Hardware Security in Spin-Based Computing-In-Memory: Analysis, Exploits, and Mitigation Techniques
Xueyan Wang, Jianlei Yang, Yinglin Zhao, Xiaotao Jia, Gang Qu, Weisheng Zhao
11Hardware Security in Spin-Based Computing-In-Memory:Analysis, Exploits, and Mitigation Techniques
XUEYAN WANG, JIENLEI YANG ∗ , YINGLIN ZHAO, and XIAOTAO JIA, Beihang University,China
GANG QU,
University of Maryland, College Park, USA
WEISHENG ZHAO ∗ , Beihang University, ChinaComputing-in-memory (CIM) is proposed to alleviate the processor-memory data transfer bottleneck intraditional Von-Neumann architectures, and spintronics-based magnetic memory has demonstrated manyfacilitation in implementing CIM paradigm. Since hardware security has become one of the major concerns incircuit designs, this paper, for the first time, investigates spin-based computing-in-memory (
SpinCIM ) from asecurity perspective.
We focus on two fundamental questions:
1) how the new
SpinCIM computing paradigmcan be exploited to enhance hardware security? 2) what security concerns has this new
SpinCIM computingparadigm incurred?CCS Concepts: •
Hardware → Emerging architectures ; Non-volatile memory; •
Security and privacy → Hardware attacks and countermeasures .Additional Key Words and Phrases: Computing-in-memory, hardware security, spintronics technology
ACM Reference Format:
Xueyan Wang, Jienlei Yang, Yinglin Zhao, Xiaotao Jia, Gang Qu, and Weisheng Zhao. 2020. Hardware Securityin Spin-Based Computing-In-Memory: Analysis, Exploits, and Mitigation Techniques.
ACM J. Emerg. Technol.Comput. Syst.
1, 1, Article 1 (January 2020), 18 pages. https://doi.org/10.1145/3397513
For traditional Von-Neumann architecture, computation and memory are the two most importantunits. The computation unit reads data from memory and performs calculations, then stores theresults back into memory. Since the late 1990’s, CPU speed has outperformed the speed of memoryaccess, creating the well-known “memory wall” [1]. This becomes even worse in today’s big dataera, where data intensive applications need more frequent transfer of larger amount of data betweenprocessor and memory. A single memory
Read/Write operation consumes two to three orders ofmagnitude more energy and time than data calculation. ∗ Corresponding authors: Jianlei Yang and Weisheng Zhao. Email: [email protected], [email protected] work is supported in part by State Key Laboratory of Computer Architecture (CARCH-201917), National NaturalScience Foundation of China (61602022, 61701013), State Key Laboratory of Software Development Environment (SKLSDE-2018ZX-07), National Key Technology Program of China (2017ZX01032101) and the 111 Talent Program B16001.AuthorsâĂŹ addresses: X. Wang, Y. Zhao, X. Jia, and W. Zhao are with the Fert Beijing Research Institute, School ofMicroelectronics, Beijing Advanced Innovation Center for Big Data and Brain Computing (BDBC), Beihang University, No.37 Xueyuan Road, Haidian District, Beijing, China, 100191; J. Yang is with the School of Computer Science and Engineering,BDBC, Beihang University, Beijing, China; Gang Qu is with the Department of Electrical and Computer Engineering, A.V.Williams Building, University of Maryland, College Park, MD, USA, 20742.Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without feeprovided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice andthe full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored.Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requiresprior specific permission and/or a fee. Request permissions from [email protected].© 2020 Association for Computing Machinery.1550-4832/2020/1-ART1 $15.00https://doi.org/10.1145/3397513ACM J. Emerg. Technol. Comput. Syst., Vol. 1, No. 1, Article 1. Publication date: January 2020. a r X i v : . [ c s . ET ] J un :2 X. Wang et al. Memory Wall STT-MRAMComputing-in-MemorySpinCIM Hardware SecurityAlleviate traditionalsecurity problem? New securityvulnerabilities?ReverseEngineeringAttack SideChannelAttack DegradedReadMargins Heat/Magnetic
SpinCIM Security …… ……
Fig. 1. An overview of
SpinCIM security.
Computing-in-memory (CIM) is one promising approach to alleviate the memory wall. The basicidea of CIM is to embed computations into memory. The computation could be performed at thesame time of memory access, eliminating the time and energy overhead of data movement betweenprocessor and memory. In addition, due to the available high bandwidth within memory array,CIM is able to provide massive parallelism, such as the vector operations.Among the possible CIM implementations, spintronics-based CIM (
SpinCIM ) has the followingadvantages. First, spintronics-based magnetic memory has been a promising candidate for the nextgeneration main memory because of its properties such as near-zero leakage, non-volatility, highendurance, and compatibility with the CMOS manufacturing process. In particular, prototype SpinTransfer Torque Magnetic RAM (STT-MRAM) chip demonstrations and commercial MRAM productshave been available by companies such as Everspin and TSMC [2][3]. Second, STT-MRAM storesdata with magnetic-resistances and accesses data by current-sensing scheme instead of conventionalcharge based store and access. This enables MRAM to provide inherent computing capabilities withonly minor changes to the memory array, making it suitable for CIM implementation.It is well-documented that security has been previously considered as an afterthought, withperformance dominating the design requirements. As a consequence, numerous security vulnera-bilities and malicious attacks (such as intentional sensitive data leakages in Meltdown and Spectre[4]) are consistently being discovered. While
SpinCIM is newly proposed and still in explorationstage, it gives us the golden opportunity to consider security as a first class requirement at the earlydesign stage. To the best of our knowledge, this paper is the first effort to study
SpinCIM from thesecurity perspective. Previously, there are extensive research on applying the emerging spintronicdevice for security. For example, the stochastic writing features have been used for true randomnumber generation and PUF design [5–7]. Our work is different from these in that we focus onthe
SpinCIM computing architectures, and investigate the security applications and security issuesbrought by this new computing paradigm.Fig. 1 summarizes the motivation and rationale of studying
SpinCIM security. We find that theemerging
SpinCIM acts as a double-sided sword for hardware security. On the one hand, the newcomputing paradigm of
SpinCIM facilitates the development of certain innovative hardware securitysolutions. In particular, we will discuss
SpinCIM -enhanced security solutions for circuit obfuscation
ACM J. Emerg. Technol. Comput. Syst., Vol. 1, No. 1, Article 1. Publication date: January 2020. ardware Security in Spin-Based Computing-In-Memory: Analysis, Exploits, and Mitigation Techniques 1:3
Free LayerPinned Layer
Tunnel Barrier
Bit LineWord Line Source LineWrite ‘ ’ Write ‘ ’ Fig. 2. A typical STT-MRAM bit-cell. and side channel attack prevention. Although both topics have been heavily researched, we believethat
SpinCIM based solutions have low performance overhead and are more effective. On the otherhand,
SpinCIM could also introduce new security vulnerabilities which can be leveraged by theattackers to launch new attacks. For example, typical hardware Trojan requires the insertion ormodification of specific circuit for Trojan insertion and activation. While under
SpinCIM , attackersare able to achieve Trojan-similar attacks by simply manipulating the thermal conditions or magneticfield, even without the need for any circuit modifications.The rest of this paper is organized as follows: Section 2 provides the necessary backgroundknowledge on STT-MRAM and
SpinCIM , and discusses the recent research advance in hardwaresecurity. Section 3 demonstrates the enhanced security solutions for circuit obfuscation and sidechannel attack thwarting by
SpinCIM . New security issues in
SpinCIM are studied and discussed inSection 4. Section 5 provides an outlook into the research for
SpinCIM security. Finally, Section 6concludes the paper.
