Online prevention of security violations in reconfigurable scan networks

2018 IEEE 23rd European Test Symposium (ETS) Pub Date : 2018-05-01 DOI:10.1109/ETS.2018.8400685

A. Atteya, M. Kochte, M. Sauer, Pascal Raiola, B. Becker, H. Wunderlich

{"title":"Online prevention of security violations in reconfigurable scan networks","authors":"A. Atteya, M. Kochte, M. Sauer, Pascal Raiola, B. Becker, H. Wunderlich","doi":"10.1109/ETS.2018.8400685","DOIUrl":null,"url":null,"abstract":"Modern systems-on-chip (SoC) designs are requiring more and more infrastructure for validation, debug, volume test as well as in-field maintenance and repair. Reconfigurable scan networks (RSNs), as allowed by IEEE 1687 (IJTAG) standard, provide flexible access to the infrastructure with low access latency. However, they can also pose a security threat to the system, by leaking information about the system state. In this paper, we present a protection method that monitors access and checks for violations of security properties online. The method prevents unauthorized access to sensitive and secure instruments. In addition, the system integrator can specify more complex security requirements, including giving multiple users different access privileges. Simultaneous accesses to multiple instruments, that would expose sensitive data to an untrusted core (e.g. from 3rd party vendors) or instrument, can be prohibited. The method does not require any change to the RSN architecture and is easily integrable with IP core designs. The area overhead with respect to the size of the RSN is below 6% and scales well with larger networks.","PeriodicalId":223459,"journal":{"name":"2018 IEEE 23rd European Test Symposium (ETS)","volume":"40 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2018-05-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"9","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"2018 IEEE 23rd European Test Symposium (ETS)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/ETS.2018.8400685","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 9

Abstract

Modern systems-on-chip (SoC) designs are requiring more and more infrastructure for validation, debug, volume test as well as in-field maintenance and repair. Reconfigurable scan networks (RSNs), as allowed by IEEE 1687 (IJTAG) standard, provide flexible access to the infrastructure with low access latency. However, they can also pose a security threat to the system, by leaking information about the system state. In this paper, we present a protection method that monitors access and checks for violations of security properties online. The method prevents unauthorized access to sensitive and secure instruments. In addition, the system integrator can specify more complex security requirements, including giving multiple users different access privileges. Simultaneous accesses to multiple instruments, that would expose sensitive data to an untrusted core (e.g. from 3rd party vendors) or instrument, can be prohibited. The method does not require any change to the RSN architecture and is easily integrable with IP core designs. The area overhead with respect to the size of the RSN is below 6% and scales well with larger networks.

查看原文本刊更多论文

可重构扫描网络中安全违规的在线预防

现代片上系统(SoC)设计需要越来越多的基础设施来进行验证、调试、批量测试以及现场维护和维修。可重构扫描网络(RSNs)是IEEE 1687 (IJTAG)标准所允许的，它提供了对基础设施的灵活访问和低访问延迟。但是，它们也可以通过泄漏有关系统状态的信息对系统构成安全威胁。在本文中，我们提出了一种在线监控访问和检查违反安全属性的保护方法。该方法防止未经授权访问敏感和安全仪器。此外，系统集成商可以指定更复杂的安全需求，包括为多个用户提供不同的访问权限。可以禁止同时访问多个仪器，这将使敏感数据暴露给不受信任的核心(例如来自第三方供应商)或仪器。该方法不需要对RSN架构进行任何更改，并且很容易与IP核设计集成。相对于RSN大小的面积开销低于6%，并且在较大的网络中可以很好地扩展。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

求助全文

约1分钟内获得全文求助全文

来源期刊

2018 IEEE 23rd European Test Symposium (ETS)

自引率

0.00%

发文量