SeDA: Secure and Efficient DNN Accelerators with Hardware/Software Synergy
Wei Xuan, Zhongrui Wang, Lang Feng, Ning Lin, Zihao Xuan, Rongliang Fu, Tsung-Yi Ho, Yuzhong Jiao, Luhong Liang
TL;DR
SeDA is a novel DNN accelerator security framework that combines bandwidth-aware encryption, optimized tiling, and multi-level integrity verification to enhance security while reducing hardware and memory overheads.
Contribution
SeDA introduces a comprehensive security approach for DNN accelerators that significantly reduces performance overheads and hardware resource usage.
Findings
Reduces performance overhead by over 12%
Ensures robust scalability in secure DNN processing
Minimizes memory access overheads through multi-level verification
Abstract
Ensuring the confidentiality and integrity of DNN accelerators is paramount across various scenarios spanning autonomous driving, healthcare, and finance. However, current security approaches typically require extensive hardware resources, and incur significant off-chip memory access overheads. This paper introduces SeDA, which utilizes 1) a bandwidth-aware encryption mechanism to improve hardware resource efficiency, 2) optimal block granularity through intra-layer and inter-layer tiling patterns, and 3) a multi-level integrity verification mechanism that minimizes, or even eliminates, memory access overheads. Experimental results show that SeDA decreases performance overhead by over 12% for both server and edge neural processing units (NPUs), while ensuring robust scalability.
Peer Reviews
No public reviews on file for this paper yet. If you reviewed it on a platform where reviews are public (OpenReview, ICLR, NeurIPS, ICML), you can paste yours below so the community can read it here.
Videos
No videos yet. Explain this paper in a talk, walkthrough, or lecture? Add one.