-
Compressed Latent Replays for Lightweight Continual Learning on Spiking Neural Networks
Authors:
Alberto Dequino,
Alessio Carpegna,
Davide Nadalini,
Alessandro Savino,
Luca Benini,
Stefano Di Carlo,
Francesco Conti
Abstract:
Rehearsal-based Continual Learning (CL) has been intensely investigated in Deep Neural Networks (DNNs). However, its application in Spiking Neural Networks (SNNs) has not been explored in depth. In this paper we introduce the first memory-efficient implementation of Latent Replay (LR)-based CL for SNNs, designed to seamlessly integrate with resource-constrained devices. LRs combine new samples wit…
▽ More
Rehearsal-based Continual Learning (CL) has been intensely investigated in Deep Neural Networks (DNNs). However, its application in Spiking Neural Networks (SNNs) has not been explored in depth. In this paper we introduce the first memory-efficient implementation of Latent Replay (LR)-based CL for SNNs, designed to seamlessly integrate with resource-constrained devices. LRs combine new samples with latent representations of previously learned data, to mitigate forgetting. Experiments on the Heidelberg SHD dataset with Sample and Class-Incremental tasks reach a Top-1 accuracy of 92.5% and 92%, respectively, without forgetting the previously learned information. Furthermore, we minimize the LRs' requirements by applying a time-domain compression, reducing by two orders of magnitude their memory requirement, with respect to a naive rehearsal setup, with a maximum accuracy drop of 4%. On a Multi-Class-Incremental task, our SNN learns 10 new classes from an initial set of 10, reaching a Top-1 accuracy of 78.4% on the full test set.
△ Less
Submitted 8 May, 2024;
originally announced July 2024.
-
Navigating the road to automotive cybersecurity compliance
Authors:
Franco Oberti,
Fabrizio Abrate,
Alessandro Savino,
Filippo Parisi,
Stefano Di Carlo
Abstract:
The automotive industry has evolved significantly since the introduction of the Ford Model T in 1908. Today's vehicles are not merely mechanical constructs; they are integral components of a complex digital ecosystem, equipped with advanced connectivity features powered by Artificial Intelligence and cloud computing technologies. This evolution has enhanced vehicle safety, efficiency, and the over…
▽ More
The automotive industry has evolved significantly since the introduction of the Ford Model T in 1908. Today's vehicles are not merely mechanical constructs; they are integral components of a complex digital ecosystem, equipped with advanced connectivity features powered by Artificial Intelligence and cloud computing technologies. This evolution has enhanced vehicle safety, efficiency, and the overall driving experience. However, it also introduces new challenges, notably in cybersecurity.
With the increasing integration of digital technologies, vehicles have become more susceptible to cyber-attacks, prompting significant cybersecurity concerns. These concerns include securing sensitive data, protecting vehicles from unauthorized access, and ensuring user privacy. In response, the automotive industry is compelled to adopt robust cybersecurity measures to safeguard both vehicles and data against potential threats.
Legislative frameworks such as UNR155 and UNR156 by the United Nations, along with other international regulations, aim to establish stringent cybersecurity mandates. These regulations require compliance with comprehensive cybersecurity management systems and necessitate regular updates and testing to cope with the evolving nature of cyber threats. The introduction of such regulations highlights the growing recognition of cybersecurity as a critical component of automotive safety and functionality.
The future of automotive cybersecurity lies in the continuous development of advanced protective measures and collaborative efforts among all stakeholders, including manufacturers, policymakers, and cybersecurity professionals. Only through such concerted efforts can the industry hope to address the dual goals of innovation in vehicle functionality and stringent security measures against the backdrop of an increasingly interconnected digital landscape.
△ Less
Submitted 29 June, 2024;
originally announced July 2024.
-
Hardware-based stack buffer overflow attack detection on RISC-V architectures
Authors:
Cristiano Pegoraro Chenet,
Ziteng Zhang,
Alessandro Savino,
Stefano Di Carlo
Abstract:
This work evaluates how well hardware-based approaches detect stack buffer overflow (SBO) attacks in RISC-V systems. We conducted simulations on the PULP platform and examined micro-architecture events using semi-supervised anomaly detection techniques. The findings showed the challenge of detection performance. Thus, a potential solution combines software and hardware-based detectors concurrently…
▽ More
This work evaluates how well hardware-based approaches detect stack buffer overflow (SBO) attacks in RISC-V systems. We conducted simulations on the PULP platform and examined micro-architecture events using semi-supervised anomaly detection techniques. The findings showed the challenge of detection performance. Thus, a potential solution combines software and hardware-based detectors concurrently, with hardware as the primary defense. The hardware-based approaches present compelling benefits that could enhance RISC-V-based architectures.
△ Less
Submitted 12 June, 2024;
originally announced June 2024.
