Security of FPGAs in data centers

Recent deployments of FPGAs as compute resources in data centers have raised security concerns. One concern is how to prevent user-deployed logic in the FPGA from accessing privileged data such as physical addresses or raw network traffic. Addressing this issue uses the concept of ‘privileged’ mode FPGA logic that is kept separate from ‘user’ mode logic. Logical separation can be achieved with design restrictions, physical separation gives a stronger security guarantee. Physical separation can be implemented and enforced using the Xilinx Isolation Design Flow to isolate privileged shell logic from user application logic. A second security concern is the detection and handling of undesirable behavior of user logic. This undesirable behavior includes generation of current spikes, consumption of excessive power or overheating the FPGA or the system. These conditions can be addressed by design checking, and a thorough run-time solution leverages anti-tamper functionality in the FPGA that activates user logic to disable functions when voltage or temperature exceeds preset limits. A third concern is the need to ensure FPGA logic only changes when desired. This concern is addressed using both hard logic and IP that together ensure and verify that the programmable logic does not change during operation.