2 IEEE TRANSACTIONS ON COMPUTER-AIDED DESIGN OF INTEGRATED CIRCUITS AND SYSTEMS, VOL. 34, NO. 1, JANUARY 2015
Security Vulnerabilities of Emerging Nonvolatile
Main Memories and Countermeasures
Sachhidh Kannan, Member, IEEE, Naghmeh Karimi, Member, IEEE, Ozgur Sinanoglu, Member, IEEE, and Ramesh Karri, Senior Member, IEEE
Abstract—Emerging nonvolatile memory devices such as phase change memories and memristors are replacing SRAM and
DRAM. However, nonvolatile main memories (NVMM) are susceptible to probing attacks even when powered down. This way, they may compromise sensitive data such as passwords and keys that reside in the NVMM. To eliminate this vulnerability, we propose sneak-path encryption (SPE), a hardware intrinsic encryption technique for memristor-based NVMMs. SPE is instruction set architecture independent and has minimal impact on performance. SPE exploits the physical parameters, such as sneak-paths in crossbar memories, to encrypt the data stored in a memristor-based NVMM. SPE is resilient to a number of attacks that may be performed on NVMMs. We use a cycle accurate simulator to evaluate the performance impact of SPE-based
NVMM and compare against other security techniques. SPE can secure an NVMM with a ∼1.3% performance overhead.
Index Terms—Encryption, hardware security, memory security, memristor, RRAM.
ACCORDING to the International Technology Roadmapfor Semiconductors, emerging nonvolatile memories, such as phase change memories (PCM)  and metaloxide memristors  are candidates for next-generation highperformance and high-density storage due to their nonvolatility, low-power consumption, and support for multilevel cells (MLC), where multiple bits can be stored in a single cell . Nonvolatile main memories (NVMM) built using
PCM and memristor devices are ready replacements for flash memory, and are promising replacements for SRAM cache and
DRAM main memory .
NVMMs provide high density due to their small cell size and their MLC capabilities. NVMMs are energy efficient, tolerant to power failure, and provide “instant-on” (the ability to suspend system operation when powered down and to resume the previous state on power-up). However, using NVMMs
Manuscript received April 3, 2014; revised August 7, 2014; accepted October 10, 2014. Date of publication November 11, 2014; date of current version
December 17, 2014. This paper was recommended by Associate Editor Y. Chen.
S. Kannan and R. Karri are with the Department of Electrical and Computer
Engineering, Polytechnic Institute of New York University, Brooklyn,
NY 11201 USA (e-mail: email@example.com).
N. Karimi was with the Polytechnic Institute of New York University,
Brooklyn, NY 11201 USA. She is now with Rutgers University, Piscataway,
NJ 08854 USA.
O. Sinanoglu is with the Department of Engineering, New York University,
Abu Dhabi, U.A.E.
Color versions of one or more of the figures in this paper are available online at http://ieeexplore.ieee.org.
Digital Object Identifier 10.1109/TCAD.2014.2369741 introduces security vulnerabilities. Sensitive data written to
NVMM persists even when the system is powered down and an attacker with physical access to the system can probe the
NVMM and extract valuable information.
We focus on memristor-based NVMM. For the sake of simplicity, in the following sections, we use NVMM to specifically refer to memristor-based NVMM. We designed a secure
NVMM (SNVMM) that can protect against an attacker with physical access to the NVMM. The design of such a SNVMM has the following five main goals. 1) Preserve the instant-on benefit of NVMM. 2) Always keep data encrypted. 3) Have minimal impact on performance and area. 4) Be instruction set architecture (ISA) independent (i.e., work with any ISA such as X86, ARM, SPARC, and MIPS). 5) Do not modify main memory and processor.
We propose sneak-path encryption (SPE) to secure a
NVMM. SPE is a hardware intrinsic encryption algorithm designed for NVMMs that use MLC. SPE does not modify the processor architecture and is ISA-independent. SPE is orchestrated by an SPE control unit (SPECU) that resides between the NVMM and cache. SPE exploits sneak-paths (unintended and undesirable electrical paths within a circuit) inherent in a memory and physical parameters of the memory to encrypt the data stored in the NVMM. Data encrypted on one NVMM can only be decrypted on that NVMM. Copying the encrypted data from one NVMM to another and decrypting does not yield the original data. SPE has a low latency (∼97.5% less than block ciphers, but higher than stream ciphers) and small area overhead (less than both block and stream ciphers).
This paper is organized as follows. Section II describes prior studies in memory security. Section III-A describes the threat model. Section III-B introduces our proposed SNVMM architecture. SPE technique is presented in Section IV. The integer linear programming (ILP) technique used in SPE is detailed in
Section V. The developed SNVMM architecture is analyzed for resilience in Section VI. Section VII evaluates the performance and area overhead of SNVMM. Section VIII provides a brief discussion of issues relating to SPE such as encryption latency and time to solve the ILP. It also describes the process to port SPE to memory technologies other than memristors. Section IX concludes this paper and discusses future directions. 0278-0070 c© 2014 IEEE. Personal use is permitted, but republication/redistribution requires IEEE permission.
See http://www.ieee.org/publications_standards/publications/rights/index.html for more information.
KANNAN et al.: SECURITY VULNERABILITIES OF EMERGING NVMM AND COUNTERMEASURES 3
II. RELATED WORK
One concern in NVMM security is that an attacker can exploit the limited write endurance to run an application that damages the memory through repeated writes .
Qureshi et al.  proposes a randomized start-gap wear leveling algorithm, which moves a line in the physical memory to a new location before it reaches its endurance limit.