SafeLight: Enhancing Security in Optical Convolutional Neural Network Accelerators

TL;DR

This paper analyzes security vulnerabilities in optical neural network accelerators, particularly hardware trojan attacks, and proposes methods to improve their robustness, significantly reducing accuracy degradation in CNN models.

Contribution

It provides the first detailed analysis of hardware trojan threats in optical neural network accelerators and introduces techniques to mitigate these security risks.

Findings

HTs can reduce CNN accuracy by up to 80%.

Targeting 10% of MRs can cause significant performance drops.

Proposed techniques can recover most accuracy losses.

Abstract

The rapid proliferation of deep learning has revolutionized computing hardware, driving innovations to improve computationally expensive multiply-and-accumulate operations in deep neural networks. Among these innovations are integrated silicon-photonic systems that have emerged as energy-efficient platforms capable of achieving light speed computation and communication, positioning optical neural network (ONN) platforms as a transformative technology for accelerating deep learning models such as convolutional neural networks (CNNs). However, the increasing complexity of optical hardware introduces new vulnerabilities, notably the risk of hardware trojan (HT) attacks. Despite the growing interest in ONN platforms, little attention has been given to how HT-induced threats can compromise performance and security. This paper presents an in-depth analysis of the impact of such attacks on the performance of CNN models accelerated by ONN accelerators. Specifically, we show how HTs can compromise microring resonators (MRs) in a state-of-the-art non-coherent ONN accelerator and reduce classification accuracy across CNN models by up to 7.49% to 80.46% by just targeting 10% of MRs. We then propose techniques to enhance ONN accelerator robustness against these attacks and show how the best techniques can effectively recover the accuracy drops.