Criticality Analysis of Ring Oscillators in FPGA Bitstreams .

The popularity of cloud computing has led to increasing demand for efficient and scalable hardware. Multi-tenant FPGAs are becoming popular because of their ability to provide high performance and flexibility, yet being cost-effective. While multiple tenants have the ability to configure the same FPGA with customized modules, several security vulnerabilities can be exploited by adversaries. Attackers can use an FPGA to perform malicious actions, such as injecting malicious bitstreams and launching denial-of-service attacks. We propose a two-tier machine learning framework that first detects malicious features from an FPGA bitstream and then performs criticality analysis to evaluate the severity of potentially malicious ring oscillators (ROs) configured by that bitstream. The latter step is crucial as it ensures the security of FPGAs from voltage and power-based attacks and also reduces the risk of inappropriately blocking benign RO-based circuits from FPGA configuration. The proposed framework is evaluated using a diverse set of real-world bitstreams. We achieve an accuracy of 100% in detecting malicious bitstreams and an accuracy of 96.55% in detecting malicious bitstreams that are critical.