Ying Zhu,Grace Li Zhang,Bing Li,Xunzhao Yin,Cheng Zhuo,Huaxi Gu,Tsung-Yi Ho,Ulf Schlichtmann

DOI: https://doi.org/10.1145/3400302.3415682

2020-01-01

Abstract:Optical neural networks (ONNs) have emerged as a promising high-performance computing platform to accelerate deep neural networks. In ONNs, phases of light are modulated through Mach-Zehnder Interferometers (MZIs), and MZIs are connected in a grid-like layout to implement multiply-accumulate operations. However, ONNs are very sensitive to process variations and thermal effects. This sensitivity leads to a significant degradation of inference accuracy of ONNs and thus renders them unusable in practice. In this paper, we propose a framework to calibrate process variations and counter thermal effects by power compensation. Experimental results demonstrate that the proposed framework can recover the inference accuracy under variations and thermal effects, e.g., from as low as 11.05% back to 74.11% for LeNet-5 on Cifar10, so that ONNs can achieve an inference accuracy similar to the accuracy after software training while providing their high bandwidth in neuromorphic computing.

Kota Nishida,Yoshihiro Midoh,Noriyuki Miura,Satoshi Kawakami,Jun Shiomi

2024-11-22

Abstract:Silicon Photonics-based AI Accelerators (SPAAs) have been considered as promising AI accelerators achieving high energy efficiency and low latency. While many researchers focus on improving SPAAs' energy efficiency and latency, their physical security has not been sufficiently studied. This paper first proposes a threat of thermal fault injection attacks on SPAAs based on Vector-Matrix Multipliers (VMMs) utilizing Mach-Zhender Interferometers. This paper then proposes SecONN, an optical neural network framework that is capable of not only inferences but also concurrent detection of the attacks. In addition, this paper introduces a concept of Wavelength Division Perturbation (WDP) where wavelength dependent VMM results are utilized to increase detection accuracy. Simulation results show that the proposed method achieves 88.7% attack-caused average misprediction recall.

Optics,Cryptography and Security

Wenye Liu,Chip-Hong Chang,Fan Zhang

DOI: https://doi.org/10.1109/tifs.2020.3046858

IF: 7.231

2020-01-01

IEEE Transactions on Information Forensics and Security

Abstract:Deep neural network (DNN) accelerators overcome the power and memory walls for executing neural-net models locally on edge-computing devices to support sophisticated AI applications. The advocacy of “model once, run optimized anywhere” paradigm introduces potential new security threat to edge intelligence that is methodologically different from the well-known adversarial examples. Existing adversarial examples modify the input samples presented to an AI application either digitally or physically to cause a misclassification. Nevertheless, these input-based perturbations are not robust or surreptitious on multi-view target. To generate a good adversarial example for misclassifying a real-world target of variational viewing angle, lighting and distance, a decent number of target’s samples are required to extract the rare anomalies that can cross the decision boundary. The feasible perturbations are substantial and visually perceptible. In this paper, we propose a new glitch injection attack on DNN accelerator that is capable of misclassifying a target under variational viewpoints. The glitches injected into the computation clock signal induce transitory but disruptive errors in the intermediate results of the multiply-and-accumulate (MAC) operations. The attack pattern for each target of interest consists of sparse instantaneous glitches, which can be derived from just one sample of the target. Two modes of attack patterns are derived, and their effectiveness are demonstrated on four representative ImageNet models implemented on the Deep-learning Processing Unit (DPU) of FPGA edge and its DNN development toolchain. The attack success rates are evaluated on 118 objects in 61 diverse sensing conditions, including 25 viewing angles (−60° to 60°), 24 illumination directions and 12 color temperatures. In the covert mode, the success rates of our attack exceed existing stealthy adversarial examples by more than 16.3%, with only two glitches injected into ten thousands to a million cycles for one complete inference. In the robust mode, the attack success rates on all four DNNs are more than 96.2% with an average glitch intensity of 1.4% and a maximum glitch intensity of 10.2%.