-
CARACAS: vehiCular ArchitectuRe for detAiled Can Attacks Simulation
Authors:
Sadek Misto Kirdi,
Nicola Scarano,
Franco Oberti,
Luca Mannella,
Stefano Di Carlo,
Alessandro Savino
Abstract:
Modern vehicles are increasingly vulnerable to attacks that exploit network infrastructures, particularly the Controller Area Network (CAN) networks. To effectively counter such threats using contemporary tools like Intrusion Detection Systems (IDSs) based on data analysis and classification, large datasets of CAN messages become imperative. This paper delves into the feasibility of generating syn…
▽ More
Modern vehicles are increasingly vulnerable to attacks that exploit network infrastructures, particularly the Controller Area Network (CAN) networks. To effectively counter such threats using contemporary tools like Intrusion Detection Systems (IDSs) based on data analysis and classification, large datasets of CAN messages become imperative. This paper delves into the feasibility of generating synthetic datasets by harnessing the modeling capabilities of simulation frameworks such as Simulink coupled with a robust representation of attack models to present CARACAS, a vehicular model, including component control via CAN messages and attack injection capabilities. CARACAS showcases the efficacy of this methodology, including a Battery Electric Vehicle (BEV) model, and focuses on attacks targeting torque control in two distinct scenarios.
△ Less
Submitted 11 June, 2024;
originally announced June 2024.
-
R-CONV: An Analytical Approach for Efficient Data Reconstruction via Convolutional Gradients
Authors:
Tamer Ahmed Eltaras,
Qutaibah Malluhi,
Alessandro Savino,
Stefano Di Carlo,
Adnan Qayyum,
Junaid Qadir
Abstract:
In the effort to learn from extensive collections of distributed data, federated learning has emerged as a promising approach for preserving privacy by using a gradient-sharing mechanism instead of exchanging raw data. However, recent studies show that private training data can be leaked through many gradient attacks. While previous analytical-based attacks have successfully reconstructed input da…
▽ More
In the effort to learn from extensive collections of distributed data, federated learning has emerged as a promising approach for preserving privacy by using a gradient-sharing mechanism instead of exchanging raw data. However, recent studies show that private training data can be leaked through many gradient attacks. While previous analytical-based attacks have successfully reconstructed input data from fully connected layers, their effectiveness diminishes when applied to convolutional layers. This paper introduces an advanced data leakage method to efficiently exploit convolutional layers' gradients. We present a surprising finding: even with non-fully invertible activation functions, such as ReLU, we can analytically reconstruct training samples from the gradients. To the best of our knowledge, this is the first analytical approach that successfully reconstructs convolutional layer inputs directly from the gradients, bypassing the need to reconstruct layers' outputs. Prior research has mainly concentrated on the weight constraints of convolution layers, overlooking the significance of gradient constraints. Our findings demonstrate that existing analytical methods used to estimate the risk of gradient attacks lack accuracy. In some layers, attacks can be launched with less than 5% of the reported constraints.
△ Less
Submitted 6 June, 2024;
originally announced June 2024.
-
SpikeExplorer: hardware-oriented Design Space Exploration for Spiking Neural Networks on FPGA
Authors:
Dario Padovano,
Alessio Carpegna,
Alessandro Savino,
Stefano Di Carlo
Abstract:
One of today's main concerns is to bring Artificial Intelligence power to embedded systems for edge applications. The hardware resources and power consumption required by state-of-the-art models are incompatible with the constrained environments observed in edge systems, such as IoT nodes and wearable devices. Spiking Neural Networks (SNNs) can represent a solution in this sense: inspired by neuro…
▽ More
One of today's main concerns is to bring Artificial Intelligence power to embedded systems for edge applications. The hardware resources and power consumption required by state-of-the-art models are incompatible with the constrained environments observed in edge systems, such as IoT nodes and wearable devices. Spiking Neural Networks (SNNs) can represent a solution in this sense: inspired by neuroscience, they reach unparalleled power and resource efficiency when run on dedicated hardware accelerators. However, when designing such accelerators, the amount of choices that can be taken is huge. This paper presents SpikExplorer, a modular and flexible Python tool for hardware-oriented Automatic Design Space Exploration to automate the configuration of FPGA accelerators for SNNs. Using Bayesian optimizations, SpikerExplorer enables hardware-centric multi-objective optimization, supporting factors such as accuracy, area, latency, power, and various combinations during the exploration process. The tool searches the optimal network architecture, neuron model, and internal and training parameters, trying to reach the desired constraints imposed by the user. It allows for a straightforward network configuration, providing the full set of explored points for the user to pick the trade-off that best fits the needs. The potential of SpikExplorer is showcased using three benchmark datasets. It reaches 95.8% accuracy on the MNIST dataset, with a power consumption of 180mW/image and a latency of 0.12 ms/image, making it a powerful tool for automatically optimizing SNNs.
△ Less
Submitted 4 April, 2024;
originally announced April 2024.
