AWS IoT Greengrass Deployment
In the rapidly evolving landscape of AI, securing models from threats has become paramount. AIShield for Secure AI at Edge (AIShield.Edge) is your answer to this challenge, seamlessly integrating with the AWS Greengrass ecosystem.
One of its standout features is the ability to retrieve the latest defense model directly from an Amazon S3 bucket, ensuring that your AI models are always protected with the most updated defenses. But that's just the beginning. The AIShield.Edge further strengthens its communication lines by employing the TokenExchangeService, ensuring that every interaction with AWS clients is secure and reliable.
Where it truly shines, however, is in its real-time threat detection capabilities. This component is always vigilant, continuously monitoring AI/ML models for any signs of breaches or attacks. Upon detecting any irregularity, it springs into action, instantly relaying telemetry data to the AWS IoT Core. This not only ensures swift incident response but also fortifies the model's security parameters.
Using inter-process communication (IPC), it adeptly receives input in the bytes format. Once the data is gathered, it engages in meticulous real-time analysis leveraging the defense model. Any critical findings are then promptly relayed to the AWS IoT Core via the MQTT protocol.
To summarize, AIShield.Edge isn't just a component; it's a comprehensive AI security solution. With its advanced threat detection, real-time data analysis, and seamless AWS integration, it serves as a formidable shield for your AI/ML models.
You can get the defense model from AIShield Vulnerability analysis. contact [email protected] to know more.
You should be able to locate the AIShield.Edge component in the AWS console under the AWS IoT->Greengrass->component section.
From there, you can include it in a Greengrass deployment and push it to your device.
Note: For the component to run successfully, you'll need to update the default configuration during the deployment process, as detailed in the next sect
This component provide the following configuration parameters when it is deployed:
TOPIC: Topic to publish and subscribe message from IPC and MQTT. Same topic will be used.
S3_URI: s3 uri of defese model stored in s3 bucket. The uri should contain .tflite model, a .json file containing metadata.
Note: 1. json should contain :
{ "task": "image_classification", "attack": "Extraction", "input_shape": "(28,28,1)" }
where input shape change according to model input shape
2. The Component should have permission to download object from s3 bucket.
3. The S3 URI should belong to S3 bucket for which permission is given.
This component uses the following local log file:
- The component currently has support exclusively for the Linux operating system.
- Its functionality is limited to supporting image classification tasks.
- It exclusively supports TensorFlow Lite models only.
- Exception: defense configuration file not found
- s3 uri of zip file should contain tensorflow light defense model and a .json file containing "task", "attack","input_shape".
- here .json file is missing for the s3 uri
- Exception: ____ is not s3 uri. expect s3 uri of the object to download
- Given path is not s3 uri. please check
- ValueError: cannot reshape array
- Data sent via IPC and input shape configured in configuration file doesn't match. Please check the data sent and input shape provided
- Error-model loading failed.
- Expecting tensorflow.tflite model. please check model.
- How to deploy component ?
- Refer Component deployment and follow the steps
- Where to get defense model?
- you can get defense artifact after performing vulnerability analysis. contact : [email protected] to know more.
- Component is running but not able to send of receive message
- Check the topic provided. ensure publisher and subscriber is using same topic.
Bosch Global Software Technologies Private Limited
123, Industrial Layout, Hosur Road, Koramangala, Bengaluru - 560095, India
E-mail: [email protected]