What should be protected ?

- Clients’ sensitive data: face image, health information…

- Model providers’ IP: trained sets of weight, bias and structure

How to efficiently protect ?

- Privacy-preserving using FHE and TEE

- Acceleration using FPGA architecture

Protected execution environment from outside

- Authentication and remote attestation based on Root-of-Trust

- Efficient computation running on FPGA parallel architecture

Host intrusion detection based on ML

- Training with normal states

- Trained model detects intrusion attacks in runtime