Introduction

Machine Learning (ML) systems have emerged as established milestones for several applications. Current trends in the ML community have led to the development of complex and advanced models, such as Deep Neural Networks (DNNs), Capsule Networks (CapsNets), and Spiking Neural Networks (SNNs). Besides their high learning capabilities, their complexity poses several research challenges. The next generation of computing platforms executing advanced Deep Learning (DL) architectures would exhibit high complexity and consume high energy, thus challenging their feasible implementations in resource-constrained devices. Another fundamental aspect to consider when deploying advanced DL architectures is their robustness against various vulnerability threats when dealing with safety-critical applications. An adversary can threaten the integrity of the DL system through attacks at different levels, including the hardware and software stacks, and perturbing the inputs, the memory, or the computational engine. Advanced DL systems employ a set of compute-intensive and memory-intensive operations to provide high accuracy for their predictions. Moreover, several applications require fast responses in real time. While general-purpose hardware platforms are slow and inefficient in computing DL workloads, deploying such resource-hungry algorithms on edge devices is prohibitive. Therefore, a complete design flow comprising software-level optimizations, such as compression, specialized hardware designs, and mapping, is required. Moreover, safety-critical applications demand DL systems to be highly robust in adverse conditions. There are several scenarios where an adversary agent can undermine the system's integrity. Hence, it is worth investigating such conditions from various perspectives and elaborating on defensive methodologies that can mitigate the effect of these threats.