Key information:
| Student | Arezou Nayebi |
| Academic Supervisors | |
| Cohort | 3 |
| Pure Link | Active Project |
Artificial intelligence modules are expected to be deployed in several fields, including autonomous vehicles, automotive systems, space applications and industrial robotics. There is a need to develop trusted hardware for AI modules to promote the social implementation of AI. On the other hand, several emerging security attacks at the ASIC hardware level can sabotage these systems' operations and greatly undermine their trustworthiness. For example, a hardware Trojan inserted by a malicious designer can reduce the classification accuracy of a machine learning module, leading to undesirable consequences. An intentional fault injection tough a direct physical attack can also have a similar impact. These threats are further aggravated by adopting approximate computation mechanisms for implementing AI modules.
The first stage of this project aims to reveal the vulnerabilities of AI modules to hardware-based attacks, which allows for suitable countermeasures to be developed in the second stage.
This project can also explore the vulnerabilities to EMC (Electromagnetic compatibility) attacks or cosmic radiation in space applications.
The current considered AI module is a convolution Neural Network (CNN) applied on the hardware level. Hardware Trojans attack the AI module to assess vulnerabilities in the change of the AI modules' functionality and their accuracy in correct answers.
• One of the applications of CNN architecture is in Autonomous Vehicles to detect and track objects in real time.
• A Hardware Trojan is a malicious modification of the circuitry of an integrated circuit. A hardware Trojan is completely characterized by its physical representation and its behaviour.