Pub Date : 2023-05-18DOI: https://dl.acm.org/doi/10.1145/3589506
Troya Çağıl Köylü, Cezar Rodolfo Wedig Reinbrecht, Anteneh Gebregiorgis, Said Hamdioui, Mottaqiallah Taouil
Hardware security is currently a very influential domain, where each year countless works are published concerning attacks against hardware and countermeasures. A significant number of them use machine learning, which is proven to be very effective in other domains. This survey, as one of the early attempts, presents the usage of machine learning in hardware security in a full and organized manner. Our contributions include classification and introduction to the relevant fields of machine learning, a comprehensive and critical overview of machine learning usage in hardware security, and an investigation of the hardware attacks against machine learning (neural network) implementations.
{"title":"A Survey on Machine Learning in Hardware Security","authors":"Troya Çağıl Köylü, Cezar Rodolfo Wedig Reinbrecht, Anteneh Gebregiorgis, Said Hamdioui, Mottaqiallah Taouil","doi":"https://dl.acm.org/doi/10.1145/3589506","DOIUrl":"https://doi.org/https://dl.acm.org/doi/10.1145/3589506","url":null,"abstract":"<p>Hardware security is currently a very influential domain, where each year countless works are published concerning attacks against hardware and countermeasures. A significant number of them use machine learning, which is proven to be very effective in other domains. This survey, as one of the early attempts, presents the usage of machine learning in hardware security in a full and organized manner. Our contributions include classification and introduction to the relevant fields of machine learning, a comprehensive and critical overview of machine learning usage in hardware security, and an investigation of the hardware attacks against machine learning (neural network) implementations.</p>","PeriodicalId":50924,"journal":{"name":"ACM Journal on Emerging Technologies in Computing Systems","volume":"97 1","pages":""},"PeriodicalIF":2.2,"publicationDate":"2023-05-18","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"138505876","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":4,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2023-05-03DOI: https://dl.acm.org/doi/10.1145/3585518
Yu Ma, Linfeng Zheng, Pingqiang Zhou
There is an increasing demand for running neural network inference on edge devices. Memristor crossbar array (MCA) based accelerators can be used to accelerate neural networks on edge devices. However, reliability issues in memristors, such as stuck-at faults (SAF) and variations, lead to weight deviation of neural networks and therefore have a severe influence on inference accuracy. In this work, we focus on the reliability issues in memristors for edge devices. We formulate the reliability problem as a 0–1 programming problem, based on the analysis of sum weight variation (SWV). In order to solve the problem, we simplify the problem with an approximation - different columns have the same weights, based on our observation of the weight distribution. Then we propose an effective mapping method to solve the simplified problem. We evaluate our proposed method with two neural network applications on two datasets. The experimental results on the classification application show that our proposed method can recover 95% accuracy considering SAF defects and can increase by up to 60% accuracy with variation σ =0.4. The results of the neural rendering application show that our proposed method can prevent render quality reduction.