-
Multicore DRAM Bank-& Row-Conflict Bomb for Timing Attacks in Mixed-Criticality Systems
Authors:
Antonio Savino,
Gautam Gala,
Marcello Cinque,
Gerhard Fohler
Abstract:
With the increasing use of multicore platforms to realize mixed-criticality systems, understanding the underlying shared resources, such as the memory hierarchy shared among cores, and achieving isolation between co-executing tasks running on the same platform with different criticality levels becomes relevant. In addition to safety considerations, a malicious entity can exploit shared resources t…
▽ More
With the increasing use of multicore platforms to realize mixed-criticality systems, understanding the underlying shared resources, such as the memory hierarchy shared among cores, and achieving isolation between co-executing tasks running on the same platform with different criticality levels becomes relevant. In addition to safety considerations, a malicious entity can exploit shared resources to create timing attacks on critical applications. In this paper, we focus on understanding the shared DRAM dual in-line memory module and created a timing attack, that we named the "bank & row conflict bomb", to target a victim task in a multicore platform. We also created a "navigate" algorithm to understand how victim requests are managed by the Memory Controller and provide valuable inputs for designing the bank & row conflict bomb. We performed experimental tests on a 2nd Gen Intel Xeon Processor with an 8GB DDR4-2666 DRAM module to show that such an attack can produce a significant increase in the execution time of the victim task by about 150%, motivating the need for proper countermeasures to help ensure the safety and security of critical applications.
△ Less
Submitted 2 April, 2024;
originally announced April 2024.
-
SpikingJET: Enhancing Fault Injection for Fully and Convolutional Spiking Neural Networks
Authors:
Anil Bayram Gogebakan,
Enrico Magliano,
Alessio Carpegna,
Annachiara Ruospo,
Alessandro Savino,
Stefano Di Carlo
Abstract:
As artificial neural networks become increasingly integrated into safety-critical systems such as autonomous vehicles, devices for medical diagnosis, and industrial automation, ensuring their reliability in the face of random hardware faults becomes paramount. This paper introduces SpikingJET, a novel fault injector designed specifically for fully connected and convolutional Spiking Neural Network…
▽ More
As artificial neural networks become increasingly integrated into safety-critical systems such as autonomous vehicles, devices for medical diagnosis, and industrial automation, ensuring their reliability in the face of random hardware faults becomes paramount. This paper introduces SpikingJET, a novel fault injector designed specifically for fully connected and convolutional Spiking Neural Networks (SNNs). Our work underscores the critical need to evaluate the resilience of SNNs to hardware faults, considering their growing prominence in real-world applications. SpikingJET provides a comprehensive platform for assessing the resilience of SNNs by inducing errors and injecting faults into critical components such as synaptic weights, neuron model parameters, internal states, and activation functions. This paper demonstrates the effectiveness of Spiking-JET through extensive software-level experiments on various SNN architectures, revealing insights into their vulnerability and resilience to hardware faults. Moreover, highlighting the importance of fault resilience in SNNs contributes to the ongoing effort to enhance the reliability and safety of Neural Network (NN)-powered systems in diverse domains.
△ Less
Submitted 30 March, 2024;
originally announced April 2024.
-
A Micro Architectural Events Aware Real-Time Embedded System Fault Injector
Authors:
Enrico Magliano,
Alessio Carpegna,
Alessadro Savino,
Stefano Di Carlo
Abstract:
In contemporary times, the increasing complexity of the system poses significant challenges to the reliability, trustworthiness, and security of the SACRES. Key issues include the susceptibility to phenomena such as instantaneous voltage spikes, electromagnetic interference, neutron strikes, and out-of-range temperatures. These factors can induce switch state changes in transistors, resulting in b…
▽ More
In contemporary times, the increasing complexity of the system poses significant challenges to the reliability, trustworthiness, and security of the SACRES. Key issues include the susceptibility to phenomena such as instantaneous voltage spikes, electromagnetic interference, neutron strikes, and out-of-range temperatures. These factors can induce switch state changes in transistors, resulting in bit-flip**, soft errors, and transient corruption of stored data in memory. The occurrence of soft errors, in turn, may lead to system faults that can propel the system into a hazardous state. Particularly in critical sectors like automotive, avionics, or aerospace, such malfunctions can have real-world implications, potentially causing harm to individuals.
This paper introduces a novel fault injector designed to facilitate the monitoring, aggregation, and examination of micro-architectural events. This is achieved by harnessing the microprocessor's PMU and the debugging interface, specifically focusing on ensuring the repeatability of fault injections. The fault injection methodology targets bit-flip** within the memory system, affecting CPU registers and RAM. The outcomes of these fault injections enable a thorough analysis of the impact of soft errors and establish a robust correlation between the identified faults and the essential timing predictability demanded by SACRES.
△ Less
Submitted 11 June, 2024; v1 submitted 16 January, 2024;
originally announced January 2024.
-
Spiker+: a framework for the generation of efficient Spiking Neural Networks FPGA accelerators for inference at the edge
Authors:
Alessio Carpegna,
Alessandro Savino,
Stefano Di Carlo
Abstract:
Including Artificial Neural Networks in embedded systems at the edge allows applications to exploit Artificial Intelligence capabilities directly within devices operating at the network periphery. This paper introduces Spiker+, a comprehensive framework for generating efficient, low-power, and low-area customized Spiking Neural Networks (SNN) accelerators on FPGA for inference at the edge. Spiker+…
▽ More
Including Artificial Neural Networks in embedded systems at the edge allows applications to exploit Artificial Intelligence capabilities directly within devices operating at the network periphery. This paper introduces Spiker+, a comprehensive framework for generating efficient, low-power, and low-area customized Spiking Neural Networks (SNN) accelerators on FPGA for inference at the edge. Spiker+ presents a configurable multi-layer hardware SNN, a library of highly efficient neuron architectures, and a design framework, enabling the development of complex neural network accelerators with few lines of Python code. Spiker+ is tested on two benchmark datasets, the MNIST and the Spiking Heidelberg Digits (SHD). On the MNIST, it demonstrates competitive performance compared to state-of-the-art SNN accelerators. It outperforms them in terms of resource allocation, with a requirement of 7,612 logic cells and 18 Block RAMs (BRAMs), which makes it fit in very small FPGA, and power consumption, draining only 180mW for a complete inference on an input image. The latency is comparable to the ones observed in the state-of-the-art, with 780us/img. To the authors' knowledge, Spiker+ is the first SNN accelerator tested on the SHD. In this case, the accelerator requires 18,268 logic cells and 51 BRAM, with an overall power consumption of 430mW and a latency of 54 us for a complete inference on input data. This underscores the significance of Spiker+ in the hardware-accelerated SNN landscape, making it an excellent solution to deploy configurable and tunable SNN architectures in resource and power-constrained edge applications.
