Facebook
Twitter
LinkedIn
At the 30th edition of the ACM Conference on Computer and Communications Security, which took place in Copenhagen from 27-30 November 2023 and included a daylong workshop on artificial intelligence and security (AISec), Thales made a world-premiere presentation of a technique for carrying out a physical attack on an AI system.
Companies and organisations are now well aware of the risk of software attacks on their AI models, but less information is available about potential attacks on AI hardware.
With the increasing use of AI in defence systems (drones, vehicles, fighter aircraft, etc.), the security of these highly critical assets needs to be taken into account from the earliest design stage in order to protect the intellectual property they contain and safeguard national security interests.
Side-channel attack on an embedded AI system by Thales ThalesIn an AI system, software is embedded in physical hardware components. Physical attacks known as side-channel attacks attempt to gain access to sensitive information by observing indirect signals generated by physical components of the system. Thaless demonstration of a side-channel attack during the AISec workshop was intended to raise awareness of this new type of threat among members of the scientific and technical community and encourage them to take this potential vulnerability into account when developing their systems. The heat, power consumption or electromagnetic radiation generated by a system can be a valuable source of information for hackers. They can use this information to exploit the physical characteristics of a systems electronic components, understand how the embedded software functions, access its sensitive data and compromise the confidentiality of the parameters influencing the decisions made by the AI.
Joan Mazenc, Director of the Thales ITSEF1, said: The risk of side-channel attacks on AI systems has not been fully addressed, and specific developments are needed to guarantee their reliability and resilience and to protect the intellectual property they contain. By presenting this new threat to the international scientific and technical community at the AISec conference, Thales seeks to alert industry to this emerging risk and the advanced solutions and techniques required to build a trusted AI system.
The attack presented at the AISec conference was conducted in two steps:
1 . Attack by observation, in which the physical behaviour of the system was analysed during operation to reveal the secret parameters used by the targeted AI for classifying images.
Conventional laboratory techniques can measure the electromagnetic radiation generated by a systems electronic components. By reproducing this process thousands of times in a variety of conditions, an attack AI can be trained to recognise the observed radiation patterns and thereby identify the secret parameters of the target AI with no prior knowledge of the system being observed.
2 . Active attack, in which the parameters influencing the target AIs decisions were exploited in order to deceive the model by creating adversarial examples.
Here, the operator forces the AI to identify the figure 7 as a 5. ThalesThis attack used scripts capable of exploiting the secret parameters revealed in the first step in order to create an image that would be incorrectly classified by the AI.
In addition, a hacker with physical access to the target system could achieve the same objective by physically disturbing the component while the AI is running. Creating a quick disturbance in the electronic components power supply or exposing a circuit to a strong electromagnetic pulse could alter the AIs decisions, causing it to misclassify images. This type of fault injection attack also needs to be taken into consideration by embedded system designers in order to build a trusted AI.
Thales and AI
To counter these threats, Thales runs security evaluations at its ITSEF laboratory, which is accredited by the French National Cybersecurity Agency ANSSI, and draws on the Groups extensive expertise to propose customised solutions to mitigate any vulnerabilities that are detected.
As the Groups defence and security businesses address critical requirements, often with safety-of-life implications, Thales has developed an ethical and scientific framework for the development of trusted AI based on the four strategic pillars of validity, security, explainability and responsibility. Thales solutions combine the know-how of over 300 senior AI experts and more than 4,500 cybersecurity specialists with the operational expertise of the Groups aerospace, land defence, naval defence, space and other defence and security businesses.
About Thales
Thales (Euronext Paris: HO) is a global leader in advanced technologies within three domains: Defence & Security, Aeronautics & Space, and Digital Identity & Security. It develops products and solutions that help make the world safer, greener and more inclusive.
The Group invests close to 4 billion a year in Research & Development, particularly in key areas such as quantum technologies, Edge computing, 6G and cybersecurity.
Thales has 77,000 employees in 68 countries. In 2022, the Group generated sales of 17.6 billion.
1Information Technology Security Evaluation Facility
Documents
Physical hacking - Thales warns of new challenge to AI systems.pdf
Contact
Marion Bonnet, Press and social media manager, Security and Cyber
+33 (0)6 60 38 48 92 marion.bonnet@thalesgroup.com
15 Dec 2023
Thales Alenia Space has selected the UK's National Satellite Test Facility for FLEX satellite first test campaign
Read more
13 Dec 2023
Thales delivers the new integrated surveillance system to Melillas Command Headquarters
Read more
13 Dec 2023
Trust Bank and Thales Launch Singapore's First O
Europe Stories
05/01/2027
Worlds first 802.15.4ab-UWB chip verified by Calterah and Rohde & Schwarz to be ...
06/09/2026
June 9 2026, 23:00 (PDT) Dolby and MagentaTV Bring Fans Closer to the FIFA Worl...
04/08/2026
Dalet, a leading technology and service provider for media-rich organizations, t...
04/07/2026
April 7 2026, 19:00 (PDT) Detective Conan: Fallen Angel of the Highway Opens in...
11/06/2026
As podcast formats evolve in the streaming era, podcasting needs updated, transp...
11/06/2026
As Spotify's global RADAR program enters its sixth year in Italy, a new class of artists is stepping into the spotlight. Today, we're announcing the six...
11/06/2026
Pride Month is a time for celebration, reflection, and amplifying the diverse stories and perspectives from the LGBTQIA+ community that enrich our world. To hel...
11/06/2026
First in new line of muted string libraries
VSL have just announced the launch of two new string libraries that represent the first two instalments in a new...
11/06/2026
New colour option for 61-key Launchkey MK4
At Superbooth 2025, Novation introduced the Launchkey Mini 37 White and Launchkey 49 White, bringing an additiona...
