Investigation of Security Vulnerabilities in NVM-Based Persistent TinyML Hardware

IF 2 4区计算机科学 Q3 COMPUTER SCIENCE, HARDWARE & ARCHITECTURE

IEEE Embedded Systems Letters Pub Date : 2024-11-12 DOI:10.1109/LES.2024.3496508

Bhanprakash Goswami;Chithambara J. Moorthii;Harshit Bansal;Ayan Sajwan;Manan Suri

引用次数: 0

Abstract

This study investigates vulnerabilities of future generation nonvolatile memory (NVM)-backed persistent TinyML hardware neural networks to side-channel attacks (SCAs) using electromagnetic (EM) analysis methods. We trained three different tinyML models: MobileNet, ResNet, and EfficientNet on three different standard datasets: F-MNIST, CIFAR-10, and MNIST. The trained networks were then mapped on to a custom FPGA-NVM setup for EM-SCA evaluation. We demonstrate that the information about the stored model parameters/weights can be extracted by applying statistical methods on the collected EM emanation data. Further, we demonstrate that the obtained model parametric information can be used for cloning some of the lightweight edge TinyML models with only 0.5%–10% of total training dataset.

查看原文本刊更多论文

基于nvm的持久性TinyML硬件安全漏洞研究

本研究使用电磁（EM）分析方法研究了下一代非易失性存储器（NVM）支持的持久性TinyML硬件神经网络对侧信道攻击（sca）的漏洞。我们在三个不同的标准数据集（F-MNIST、CIFAR-10和MNIST）上训练了三种不同的tinyML模型：MobileNet、ResNet和EfficientNet。然后将训练好的网络映射到定制的FPGA-NVM设置上，以进行EM-SCA评估。我们证明了通过对收集的电磁辐射数据应用统计方法可以提取有关存储的模型参数/权重的信息。此外，我们证明了获得的模型参数信息可以用于克隆一些轻量级边缘TinyML模型，仅占总训练数据集的0.5%-10%。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

求助全文

约1分钟内获得全文求助全文

来源期刊

IEEE Embedded Systems Letters Engineering-Control and Systems Engineering

CiteScore

3.30

自引率

0.00%

发文量

期刊介绍： The IEEE Embedded Systems Letters (ESL), provides a forum for rapid dissemination of latest technical advances in embedded systems and related areas in embedded software. The emphasis is on models, methods, and tools that ensure secure, correct, efficient and robust design of embedded systems and their applications.