{"title":"A Mapping Method Tolerating SAF and Variation for Memristor Crossbar Array Based Neural Network Inference on Edge Devices","authors":"Yu Ma, Linfeng Zheng, Pingqiang Zhou","doi":"https://dl.acm.org/doi/10.1145/3585518","DOIUrl":"https://doi.org/https://dl.acm.org/doi/10.1145/3585518","url":null,"abstract":"<p>There is an increasing demand for running neural network inference on edge devices. <b>Memristor crossbar array (MCA)</b> based accelerators can be used to accelerate neural networks on edge devices. However, reliability issues in memristors, such as <b>stuck-at faults (SAF)</b> and variations, lead to weight deviation of neural networks and therefore have a severe influence on inference accuracy. In this work, we focus on the reliability issues in memristors for edge devices. We formulate the reliability problem as a 0–1 programming problem, based on the analysis of <b>sum weight variation (SWV)</b>. In order to solve the problem, we simplify the problem with an approximation - different columns have the same weights, based on our observation of the weight distribution. Then we propose an effective mapping method to solve the simplified problem. We evaluate our proposed method with two neural network applications on two datasets. The experimental results on the classification application show that our proposed method can recover 95% accuracy considering SAF defects and can increase by up to 60% accuracy with variation σ =0.4. The results of the neural rendering application show that our proposed method can prevent render quality reduction.</p>","PeriodicalId":50924,"journal":{"name":"ACM Journal on Emerging Technologies in Computing Systems","volume":"38 1","pages":""},"PeriodicalIF":2.2,"publicationDate":"2023-05-03","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"138543452","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":4,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2023-05-03DOI: https://dl.acm.org/doi/10.1145/3584183
Mingdai Yang, Qiuwen Lou, Ramin Rajaei, Mohammad Reza Jokar, Junyi Qiu, Yuming Liu, Aditi Udupa, Frederic T. Chong, John M. Dallesasse, Milton Feng, Lynford L. Goddard, X. Sharon Hu, Yanjing Li
Optical deep learning (DL) accelerators have attracted significant interests due to their latency and power advantages. In this article, we focus on incoherent optical designs. A significant challenge is that there is no known solution to perform single-wavelength accumulation (a key operation required for DL workloads) using incoherent optical signals efficiently. Therefore, we devise a hybrid approach, where accumulation is done in the electrical domain, and multiplication is performed in the optical domain. The key technology enabler of our design is the transistor laser, which performs electrical-to-optical and optical-to-electrical conversions efficiently. Through detailed design and evaluation of our design, along with a comprehensive benchmarking study against state-of-the-art RRAM-based designs, we derive the following key results:
(1) For a four-layer multilayer perceptron network, our design achieves 115× and 17.11× improvements in latency and energy, respectively, compared to the RRAM-based design. We can take full advantage of the speed and energy benefits of the optical technology because the inference task can be entirely mapped onto our design.
(2) For a complex workload (Resnet50), weight reprogramming is needed, and intermediate results need to be stored/re-fetched to/from memories. In this case, for the same area, our design still outperforms the RRAM-based design by 15.92× in inference latency, and 8.99× in energy.
{"title":"A Hybrid Optical-Electrical Analog Deep Learning Accelerator Using Incoherent Optical Signals","authors":"Mingdai Yang, Qiuwen Lou, Ramin Rajaei, Mohammad Reza Jokar, Junyi Qiu, Yuming Liu, Aditi Udupa, Frederic T. Chong, John M. Dallesasse, Milton Feng, Lynford L. Goddard, X. Sharon Hu, Yanjing Li","doi":"https://dl.acm.org/doi/10.1145/3584183","DOIUrl":"https://doi.org/https://dl.acm.org/doi/10.1145/3584183","url":null,"abstract":"<p>Optical deep learning (DL) accelerators have attracted significant interests due to their latency and power advantages. In this article, we focus on incoherent optical designs. A significant challenge is that there is no known solution to perform single-wavelength accumulation (a key operation required for DL workloads) using incoherent optical signals efficiently. Therefore, we devise a hybrid approach, where accumulation is done in the electrical domain, and multiplication is performed in the optical domain. The key technology enabler of our design is the transistor laser, which performs electrical-to-optical and optical-to-electrical conversions efficiently. Through detailed design and evaluation of our design, along with a comprehensive benchmarking study against state-of-the-art RRAM-based designs, we derive the following key results:</p><p>(1) For a four-layer multilayer perceptron network, our design achieves 115× and 17.11× improvements in latency and energy, respectively, compared to the RRAM-based design. We can take full advantage of the speed and energy benefits of the optical technology because the inference task can be entirely mapped onto our design.</p><p>(2) For a complex workload (Resnet50), weight reprogramming is needed, and intermediate results need to be stored/re-fetched to/from memories. In this case, for the same area, our design still outperforms the RRAM-based design by 15.92× in inference latency, and 8.99× in energy.</p>","PeriodicalId":50924,"journal":{"name":"ACM Journal on Emerging Technologies in Computing Systems","volume":"100 3","pages":""},"PeriodicalIF":2.2,"publicationDate":"2023-05-03","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"138505864","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":4,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
A. Patooghy, Mahdi M. Hasanzadeh, Amin Sarihi, M. Abdelrehim, Abdel-Hameed A. Badawy
Network-on-chip (NoC) is widely used as an efficient communication architecture in multi-core and many-core System-on-chips (SoCs). However, the shared communication resources in an NoC platform, e.g., channels, buffers, and routers, might be used to conduct attacks compromising the security of NoC-based SoCs. Most of the proposed encryption-based protection methods in the literature require leaving some parts of the packet unencrypted to allow the routers to process/forward packets accordingly. This reveals the source/destination information of the packet to malicious routers, which can be exploited in various attacks. For the first time, we propose the idea of secure, anonymous routing with minimal hardware overhead to encrypt the entire packet while exchanging secure information over the network. We have designed and implemented a new NoC architecture that works with encrypted addresses. The proposed method can manage malicious and benign failures at NoC channels and buffers by bypassing failed components with a situation-driven stochastic path diversification approach. Hardware evaluations show that the proposed security solution combats the security threats at the affordable cost of 1.5% area and 20% power overheads chip-wide.