In this section, we provide a brief background introduction on STT-MRAM and
SpinCIM as well asthe current state of research on hardware security.
STT-MRAM is a promising next generation memory that features non-volatility, fast writingand reading, high endurance, and zero standby power [8–12]. As Fig. 2 shows, a typical STT-MRAM bit-cell consists of an access transistor and a Magnetic Tunnel Junction (MTJ), which iscontrolled by bit-line (BL), word-line (WL) and source-line (SL). An MTJ consists of one pinnedferromagnetic layer (PL) with a fixed magnetic orientation, one free ferromagnetic layer (FL) whosemagnetic orientation can be switched, and one tunneling oxide barrier between PL and FL. Therelative magnetic orientations of PL and FL can be stable in parallel ( P state) or anti-parallel ( AP state), corresponding to low resistance ( R P ) and high resistance ( R AP , R AP > R P ) of the MTJ cell,respectively. As a result, each MTJ is able to store 1-bit information. In this paper, we assumethat the low resistance state is used to represent logic ‘1’, and the high resistance state is used torepresent logic ‘0’.To read out the stored information in an MTJ cell, one needs to enable WL signal, apply a voltage V read across BL and SL, and sense the current that flows ( I P or I AP ) though the MTJ. By comparingthe sense current with a reference current ( I ref , I AP < I ref < I P ) the data stored in MTJ cell (logic ‘0’ ACM J. Emerg. Technol. Comput. Syst., Vol. 1, No. 1, Article 1. Publication date: January 2020. :4 X. Wang et al. WL i WL j SL BL BL n-2 SL n-2 BL n-1 SL n-1 I ref O n-1 O n-2 O I i,n-1 I j,n-1 I i,n-1 + I j,n-1 I i,n-2 + I j,n-2 I i,0 + I j,0 I i,n-2 I j,n-2 I i,0 I j,0 …… …… …… …… Fig. 3.
SpinCIM computations in enhanced STT-MRAM array. or logic ‘1’) could be read out. Writing operation can be performed by enabling WL, then applyingappropriate voltage ( V write ) across BL and SL to pass a current that is greater than the critical MTJswitching current. The specific logic value that is written is dependent on the direction of the writecurrent. CIM efforts can be classified into two categories according to whether they target at application-specific computations [13–15] or general-purpose computations [11, 16–20]. For example, ReRAMhas been widely explored and used to implement the matrix-vector multiplication for neuralnetwork accelerations with the multi-bit storage property. Compared to other resistive memorydevices (such as ReRAM), STT-MRAM has higher write endurance, faster write speed, lower writeenergy, and limited resistance difference between the distinct resistance states of MTJ. STT-MRAMis widely used to implement bit-wise operations for general in-memory computing paradigm. Inthis paper, we focus on such general-purpose CIM [16], which can be widely used in all categoriesof applications.Due to the current sensing mechanism in STT-MRAM and the fact that current can be accumu-lated,
SpinCIM is able to realize logic functions conveniently. As demonstrated in Fig. 3, by simulta-neously enabling word-line WL i and WL j , then applying V read across BL k and SL k (k ∈ [ , n − ] ),the current that feeds into the k-th sense amplifier (SA) is a summation of the currents flowingthrough MTJ i , k and MTJ j , k , namely I i , k + I j , k . With different reference sensing current, the senseamplifier will have different outputs under given input patterns, thus different logic functions ofthe enabled word line can be directly implemented.In SpinCIM computing paradigm, the core bit-cell and array structure of STT-MRAM remainunchanged. One only needs to make insignificant modifications to the peripheral circuitry (such assensing circuitry to generate required sensing current) of the memory. Therefore, the impact ofintroduced
SpinCIM on density and efficiency of memory arrays is negligible [16].In the architecture level, to invoke the different types of operations that can be performed by
SpinCIM in the enhanced STT-MRAM array, the instruction set architecture (ISA) of the processorneeds to be extended. For
SpinCIM computations, the operation type, address of operation data,and address of result are sent to memory, then the operations can be completed within the memory.The overall computation needs only one memory access. As a comparison, traditional computations
ACM J. Emerg. Technol. Comput. Syst., Vol. 1, No. 1, Article 1. Publication date: January 2020. ardware Security in Spin-Based Computing-In-Memory: Analysis, Exploits, and Mitigation Techniques 1:5
CimADD R Add1 , R
Add2 , R
Dest . Load R Add1 , R ; Load R Add2 , R ; Add R , R , R ; Store R , R Dest . Von-Neumann ArchitecturesSpinCIM
Fig. 4. An example of
CimADD operation in extended ISA. need to fetch operation data from memory to processor, perform computations in the processor,then write the result back to memory, which involve M + M is the number of operation data thatneeds to fetch from memory) number of memory access. Take the Add operation as an example, asshown in Fig. 4, to add two data that are stored in the main memory, the typical four instructions canbe replaced by one
CimADD instruction in
SpinCIM . The number of memory operations is reducedfrom three to one, which is obviously more time and energy efficient.
As the root of software, system, and network security, in recent years, hardware security has becomea hot topic and attracted attention from both industry and academia [21, 22]. The continuallyincreasing design complexity and cost have led to the globalization of integrated circuit (IC)design and fabrication, where counterfeits may exist in all phases of the supply chain and bringserious security concerns. Design intellectual property (IP) infringement, reverse engineeringattacks, hardware Trojans, side channel attacks, and others have caused both security concerns andeconomic loss in semiconductor industry [21–24]. To ensure the integrity and the trustworthinessof fabricated circuits, various defensive approaches have been proposed. There are passive ones likecircuit watermarking/fingerprinting techniques, proactive strategies such as circuit obfuscation andTrojan detection/prevention techniques. Security primitives such as physical unclonable function(PUF) and true random number generator (TRNG) have been proposed to provide authentication andencryption. To reduce the performance overhead of CMOS-based security techniques, researchershave explored to utilize the unique intrinsic properties of emerging devices, for example, in circuitobfuscation strategies, polymorphic gates have been designed with the tunable polarity of SiNWFET [25] and MRAM is used to replace SRAM to configure the functionalities of multiplexers [26, 27].However, these approaches follow the same design methodology as the previous CMOS-based ones,thus they are still vulnerable to SAT-based attacks. Moreover, to thwart side channel attacks, it needsto slow down the fast operations and to increase the power consumption of low-energy operationsto equalize the performance of different memory operations, which brings non-trivial performanceoverheads [28]. This motivates us to explore the possible solutions to these security concerns withthe new
SpinCIM computing paradigm and investigate the security vulnerabilities in
SpinCIM . Ourwork in this paper is different with previous work in that we focus on the
SpinCIM computingarchitectures, and investigate the security issues brought by this new computing paradigm.
ACM J. Emerg. Technol. Comput. Syst., Vol. 1, No. 1, Article 1. Publication date: January 2020. :6 X. Wang et al.
CoreArrayPeripheralCircuity
Enhanced STT-MRAM
Control Unit
Reverse Engineering
DepackagingDelayeringImaging(SEM)Arithmetic Unit Incomplete FunctionNo Function Revealed
Fig. 5.
SpinCIM -enabled obfuscation.
Because of the aforementioned properties of
SpinCIM , it can solve some of the long standingchallenges in hardware security. In the section, we demonstrate this with examples on how toapply
SpinCIM for circuit obfuscation and prevention of side channel attacks.
