Securing reconfigurable scan networks against data sniffing and data alteration attacks
Åhlund, Joel LU ; Törmänen, Markus LU
; Svensson, Pamela
; Kerttu, Mikael
; Månefjord, Torbjörn
; Johansson, Christian
and Larsson, Erik
LU
(2025)
30th IEEE European Test Symposium
- Abstract
- It is common for a system integrator to make use of third party intellectual property (IP) blocks from multiple vendors in the design of a circuit. These IPs may include test features, known as instruments, which are connected to a reconfigurable scan network, such as an IEEE Std. 1687 (IJTAG) network, for efficient on-chip integration and communication.
Using third party instruments this way becomes a security risk, since the instruments will have different levels of trust depending on the IP provider and intended use. In worst case, they may be malicious and directly harmful to the system. This paper provides security measures to protect a circuit from malicious instruments, attempting to perform data sniffing or data alteration... (More) - It is common for a system integrator to make use of third party intellectual property (IP) blocks from multiple vendors in the design of a circuit. These IPs may include test features, known as instruments, which are connected to a reconfigurable scan network, such as an IEEE Std. 1687 (IJTAG) network, for efficient on-chip integration and communication.
Using third party instruments this way becomes a security risk, since the instruments will have different levels of trust depending on the IP provider and intended use. In worst case, they may be malicious and directly harmful to the system. This paper provides security measures to protect a circuit from malicious instruments, attempting to perform data sniffing or data alteration attacks, within an IJTAG network. Security against these attacks is realized in the microarchitecture of segment insertion bit (SIB) components. The proposed solution provides easy integration into reconfigurable scan networks, where it was implemented on benchmark circuits and tested using commercial tools for test pattern generation and verification. Using the proposed solution in IJTAG networks results in very low area overhead, compatibility with existing test instructions and no added test time overhead, while maintaining compliance with IEEE Std. 1687. (Less)
Please use this url to cite or link to this publication:
https://lup.lub.lu.se/record/97ca0b4d-4fa9-43ff-9720-442b0647c46f
- author
- Åhlund, Joel
LU
; Törmänen, Markus
LU
; Svensson, Pamela
; Kerttu, Mikael
; Månefjord, Torbjörn
; Johansson, Christian
and Larsson, Erik
LU
- organization
- publishing date
- 2025
- type
- Chapter in Book/Report/Conference proceeding
- publication status
- in press
- subject
- host publication
- 2025 IEEE European Test Symposium (ETS)
- pages
- 6 pages
- publisher
- IEEE - Institute of Electrical and Electronics Engineers Inc.
- conference name
- 30th IEEE European Test Symposium
- conference location
- Tallinn, Estonia
- conference dates
- 2025-05-26 - 2025-05-29
- project
- Trustable systems with components from untrustable supply-chains
- Resilient Trust
- language
- English
- LU publication?
- yes
- id
- 97ca0b4d-4fa9-43ff-9720-442b0647c46f
- date added to LUP
- 2025-06-26 10:27:48
- date last changed
- 2025-08-01 09:33:44
@inproceedings{97ca0b4d-4fa9-43ff-9720-442b0647c46f,
abstract = {{It is common for a system integrator to make use of third party intellectual property (IP) blocks from multiple vendors in the design of a circuit. These IPs may include test features, known as instruments, which are connected to a reconfigurable scan network, such as an IEEE Std. 1687 (IJTAG) network, for efficient on-chip integration and communication.<br/><br/>Using third party instruments this way becomes a security risk, since the instruments will have different levels of trust depending on the IP provider and intended use. In worst case, they may be malicious and directly harmful to the system. This paper provides security measures to protect a circuit from malicious instruments, attempting to perform data sniffing or data alteration attacks, within an IJTAG network. Security against these attacks is realized in the microarchitecture of segment insertion bit (SIB) components. The proposed solution provides easy integration into reconfigurable scan networks, where it was implemented on benchmark circuits and tested using commercial tools for test pattern generation and verification. Using the proposed solution in IJTAG networks results in very low area overhead, compatibility with existing test instructions and no added test time overhead, while maintaining compliance with IEEE Std. 1687.}},
author = {{Åhlund, Joel and Törmänen, Markus and Svensson, Pamela and Kerttu, Mikael and Månefjord, Torbjörn and Johansson, Christian and Larsson, Erik}},
booktitle = {{2025 IEEE European Test Symposium (ETS)}},
language = {{eng}},
publisher = {{IEEE - Institute of Electrical and Electronics Engineers Inc.}},
title = {{Securing reconfigurable scan networks against data sniffing and data alteration attacks}},
year = {{2025}},
}