Jennifer Dworak, A. Crouch, John C. Potter, Adam Zygmontowicz, Micah Thornton
{"title":"不要忘记锁定你的SIB:隐藏仪器使用P1687","authors":"Jennifer Dworak, A. Crouch, John C. Potter, Adam Zygmontowicz, Micah Thornton","doi":"10.1109/TEST.2013.6651903","DOIUrl":null,"url":null,"abstract":"IEEE P1687 is a valuable tool for accessing on-chip instruments during test, diagnosis, debug, and board configuration. However, most of these instruments should not be available to an end user in the field. We propose a method for hiding instruments in a P1687 network that utilizes a “locking” segment insertion bit (LSIB) that can only be opened when pre-defined values, corresponding to a key, are present in particular bits in the chain. We also introduce “trap” bits, which can further reduce the effectiveness of brute force attacks by permanently locking an LSIB when an incorrect value is written to the trap's update register. Only a global reset will allow the LSIB to become operable again. In this paper, we investigate the cost and effectiveness of LSIBs and traps in several different configurations and show that these relatively small modifications to the P1687 network can make undocumented instrument access exceedingly difficult.","PeriodicalId":6379,"journal":{"name":"2013 IEEE International Test Conference (ITC)","volume":"36 1","pages":"1-10"},"PeriodicalIF":0.0000,"publicationDate":"2013-09-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"73","resultStr":"{\"title\":\"Don't forget to lock your SIB: hiding instruments using P1687\",\"authors\":\"Jennifer Dworak, A. Crouch, John C. Potter, Adam Zygmontowicz, Micah Thornton\",\"doi\":\"10.1109/TEST.2013.6651903\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"IEEE P1687 is a valuable tool for accessing on-chip instruments during test, diagnosis, debug, and board configuration. However, most of these instruments should not be available to an end user in the field. We propose a method for hiding instruments in a P1687 network that utilizes a “locking” segment insertion bit (LSIB) that can only be opened when pre-defined values, corresponding to a key, are present in particular bits in the chain. We also introduce “trap” bits, which can further reduce the effectiveness of brute force attacks by permanently locking an LSIB when an incorrect value is written to the trap's update register. Only a global reset will allow the LSIB to become operable again. In this paper, we investigate the cost and effectiveness of LSIBs and traps in several different configurations and show that these relatively small modifications to the P1687 network can make undocumented instrument access exceedingly difficult.\",\"PeriodicalId\":6379,\"journal\":{\"name\":\"2013 IEEE International Test Conference (ITC)\",\"volume\":\"36 1\",\"pages\":\"1-10\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2013-09-01\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"73\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"2013 IEEE International Test Conference (ITC)\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/TEST.2013.6651903\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"2013 IEEE International Test Conference (ITC)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/TEST.2013.6651903","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
Don't forget to lock your SIB: hiding instruments using P1687
IEEE P1687 is a valuable tool for accessing on-chip instruments during test, diagnosis, debug, and board configuration. However, most of these instruments should not be available to an end user in the field. We propose a method for hiding instruments in a P1687 network that utilizes a “locking” segment insertion bit (LSIB) that can only be opened when pre-defined values, corresponding to a key, are present in particular bits in the chain. We also introduce “trap” bits, which can further reduce the effectiveness of brute force attacks by permanently locking an LSIB when an incorrect value is written to the trap's update register. Only a global reset will allow the LSIB to become operable again. In this paper, we investigate the cost and effectiveness of LSIBs and traps in several different configurations and show that these relatively small modifications to the P1687 network can make undocumented instrument access exceedingly difficult.
求助内容:
应助结果提醒方式:
京公网安备 11010802042870号
