Skip to Main Content
This article addresses some security issues surrounding JTAG. We look at the threat of a malicious chip in a JTAG chain. We outline attack scenarios where trust in a digital system is downgraded by the presence of such a chip. To defend against this, we propose a protection scheme that hardens JTAG by making use of lightweight cryptographic primitives, namely stream ciphers and incremental message authentication codes. The scheme defines four levels of protection. For each of the attack scenarios, we determine which protection level is needed to prevent it. Finally, we discuss the practical aspects of implementing these security enhancements such as area, test time and operational overheads.