Tiny Machine Learning (TinyML) systems, which enable machine learning inference on highly resource-constrained devices, are transforming edge computing but encounter unique security challenges. These devices, restricted by RAM and CPU capabilities two to three orders of magnitude smaller than conventional systems, make traditional software and hardware security solutions impractical. The physical accessibility of these devices exacerbates their susceptibility to side-channel attacks and information leakage. Additionally, TinyML models pose security risks, with weights potentially encoding sensitive data and query interfaces that can be exploited. This paper offers the first thorough survey of TinyML security threats. We present a device taxonomy that differentiates between IoT, EdgeML, and TinyML, highlighting vulnerabilities unique to TinyML. We list various attack vectors, assess their threat levels using the Common Vulnerability Scoring System, and evaluate both existing and possible defenses. Our analysis identifies where traditional security measures are adequate and where solutions tailored to TinyML are essential. Our results underscore the pressing need for specialized security solutions in TinyML to ensure robust and secure edge computing applications. We aim to inform the research community and inspire innovative approaches to protecting this rapidly evolving and critical field.

翻译：微型机器学习系统能够在资源高度受限的设备上实现机器学习推理，正在改变边缘计算的格局，但也面临着独特的安全挑战。这些设备受限于内存和CPU能力，其规模比传统系统小两到三个数量级，使得传统的软硬件安全解决方案难以适用。设备的物理可访问性进一步加剧了其遭受侧信道攻击和信息泄露的风险。此外，微型机器学习模型本身也存在安全隐患：权重可能编码敏感数据，查询接口可能被恶意利用。本文首次对微型机器学习安全威胁进行了全面综述。我们提出了一个区分物联网、边缘机器学习与微型机器学习的设备分类体系，重点分析了微型机器学习特有的脆弱性。我们列举了多种攻击途径，使用通用漏洞评分系统评估其威胁等级，并对现有及潜在的防御措施进行了评价。通过分析，我们明确了传统安全措施在哪些场景下仍然适用，以及在哪些领域必须开发专门针对微型机器学习的安全解决方案。研究结果强调，为保障边缘计算应用的稳健性与安全性，亟需发展面向微型机器学习领域的专用安全方案。我们希望本研究能为学术界提供参考，并激发对这一快速发展关键领域的创新性保护方法。