The Security Demands on Consumer Devices in the Age of AI

AI is enabling more complex, personalized and intelligent experiences on consumer devices. However, this means more complex software and systems running on these devices, which has a direct impact on security. For example, if there’s a 10-fold increase in the lines of code then there is 10-fold increase in the risk of more bugs.  

While on-device AI creates enormous opportunities, with new models, capabilities, operator types and quantization coming to market, the pace of change poses significant security challenges, particularly for consumer devices. Therefore, security technologies and initiatives that protect customer privacy and data must complement the benefits and ongoing opportunities that AI provides.

In this blog, we will explore how we think about compute and data security when it comes to AI use cases on consumer devices, especially the smartphone.

What are the most common AI security challenges?

AI smartphones continue to be the most ubiquitous personal device for consumers, whether that’s for content creation or consumption. It is also where new AI innovations, models and use cases continue to land, with these requiring yet more data for increasingly personalized experiences. As a result, vast amounts of data are collected on these devices, leading to increasing considerations around consumer privacy and data protection focused on new assets, attack vectors and software stacks.

Malicious actors can use AI to mount scalable attacks, which can be executed efficiently across many devices with minimal effort or cost to the attacker. As outlined in this report, AI can present a threat to authentication and access control, such as voice-based and biometric authentication, through deepfakes, placing devices and their contents at risk of hacks and impersonations.

What are the Arm security principles?

Like all companies that put the security, trust and privacy of end-users first and foremost in their strategy, Arm continuously evolves its product roadmap through new features and technologies. We deliver a comprehensive suite of security features in our architecture aimed at preventing bad actors, as well as protecting against new threats during the life of the device. These aim to make the jobs of hackers harder so it’s financially unattractive, resource intensive and time consuming, as well as protecting the valuable credentials and data of consumers worldwide.

Arm’s fundamental principles for securing compute on consumer devices focus on the following:

• Enabling developers to create “better software on Arm” through avoiding bugs in their code to ensure that the intended outcomes of any AI-enabled application cannot be hijacked;
• Protecting data and compute everywhere from bad actors through trusted execution environments;
• A relentless drive for improved PPA (power, performance and area) on consumer devices to enable more local (on device) and personal computing to happen – so essentially what happens on the device, stays on the device;
• Contributing to initiatives that are intended to protect the privacy and data of users; and
• Responding to the evolving threat landscape and emerging security risks.

How Arm is protecting software

As code sizes increase, so do bugs and the likelihood of human error. Therefore, Arm protects software through putting guardrails in place at the root and creating a security by-design environment. This ensures that any security bugs are detected as early as possible in the development cycle. It also means that the intended outcomes of any AI-enabled application cannot be hijacked, while also providing isolation from the operating system (OS) so any application and its contents retain their integrity.  

Working with Android, Arm is providing a step change in computing infrastructure through the latest Armv9 security features and technologies, with these leading to better, safer software on Arm-based Android mobile devices. Some great examples include Arm’s Pointer Authentication (PAC), Branch Target Identification (BTI) and Memory Tagging Extension (MTE) that help to eliminate whole classes of memory safety bugs that hackers have exploited in the past. This is crucial because Google’s Chromium Project team stated that 70 percent of all serious security bugs are memory safety issues. The impact of memory safety violations on users can be substantial, as rogue applications and bad actors can take advantage of unsafe memory to access to confidential and sensitive data, such as user credentials and passwords. Removing a whole class of vulnerabilities will make exploit chains much harder to construct.

How to protect data everywhere

More AI processing at the edge – on the device – is happening due to the benefits of latency, power consumption and cost compared to moving data back and forth from the device to the cloud and data center. However, there are instances where AI processing needs to take place in the cloud due to the size of models or the data.

Therefore, a hybrid model for security which provides protections from cloud to edge is needed. Arm provides isolation technologies from cloud to mobile, such as TrustZone, virtualization and Realm Management Extension (RME) which is the hardware component of the Arm Confidential Computing Architecture (CCA), to enable the confidential processing of models and provide protection environments that keep personal data away from bad actors. Moreover, having similar security posture between cloud and edge means data can flow and be shared seamlessly within the same security boundary, enabling hybrid deployments to scale.

How to enable more personalized computing

More AI processing at the edge can also lead to better consumer data privacy, which benefits personalized computing experiences on devices. If data does not leave the device, then there is no data stored in the cloud that could be leaked. More on-device AI is possible thanks to advancing compute capabilities on consumer devices. For example, Arm technologies, including our latest CPUs, GPUs and compute subsystems (CSS) for Client and Kleidi software, have enabled a 110x compute performance improvement on Arm-based mobile devices over the last 10 years.

We continue to implement more AI acceleration features into the Armv9 architecture, like Scalable Matrix Extension (SME). SME enables a greater number of advanced AI workloads being processed at the edge, leading to more personalized computing experiences on consumer devices. Moreover, Arm security technologies will help to support attestable secure environments and the secure processing of image processing pipelines on the AI smartphone, as this is where content is created and stored.

Contributing to initiatives and standards

Arm is actively participating in and contributing to global initiatives, such as the Coalition for Content Provenance and Authenticity (C2PA), that aim to protect content and data from bad actors. We are also actively involved in organizations that are working on the foundations for future AI security, such as the TCG (Trusted Computing Group) and Openssf.org.

Emerging AI security use cases

Moreover, we are constantly working with the ecosystem to address emerging AI security use cases. Just some examples of these use cases include the following:

• Developers not wanting their AI models to be exposed to other third-parties, with device OEMs looking to provide the security protections for developers deploying their models during transit – which is when data moves between two sources or systems – and execution  – which is when the data is loaded up in memory and ready to be processed by an application.
• Complying with worldwide online safety legislation to ensure that no illegal or harmful  content can reach vulnerable groups.
• As well as working with OEMs  to provide content provenance for any content generated on their devices.
• Protecting AI models that monitor and detect abnormal behavior, scams and fraud.
• Protecting personal user data that are stored across different devices and services to provide more personalized experiences and recommendations

As a result, we are constantly working on new security solutions, features and technologies that address many emerging use cases and threats, so we’re protecting the ecosystem long after the product development lifecycle.

The Arm secure foundation

At Arm, security is at the forefront of everything we do, with in-built architectural features and technologies that help to protect the billions of Arm-based consumer devices worldwide. These provide the secure foundation for AI workloads across consumer devices. Our products and principles will continue to evolve to protect the future of computing in the age of AI. New and exciting technologies are in the pipeline and will be discussed further in future blogs.