Haotian Lu,Ziang Yin,Partho Bhoumik,Sanmitra Banerjee,Krishnendu Chakrabarty,Jiaqi Gu

2024-10-02

Abstract:Electronic-photonic computing systems have emerged as a promising platform for accelerating deep neural network (DNN) workloads. Major efforts have been focused on countering hardware non-idealities and boosting efficiency with various hardware/algorithm co-design methods. However, the adversarial robustness of such photonic analog mixed-signal AI hardware remains unexplored. Though the hardware variations can be mitigated with robustness-driven optimization methods, malicious attacks on the hardware show distinct behaviors from noises, which requires a customized protection method tailored to optical analog hardware. In this work, we rethink the role of conventionally undesired non-idealities in photonic analog accelerators and claim their surprising effects on defending against adversarial weight attacks. Inspired by the protection effects from DNN quantization and pruning, we propose a synergistic defense framework tailored for optical analog hardware that proactively protects sensitive weights via pre-attack unary weight encoding and post-attack vulnerability-aware weight locking. Efficiency-reliability trade-offs are formulated as constrained optimization problems and efficiently solved offline without model re-training costs. Extensive evaluation of various DNN benchmarks with a multi-core photonic accelerator shows that our framework maintains near-ideal on-chip inference accuracy under adversarial bit-flip attacks with merely <3% memory overhead. Our codes are open-sourced at <a class="link-external link-https" href="https://github.com/ScopeX-ASU/Unlikely_Hero" rel="external noopener nofollow">this https URL</a>.

Emerging Technologies,Cryptography and Security,Optics

Jun Dai,Xiaowen Dong,Chong Li,Jianjun He

DOI: https://doi.org/10.1117/12.2687410

2023-01-01

Abstract:Optical neural networks (ONNs) have the potential for accelerating the inference of AI models, since ONNs have the advantage of high compute speed, and high parallelism. Integrated diffractive optical network for implementing parallel Fourier transforms has been proved efficient and is promising for large scale ONNs. We propose a novel on-chip Fourier transform implementation based on etched concave mirrors, enabling the construction of a photonic integrated 4F system to perform the convolution computation in the Convolutional Neural Networks (CNNs). One of the input vectors is encoded in a modulator array at the object plane, and the Fourier transform of the other vector is encoded in another modulator array at the spectrum plane. We simulated the computing process by the diffractive propagation of the optical field from the object plane to the image plane according to the Kirchhoff's diffraction formula. Finally, we used our simulation system to replace the traditional convolution layers in the electronic system to implement CNNs on three different datasets, Iris- Flower, MNIST and Fashion-MNIST, and obtained 96.67%, 95.6% and 89.4% classification accuracies, respectively, demonstrating comparable performance with the electronic counterpart.

Xiangyu He,Pengxing Guo,Jiahao Zhou,Jingsi li,Fan zhang,Weigang Hou,Lei Guo

DOI: https://doi.org/10.1364/jocn.519470

IF: 4.508

2024-08-23

Journal of Optical Communications and Networking

Abstract:Xiangyu He, Pengxing Guo, Jiahao Zhou, Jingsi Li, Fan Zhang, Weigang Hou, Lei Guo Optical networks-on-chip (ONoCs) have emerged as a compelling platform for many-core systems owing to their notable attributes, including ... [J. Opt. Commun. Netw. 16, 881-893 (2024)]

computer science, information systems,telecommunications, hardware & architecture,optics

Shuming Jiao,Ziwei Song,Shuiying Xiang

DOI: https://doi.org/10.1109/jstqe.2022.3207056

IF: 4.9

2023-03-01

IEEE Journal of Selected Topics in Quantum Electronics

Abstract:Adversarial attacks have been extensively investigated for machine learning systems including deep learning in the electronic domain. However, the adversarial attacks on optical neural networks (ONNs) have been seldom considered previously. In this work, we first construct an accurate image classifier with an ONN using a mesh of interconnected MachZehnder interferometers (MZIs). Then a corresponding adversarial attack scheme is proposed for the first time. The attacked images are visually very similar to the original ones but the ONN system becomes malfunctioned and generates wrong classification results in most time. The results indicate that adversarial attack is also a significant issue for optical machine learning systems.

