Securing Scan Control in Crypto Chips

“…The test protocol solution consists of disabling the test feature in user mode (i.e., when the system is handling confidential data). To protect confidential data processed by the circuit, such as keys, it has been proposed in [3] to modify the usual test protocol so that before entering in test mode, the circuit is completely reset. Then the reset circuit is checked.…”

“…In [4], the authors propose to add data integrity logic control to the signals driving the MKR so that they detect any fault or brute attack leading to scan activation during the user mode. In [3], the authors identify the scan-enable signal as a high-risk signal since it drives the scan function of each scanned flip-flop. They then propose to add an integrity mechanism to this signal so that any activation of this signal while the chip is in user mode will trigger a hard reset of the circuit.…”

“…Securing the test protocol, as seen in [1] and [3], has the advantage that even if one bypasses the authentication and uses the test features as a test engineer, no confidential data will be outputted. If data scrambling or pattern watermarking are implemented without protocol security, an attacker who gets the authentication will furnish the correct authentication to disable the scrambling or the watermarking and will then be able to unload confidential data.…”

“…In the case of brute-force attack, the security of the test protocol itself is far not enough, indeed for such an attack the protocol is bypassed and the scan directly activated by internal scan signals. Scan chain integrity mechanisms are thus a good complement to protocol security and are proposed in [4] and [3]. Data scrambling is by itself a good protection against brute attack.…”

“…Test protocol security is easy to integrate into the IC development process and can be done during the SoC integration without IP core modification [1], [3], [9]. In terms of test operation, there is little impact (no more test data) except that the test setup may be a longer.…”

Security challenges during VLSI test

“…The test protocol solution consists of disabling the test feature in user mode (i.e., when the system is handling confidential data). To protect confidential data processed by the circuit, such as keys, it has been proposed in [3] to modify the usual test protocol so that before entering in test mode, the circuit is completely reset. Then the reset circuit is checked.…”

“…In [4], the authors propose to add data integrity logic control to the signals driving the MKR so that they detect any fault or brute attack leading to scan activation during the user mode. In [3], the authors identify the scan-enable signal as a high-risk signal since it drives the scan function of each scanned flip-flop. They then propose to add an integrity mechanism to this signal so that any activation of this signal while the chip is in user mode will trigger a hard reset of the circuit.…”

“…Securing the test protocol, as seen in [1] and [3], has the advantage that even if one bypasses the authentication and uses the test features as a test engineer, no confidential data will be outputted. If data scrambling or pattern watermarking are implemented without protocol security, an attacker who gets the authentication will furnish the correct authentication to disable the scrambling or the watermarking and will then be able to unload confidential data.…”

“…In the case of brute-force attack, the security of the test protocol itself is far not enough, indeed for such an attack the protocol is bypassed and the scan directly activated by internal scan signals. Scan chain integrity mechanisms are thus a good complement to protocol security and are proposed in [4] and [3]. Data scrambling is by itself a good protection against brute attack.…”

“…Test protocol security is easy to integrate into the IC development process and can be done during the SoC integration without IP core modification [1], [3], [9]. In terms of test operation, there is little impact (no more test data) except that the test setup may be a longer.…”

Security challenges during VLSI test

Manufacturing Testing and Security Countermeasures

Protection of Assets from Scan Chain Vulnerabilities Through Obfuscation