Circuit obfuscation has been proposed as one proactive countermeasure against a variety ofhardware attacks, such as reverse engineering (RE) and IC/IP piracy, through hiding valuable circuitdesign information [29, 30]. Since it was proposed in 2012, the fierce race between sharpening thespears of de-obfuscation tools and making the obfuscation shield more robust has quickly elevatedthe sophistication and maturity level of circuit obfuscation, making it one of the most effectivecountermeasures against RE-based attacks and IC/IP piracy.Two major issues exist in current circuit obfuscation techniques. First, the recently proposedSAT-based de-obfuscation attack poses serious threats to the effectiveness of circuit obfuscationtechniques. For the current anti-SAT approaches (such as CamoPerturb [31], And-Tree [32], Anti-SAT [33]), they are either vulnerable to bypass/removal attacks [34, 35], or can be revealed byapproximate attacks [36, 37]. Second, the delay, power, and area overhead of the state-of-the-art circuit obfuscation strategies are so high that they cannot be applied in commercial circuits,especially when the security requirement is high. For example, an obfuscating units that can beeither
NAND , NOR , or
XOR has 5 . × -5 . × higher power, 4 × larger area, and 1 . × -1 . × longer delaycompared to a conventional NAND or NOR logic gate [30].To meet the above challenges in CMOS-based obfuscation methods, researchers have attempted toexploit the unique properties in post-CMOS emerging devices to perform obfuscation. For example,polymorphic gates have been designed with the tunable polarity of SiNW FET [25], MRAM is usedto replace SRAM to configure the functionalities of multiplexers [26, 27], and spintronic devices aredesigned to be able to perform one of the multiple functionalities with identical layout [38–40]. Byutilizing the intrinsic features (such as tunable polarity) in these emerging devices, one can reducethe performance overhead dramatically.Due to the current sensing property and the fact that current can be accumulated, spintronic issuitable to implement general-purpose computing-in-memory, and such CIM architecture facilitatesobfuscating the function that is implemented in the memory array. Therefore, SpinCIM naturallyfacilitates computing-in-memory and thus obfuscation. Now we elaborate how
SpinCIM -enabled
ACM J. Emerg. Technol. Comput. Syst., Vol. 1, No. 1, Article 1. Publication date: January 2020. ardware Security in Spin-Based Computing-In-Memory: Analysis, Exploits, and Mitigation Techniques 1:7 obfuscation solution will have no chip area overhead and can be secure against SAT-based attacks.Recall that in
SpinCIM paradigm, some portion of the computation will be completed in the STT-MRAM array to reduce the data transfer between memory and CPU. The
SpinCIM instructions,consisting of the type of the operation and the memory address of the operands, will be send tothe memory array. More specifically, memory address of the operands will be sent to the addressdecoder unit to enable corresponding word-lines, and the type of the operation will be sent to thememory control unit. Then the control unit generates corresponding control signals to completethe computations [16]. Different functions can be implemented with exactly the same hardwarememory units and the same peripheral circuity of STT-MRAM memory array. It is the run-timecontrol signals that will determine the functionality implemented by the STT-MRAM memoryarray (see Fig. 5). In other words, the portion of computation performed in the STT-MRAM arrayhas been obfuscated naturally. At this point, as long as the designer decides which portion to beimplemented in STT-MRAM array, there is no hardware overhead for the obfuscation. To achieve ahigher level of obfuscation and protect the peripheral circuit design, the designer may obfuscate theperipheral circuity in order not to give the attacker any hint on the functions that are implementedin the STT-MRAM array. The peripheral circuity of STT-MRAM array normally only takes a verysmall percentage of the whole circuit, thus the overhead, if any, will be negligible [16].As the right half of Fig. 5 shows, an RE attacker might be able to obtain the netlist and be able tosolve the portion of the computation that is implemented in the traditional CMOS technology byarithmetic unit, even it is obfuscated. To perform SAT-based de-obfuscation attacks, the attackerneeds to get the gate-level netlist which consists of conventional logic gates and obfuscated gates,the oracle function, and the set of possible functionalities of obfuscated gates. Even if the attackeris able to get the oracle function of the circuit, in SpinCIM-enabled obfuscation, the obfuscatedfunctions that are implemented in the STT-MRAM array appear as identical memory array for anRE attacker, and the obfuscated peripheral circuit reveals nothing about the possible functionalitiesin SpinCIM. As a result, SAT-based attacks cannot be formed, and this solution will be secureagainst existing SAT-based attacks. Without the knowledge of this portion of the computation, theincomplete design the attacker has obtained from the traditional CMOS implementation also mightbecome meaningless.The key challenge for
SpinCIM -enabled obfuscation techniques is how to split the functions intoCMOS implementation and
SpinCIM implementation and how to make them co-operate efficientlyat the high level [41, 42]. Those computation-intensive applications with simple few control logicis suitable to be implemented by
SpinCIM , and for specific computations, the benefits can bemaximized when the operation data are from memory and the result data needs to be stored backto memory. Overall, it needs the device to algorithm level collaborations and much more relatedresearch to apply SpinCIM.
Side channel attacks aim to reveal the sensitive or secret information by analyzing the data thatcan be obtained during the execution of a computer system through channels such as powerconsumption profile and timing delay [43]. Since it was first reported, side channel attack hasbecome one of the most powerful and effective attacks and poses threats to the security of computersystem [44].In STT-MRAM array, asymmetry exists in the
Read and
Write operations, which facilitatesstatistical analysis. We have performed device and circuit simulations for memory operations.Specifically, at the device level, we jointly use the Brinkman model and Landau-Lifshitz-Gilbert(LLG) equation to characterize MTJ, and the key parameters for MTJ simulation are demonstratedin Table 1. For the circuit level simulation, a Verilog-A core block of STT-MRAM device is designed
ACM J. Emerg. Technol. Comput. Syst., Vol. 1, No. 1, Article 1. Publication date: January 2020. :8 X. Wang et al.
ACReduced Data Transfer AC Increased Operation CategoriesControl UnitALU Cache
CPU Conventional STT-MRAM ArraySpinCIM-enhanced STT-MRAM Array
Bank 1 Bank N … Read/Write
Bank 1 Bank N … ControlAddr_op1, Addr_op2, Addr_resultData: Data_op1, Data_op2, Data_resultControlAddr_op1, Addr_op2, Addr_resultControl UnitALU Cache
CPU
SpinCIM SpinCIM
Read/Write/CimNOT/CimAND/CimOR/CimNAND/CimNOR/CimXOR/CimADD... (a)
ACReduced Data Transfer AC Increased Operation CategoriesControl UnitALU Cache
CPU Conventional STT-MRAM ArraySpinCIM-enhanced STT-MRAM Array
Bank 1 Bank N … Read/Write
Bank 1 Bank N … ControlAddr_op1, Addr_op2, Addr_resultData: Data_op1, Data_op2, Data_resultControlAddr_op1, Addr_op2, Addr_resultControl UnitALU Cache
CPU
SpinCIM SpinCIM
Read/Write/CimNOT/CimAND/CimOR/CimNAND/CimNOR/CimXOR/CimADD... (b)
Fig. 6. Reduced side channel information leakage and complex side channel analysis. (a) Traditional datatransfer pattern. (b) Data transfers in
SpinCIM computing paradigm. to build the circuit with a 45nm free Product Development Kit (PDK) library in Cadence. As demon-strated in Table 2, the latency and current of
Write are higher than those for
Read . Furthermore,switching to P state is easier than switching to AP state, which is known as the polarity-dependentasymmetry for Write latency and
Write current. As a result, writing logic ‘1’ and writing logic ‘0’incur different latency and current. These features introduce major security vulnerabilities whichhave been exploited by side channel attackers who can monitor the signatures during memory
Read/Write operations to compromise data privacy [28, 45–47]. For example, as demonstrated inFig. 6(a), a side channel attacker can monitor the timing information of the data movement intoand out of the STT-MRAM memory array when the hardware runs cryptography applications.To mitigate the security vulnerabilities in the STT-MRAM array, researchers have tried variousstrategies to wipe out the side channel signatures. Representative ones include parity encoding,short retention, and constant current write techniques [28]. To equalize the performance of differentmemory operations, these countermeasures need to slow down the fast operations and to increasethe power consumption of low-energy operations. This brings significant design overheads in termsof delay and power. Next, as shown in Fig. 6(b), we demonstrate that
SpinCIM is able to thwart sidechannel attacks on STT-MRAM memory array because of the following two features.