11/06/2026
Larger, but still compact!
Arturia's popular compact MIDI controller keyboard is now available in a, well, slightly less compact version! The new MiniLa...
11/06/2026
Eurosatory 2026: Rohde & Schwarz shapes the new-generation battlefield Rohde & Schwarz unveils next generation SIGINT/EW and CUAS solutions on uncrewed system...
11/06/2026
Rohde & Schwarz unveils NEMACS - Directional, ultra secure connectivity for the ...
11/06/2026
Thursday 11 June 2026
Daisy May Cooper rallies the nation ahead of ICC Women's T20 World CupTurn on cookies to view this content. Go to Privacy options and...
11/06/2026
Summer solstice shows from C il House and Late Date from 9pm on Saturday 20 Jun...
10/06/2026
Get Hands-On with Interfaces & Mic Preamp Brands
If youre after a new interface or preamp, then GearExpo UK is the place to be! Well have a whole host of au...
10/06/2026
November 13-14 2026, The Midway, San Francisco
Following their recent rebranding, MONO Music Conference (formerly Music Expo) have officially announced thei...
10/06/2026
Debut instrument free for limited time
deFORM is the debut release from newly founded developer ebbandflow, and it's being offered as a free download fo...
10/06/2026
Rohde & Schwarz and TRUMPF advance laser-based drone defense with THORIS LCS Rohde & Schwarz is showcasing THORIS at ILA 2026: A sovereign, end to end counter...
10/06/2026
MAHLE and Rohde & Schwarz develop application for sensor testing of modern drive...
10/06/2026
10 Jun 2026
VEON's Banglalink Brings Every World Cup 2026 Match to Football...
10/06/2026
Wednesday 10 June 2026
How to watch every ICC Women's T20 World Cup 2026 match live on Sky Sports
Where is the ICC Women's T20 World Cup 2026 availabl...
10/06/2026
Wednesday 10 June 2026
P RLA brings first-ever Beautifully Clean Oral Care'...
10/06/2026
Wednesday 10 June 2026
Sky reveals pulse-pounding first teaser trailer for upco...
10/06/2026
Wuppertal June 10, 2026
Riedel Artist at the Heart of the 14th World Live Neurovascular ConferenceAt the 14th World Live Neurovascular Conference (WLNC) in Li...
09/06/2026
Last month, Spotify hosted PURE FLOWERS LIVE, a special event celebrating the re...
09/06/2026
Last month, RADAR U.K. artist Skye Newman took the stage in East London for a sp...
09/06/2026
Company to cease operating on 30 June 2026
Australian loudspeaker and amplifier manufacturer Wayne Jones Audio have announced that after much consideration,...
09/06/2026
Increases low-end weight and character
The latest plug-in release from Sheffield-based fedDSP aims to offer an all-in-one solution for users in search of mo...
09/06/2026
Introduces AI Studio Assistant, Moises Studio integration & more
Fender Studio have just announced the launch a significant update that brings an array of n...
09/06/2026
The BBC has found its Hercule Poirot.
After Deadline revealed last month that t...
09/06/2026
Filming to take place in Holmfirth
9th June 2026, London: U&GOLD is heading bac...
09/06/2026
X-Rite Pantone Launches Offset360 to Modernize Color Control Across Existing Pre...
09/06/2026
09 Jun 2026
VEON Appoints Serkan Ozturk as Chief of Staff & Strategy Officer Dubai and New York, June 9, 2026 - VEON Ltd. (NASDAQ: VEON), a global digital oper...
09/06/2026
Tuesday 9 June 2026
Katie Price: Nothing to Hide, a candid and unfiltered accou...
09/06/2026
Enni Continues to Rely on Arvato Systems - And Will Be Using AEP.EnerS4 Billing Solution
Arvato Systems to implement transformation project for SAP S/4HANA Ut...
09/06/2026
These special programmes will highlight RT 's connection with the Irish diaspora
This year, RT is marking 100 years of public broadcasting in Ireland with...
08/06/2026
At Spotify, our commitment to the LGBTQIA community is year-round. Through GLOW, our global music program, we celebrate and amplify the contributions of queer ...
08/06/2026
Get Hands-on With Keyboard & Synth Brands
GearExpo UK wouldn't be complete without some synth action, and we've got some of the industry's most ...
08/06/2026
50 popular in-ear monitoring system profiles added
The latest update for IK Multimedia's headphone-correction system has just arrived, and introduces ca...
08/06/2026
Manny Marroquin signature cans upgraded with SLAM Technology
The flagship model in Audeze's Manny Marroquin Signature Series has just been treated to an...
08/06/2026
Air domain supremacy redefined - New counter UAS, space solutions and directiona...
08/06/2026
he BBC and BritBox have announced that Edward Bluemel (We Might Regret This, My ...
08/06/2026
Plus, 20% off TVs ahead of kick-offMonday 8 June 2026
Sky introduces Real Time...
08/06/2026
FOX Secures Live NFL Game Package in Mexico Starting in Fall 2026 Agreement Features Thursday Night Football, Sunday Games Package, Thanksgiving Day Games, al...
08/06/2026
FOX One, FOX Sports and Indeed Name Austin Franklin and Kevin Akoto as FOX One C...
08/06/2026
Meet us on the show floor
Stand #286310 Discover Nara, the media management tool used by major facilities including Harbor and Molinare.
Nara v2 introduces re...
08/06/2026
L'art de l'Image dans Reflet dans un diamant mort' Une conversation avec le directeur de la photographie Manuel Dacosse, SBC et l' talonneur Pe...
08/06/2026
Embracing today's modern media workflows: FilmLight presents Nara 2.0, with FilmLight API Designed to support the growing demands of today's production ...
Facebook 
