Securing Deep Learning Hardware: A Survey of Side-Channel Vulnerabilities and Countermeasures
Articles in Press, Accepted Manuscript, Available Online from 12 February 2026
https://doi.org/10.22042/isecure.2026.240526
Zahra Mohammadi, Mona Hashemi, Siamak Mohammadi
Abstract As deep learning models are increasingly deployed in critical sectors such as healthcare, finance, and security, ensuring their protection against emerging threats has become crucial. Among these threats, side-channel attacks (SCAs) represent a particular challenge since they can extract sensitive information such as model architectures, parameters, and even user inputs without requiring direct access to the model. By leveraging the physical and micro-architectural properties of the hardware, attackers can compromise systems. This survey begins by classifying leakage sources and attacker objectives, then analyzes representative studies that demonstrate practical side-channel exploits against deep-learning hardware. It also reviews existing defenses aimed at mitigating these vulnerabilities and concludes by outlining key open research challenges and potential future directions.