Security and Testing

Rosenfeld, Kurt; Karri, Ramesh

doi:10.1007/978-1-4419-8080-9_17

Kurt Rosenfeld³ &
Ramesh Karri⁴

5199 Accesses
3 Citations

Abstract

Test interfaces are present in nearly all digital hardware. In many cases, the security of the system depends on the security of the test interfaces. Systems have been hacked in the field using test interfaces as an avenue for attack. Researchers in industry and academia have developed defenses over the past 20 years. A diligent designer can significantly reduce the chance of system exploitation by understanding known threats and applying known defenses.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution

Chapter: USD 29.95; Price excludes VAT (USA)

eBook: USD 99.00; Price excludes VAT (USA)

Softcover Book: USD 129.99; Price excludes VAT (USA)

Hardcover Book: USD 179.99; Price excludes VAT (USA)

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Notes

1.
If the threat model includes skillful, well-funded attackers who are willing to physically disassemble and modify the chip, then blowing fuses is not necessarily irreversible.

References

Sipser M (2006) Introduction to the Theory of Computation, 2nd edn. MIT, Cambridge
MATH Google Scholar
Rukhin A (2010) A statistical test suite for random and pseudorandom number generators for cryptographic applications. NIST, 2010
Google Scholar
Bo Y, Kaijie W, Karri R (2006) Secure scan: a design-for-test architecture for crypto chips. IEEE Trans Comput Aided Des Integrated Circ Syst, 25(10): 2287–2293, doi:10.1109/TCAD.2005.862745
Article Google Scholar
Hely D, Flottes M-L, Bancel F, Rouzeyre B, Berard N, Renovell M (2004) Scan design and secure chip [secure IC testing]. In: On-Line Testing Symposium, 2004. IOLTS 2004. Proceedings of the 10th IEEE International, pp 219–224, 12–14 July 2004, doi:10.1109/OLT.2004.1319691
Google Scholar
Lee J, Tehranipoor M, Plusquellic J (2006) A low-cost solution for protecting IPs against scan-based side-channel attacks. In: Proceedings of the 2006 IEEE VLSI Test Symposium. doi:10.1109/VTS.2006.7
Google Scholar
Rajsuman R (2001) Design and test of large embedded memories: an overview. IEEE Des Test Comput 18(3): 16–27, doi: 10.1109/54.922800
Article Google Scholar
Yang B (2009) Design and test for high speed cryptographic architectures. Doctoral Dissertation, Electrical and Computer Engineering Department, Polytechnic Institute of NYU
Google Scholar
Dish Newbies JTAG Guide. http://www.geewizzy.com/geewizzysite/dish/jtagshtml/jtag.shtml.html. Accessed 19 July 2011
Free60 SMC Hack. http://www.free60.org/SMC_Hack. Accessed 19 July 2011
Rosenfeld K, Karri R (2010) Attacks and Defenses for JTAG. IEEE Des Test Comput 27(1): 36–47, doi:10.1109/MDT.2009.161
Article Google Scholar
Laurent Sourgen (1993) Security locks for integrated circuit. US Patent 5264742
Google Scholar
Buskey RF, Frosik BB (2006) Protected JTAG. In: Parallel Processing Workshops, International Conference on Parallel Processing Workshops, pp 405–414
Google Scholar
Clark CJ, Ricchetti M (2004) A code-less BIST processor for embedded test and in-system configuration of boards and systems. In: Proceedings of the 2004 IEEE International Test Conference, pp 857–866, doi: 10.1109/TEST.2004.1387349
Google Scholar
http://www.intellitech.com/pdf/FPGA-security-FPGA-bitstream-Built-in-Test.pdf. Accessed 19 July 2011
Iyengar V, Chakrabarty K, Marinissen EJ (2003) Efficient test access mechanism optimization for system-on-chip. IEEE Trans Comput Aided Des Integrated Circ Syst 22(5): 635–643, doi: 10.1109/TCAD.2003.810737
Article Google Scholar
Rosenfeld K, Karri R (2011) Security-aware SoC test access mechanisms. In: Proceedings of the 2011 IEEE VLSI Test Symposium
Google Scholar
Koscher K, Czeskis A, Roesner F, Patel S, Kohno T, Checkoway S, McCoy D, Kantor B, Anderson D, Shacham H, Savage S (2010) Experimental security analysis of a modern automobile. In: Proceedings of the 2010 IEEE Symposium on Security and Privacy, pp 447–462, doi:10.1109/SP.2010.34
Google Scholar
Halperin D, Clark SS, Kevin F (2008) Pacemakers and implantable cardiac defibrillators: software radio attacks and zero-power defenses. In: Proceedings of the 2008 IEEE Symposium on Security and Privacy
Google Scholar

Download references

Author information

Authors and Affiliations

Google Inc., New York, NY, USA
Kurt Rosenfeld
Polytechnic Institute of New York University, Brooklyn, NY, USA
Ramesh Karri

Authors

Kurt Rosenfeld
View author publications
You can also search for this author in PubMed Google Scholar
Ramesh Karri
View author publications
You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Kurt Rosenfeld .

Editor information

Editors and Affiliations

, ECE Dept., University of Connecticut, Fairfield Way 371, Storrs, 06269, Connecticut, USA
Mohammad Tehranipoor
Computing and Information Science Div., Engineering Sciences Directorate, Triangle Park, 27709-2211, North Carolina, USA
Cliff Wang

Rights and permissions

Reprints and permissions

Copyright information

About this chapter

Cite this chapter

Rosenfeld, K., Karri, R. (2012). Security and Testing. In: Tehranipoor, M., Wang, C. (eds) Introduction to Hardware Security and Trust. Springer, New York, NY. https://doi.org/10.1007/978-1-4419-8080-9_17

Download citation

DOI: https://doi.org/10.1007/978-1-4419-8080-9_17
Published: 08 August 2011
Publisher Name: Springer, New York, NY
Print ISBN: 978-1-4419-8079-3
Online ISBN: 978-1-4419-8080-9
eBook Packages: EngineeringEngineering (R0)

Publish with us

Policies and ethics