TY - GEN
T1 - One Bit-flip Away from Collapse
T2 - 1st International Conference on Intelligent Computing and Systems at the Edge, ICEdge 2025
AU - Das, Sanjay
AU - Bhattacharya, Swastik
AU - Nejad, Mohammad Hossein Gohari
AU - Kundu, Shamik
AU - Raha, Arnab
AU - Kundu, Souvik
AU - Basu, Kanad
N1 - Publisher Copyright:
© 2025 IEEE.
PY - 2025
Y1 - 2025
N2 - The unprecedented progress in deep learning has led to the widespread deployment of advanced Artificial Intelligence (AI) models, such as deep neural networks (DNNs), convolutional neural networks (CNNs), transformer-based large language models (LLMs), vision-language models (VLMs), and emerging state-space models like Mamba, across domains including healthcare, autonomous systems, satellite communication, and social media. While these models have achieved remarkable performance, their ever-increasing scale and reliance on specialized Edge AI accelerators (used in real-time, battery-operated systems for on-device deep learning) have exposed critical safety and security vulnerabilities. In particular, both unintentional hardware faults (e.g., soft errors) and adversarial attacks (e.g., fault injection, bit-flips) can lead to severe degradation or complete failure of AI systems, with potentially devastating consequences in real-world edge applications. This paper provides a comprehensive review of bit-flip fault and attack vulnerabilities across the AI stack, spanning model architectures and hardware platforms. Integrating insights from existing literature with practical assessments, this study intends to be a valuable reference for those dedicated to creating AI systems that are safe, robust, and secure.
AB - The unprecedented progress in deep learning has led to the widespread deployment of advanced Artificial Intelligence (AI) models, such as deep neural networks (DNNs), convolutional neural networks (CNNs), transformer-based large language models (LLMs), vision-language models (VLMs), and emerging state-space models like Mamba, across domains including healthcare, autonomous systems, satellite communication, and social media. While these models have achieved remarkable performance, their ever-increasing scale and reliance on specialized Edge AI accelerators (used in real-time, battery-operated systems for on-device deep learning) have exposed critical safety and security vulnerabilities. In particular, both unintentional hardware faults (e.g., soft errors) and adversarial attacks (e.g., fault injection, bit-flips) can lead to severe degradation or complete failure of AI systems, with potentially devastating consequences in real-world edge applications. This paper provides a comprehensive review of bit-flip fault and attack vulnerabilities across the AI stack, spanning model architectures and hardware platforms. Integrating insights from existing literature with practical assessments, this study intends to be a valuable reference for those dedicated to creating AI systems that are safe, robust, and secure.
KW - Deep Neural Networks (DNNs)
KW - Edge AI Accelerators
KW - In-Memory Computing
KW - Large Language Models (LLMs)
KW - Soft Errors
KW - State-Space Models
KW - Systolic Array
UR - https://www.scopus.com/pages/publications/105036702958
U2 - 10.1109/ICEDGE67252.2025.11412441
DO - 10.1109/ICEDGE67252.2025.11412441
M3 - Conference contribution
AN - SCOPUS:105036702958
T3 - 2025 1st International Conference on Intelligent Computing and Systems at the Edge, ICEdge 2025
BT - 2025 1st International Conference on Intelligent Computing and Systems at the Edge, ICEdge 2025
PB - Institute of Electrical and Electronics Engineers Inc.
Y2 - 18 December 2025 through 20 December 2025
ER -