DeepAI AI Chat
Log In Sign Up

SCARE: Side Channel Attack on In-Memory Computing for Reverse Engineering

by   Sina Sayyah Ensan, et al.

In-memory computing architectures provide a much needed solution to energy-efficiency barriers posed by Von-Neumann computing due to the movement of data between the processor and the memory. Functions implemented in such in-memory architectures are often proprietary and constitute confidential Intellectual Property. Our studies indicate that IMCs implemented using RRAM are susceptible to Side Channel Attack. Unlike conventional SCAs that are aimed to leak private keys from cryptographic implementations, SCARE can reveal the sensitive IP implemented within the memory. Therefore, the adversary does not need to perform invasive Reverse Engineering to unlock the functionality. We demonstrate SCARE by taking recent IMC architectures such as DCIM and MAGIC as test cases. Simulation results indicate that AND, OR, and NOR gates (building blocks of complex functions) yield distinct power and timing signatures based on the number of inputs making them vulnerable to SCA. Although process variations can obfuscate the signatures due to significant overlap, we show that the adversary can use statistical modeling and analysis to identify the structure of the implemented function. SCARE can find the implemented IP by testing a limited number of patterns. For example, the proposed technique reduces the number of patterns by 64 function. Additionally, analysis shows improvement in SCAREs detection model due to adversarial change in supply voltage for both DCIM and MAGIC. We also propose countermeasures such as redundant inputs and expansion of literals. Redundant inputs can mask the IP with 25 functions can be found by greater RE effort. Expansion of literals incurs 36 power overhead. However, it imposes brute force search by the adversary for which the RE effort increases by 3.04X.


page 1

page 5

page 6

page 8


A Look at the Dark Side of Hardware Reverse Engineering – A Case Study

A massive threat to the modern and complex IC production chain is the us...

Hardware Obfuscation of Digital FIR Filters

A finite impulse response (FIR) filter is a ubiquitous block in digital ...

HWGN2: Side-channel Protected Neural Networks through Secure and Private Function Evaluation

Recent work has highlighted the risks of intellectual property (IP) pira...

Reverse Engineering of Integrated Circuits: Tools and Techniques

Consumer and defense systems demanded design and manufacturing of electr...

CAPTIVE: Constrained Adversarial Perturbations to Thwart IC Reverse Engineering

Reverse engineering (RE) in Integrated Circuits (IC) is a process in whi...

Lightweight Hardware Architectures for Efficient Secure Hash Functions ECHO and Fugue

In cryptographic engineering, extensive attention has been devoted to am...

HDLock: Exploiting Privileged Encoding to Protect Hyperdimensional Computing Models against IP Stealing

Hyperdimensional Computing (HDC) is facing infringement issues due to st...