Integrated Security Mechanisms Protect Weights in Memristive Crossbar Arrays, Safeguarding Intellectual Property Against 10% Data Leakage

Memristive crossbar arrays promise a revolution in computing by performing calculations directly within memory, offering significant advantages for applications like machine learning and artificial intelligence. However, the valuable intellectual property embedded within these arrays, the weights representing learned information, remains vulnerable to security breaches when hardware is compromised. Muhammad Faheemur Rahman and Wayne Burleson, from the University of Massachusetts Amherst, address this critical challenge by developing integrated security mechanisms that protect these weights and establish verifiable ownership. Their innovative approach, incorporating Keyed Permutation and Watermark Protection Columns, safeguards critical data without requiring substantial redesign of existing memristive architectures, and simulations demonstrate robust protection with minimal impact on area, delay, and power consumption. This work represents a significant step towards building secure and trustworthy in-memory computing systems for increasingly sensitive applications.

Non-volatile memristors, despite their advantages, are vulnerable to security threats such as unauthorized extraction of stored weights when the hardware is compromised. Protecting these weights is essential, as they represent valuable intellectual property resulting from lengthy and costly training processes using large datasets. This approach integrates efficiently with existing memristive crossbar architectures without requiring significant design modifications, and simulations have been conducted across 45nm and 22nm technologies.

Memristor Security, Keying and Watermarking Techniques

Scientists engineered a robust security framework for memristive crossbar arrays, addressing vulnerabilities to intellectual property theft and malicious tampering. To rigorously evaluate these mechanisms, researchers employed the widely known MNIST dataset and a complex radio frequency dataset, both downsampled and normalized to match the input dimensions of the simulated memristive crossbar arrays. The experimental setup involved simulating matrix-vector multiplication within the crossbar array, using normalized analog voltages as inputs and measuring analog currents as outputs.

Researchers focused on predefined weights for structural and power-delay simulations, prioritizing security overhead and circuit behavior over classification accuracy. The team adopted a 1T1R cell structure, utilizing one transistor and one memristor per cell, to prevent unwanted currents and ensure precise weight tuning. This configuration allows for accurate control of memristor conductance, representing the stored weights, and facilitates reliable computation. To account for nanoscale effects, scientists integrated a detailed interconnect model into their simulations, capturing parasitic effects that impact signal propagation and circuit performance.

They conducted extensive simulations using HSPICE across three CMOS technology nodes, 45nm, 22nm Bulk PTM, and 7nm FinFET PTM, to assess scalability and performance across different fabrication processes. Furthermore, the study evaluated arrays of varying sizes, 10×10, 128×10, and 256×128, to analyze the impact of array dimensions on security overhead and circuit behavior. The Keyed Permutor, which obscures weight locations through key-controlled row remapping, was implemented using triplet swaps, creating a large key space while maintaining a minimal increase in transistor count for a 128×128 array. To enhance security, the watermark columns were designed to mimic regular columns in structure and behavior, with variable placement and dummy activity to blend into the array and avoid detection. The combination of these techniques delivers robust protection with minimal performance trade-offs, demonstrating the feasibility of securing memristive in-memory systems against sophisticated attacks.

Memristor Security, Minimal Overhead Demonstrated

Scientists developed security mechanisms for memristive crossbar arrays, addressing vulnerabilities in in-memory computing systems, and protecting valuable intellectual property embedded within machine learning models. Simulations across 45nm, 22nm, and 7nm CMOS nodes, using realistic interconnect models and a large radio frequency dataset, demonstrate robust protection with under 10% overhead in area, delay, and power consumption. Measurements confirm a modest performance impact; a 256×128 array at the 45nm node exhibited an 8.

8% drop in column current, a 5. 5% increase in delay, and a 9. 8% increase in power. The transistor count increased by only 2. 34% when utilizing the triplet-swap configuration, highlighting the efficiency of the implemented security features.

These trends remained consistent across smaller arrays (128×10, 10×10) and advanced technology nodes (22nm, 7nm), demonstrating the scalability and robustness of the approach. The research delivers a practical solution to protect against unauthorized extraction of stored weights, crucial as the cost of training major machine learning models is projected to exceed $500 million by 2030. By obscuring the mapping between inputs and stored values, the mechanisms resist tampering and support ownership verification, demonstrating that effective security does not necessitate a significant compromise in performance or efficiency.

Memristor Security, Minimal Performance Impact

This research demonstrates the successful implementation of security mechanisms within memristive crossbar arrays, a promising architecture for in-memory computing and machine learning acceleration. Simulations across multiple CMOS technology nodes, 45nm, 22nm, and 7nm, and array sizes consistently show that these mechanisms integrate efficiently with existing designs, incurring minimal overhead in area, delay, and power consumption. The results indicate that both security features can be added with less than 10% impact on performance metrics, demonstrating that robust protection does not necessitate significant trade-offs in efficiency.

This is particularly important given the increasing cost of training large machine learning models and the growing need for secure in-memory architectures for next-generation computing systems. The team confirms functional accuracy through analog matrix-vector multiplication based on established electrical principles. Further investigation is needed to assess the impact of process, voltage, and temperature variations, and to optimize performance on larger crossbar arrays. Monte Carlo simulations will also be used to analyze key design parameters. This research provides a crucial step towards building secure and efficient in-memory computing systems, addressing a critical need in the rapidly evolving field of artificial intelligence and machine learning.