Search for: All records

With the rising adoption of deep neural networks (DNNs) for commercial and high-stakes applications that process sensitive user data and make critical decisions, security concerns are paramount. An adversary can undermine the confidentiality of user input or a DNN model, mislead a DNN to make wrong predictions, or even render a machine learning application unavailable to valid requests. While security vulnerabilities that enable such exploits can exist across multiple levels of the technology stack that supports machine learning applications, the hardware-level vulnerabilities can be particularly problematic. In this article, we provide a comprehensive review of the hardware-level vulnerabilities affecting domain-specific DNN inference accelerators and recent progress in secure hardware design to address these. As domain-specific DNN accelerators have a number of differences compared to general-purpose processors and cryptographic accelerators where the hardware-level vulnerabilities have been thoroughly investigated, there are unique challenges and opportunities for secure machine learning hardware. We first categorize the hardware-level vulnerabilities into three scenarios based on an adversary’s capability: 1) an adversary can only attack the off-chip components, such as the off-chip DRAM and the data bus; 2) an adversary can directly attack the on-chip structures in a DNN accelerator; and 3) an adversary can insert hardware trojans during the manufacturing and design process. For each category, we survey recent studies on attacks that pose practical security challenges to DNN accelerators. Then, we present recent advances in the defense solutions for DNN accelerators, addressing those security challenges with circuit-, architecture-, and algorithm-level techniques. 

PUF tags made from stochastic assembly of silk microparticles provide a unique solution for anticounterfeiting. 

The past few years have witnessed a growing interest in wireless and batteryless implants, due to their potential in long-term biomedical monitoring of in-body conditions such as internal organ movements, bladder pressure, and gastrointestinal health. Early proposals for batteryless implants relied on inductive near-field coupling and ultrasound harvesting, which require direct contact between the external power source and the human body. To overcome this near-field challenge, recent research has investigated the use of RF backscatter in wireless micro-implants because of its ability to communicate with wireless receivers that are placed at a distance outside the body (∼0.5 m), allowing a more seamless user experience. Unfortunately, existing far-field backscatter designs remain limited in their functionality: they cannot perform biometric sensing or secure data transmission; they also suffer from degraded harvesting efficiency and backscatter range due to the impact of variations in the surrounding tissues. In this paper, we present the design of a batteryless, wireless and secure system-on-chip (SoC) implant for in-body strain sensing. The SoC relies on four features: 1) employing a reconfigurable in-body rectenna which can operate across tissues adapting its backscatter bandwidth and center frequency; 2) designing an energy efficient 1.37 mmHg strain sensing front-end with an efficiency of 5.9 mmHg·nJ/conversion; 3) incorporating an AES-GCM security engine to ensure the authenticity and confidentiality of sensed data while sharing the ADC with the sensor interface for an area efficient random number generation; 4) implementing an over-the-air closed-loop wireless programming scheme to reprogram the RF front-end to adapt for surrounding tissues and the sensor front-end to achieve faster settling times below 2 s.