TY - JOUR
T1 - A Dynamic-Key Based Secure Scan Architecture for Manufacturing and In-Field IC Testing
AU - Lee, Kuen Jong
AU - Liu, Ching An
AU - Wu, Chia Chi
N1 - Funding Information:
This work was partially supported by the Ministry of Science and Technology of Taiwan under Contracts 107-2218-E-006-025 and partially by the Qualcomm Inc.
Publisher Copyright:
© 2013 IEEE.
PY - 2022
Y1 - 2022
N2 - The design for testability (DFT) technology based on scan chains is widely used in industry to increase the testability of circuits. However, it also leads to a potential security problem that attackers can use scan chains as a backdoor to attack a system. Common methods to defend such attacks include disabling the scan chain after manufacturing test or employing some secret keys to encrypt/decrypt scan data or to verify the identities of users. The former would make in-field testing impossible and the latter would require storing keys in memory which might also undergo high risk of memory attacks. In this paper we propose a dynamic-key based secure scan architecture that works together with an intrinsic Physical Unclonable Function (PUF) of chips to defend both scan-based and memory attacks while facilitating both manufacturing and in-field testing. A system equipped with this secure architecture will shift out true circuit responses only when legal test patterns are shifted into the scan chains. Moreover, no test key will be stored in memory, hence no memory attacks are possible. We also leverage the PUF to distinct the legal test patterns for different manufactured chips so as to further protect chips. Analysis results show that our protection scheme can achieve a very high security level without sacrificing system performance, testability and diagnosability.
AB - The design for testability (DFT) technology based on scan chains is widely used in industry to increase the testability of circuits. However, it also leads to a potential security problem that attackers can use scan chains as a backdoor to attack a system. Common methods to defend such attacks include disabling the scan chain after manufacturing test or employing some secret keys to encrypt/decrypt scan data or to verify the identities of users. The former would make in-field testing impossible and the latter would require storing keys in memory which might also undergo high risk of memory attacks. In this paper we propose a dynamic-key based secure scan architecture that works together with an intrinsic Physical Unclonable Function (PUF) of chips to defend both scan-based and memory attacks while facilitating both manufacturing and in-field testing. A system equipped with this secure architecture will shift out true circuit responses only when legal test patterns are shifted into the scan chains. Moreover, no test key will be stored in memory, hence no memory attacks are possible. We also leverage the PUF to distinct the legal test patterns for different manufactured chips so as to further protect chips. Analysis results show that our protection scheme can achieve a very high security level without sacrificing system performance, testability and diagnosability.
UR - http://www.scopus.com/inward/record.url?scp=85126101631&partnerID=8YFLogxK
UR - http://www.scopus.com/inward/citedby.url?scp=85126101631&partnerID=8YFLogxK
U2 - 10.1109/TETC.2020.3021820
DO - 10.1109/TETC.2020.3021820
M3 - Article
AN - SCOPUS:85126101631
SN - 2168-6750
VL - 10
SP - 373
EP - 385
JO - IEEE Transactions on Emerging Topics in Computing
JF - IEEE Transactions on Emerging Topics in Computing
IS - 1
ER -