△ Less
Submitted 2 January, 2024;
originally announced January 2024.
-
Design Space Exploration of Approximate Computing Techniques with a Reinforcement Learning Approach
Authors:
Sepide Saeedi,
Alessandro Savino,
Stefano Di Carlo
Abstract:
Approximate Computing (AxC) techniques have become increasingly popular in trading off accuracy for performance gains in various applications. Selecting the best AxC techniques for a given application is challenging. Among proposed approaches for exploring the design space, Machine Learning approaches such as Reinforcement Learning (RL) show promising results. In this paper, we proposed an RL-base…
▽ More
Approximate Computing (AxC) techniques have become increasingly popular in trading off accuracy for performance gains in various applications. Selecting the best AxC techniques for a given application is challenging. Among proposed approaches for exploring the design space, Machine Learning approaches such as Reinforcement Learning (RL) show promising results. In this paper, we proposed an RL-based multi-objective Design Space Exploration strategy to find the approximate versions of the application that balance accuracy degradation and power and computation time reduction. Our experimental results show a good trade-off between accuracy degradation and decreased power and computation time for some benchmarks.
△ Less
Submitted 29 December, 2023;
originally announced December 2023.
-
Security layers and related services within the Horizon Europe NEUROPULS project
Authors:
Fabio Pavanello,
Cedric Marchand,
Paul Jimenez,
Xavier Letartre,
Ricardo Chaves,
Niccolò Marastoni,
Alberto Lovato,
Mariano Ceccato,
George Papadimitriou,
Vasileios Karakostas,
Dimitris Gizopoulos,
Roberta Bardini,
Tzamn Melendez Carmona,
Stefano Di Carlo,
Alessandro Savino,
Laurence Lerch,
Ulrich Ruhrmair,
Sergio Vinagrero Gutierrez,
Giorgio Di Natale,
Elena Ioana Vatajelu
Abstract:
In the contemporary security landscape, the incorporation of photonics has emerged as a transformative force, unlocking a spectrum of possibilities to enhance the resilience and effectiveness of security primitives. This integration represents more than a mere technological augmentation; it signifies a paradigm shift towards innovative approaches capable of delivering security primitives with key…
▽ More
In the contemporary security landscape, the incorporation of photonics has emerged as a transformative force, unlocking a spectrum of possibilities to enhance the resilience and effectiveness of security primitives. This integration represents more than a mere technological augmentation; it signifies a paradigm shift towards innovative approaches capable of delivering security primitives with key properties for low-power systems. This not only augments the robustness of security frameworks, but also paves the way for novel strategies that adapt to the evolving challenges of the digital age. This paper discusses the security layers and related services that will be developed, modeled, and evaluated within the Horizon Europe NEUROPULS project. These layers will exploit novel implementations for security primitives based on physical unclonable functions (PUFs) using integrated photonics technology. Their objective is to provide a series of services to support the secure operation of a neuromorphic photonic accelerator for edge computing applications.
△ Less
Submitted 14 December, 2023;
originally announced December 2023.
-
Vitamin-V: Virtual Environment and Tool-boxing for Trustworthy Development of RISC-V based Cloud Services
Authors:
A. Arelakis,
J. M. Arnau,
J. L. Berral,
A. Call,
R. Canal,
S. Di Carlo,
J. Costa,
D. Gizopoulos,
V. Karakostas,
F. Lubrano,
K. Nikas,
Y. Nikolakopoulos,
B. Otero,
G. Papadimitriou,
I. Papaefstathiou,
D. Pnevmatikatos,
D. Raho,
A. Rigo,
E. Rodríguez,
A. Savino,
A. Scionti,
N. Tampouratzis,
A. Torregrosa
Abstract:
Vitamin-V is a 2023-2025 Horizon Europe project that aims to develop a complete RISC-V open-source software stack for cloud services with comparable performance to the cloud-dominant x86 counterpart and a powerful virtual execution environment for software development, validation, verification, and test that considers the relevant RISC-V ISA extensions for cloud deployment.
Vitamin-V is a 2023-2025 Horizon Europe project that aims to develop a complete RISC-V open-source software stack for cloud services with comparable performance to the cloud-dominant x86 counterpart and a powerful virtual execution environment for software development, validation, verification, and test that considers the relevant RISC-V ISA extensions for cloud deployment.
