Aerospace Technic and Technology

The subject of study in this article is modern penetration testing technologies, in which the test object is a platform with access to FPGA resources. The goal of this work is to improve modern methods of penetration testing of services that provide FPGA as a Service, to identify vulnerabilities, the elimination of which increases the level of security of services and increases the level of user trust in such services. Task: to analyze possible threats of FPGA as a Service platforms; analyze the structure of FPGA as a Service platforms; analyze options for using the penetration testing standard; and offer key components for ensuring cyber security of FPGA as a Service platforms. According to the tasks, the following results were obtained. A study of the cyber security problems of FPGA as a Service platforms was conducted, and a set of components for ensuring the cybersecurity of FPGA as a Service platforms was proposed. An analysis of modern cybersecurity threats of FPGA as a Service platforms was carried out. The possibility of applying the penetration testing standard to FPGA services is considered. Regular audits and penetration testing are key elements of a cybersecurity strategy and help maintain customer and user trust in FPGA services. A set of components for ensuring cybersecurity of FPGA as a Service platforms is proposed, which corresponds to modern threats. The complex includes activities such as regular software updates, security monitoring and analysis, audit and penetration testing, compliance with security standards, and staff training. Conclusions. The main contribution and scientific novelty of the obtained results is that a study of the possibilities of penetration testing was conducted, where the test object is a platform with access to FPGA resources. As in many other areas, ensuring the cybersecurity of FPGA as a Service platforms is a complex task, where ignoring any component can lead to critical consequences. Applying only penetration testing is not enough; therefore, a comprehensive list of cybersecurity measures for FPGA as a Service platforms is provided.

FPGA; FPGA as a Service; penetration testing; cybersecurity ensuring; protection measures

Perepelitsyn, A., Kasapien, Y., Fesenko, H., & Kharchenko, V. Tekhnolohiyi realizatsiyi shtuchnoho intelektu yak servisu na osnovi aparatnykh pryskoryuvachiv [Technologies for Implementing of Artificial Intelligence as a Service based on Hardware Accelerators]. Aviacijno-kosmicna tehnika i tehnologia – Aerospace technic and technology, 2022, no. 6, pp. 57–65. DOI: 10.32620/aktt.2022.6.07. (In Ukrainian).

Perepelitsyn, A., & Kulanov, V. Metod stvorennya i vprovadzhennya FPGA proyektiv stiykykh do zmin vymoh i seredovyshch rozroblennya dlya khmarnykh infrastruktur [Method of creation and deployment of FPGA projects resistant to change of requirements and development environments for cloud infrastructures]. Aviacijno-kosmicna tehnika i tehnologia – Aerospace technic and technology, 2023, no. 5, pp. 87–97. DOI: 10.32620/aktt.2023.5.07. (In Ukrainian).

Mahmoud, D. G., Lenders, V., & Stojilović, M. Electrical-Level Attacks on CPUs, FPGAs, and GPUs: Survey and Implications in the Heterogeneous Era. ACM Computing Surveys, 2022, vol. 55, no. 3, article no. 58, pp. 1–40. DOI: 10.1145/3498337.

Ender, M., Moradi, A., & Paar, C. The unpatchable silicon: a full break of the bitstream encryption of xilinx 7-series FPGAs. Proceedings of 29th USENIX Conference on Security Symposium (SEC'20), 2020, article no. 102, pp. 1803–1819. DOI: 10.5555/3489212.3489314.

Red Balloon Security. 100 Seconds of Solitude: Defeating Cisco Trust Anchor With FPGA Bitstream Shenanigans. Available at: https://redballoonsecurity.com/files/CycIhULVL5FS6VNM/100_seconds_of_solitude.pdf (accessed November 22, 2023).

Chakraborty, R. S., Saha, I., Palchaudhuri, A., & Naik, G. K. Hardware Trojan Insertion by Direct Modification of FPGA Configuration Bitstream. IEEE Design & Test, 2013, vol. 30, no. 2, pp. 45–54. DOI: 10.1109/MDT.2013.2247460.

Lohrke, H., Tajik, S., Krachenfels, T., Boit, C., & Seifert, J.-P. Key Extraction Using Thermal Laser Stimulation: A Case Study on Xilinx Ultrascale FPGAs. IACR Transactions on Cryptographic Hardware and Embedded Systems, 2018, vol. 2018, no. 3, pp. 573–595. DOI: 10.13154/tches.v2018.i3.573-595.

Zarizenko, I., & Perepelitsyn, A. Analysis of tools and technologies of FaaS development. Radioelektronni i komp'uterni sistemi – Radioelectronic and computer systems, 2019, no. 4 (92), pp. 88–93. DOI: 10.32620/reks.2019.4.10.

Perepelitsyn, A., & Kulanov, V. Analysis of Ways of Digital Rights Management for FPGA-as-a-Service for AI-Based Solutions. Proceedings 2023 IEEE 13th International Conference on Dependable Systems, Services and Technologies, DESSERT 2023, 2023. 5 p. Accepted.

The Penetration Testing Execution Standard. Available at: http://www.pentest-standard.org/ (accessed August 22, 2023).