Melvin Estuardo Galicia
ABSTRACT
Crossbar arrays based on emerging memristor technology offer significant power savings when running Artificial Neural Network (ANN) applications. An additional advantage of this technology is its non-volatility, which eliminates the need for costly loading of a complete ANN model from conventional memories, thus saving power and allowing immediate system availability. However, this advantage can arguably be seen as a disadvantage from a security perspective, since the ANN model remains on the crossbar indefinitely and is therefore vulnerable to theft. On the other hand, a disadvantage of the current memristor technology is its significantly limited write endurance. Considering these two constraints, we propose a highly secure and yet simple deployment method: "S3cure", which does not require encryption of individual stored values in the memristor, thus avoiding rewriting after each decryption and also rendering useless any unwanted extraction of the ANN model from the crossbar. In our proposed methodology, the ANN model is permuted before deployment by multiplying the model weight matrices with permutation matrices, and the inverse permutation vectors of these matrices become the access key needed at runtime to correctly exploit the model. The analysis and testing of our "S3cure" method reveals extremely difficult brute-force reverse engineering, proportional to the key size, and also shows a limited one-time performance overhead incurred by this implementation.
- David Patterson Krste Asanovic Andrew Waterman, Yunsup Lee. 2014. The RISCV Instruction Set Manual, Volume I: User-Level ISA, Version 2.0. Technical Report UCB/EECS-2014-54. EECS Department, University of California, Berkeley.Google Scholar
- Ali BanaGozar, Kanishkan Vadivel, Sander Stuijk, Henk Corporaal, Stephan Wong, Muath Abu Lebdeh, Jintao Yu, and Said Hamdioui. 2019. CIM-SIM: Computation In Memory SIMuIator (SCOPES '19). Association for Computing Machinery, New York, NY, USA, 1--4. Google ScholarDigital Library
- Yi Cai, Xiaoming Chen, Lu Tian, Yu Wang, and Huazhong Yang. 2019. Enabling Secure in-Memory Neural Network Computing by Sparse Fast Gradient Encryption. In 2019 IEEE/ACM International Conference on Computer-Aided Design (ICCAD). 1--8. Google ScholarCross Ref
- Siddhartha Chhabra and Yan Solihin. 2011. i-NVMM: A secure non-volatile main memory system with incremental encryption. In 2011 38th Annual International Symposium on Computer Architecture (ISCA). 177--188. Google ScholarDigital Library
- Joseph Clements and Yingjie Lao. 2019. Hardware Trojan Design on Neural Networks. In 2019 IEEE International Symposium on Circuits and Systems (ISCAS). 1--5. Google ScholarCross Ref
- Li Deng. 2012. The mnist database of handwritten digit images for machine learning research. IEEE Signal Processing Magazine 29, 6 (2012), 141--142.Google ScholarCross Ref
- Melvin Galicia, Ali BanaGozar, Karl Sturm, Felix Staudigl, Sander Stuijk, Henk Corporaal, and Rainer Leupers. 2021. NeuroVP: A System-Level Virtual Platform for Integration of Neuromorphic Accelerators. In 2021 IEEE 34th International System-on-Chip Conference (SOCC). 236--241. Google ScholarCross Ref
- Zimu Guo, Mark M. Tehranipoor, and Domenic Forte. 2016. Aging attacks for key extraction on permutation-based obfuscation. In 2016 IEEE Asian Hardware-Oriented Security and Trust (AsianHOST). 1--6. Google ScholarCross Ref
- Vladimir Herdt, Daniel Große, Pascal Pieper, and Rolf Drechsler. 2020. RISC-V based virtual prototype: An extensible and configurable platform for the system-level. Journal of Systems Architecture 109 (2020), 101756. Google ScholarCross Ref
