JSTS:Journal of Semiconductor Technology and Science

  • 제12권2호
  • /
  • Pages.240-253
  • /
  • 2012
  • /
  • 1598-1657(pISSN)
  • /
  • 2233-4866(eISSN)
대한전자공학회 (The Institute of Electronics and Information Engineers)
권호 표지
DOI QR코드

DOI QR Code

Debug Port Protection Mechanism for Secure Embedded Devices

  • Park, Keun-Young (Dept. of Computer Science & Engineering, Sogang University) ;
  • Yoo, Sang-Guun (Dept. of Computer Science & Engineering, Sogang University) ;
  • Kim, Ju-Ho (Dept. of Computer Science & Engineering, Sogang University)
  • 투고 : 2011.07.11
  • 발행 : 2012.06.30
PDF 다운로드
⟨ 이전 논문 다음 논문 ⟩

초록

In this paper we propose a protection mechanism for the debug port. While debug ports are useful tools for embedded device development and maintenance, they can also become potential attack tools for device hacking in case their usage is permitted to hackers with malicious intentions. The proposed approach prevents illicit use of debug ports by controlling access through user authentication, where the device generates and issues authentication token only to the server-authenticated users. An authentication token includes user access information which represents the user's permitted level of access and the maximum number of authentications allowed using the token. The device authenticates the user with the token and grants limited access based on the user's access level. The proposed approach improves the degree of overall security by removing the need to expose the device's secret key. Availability is also enhanced by not requiring server connection after the initial token generation and further by supporting flexible token transfer among predefined device groups. Low implementation cost is another benefit of the proposed approach, enabling it to be adopted to a wide range of environments in demand of debug port protection.

키워드

참고문헌

  1. P. Kocher, et al, "Security as a new dimension in embedded system design," Proceedings of Design Automation Conference (DAC), pp.753-760, Jun., 2004.
  2. OMTP Hardware Working Group, "OMTP Security Threats on Embedded Consumer Devices," Open Mobile Terminal Platform, May, 2009.
  3. R. Kapur, "Security vs. test quality: are they mutually exclusive?," Proceedings of International Test Conference (ITC), pp.1414, Oct., 2004.
  4. Institute of Electrical and Electronic Engineers, "Standard test access port and boundary-scan architecture," IEEE.Std. 1149.1, 2001.
  5. M. F. Breeuwsma, "Forensic imaging of embedded systems using JTAG (boundary-scan)," Journal of Digital Investigation, Vol.3, No.1, pp.32-42, Mar., 2006. https://doi.org/10.1016/j.diin.2006.01.003
  6. B. Yang, K. Wu, R. Karri, "Secure scan: a designfor- test architecture for crypto chips," IEEE Transactions on Computer-Aided Design of Integrated Circuits and Systems, Vol.25, No.10, pp.2287-2293, Oct., 2006. https://doi.org/10.1109/TCAD.2005.862745
  7. Y. Liu, K. Wu, R. Karri, "Scan-based attacks on linear feedback shift register based stream ciphers," ACM Transactions on Design Automation of Electronic Systems, Vol.16, No.2, Article No.20, Mar., 2011.
  8. A. Ashkenazi, D. Akselrod, "Platform independent overall security architecture in multi-processor system-on-chip integrated circuits for use in mobile phones and handheld devices," Computer & Electrical Engineering, Vol.33, No.5-6, pp.407-424, May, 2007. https://doi.org/10.1016/j.compeleceng.2007.05.003
  9. F. Novak, A. Biasizzo, "Security extension for IEEE std 1149.1," Journal of Electronic Testing: Theory and Applications, Vol.22, No.3, pp.301-303, Jun., 2006. https://doi.org/10.1007/s10836-006-7720-x
  10. J. Lee, et el, "Securing scan design using lock & key technique," Proceedings of International Symposium on Defect and Fault Tolerance in VLSI Systems (DFT), pp.51-62, Oct., 2005.
  11. R. F. Buskey, B. B. Frosik, "Protected JTAG," Proceedings of International Conference on Parallel Processing Workshops (ICPPW), pp.405- 414, Aug., 2006.
  12. K. Y. Park, et el "JTAG Security System Based on Credentials," Journal of Electronic Testing: Theory and Applications, Vol.26, No.5, pp.549-557, Oct., 2010.
  13. L. W. Kim, J. D. Villasenor, "A System-On-Chip Bus Architecture for Thwarting Integrated Circuit Trojan Horses," IEEE Transactions on Very Large Scale Integration Systems, Vol.19, No.10, pp.1921- 1926, Oct., 2011. https://doi.org/10.1109/TVLSI.2010.2060375
  14. C. Lee, "Smart Bus Arbiter for QoS control in H.264 decoders," Journal of Semiconductor Technology and Science,Vol.11, No.1, pp.33-39, Mar., 2011. https://doi.org/10.5573/JSTS.2011.11.1.033
  15. L. Pierce, S. Tragoudas, "Multi-Level Secure JTAG Architecture," Proceedings of International On-Line Testing Symposium (IOLTS), pp.208-209, Jul., 2011.
  16. J. Kim, S. Han, R. Jewell, "Timing Analysis Techniques Review for sub-30 nm Circuit Designs," Journal of Semiconductor Technology and Science,Vol.10, No.4, pp.292-299, Dec., 2010. https://doi.org/10.5573/JSTS.2010.10.4.292

피인용 문헌

  1. Access Port Protection for Reconfigurable Scan Networks vol.30, pp.6, 2014, https://doi.org/10.1007/s10836-014-5484-2
  2. Fine-Grained Access Management in Reconfigurable Scan Networks vol.34, pp.6, 2015, https://doi.org/10.1109/TCAD.2015.2391266