Increased operation types.
In standard STT-MRAM array, there are only two operations betweenmemory and CPU. The
Read operation that reads data from specified memory address then sendsthe data to CPU; and the
Write operation that receives data from CPU then writes the data intospecified memory address. As shown in Table 2, four levels of side channel information duringreading ‘1’, reading ‘0’, writing ‘1’, and writing ‘0’ can be monitored and analyzed. A side channel
ACM J. Emerg. Technol. Comput. Syst., Vol. 1, No. 1, Article 1. Publication date: January 2020. ardware Security in Spin-Based Computing-In-Memory: Analysis, Exploits, and Mitigation Techniques 1:9
Table 1. Key Parameters for MTJ Simulation.
Parameter ValueMTJ Surface Length 40 nm MTJ Surface Width 40 nm Spin Hall Angle 0 . − Ω · m Oxide Barrier Thickness 0 . nm TMR 100%Saturation Field 10 A / m Gilbert Damping Constant 0 . . × A / m Temperature 300 K Table 2. Delay and Energy Consumption of
Read/Write
Operations in Standard STT-MRAM Array.
Operation Delay ( ns ) Energy ( f J )Read ‘1’ 0.6 8.611Read ‘0’ 0.6 7.669Write ‘1’ 4.4 233.300Write ‘0’ 3.3 191.400 Table 3. Delay and Energy Consumption of
Read/Write and
SpinCIM
Operations in Enhanced STT-MRAMArray.
Operation Delay ( ns ) Energy ( f J )Read ‘1’ 0.63 22.69Read ‘0’ 0.67 23.85Write ‘1’ 4.40 244.64Write ‘0’ 3.30 202.70CimNOT 0.60 22.20CimAND 0.55 22.30CimOR 0.53 22.90CimNAND 0.45 18.89CimNOR 0.45 21.00CimXOR 0.53 26.34CimADD 0.53 26.32 attacker will be able to differentiate the Read/Write operations, and analyze the number of ‘1’/‘0’in a word with statistical methods.However, in SpinCIM STT-MRAM array [16], there are 11 possible operations. Besides the basic
Read and
Write operations, it also supports
CimNOT , CimAND , CimOR , CimNAND , CimNOR , CimXOR and
CimADD operations . Table 3 gives the delay and power of these SpinCIM operations. This makes sidechannel attacks much more complex. For instance, some of the logic computation operations suchas CimNOT , CimAND , CimOR , CimNAND , CimNOR , CimXOR and
CimADD have similar delay and power Note that the number of enabled possible logic functions by
SpinCIM depends on the peripheral circuits of the STT-MRAMarray and it can slightly vary with different
SpinCIM implementations.ACM J. Emerg. Technol. Comput. Syst., Vol. 1, No. 1, Article 1. Publication date: January 2020. :10 X. Wang et al. consumption as
Read ‘1’/‘0’. Therefore, identifying
Read ‘1’/‘0’ will become more challenging. Asanother example, when SpinCIM logic computation results are required to be written into a specificmemory address, which means a
SpinCIM logic computation operation may be followed by a
Write operation. In this case, a
SpinCIM computation operation plus a
Write ‘0’ operation can obscure a
Write ‘1’ operation since they have similar delays and power consumption.
Reduced data transfers.
In conventional logic computation instructions, the operation dataneeds to be read from the memory and sent to CPU, the computation result also needs to be sentback to the memory from CPU. The operation data and the result data are transferred betweenCPU and memory though system bus, giving the side channel attacker more opportunities toexploit the information leakage in the system bus to reveal the transferred data. While in
SpinCIM logic computations, only the instructions that include the operation/result data addresses and theoperation type are sent to the memory, then all the operations will be completed within the memory.The operation mechanism of
SpinCIM decreases the data transfers between CPU and memory,thus reducing the risks of being exploited and attacked by adversary side channel attackers. Notethat there are various types of side-channel attacks. For those that exploit the operation typeinformation, SpinCIM may confuse the attacker with the increased number of operation types.And for the cases that the attacker tries to utilize the operation data for secret analysis,
SpinCIM prevents the attack from exploiting operation data information leakage in the system bus.Current consumption trace matters in power-based side channel attacks, and the energy inTable 2 and Table 3 is the integral of the product of current and voltage, which is closely relatedto the current consumption. Assume that the objective of SCA is to retrieve the internal secretkey k of a crypto-algorithm, and the adversary can observe the input p and the overall powerconsumption. The attacker will find an intermediate result v (such as the current consumptiontrace) that depends on both p and k . By observing the side-channel leakage of v , a hypothesis teston the key value k can be created, and it can be expressed as: L ( k ∗ ) = f k ∗ ( p ) + ε . The function f k ∗ isdependent on the crypto-algorithm and the specific implementation. The error ε is an independentnoise variable, defined by other unrelated activity in the crypto-implementation and measurementerrors [48]. Several types of power-based side channel analysis have been formulated starting fromthis relation, such as Correlation Power Analysis (CPA) and Simple Power Analysis (SPA). In bothcases, for SpinCIM computing paradigm, the increased operation types could increase noise ε , andthe reduced data transfer makes the exact formulation of function f more difficult. As a result,SpinCIM offers considerable resilience against side channel attacks. Numerous advantages have been demonstrated in
SpinCIM . From the performance perspective,it is able to alleviate the memory wall bottleneck in Von-Neumann computer structures. Andfrom the security perspective, as demonstrated in this paper, it is a natural fit for some protectiveor preventive hardware security techniques. However, the precondition to apply
SpinCIM forperformance improvement and security enhancement is that
SpinCIM itself should be robust andsecure enough. In this section, we analyze the intrinsic security vulnerabilities in
SpinCIM , anddemonstrate a case study in practical attacking scenarios to gain a glimpse of the security issueswithin
SpinCIM . Finally we discuss some potential mitigation techniques.
In standard STT-MRAM array, the current flowing through SL ( I SL ) has two possible values, i.e. I P and I AP . The TMR (( R AP − R P )/ R P ) usually lies between 100% and 200% [49]. How to sense thecurrent difference accurately to achieve reliable memory read has been a vital challenge for thecommercial adoption of STT-MRAM. Both process variations and environmental factors (such as ACM J. Emerg. Technol. Comput. Syst., Vol. 1, No. 1, Article 1. Publication date: January 2020. ardware Security in Spin-Based Computing-In-Memory: Analysis, Exploits, and Mitigation Techniques 1:11 .
00 6 .
29 6 .
57 6 .
86 7 .
14 7 .
43 7 .
71 8 .
00 8 .
28 8 .
57 8 .
85 9 .
14 9 .
43 9 .
71 10 .
00 10 .
28 10 .
57 10 .
85 11 .
14 11 .
42 11 .
71 11 .
99 12 .
28 12 .
57 12 .
85 13 .
14 13 .
