P4 and NetFPGA-Based Secure In-Network Computing Architecture for AI-Enabled Industrial Internet of Things

article proposes a secure in-network computing system based on a simple reduced instruction set architecture, which can be used for processing artificial intelligence and machine learning models in network devices, in an AI-based Industrial Internet of Things (IoT) system. The architecture exploits the capabilities of upcoming generations of packet processing pipelines in programmable network switches. This instruction set enables processing of data at multiple terabits-per-second, which is beyond the processing power of current servers. Instructions for regular expressions, basic arithmetic, and logical operations are defined as a proof of concept. A packet containing both instruction and data blocks is presented as an input to the pipeline by bundling both the function and its arguments into the packet. The primary challenge in open-ing up network switches for executing a user-defined code is security. In this context, this article presents a secure execution model (SEM), which provides additional levels of security by deliberately disallowing memory allocation and modifications to persistent state of the network switch. Furthermore, real-life use cases are presented in this article to demonstrate the utility of the proposed instruction set architecture, as also applicable to IoT data processing. This instruction set is implemented in the programming protocol-independent packet processors language, verified on a mininet-based software switch and demonstrated on Xilinx NetFPGA SUME boards. The performance results show line rate packet processing with zero packet loss, at 10 Gb/s, and average packet latency of 3.66 mu s.

Automated summary

This article proposes a secure in-network computing system based on a simple reduced instruction set architecture, which can be used for processing artificial intelligence and machine learning models in network devices in an AI-based Industrial Internet of Things system. The architecture exploits the capabilities of upcoming generations of packet processing pipelines in programmable network switches, enabling high-speed data processing. The article also introduces a secure execution model (SEM) to enhance security by restricting memory allocation and modifications to the network switch's persistent state. Real-life use cases are presented to showcase the effectiveness of the proposed instruction set architecture in IoT data processing.