{"title":"Securing Network-on-chips Against Fault-injection and Crypto-analysis Attacks via Stochastic Anonymous Routing","authors":"A. Patooghy, Mahdi M. Hasanzadeh, Amin Sarihi, M. Abdelrehim, Abdel-Hameed A. Badawy","doi":"10.1145/3592798","DOIUrl":"https://doi.org/10.1145/3592798","url":null,"abstract":"Network-on-chip (NoC) is widely used as an efficient communication architecture in multi-core and many-core System-on-chips (SoCs). However, the shared communication resources in an NoC platform, e.g., channels, buffers, and routers, might be used to conduct attacks compromising the security of NoC-based SoCs. Most of the proposed encryption-based protection methods in the literature require leaving some parts of the packet unencrypted to allow the routers to process/forward packets accordingly. This reveals the source/destination information of the packet to malicious routers, which can be exploited in various attacks. For the first time, we propose the idea of secure, anonymous routing with minimal hardware overhead to encrypt the entire packet while exchanging secure information over the network. We have designed and implemented a new NoC architecture that works with encrypted addresses. The proposed method can manage malicious and benign failures at NoC channels and buffers by bypassing failed components with a situation-driven stochastic path diversification approach. Hardware evaluations show that the proposed security solution combats the security threats at the affordable cost of 1.5% area and 20% power overheads chip-wide.","PeriodicalId":50924,"journal":{"name":"ACM Journal on Emerging Technologies in Computing Systems","volume":" ","pages":"1 - 21"},"PeriodicalIF":2.2,"publicationDate":"2023-04-18","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"44427268","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":4,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pravin Gaikwad, Jonathan Cruz, Prabuddha Chakraborty, S. Bhunia, Tamzidul Hoque
System-on-chip (SoC) developers increasingly rely on pre-verified hardware intellectual property (IP) blocks often acquired from untrusted third-party vendors. These IPs might contain hidden malicious functionalities or hardware Trojans that may compromise the security of the fabricated SoCs. Lack of golden or reference models and vast possible Trojan attack space form some of the major barriers in detecting hardware Trojans in these third-party IP (3PIP) blocks. Recently, supervised machine learning (ML) techniques have shown promising capability in identifying nets of potential Trojans in 3PIPs without the need for golden models. However, they bring several major challenges. First, they do not guide us to an optimal choice of features that reliably covers diverse classes of Trojans. Second, they require multiple Trojan-free/trusted designs to insert known Trojans and generate a trained model. Even if a set of trusted designs are available for training, the suspect IP can have an inherently very different structure from the set of trusted designs, which may negatively impact the verification outcome. Third, these techniques only identify a set of suspect Trojan nets that require manual intervention to understand the potential threat. In this article, we present VIPR, a systematic machine learning (ML)-based trust verification solution for 3PIPs that eliminates the need for trusted designs for training. We present a comprehensive framework, associated algorithms, and a tool flow for obtaining an optimal set of features, training a targeted machine learning model, detecting suspect nets, and identifying Trojan circuitry from the suspect nets. We evaluate the framework on several Trust-Hub Trojan benchmarks and provide a comparative analysis of detection performance across different trained models, selection of features, and post-processing techniques. We demonstrate promising Trojan detection accuracy for VIPR with up to 92.85% reduction in false positives by the proposed post-processing algorithm.
