Securing Multi-Tenant FPGA Clouds: Architectures, Threats, and Integrated Defenses for Trusted Reconfigurable Computing

Sanjay K. Morello

Authors

Sanjay K. Morello School of Computer Engineering, University of Melbourne, Australia

Keywords:

Multi-tenant FPGA security, trusted IP, physical unclonable functions, FPGA cloud

Abstract

Background: The rapid adoption of field-programmable gate arrays (FPGAs) within cloud infrastructures has introduced a new class of high-performance, energy-efficient accelerators for datacenter workloads. However, multi-tenant FPGA clouds create unique security, privacy, and trust challenges because hardware bitstreams, shared resources, and physical effects become new attack surfaces. This manuscript synthesizes foundational and contemporary research on FPGA cloud security and related domains — including IP protection, runtime isolation, physical unclonable functions, fault-injection attacks, operating system approaches to reconfigurable computing, and homomorphic encryption accelerators — to present an integrated conceptual framework and prescriptive design guidance for trusted multi-tenant FPGA cloud platforms. Key

contributions: (1) an expansive threat taxonomy tailored to multi-tenant FPGA clouds that links attacks to underlying physical, microarchitectural, and software vectors; (2) a layered architecture for trust that maps defensive mechanisms to threat classes, combining provenance, watermarking, PUF-based attestation, hypervisor and OS level controls, and cryptographic accelerators; (3) a detailed methodology for evaluating trustworthiness that emphasizes measurement-driven experiments and descriptive, non-mathematical analysis; and (4) an agenda for future research that prioritizes measurable isolation primitives, hardware-accelerated privacy techniques, and resilient designs against environmental and fault-based attacks.

Findings: The literature shows that heterogeneous defenses are required: IP watermarking and design fingerprints offer provenance checks but are insufficient alone (Abdel-Hamid et al., 2003); OS-centric and hypervisor approaches such as ReconOS provide strong management abstractions but must be paired with hardware attestation (Agne et al., 2014); PUFs yield compact, device-intrinsic keys appropriate for constrained devices and for bootstrapping trust in tenants and IP (Ahmed et al., 2020); fault and side-channel attacks like RAM-Jam demonstrate that environmental manipulation can violate multi-tenant isolation unless physical resource contention and environmental sensing are monitored (Alam et al., 2019); hardware accelerators for encrypted computation, including FPGA implementations for fully homomorphic encryption, offer promising paths toward preserving confidentiality even when sharing raw compute fabric (Agrawal et al., 2022).

Conclusions: A defensible multi-tenant FPGA cloud must combine provenance, device-rooted trust, runtime enforcement, and privacy-preserving computation. The paper synthesizes extant evidence to propose an integrated blueprint for secure deployment, operational monitoring, and research priorities for resilient, trustworthy FPGA clouds. All claims draw from the supplied corpus of references and directly map to the cited works.

References

T. Abdel-Hamid, S. Tahar, and El Mostapha Aboulhamid. 2003. IP watermarking techniques: Survey and comparison. In Proceedings of the 3rd IEEE International Workshop on System-on-Chip for Real-Time Applications, 60–65. DOI: https://doi.org/10.1109/IWSOC.2003.1213006

Francis Abel, Jagath Weerasinghe, Christoph Hagleitner, Beat Weiss, and Stephan Paredes. 2017. An FPGA platform for hyperscalers. In Proceedings of the IEEE 25th Annual Symposium on High-Performance Interconnects (HOTI ’17), Vol. 10, 29–32. DOI: https://doi.org/10.1109/HOTI.2017.13

Andreas Agne, Markus Happe, Ariane Keller, Enno Lubbers, Bernhard Plattner, Marco Platzner, and Christian Plessl. 2014. ReconOS: An operating system approach for reconfigurable computing. IEEE Micro 34, 1, 60–71. DOI: https://doi.org/10.1109/MM.2013.110