engineering, electrical & electronic,optics,physics, applied,quantum science & technology

Khushboo Rani,Hansika Weerasena,Stephen A. Butler,Subodha Charles,Prabhat Mishra

2023-03-03

Abstract:Network-on-Chip (NoC) enables energy-efficient communication between numerous components in System-on-Chip architectures. The optical NoC is widely considered a key technology to overcome the bandwidth and energy limitations of traditional electrical on-chip interconnects. While optical NoC can offer high performance, they come with inherent security vulnerabilities due to the nature of optical interconnects. In this paper, we investigate the gain competition attack in optical NoCs, which can be initiated by an attacker injecting a high-power signal to the optical waveguide, robbing the legitimate signals of amplification. To the best of our knowledge, our proposed approach is the first attempt to investigate gain competition attacks as a security threat in optical NoCs. We model the attack and analyze its effects on optical NoC performance. We also propose potential attack detection techniques and countermeasures to mitigate the attack. Our experimental evaluation using different NoC topologies and diverse traffic patterns demonstrates the effectiveness of our modeling and exploration of gain competition attacks in optical NoC architectures.

Cryptography and Security,Hardware Architecture

Yuanyun Wang,Lina Zhao,Qingsong Bai,Jian Deng,Zihan Shen,H. Li,Zheng-Mao Wu,Jiagui Wu,Guang-Qiong Xia

DOI: https://doi.org/10.1117/12.3007875

2023-01-01

Abstract:Convolutional neural network (CNN) has attracted widespread attention in image feature extraction and speech recognition owing to greatly reducing the complexity of model parameters and the number of weights, but it cannot be separated from the support of hardware accelerator. The limitations of electronic devices in terms of power, speed, and size make it difficult for current electron accelerators to meet the computational power requirements of future large-scale convolution operations. Here, we proposed a photonic vector architecture. This structure combines time, space and wavelength, and the non-volatile phase change material and the integrated microcomb form an optical matrix multiplier to realize memory calculation, thus reducing the energy consumption of reading weight data. The tooth spacing of the integrated microcomb is more than 100 GHz, and the microcomb coverage is from 1510 nm to 1610 nm. Finally, we replace the weight values in the CNN with the optimal weight values that the optics can achieve. The final recognition accuracy reached 97.04%, which is comparable to the efficiency of the first electronic equipment. Our results could be helpful for the development of non-volatile and ultra-fast optical neural network (ONN) with feathers of low energy consumption and high integration.

Chen Yang,Jia Hou,Minshun Wu,Kuizhi Mei,Li Geng

DOI: https://doi.org/10.1109/ICSICT49897.2020.9278162

2020-01-01

Abstract:Convolutional neural networks (CNNs) have demonstrated significant superiority in modern artificial intelligence (AI) applications. To accelerate the inference process of CNNs, reconfigurable CNN accelerators that support diverse networks are widely employed for AI systems. Due to ubiquitous deployment of these AI systems, a strong incentive rises for adversaries to attack CNN accelerators via hardware Trojan, which is one of the most important attack models in hardware security domain. This paper proposed a hardware Trojan that attacks the crucial component in CNN accelerators, i.e., reconfigurable interconnection network. This hardware Trojan changes the data paths under activation, resulting in incorrect connection of the arithmetic circuit, thereby causing wrong convolutional computation. Experimental results show that with increasing only 0.27% hardware overhead to the accelerator, the proposed hardware Trojan can be activated to cause a degradation of inference accuracy by 8.93% ~ 86.20%.

