Analysis of Attack Surfaces and Practical Attack Examples in Open Source FPGA CAD Tools

Sandeep Sunkavilli, Zhiming Zhang, Qiaoyan Yu
University of New Hampshire


FPGAs gain increasing utilization in system prototyping, low-volume products, and obsolete component replacement. Driven by high profits, FPGA deployment is suffering from various attacks, such as reverse engineering bitstream, functionality tampering via hardware Trojans, information leaking through covert channel, and denial-of-service attacks. Typically, the investigation of security threats on FPGA deployment is tied with a specific FPGA chip and its design suite version, either the discovered attacks or the developed countermeasures are not easy to migrate to other FPGAs. Thus, the utilization of open source FPGA CAD tools becomes increasingly attractive. This work analyzes the new attack surfaces on two open source FPGA CAD tools: VTR and Symbiflow. The case studies in this work indicate that practical attacks in open source FPGA CAD tools can be implemented with minor changes on the intermediate files generated by the CAD toolchain.