Biblio

The IEEE Std. 1687 (IJTAG) was designed to provide on-chip access to the various embedded instruments (e.g. built-in self test, sensors, etc.) in complex system-on-chip designs. IJTAG facilitates access to on-chip instruments from third party intellectual property providers with hidden test-data registers. Although access to on-chip instruments provides valuable data specifically for debug and diagnosis, it can potentially expose the design to untrusted sources and instruments that can sniff and possibly manipulate the data that is being shifted through the IJTAG network. This paper provides a comprehensive protection scheme against data sniffing and data integrity attacks by selectively isolating the data flowing through the IJTAG network. The proposed scheme is modeled as a graph coloring problem to optimize the number of isolation signals required to protect the design. It is shown that combining the proposed approach with other existing schemes can also bolster the security against unauthorized user access as well. The proposed countermeasure is shown to add minimal overhead in terms of area and power consumption.

Modern automotive systems and IoT devices are designed through a highly complex, globalized, and potentially untrustworthy supply chain. Each player in this supply chain may (1) introduce sensitive information and data (collectively termed "assets") that must be protected from other players in the supply chain, and (2) have controlled access to assets introduced by other players. Furthermore, some players in the supply chain may be malicious. It is imperative to protect the device and any sensitive assets in it from being compromised or unknowingly disclosed by such entities. A key — and sometimes overlooked — component of security architecture of modern electronic systems entails managing security in the face of supply chain challenges. In this paper we discuss some security challenges in automotive and IoT systems arising from supply chain complexity, and the state of the practice in this area.