Impact of Error Rate Misreporting on Resource Allocation in Multi-tenant Quantum Computing and Defense

TL;DR

The paper tackles the vulnerability of cloud‑based multi‑tenant quantum computing to adversarial misreporting of calibration data, which can mislead hardware allocators and degrade system throughput and circuit fidelity. It models two misreporting strategies and empirically evaluates their impact on two allocation frameworks, Greedy and COMDAP, using a 27‑qubit noisy backend and QasmBench circuits. Results show that misreporting can increase execution latency by up to 24% and reduce the probability of successful trials by up to 7.8%, with Greedy more affected than COMDAP. To counter this, the authors propose a KL divergence–based detection mechanism that analyzes long‑term deviations in reported error distributions across calibration cycles, highlighting the need for history‑aware integrity checks in outsourced calibration for multi‑tenant quantum services.

Abstract

Cloud-based quantum service providers allow multiple users to run programs on shared hardware concurrently to maximize resource utilization and minimize operational costs. This multi-tenant computing (MTC) model relies on the error parameters of the hardware for fair qubit allocation and scheduling, as error-prone qubits can degrade computational accuracy asymmetrically for users sharing the hardware. To maintain low error rates, quantum providers perform periodic hardware calibration, often relying on third-party calibration services. If an adversary within this calibration service misreports error rates, the allocator can be misled into making suboptimal decisions even when the physical hardware remains unchanged. We demonstrate such an attack model in which an adversary strategically misreports qubit error rates to reduce hardware throughput, and probability of successful trial (PST) for two previously proposed allocation frameworks, i.e. Greedy and Community-Based Dynamic Allocation Partitioning (COMDAP). Experimental results show that adversarial misreporting increases execution latency by 24% and reduces PST by 7.8%. We also propose to identify inconsistencies in reported error rates by analyzing statistical deviations in error rates across calibration cycles.

Figures (5)

• Figure 1: Overview of the proposed threat model. (a) In the absence of an attack, a trusted calibration service accurately reports error rates of all qubits, the allocator assigns qubits efficiently and achieves high hardware/queue utilization. (b) Under attack, the adversary in an untrusted calibration service selectively over-reports error rates for two high-connectivity qubits, Q12 and Q14. This results in inefficient partitioning and lower hardware/queue utilization.
• Figure 2: Proposed heuristics. (a) Heuristic I: Over-reporting central high connectivity qubits; (b) Heuristic II: Under-reporting distributed high-Connectivity qubits
• Figure 3: Impact of attack using Heuristic I on hardware throughput. (a) Hardware utilization percentage across rounds for executing 40 queued programs, (b) Total number of rounds required to complete different number of queued programs under baseline and misreported conditions.
• Figure 4: Effect of attack using Heuristic II on circuit depth and program fidelity. (a) Circuit depth of 8 different programs and (b) Probability of Successful Trials (PST) across different execution queues containing 40 programs each under baseline and misreported conditions.
• Figure 5: Temporal variation and effect of misreporting on CNOT error. (a) Natural CNOT error fluctuation for 15 high-connectivity qubits of $ibm\_kyiv$ over two weeks. (b) Comparison of baseline and misreported CNOT error distributions across two time windows.