Securing Weights of CIM-Based Neural Networks Against Power Analysis Attacks

Journal Article (2026)
Author(s)

Fouwad Jamil Mir (TU Delft - Electrical Engineering, Mathematics and Computer Science, CognitiveIC)

Abdullah Aljuffri (KACST, TU Delft - Electrical Engineering, Mathematics and Computer Science)

Said Hamdioui (CognitiveIC, TU Delft - Electrical Engineering, Mathematics and Computer Science)

Mottaqiallah Taouil (TU Delft - Electrical Engineering, Mathematics and Computer Science, CognitiveIC)

Research Group
Computer Engineering
DOI related publication
https://doi.org/10.1109/JETCAS.2026.3690257 Final published version
More Info
expand_more
Publication Year
2026
Language
English
Research Group
Computer Engineering
Journal title
IEEE Journal on Emerging and Selected Topics in Circuits and Systems
Downloads counter
11
Reuse Rights

Other than for strictly personal use, it is not permitted to download, forward or distribute the text or part of it, without the consent of the author(s) and/or copyright holder(s), unless the work is under an open content license such as Creative Commons.

Abstract

Computation-in-Memory (CIM) architectures address the rising demand for energy-efficient artificial intelligence (AI) solutions, by minimizing costly data movements between memory and processor. Within such architectures, SRAM-based digital CIM is especially attractive as it preserves the advantages of CIM while avoiding analog complexity. Recent studies have revealed potential weaknesses in these architectures, particularly to power side-channel attacks (SCA) capable of extracting sensitive model parameters (e.g., neural network (NN) weights), which represent the intellectual property of CIM-based neural network systems. In this study, we propose and evaluate two countermeasures to secure SRAM-based CIM architectures against power attacks: (1) Balanced Obfuscated-path countermeasure, and (2) Glitch Aware countermeasure. To validate their effectiveness, we conducted a comprehensive power analysis that successfully demonstrated attacks against an unprotected implementation. Our experimental results demonstrate that both countermeasures significantly improve resistance to power attacks. Although the Balanced Obfuscated-path offers better area overhead and run-time performance, the Glitch Aware approach achieves higher protection against advanced attacks, making each suitable for different design constraints.

Files

Taverne
warning

File under embargo until 07-12-2026