Efficient Memory Encryption for Neural Network Accelerators


The widespread integration of machine learning (ML) in edge and mobile devices, particularly in critical contexts like autonomous vehicles, highlights the need for robust security. However, ensuring data confidentiality and preserving inference integrity is costly due to the mismatch between traditional security methods and ML demands. This thesis proposes an innovative ML-specific security solution, focusing on a neural network accelerator-enhanced field-programmable gate array (FPGA) developed with a partner company. Using industry-ready cores we have designed a Secure Gateway architecture that takes advantage of the inherent memory access patterns to provide basic security at a much lower cost than the general methods could. The Secure Gateway is placed between the DRAM and the main CPU with the attached accelerator. While there still are some scenarios where limitations appear we showed that security can be implemented based solely on security primitives

    Similar works