Detecting and Resolving Security Violations in Reconfigurable Scan Networks

Abstract

Reconfigurable Scan Networks (RSNs) allow flexible access to embedded instruments for post-silicon validation and debug or diagnosis. However, this scan infrastructure can also be exploited to leak or corrupt critical information as observation and controllability of registers deep inside the circuit are increased. Securing an RSN is mandatory for maintaining safe and secure circuit operations but difficult due to its complex data flow dependencies. This work proposes a method that detects security violations and transforms a given insecure RSN into a secure RSN for which the secure data flow as specified by a user is guaranteed by construction. The presented method is guided by user-defined cost functions that target e.g., test performance or wiring cost. We provide a case study and experimental results demonstrating the applicability of the method to large designs with low runtime.