Towards Secure and Efficient DNN Accelerators via Hardware-Software Co-Design

TL;DR

This paper introduces a hardware-software co-designed framework for secure DNN accelerators that reduces overhead, improves energy efficiency, and maintains scalability through innovative cryptographic and authentication strategies.

Contribution

It proposes a bandwidth-aware cryptographic scheme and a multi-level authentication mechanism to enhance security and efficiency in DNN accelerators.

Findings

Over 12% performance overhead reduction

87% energy efficiency improvement

Robust scalability demonstrated

Abstract

The rapid deployment of deep neural network (DNN) accelerators in safety-critical domains such as autonomous vehicles, healthcare systems, and financial infrastructure necessitates robust mechanisms to safeguard data confidentiality and computational integrity. Existing security solutions for DNN accelerators, however, suffer from excessive hardware resource demands and frequent off-chip memory access overheads, which degrade performance and scalability. To address these challenges, this paper presents a secure and efficient memory protection framework for DNN accelerators with minimal overhead. First, we propose a bandwidth-aware cryptographic scheme that adapts encryption granularity based on memory traffic patterns, striking a balance between security and resource efficiency. Second, we observe that both the overlapping regions in the intra-layer tiling's sliding window pattern and those resulting from inter-layer tiling strategy discrepancies introduce substantial redundant memory accesses and repeated computational overhead in cryptography. Third, we introduce a multi-level authentication mechanism that effectively eliminates unnecessary off-chip memory accesses, enhancing performance and energy efficiency. Experimental results show that this work decreases performance overhead by over 12% and achieves 87% energy efficiency improvement for both server and edge neural processing units (NPUs), while ensuring robust scalability.