Improving the accuracy and robustness of RRAM-based in-memory computing against RRAM hardware noise and adversarial attacks

Sai Kiran Cherupally, Jian Meng, Adnan Siraj Rakin, Shihui Yin, Injune Yeo, Shimeng Yu, Deliang Fan, Jae Sun Seo

Research output: Contribution to journalArticlepeer-review

Abstract

We present a novel deep neural network (DNN) training scheme and resistive RAM (RRAM) in-memory computing (IMC) hardware evaluation towards achieving high accuracy against RRAM device/array variations and enhanced robustness against adversarial input attacks. We present improved IMC inference accuracy results evaluated on state-of-the-art DNNs including ResNet-18, AlexNet, and VGG with binary, 2-bit, and 4-bit activation/weight precision for the CIFAR-10 dataset. These DNNs are evaluated with measured noise data obtained from three different RRAM-based IMC prototype chips. Across these various DNNs and IMC chip measurements, we show that our proposed hardware noise-aware DNN training consistently improves DNN inference accuracy for actual IMC hardware, up to 8% accuracy improvement for the CIFAR-10 dataset. We also analyze the impact of our proposed noise injection scheme on the adversarial robustness of ResNet-18 DNNs with 1-bit, 2-bit, and 4-bit activation/weight precision. Our results show up to 6% improvement in the robustness to black-box adversarial input attacks.

Original languageEnglish (US)
Article number034001
JournalSemiconductor Science and Technology
Volume37
Issue number3
DOIs
StatePublished - Mar 2022

Keywords

  • Adversarial defense with RRAM noise
  • IMC noise-aware training
  • RRAM-friendly DNNs

ASJC Scopus subject areas

  • Electronic, Optical and Magnetic Materials
  • Condensed Matter Physics
  • Electrical and Electronic Engineering
  • Materials Chemistry

Fingerprint

Dive into the research topics of 'Improving the accuracy and robustness of RRAM-based in-memory computing against RRAM hardware noise and adversarial attacks'. Together they form a unique fingerprint.

Cite this