{"title":"Hardware IP Assurance against Trojan Attacks with Machine Learning and Post-processing","authors":"Pravin Gaikwad, Jonathan Cruz, Prabuddha Chakraborty, S. Bhunia, Tamzidul Hoque","doi":"10.1145/3592795","DOIUrl":"https://doi.org/10.1145/3592795","url":null,"abstract":"System-on-chip (SoC) developers increasingly rely on pre-verified hardware intellectual property (IP) blocks often acquired from untrusted third-party vendors. These IPs might contain hidden malicious functionalities or hardware Trojans that may compromise the security of the fabricated SoCs. Lack of golden or reference models and vast possible Trojan attack space form some of the major barriers in detecting hardware Trojans in these third-party IP (3PIP) blocks. Recently, supervised machine learning (ML) techniques have shown promising capability in identifying nets of potential Trojans in 3PIPs without the need for golden models. However, they bring several major challenges. First, they do not guide us to an optimal choice of features that reliably covers diverse classes of Trojans. Second, they require multiple Trojan-free/trusted designs to insert known Trojans and generate a trained model. Even if a set of trusted designs are available for training, the suspect IP can have an inherently very different structure from the set of trusted designs, which may negatively impact the verification outcome. Third, these techniques only identify a set of suspect Trojan nets that require manual intervention to understand the potential threat. In this article, we present VIPR, a systematic machine learning (ML)-based trust verification solution for 3PIPs that eliminates the need for trusted designs for training. We present a comprehensive framework, associated algorithms, and a tool flow for obtaining an optimal set of features, training a targeted machine learning model, detecting suspect nets, and identifying Trojan circuitry from the suspect nets. We evaluate the framework on several Trust-Hub Trojan benchmarks and provide a comparative analysis of detection performance across different trained models, selection of features, and post-processing techniques. We demonstrate promising Trojan detection accuracy for VIPR with up to 92.85% reduction in false positives by the proposed post-processing algorithm.","PeriodicalId":50924,"journal":{"name":"ACM Journal on Emerging Technologies in Computing Systems","volume":"19 1","pages":"1 - 23"},"PeriodicalIF":2.2,"publicationDate":"2023-04-18","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"46451726","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":4,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Due to the advancement of transistor technology, a single chip processor can now have hundreds of cores. Network-on-Chip (NoC) has been the superior interconnect fabric for multi/many-core on-chip systems because of its scalability and parallelism. Due to the rise of dark silicon with the end of Dennard Scaling, it becomes essential to design energy efficient and high performance heterogeneous NoC-based multi/many-core architectures. Because of the large and complex design space, the solution space becomes difficult to explore within a reasonable time for optimal trade-offs of energy-performance-reliability. Furthermore, reactive resource management is not effective in preventing problems from happening in adaptive systems. Therefore, in this work, we explore machine learning techniques to design and configure the NoC resources based on the learning of the system and applications workloads. Machine learning can automatically learn from past experiences and guide the NoC intelligently to achieve its objective on performance, power, and reliability. We present the challenges of NoC design and resource management and propose a generalized machine learning framework to uncover near-optimal solutions quickly. We propose and implement a NoC design and optimization solution enabled by neural networks, using the generalized machine learning framework. Simulation results demonstrated that the proposed neural networks-based design and optimization solution improves performance by 15% and reduces energy consumption by 6% compared to an existing non-machine learning-based solution while the proposed solution improves NoC latency and throughput compared to two existing machine learning-based NoC optimization solutions. The challenges of machine learning technique adaptation in multi/many-core NoC have been presented to guide future research.