△ Less
Submitted 27 June, 2024; v1 submitted 18 May, 2023;
originally announced May 2023.
-
PSP Framework: A novel risk assessment method in compliance with ISO/SAE-21434
Authors:
Franco Oberti,
Ernesto Sanchez,
Alessandro Savino,
Filippo Parisi,
Stefano Di Carlo
Abstract:
As more cars connect to the internet and other devices, the automotive market has become a lucrative target for cyberattacks. This has made the industry more vulnerable to security threats. As a result, car manufacturers and governments are working together to reduce risks and prevent cyberattacks in the automotive sector. However, existing attack feasibility models derived from the information te…
▽ More
As more cars connect to the internet and other devices, the automotive market has become a lucrative target for cyberattacks. This has made the industry more vulnerable to security threats. As a result, car manufacturers and governments are working together to reduce risks and prevent cyberattacks in the automotive sector. However, existing attack feasibility models derived from the information technology field may not always provide accurate assessments of the potential risks faced by Vehicle Electronic Control Units in different operating conditions and domains. This paper introduces the PUNCH Softronix and Politecnico di Torino (PSP) framework to address this issue. This framework is designed to provide accurate assessments compatible with the attack feasibility models defined by the automotive product security standards. The PSP framework utilizes social sentiment analysis to evaluate the real threat risk levels.
△ Less
Submitted 9 May, 2023;
originally announced May 2023.
-
NEUROPULS: NEUROmorphic energy-efficient secure accelerators based on Phase change materials aUgmented siLicon photonicS
Authors:
Fabio Pavanello,
Cedric Marchand,
Ian O'Connor,
Regis Orobtchouk,
Fabien Mandorlo,
Xavier Letartre,
Sebastien Cueff,
Elena Ioana Vatajelu,
Giorgio Di Natale,
Benoit Cluzel,
Aurelien Coillet,
Benoit Charbonnier,
Pierre Noe,
Frantisek Kavan,
Martin Zoldak,
Michal Szaj,
Peter Bienstman,
Thomas Van Vaerenbergh,
Ulrich Ruhrmair,
Paulo Flores,
Luis Guerra e Silva,
Ricardo Chaves,
Luis-Miguel Silveira,
Mariano Ceccato,
Dimitris Gizopoulos
, et al. (12 additional authors not shown)
Abstract:
This special session paper introduces the Horizon Europe NEUROPULS project, which targets the development of secure and energy-efficient RISC-V interfaced neuromorphic accelerators using augmented silicon photonics technology. Our approach aims to develop an augmented silicon photonics platform, an FPGA-powered RISC-V-connected computing platform, and a complete simulation platform to demonstrate…
▽ More
This special session paper introduces the Horizon Europe NEUROPULS project, which targets the development of secure and energy-efficient RISC-V interfaced neuromorphic accelerators using augmented silicon photonics technology. Our approach aims to develop an augmented silicon photonics platform, an FPGA-powered RISC-V-connected computing platform, and a complete simulation platform to demonstrate the neuromorphic accelerator capabilities. In particular, their main advantages and limitations will be addressed concerning the underpinning technology for each platform. Then, we will discuss three targeted use cases for edge-computing applications: Global National Satellite System (GNSS) anti-jamming, autonomous driving, and anomaly detection in edge devices. Finally, we will address the reliability and security aspects of the stand-alone accelerator implementation and the project use cases.
△ Less
Submitted 4 May, 2023;
originally announced May 2023.
-
Validation, Verification, and Testing (VVT) of future RISC-V powered cloud infrastructures: the Vitamin-V Horizon Europe Project perspective
Authors:
Marti Alonso,
David Andreu,
Ramon Canal,
Stefano Di Carlo,
Cristiano Chenet,
Juanjo Costa,
Andreu Girones,
Dimitris Gizopoulos,
Vasileios Karakostas,
Beatriz Otero,
George Papadimitriou,
Eva Rodriguez,
Alessandro Savino
Abstract:
Vitamin-V is a project funded under the Horizon Europe program for the period 2023-2025. The project aims to create a complete open-source software stack for RISC-V that can be used for cloud services. This software stack is intended to have the same level of performance as the x86 architecture, which is currently dominant in the cloud computing industry. In addition, the project aims to create a…
▽ More
Vitamin-V is a project funded under the Horizon Europe program for the period 2023-2025. The project aims to create a complete open-source software stack for RISC-V that can be used for cloud services. This software stack is intended to have the same level of performance as the x86 architecture, which is currently dominant in the cloud computing industry. In addition, the project aims to create a powerful virtual execution environment that can be used for software development, validation, verification, and testing. The virtual environment will consider the relevant RISC-V ISA extensions required for cloud deployment. Commercial cloud systems use hardware features currently unavailable in RISC-V virtual environments, including virtualization, cryptography, and vectorization. To address this, Vitamin-V will support these features in three virtual environments: QEMU, gem5, and cloud-FPGA prototype platforms. The project will focus on providing support for EPI-based RISC-V designs for both the main CPUs and cloud-important accelerators, such as memory compression. The project will add the compiler (LLVM-based) and toolchain support for the ISA extensions. Moreover, Vitamin-V will develop novel approaches for validating, verifying, and testing software trustworthiness. This paper focuses on the plans and visions that the Vitamin-V project has to support validation, verification, and testing for cloud applications, particularly emphasizing the hardware support that will be provided.
