Memristor-Based Variation-Enabled Differentially Private Learning Systems for Edge Computing in IoT

Edge artificial intelligence (AI) achieves real-time local data analysis for IoT systems, enabling low-power and high-speed operation, but comes with privacy-preserving requirements. The memristor-based computing system is a promising solution for edge AI, but it needs a low-cost privacy protection mechanism due to limited resources. In this article, we propose a noise distribution normalization (NDN) method to add Gaussian distributed noise through hardware implementation, thereby achieving differential privacy in edge AI. Instead of using traditional algorithmic noise-insertion methods, we take advantage of inherent cycle-to-cycle variations of memristors during the weight-update process as the noise source, which does not incur extra software or hardware overhead. In one case study, the proposed method realizes ultralow-cost differentially private stochastic gradient descent (DP-SGD) for edge AI in IoT systems, achieving a 3.5%-15.5% average recognition accuracy improvement under different noise levels, as compared with a baseline mechanism.