Lightweight True In-Pixel Encryption with FeFET Enabled Pixel Design for Secure Imaging

TL;DR

This paper presents SecurePix, a CMOS-compatible pixel architecture that performs true in-pixel encryption using ferroelectric FETs, significantly enhancing security in imaging pipelines with low hardware overhead.

Contribution

Introducing SecurePix, a novel in-pixel encryption architecture utilizing ferroelectric FETs for secure imaging, simulated in HSPICE with demonstrated strong resistance to neural inference.

Findings

ResNet-18 accuracy drops from 99.29% to 9.58% on MNIST after encryption.

ResNet-18 accuracy drops from 91.33% to 6.98% on CIFAR-10 after encryption.

Per-pixel programming power-delay product is 17 uW us, sensing power-delay is 1.25 uW us.

Abstract

Ensuring end-to-end security in image sensors has become essential as visual data can be exposed through multiple stages of the imaging pipeline. Advanced protection requires encryption to occur before pixel values appear on any readout lines. This work introduces a secure pixel sensor (SecurePix), a compact CMOS-compatible pixel architecture that performs true in-pixel encryption using a symmetric key realized through programmable, non-volatile multidomain polarization states of a ferroelectric field-effect transistor. The pixel and array operations are designed and simulated in HSPICE, while a 45 nm CMOS process design kit is used for layout drawing. The resulting layout confirms a pixel pitch of 2.33 x 3.01 um^2. Each pixel's non-volatile programming level defines its analog transfer characteristic, enabling the photodiode voltage to be converted into an encrypted analog output within the pixel. Full-image evaluation shows that ResNet-18 recognition accuracy drops from 99.29 percent to 9.58 percent on MNIST and from 91.33 percent to 6.98 percent on CIFAR-10 after encryption, indicating strong resistance to neural-network-based inference. Lookup-table-based inverse mapping enables recovery for authorized receivers using the same symmetric key. Based on HSPICE simulation, the SecurePix achieves a per-pixel programming power-delay product of 17 uW us and a per-pixel sensing power-delay product of 1.25 uW us, demonstrating low-overhead hardware-level protection.