{"title":"Machine Learning Enabled Solutions for Design and Optimization Challenges in Networks-on-Chip based Multi/Many-Core Architectures","authors":"Md Farhadur Reza","doi":"10.1145/3591470","DOIUrl":"https://doi.org/10.1145/3591470","url":null,"abstract":"Due to the advancement of transistor technology, a single chip processor can now have hundreds of cores. Network-on-Chip (NoC) has been the superior interconnect fabric for multi/many-core on-chip systems because of its scalability and parallelism. Due to the rise of dark silicon with the end of Dennard Scaling, it becomes essential to design energy efficient and high performance heterogeneous NoC-based multi/many-core architectures. Because of the large and complex design space, the solution space becomes difficult to explore within a reasonable time for optimal trade-offs of energy-performance-reliability. Furthermore, reactive resource management is not effective in preventing problems from happening in adaptive systems. Therefore, in this work, we explore machine learning techniques to design and configure the NoC resources based on the learning of the system and applications workloads. Machine learning can automatically learn from past experiences and guide the NoC intelligently to achieve its objective on performance, power, and reliability. We present the challenges of NoC design and resource management and propose a generalized machine learning framework to uncover near-optimal solutions quickly. We propose and implement a NoC design and optimization solution enabled by neural networks, using the generalized machine learning framework. Simulation results demonstrated that the proposed neural networks-based design and optimization solution improves performance by 15% and reduces energy consumption by 6% compared to an existing non-machine learning-based solution while the proposed solution improves NoC latency and throughput compared to two existing machine learning-based NoC optimization solutions. The challenges of machine learning technique adaptation in multi/many-core NoC have been presented to guide future research.","PeriodicalId":50924,"journal":{"name":"ACM Journal on Emerging Technologies in Computing Systems","volume":"30 1","pages":"1 - 26"},"PeriodicalIF":2.2,"publicationDate":"2023-04-17","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"41287581","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":4,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Recently, harvesting natural energy is gaining more attention than other conventional approaches for sustainable IoT. System on chip power requirement for the internet of things (IoT) and generating higher voltages on chip is a massive challenge for on-chip peripherals and systems. In this article, an on-chip reliable energy-harvesting system (EHS) is designed for IoT with an inductor-free methodology. The control section monitors the computational load and the recharging of the battery/super-capacitor. An efficient maximum power point tracking algorithm is also used to avoid quiescent power consumption. The reliability of the proposed EHS is improved by using an aging tolerant ring oscillator. The effect of Trojan on the performance of energy-harvesting system is analyzed, and proper detection and mitigation mechanism is proposed. Finally, the proposed ripple mitigation techniques further improves the performance of the aging sensor. The proposed EHS is designed and simulated in CMOS 90-nm technology. The output voltage is in the range of 3–3.55 V with an input 1–1.5 V with a power throughput of 0–22 μW. The EHS consumes power under the ultra-low-power requirements of IoT smart nodes.
{"title":"Eternal-thing 2.0: Analog-Trojan-resilient Ripple-less Solar Harvesting System for Sustainable IoT","authors":"Saswat Kumar Ram, Sauvagya Ranjan Sahoo, Banee Bandana Das, Kamalakanta Mahapatra, Saraju P. Mohanty","doi":"https://dl.acm.org/doi/10.1145/3575800","DOIUrl":"https://doi.org/https://dl.acm.org/doi/10.1145/3575800","url":null,"abstract":"<p>Recently, harvesting natural energy is gaining more attention than other conventional approaches for sustainable IoT. System on chip power requirement for the internet of things (IoT) and generating higher voltages on chip is a massive challenge for on-chip peripherals and systems. In this article, an on-chip reliable energy-harvesting system (EHS) is designed for IoT with an inductor-free methodology. The control section monitors the computational load and the recharging of the battery/super-capacitor. An efficient maximum power point tracking algorithm is also used to avoid quiescent power consumption. The reliability of the proposed EHS is improved by using an aging tolerant ring oscillator. The effect of Trojan on the performance of energy-harvesting system is analyzed, and proper detection and mitigation mechanism is proposed. Finally, the proposed ripple mitigation techniques further improves the performance of the aging sensor. The proposed EHS is designed and simulated in CMOS 90-nm technology. The output voltage is in the range of 3–3.55 V with an input 1–1.5 V with a power throughput of 0–22 μW. The EHS consumes power under the ultra-low-power requirements of IoT smart nodes.</p>","PeriodicalId":50924,"journal":{"name":"ACM Journal on Emerging Technologies in Computing Systems","volume":"94 4","pages":""},"PeriodicalIF":2.2,"publicationDate":"2023-03-28","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"138505885","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":4,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Troya Çagil Köylü, Cezar Rodolfo Wedig Reinbrecht, A. Gebregiorgis, S. Hamdioui, M. Taouil
Hardware security is currently a very influential domain, where each year countless works are published concerning attacks against hardware and countermeasures. A significant number of them use machine learning, which is proven to be very effective in other domains. This survey, as one of the early attempts, presents the usage of machine learning in hardware security in a full and organized manner. Our contributions include classification and introduction to the relevant fields of machine learning, a comprehensive and critical overview of machine learning usage in hardware security, and an investigation of the hardware attacks against machine learning (neural network) implementations.
