Security Implications of Third-Party Accelerators

Abstract

Third-party accelerators offer system designers high performance and low energy without the market delay of in-house development. However, complex third-party accelerators may include vulnerabilities due to design flaws or malicious intent that are hardto expose during verification. Rather than react to each new vulnerability, it is better to proactively build defenses for classes of attacks.To inspire future work on defenses, this paper develops a taxonomy of accelerator vulnerabilities. We consider the cross product of threat types (confidentiality, integrity, and availability) with risk categories (configuration, computation, termination, accelerator memory accesses, system memory accesses, microarchitecture/coherence, exceptions/interrupts, and power), as well as whether processes can be vulnerable only if they use the offending accelerator (accelerator-scope threat) or even when running in the same system (system-scope threat). Our taxonomy draws attention to a grave problem that needs immediate attention from computer architects.

Open PDF

Document Details

Document Type
Technical Report
Publication Date
Jun 11, 2015
Accession Number
AD1015558

Entities

People

  • Lena E. Olson
  • Mark D. Hill
  • Simha Sethumadhavan

Organizations

  • University of Wisconsin–Madison

Tags

Communities of Interest

  • Cyber
  • Energy and Power Technologies

DTIC Thesaurus Topics

  • Availability
  • Complex Systems
  • Computations
  • Computer Programs
  • Computers
  • Denial Of Service Attack
  • Graphics
  • Graphics Processing Unit
  • High Temperature
  • Malware
  • Operating Systems
  • Reliability
  • Security
  • Standards
  • Taxonomy
  • Threats
  • Vulnerability

Fields of Study

  • Computer science

Readers

  • Cybersecurity.
  • Electrical Engineering
  • Systems Analysis and Design