How a Bit Becomes a Story: Semantic Steering via Differentiable Fault Injection

TL;DR

This paper introduces BLADE, a gradient-based framework to identify and manipulate critical bits in LLM weights, enabling controlled semantic shifts in image captioning outputs while maintaining grammatical correctness.

Contribution

It presents the first differentiable fault analysis method for semantic steering in generative vision-language models, revealing how low-level bit flips can alter high-level meaning.

Findings

Gradient-based sensitivity estimates identify semantically critical bits.

Bit flips can significantly change caption semantics without affecting grammar.

The method enables targeted semantic manipulation of model outputs.

Abstract

Hard-to-detect hardware bit flips, from either malicious circuitry or bugs, have already been shown to make transformers vulnerable in non-generative tasks. This work, for the first time, investigates how low-level, bitwise perturbations (fault injection) to the weights of a large language model (LLM) used for image captioning can influence the semantic meaning of its generated descriptions while preserving grammatical structure. While prior fault analysis methods have shown that flipping a few bits can crash classifiers or degrade accuracy, these approaches overlook the semantic and linguistic dimensions of generative systems. In image captioning models, a single flipped bit might subtly alter how visual features map to words, shifting the entire narrative an AI tells about the world. We hypothesize that such semantic drifts are not random but differentiably estimable. That is, the model's own gradients can predict which bits, if perturbed, will most strongly influence meaning while leaving syntax and fluency intact. We design a differentiable fault analysis framework, BLADE (Bit-level Fault Analysis via Differentiable Estimation), that uses gradient-based sensitivity estimation to locate semantically critical bits and then refines their selection through a caption-level semantic-fluency objective. Our goal is not merely to corrupt captions, but to understand how meaning itself is encoded, distributed, and alterable at the bit level, revealing that even imperceptible low-level changes can steer the high-level semantics of generative vision-language models. It also opens pathways for robustness testing, adversarial defense, and explainable AI, by exposing how structured bit-level faults can reshape a model's semantic output.