{"title":"A Survey on Machine Learning in Hardware Security","authors":"Troya Çagil Köylü, Cezar Rodolfo Wedig Reinbrecht, A. Gebregiorgis, S. Hamdioui, M. Taouil","doi":"10.1145/3589506","DOIUrl":"https://doi.org/10.1145/3589506","url":null,"abstract":"Hardware security is currently a very influential domain, where each year countless works are published concerning attacks against hardware and countermeasures. A significant number of them use machine learning, which is proven to be very effective in other domains. This survey, as one of the early attempts, presents the usage of machine learning in hardware security in a full and organized manner. Our contributions include classification and introduction to the relevant fields of machine learning, a comprehensive and critical overview of machine learning usage in hardware security, and an investigation of the hardware attacks against machine learning (neural network) implementations.","PeriodicalId":50924,"journal":{"name":"ACM Journal on Emerging Technologies in Computing Systems","volume":"19 1","pages":"1 - 37"},"PeriodicalIF":2.2,"publicationDate":"2023-03-28","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"48616269","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":4,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2023-03-25DOI: https://dl.acm.org/doi/10.1145/3577215
Dipojjwal Ray, Yogendra Sao, Santosh Biswas, Sk Subidh Ali
Scan chain-based Design for Testability is the industry standard in use for testing manufacturing defects in the semiconductor industry to ensure the structural and functional correctness of chips. Fault coverage is significantly enhanced due to the higher observability and controllability of the internal latches. These ensuing benefits to testing, if misused, expose vulnerabilities that can be detrimental to the security aspects, especially in the context of crypto-chips that contain a secret key. Hence, it remains of paramount importance for a chip designer to secure crypto-chips against various scan attacks. A countermeasure is proposed in this article that preserves the secrecy of an embedded key in a cryptographic integrated circuit running an Advanced Encryption Standard (AES) implementation. A novel design involving a hardware unit is illustrated that circumvents differential scan attacks by essentially performing bit flips deterministically, using a pre-computed mask value. This helps secure the chip while retaining full testability. The controller logic directly depends on a mask determination algorithm that can defend against any scan attack with 𝒪 theoretical complexity. Security analysis of our proposed defense procedure is performed in the framework of Discrete Event Systems (DES). The sequential scan circuit of an AES cryptosystem is modeled as a DES using Finite State Automata. A security notion, Opacity, is used to quantify and formally verify the security aspects of our controlled system, which shows that the entropy of the secret key is preserved. A case study is performed that shows to mitigate state-of-the-art differential scan attacks successfully at a nominal extra overhead of 1.78%.
