Debug Port Protection Mechanism for Secure Embedded Devices

In this paper we propose a protection mechanism for the debug port. While debug ports are useful tools for embedded device development and maintenance, they can also become potential attack tools for device hacking in case their usage is permitted to hackers with malicious intentions. The proposed approach prevents illicit use of debug ports by controlling access through user authentication, where the device generates and issues authentication token only to the server-authenticated users. An authentication token includes user access information which represents the user’s permitted level of access and the maximum number of authentications allowed using the token. The device authenticates the user with the token and grants limited access based on the user’s access level. The proposed approach improves the degree of overall security by removing the need to expose the device’s secret key. Availability is also enhanced by not requiring server connection after the initial token generation and further by supporting flexible token transfer among predefined device groups. Low implementation cost is another benefit of the proposed approach, enabling it to be adopted to a wide range of environments in demand of debug port protection.

[1]  In Man Kang,et al.  Small-Signal Modeling of Gate-All-Around (GAA) Junctionless (JL) MOSFETs for Sub-millimeter Wave Applications , 2012 .

[2]  Chan-Ho Lee Smart Bus Arbiter for QoS control in H.264 decoders , 2011 .

[3]  Franc Novak,et al.  Security Extension for IEEE Std 1149.1 , 2006, J. Electron. Test..

[4]  Rohit Kapur Security vs. test quality: are they mutually exclusive? , 2004 .

[5]  Ramesh Karri,et al.  Secure Scan: A Design-for-Test Architecture for Crypto Chips , 2006, IEEE Trans. Comput. Aided Des. Integr. Circuits Syst..

[6]  Spyros Tragoudas,et al.  Multi-level secure JTAG architecture , 2011, 2011 IEEE 17th International On-Line Testing Symposium.

[7]  John D. Villasenor,et al.  A System-On-Chip Bus Architecture for Thwarting Integrated Circuit Trojan Horses , 2011, IEEE Transactions on Very Large Scale Integration (VLSI) Systems.

[8]  Ronald F. Buskey,et al.  Protected JTAG , 2006, 2006 International Conference on Parallel Processing Workshops (ICPPW'06).

[9]  Mark Mohammad Tehranipoor,et al.  Securing Scan Design Using Lock and Key Technique , 2005, 20th IEEE International Symposium on Defect and Fault Tolerance in VLSI Systems (DFT'05).

[10]  Rodham E. Tulloss,et al.  The Test Access Port and Boundary Scan Architecture , 1990 .

[11]  Juho Kim,et al.  JTAG Security System Based on Credentials , 2010, J. Electron. Test..

[12]  Yu Liu,et al.  Scan-based attacks on linear feedback shift register based stream ciphers , 2011, TODE.

[13]  Sangwoo Han,et al.  Timing Analysis Techniques Review for sub-30 nm Circuit Designs , 2010 .

[14]  Ing. M. F. Breeuwsma Forensic imaging of embedded systems using JTAG (boundary-scan) , 2006, Digit. Investig..

[15]  Dmitry Akselrod,et al.  Platform independent overall security architecture in multi-processor system-on-chip integrated circuits for use in mobile phones and handheld devices , 2007, Comput. Electr. Eng..

[16]  Srivaths Ravi,et al.  Security as a new dimension in embedded system design , 2004, Proceedings. 41st Design Automation Conference, 2004..