Business as Usual? Computing Security in the Age of AI
As with any technology revolution, AI presents both opportunities and challenges to people’s digital experiences. Alongside its potentially transformative impact, AI also presents unique security threats, with a vast amount of sensitive data being collected, held, and then used to provide highly personalized technology experiences to the end-user. The focus on security is driving industry and government discussions as we work on solutions to maximize AI’s benefits and minimize any potential societal impact.
Security has always been in Arm’s DNA. Addressing security challenges is fundamental to Arm being the technology foundation for AI everywhere. While AI is accelerating technology innovation on an unprecedent scale, Arm’s foundational security technologies deployed in our industry-leading IP and paired with standards will continue to play a significant role managing fresh security threats in the ongoing evolution of AI.
What is the role of security in AI at the edge?
As AI becomes more ubiquitous, we expect significant growth in AI inference workloads being run at the edge of the network – on the devices. Inference requires less compute power as it uses an already trained model, with this supporting the broader drive for more efficient AI computing at the edge. This provides quicker user experiences with less delays, as the processing of AI workloads happens closer to where the data is captured.
From a security perspective, this distribution of AI to the edge brings benefits to businesses and users. A key security benefit is that sensitive user data can be handled and processed on the actual device, rather than being sent to third parties to process. This allows both businesses and consumers to have more control of their data.
There are plenty of great AI-based security use cases currently, but a good example that really showcases the benefits of AI at the edge is smart vision. Intelligent cameras are being developed and deployed in homes, care homes and hospitals as a way of monitoring elderly relatives in case they fall. Being able to process the image and scene recognition on the actual device creates an inherently more secure system, removing the risk that comes from sending sensitive information to a third-party for processing. This also makes it far more acceptable to have these cameras in environments where they are most needed, which is often where significant privacy concerns exist.
How can we trust hardware in the age of AI?
However, businesses need to be able to trust this hardware, especially in the age of AI where they want to protect their expensively generated AI models from attacks. The demand for secure hardware was reflected in the recent PSA Certified 2023 Security report, which showed that 69 percent of technology decision makers are willing to pay a premium to secure devices, with 65 percent specifically looking for security credentials during purchasing decisions. It is fundamental that edge devices are effectively secured against malicious attackers who wish to steal the intellectual property of AI and machine learning (ML) based models.
How does processor security impact AI at the edge?
The move towards AI at the edge is taking place on the CPU, whether it is handling workloads in their entirety or in combination with a co-processor like a GPU or NPU. With a significant amount of AI computing happening on the CPU, security in the age of AI depends on how secure the CPU is. This is why securing AI is very much dependent on the basics of securing compute.
Deploying code using AI and ML tools and frameworks helps identify security vulnerabilities, but the same technologies can be used by attackers to identify areas to exploit in millions of lines of code. This means that computer architects need to continue their efforts to improve the security of computing systems. This is something that Arm has done for years, where we continuously develop and invest in new security architecture features.
What is Memory Tagging Extension and how does it secure AI systems?
One of these features is Arm’s Memory Tagging Extension (MTE), which is built into the Arm architecture across Arm’s latest v9 CPUs. MTE allows for the dynamic identification of both spatial and temporal memory safety issues, with these accounting for 70 percent of all serious security bugs. These security threats will continue to persist as AI evolves.
MTE is already being embraced by the mobile market. MediaTek has implemented the technology on its Arm-based Dimensity 9300 system-on-chip (SoC) for flagship smartphones, while Google has enabled MTE in Android 14. Vivo, which is adopting Dimensity 9300 in its new X100 and X100 Pro flagship smartphones, recently announced a memory safety developer program which makes MTE available to its developer community. These commitments to enabling MTE across the mobile ecosystem will deliver better, more secure user experiences and a quicker time-to-market for millions of developers worldwide. It is likely that we will see MTE used beyond mobile in high-performance IoT markets that feature devices using Arm’s A-profile processors.
How do Arm security technologies strengthen AI and ML systems?
