Extended Abstract: Pre-Silicon Vulnerability Assessment for AI/ML Hardware

Machine learning (ML) and artificial intelligence (AI) applications have become crucial for current and future information systems. Meanwhile, hardware security threats are emerging for AI/ML applications, such as the possibility of private input/model leakage as a result of hardware side-channel leakage. Yet such vulnerabilities are only evaluated after deployment and as ad-hoc instances, which is too late and too costly. The development of a framework is necessary in order to evaluate attacks and defenses comprehensively, quickly, and accurately prior to their deployment. We developed the first hardware security simulation framework capable of identifying side-channel leaks caused by instructions and processor stages for AI/ML hardware. This framework works at the RTL stage. We performed a side-channel evaluation of a RISC-V based FPGA implementation and compared its leakage on real hardware. Our pre-silicon tests reveal the same vulnerabilities with 0.25x fewer traces as compared to post-silicon tests.