dc.description.abstract | In today′s IoT, NN (Neural Networks) on MCUs (Microcontrollers) are widely used ranging from smart home appliances, to robotic arms, electric vehicles. However, neural networks on MCUs face some important security challenges, especially the risk of tampering and privacy attacks. This paper provides a trusted NN framework, TFMNN, on MCUs. TFMNN uses Arm TF-M (TrustedFirmware-M) which provides a TEE (Trusted Execution Environment) for MCUs to isolate the environment for sensitive operations and critical software components. MCUs typically have restricted computing resources and limited memory capacity. Consequently, running NN on MCUs presents the challenges of dealing with insufficient computing power and memory constraints. In addition, implementing security measures often necessitates the incorporation of additional mechanisms, which can potentially impact the computational and memory overhead of the MCU. TFMNN not only maintains inference maintains inference security under acceptable overhead but also optimizes the secure memory usage of neural network inference. For NN deployed on MCUs, model updates are typically necessary, such as when incorporating new data for learning and performance optimization. Traditionally, updating a model on the device may require firmware reflashing, which can be time-consuming and cause interruptions. Therefore, TFMNN offers a secure model storage which makes it easy for model providers to update models. In summary, TFMNN, as a trusted NN framework specially designed for MCUs, effectively solves the security challenges faced by NN on MCUs. Through analyzing and discussing the overhead in real-world MCUs applications, we demonstrate the feasibility of TFMNN. | en_US |