Timing-based side-channel attack and mitigation on PCIe connected distributed embedded systems

Abstract

PCIe connected peripheral devices are increasingly deployed in distributed embedded systems. For example, a GPU accelerator connected with a host CPU via PCIe interconnect brings massive performance improvement for artificial intelligence applications. These peripheral devices benefit from the shared memory of the host CPU for performance gains, but sharing the host CPU resources brings security challenges. The shared PCIe interconnect hardware of the host CPU can be exploited to create a timing-based information leakage side-channel between multiple connected peripheral devices that are isolated at the software level. This paper proposes an attack setup that consists of GPU and FPGA peripheral devices accessing their data from the host CPU’s main memory. Both covert communication and information leakage attacks are demonstrated at a throughput rate of 13.02 kbps. A temporal isolation-based mitigation scheme is proposed that utilizes time-division multiplexing between the peripheral devices to mitigate the attacks. The paper primarily focuses on demonstrating the security context of the proposed attack and mitigation.