Health-monitoring applications have become pivotal in managing chronic diseases and tracking fitness goals, largely due to the advent of machine-learning powered tools. However, these applications are often slow and energy-inefficient, largely due to the massive machine-learning models that require transfer between a smartphone and a central memory server. Despite the development of machine-learning accelerators that can streamline this process, these tools are susceptible to cyberattacks, potentially exposing sensitive personal information.
In an attempt to counter this risk, researchers from MIT and the MIT-IBM Watson AI Lab have developed a machine-learning accelerator that is resistant to two widely utilized types of cyberattacks. This innovation aims to safeguard sensitive personal data including health records and financial data while still facilitating the operation of large AI models on devices. The MIT team has created specific optimizations that provide strong security with only minimal slowing of the device. Importantly, the enhanced security does not impact the accuracy of computations.
This type of security-optimized accelerator is beneficial for AI applications especially in complex areas like virtual reality or autonomous driving. Maitreyi Ashok, the lead author, acknowledges that implementing the chip would increase the cost and slightly reduce the energy efficiency of the device, but she argues that such trade-offs are justified for ensuring security.
The researchers primarily targeted a type of machine-learning accelerator known as digital in-memory compute (IMC). Such chips perform computations within device memory, where specific components of a machine-learning model are stored after being transferred from a central server. The researchers employed a security measure where data within the IMC are divided into random parts. They also used a lightweight cipher to encrypt the model stored in off-chip memory and generated the decryption key directly on the chip.
When tested for security resistance, the chip showed exceptional resilience against cyberattacks, remaining unbreakable even after millions of hacking attempts. The enhanced security, however, reduces the energy efficiency of the accelerator and requires more chip area, thus escalating its cost. Future endeavors by the team are expected to focus on reducing the energy consumption and size of the chip, making it more feasible for scaled-up implementation.
This groundbreaking research underscores the importance of prioritizing security in the design of edge devices, particularly in relation to machine-learning workloads. The increasing integration of AI in our daily lives makes secure, efficient, and cost-effective edge devices crucial for safeguarding sensitive personal data.