Toward Secure TinyML on a Standardized AI Architecture

Recently, ML tasks that have been traditionally associated with high-performance CPUs and GPUs have started to be performed also on highly constrained devices at the far edge. This shift toward the devices, often named TinyML, has many well-recognized advantages such as lower bandwidth requirements and energy consumption, cheaper prices, increased privacy, and scalability. However, it also poses serious challenges: first of all, it requires handling even complex ML tasks with microcontrollers (MCUs) equipped with small memories, low-performance processors, and limited power supply; moreover, TinyML has to face the additional security threats that can specifically affect small devices, which usually have to rely on less support from the hardware and the OS to implement security, and once deployed in the field, can be exposed to physical threats. A first contribution of this work is to provide a thorough review of related literature to help delineate the state of the art and classify existing approaches based on their scope, goals, and employed technical solutions. A second contribution is to delineate a research program to advance such state of the art, with a special focus on secure and energy-efficient ML applications, in the context of a standardized component-based architecture recently proposed by the MPAI organization, which applies in particular to far edge AI applications.