Abstract
The IEEE Std. 1687 (IJTAG) facilitates access to on-chip instruments in complex system-on-chip designs. However, a major security vulnerability in IJTAG has yet to be addressed. IJTAG supports the integration of tapped and wrapped instruments at the IP provider with hidden test-data registers (TDRs). The instruments with hidden TDRs can alter and steal the data that is shifted through them. These attacks are called 'data-alteration' and 'data-sniffing' attacks, respectively. We propose the addition of shadow TDRs (STDRs) and information-flow tracking logic to protect the shifted in test data from illegitimate alteration and leakage by malicious third-party IPs. We present two security architectures for IJTAG. The first architecture secures the IJTAG against data alteration and incurs no timing overhead. However, it does not secure IJTAG against data-sniffing attacks (DS). The second architecture is an upgrade to the first architecture where we repurpose the use of the STDRs and information-tracking logic to secure the IJTAG against both data-alteration and DS. However, it incurs timing overhead. We present security proofs, simulation results, and the overheads associated with these countermeasures for various benchmarks. We also discuss the tradeoffs in security and overhead between the two proposed architectures.
| Original language | English (US) |
|---|---|
| Article number | 9174949 |
| Pages (from-to) | 1301-1314 |
| Number of pages | 14 |
| Journal | IEEE Transactions on Computer-Aided Design of Integrated Circuits and Systems |
| Volume | 40 |
| Issue number | 7 |
| DOIs | |
| State | Published - Jul 2021 |
Keywords
- Access control
- IEEE Std. 1687
- IJTAG
- computer security
- data-alteration attacks
- data-sniffing attacks
- design for testability
- integrated circuit testing
ASJC Scopus subject areas
- Software
- Computer Graphics and Computer-Aided Design
- Electrical and Electronic Engineering