42 13 .
71 13 .
99 14 .
28 14 .
56 14 .
85 15 .
13 15 .
42 15 .
71 15 .
99 16 .
28 16 .
56 16 .
85 17 . F r e qu e n c y Current (uA) I AP I P Read margin .
00 15 .
32 15 .
64 15 .
97 16 .
29 16 .
61 16 .
93 17 .
26 17 .
58 17 .
90 18 .
22 18 .
54 18 .
87 19 .
19 19 .
51 19 .
83 20 .
16 20 .
48 20 .
80 21 .
12 21 .
45 21 .
77 22 .
09 22 .
41 22 .
73 23 .
06 23 .
38 23 .
70 24 .
02 24 .
35 24 .
67 24 .
99 25 .
31 25 . F r e qu e n c y Current (uA) I AP,AP I AP,P I P,P
Left read margin Right read margin (a) .
00 6 .
29 6 .
57 6 .
86 7 .
14 7 .
43 7 .
71 8 .
00 8 .
28 8 .
57 8 .
85 9 .
14 9 .
43 9 .
71 10 .
00 10 .
28 10 .
57 10 .
85 11 .
14 11 .
42 11 .
71 11 .
99 12 .
28 12 .
57 12 .
85 13 .
14 13 .
42 13 .
71 13 .
99 14 .
28 14 .
56 14 .
85 15 .
13 15 .
42 15 .
71 15 .
99 16 .
28 16 .
56 16 .
85 17 . F r e qu e n c y Current (uA) I AP I P Read margin .
00 15 .
32 15 .
64 15 .
97 16 .
29 16 .
61 16 .
93 17 .
26 17 .
58 17 .
90 18 .
22 18 .
54 18 .
87 19 .
19 19 .
51 19 .
83 20 .
16 20 .
48 20 .
80 21 .
12 21 .
45 21 .
77 22 .
09 22 .
41 22 .
73 23 .
06 23 .
38 23 .
70 24 .
02 24 .
35 24 .
67 24 .
99 25 .
31 25 . F r e qu e n c y Current (uA) I AP,AP I AP,P I P,P
Left read margin Right read margin (b)
Fig. 7. (a) Read margin in normal
Read operation. (b) Read margins in
SpinCIM operations. temperature and magnetic field) can affect the reliability of STT-MRAM. As a result, there have beenextensive studies on this reliability issue and corresponding countermeasures, such as increasingTMR and adopting ECC (error-correction codes) strategies [50–56]. In this paper, we focus on thesecurity and reliability issues that emerge with the new
SpinCIM computing paradigm.For
SpinCIM operations, the reliability problem is more challenging. Recall that in Fig. 3, for two-input
SpinCIM computations, the current flowing through SL is the sum of currents flowing throughtwo MTJs, thus has three possible values, i.e. I P , P , I P , AP // I AP , P2 and I AP , AP . Therefore, different withnormal Read operation, which has only one read margin between I P and I AP , in SpinCIM operations,there are two read margins, one between I AP , AP and I AP , P , and the other one between I AP , P and I P , P . Simulation results in Fig. 7(a) and Fig. 7(b) demonstrate the read margin in conventionalSTT-MRAM array and the read margins in SpinCIM -enhanced STT-MRAM array. We can see thateach of the
SpinCIM read margin is smaller than that in normal
Read operation. Specifically, innormal
Read operation, the read margin between I P and I AP is about 5 . µA , while in SpinCIM operations, the read margin between I AP , AP and I AP , P is about 3 . µA , and the read margin between I AP , P and I P , P is about 2 . µA . The small read margins in SpinCIM could result in higher decisionfailure rates and make it more challenging to ensure reliable computations. This can be exploitedby malicious attackers and we will demonstrate a case study in practical scenarios. This paper assumes I P , AP equals to I AP , P , and the rest of the paper will denote both I P , AP and I AP , P with I AP , P .ACM J. Emerg. Technol. Comput. Syst., Vol. 1, No. 1, Article 1. Publication date: January 2020. :12 X. Wang et al. In this part, we investigate the security vulnerabilities of
SpinCIM with a case study of authenti-cation system. It is demonstrated that an attacker is able to bypass the authentication by simplymanipulating the thermal conditions of STT-MRAM array.Authentication system is widely used in most of the information systems and services. It providesaccess control for protected resources (such as the credit card numbers) by checking whether auser’s credentials match the authorized users database. In normal modes, users are identifiedwith a username and a password. When the username and password are both correct, the useris authorized to access the system. Such access control principle can be implemented with thefollowing high-level programming sentences:IF (username is correct AND password is correct){THEN validate pass, enter the system!}In the low-level implementation, it needs to check the username and password that are typed inby the user (represented as u t and p t ) with the username and password items in the authorized usersdatabase (represented as u d and p d ). Checking whether two items are identical can be achievedwith the XNOR operation: x XNOR y = 1 when x equals y , otherwise, x XNOR y = 0. To reduce the datatransfer bottleneck, the authentication process may be accomplished in the enhanced STT-MRAMarray. Thus the user is authorized to the system if and only if : ( u t CimXNOR u d ) CimAND ( p t CimXNOR p d ) = CimXNOR operation can be typically realized as below [16]:u t CimXNOR u d = ( u t CimAND u d ) OR ( u t CimNOR u d ) (2)p t CimXNOR p d = ( p t CimAND p d ) OR ( p t CimNOR p d ) (3)Assume that a malicious attacker judiciously trigger a certain mistake to perform certain CimAND function as
CimOR (the feasibility will be discussed later), then the attacker is able to conducteffective bypass access control attack.By triggering the
CimAND in Equation (1) as
CimOR , the judgment becomes: ( u t CimXNOR u d ) CimOR ( p t CimXNOR p d ) Therefore, the attacker gains access to the system when either the username is correct or thepassword is correct. The corresponding high-level control sentence is:IF (username is correct OR password is correct){THEN validate pass, enter the system!}As a result, even though the attacker is not aware of the passwords, he is able to access thesystem simply with a correct username. And username is easy to be pirated because it is mostlyrelated to the user’s phone numbers or real names thus easy to guess, and usually not technicallyprotected.A more powerful attack can be launched to bypass both user and password authentications. Bytriggering
CimAND in Equation (2) as
CimOR , it becomes ( u t CimOR u d ) OR ( u t CimNOR u d ) = ( u t + u d ) + u t + u d = ACM J. Emerg. Technol. Comput. Syst., Vol. 1, No. 1, Article 1. Publication date: January 2020. ardware Security in Spin-Based Computing-In-Memory: Analysis, Exploits, and Mitigation Techniques 1:13
Table 4. Truth Table for
CimAND and
CimOR
Operations.
Logic MTJ States I SL FunctionCimAND † CimOR ‡
0, 0 AP, AP I AP , AP I AP , P I AP , P I P , P † I ref − and ∈ ( I AP , P , I P , P ) ‡ I ref − or ∈ ( I AP , AP , I AP , P ) I AP,AP I AP,P I P,AP I P,P I ref-or I ref-and Fig. 8. Confusion between I AP , P and I ref − and . Similar manipulation can be applied to Equation (3). Then Equation (1) becomes1
CimAND = . Corresponding high-level access control sentence isIF (Always True){THEN validate pass, enter the system!}As a result, all users that attempt to gain access to the system, including the illegal users, areauthorized to enter the system.
