Archivio Istituzionale della RicercaWith the advent of tinyML, IoT devices have expanded their range of operations from simple data gathering and transmission to full-fledged inference. This expansion has been further enabled by the rise in popularity of open-source hardware, with the RISC-V architecture being the most prominent example. TinyML’s decentralization can solve the current privacy and security issues of IoT infrastructures. However, it also shifts the burden of security on already resource-constrained devices. Ultra-low-power devices, in particular, often sacrifice security features for energy and area efficiency. This work aims at showing that, in the context of edge computing based on open-source hardware, neglecting hardware security features for the sake of efficiency is not an acceptable trade-off with respect to AI security.
Model theft attack against a tinyML application running on an Ultra-Low-Power Open-Source SoC / Porsia, Antonio; Ruospo, Annachiara; Sanchez, Ernesto. - (In corso di stampa). (Intervento presentato al convegno 21st ACM International Conference on Computing Frontiers Workshops and Special Sessions (CF '24 Companion)).
Model theft attack against a tinyML application running on an Ultra-Low-Power Open-Source SoC
Porsia, Antonio;Ruospo, Annachiara;Sanchez, Ernesto
In corso di stampa
Abstract
With the advent of tinyML, IoT devices have expanded their range of operations from simple data gathering and transmission to full-fledged inference. This expansion has been further enabled by the rise in popularity of open-source hardware, with the RISC-V architecture being the most prominent example. TinyML’s decentralization can solve the current privacy and security issues of IoT infrastructures. However, it also shifts the burden of security on already resource-constrained devices. Ultra-low-power devices, in particular, often sacrifice security features for energy and area efficiency. This work aims at showing that, in the context of edge computing based on open-source hardware, neglecting hardware security features for the sake of efficiency is not an acceptable trade-off with respect to AI security.
| File | Dimensione | Formato | |
|---|---|---|---|
|
OSHW24.pdf
accesso aperto
Descrizione: Accepted version
Tipologia:
2. Post-print / Author's Accepted Manuscript
Licenza:
PUBBLICO - Tutti i diritti riservati
Dimensione
436.53 kB
Formato
Adobe PDF
|
436.53 kB | Adobe PDF | Visualizza/Apri |
Pubblicazioni consigliate
I documenti in IRIS sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione.
https://hdl.handle.net/11583/2987887