This paper identifies a critical security vulnerability in the partial reconfiguration (PR) process of multi-tenant FPGAs, wherein an attacker exploits power-side-channel–induced fault injection during bitstream upload to corrupt the configuration address, thereby hijacking PR traffic to non-target partial reconfigurable regions (PRRs) and overwriting co-located tenant modules beyond memory boundaries. Method: We implement and validate the attack on a Xilinx Pynq platform, targeting the PR infrastructure itself—not runtime execution—demonstrating reliable hijacking of multiple user bitstreams on real hardware. Contribution/Results: The attack bypasses existing runtime detection mechanisms, exposing fundamental flaws in the PR manager’s address validation and boundary protection logic. It establishes the first threat model focused explicitly on the PR control flow, providing empirical evidence of severe integrity violations in FPGA-based multi-tenancy. Our findings underscore urgent requirements for hardened PR management, including robust address integrity checking and strict spatial isolation, thereby informing secure FPGA architecture design for cloud and edge computing environments.

Modern FPGAs are increasingly supporting multi-tenancy to enable dynamic reconfiguration of user modules. While multi-tenant FPGAs improve utilization and flexibility, this paradigm introduces critical security threats. In this paper, we present FLARE, a fault attack that exploits vulnerabilities in the partial reconfiguration process, specifically while a user bitstream is being uploaded to the FPGA by a reconfiguration manager. Unlike traditional fault attacks that operate during module runtime, FLARE injects faults in the bitstream during its reconfiguration, altering the configuration address and redirecting it to unintended partial reconfigurable regions (PRRs). This enables the overwriting of pre-configured co-tenant modules, disrupting their functionality. FLARE leverages power-wasters that activate briefly during the reconfiguration process, making the attack stealthy and more challenging to detect with existing countermeasures. Experimental results on a Xilinx Pynq FPGA demonstrate the effectiveness of FLARE in compromising multiple user bitstreams during the reconfiguration process.