{"title":"On Securing Cryptographic ICs against Scan-based Attacks: A Hamming Weight Distribution Perspective","authors":"Dipojjwal Ray, Yogendra Sao, Santosh Biswas, Sk Subidh Ali","doi":"https://dl.acm.org/doi/10.1145/3577215","DOIUrl":"https://doi.org/https://dl.acm.org/doi/10.1145/3577215","url":null,"abstract":"<p>Scan chain-based Design for Testability is the industry standard in use for testing manufacturing defects in the semiconductor industry to ensure the structural and functional correctness of chips. Fault coverage is significantly enhanced due to the higher observability and controllability of the internal latches. These ensuing benefits to testing, if misused, expose vulnerabilities that can be detrimental to the security aspects, especially in the context of crypto-chips that contain a secret key. Hence, it remains of paramount importance for a chip designer to secure crypto-chips against various scan attacks. A countermeasure is proposed in this article that preserves the secrecy of an embedded key in a cryptographic integrated circuit running an Advanced Encryption Standard (AES) implementation. A novel design involving a hardware unit is illustrated that circumvents differential scan attacks by essentially performing bit flips deterministically, using a pre-computed mask value. This helps secure the chip while retaining full testability. The controller logic directly depends on a mask determination algorithm that can defend against any scan attack with 𝒪 theoretical complexity. Security analysis of our proposed defense procedure is performed in the framework of Discrete Event Systems (DES). The sequential scan circuit of an AES cryptosystem is modeled as a DES using Finite State Automata. A security notion, <i>Opacity</i>, is used to quantify and formally verify the security aspects of our controlled system, which shows that the entropy of the secret key is preserved. A case study is performed that shows to mitigate state-of-the-art differential scan attacks successfully at a nominal extra overhead of 1.78%.</p>","PeriodicalId":50924,"journal":{"name":"ACM Journal on Emerging Technologies in Computing Systems","volume":"98 3","pages":""},"PeriodicalIF":2.2,"publicationDate":"2023-03-25","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"138505871","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":4,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2023-03-25DOI: https://dl.acm.org/doi/10.1145/3579033
Xiangru Chen, Maneesh Merugu, Jiaqi Zhang, Sandip Ray
Multi-tenant applications have been proliferating in recent years, supported by the emergence of computing-as-service paradigms. Unfortunately, multi-tenancy induces new security vulnerabilities due to spatial or temporal co-location of applications with possibly malicious intent. In this article, we consider a special class of stealthy integrity attacks on multi-tenant deep learning accelerators. One interesting conclusion is that it is possible to perform targeted integrity attacks on kernel weights of deep learning systems such that it remains functional but mis-labels specific categories of input data through standard RowHammer attacks by only changing 0.0009% of the total weights. We develop an automated framework, AroMa, to evaluate the impact of multi-tenancy on security of deep learning accelerators against integrity attacks on memory systems. We present extensive evaluations on AroMa to demonstrate its effectiveness.
{"title":"AroMa: Evaluating Deep Learning Systems for Stealthy Integrity Attacks on Multi-tenant Accelerators","authors":"Xiangru Chen, Maneesh Merugu, Jiaqi Zhang, Sandip Ray","doi":"https://dl.acm.org/doi/10.1145/3579033","DOIUrl":"https://doi.org/https://dl.acm.org/doi/10.1145/3579033","url":null,"abstract":"<p>Multi-tenant applications have been proliferating in recent years, supported by the emergence of computing-as-service paradigms. Unfortunately, multi-tenancy induces new security vulnerabilities due to spatial or temporal co-location of applications with possibly malicious intent. In this article, we consider a special class of stealthy integrity attacks on multi-tenant deep learning accelerators. One interesting conclusion is that it is possible to perform targeted integrity attacks on kernel weights of deep learning systems such that it remains functional but mis-labels specific categories of input data through standard RowHammer attacks by only changing 0.0009% of the total weights. We develop an automated framework, <span>AroMa</span>, to evaluate the impact of multi-tenancy on security of deep learning accelerators against integrity attacks on memory systems. We present extensive evaluations on <span>AroMa</span> to demonstrate its effectiveness.</p>","PeriodicalId":50924,"journal":{"name":"ACM Journal on Emerging Technologies in Computing Systems","volume":"95 3","pages":""},"PeriodicalIF":2.2,"publicationDate":"2023-03-25","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"138505882","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":4,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
扫码关注我们
求助内容:
应助结果提醒方式:
京公网安备 11010802042870号