△ Less
Submitted 3 May, 2023;
originally announced May 2023.
-
Special Session: Neuromorphic hardware design and reliability from traditional CMOS to emerging technologies
Authors:
Fabio Pavanello,
Elena Ioana Vatajelu,
Alberto Bosio,
Thomas Van Vaerenbergh,
Peter Bienstman,
Benoit Charbonnier,
Alessio Carpegna,
Stefano Di Carlo,
Alessandro Savino
Abstract:
The field of neuromorphic computing has been rapidly evolving in recent years, with an increasing focus on hardware design and reliability. This special session paper provides an overview of the recent developments in neuromorphic computing, focusing on hardware design and reliability. We first review the traditional CMOS-based approaches to neuromorphic hardware design and identify the challenges…
▽ More
The field of neuromorphic computing has been rapidly evolving in recent years, with an increasing focus on hardware design and reliability. This special session paper provides an overview of the recent developments in neuromorphic computing, focusing on hardware design and reliability. We first review the traditional CMOS-based approaches to neuromorphic hardware design and identify the challenges related to scalability, latency, and power consumption. We then investigate alternative approaches based on emerging technologies, specifically integrated photonics approaches within the NEUROPULS project. Finally, we examine the impact of device variability and aging on the reliability of neuromorphic hardware and present techniques for mitigating these effects. This review is intended to serve as a valuable resource for researchers and practitioners in neuromorphic computing.
△ Less
Submitted 2 May, 2023;
originally announced May 2023.
-
A survey on hardware-based malware detection approaches
Authors:
Cristiano Pegoraro Chenet,
Alessandro Savino,
Stefano Di Carlo
Abstract:
This paper delves into the dynamic landscape of computer security, where malware poses a paramount threat. Our focus is a riveting exploration of the recent and promising hardware-based malware detection approaches. Leveraging hardware performance counters and machine learning prowess, hardware-based malware detection approaches bring forth compelling advantages such as real-time detection, resili…
▽ More
This paper delves into the dynamic landscape of computer security, where malware poses a paramount threat. Our focus is a riveting exploration of the recent and promising hardware-based malware detection approaches. Leveraging hardware performance counters and machine learning prowess, hardware-based malware detection approaches bring forth compelling advantages such as real-time detection, resilience to code variations, minimal performance overhead, protection disablement fortitude, and cost-effectiveness. Navigating through a generic hardware-based detection framework, we meticulously analyze the approach, unraveling the most common methods, algorithms, tools, and datasets that shape its contours. This survey is not only a resource for seasoned experts but also an inviting starting point for those venturing into the field of malware detection. However, challenges emerge in detecting malware based on hardware events. We struggle with the imperative of accuracy improvements and strategies to address the remaining classification errors. The discussion extends to crafting mixed hardware and software approaches for collaborative efficacy, essential enhancements in hardware monitoring units, and a better understanding of the correlation between hardware events and malware applications.
△ Less
Submitted 18 April, 2024; v1 submitted 22 March, 2023;
originally announced March 2023.
-
Fast Exploration of the Impact of Precision Reduction on Spiking Neural Networks
Authors:
Sepide Saeedi,
Alessio Carpegna,
Alessandro Savino,
Stefano Di Carlo
Abstract:
Approximate Computing (AxC) techniques trade off the computation accuracy for performance, energy, and area reduction gains. The trade-off is particularly convenient when the applications are intrinsically tolerant to some accuracy loss, as in the Spiking Neural Networks (SNNs) case. SNNs are a practical choice when the target hardware reaches the edge of computing, but this requires some area min…
▽ More
Approximate Computing (AxC) techniques trade off the computation accuracy for performance, energy, and area reduction gains. The trade-off is particularly convenient when the applications are intrinsically tolerant to some accuracy loss, as in the Spiking Neural Networks (SNNs) case. SNNs are a practical choice when the target hardware reaches the edge of computing, but this requires some area minimization strategies. In this work, we employ an Interval Arithmetic (IA) model to develop an exploration methodology that takes advantage of the capability of such a model to propagate the approximation error to detect when the approximation exceeds tolerable limits by the application. Experimental results confirm the capability of reducing the exploration time significantly, providing the chance to reduce the network parameters' size further and with more fine-grained results.
△ Less
Submitted 22 November, 2022;
originally announced December 2022.