- Sachhidh Kannan, Naghmeh Karimi, Ozgur Sinanoglu, and Ramesh Karri. 2015. Security Vulnerabilities of Emerging Nonvolatile Main Memories and Counter-measures. IEEE Transactions on Computer-Aided Design of Integrated Circuits and Systems 34, 1 (2015), 2--15. Google ScholarCross Ref
- Lauri Koskinen, Jari Tissari, Jukka Teittinen, Eero Lehtonen, Mika Laiho, and Jussi H. Poikonen. 2016. A Performance Case-Study on Memristive Computing-in-Memory Versus Von Neumann Architecture. In 2016 Data Compression Conference (DCC). 613--613. Google ScholarCross Ref
- Jung-Hoon Lee, Dong-Hyeok Lim, Hongsik Jeong, Huimin Ma, and Luping Shi. 2019. Exploring Cycle-to-Cycle and Device-to-Device Variation Tolerance in MLC Storage-Based Neural Network Training. IEEE Transactions on Electron Devices 66, 5 (2019), 2172--2178. Google ScholarCross Ref
- Zeba Nasim, Zohra Bano, and Musheer Ahmad. 2015. Analysis of efficient random permutations generation for security applications. In 2015 International Conference on Advances in Computer Engineering and Applications. 337--341. Google ScholarCross Ref
- Fabiha Nowshin and Yang Yi. 2022. Memristor-based Deep Spiking Neural Network with a Computing-In-Memory Architecture. In 2022 23rd International Symposium on Quality Electronic Design (ISQED). 1--6. Google ScholarCross Ref
- Yuhang Wang, Song Jin, and Tao Li. 2021. A Low Cost Weight Obfuscation Scheme for Security Enhancement of ReRAM Based Neural Network Accelerators. In 2021 26th Asia and South Pacific Design Automation Conference (ASP-DAC). 499--504.Google ScholarDigital Library
- Lingxiao Wei, Bo Luo, Yu Li, Yannan Liu, and Qiang Xu. 2018. I Know What You See: Power Side-Channel Attack on Convolutional Neural Network Accelerators. In Proceedings of the 34th Annual Computer Security Applications Conference (San Juan, PR, USA) (ACSAC '18). Association for Computing Machinery, New York, NY, USA, 393--406. Google ScholarDigital Library
- Di Wu, Xitian Fan, Wei Cao, and Lingli Wang. 2021. SWM: A High-Performance Sparse-Winograd Matrix Multiplication CNN Accelerator. IEEE Transactions on Very Large Scale Integration (VLSI) Systems 29, 5 (2021), 936--949. Google ScholarDigital Library
- Minhui Zou, Junlong Zhou, Xiaotong Cui, Wei Wang, and Shahar Kvatinsky. 2022. Enhancing Security of Memristor Computing System Through Secure Weight Mapping. In 2022 IEEE Computer Society Annual Symposium on VLSI (ISVLSI). 182--187. Google ScholarCross Ref
- Minhui Zou, Zhenhua Zhu, Yi Cai, Junlong Zhou, Chengliang Wang, and Yu Wang. 2020. Security Enhancement for RRAM Computing System through Obfuscating Crossbar Row Connections. In 2020 Design, Automation & Test in Europe Conference & Exhibition (DATE). 466--471. Google ScholarCross Ref
Index Terms
- "S3cure": Scramble, Shuffle and Shambles - Secure Deployment of Weight Matrices in Memristor Crossbar Arrays
Recommendations
Secure Memristor-based Main Memory
DAC '14: Proceedings of the 51st Annual Design Automation ConferenceNon-volatile memory devices such as phase change memories and memristors are promising alternatives to SRAM and DRAM main memories as they provide higher density and improved energy efficiency. However, non-volatile main memories (NVMM) introduce ...
Information-Theoretic Sneak-Path Mitigation in Memristor Crossbar Arrays
In a memristor crossbar array, functioning as a memory array, a memristor is positioned on each row–column intersection, and its resistance, low or high, represents two logical states. The state of every memristor can be sensed by the current flowing ...
Self-Controlled Writing and Erasing in a Memristor Crossbar Memory
The memristor device technology has created waves in the research community and led to the consideration of using the device in multiple avenues. The most likely candidate for early adoption is the nonvolatile memory due to the small cell size (...
Comments