Security considerations for TinyML hardware and applications

I am in the design phase for my TinyML ideas, Thanks to the thread started by @SecurityGuy and what we have learned in the course, I am realizing that considering security now will be much easier than trying to fix it later.

I have no background in security, so I am asking the group: Where should I look and what should I study to ensure that I am following best practices in regards to software, hardware and wireless security in my TinyML projects?

I was very happy with myself when I began collecting sensor data over BLE on my new Arduino Nano until I realized that I was now advertising a wide open bluetooth connection. So I thought now would be a good time to ask about security.

Thank you for any feedback!

@stephenbaileymagic I agree, it is always easier to consider security from the start rather than adding it later.

There are a wide variety of security issues, but a good starting point for any project is to consider security requirements along with other product/project requirements. There are many dimensions to security, so the initial practical challenge is to define the requirements.

What is the nature/sensitivity/quantity of the data being stored and processed?

Is confidentiality, integrity, and/or availability important?

What must the system do?

What must the system not do?

What physical security is required? (As a general rule, cybersecurity sits on top of physical security requirements. Once someone has physical access, we have to consider data theft, code theft, hardware modifications, software modifications, etc.)

Hopefully that will start you on the path toward determining what security controls are required.

For example, if I’m just blasting the outdoor temperature via RF and displaying it in my office, I may not care about confidentiality, integrity, or availability because there are no major consequences. But, if I’m using the same device to acquire data for HVAC control, data integrity could be very important (but I may still not care about confidentiality.)

On the other hand, if the system is processing personal information, then confidentiality is paramount and it would generally dictate protecting the data at rest and in motion. When dealing with sensitive personal data, I like to see two independent confidentiality layers (for example some data should be encrypted before sending it over a wireless connection, even if the wireless connection is also encrypted.) This can be more difficult on low-power embedded systems and we may need to compromise.

Next, I suggest including security test cases (both positive and negative tests) into your test case set. (I realize you may not have formal test cases for this sort of project, but I mention it because if I had $5 for every time I looked at a product with extensive test cases and didn’t find any security tests I would be retired by now.)

More specifically, for BLE, this looks like a good starting point:

https://www.digikey.com/eewiki/display/Wireless/A+Basic+Introduction+to+BLE+Security

Thank you very much for sharing this. I honestly had not really considered any of these issues. You are saving me a lot of time down the road!

You guys are getting me thinking that it would be nice if there were some “Best Practices for Secure TinyML” handbook that one could follow/read. @SecurityGuy might be just the thing right up your alley, and you could pull together community help to create that!

@stephenbaileymagic Happy to help. As a security guy, one of the most painful discussions that I have (over and over again) comes down to people who build things without considering security and then end up calling me in for help after the fact. In the vast majority of cases some small design changes would have avoided a lot of issues later on.

Slapping on security bandaids after the fact is one of the worst parts of my job

@vjreddi Happy to help! Is this “Project” the right place, or would you like to create a TinyML Security section somewhere else on the forum?

It is up to you!

This thread got me thinking that maybe the community needs something like the Data Nutrition project:

http://datanutrition.org

Maybe there are security labels that we can define that come on a device, which quickly helps a user understand what components the system has inside … mic, camera, etc. and perhaps what capabilities are enabled etc.

Am I sounding crazy? Or is there something real here?

I’d like to see a separate area – is that something I can create or does an admin have to?

Re labels, I don’t think you’re crazy at all. I’ve been advocating for privacy labelling for a few years. Especially in the consumer space, people need to understand what data is collected and what is done with it. The current approach of including it in pages upon pages of “agreement” that nobody reads may meet current legal requirements, but it certainly doesn’t achieve informed consent.

Sounds good! Nah, you should be able to go ahead and create a new Topic here: “Projects - TinyML Community”. I am assuming you want it under Projects. Same holds true in any other category.

Discourse has some “trust” levels, and as you take part more in the activities it bumps up the trust level automatically. If you have any trouble feel free to let me know.

I’m not sure that Proejcts is the right place, but I don’t see a better place right now.