Visible to the public Security vulnerability analysis of design-for-test exploits for asset protection in SoCs

TitleSecurity vulnerability analysis of design-for-test exploits for asset protection in SoCs
Publication TypeConference Paper
Year of Publication2017
AuthorsContreras, G. K., Nahiyan, A., Bhunia, S., Forte, D., Tehranipoor, M.
Conference Name2017 22nd Asia and South Pacific Design Automation Conference (ASP-DAC)
ISBN Number978-1-5090-1558-0
Keywordsasset protection, automated security vulnerability analysis framework, availability policies, Collaboration, confidentiality, control finite state machines, Controllability, cryptography, design for testability, design-for-test exploits, Discrete Fourier transforms, Encryption, encryption algorithms, information leakage vulnerabilities, integrity, internal modules, IP networks, Logic gates, memory read-write functions, policy-based governance, pubcrawl, secret keys, secure microprocessors, Security Policies Analysis, SoC integration, system-on-chip, system-on-chips, test structures
Abstract

SoCs implementing security modules should be both testable and secure. Oversights in a design's test structure could expose internal modules creating security vulnerabilities during test. In this paper, for the first time, we propose a novel automated security vulnerability analysis framework to identify violations of confidentiality, integrity, and availability policies caused by test structures and designer oversights during SoC integration. Results demonstrate existing information leakage vulnerabilities in implementations of various encryption algorithms and secure microprocessors. These can be exploited to obtain secret keys, control finite state machines, or gain unauthorized access to memory read/write functions.

URLhttps://ieeexplore.ieee.org/document/7858392/
DOI10.1109/ASPDAC.2017.7858392
Citation Keycontreras_security_2017