FPGAs are semiconductor integrated circuits that can be configured after manufacturing. Generally, an FPGA includes an array of programmable logic blocks connected via programmable interconnects. As such, FPGAs can be reprogrammed to desired requirements after manufacturing.
Recently, FPGAs and other hardware-based accelerators have made inroads into the cloud computing space. One emerging model is the FPGA-as-a-service model, in which a public cloud service provider makes one or more FPGAs available for use by third-party users. In such cloud deployments, FPGAs may have access to privileged (or trusted) system resources, such as processors, network interfaces, memory, and other devices. However, users of the public cloud may not be trusted, creating significant security risks in the cloud platform. Therefore, security mechanisms are needed to allow untrusted users to utilize cloud-based FPGAs in a secure manner. Furthermore, any such security mechanisms should be capable of validation and audit to ensure the overall security of the cloud-based system.