Visible to the public Biblio

Filters: Keyword is information leakage vulnerabilities  [Clear All Filters]
2017-12-12
Contreras, G. K., Nahiyan, A., Bhunia, S., Forte, D., Tehranipoor, M..  2017.  Security vulnerability analysis of design-for-test exploits for asset protection in SoCs. 2017 22nd Asia and South Pacific Design Automation Conference (ASP-DAC). :617–622.

SoCs implementing security modules should be both testable and secure. Oversights in a design's test structure could expose internal modules creating security vulnerabilities during test. In this paper, for the first time, we propose a novel automated security vulnerability analysis framework to identify violations of confidentiality, integrity, and availability policies caused by test structures and designer oversights during SoC integration. Results demonstrate existing information leakage vulnerabilities in implementations of various encryption algorithms and secure microprocessors. These can be exploited to obtain secret keys, control finite state machines, or gain unauthorized access to memory read/write functions.