Security-by-design for embedded deep neural network models on RISC-V

Job description: With a strong context of regulation of Artificial Intelligence (AI) at the European scale, several requirements have been proposed for the quot;cybersecurity of AIquot;. Among the most important concepts related to the security of the machine learning models and the AI-based systems, quot;security-by-designquot; is mostly linked to model hardening approaches (e.g., adversarial training against evasion attacks, differential privacy against confidentiality-based attacks). We propose to cover a wider panorama of quot;security-by-designquot; by studying software (SW) and hardware (HW) mechanisms to strengthen the intrinsic reobustness of Embedded AI-based systems on RISC-V platforms. Objectives are: (1) define and model SW and HW vulnerabilities of embedded models, (2) develop and evaluate protections (3) demonstrate the impact of SW and HW protections - and their combination - against state-of-the-art attacks such as weight-based adversarial attacks and model extraction.

Your profile: Master en IA et/ou Master en microélectronique