Friday, January 22, 10:33
Home security Researchers reveal vulnerability in FPGA, affecting cloud services and IoT

Researchers reveal vulnerability in FPGA, affecting cloud services and IoT

FPGAThe programmable gate array (FPGA) is a type of programmable integrated circuit and consists of electronic components that can be used more flexibly than others chip computers. Many times, even large data centers, dedicated to cloud services, resort to FPGAs.

Their use, until recently, was considered safe. However, a report was recently published in the IACR magazine by researchers at the Karlsruhe Institute of Technology (KIT). According to their report, there are some gates that could exploit malicious hackers.

Unlike conventional computer chips, which perform a very specific task, FPGAs take on almost every function of any other chip. That is why they are preferred when creating new devices and systems.

"FPGAs are built into the first batch of a new device and can be modified later, unlike other chips," says Dennis Gnad, a KIT engineer.

Thus, FPGAs are applied in many areas: smartphones, networks, the Internet, medicine, electronic vehicle systems and aerospace.

FPGAs are ideal for server farms that are managed by service providers in cloud. Another advantage of these programmable chips is that they can be separated.

"The upper half of the FPGA can be distributed to one customer and the lower half to a second," says Jonas Krautter, another KIT member. This is considered very useful in cloud services.


The researchers observed that the use of FPGA could allow hackers to carry out attacks. In particular, Gnad said: "The simultaneous use of an FPGA chip by multiple users can allow malicious attacks."

The feature that distinguishes the FPGA chip, flexibility, is essentially what hackers are doing to make so-called side-channel attacks. Side-channel attacks allow hackers to retrieve information using the chip's energy. The information that hackers acquire allows them to break the encryption of the chips. A cloud user who has bad purposes can exploit this to spy on another user.

With these attacks, hackers can break the data of other users or even destroy the chip, causing data losses. Of course, this risk exists in other chips, especially those that apply to and production such as intelligent heating control system or lighting systems.

Researchers suggest that user access to FPGAs should be restricted. However, what needs to be done is to remove malicious users and not all.


Please enter your comment!
Please enter your name here

Absent Mia
Absent Mia
Being your self, in a world that constantly tries to change you, is your greatest achievement


QNAP: New Dovecat crypto-miner infects NAS devices

QNAP has warned its customers about a new malware (crypto-miner) called Dovecat, which targets NAS (network-attached storage) devices ...

MyFreeCams: Two million files were stolen from the adult site

A database of the popular adult site MyFreeCams, has been leaked to a hacking forum, resulting in the data of its users to ...

FBI: Parler is called in to investigate the Capitol attack

Participants in the January 6 attack on the US Capitol are accused of their actions, as they seem to have published in Parler and ...

Mac: How to see which model you have and when it was released

When you need support for your Mac - or want to install some kind of upgrade - you usually need to know the exact ...

Bill Gates: Will he work with Biden on COVID-19 / climate change?

Microsoft co-founder Bill Gates said on Twitter that he is looking forward to working with the new US President, Joe Biden, and ...

What are the rumors circulating about the iPhone 13?

Apple iPhone 13 will have a redesigned Face ID system that will have a smaller notch at the top of the screen, ...

Biden: How was the political transition in the US captured on social media?

As Joe Biden was sworn in as President of the United States, this important political transition was captured on popular social media. On January 20, ...

CentOS ceases to be supported but RHEL is offered for free

Last month, Red Hat caused a great deal of concern in the Linux world when it announced the discontinuation of CentOS Linux.

Microsoft Office 365 employee passwords leaked online!

A new large-scale phishing campaign targeting global organizations has been found to bypass Microsoft Office 365 Advanced Threat Protection (ATP) and ...

COSMOTE and Microsoft provide new cloud solutions for businesses

COSMOTE and Microsoft expand their cooperation, offering even more advanced and high quality cloud solutions, in large and small ...