Security Threat Analyses and Attack Models for Approximate Computing Systems

Yellu, Pruthvy; Buell, Landon; Mark, Miguel; Kinsy, Michel A.; Xu, Dongpeng; Yu, Qiaoyan

doi:10.1145/3442380

Cited by 10 publications

(2 citation statements)

References 53 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…The in situ computing offered by memristive crossbar arrays is a form of approximate computing, in which a shift is made "from conventional precise processing to inexact computation but still satisfying the system requirement on accuracy" [16]. Memristor computation falls into this category due to the inherently inexact nature of analog compared to classical digital computation.…”

Section: Approximate Computingmentioning

confidence: 99%

“…While this new paradigm offers performance improvements, it also exposes several new attack surfaces. Yellu et al [16] introduces four new potential attack scenarios: Building Covert Channel, Error Compensation, Tampering Error Resilience Mechanism, and Error Propagation attacks. Building Covert Channel attacks involve the exploitation of approximate compute modules in order to open passive side channels to enable the leakage of covert information.…”

Section: Approximate Computingmentioning

confidence: 99%

See 1 more Smart Citation

Survey of Security Issues in Memristor-Based Machine Learning Accelerators for RF Analysis

Lillis,

Hoffing,

Burleson

2024

Chips

View full text Add to dashboard Cite

We explore security aspects of a new computing paradigm that combines novel memristors and traditional Complimentary Metal Oxide Semiconductor (CMOS) to construct a highly efficient analog and/or digital fabric that is especially well-suited to Machine Learning (ML) inference processors for Radio Frequency (RF) signals. Analog and/or hybrid hardware designed for such application areas follows different constraints from that of traditional CMOS. This paradigm shift allows for enhanced capabilities but also introduces novel attack surfaces. Memristors have different properties than traditional CMOS which can potentially be exploited by attackers. In addition, the mixed signal approximate computing model has different vulnerabilities than traditional digital implementations. However both the memristor and the ML computation can be leveraged to create security mechanisms and countermeasures ranging from lightweight cryptography, identifiers (e.g., Physically Unclonable Functions (PUFs), fingerprints, and watermarks), entropy sources, hardware obfuscation and leakage/attack detection methods. Three different threat models are proposed: (1) Supply Chain, (2) Physical Attacks, and (3) Remote Attacks. For each threat model, potential vulnerabilities and defenses are identified. This survey reviews a variety of recent work from the hardware and ML security literature and proposes open problems for both attack and defense. The survey emphasizes the growing area of RF signal analysis and identification in terms of commercial space, as well as military applications and threat models. We differ from other recent surveys that target ML, in general, neglecting RF applications.

show abstract

Section: Approximate Computingmentioning

confidence: 99%

Section: Approximate Computingmentioning

confidence: 99%