Feasibility of triggering
CimAND as CimOR . Table 4 demonstrates the truth table of
CimAND and
CimOR operations. Only when the two MTJ states are AP and P , CimAND and
CimOR have differentoutputs: logic ‘0’ and logic ‘1’, respectively. Therefore, as demonstrated in Fig. 8, to trick
CimAND into
CimOR , I AP , P needs to be sensed as larger than I ref − and . Recall that the read margin between I AP , P and I P , P is smaller than other read margins, it is easier to confuse I AP , P with I ref − and . In thiscase, the output under AP , P will be mistakenly computed as logic ‘1’, which is the correct output of CimOR .To evaluate the failure rate of performing
CimAND as CimOR operation, we conduct 10000 MonteCarlo simulations for
CimAND operations under natural conditions and intentional attack conditions.In the intentional attacking scenario, the target MTJs are dealt with laser heat in the same wayas [57]. While the resistance of P -state MTJ is relatively stable under laser heat conditions, theresistance of AP -state MTJ demonstrates an obvious declining trend. Accordingly, under laser heat, I AP , P will slightly increase, and be more closer to I ref − and , resulting in a higher possibility to sense I AP , P as larger than I ref − and . The simulation results in Table 5 validate that the main failure of ACM J. Emerg. Technol. Comput. Syst., Vol. 1, No. 1, Article 1. Publication date: January 2020. :14 X. Wang et al.
Table 5.
CimAND
Failure Rates Under Natural Conditions and Laser Heat Conditions.
Failure Natural With Laser Heat20℃ 50℃ 100℃ I AP , P > I ref − and .
5% 0 .
6% 4 . I AP , AP > I ref − and . CimAND come from I AP , P > I ref − and . Under natural conditions, the failure rate of I AP , P > I ref − and is0 . I AP , P > I ref − and increases to 4 . . × higher than the natural conditions. Such high failure rate of CimAND greatly threatens thesecurity of computer systems that employ
SpinCIM . To relieve the reliability problem in
SpinCIM computations, extending ECC strategies [16] havebeen proposed. It tries to detect and correct the sensing errors. However, as demonstrated in Fig. 3,
SpinCIM does not sense the individual resistance state of the input MTJs. Instead, only the sum ofthe currents of the two MTJs matters. Therefore, the extended ECC scheme to correct the senseerrors in input MTJs is insufficient in correcting errors in
SpinCIM computations.Recall that the factors that affect the robustness of
SpinCIM are the degraded sensing marginsand external disturbance. Increasing the TMR of MTJ to increase the sensing margins is one effectiveway, however, it is out of the scope of this paper and much research has put emphasis on thistopic. For the external disturbance, a possible countermeasure is to design sense amplifier in adisturbance-aware way. Take the laser heat disturbance for example, assuming that before laserheated, the three possible MTJ currents are I AP , AP , I AP , P and I P , P , and after being laser heated,they become (cid:0) I AP , AP + α (cid:1) , (cid:0) I AP , P + β (cid:1) and (cid:0) I P , P + γ (cid:1) , respectively, where 0 < α < β < γ . Thenthe reference currents of CimOR , namely I ref − or , can be accordingly adjusted from I AP , AP + I AP , P to I AP , AP + I AP , P + α + β , and I ref − and can be accordingly adjusted from I AP , P + I P , P to I AP , P + I P , P + β + γ . Although apreliminary thought of the possible mitigation method is discussed, its implementation detail andits effectiveness need much more further in-depth study. In addition, how to assure the reliabilityof SpinCIM remains an open question, we may focus on this issue in the future work. With the unique features of computing,
SpinCIM has demonstrated a lot of advantages in facilitatinghardware security techniques. For circuit obfuscation techniques, functions that are implemented inenhanced STT-MRAM array can be judiciously hidden from a reverse engineering attacker. As forthwarting side channel attack,
SpinCIM reduces the data transfers between CPU and memory thusreduces side channel information leakages, and increases the operation types within the STT-MRAMarray, thus complicates the malicious power or timing side channel analysis. However, in additionto these positive features,
SpinCIM also exposes some security vulnerabilities due to the degradedread margins and being sensitive to external disturbance. A case study in authentication systemsdemonstrates that an attacker is able to achieve Trojan-similar attacks by simply manipulatingthe thermal conditions of STT-MRAM, even without the need for circuit modifications. Possiblemitigation methods are discussed while future in-depth study is still needed.Perhaps the biggest challenge for both
SpinCIM and
SpinCIM security applications is the codemapping and the data mapping problem. Code mapping decides which operations should beexecuted in memory and which operations should be executed in CPU and how to make them
ACM J. Emerg. Technol. Comput. Syst., Vol. 1, No. 1, Article 1. Publication date: January 2020. ardware Security in Spin-Based Computing-In-Memory: Analysis, Exploits, and Mitigation Techniques 1:15 co-operate efficiently, while data mapping decides how should data be mapped to the STT-MRAMarray. Most of the CIM techniques only support computations when the operation data are stored inthe same bank, mapped to different rows, and stored in the same set of columns. Code mapping anddata mapping research need collaboration work from the device, logic, architecture and applicationlevels. Only when the
SpinCIM computing paradigm becomes mature in all design levels, itsapplication for hardware security can be enriched, and its intrinsic security vulnerabilities can besolved better.Also previously, security has often been considered as an afterthought, with performance domi-nating the design requirements, resulting in numerous security vulnerabilities. While
SpinCIM isnewly proposed and still in exploration progress, it provides an opportunity to reconsider security asa first class requirement at the design stage. Research on
SpinCIM security should synchronize withthe study in
SpinCIM computing paradigm. To this end, more hardware security opportunities andchallenges that are related to
SpinCIM will emerge with the more and more in-depth investigationin
SpinCIM , thus deserves to be given full attention in future works.
Spin-based computing in memory techniques have demonstrated promise in alleviating memorywall challenges in traditional Von-Neumann architectures, thus has attracted attention from bothindustry and academia communities. In this paper, we have studied
SpinCIM from a securityperspective. We have investigated the feasibility to enhance hardware security with the uniqueproperties in
SpinCIM computing paradigm and found that
SpinCIM was a natural fit for somesecurity applications. We have also discussed about the possible security vulnerabilities in
SpinCIM and demonstrated with a case study in practical attacking scenarios, then discussed possiblemitigation techniques and presented an outlook to the future research for
SpinCIM security.
REFERENCES [1] Sally A McKee. Reflections on the memory wall. In
Proceedings of Conference on Computing frontiers , page 162, 2004.[2] Mengxing Wang, Wenlong Cai, Kaihua Cao, Jiaqi Zhou, Jerzy Wrona, Shouzhong Peng, Huaiwen Yang, Jiaqi Wei,Wang Kang, Youguang Zhang, et al. Current-induced magnetization switching in atom-thick tungsten engineeredperpendicular magnetic tunnel junctions with large tunnel magnetoresistance.
Nature communications , 9(1):671, 2018.[3] Q. Dong, Z. Wang, J. Lim, Y. Zhang, Y. Shih, Y. Chih, J. Chang, D. Blaauw, and D. Sylvester. A 1mb 28nm stt-mram with2.8ns read access time at 1.2v vdd using single-cap offset-cancelled sense amplifier and in-situ self-write-termination.In
IEEE International Solid State Circuits Conference (ISSCC) , 2018.[4] Moritz Lipp, Michael Schwarz, Daniel Gruss, Thomas Prescher, Werner Haas, Anders Fogh, Jann Horn, Stefan Mangard,Paul Kocher, Daniel Genkin, et al. Meltdown: Reading kernel memory from user space. In
Proceedings of USENIXSecurity Symposium USENIX Security , pages 973–990, 2018.[5] You Wang, Hao Cai, Lirida AB Naviner, Jacques-Olivier Klein, Jianlei Yang, and Weisheng Zhao. A novel circuit designof true random number generator using magnetic tunnel junction. In
Proceedings of International Symposium onNanoscale Architectures (NANOARCH) , pages 123–128, 2016.[6] Anirudh Iyengar, Swaroop Ghosh, Kenneth Ramclam, Jae-Won Jang, and Cheng-Wei Lin. Spintronic pufs for security,trust, and authentication.
