The programmable gate array (FPGA) is a type of programmable integrated circuit and consists of electronic components that can be used more flexibly than others chip computers. Many times, even large data centers, dedicated to cloud services, resort to FPGAs.
Their use, until recently, was considered safe. However, a report was recently published in the IACR magazine by researchers at the Karlsruhe Institute of Technology (KIT). According to their report, there are some gates that could exploit malicious hackers.
Unlike conventional computer chips, which perform a very specific task, FPGAs take on almost every function of any other chip. That is why they are preferred when creating new devices and systems.
"FPGAs are built into the first batch of a new device and can be modified later, unlike other chips," says Dennis Gnad, a KIT engineer.
Thus, FPGAs are applied in many areas: smartphones, networks, the Internet, medicine, electronic vehicle systems and aerospace.
FPGAs are ideal for server farms that are managed by service providers in cloud. Another advantage of these programmable chips is that they can be separated.
"The upper half of the FPGA can be distributed to one customer and the lower half to a second," says Jonas Krautter, another KIT member. This is considered very useful in cloud services.
The researchers observed that the use of FPGA could allow hackers to carry out attacks. In particular, Gnad said: "The simultaneous use of an FPGA chip by multiple users can allow malicious attacks."
The feature that distinguishes the FPGA chip, flexibility, is essentially what hackers are doing to make so-called side-channel attacks. Side-channel attacks allow hackers to retrieve information using the chip's energy. The information that hackers acquire allows them to break the encryption of the chips. A cloud user who has bad purposes can exploit this to spy on another user.
With these attacks, hackers can break the data of other users or even destroy the chip, causing data losses. Of course, this risk exists in other chips, especially those that apply to and production such as intelligent heating control system or lighting systems.
Researchers suggest that user access to FPGAs should be restricted. However, what needs to be done is to remove malicious users and not all.