Leveraging ChatGPT at the edge on a Raspberry Pi protected by Arca Trusted OS

Before exploring this use-case, have a look at the article to get more details :

 A Trusted Environment at the Edge to Run AI Applications 

Let’s consider a simple use-case of the use of ChatGPT at the edge to illustrate against which attacks ARCA Trusted OS can protect AI containers and their data.

In this use-case, a containerized version of the ChatGPT API is deployed on ARCA Trusted OS running on a Raspberry Pi 4 B board as shown in the figure below. The main digital asset to protect is the ChatGPT API key. Indeed, as written in the OpenAI API documentation: “A compromised API key allows a person to gain access to your account quota, without your consent. This can result in data loss, unexpected charges, a depletion of your monthly quota, and interruption in your API access.” In other use-cases, the digital asset to protect could be the AI model, some personal data used by the model or some cryptographic material.

Example of the collaboration between ChatGPT + RaspberryPi + Arca Trusted OS

The installation phase of the implementation of such a use-case is pretty straightforward and consists mainly of a two-step process. First, ARCA Trusted OS needs to be installed on the Raspberry Pi following the installation procedure. Once this procedure is accomplished, ARCA Trusted OS provides all its security measures to the containers and their data. The deployment of the containerized workloads can be done either using Docker CLI or Docker Compose as when these workloads are deployed on any other Linux distributions. Then, the use of ChatGPT API can be performed at the edge as when running in any other environments.

In this use-case, ARCA Trusted OS protects the data stored on the Raspberry Pi in case of the theft of the edge device or in any other cases of unauthorized physical access to the board. Indeed, the confidentiality of the ChatGPT API key as any other data stored in the microSD of the Raspberry board is protected by a by-default Full Disk Encryption mechanism with a key stored in secure hardware devices such as a TPM 2.0 or the OTP memory.

This key is released at each boot of the board if and only if the authenticity and integrity of ARCA Trusted OS is verified successfully. These security measures make impossible access to the data stored in-clear even when the attacker tries to unlock the disk with a corrupted version of OS.

Also, let’s note that ARCA Trusted OS supports the setup of VNPs based on Wireguard, preventing the compromission of sensitive data, such as the ChatGPT API key, transmitted from the edge device to the core network in the cloud or on-prem. 


Do you want to know more ?

Have a look at our article : A Trusted Environment at the Edge to Run AI Applications