-
Micro-Architectural features as soft-error induced fault executions markers in embedded safety-critical systems: a preliminary study
Authors:
Deniz Kasap,
Alessio Carpegna,
Alessandro Savino,
Stefano Di Carlo
Abstract:
Radiation-induced soft errors are one of the most challenging issues in Safety Critical Real-Time Embedded System (SACRES) reliability, usually handled using different flavors of Double Modular Redundancy (DMR) techniques. This solution is becoming unaffordable due to the complexity of modern micro-processors in all domains. This paper addresses the promising field of using Artificial Intelligence…
▽ More
Radiation-induced soft errors are one of the most challenging issues in Safety Critical Real-Time Embedded System (SACRES) reliability, usually handled using different flavors of Double Modular Redundancy (DMR) techniques. This solution is becoming unaffordable due to the complexity of modern micro-processors in all domains. This paper addresses the promising field of using Artificial Intelligence (AI) based hardware detectors for soft errors. To create such cores and make them general enough to work with different software applications, microarchitectural attributes are a fascinating option as candidate fault detection features. Several processors already track these features through dedicated Performance Monitoring Unit (PMU). However, there is an open question to understand to what extent they are enough to detect faulty executions. Exploiting the capability of gem5 to simulate real computing systems, perform fault injection experiments and profile microarchitectural attributes (i.e., gem5 Stats), this paper presents the results of a comprehensive analysis regarding the potential attributes to detect soft error and the associated models that can be trained with these features.
△ Less
Submitted 16 February, 2023; v1 submitted 23 November, 2022;
originally announced November 2022.
-
CAN-MM: Multiplexed Message Authentication Code for Controller Area Network message authentication in road vehicles
Authors:
Franco Oberti,
Ernesto Sanchez,
Alessandro Savino,
Filippo Parisi,
Stefano Di Carlo
Abstract:
The automotive market is increasingly profitable for cyberattacks with the constant shift toward fully interconnected vehicles. Electronic Control Units (ECUs) installed on cars often operate in a critical and hostile environment. Hence, both carmakers and governments have decided to support a series of initiatives to mitigate risks and threats belonging to the automotive domain. The Controller Ar…
▽ More
The automotive market is increasingly profitable for cyberattacks with the constant shift toward fully interconnected vehicles. Electronic Control Units (ECUs) installed on cars often operate in a critical and hostile environment. Hence, both carmakers and governments have decided to support a series of initiatives to mitigate risks and threats belonging to the automotive domain. The Controller Area Network (CAN) is the primary communication protocol in the automotive field, and the integrity of the communication over this network is assured through Message Authentication Codes (MAC). However, limitations in throughput and frame size limit the application of this technique to specific versions of the CAN protocol, leaving several vehicles still unprotected. This paper presents CAN Multiplexed MAC (CAN-MM), a new approach exploiting frequency modulation to multiplex MAC data with standard CAN communication. CAN-MM allows transmitting MAC payloads maintaining full-back compatibility with all versions of the standard CAN protocol. Moreover, multiplexing allows sending DATA and MAC simultaneously.
△ Less
Submitted 22 May, 2024; v1 submitted 6 June, 2022;
originally announced June 2022.
-
LIN-MM: Multiplexed Message Authentication Code for Local Interconnect Network message authentication in road vehicles
Authors:
Franco Oberti,
Ernesto Sanchez,
Alessandro Savino,
Filippo Parisi,
Mirco Brero,
Stefano Di Carlo
Abstract:
The automotive market is profitable for cyberattacks with the constant shift toward interconnected vehicles. Electronic Control Units (ECUs) installed on cars often operate in a critical and hostile environment. Hence, both carmakers and governments have supported initiatives to mitigate risks and threats belonging to the automotive domain. The Local Interconnect Network (LIN) is one of the most u…
▽ More
The automotive market is profitable for cyberattacks with the constant shift toward interconnected vehicles. Electronic Control Units (ECUs) installed on cars often operate in a critical and hostile environment. Hence, both carmakers and governments have supported initiatives to mitigate risks and threats belonging to the automotive domain. The Local Interconnect Network (LIN) is one of the most used communication protocols in the automotive field. Today's LIN buses have just a few light security mechanisms to assure integrity through Message Authentication Codes (MAC). However, several limitations with strong constraints make applying those techniques to LIN networks challenging, leaving several vehicles still unprotected. This paper presents LIN Multiplexed MAC (LINMM), a new approach for exploiting signal modulation to multiplex MAC data with standard LIN communication. LINMM allows for transmitting MAC payloads, maintaining fullback compatibility with all versions of the standard LIN protocol.
△ Less
Submitted 6 June, 2022;
originally announced June 2022.
-
Using analog scrambling circuits for automotive sensor integrity and authenticity
Authors:
Cristiano Pegoraro Chenet,
Alessandro Savino,
Stefano di Carlo
Abstract:
The automotive domain rapidly increases the embedded amount of complex and interconnected electronics systems. A considerable proportion of them are real-time safety-critical devices and must be protected against cybersecurity attacks. Recent regulations impose carmakers to protect vehicles against replacing trusted electronic hardware and manipulating the information collected by sensors. Analog…
▽ More
The automotive domain rapidly increases the embedded amount of complex and interconnected electronics systems. A considerable proportion of them are real-time safety-critical devices and must be protected against cybersecurity attacks. Recent regulations impose carmakers to protect vehicles against replacing trusted electronic hardware and manipulating the information collected by sensors. Analog sensors are critical elements whose security is now strictly regulated by the new UN R155 recommendation but lacks well-developed and established solutions. This work takes a step forward in this direction, adding integrity and authentication to automotive analog sensors proposing a schema to create analog signatures based on a scrambling mechanism implemented with commercial-of-the-shelf (COTS) operational amplifiers. The proposed architecture implements a hardware secret and a hard-to-invert exponential function to generate a signal's signature. A prototype of the circuit was implemented and simulated on LTspice. Preliminary results show the feasibility of the proposed schema and provide interesting hints for further developments to increase the robustness of the approach.