ACM Journal on Emerging Technologies in Computing Systems (JETC) , 13(1):4, 2016.[7] Elena Ioana Vatajelu, Giorgio Di Natale, and Paolo Prinetto. Security primitives (puf and trng) with stt-mram. In
Proceedings of VLSI Test Symposium (VTS) , pages 1–4, 2016.[8] Jongyeon Kim, Ayan Paul, Paul A. Crowell, Steven J. Koester, Sachin S. Sapatnekar, Jianping Wang, and Chris H.Kim. Spin-based computing: Device concepts, current status, and a case study on a high-performance microprocessor.
Proceedings of the IEEE , 103(1):106–130, 2015.[9] Jianlei Yang, Peiyuan Wang, Yaojun Zhang, Yuanqing Cheng, Weisheng Zhao, Yiran Chen, and Hai Helen Li. Radiation-induced soft error analysis of STT-MRAM: A device to circuit approach.
IEEE Transactions on Computer-Aided Designof Integrated Circuits and Systems , 35(3):380–393, 2015.[10] Kaihua Cao, Wenlong Cai, Yizheng Liu, Huisong Li, Jiaqi Wei, Hushan Cui, Xiaobin He, Junjie Li, Chao Zhao, andWeisheng Zhao. In-memory direct processing based on nanoscale perpendicular magnetic tunnel junctions.
Nanoscale ,10(45):21225–21230, 2018.ACM J. Emerg. Technol. Comput. Syst., Vol. 1, No. 1, Article 1. Publication date: January 2020. :16 X. Wang et al. [11] Yinglin Zhao, Peng Ouyang, Wang Kang, Shouyi Yin, Youguang Zhang, Shaojun Wei, and Weisheng Zhao. An stt-mrambased in memory architecture for low power integral computing.
IEEE Transactions on Computers , 68(4):617–623, 2019.[12] Yiran Chen and Xiaobin Wang. Compact modeling and corner analysis of spintronic memristor. In , pages 7–12. IEEE, 2009.[13] Junwhan Ahn, Sungjoo Yoo, Onur Mutlu, and Kiyoung Choi. Pim-enabled instructions: a low-overhead, locality-awareprocessing-in-memory architecture. In
Proceedings of the International Symposium on Computer Architecture (ISCA) ,pages 336–348, 2015.[14] Xiaoxiao Liu, Mengjie Mao, Beiye Liu, Hai Li, Yiran Chen, Boxun Li, Yu Wang, Hao Jiang, Mark Barnell, Qing Wu,et al. Reno: A high-efficient reconfigurable neuromorphic computing accelerator design. In
Proceedings of DesignAutomation Conference (DAC) , pages 1–6, 2015.[15] Shankar Ganesh Ramasubramanian, Rangharajan Venkatesan, Mrigank Sharad, Kaushik Roy, and Anand Raghunathan.Spindle: Spintronic deep learning engine for large-scale neuromorphic computing. In
Proceedings of InternationalSymposium on Low power Electronics and Design (ISLPED) , pages 15–20, 2014.[16] Shubham Jain, Ashish Ranjan, Kaushik Roy, and Anand Raghunathan. Computing in memory with spin-transfertorque magnetic RAM.
IEEE Transactions on Very Large Scale Integration Systems (VLSI) , 26(3):470–483, 2018.[17] Zamshed I. Chowdhury, Jonathan D. Harms, S. Karen Khatamifard, Masoud Zabihi, Yang Lv, Andrew Lyle, Sachin S.Sapatnekar, Ulya R. Karpuzcu, and Jianping Wang. Efficient in-memory processing using spintronics.
ComputerArchitecture Letters , 17(1):42–46, 2018.[18] Shuangchen Li, Cong Xu, Qiaosha Zou, Jishen Zhao, Yu Lu, and Yuan Xie. Pinatubo: a processing-in-memoryarchitecture for bulk bitwise operations in emerging non-volatile memories. In
Proceedings of Design AutomationConference (DAC) , pages 173:1–173:6, 2016.[19] Wang Kang, Haotian Wang, Zhaohao Wang, Youguang Zhang, and Weisheng Zhao. In-memory processing paradigmfor bitwise logic operations in stt–mram.
IEEE Transactions on Magnetics , 53(11):1–4, 2017.[20] Farhana Parveen, Zhezhi He, Shaahin Angizi, and Deliang Fan. Hielm: Highly flexible in-memory computing using sttmram. In
Proceedings of Asia and South Pacific Design Automation Conference (ASP-DAC) , pages 361–366, 2018.[21] Masoud Rostami, Farinaz Koushanfar, and Ramesh Karri. A primer on hardware security: Models, methods, andmetrics.
Proceedings of the IEEE , 102(8):1283–1295, 2014.[22] Mohammad Tehranipoor and Farinaz Koushanfar. A survey of hardware trojan taxonomy and detection.
IEEE design& test of computers , 27(1), 2010.[23] Mohammad Tehranipoor and Cliff Wang.
Introduction to hardware security and trust . Springer Science & BusinessMedia, 2011.[24] Yier Jin. Introduction to hardware security.
Electronics , 4(4):763–784, 2015.[25] An Chen, Xiaobo Sharon Hu, Yier Jin, Michael T. Niemier, and Xunzhao Yin. Using emerging technologies for hardwaresecurity beyond pufs. In
Proceedings of Design, Automation & Test in Europe Conference DATE , pages 1544–1549, 2016.[26] Theodore Winograd, Hassan Salmani, Hamid Mahmoodi, Kris Gaj, and Houman Homayoun. Hybrid STT-CMOSdesigns for reverse-engineering prevention. In
Proceedings of Design Automation Conference (DAC) , pages 88:1–88:6,2016.[27] Jianlei Yang, Xueyan Wang, Qiang Zhou, Zhaohao Wang, Hai Li, Yiran Chen, and Weisheng Zhao. Exploiting spin-orbittorque devices as reconfigurable logic for circuit obfuscation.
