Robust Machine Learning Systems: Challenges, Current Trends, Perspectives, and the Road Ahead

TL;DR

This paper reviews the vulnerabilities of modern machine learning systems, discusses mitigation techniques at both cloud and edge levels, and highlights open challenges for developing secure, reliable ML systems in resource-constrained environments.

Contribution

It provides a comprehensive overview of security and reliability challenges in ML systems, emphasizing the impact of resource constraints and formal verification methods.

Findings

ML systems are vulnerable to security threats at hardware and software levels.

Mitigation techniques include network security, hardware protection, and formal verification.

Resource constraints at edge devices complicate security and reliability measures.

Abstract

Machine Learning (ML) techniques have been rapidly adopted by smart Cyber-Physical Systems (CPS) and Internet-of-Things (IoT) due to their powerful decision-making capabilities. However, they are vulnerable to various security and reliability threats, at both hardware and software levels, that compromise their accuracy. These threats get aggravated in emerging edge ML devices that have stringent constraints in terms of resources (e.g., compute, memory, power/energy), and that therefore cannot employ costly security and reliability measures. Security, reliability, and vulnerability mitigation techniques span from network security measures to hardware protection, with an increased interest towards formal verification of trained ML models. This paper summarizes the prominent vulnerabilities of modern ML systems, highlights successful defenses and mitigation techniques against these vulnerabilities, both at the cloud (i.e., during the ML training phase) and edge (i.e., during the ML inference stage), discusses the implications of a resource-constrained design on the reliability and security of the system, identifies verification methodologies to ensure correct system behavior, and describes open research challenges for building secure and reliable ML systems at both the edge and the cloud.