A Scalable and Power-Aware Security Health Monitor for FPGAs Using Lightweight Sensors and ML-Based Inference

The flexibility and performance of Field-Programmable Gate Arrays (FPGAs) have led to their popularity in safety and mission-critical software systems in aerospace, automotive, defense, and cloud computing. However, this reconfigurability comes with distinctive security challenges, such as the threat from hardware trojans, side-channel leakage, and malicious reconfiguration. In this paper, we propose a power-aware, scalable, and comprehensive architecture for the real-time policing security posture of FPGA devices. We combine lightweight on-chip sensors (like ring oscillators, PUFs, glitch detectors, and signal probes) with machine learning-based anomaly detectors, such as One-Class SVMs, Isolation Forests, and shallow neural networks. These elements are coordinated using a hierarchical structure of Local Monitor Agents (LMAs) and a Global Security Manager (GSM), allowing for localized threat detection and response. Leveraging recent case studies and side-channel attack databases, we evaluate the viability of our architecture for computing. Our system exhibits a detection resolution as high as possible with minimum area and power overhead and supports in-field mode update, calibration, and formal verification of the monitoring logic. The proposed platform allows passive FPGAs to be reprogrammed into active and security-aware systems, achieving immune system-like capabilities against a broad range of attacks. This work leverages recent developments in hardware security monitoring, thus paving the way for new developments in federated threat learning, secure debug interface monitoring, and unified firmware–bitstream attestation.