Armin Mehrabian,Mario Miscuglio,Yousra Alkabani,Volker J. Sorger,Tarek El-Ghazawi

DOI: https://doi.org/10.48550/arXiv.1906.10487

2019-12-05

Abstract:Neural Networks (NNs) have become the mainstream technology in the artificial intelligence (AI) renaissance over the past decade. Among different types of neural networks, convolutional neural networks (CNNs) have been widely adopted as they have achieved leading results in many fields such as computer vision and speech recognition. This success in part is due to the widespread availability of capable underlying hardware platforms. Applications have always been a driving factor for design of such hardware architectures. Hardware specialization can expose us to novel architectural solutions, which can outperform general purpose computers for tasks at hand. Although different applications demand for different performance measures, they all share speed and energy efficiency as high priorities. Meanwhile, photonics processing has seen a resurgence due to its inherited high speed and low power nature. Here, we investigate the potential of using photonics in CNNs by proposing a CNN accelerator design based on Winograd filtering algorithm. Our evaluation results show that while a photonic accelerator can compete with current-state-of-the-art electronic platforms in terms of both speed and power, it has the potential to improve the energy efficiency by up to three orders of magnitude.

Emerging Technologies,Distributed, Parallel, and Cluster Computing,Machine Learning,Signal Processing

Shaofu Xu,Jing Wang,Weiwen Zou

DOI: https://doi.org/10.1109/lpt.2020.3045478

IF: 2.6

2020-01-01

IEEE Photonics Technology Letters

Abstract:We propose an optical convolutional neural network (OCNN) architecture for high-speed and energy-efficient deep learning accelerators. The WDM-based optical patching scheme (WDM-OPS) is adopted as the data-feeding structure for its superior energy efficiency and the microring banks are used for the large-scale weighting and summing (the computing core). We thoroughly investigate the performance (including prediction accuracy, speed, and energy efficiency) of this architecture in different system defects. The results indicate that, the prediction accuracy of OCNN can reach 97% in the MNIST dataset with a computing speed of over 100 TMAC/s on condition of achievable low insertion loss. It is also observed that the WDM-OPS notably reduces the energy consumption of the electro-optic modulation and thus the OCNN becomes an exceptionally energy-efficient architecture among several well-known optical architectures. In the evaluations, instead of merely considering the computing core, we take the holistic optical system including lasers, electro-optic modulators, data preprocessing, photodetection and transimpedance amplification into consideration. Therefore, this work provides a potential guide for the systematic implementation of the OCNN architecture.

Zhichuang Sun,Ruimin Sun,Changming Liu,Amrita Roy Chowdhury,Long Lu,Somesh Jha

DOI: https://doi.org/10.48550/arXiv.2011.05905

2020-11-11

Cryptography and Security

Abstract:With the increased usage of AI accelerators on mobile and edge devices, on-device machine learning (ML) is gaining popularity. Thousands of proprietary ML models are being deployed today on billions of untrusted devices. This raises serious security concerns about model privacy. However, protecting model privacy without losing access to the untrusted AI accelerators is a challenging problem. In this paper, we present a novel on-device model inference system, ShadowNet. ShadowNet protects the model privacy with Trusted Execution Environment (TEE) while securely outsourcing the heavy linear layers of the model to the untrusted hardware accelerators. ShadowNet achieves this by transforming the weights of the linear layers before outsourcing them and restoring the results inside the TEE. The non-linear layers are also kept secure inside the TEE. ShadowNet's design ensures efficient transformation of the weights and the subsequent restoration of the results. We build a ShadowNet prototype based on TensorFlow Lite and evaluate it on five popular CNNs, namely, MobileNet, ResNet-44, MiniVGG, ResNet-404, and YOLOv4-tiny. Our evaluation shows that ShadowNet achieves strong security guarantees with reasonable performance, offering a practical solution for secure on-device model inference.

