Hardware faults that matter: Understanding and Estimating the safety impact of hardware faults on object detection DNNs

TL;DR

This paper introduces a new metric, IVMOD, to better assess the safety impact of hardware faults on object detection DNNs, revealing that even a single bit flip can cause severe, safety-critical errors.

Contribution

It proposes IVMOD, a novel image-wise vulnerability metric, and demonstrates its effectiveness in quantifying safety risks of hardware faults in object detection models.

Findings

Single bit flips can cause severe false positives or missed detections.

Hardware faults can lead to persistent ghost detections affecting many images.

Significant object detection failures can occur due to hardware-induced silent data corruption.

Abstract

Object detection neural network models need to perform reliably in highly dynamic and safety-critical environments like automated driving or robotics. Therefore, it is paramount to verify the robustness of the detection under unexpected hardware faults like soft errors that can impact a systems perception module. Standard metrics based on average precision produce model vulnerability estimates at the object level rather than at an image level. As we show in this paper, this does not provide an intuitive or representative indicator of the safety-related impact of silent data corruption caused by bit flips in the underlying memory but can lead to an over- or underestimation of typical fault-induced hazards. With an eye towards safety-related real-time applications, we propose a new metric IVMOD (Image-wise Vulnerability Metric for Object Detection) to quantify vulnerability based on an incorrect image-wise object detection due to false positive (FPs) or false negative (FNs) objects, combined with a severity analysis. The evaluation of several representative object detection models shows that even a single bit flip can lead to a severe silent data corruption event with potentially critical safety implications, with e.g., up to (much greater than) 100 FPs generated, or up to approx. 90% of true positives (TPs) are lost in an image. Furthermore, with a single stuck-at-1 fault, an entire sequence of images can be affected, causing temporally persistent ghost detections that can be mistaken for actual objects (covering up to approx. 83% of the image). Furthermore, actual objects in the scene are continuously missed (up to approx. 64% of TPs are lost). Our work establishes a detailed understanding of the safety-related vulnerability of such critical workloads against hardware faults.