FPGA and data traceability ensure AI security

Data supports almost every aspect of today’s world, and the amount of data generated, processed, shared or otherwise processed is increasing year by year. It is estimated that 90% of the world’s data has been generated in the past two years, and more than 80% of organizations are expected to manage ZB-level data in 2025, with 147 ZB of data generated in 2024 alone. From this perspective, if a grain of rice is a byte, then a ZB of rice can cover the entire surface of the earth several meters thick.

The explosion of data means that it can provide more valuable insights, but it also increases the possibility of vulnerabilities or attacks, and raises difficult questions about security and reasonable use of data. Therefore, it is critical for organizations to develop not only effective management strategies, but also strategies to ensure the integrity of data, especially data used to develop models or drive decisions or innovation.

In this context, the concept of data traceability – tracking the movement and transformation of each data point from the source – has gradually evolved from a defensive measure that is icing on the cake to a key component of network security. This becomes particularly important as enterprises continue to adopt artificial intelligence and machine learning technologies, because only the underlying data can be trusted and reliable.

A solid foundation for data integrity

Data provenance is key to preventing data tampering and designing trusted, compliant, and secure systems. At a high level, this process involves cryptographically binding metadata to data to create a transparent record of the complete history of each node, ensuring its integrity and helping to combat cyber threats. Provenance systems work by tracking data from its point of origin to its current state of use, creating an unbroken chain of trust.

When information is first digitized in a system, it is annotated with information such as time, date, location, source device type, privacy rights, etc. All of this information is then cryptographically bound to the data itself, recording an unchangeable point in time. While today’s systems vary in their ability to understand the provenance of data, the goal is to add and rebind metadata at each transition point throughout the system. Emerging technologies such as blockchain and other distributed ledgers will be the foundation of these tamper-proof systems.

Organizations that do not pay attention to data provenance may make decisions based on inaccurate or tampered information, resulting in negative outcomes and even harming customer interests. In the case of generative AI and large language models (LLMs), copyright issues can also arise if the history of data is not properly tracked. However, if companies successfully implement provenance systems that assess the authenticity of data at every step, they can gain the trust of customers, partners, and even regulators, creating an advantage.

Enhancing Transparency in AI

Across industries, there has been a significant increase in the embedding of AI and ML systems in operations. While this innovation has improved efficiency, AI systems are also vulnerable to threats that compromise data integrity, and these threats are becoming increasingly sophisticated.

Imagine a smart factory that uses AI-based digital twin technology to simulate and optimize production.

This approach only works if the training data used in the system is accurate and up-to-date, so the trustworthiness of the data is critical. Data provenance systems allow factories to view the source records of models and if and when they have been modified, allowing factory managers to verify outputs and more easily detect potential threats or time-based drift in data fidelity.

Unfortunately, despite its critical importance to building and maintaining trusted AI systems, data provenance is not as widely recognized as it should be. Partly due to the lack of broad standards to follow, most models today have little implementation or enforcement of the necessary requirements, making them vulnerable to threats from bad actors:

• Data poisoning. Bad actors can corrupt training data, interfering with the accuracy of the model or introducing bias.
• Malicious training. Lattice shared an example of the potential consequences of malicious training in the automotive industry, citing a study in which AI systems in self-driving cars were deliberately misled to recognize stop signs as speed limit increases, showing how dangerous malicious training can be in the real world.

Even without external intervention, the lack of provenance insight can cause many problems for companies, such as data drift.

This occurs when the attributes of the data on which the algorithm is trained change and the model is not adjusted accordingly, thereby reducing the accuracy of the output. Maintaining data provenance is the best way to ensure that the output of these systems is reliable in the long term.

FPGAs are beginning to show their potential

To improve network resiliency, system designers can integrate FPGAs into data provenance systems. Unlike fixed-function processors, FPGAs are truly flexible and reprogrammable hardware that can perform parallel processing and real-time security operations. Its built-in security features, such as encryption and authentication mechanisms, help protect and securely tag data during processing. Since FPGAs are often the source point of system data, they play an important role in the cryptographic binding process. In addition, the inherent flexibility of FPGAs allows them to be programmed and reprogrammed to perform specific tasks over time. This customizability enables enterprises to adjust the methods of collecting and managing traceability information as their needs change.

FPGAs can also optimize system performance, including AI and ML models.

Due to their real-time processing capabilities, FPGAs are able to manage large amounts of data from different sources with minimal latency. This processing speed ensures that data transactions are recorded and cryptographically bound in a timely manner, and that traceability records reflect the latest information, better supporting data traceability. In addition, FPGAs can perform many operations in parallel. This enables them to collect data, perform cryptographic operations, and monitor security at the same time without affecting the performance of the system.

Impact of Quantum Computing

Since cryptographic operations are critical to the metadata binding process, the cryptographic algorithms used must be future-proof. This issue is extremely urgent because the development of quantum computing has the potential to pose a huge threat to the classical asymmetric cryptographic protection we rely on today.
To protect our digital data in the coming era of quantum computers, we need to turn to a new type of cryptographic technology called post-quantum cryptography (PQC). PQC algorithms use innovative mathematical models that are different from previous ones and can resist quantum threats. Because this encryption method is so new, it highlights the “crypto-flexibility” of FPGAs. If an FPGA running a PQC algorithm is found to have a vulnerability after being deployed in the field, the programming can be updated without replacing the hardware. This flexibility makes FPGAs a pioneer in the transition to PQC and compliance with changing regulations.

Building a Trusted Future

As data traceability becomes more and more popular, industry and government standards bodies need to develop new traceability guidelines that require at least some disclosure of the data traceability integrity of the model. However, it is not clear what form these measures will ultimately take.

One approach is to grade data traceability systems based on their robustness, with the lowest level representing the lack of data traceability mechanisms and the highest level representing a clearly documented chain of trust that outlines the history of data points. Similarly, compliance and enforcement mechanisms also need to be evaluated within this framework to reduce the risks associated with data misuse and ensure transparency and accountability. Independent third-party verification of compliance with these standards is also needed to reduce potential conflicts of interest and ensure best practices for assessing the trustworthiness of data provenance.

In the near future, we may also see an increase in the implementation of immutable data solutions as developers accept that data cannot be changed or deleted once it is recorded. Blockchain technology is one such solution due to its decentralized security and distributed properties. In a blockchain network, each transaction or piece of data is cryptographically linked to the previous one, and once a transaction is added to the blockchain, it is almost impossible to modify or delete, forming an unchangeable chain.

Developing critical systems and driving important decisions requires data support, so companies must be able to track and trust data. The rise of artificial intelligence systems further emphasizes the need for effective data provenance to facilitate the detection of threats to these models and ensure their long-term reliability. In 2025 and beyond, data provenance will become a cornerstone of cybersecurity, network resilience, and network trust, helping companies identify threats to data integrity, comply with new regulations, and build trust in customer and partner networks.