By Topic

Securing Designs against Scan-Based Side-Channel Attacks

Sign In

Cookies must be enabled to login.After enabling cookies , please use refresh or reload or ctrl+f5 on the browser for the login options.

Formats Non-Member Member
$33 $13
Learn how you can qualify for the best price for this item!
Become an IEEE Member or Subscribe to
IEEE Xplore for exclusive pricing!
close button

puzzle piece

IEEE membership options for an individual and IEEE Xplore subscriptions for an organization offer the most affordable access to essential journal articles, conference papers, standards, eBooks, and eLearning courses.

Learn more about:

IEEE membership

IEEE Xplore subscriptions

4 Author(s)

Traditionally, the only standard method of testing that has consistently provided high fault coverage has been scan test due to the high controllability and high observability this technique provides. The scan chains used in scan test not only allow test engineers to control and observe a chip, but these properties also allow the scan architecture to be used as a means to breach chip security. In this paper, we propose a technique, called Lock & Key, to neutralize the potential for scan-based side-channel attacks. It is very difficult to implement an all inclusive security strategy, but by knowing the attacker, a suitable strategy can be devised. The Lock & Key technique provides a flexible security strategy to modern designs without significant changes to scan test practices. Using this technique, the scan chains are divided into smaller subchains. With the inclusion of a test security controller, access to subchains are randomized when being accessed by an unauthorized user. Random access reduces repeatability and predictability making reverse engineering more difficult. Without proper authorization, an attacker would need to unveil several layers of security before gaining proper access to the scan chain in order to exploit it. The proposed Lock & Key technique is design independent while maintaining a relatively low area overhead.

Published in:

IEEE Transactions on Dependable and Secure Computing  (Volume:4 ,  Issue: 4 )