determination circuit
CN107733402B (en) Time sequence monitoring unit and monitoring system for near-threshold low voltage
Martin et al. Towards a dependable true random number generator with self-repair capabilities
US8301432B1 (en) Systems and methods for determining a power cycle of a power source of a mobile device
Miura et al. LLRF control unit for SuperKEKB injector linac
Zhao et al. Cloud Service Security Adaptive Target Detection Algorithm Based on Bio-Inspired Performance Evaluation Process Algebra
Li et al. CE-based optimization for real-time system availability under learned soft error rate
Wan et al. MulBERRY: Enabling Bit-Error Robustness for Energy-Efficient Multi-Agent Autonomous Systems
CN115659886B (en) Software PUF configuration method based on over-frequency state DEC circuit time sequence error

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant