Publications

Breaking TinyML: Why Quantized Neural Networks Need Domain-Specific Security Analysis

Abstract

Most TinyML hardware focus on supporting Quantized Neural Networks (QNNs) to meet stringent constraints on power consumption, size, and cost. Despite this, the security aspects of quantization within TinyML hardware remain largely unexplored. Although previous studies indicate that QNNs demonstrate similar or enhanced robustness when compared to full-precision Deep Neural Networks (DNNs) against typical evasion attacks, no attack strategies tailored specifically for TinyML hardware have been proposed yet. This paper addresses the aforementioned shortfall by demonstrating how a two-step attack pipeline can surpass the current state-of-the-art in the QNN context and shows the need for more hardware-aware security research.

Date
2026
Authors
Jacob Huckelberry, Andrea Mattia Garavagno, Yuke Zhang, Peter A Beerel, James Mickens, Vijay Janapa Reddi
Journal
IEEE Micro
Publisher
IEEE