Programmable FPGA chips are very versatile and are used, for example, in data centers dedicated to cloud services. They also have the advantage of consuming comparatively little electricity and can be subdivided as required. “One customer can, for example, use about the upper half of the FPGA while a second customer uses the lower half,” explains Jonas Krautter from the Karlsruhe Institute of Technology (KIT). This is an attractive usage scenario for cloud services, such as those associated with databases, machine learning or financial applications.
Although the use of such services has been considered relatively secure to date, the KIT has now discovered a vulnerability in the chips . “The simultaneous use of an FPGA chip by multiple users opens a gateway for malicious attacks,” explains Dennis Gnad of KIT. The versatility of FPGAs allows hackers to perform side-channel attacks , spy on cloud service customers, falsify calculations, and cause data loss by measuring the power consumption within the chip. According to Krautter and Gnad, solving this problem would require restricting users’ direct access to FPGAs.