Luca Parrini
Security for Embedded AI accelerators.
Rel. Paolo Ernesto Prinetto. Politecnico di Torino, Corso di laurea magistrale in Ingegneria Elettronica (Electronic Engineering), 2022
Abstract: |
Since the demand of devices running machine learning algorithms is rapidly increasing, hardware security is a growing concern for IoT companies. There are, in fact, multiple works showing that an hypothetical successful attack on a device, could reverse engineer all the details of a pre-trained Neural Network architecture (i.e. number of layers, activation functions, weights...), and compromise the Intellectual property of the company over the algorithm, causing a significant economic damage. One of the most concrete types of threat with this purpose, in fact, are Side-Channel Attacks that have been proved to be really effective and particularly hard to mitigate. In this report I will describe the work that I conducted during my internship with Bosch related to this topic. After a brief introduction on the theory behind these type of attacks, I will explain the hardware structure of the embedded machine learning accelerator focusing on the logic identified as possible target, the used tools to extract the side-channel statistics and then the different attacks which have been conducted. Last but not least, I will describe the countermeasures developed to mitigate these threats. |
---|---|
Relators: | Paolo Ernesto Prinetto |
Academic year: | 2021/22 |
Publication type: | Electronic |
Number of Pages: | 58 |
Additional Information: | Tesi secretata. Fulltext non presente |
Subjects: | |
Corso di laurea: | Corso di laurea magistrale in Ingegneria Elettronica (Electronic Engineering) |
Classe di laurea: | New organization > Master science > LM-29 - ELECTRONIC ENGINEERING |
Ente in cotutela: | INSTITUT EURECOM (FRANCIA) |
Aziende collaboratrici: | Robert Bosch GmbH |
URI: | http://webthesis.biblio.polito.it/id/eprint/22576 |
Modify record (reserved for operators) |