On Secure Data Flow in Reconfigurable Scan Networks

Pascal Raiola¹, Benjamin Thiemann¹, Jan Burchard², Ahmed Atteya³, Natalia Lylina³, Hans-Joachim Wunderlich³, Bernd Becker¹ and Matthias Sauer^1
1University of Freiburg, Germany
²Mentor, a Siemens Business, Hamburg, Germany
³University of Stuttgart, Germany

ABSTRACT

Reconfigurable Scan Networks (RSNs) allow flexible access to embedded instruments for post-silicon test, validation and debug or diagnosis. The increased observability and controllability of registers inside the circuit can be exploited by an attacker to leak or corrupt critical information.

Precluding such security threats is of high importance but difficult due to complex data flow dependencies inside the reconfigurable scan network as well as across the underlying circuit logic.

This work proposes a method that fine-granularly computes dependencies over circuit logic and the RSN. These dependencies are utilized to detect security violations for a given insecure RSN, which is then transformed into a secure RSN.

Experimental results demonstrate the applicability of themethod to large academical and industrial designs. Additionally, we report on the required effort to mitigate found security violations which also motivates the necessity to consider the circuit logic in addition to pure scan paths.

Keywords: Reconfigurable Scan Network, Hardware Security, Data Dependency, IEEE Std 1687.

---

Full Text (PDF)

© 2019 EDAA. All rights reserved.