Multi-tenant FPGA Security - Challenges and Opportunities.

An emerging trend in the data center is the at-scale deployment of Field-Programmable Gate Arrays (FPGAs) which combine multi-gigabit and ultra-low latency workload acceleration with hardware-level reconfigurability. In particular, for applications such as Deep Learning where techniques and algorithms are rapidly changing, the inherent flexibility of FPGAs grants them an edge over hardened data processing units such as ASICs or GPUs. Inevitably, Cloud Service Providers (CSPs) will seek to maximize resource utilization for their FPGA investments as they currently do for general-purpose computing resources. Current FPGA deployments in the data center tend to be single-tenant or support multiple tenants through time multiplexing (temporal multi-tenancy) which can result in resource underutilization. This approach does not scale and presents challenges for elastic workloads whose properties are not fully known ahead of time. Instead, we expect that closing the resource utilization gap will require efficient spatial allocation of FPGA resources across multiple tenants while maintaining security and QoS guarantees. In particular, new usage models such as FPGA-as-a-Service, where resources are exposed directly to the cloud tenant, present unique challenges on the security and QoS side. In this talk we review the threat landscape and trust models associated with FPGA multi-tenancy, highlight future research challenges and examine the unique opportunities that FPGA multi-tenancy enables given adequate guarantees on security and QoS.