Akito Shinya,Koji Kida,Hiromu Sato,Guo-Wei Lu,Shiyoshi Yokoyama,Junichi Fujikata

DOI: https://doi.org/10.23919/MOC58607.2023.10302866

2023-01-01

Abstract:Optical convolutional neural networks have attracted attention because of their parallel processing capability. We demonstrated image restoration with sufficiently small MSE value using high-speed optical transmission system with a high-speed optical modulator and carrier-injection-type attenuators. 0.72 TOPS of multiple-accumulate operations were demonstrated both in simulation and experiment.

Jiaqi Gu,Hanqing Zhu,Chenghao Feng,Zixuan Jiang,Ray T. Chen,David Z. Pan

DOI: https://doi.org/10.48550/arXiv.2110.14807

2021-10-28

Abstract:Silicon-photonics-based optical neural network (ONN) is a promising hardware platform that could represent a paradigm shift in efficient AI with its CMOS-compatibility, flexibility, ultra-low execution latency, and high energy efficiency. In-situ training on the online programmable photonic chips is appealing but still encounters challenging issues in on-chip implementability, scalability, and efficiency. In this work, we propose a closed-loop ONN on-chip learning framework L2ight to enable scalable ONN mapping and efficient in-situ learning. L2ight adopts a three-stage learning flow that first calibrates the complicated photonic circuit states under challenging physical constraints, then performs photonic core mapping via combined analytical solving and zeroth-order optimization. A subspace learning procedure with multi-level sparsity is integrated into L2ight to enable in-situ gradient evaluation and fast adaptation, unleashing the power of optics for real on-chip intelligence. Extensive experiments demonstrate our proposed L2ight outperforms prior ONN training protocols with 3-order-of-magnitude higher scalability and over 30X better efficiency, when benchmarked on various models and learning tasks. This synergistic framework is the first scalable on-chip learning solution that pushes this emerging field from intractable to scalable and further to efficient for next-generation self-learnable photonic neural chips. From a co-design perspective, L2ight also provides essential insights for hardware-restricted unitary subspace optimization and efficient sparse training. We open-source our framework at <a class="link-external link-https" href="https://github.com/JeremieMelo/L2ight" rel="external noopener nofollow">this https URL</a>.

Machine Learning,Emerging Technologies,Optics

Edward Cottle,Florent Michel,Joseph Wilson,Nick New,Iman Kundu

DOI: https://doi.org/10.48550/arXiv.2103.09044

2020-12-19

Image and Video Processing

Abstract:The Convolutional Neural Network (CNN) is a state-of-the-art architecture for a wide range of deep learning problems, the quintessential example of which is computer vision. CNNs principally employ the convolution operation, which can be accelerated using the Fourier transform. In this paper, we present an optical hardware accelerator that combines silicon photonics and free-space optics, leveraging the use of the optical Fourier transform within several CNN architectures. The hardware presented is a proof of concept, demonstrating that this technology can be applied to artificial intelligence problems with a large efficiency boost with respect to canonical methods.

Mengxi Tan,Xingyuan Xu,Yang Li,Yang Sun,Damien Hicks,Roberto Morandotti,Jiayang Wu,Arnan Mitchell,David J. Moss

DOI: https://doi.org/10.1117/12.2607906

2022-01-01

Abstract:Convolutional neural networks (CNNs), inspired by biological visual cortex systems, are a powerful category of artificial neural networks that can extract the hierarchical features of raw data to greatly reduce the network parametric complexity and enhance the predicting accuracy. They are of significant interest for machine learning tasks such as computer vision, speech recognition, playing board games and medical diagnosis [1-7]. Optical neural networks offer the promise of dramatically accelerating computing speed to overcome the inherent bandwidth bottleneck of electronics. Here, we demonstrate a universal optical vector convolutional accelerator operating beyond 10 Tera-OPS (TOPS operations per second), generating convolutions of images of 250,000 pixels with 8-bit resolution for 10 kernels simultaneously - enough for facial image recognition. We then use the same hardware to sequentially form a deep optical CNN with ten output neurons, achieving successful recognition of full 10 digits with 900 pixel handwritten digit images with 88% accuracy. Our results are based on simultaneously interleaving temporal, wavelength and spatial dimensions enabled by an integrated microcomb source. We show that this approach is scalable and trainable to much more complex networks for demanding applications such as unmanned vehicle and real-time video recognition.

