Embedding Trust at Scale: Physics-Aware Neural Watermarking for Secure and Verifiable Data Pipelines

TL;DR

This paper introduces a physics-aware neural watermarking framework that securely embeds verifiable marks into scientific data, ensuring robustness against data transformations while maintaining data fidelity, thereby enhancing data integrity in scientific workflows.

Contribution

The paper presents a novel convolutional autoencoder-based neural watermarking method tailored for high-dimensional scientific data, achieving high accuracy and robustness compared to classical techniques.

Findings

Achieves over 98% bit accuracy in watermark extraction.

Maintains sub-1% MSE, preserving data fidelity.

Robust against noise, cropping, and compression transformations.

Abstract

We present a robust neural watermarking framework for scientific data integrity, targeting high-dimensional fields common in climate modeling and fluid simulations. Using a convolutional autoencoder, binary messages are invisibly embedded into structured data such as temperature, vorticity, and geopotential. Our method ensures watermark persistence under lossy transformations - including noise injection, cropping, and compression - while maintaining near-original fidelity (sub-1\% MSE). Compared to classical singular value decomposition (SVD)-based watermarking, our approach achieves $>$98\% bit accuracy and visually indistinguishable reconstructions across ERA5 and Navier-Stokes datasets. This system offers a scalable, model-compatible tool for data provenance, auditability, and traceability in high-performance scientific workflows, and contributes to the broader goal of securing AI systems through verifiable, physics-aware watermarking. We evaluate on physically grounded scientific datasets as a representative stress-test; the framework extends naturally to other structured domains such as satellite imagery and autonomous-vehicle perception streams.