Nonideality-aware training makes memristive networks more robust to adversarial attacks
This work addresses the vulnerability of memristive networks to adversarial attacks, which is crucial for deploying power-efficient AI systems in real-world environments, though it appears incremental as it builds on existing training techniques.
The paper tackled the problem of adversarial robustness in memristive neural networks by investigating nonideality-aware training, finding that it significantly improves robustness even with limited knowledge of test-time nonidealities.
Neural networks are now deployed in a wide number of areas from object classification to natural language systems. Implementations using analog devices like memristors promise better power efficiency, potentially bringing these applications to a greater number of environments. However, such systems suffer from more frequent device faults and overall, their exposure to adversarial attacks has not been studied extensively. In this work, we investigate how nonideality-aware training - a common technique to deal with physical nonidealities - affects adversarial robustness. We find that adversarial robustness is significantly improved, even with limited knowledge of what nonidealities will be encountered during test time.