IEEE Std. 1149.1, also known as the Joint Test Access Group (JTAG) standard, provides excellent controllability and observability for ICs and hence is widely used in IC testing, debugging, failure analysis, or even online chip control/monitoring. Unfortunately, it has also become a backdoor for attackers to manipulate the ICs or grab confidential information from the ICs. One way to address this problem is to disable JTAG pins after manufacturing testing. However this countermeasure prohibits the in-filed testing and debugging capability. Other countermeasures such as authentication and encryption/decryption methods based on specific static keys have also been proposed. However, these approaches may suffer from side-channel or memory attacks that may figure out the specific keys. This paper presents an authentication-based secure JTAG wrapper with a dynamic feature to defend against the attacks mentioned above. We generate different keys for different test data dynamically. Therefore, only legal test data can be updated to the test data registers (TDRs) through JTAG. Furthermore, the attackers will get fake responses if they shift in illegal test data, which makes it extremely difficult to break our proposed method. We can also employ the physical unclonable function (PUF) to distinguish the legal test data for different chips. Experiments on a RISC-V CPU processor called SCR1 show that our proposed method can have an area overhead of only 0.49%.
All Science Journal Classification (ASJC) codes
- 工程 (全部)