Secure Scan: A Design-for-Test Architecture for Crypto Chips

“…As already mentioned in the introduction, design-fortestability circuitry such as test points and scan chains, may establish a new channel through which the attacker can access protected data [26]. This is especially dangerous if DFT mechanisms are inserted in the end of the design process by DFT engineers who are not fully aware which parts of the circuit are sensitive.…”

Hardware security and test: Friends or enemies?

“…As already mentioned in the introduction, design-fortestability circuitry such as test points and scan chains, may establish a new channel through which the attacker can access protected data [26]. This is especially dangerous if DFT mechanisms are inserted in the end of the design process by DFT engineers who are not fully aware which parts of the circuit are sensitive.…”

Hardware security and test: Friends or enemies?

“…Then before returning again to the functional mode the circuit is again reset so that no data insertion can be done using the scan path. In [4], the authors proposed to isolate the registers containing confidential data from the scan chain, and they require a global reset when switching between user mode and test mode. Both of these solutions require modification of the test protocol.…”

“…It is then necessary to add dedicated protection to ensure that the scan path is not activated during user mode. In [4], the authors propose to add data integrity logic control to the signals driving the MKR so that they detect any fault or brute attack leading to scan activation during the user mode. In [3], the authors identify the scan-enable signal as a high-risk signal since it drives the scan function of each scanned flip-flop.…”

“…In the case of brute-force attack, the security of the test protocol itself is far not enough, indeed for such an attack the protocol is bypassed and the scan directly activated by internal scan signals. Scan chain integrity mechanisms are thus a good complement to protocol security and are proposed in [4] and [3]. Data scrambling is by itself a good protection against brute attack.…”

“…In [3], the integrity mechanism proposed must be designed after synthesis and scan insertion at the gate level, which is not very convenient. The solution proposed by [4] or [10] is easier to implement but does only prevent from scan activation of sensitive registers. In [7], the spy flip-flop can be implemented at RTL level by the IP designer himself but adds cells to the scan path, thus increasing test time and design area.…”

Security challenges during VLSI test

Security and Testing