As part of the Armv9 architecture, we announced Realm Management Extensions, which is the basis of the of Arm Confidential Compute architecture. This helps to secure the data running virtual machines from attacks arising from the hypervisor being compromised. There is a clear need for this technology in data centers that are being used to train advanced ML models, but it will also be important to secure edge computing systems across IoT markets where trained ML models will be deployed.
We have also introduced Pointer Authentication (PAC) and Branch Target Identification (BTI) as security technologies that are built into the Armv9 architecture to provide far stronger protections against code reuse attacks like Return-Orientated Programming (ROP) and Jump-Orientated Programming (JOP). This is important in the age of AI because attackers will be able to use AI and ML-based tools to develop sophisticated ways of reusing code that already exists. PAC and BTI are being deployed across the A-profile and M-profile Arm architectures that are used in consumer technology and IoT markets.
Finally, Arm continues to work in partnership with the industry on our security framework and certification scheme, PSA Certified, with a mission to create a baseline of best practice for all connected devices. Built in from the core, this helps to improve the basic security hygiene of systems and fulfil the consumer expectation that if devices scale then they should be secure, with this targeting IoT devices built on the A-profile and M-profile Arm architectures.
How will Morello shape the future of security in CPU architecture?
Alongside these existing security features, Arm is always looking at new technologies, standards, and collaborations to advance security. Morello is one great example, with this program focusing on new ways to design CPU architecture that make processors more robust and deter certain key security breaches. In collaboration with the University of Cambridge and SRI International, this has led to a prototype technology that, if successful, could be implemented in future hardware.
How is security being accelerated in the age of AI?
AI and ML-based technologies are becoming more pervasive across every corner of computing. This will bring opportunities and challenges for security, especially as more AI workloads move to the edge.
Alongside the fast-paced AI-based innovation, the fundamental hygiene principle of security will still be required. In fact, many Arm foundational security technologies that are already in place today will be more relevant than ever in the age of AI.
This is why we are fully committed to advancing the security of our architecture, IP and processors and supporting technology components and standards that it generates. This will continue to accelerate as we add more AI and ML capabilities, with Arm being the secure compute platform for the world’s AI-based experiences.
Any re-use permitted for informational and non-commercial or personal use only.
Editorial Contact
Latest on Twitter
Together with @Microsoft we’re driving innovation across the PC and laptop market and redefining user experiences for the age of AI.
Following nearly a decade of close partnership @Marcpe takes a look at the Windows on Arm evolution ahead of #MSBuild: https://newsroom.arm.com/blog/arm-microsoft-partnership?utm_source=twitter&utm_medium=social-organic&utm_content=blog
We're pleased to see the creation of the UK Semiconductor Institute.
As the computing landscape evolves in the age of AI, we look forward to our continued collaboration with the UK government and other partners to shape next generation technology on a global scale.
👋 Meet the Arm Ethos-U85 and Corstone-320.
What will these technologies solve, and where can you find them?
@pnwilliamson has the answer. 👇
We’re at the forefront of the global semiconductor evolution.
Whether it’s enabling efficient AI or building the semiconductor skills of the future, we’re committed to enabling more AI innovation #onArm: https://okt.to/Zh7CuU
@techUK #UnleashInnovation
#ICYMI: Native @Unity Editor support is here! 🙌
With Unity 6 Preview, developers can build the ultimate gaming experiences on Arm-based Windows devices.
As a founding member of SOAFEE, we are proud to champion collaboration across the traditional automotive and software industries. 🤝
Hear from Robert Day as he discusses everything from software development to Arm-based automotive silicon at Embedded World.
We’re thrilled to be working in close partnership with Google to offer hardware support for Google AI Edge Torch. 🎉
This makes it easier to deploy AI enabled features #onArm. 💪
#GoogleIO
Arm CEO Rene Haas was at Bloomberg Tech last week to talk about the AI revolution.
