Runtime Security Check
This work introduces a hardware-based security solution designed to bolster the resilience of the cloud computing infrastructure. Our proposed framework ensures the robustness and integrity of computational devices, including CPUs, FPGAs, and GPUs, within the cloud environment. Specifically, the framework leverages side-channel measurements tied to the power distribution network (PDN) activity of the targeted computational devices.
We have implemented an embedded system based on the RISC-V architecture, generated by RocketChip, and have developed a co-processor to monitor the states of the main processor. The architecture of our current experimental environment is depicted in the following Figure. This platform will primarily consist of three main components: a Xilinx Virtex-7 FPGA VC707 board, a targeted device, and a high-performance host workstation. Both the PDN sensor and the co-processor are implemented on the FPGA core. We have implemented three test settings to collect the ROs sensor data and further evaluate the performance of our proposed machine learning based sensing approach.
More details please refer to our recent accepted paper:
Kejun Chen, Xiaolong Guo, Xuan Zhang, and Xianglong Feng. Guarding the Gatekeepers: Ensuring the Security of Computation Hardware in Cloud Infrastructure. Government Microcircuit Applications and Critical Technology Conference (GOMACTech); 2024 March; Charleston, SC, USA (to appear)
Additionally, this platform can be utilized to support a hardware-in-the-loop workflow.