IEEE Transactions on Computer-Aided Design of IntegratedCircuits and Systems , 38(1):57–69, 2019.[28] Anirudh Iyengar, Swaroop Ghosh, Nitin Rathi, and Helia Naeimi. Side channel attacks on STTRAM and low-overheadcountermeasures. In
Proceedings of IEEE International Symposium on Defect and Fault Tolerance in VLSI and Nanotech-nology Systems , pages 141–146, 2016.[29] Jeyavijayan Rajendran, Youngok Pino, Ozgur Sinanoglu, and Ramesh Karri. Security analysis of logic obfuscation. In
Proceedings of Design Automation Conference (DAC) , pages 83–89, 2012.[30] Jeyavijayan Rajendran, Michael Sam, Ozgur Sinanoglu, and Ramesh Karri. Security analysis of integrated circuitcamouflaging. In
Proceedings of ACM SIGSAC Conference on Computer & Communications Security , pages 709–720,2013.[31] Muhammad Yasin, Bodhisatwa Mazumdar, Ozgur Sinanoglu, and Jeyavijayan Rajendran. Camoperturb: secure ICcamouflaging for minterm protection. In
Proceedings of International Conference on Computer-Aided Design (ICCAD) ,page 29, 2016.[32] Meng Li, Kaveh Shamsi, Travis Meade, Zheng Zhao, Bei Yu, Yier Jin, and David Z. Pan. Provably secure camouflagingstrategy for IC protection. In
Proceedings of International Conference on Computer-Aided Design (ICCAD) , page 28, 2016.[33] Muhammad Basin, Bodhisatwa Mazumdar, Ozgur Sinanoglu, and Jeyavijayan Rajendran. Security analysis of anti-sat.In
Proceedings of Asia and South Pacific Design Automation Conference (ASP-DAC) , page to appear, 2017.[34] Xiaolin Xu, Bicky Shakya, Mark M Tehranipoor, and Domenic Forte. Novel bypass attack and bdd-based tradeoffanalysis against all known logic locking attacks. In
Proceedings of International Conference on Cryptographic Hardware
ACM J. Emerg. Technol. Comput. Syst., Vol. 1, No. 1, Article 1. Publication date: January 2020. ardware Security in Spin-Based Computing-In-Memory: Analysis, Exploits, and Mitigation Techniques 1:17 and Embedded Systems , pages 189–210. Springer, 2017.[35] Muhammad Yasin, Bodhisatwa Mazumdar, Ozgur Sinanoglu, and Jeyavijayan Rajendran. Removal attacks on logiclocking and camouflaging techniques.
IEEE Transactions on Emerging Topics in Computing (TETC) , 2017.[36] Kaveh Shamsi, Meng Li, Travis Meade, Zheng Zhao, David Z Pan, and Yier Jin. Appsat: Approximately deobfuscatingintegrated circuits. In
Proceedings of IEEE International Symposium on Hardware Oriented Security and Trust (HOST) ,pages 95–100, 2017.[37] Yuanqi Shen and Hai Zhou. Double dip: Re-evaluating security of logic encryption algorithms. In
Proceedings of GreatLakes Symposium on VLSI (GLSVLSI) , pages 179–184, 2017.[38] Satwik Patnaik, Nikhil Rangarajan, Johann Knechtel, Ozgur Sinanoglu, and Shaloo Rakheja. Advancing hardwaresecurity using polymorphic and stochastic spin-hall effect devices. In
Proceedings of Design, Automation & Test inEurope Conference (DATE) , pages 97–102, 2018.[39] Nikhil Rangarajan, Satwik Patnaik, Johann Knechtel, Ramesh Karri, Ozgur Sinanoglu, and Shaloo Rakheja. Openingthe doors to dynamic camouflaging: Harnessing the power of polymorphic devices. arXiv preprint arXiv:1811.06012 ,2018.[40] Qutaiba Alasad, Jiann Yuan, and Deliang Fan. Leveraging all-spin logic to improve hardware security. In
Proceedingsof Great Lakes Symposium on VLSI (GLSVLSI) , pages 491–494, 2017.[41] Kevin Hsieh, Eiman Ebrahimi, Gwangsun Kim, Niladrish Chatterjee, Mike O’Connor, Nandita Vijaykumar, Onur Mutlu,and Stephen W Keckler. Transparent offloading and mapping (tom): Enabling programmer-transparent near-dataprocessing in gpu systems. In
ACM SIGARCH Computer Architecture News , volume 44, pages 204–216, 2016.[42] Ashutosh Pattnaik, Xulong Tang, Adwait Jog, Onur Kayiran, Asit K Mishra, Mahmut T Kandemir, Onur Mutlu, andChita R Das. Scheduling techniques for gpu architectures with processing-in-memory capabilities. In
Proceedings ofInternational Conference on Parallel Architectures and Compilation , pages 31–44, 2016.[43] Paul C Kocher. Timing attacks on implementations of diffie-hellman, rsa, dss, and other systems. In
Proceedings ofAnnual International Cryptology Conference , pages 104–113. Springer, 1996.[44] YongBin Zhou and DengGuo Feng. Side-channel attacks: Ten years after its publication and the impacts on crypto-graphic module security testing.
IACR Cryptology ePrint Archive , 2005:388, 2005.[45] Swaroop Ghosh, Mohammad Nasim Imtiaz Khan, Asmit De, and Jae-Won Jang. Security and privacy threats to on-chipnon-volatile memories and countermeasures. In
Proceedings of International Conference on Computer-Aided Design(ICCAD) , page 10, 2016.[46] Abhishek Chakraborty, Ankit Mondal, and Ankur Srivastava. Correlation power analysis attack against STT-MRAMbased cyptosystems. In
Proceedings of IEEE International Symposium on Hardware Oriented Security and Trust (HOST) ,page 171, 2017.[47] S Dinesh Kumar and Himanshu Thapliyal. Security evaluation of mtj/cmos circuits against power analysis attacks. In
Proceedings of IEEE International Symposium on Nanoelectronic and Information Systems , pages 117–122, 2017.[48] Patrick Schaumont and Zhimin Chen. Side-channel attacks and countermeasures for embedded microcontrollers. In
Introduction to Hardware Security and Trust , pages 263–282. Springer, 2012.[49] Y. Lu, T. Zhong, W. Hsu, S. Kim, X. Lu, and et al. Fully functional perpendicular stt-mram macro embedded in 40 nmlogic for energy-efficient iot applications. In
Proceedings of IEEE International Electron Devices Meeting (IEDM) , pages26–1, 2015.[50] Wang Kang, Liuyang Zhang, Jacques-Olivier Klein, Youguang Zhang, Dafiné Ravelosona, and Weisheng Zhao. Recon-figurable codesign of stt-mram under process variations in deeply scaled technology.
IEEE Transactions on ElectronDevices , 62(6):1769–1777, 2015.[51] Aynaz Vatankhahghadim, W Song, and Ali Sheikholeslami. A variation-tolerant mram-backed-sram cell for a non-volatile dynamically reconfigurable fpga.
IEEE Transactions on Circuits and Systems II: Express Briefs , 62(6):573–577,2015.[52] Kangho Lee and Seung H Kang. Design consideration of magnetic tunnel junctions for reliable high-temperatureoperation of stt-mram.
IEEE Transactions on Magnetics , 46(6):1537–1540, 2010.[53] He Zhang, Wang Kang, Kaihua Cao, Bi Wu, Youguang Zhang, and Weisheng Zhao. Spintronic processing unit in spintransfer torque magnetic random access memory.
IEEE Transactions on Electron Devices , 2019.[54] Kon-Woo Kwon, Xuanyao Fong, Parami Wijesinghe, Priyadarshini Panda, and Kaushik Roy. High-density and robuststt-mram array through device/circuit/architecture interactions.
IEEE Transactions on Nanotechnology , 14(6):1024–1034,2015.[55] Brandon Del Bel, Jongyeon Kim, Chris H Kim, and Sachin S Sapatnekar. Improving stt-mram density through multibiterror correction. In
Proceedings of Design, Automation & Test in Europe Conference (DATE) , pages 1–6, 2014.[56] Wang Kang, WeiSheng Zhao, Zhaohao Wang, Yue Zhang, Jacques-Olivier Klein, Youguang Zhang, Claude Chappert,and Dafiné Ravelosona. A low-cost built-in error correction circuit design for stt-mram reliability improvement.
Microelectronics Reliability , 53(9-11):1224–1229, 2013.ACM J. Emerg. Technol. Comput. Syst., Vol. 1, No. 1, Article 1. Publication date: January 2020. :18 X. Wang et al. [57] Bi Wu, Yuanqing Cheng, Jianlei Yang, Aida Todri-Sanial, and Weisheng Zhao. Temperature impact analysis and accessreliability enhancement for 1t1mtj stt-ram.