On Secure Data Flow in Reconfigurable Scan Networks

Pascal Raiola1, Benjamin Thiemann1, Jan Burchard2, Ahmed Atteya3, Natalia Lylina3, Hans-Joachim Wunderlich3, Bernd Becker1 and Matthias Sauer1
1University of Freiburg, Germany
2Mentor, a Siemens Business, Hamburg, Germany
3University of Stuttgart, Germany

ABSTRACT


Reconfigurable Scan Networks (RSNs) allow flexible access to embedded instruments for post-silicon test, validation and debug or diagnosis. The increased observability and controllability of registers inside the circuit can be exploited by an attacker to leak or corrupt critical information.

Precluding such security threats is of high importance but difficult due to complex data flow dependencies inside the reconfigurable scan network as well as across the underlying circuit logic.

This work proposes a method that fine-granularly computes dependencies over circuit logic and the RSN. These dependencies are utilized to detect security violations for a given insecure RSN, which is then transformed into a secure RSN.

Experimental results demonstrate the applicability of themethod to large academical and industrial designs. Additionally, we report on the required effort to mitigate found security violations which also motivates the necessity to consider the circuit logic in addition to pure scan paths.

Keywords: Reconfigurable Scan Network, Hardware Security, Data Dependency, IEEE Std 1687.



Full Text (PDF)