Browse > Article
http://dx.doi.org/10.5573/JSTS.2012.12.2.240

Debug Port Protection Mechanism for Secure Embedded Devices  

Park, Keun-Young (Dept. of Computer Science & Engineering, Sogang University)
Yoo, Sang-Guun (Dept. of Computer Science & Engineering, Sogang University)
Kim, Ju-Ho (Dept. of Computer Science & Engineering, Sogang University)
Publication Information
JSTS:Journal of Semiconductor Technology and Science / v.12, no.2, 2012 , pp. 240-253 More about this Journal
Abstract
In this paper we propose a protection mechanism for the debug port. While debug ports are useful tools for embedded device development and maintenance, they can also become potential attack tools for device hacking in case their usage is permitted to hackers with malicious intentions. The proposed approach prevents illicit use of debug ports by controlling access through user authentication, where the device generates and issues authentication token only to the server-authenticated users. An authentication token includes user access information which represents the user's permitted level of access and the maximum number of authentications allowed using the token. The device authenticates the user with the token and grants limited access based on the user's access level. The proposed approach improves the degree of overall security by removing the need to expose the device's secret key. Availability is also enhanced by not requiring server connection after the initial token generation and further by supporting flexible token transfer among predefined device groups. Low implementation cost is another benefit of the proposed approach, enabling it to be adopted to a wide range of environments in demand of debug port protection.
Keywords
Debug port; device hacking; authentication token;
Citations & Related Records
Times Cited By KSCI : 2  (Citation Analysis)
연도 인용수 순위
1 F. Novak, A. Biasizzo, "Security extension for IEEE std 1149.1," Journal of Electronic Testing: Theory and Applications, Vol.22, No.3, pp.301-303, Jun., 2006.   DOI
2 J. Lee, et el, "Securing scan design using lock & key technique," Proceedings of International Symposium on Defect and Fault Tolerance in VLSI Systems (DFT), pp.51-62, Oct., 2005.
3 R. F. Buskey, B. B. Frosik, "Protected JTAG," Proceedings of International Conference on Parallel Processing Workshops (ICPPW), pp.405- 414, Aug., 2006.
4 K. Y. Park, et el "JTAG Security System Based on Credentials," Journal of Electronic Testing: Theory and Applications, Vol.26, No.5, pp.549-557, Oct., 2010.
5 L. W. Kim, J. D. Villasenor, "A System-On-Chip Bus Architecture for Thwarting Integrated Circuit Trojan Horses," IEEE Transactions on Very Large Scale Integration Systems, Vol.19, No.10, pp.1921- 1926, Oct., 2011.   DOI   ScienceOn
6 C. Lee, "Smart Bus Arbiter for QoS control in H.264 decoders," Journal of Semiconductor Technology and Science,Vol.11, No.1, pp.33-39, Mar., 2011.   DOI   ScienceOn
7 L. Pierce, S. Tragoudas, "Multi-Level Secure JTAG Architecture," Proceedings of International On-Line Testing Symposium (IOLTS), pp.208-209, Jul., 2011.
8 J. Kim, S. Han, R. Jewell, "Timing Analysis Techniques Review for sub-30 nm Circuit Designs," Journal of Semiconductor Technology and Science,Vol.10, No.4, pp.292-299, Dec., 2010.   DOI   ScienceOn
9 P. Kocher, et al, "Security as a new dimension in embedded system design," Proceedings of Design Automation Conference (DAC), pp.753-760, Jun., 2004.
10 OMTP Hardware Working Group, "OMTP Security Threats on Embedded Consumer Devices," Open Mobile Terminal Platform, May, 2009.
11 R. Kapur, "Security vs. test quality: are they mutually exclusive?," Proceedings of International Test Conference (ITC), pp.1414, Oct., 2004.
12 Institute of Electrical and Electronic Engineers, "Standard test access port and boundary-scan architecture," IEEE.Std. 1149.1, 2001.
13 A. Ashkenazi, D. Akselrod, "Platform independent overall security architecture in multi-processor system-on-chip integrated circuits for use in mobile phones and handheld devices," Computer & Electrical Engineering, Vol.33, No.5-6, pp.407-424, May, 2007.   DOI   ScienceOn
14 M. F. Breeuwsma, "Forensic imaging of embedded systems using JTAG (boundary-scan)," Journal of Digital Investigation, Vol.3, No.1, pp.32-42, Mar., 2006.   DOI   ScienceOn
15 B. Yang, K. Wu, R. Karri, "Secure scan: a designfor- test architecture for crypto chips," IEEE Transactions on Computer-Aided Design of Integrated Circuits and Systems, Vol.25, No.10, pp.2287-2293, Oct., 2006.   DOI   ScienceOn
16 Y. Liu, K. Wu, R. Karri, "Scan-based attacks on linear feedback shift register based stream ciphers," ACM Transactions on Design Automation of Electronic Systems, Vol.16, No.2, Article No.20, Mar., 2011.