He shared his vision for the semiconductor industry and how we're at the heart of powering a revolution that will change computing forever: https://okt.to/E9QtXh
#BloombergTech
The automotive product development lifecycle is evolving, and the industry needs a technology platform to develop software quickly and efficiently.
Discover why we're a trusted partner and at the heart of innovation in the space. 👇
Let's hear it for Tom Mahatdejkul, Principal Design Engineer, for winning @Benevity's Employee Catalyst Award.
The awards recognize his efforts to help colleagues to give back to communities & his dedication leading Arm's Pride Network in San Jose: https://okt.to/jnUKtx
With a fingerprint scan, @Simprints biometric solution can instantly recall a child's vaccination record, supporting local medical ID systems.
This is how together we're helping to make sure all children are fully immunized: https://okt.to/K1t9Jz
Arm CFO Jason Child was at Phoenix Global Forum last week where he spoke about the future of the semiconductor industry.
🔓 He talked about our long history in power-efficient compute and how this is the key to unlocking AI at scale in a sustainable way.
#PHXGlobalForum
Arm Neoverse-based Axion processors from @GoogleCloud
➕ Arm's hardware and firmware interoperability standards
🟰 Quick and easy deployment of Arm workloads on Google Cloud
💪 Hear from Mark Lohmeyer on why this is key to the deep partnership between Arm and Google Cloud.
Meet the SpiNNaker2, @SpiNNcloud's brain-inspired hybrid AI processor powered by Arm Cortex-M4.
It's delivering algorithms 10x more efficient than conventional AI, with our Arm Flexible Access for Startups Program helping to make this a reality: https://okt.to/jCyUc3
AI 🤝 IoT
As AI touches a growing number of connected applications, developers are turning to our software ecosystem for innovation and a consistent experience.
@pnwilliamson shares insights into AI in the embedded space at Embedded World.
We've done it again with record revenue in Q4! 🚀
As we build upon our power efficient CPU, Q4 saw us unlock new levels in royalty revenue and licensing growth. With 280+ bn Arm-based chips shipped to date, the future is built #onArm.
In April, we celebrated Neurodiversity Awareness Month with internal events including a session on parenting children with neurodiverse needs.
This is part of our ERGs efforts to create a supportive community that allows everyone to thrive and reach their full potential.
🤝 We're taking our partnership with @GoogleCloud to the next level.
Axion processors, built #onArm Neoverse V2, are the newest example of how we're working together to optimize for workload performance and efficiency.
@AwadMo shares the details. 👇
👇 Get started with ExecuTorch Alpha for optimal performance of LLMs on the CPU, alongside delegation to GPU and NPU.
With LLMs already running on our efficient CPUs, our close partnership with @PyTorch is making this easier on @Meta’s Llama 2, 3 and other broad models.
We recently released the first episode of our new 'In Conversation With...' series.
Hear from renowned computer scientist and engineer Sophie Wilson as she discusses co-designing the first Arm processor and the importance of 'making things'.
Watch now 👉 https://okt.to/5ozcsy
'@Simprints fingerprint scanning solution, SimprintsID makes it easier to verify individual vaccinations using digital records rather than physical ID.
With 850M people without formal ID, this solution, built #onArm, is game-changing for healthcare equity.
#HealthierTogether
📅 Join us on Wednesday May 8 for our financial results conference call.
After market close, we'll report our results for the fourth quarter of fiscal year 2024, followed by an audio webcast discussing our business outlook.
Details ➡️ : https://okt.to/58GW2q
"Hello World, I am ARM"
39 years ago today, the first Arm microprocessor introduced itself. We've since enabled advanced, efficient computing in 280+ billion chips, with the patents to prove it.
These foundations make us the AI platform the world relies on, today & in the
By building #onArm Neoverse, @GoogleCloud's Axion processors are well-suited for the age of AI, benefitting from:
⚡ Higher performance
🔋 Lower power consumption
⬆️ Greater scalability
@AwadMo shares why. 👇
Full interview: https://okt.to/0LPnpo
