SGX-FPGA: Trusted Execution Environment for CPU-FPGA Heterogeneous Architecture

Ke Xia; Yukui Luo; Xiaolin Xu; Sheng Wei

doi:10.1109/DAC18074.2021.9586207

SGX-FPGA: Trusted Execution Environment for CPU-FPGA Heterogeneous Architecture

Ke Xia, Yukui Luo, Xiaolin Xu, Sheng Wei

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution

21 Scopus citations

Abstract

Trusted execution environments (TEEs), such as Intel SGX, have become a popular security primitive with minimum trusted computing base (TCB) and attack surface. However, the existing CPU-based TEEs do not support FPGAs, even though FPGA-based cloud computing services have been rapidly deployed with security vulnerabilities that are expected to be eliminated by TEEs. To fill the gap, we present SGX-FPGA, a trusted hardware isolation path enabling the first FPGA TEE by bridging SGX enclaves and FPGAs in the heterogeneous CPU-FPGA architecture. Our experiments on real CPU-FPGA hardware justify the high security and low performance overhead achieved by SGX-FPGA.

Original language	English (US)
Title of host publication	2021 58th ACM/IEEE Design Automation Conference, DAC 2021
Publisher	Institute of Electrical and Electronics Engineers Inc.
Pages	301-306
Number of pages	6
ISBN (Electronic)	9781665432740
DOIs	https://doi.org/10.1109/DAC18074.2021.9586207
State	Published - Dec 5 2021
Externally published	Yes
Event	58th ACM/IEEE Design Automation Conference, DAC 2021 - San Francisco, United States Duration: Dec 5 2021 → Dec 9 2021

Publication series

Name	Proceedings - Design Automation Conference
Volume	2021-December
ISSN (Print)	0738-100X

Conference

Conference	58th ACM/IEEE Design Automation Conference, DAC 2021
Country/Territory	United States
City	San Francisco
Period	12/5/21 → 12/9/21

All Science Journal Classification (ASJC) codes

Computer Science Applications
Control and Systems Engineering
Electrical and Electronic Engineering
Modeling and Simulation

Access to Document

10.1109/DAC18074.2021.9586207

Cite this

@inproceedings{be04e54e6dc642029cccb83383d09163,

title = "SGX-FPGA: Trusted Execution Environment for CPU-FPGA Heterogeneous Architecture",

abstract = "Trusted execution environments (TEEs), such as Intel SGX, have become a popular security primitive with minimum trusted computing base (TCB) and attack surface. However, the existing CPU-based TEEs do not support FPGAs, even though FPGA-based cloud computing services have been rapidly deployed with security vulnerabilities that are expected to be eliminated by TEEs. To fill the gap, we present SGX-FPGA, a trusted hardware isolation path enabling the first FPGA TEE by bridging SGX enclaves and FPGAs in the heterogeneous CPU-FPGA architecture. Our experiments on real CPU-FPGA hardware justify the high security and low performance overhead achieved by SGX-FPGA.",

author = "Ke Xia and Yukui Luo and Xiaolin Xu and Sheng Wei",

note = "Publisher Copyright: {\textcopyright} 2021 IEEE.; 58th ACM/IEEE Design Automation Conference, DAC 2021 ; Conference date: 05-12-2021 Through 09-12-2021",

year = "2021",

month = dec,

day = "5",

doi = "10.1109/DAC18074.2021.9586207",

language = "English (US)",

series = "Proceedings - Design Automation Conference",

publisher = "Institute of Electrical and Electronics Engineers Inc.",

pages = "301--306",

booktitle = "2021 58th ACM/IEEE Design Automation Conference, DAC 2021",

address = "United States",

}

Xia, K, Luo, Y, Xu, X & Wei, S 2021, SGX-FPGA: Trusted Execution Environment for CPU-FPGA Heterogeneous Architecture. in 2021 58th ACM/IEEE Design Automation Conference, DAC 2021. Proceedings - Design Automation Conference, vol. 2021-December, Institute of Electrical and Electronics Engineers Inc., pp. 301-306, 58th ACM/IEEE Design Automation Conference, DAC 2021, San Francisco, United States, 12/5/21. https://doi.org/10.1109/DAC18074.2021.9586207

SGX-FPGA: Trusted Execution Environment for CPU-FPGA Heterogeneous Architecture. / Xia, Ke; Luo, Yukui; Xu, Xiaolin et al.
2021 58th ACM/IEEE Design Automation Conference, DAC 2021. Institute of Electrical and Electronics Engineers Inc., 2021. p. 301-306 (Proceedings - Design Automation Conference; Vol. 2021-December).

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution

TY - GEN

T1 - SGX-FPGA

T2 - 58th ACM/IEEE Design Automation Conference, DAC 2021

AU - Xia, Ke

AU - Luo, Yukui

AU - Xu, Xiaolin

AU - Wei, Sheng

PY - 2021/12/5

Y1 - 2021/12/5

N2 - Trusted execution environments (TEEs), such as Intel SGX, have become a popular security primitive with minimum trusted computing base (TCB) and attack surface. However, the existing CPU-based TEEs do not support FPGAs, even though FPGA-based cloud computing services have been rapidly deployed with security vulnerabilities that are expected to be eliminated by TEEs. To fill the gap, we present SGX-FPGA, a trusted hardware isolation path enabling the first FPGA TEE by bridging SGX enclaves and FPGAs in the heterogeneous CPU-FPGA architecture. Our experiments on real CPU-FPGA hardware justify the high security and low performance overhead achieved by SGX-FPGA.

AB - Trusted execution environments (TEEs), such as Intel SGX, have become a popular security primitive with minimum trusted computing base (TCB) and attack surface. However, the existing CPU-based TEEs do not support FPGAs, even though FPGA-based cloud computing services have been rapidly deployed with security vulnerabilities that are expected to be eliminated by TEEs. To fill the gap, we present SGX-FPGA, a trusted hardware isolation path enabling the first FPGA TEE by bridging SGX enclaves and FPGAs in the heterogeneous CPU-FPGA architecture. Our experiments on real CPU-FPGA hardware justify the high security and low performance overhead achieved by SGX-FPGA.

UR - http://www.scopus.com/inward/record.url?scp=85114964406&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=85114964406&partnerID=8YFLogxK

U2 - 10.1109/DAC18074.2021.9586207

DO - 10.1109/DAC18074.2021.9586207

M3 - Conference contribution

AN - SCOPUS:85114964406

T3 - Proceedings - Design Automation Conference

SP - 301

EP - 306

BT - 2021 58th ACM/IEEE Design Automation Conference, DAC 2021

PB - Institute of Electrical and Electronics Engineers Inc.

Y2 - 5 December 2021 through 9 December 2021

ER -

SGX-FPGA: Trusted Execution Environment for CPU-FPGA Heterogeneous Architecture

Abstract

Publication series

Conference

All Science Journal Classification (ASJC) codes

Access to Document

Other files and links

Fingerprint

Cite this