Securing reconfigurable scan networks against data sniffing and data alteration attacks

Åhlund, Joel; Törmänen, Markus; Svensson, Pamela; Kerttu, Mikael; Månefjord, Torbjörn; Johansson, Christian; Larsson, Erik

Securing reconfigurable scan networks against data sniffing and data alteration attacks

Mark

Åhlund, Joel ^LU ; Törmänen, Markus ^LU

; Svensson, Pamela ; Kerttu, Mikael ; Månefjord, Torbjörn ; Johansson, Christian and Larsson, Erik ^LU

(2025) 30th IEEE European Test Symposium

Abstract: It is common for a system integrator to make use of third party intellectual property (IP) blocks from multiple vendors in the design of a circuit. These IPs may include test features, known as instruments, which are connected to a reconfigurable scan network, such as an IEEE Std. 1687 (IJTAG) network, for efficient on-chip integration and communication.

Using third party instruments this way becomes a security risk, since the instruments will have different levels of trust depending on the IP provider and intended use. In worst case, they may be malicious and directly harmful to the system. This paper provides security measures to protect a circuit from malicious instruments, attempting to perform data sniffing or data alteration... (More); It is common for a system integrator to make use of third party intellectual property (IP) blocks from multiple vendors in the design of a circuit. These IPs may include test features, known as instruments, which are connected to a reconfigurable scan network, such as an IEEE Std. 1687 (IJTAG) network, for efficient on-chip integration and communication.

Using third party instruments this way becomes a security risk, since the instruments will have different levels of trust depending on the IP provider and intended use. In worst case, they may be malicious and directly harmful to the system. This paper provides security measures to protect a circuit from malicious instruments, attempting to perform data sniffing or data alteration attacks, within an IJTAG network. Security against these attacks is realized in the microarchitecture of segment insertion bit (SIB) components. The proposed solution provides easy integration into reconfigurable scan networks, where it was implemented on benchmark circuits and tested using commercial tools for test pattern generation and verification. Using the proposed solution in IJTAG networks results in very low area overhead, compatibility with existing test instructions and no added test time overhead, while maintaining compliance with IEEE Std. 1687. (Less)

Please use this url to cite or link to this publication: https://lup.lub.lu.se/record/97ca0b4d-4fa9-43ff-9720-442b0647c46f

author

Åhlund, Joel ^LU ; Törmänen, Markus ^LU

; Svensson, Pamela ; Kerttu, Mikael ; Månefjord, Torbjörn ; Johansson, Christian and Larsson, Erik ^LU

organization

publishing date

2025

type

Chapter in Book/Report/Conference proceeding

publication status

published

subject

Other Electrical Engineering, Electronic Engineering, Information Engineering

host publication

2025 IEEE European Test Symposium (ETS)

pages

6 pages

publisher

IEEE - Institute of Electrical and Electronics Engineers Inc.

conference name

30th IEEE European Test Symposium

conference location

Tallinn, Estonia

conference dates

2025-05-26 - 2025-05-29

project

Trustable systems with components from untrustable supply-chains

Resilient Trust

language

English

LU publication?

yes

id

97ca0b4d-4fa9-43ff-9720-442b0647c46f

alternative location

https://ieeexplore.ieee.org/document/11049628

date added to LUP

2025-06-26 10:27:48

date last changed

2025-08-29 10:15:45

@inproceedings{97ca0b4d-4fa9-43ff-9720-442b0647c46f,
  abstract     = {{It is common for a system integrator to make use of third party intellectual property (IP) blocks from multiple vendors in the design of a circuit. These IPs may include test features, known as instruments, which are connected to a reconfigurable scan network, such as an IEEE Std. 1687 (IJTAG) network, for efficient on-chip integration and communication.<br/><br/>Using third party instruments this way becomes a security risk, since the instruments will have different levels of trust depending on the IP provider and intended use. In worst case, they may be malicious and directly harmful to the system. This paper provides security measures to protect a circuit from malicious instruments, attempting to perform data sniffing or data alteration attacks, within an IJTAG network. Security against these attacks is realized in the microarchitecture of segment insertion bit (SIB) components. The proposed solution provides easy integration into reconfigurable scan networks, where it was implemented on benchmark circuits and tested using commercial tools for test pattern generation and verification. Using the proposed solution in IJTAG networks results in very low area overhead, compatibility with existing test instructions and no added test time overhead, while maintaining compliance with IEEE Std. 1687.}},
  author       = {{Åhlund, Joel and Törmänen, Markus and Svensson, Pamela and Kerttu, Mikael and Månefjord, Torbjörn and Johansson, Christian and Larsson, Erik}},
  booktitle    = {{2025 IEEE European Test Symposium (ETS)}},
  language     = {{eng}},
  publisher    = {{IEEE - Institute of Electrical and Electronics Engineers Inc.}},
  title        = {{Securing reconfigurable scan networks against data sniffing and data alteration attacks}},
  url          = {{https://ieeexplore.ieee.org/document/11049628}},
  year         = {{2025}},
}

Lund University Publications

LUND UNIVERSITY LIBRARIES

Securing reconfigurable scan networks against data sniffing and data alteration attacks