Rashmi Agrawal, Leo de Castro, Guowei Yang, Chiraag Juvekar, Rabia Yazicigil, Anantha Chandrakasan, Vinod Vaikuntanathan, and Ajay Joshi. 2022. FAB: An FPGA-based accelerator for bootstrappable fully homomorphic encryption. arXiv:2207.11872. Retrieved from https://doi.org/abs/2207.11872

Muhammed Kawser Ahmed, Sujan Kumar Saha, and Christophe Bobda. 2022. Trusted IP solution in multi-tenant cloud FPGA platform. In Proceedings of the IEEE 8th World Forum on Internet of Things (WF-IoT ’22), 1–6. DOI: https://doi.org/10.1109/WFIoT54382.2022.10152167

Muhammed Kawser Ahmed, Venkata P. Yanambaka, Ahmed Abdelgawad, and Kumar Yelamarthi. 2020. Physical unclonable function based hardware security for resource constraint IoT devices. In Proceedings of the IEEE 6th World Forum on Internet of Things (WF-IoT ’20), 1–2. DOI:https://doi.org/10.1109/WFIoT48130.2020.9221357

Md Mahbub Alam, Shahin Tajik, Fatemeh Ganji, Mark Tehranipoor, and Domenic Forte. 2019. RAM-Jam: Remote temperature and voltage fault attack on FPGAs using memory collisions. In Proceedings of the Workshop on Fault Diagnosis and Tolerance in Cryptography (FDTC ’19), 48–55. DOI: https://doi.org/10.1109/FDTC.2019.00015

Lu, X., Cao, L., Du, X., et al. 2018. A tag-based protection method for multi-tenant data security. International Conference on Cloud Computing and Security, Haikou, China, 553–565.

Lamport, L. 1981. Password authentication with insecure communication. Communications of the ACM, 24(11), 770–772.

Al-Assam, H., Hassan, W., Zeadally, S. 2019. Automated biometric authentication with cloud computing. In Biometric-Based Physical and Cybersecurity Systems, 455–475.

Kim, S. H., Lee, I. Y. 2018. IoT device security based on proxy re-encryption. Journal of Ambient Intelligence and Humanized Computing, 9(4), 1267–1273.

Sachdev, A., Bhansali, M. 2013. Enhancing cloud computing security using AES algorithm. International Journal of Computer Applications, 67(9), 0975–8887.

Batista, B. G., Ferreira, C. H., Segura, D. C., et al. 2017. A QoS-driven approach for cloud computing addressing attributes of performance and security. Future Generation Computer Systems, 68, 260–274.

Reddy, T. B., Chowdappa, K. B., Reddy, S. R. 2015. Cloud security using blowfish and key management encryption algorithm. International Journal of Engineering and Applied Sciences, 2(6), 2394–3661.

Aluvalu, R., Kamliya, V., Muddana, L. 2016. HASBE access control model with secure key distribution and efficient domain hierarchy for cloud computing. International Journal of Electrical and Computer Engineering, 6(2), 770–777.

Atayero, A. A., Feyisetan, O. 2011. Security issues in cloud computing: the potentials of homomorphic encryption. Journal of Emerging Trends in Computing and Information Sciences, 2(10), 546–552.

V. Agarwal, N. Verma, S. Saha, and S. Kumar. 2018. Dynamic Detection and Prevention of Denial of Service and Peer Attacks with IP Address Processing. Recent Findings in Intelligent Computing Techniques: Proceedings of the 5th ICACNI 2017, Volume 1, 707, 139.

Mishra, M. 2017. Reliability-based Life Cycle Management of Corroding Pipelines via Optimization under Uncertainty (Doctoral dissertation).

V. Agarwal and S. Kumar. 2017, October. Intelligent multi-level mechanism of secure data handling of vehicular information for post-accident protocols. In 2017 2nd International Conference on Communication and Electronics Systems (ICCES), 902–906.

Hariharan, R. 2025. Zero trust security in multi-tenant cloud environments. Journal of Information Systems Engineering and Management, 10.

International Journal of Next-Generation Engineering and Technology

Article Details Page