Sudeep Pasricha

2024-07-31

Abstract:Emerging artificial intelligence applications across the domains of computer vision, natural language processing, graph processing, and sequence prediction increasingly rely on deep neural networks (DNNs). These DNNs require significant compute and memory resources for training and inference. Traditional computing platforms such as CPUs, GPUs, and TPUs are struggling to keep up with the demands of the increasingly complex and diverse DNNs. Optical computing represents an exciting new paradigm for light-speed acceleration of DNN workloads. In this article, we discuss the fundamentals and state-of-the-art developments in optical computing, with an emphasis on DNN acceleration. Various promising approaches are described for engineering optical devices, enhancing optical circuits, and designing architectures that can adapt optical computing to a variety of DNN workloads. Novel techniques for hardware/software co-design that can intelligently tune and map DNN models to improve performance and energy-efficiency on optical computing platforms across high performance and resource constrained embedded, edge, and IoT platforms are also discussed. Lastly, several open problems and future directions for research in this domain are highlighted.

Hardware Architecture,Machine Learning

Tolulope Odetola,Faiq Khalid,Travis Sandefur,Hawzhin Mohammed,Syed Rafay Hasan

DOI: https://doi.org/10.48550/arXiv.2106.06895

2021-06-13

Cryptography and Security

Abstract:To reduce the time-to-market and access to state-of-the-art techniques, CNN hardware mapping and deployment on embedded accelerators are often outsourced to untrusted third parties, which is going to be more prevalent in futuristic artificial intelligence of things (AIoT) systems. These AIoT systems anticipate horizontal collaboration among different resource-constrained AIoT node devices, where CNN layers are partitioned and these devices collaboratively compute complex CNN tasks. This horizontal collaboration opens another attack surface to the CNN-based application, like inserting the hardware Trojans (HT) into the embedded accelerators designed for the CNN. Therefore, there is a dire need to explore this attack surface for designing secure embedded hardware accelerators for CNNs. Towards this goal, in this paper, we exploited this attack surface to propose an HT-based attack called FeSHI. Since in horizontal collaboration of RC AIoT devices different sections of CNN architectures are outsourced to different untrusted third parties, the attacker may not know the input image, but it has access to the layer-by-layer output feature maps information for the assigned sections of the CNN architecture. This attack exploits the statistical distribution, i.e., Gaussian distribution, of the layer-by-layer feature maps of the CNN to design two triggers for stealthy HT with a very low probability of triggering. Also, three different novel, stealthy and effective trigger designs are proposed.

Shaofu Xu,Jing Wang,Rui Wang,Jiangping Chen,Weiwen Zou

DOI: https://doi.org/10.1364/OE.27.019778

2019-07-08

Abstract:Optical neural networks (ONNs) have become competitive candidates for the next generation of high-performance neural network accelerators because of their low power consumption and high-speed nature. Beyond fully-connected neural networks demonstrated in pioneer works, optical computing hardwares can also conduct convolutional neural networks (CNNs) by hardware reusing. Following this concept, we propose an optical convolution unit (OCU) architecture. By reusing the OCU architecture with different inputs and weights, convolutions with arbitrary input sizes can be done. A proof-of-concept experiment is carried out by cascaded acousto-optical modulator arrays. When the neural network parameters are ex-situ trained, the OCU conducts convolutions with SDR up to 28.22 dBc and performs well on inferences of typical CNN tasks. Furthermore, we conduct in situ training and get higher SDR at 36.27 dBc, verifying the OCU could be further refined by in situ training. Besides the effectiveness and high accuracy, the simplified OCU architecture served as a building block could be easily duplicated and integrated to future chip-scale optical CNNs.