△ Less
Submitted 21 February, 2022;
originally announced February 2022.
-
Spiker: an FPGA-optimized Hardware acceleration for Spiking Neural Networks
Authors:
Alessio Carpegna,
Alessandro Savino,
Stefano Di Carlo
Abstract:
Spiking Neural Networks (SNN) are an emerging type of biologically plausible and efficient Artificial Neural Network (ANN). This work presents the development of a hardware accelerator for a SNN for high-performance inference, targeting a Xilinx Artix-7 Field Programmable Gate Array (FPGA). The model used inside the neuron is the Leaky Integrate and Fire (LIF). The execution is clock-driven, meani…
▽ More
Spiking Neural Networks (SNN) are an emerging type of biologically plausible and efficient Artificial Neural Network (ANN). This work presents the development of a hardware accelerator for a SNN for high-performance inference, targeting a Xilinx Artix-7 Field Programmable Gate Array (FPGA). The model used inside the neuron is the Leaky Integrate and Fire (LIF). The execution is clock-driven, meaning that the internal state of the neuron is updated at every clock cycle, even in absence of spikes. The inference capabilities of the accelerator are evaluated using the MINST dataset. The training is performed offline on a full precision model. The results show a good improvement in performance if compared with the state-of-the-art accelerators, requiring 215μs per image. The energy consumption is slightly higher than the most optimized design, with an average value of 13mJ per image. The test design consists of a single layer of four-hundred neurons and uses around 40% of the available resources on the FPGA. This makes it suitable for a time-constrained application at the edge, leaving space for other acceleration tasks on the FPGA.
△ Less
Submitted 26 May, 2022; v1 submitted 18 January, 2022;
originally announced January 2022.
-
EXT-TAURUM P2T: an Extended Secure CAN-FD Architecture for Road Vehicles
Authors:
Franco Oberti,
Alessandro Savino,
Ernesto Sanchez,
Filippo Parisi,
Stefano Di Carlo
Abstract:
The automobile industry is no longer relying on pure mechanical systems; instead, it benefits from advanced Electronic Control Units (ECUs) in order to provide new and complex functionalities in the effort to move toward fully connected cars. However, connected cars provide a dangerous playground for hackers. Vehicles are becoming increasingly vulnerable to cyber attacks as they come equipped with…
▽ More
The automobile industry is no longer relying on pure mechanical systems; instead, it benefits from advanced Electronic Control Units (ECUs) in order to provide new and complex functionalities in the effort to move toward fully connected cars. However, connected cars provide a dangerous playground for hackers. Vehicles are becoming increasingly vulnerable to cyber attacks as they come equipped with more connected features and control systems. This situation may expose strategic assets in the automotive value chain. In this scenario, the Controller Area Network (CAN) is the most widely used communication protocol in the automotive domain. However, this protocol lacks encryption and authentication. Consequently, any malicious/hijacked node can cause catastrophic accidents and financial loss. Starting from the analysis of the vulnerability connected to the CAN communication protocol in the automotive domain, this paper proposes EXT-TAURUM P2T a new low-cost secure CAN-FD architecture for the automotive domain implementing secure communication among ECUs, a novel key provisioning strategy, intelligent throughput management, and hardware signature mechanisms. The proposed architecture has been implemented, resorting to a commercial Multi-Protocol Vehicle Interface module, and the obtained results experimentally demonstrate the approach's feasibility.
△ Less
Submitted 7 March, 2022; v1 submitted 15 December, 2021;
originally announced December 2021.
-
Securing Soft IP Cores in FPGA based Reconfigurable Mobile Heterogeneous Systems
Authors:
Alberto Carelli,
Cataldo Basile,
Alessandro Savino,
Alessandro Vallero,
Stefano Di Carlo
Abstract:
The mobile application market is rapidly growing and changing, offering always brand new software to install in increasingly powerful devices. Mobile devices become pervasive and more heterogeneous, embedding latest technologies such as multicore architectures, special-purpose circuits and reconfigurable logic. In a future mobile market scenario reconfigurable systems are employed to provide high-…
▽ More
The mobile application market is rapidly growing and changing, offering always brand new software to install in increasingly powerful devices. Mobile devices become pervasive and more heterogeneous, embedding latest technologies such as multicore architectures, special-purpose circuits and reconfigurable logic. In a future mobile market scenario reconfigurable systems are employed to provide high-speed functionalities to assist execution of applications. However, new security concerns are introduced. In particular, protecting the Intellectual Property of the exchanged soft IP cores is a serious concern. The available techniques for preserving integrity, confidentiality and authenticity suffer from the limitation of heavily relying onto the system designer. In this paper we propose two different protocols suitable for the secure deployment of soft IP cores in FPGA-based mobile heterogeneous systems where multiple independent actors are involved: a simple scenario requiring trust relationship between entities, and a more complex scenario where no trust relationship exists through adoption of the Direct Anonymous Attestation protocol. Finally, we provide a prototype implementation of the proposed architectures.
△ Less
Submitted 2 December, 2019;
originally announced December 2019.