Securing AI Hardware: Challenges in Detecting and Mitigating Hardware Trojans in ML Accelerators
Kevin Immanuel Gubbi, Inderpreet Kaur, Abdallah Hashem, Sai Manoj Pudukotai Dinakarrao, Houman Homayoun, Avesta Sasan, Soheil Salehi
Abstract
Artificial Intelligence (AI) has transformed multiple industries, creating specialized hardware for AI/Machine Learning (ML) workloads. These hardware accelerators have become prevalent in healthcare, scientific computing, space ex-ploration, the military, and consumer electronics. However, using AI hardware in critical systems can pose a significant risk due to potential attack vectors that malicious entities can exploit. One such vulnerability is the insertion of Hardware Trojans (HT) into an Integrated Circuit (IC), which can result in catastrophic consequences. Detecting and mitigating HTs in AI hardware can be a challenge due to the complexity of the hardware and ML algorithms. Moreover, adversarial HT attacks can also degrade model accuracy, and detecting the cause of model accuracy loss is difficult. Thus, developing effective techniques to detect and mitigate HT attacks in AI hardware is crucial. With the added risk of HT insertion by unknown attack vectors, addressing the challenge of mitigating HTs in AI hardware is vital. This paper presents a comprehensive review of the potential threat of Hardware Trojans (HTs) in AI/ML hardware accelerators, provides potential mitigation approaches for securing AI/ML accelerators, and highlights open challenges in this field.