| With the development of integrated circuit testability technology,the scan chain,as one of the most successful technologies in integrated circuit testing,has greatly improved the controllability and observability of the chip by test engineers,and provided test engineers with scanning The input and scan output ports access all the trigger channels in the chip.However,an attacker who intends to steal key data inside the chip by non-destructive means can also use the controllability and observability of the scan chain to access the internal state of the chip,and then steal key data information such as the key in the encryption chip.In order to solve the contradiction between the testability and security of crypto chips,in recent years,domestic and foreign experts have proposed many security scan design schemes.Among them,part of the scan mechanism has been used in the security scan design.When using the scan chain to test the chip,the register containing the key in the chip is removed from the scan chain to ensure that the attacker can use the scan chain to access the internal state of the chip.The key cannot be stolen directly from it.Although some scan chain design mechanisms try to ensure the safety of testing,they usually come at the cost of significantly reducing test coverage.This paper proposes a new security scan design scheme based on partial scanning.While improving the scanning security,the loss of scanning coverage is small,and it has the comprehensive advantages of improving security and guaranteeing coverage.The design of this article first removes the registers containing sensitive information from the scan chain and forms a new hidden scan chain.Secondly,a finite state machine(FSM)is designed to achieve the encryption protection of the hidden scan chain.FSM has higher randomness and security than traditional FSM.A safe on-chip comparison circuit is also designed to achieve the output confusion of the hidden scan chain.The structure is mainly composed of three parts: the test vector compression module,the latch chain module and the response comparison module.The test vector compression module realizes the test of the hidden scan chain.The response is compressed,the lock chain module realizes the storage of the golden characteristic value,and the response comparison module compares the characteristic value and outputs the test result.In order to assign less value to the hidden scan chain,this paper proposes a test vector generation strategy for the security scan chain,including the construction of hidden test vector graphs,the reordering of test vectors,and the reuse of test vectors,which can not only reduce the test cost,but also further strengthen the security of the hidden scan chain.In order to verify the safety and feasibility of the proposed method,this paper uses C language to achieve the design of a new type of secure finite state machine(FSM),and uses the AES cryptographic circuit as the target circuit to achieve a secure scan design.Logic synthesis and test vector generation are performed on the safety scan circuit and the ordinary scan chain circuit respectively.Finally,the Perl language is used to sort the test vectors and apply them to the circuit with the safety scan chain design to achieve the same testability as the traditional scan chain.Experimental analysis shows that the hardware overhead of the security scan design accounts for 1.12% of the AES(Advanced Encryption Standard)cryptographic circuit,and it provides the same test coverage as the full scan design,reducing the test time and eliminating the need to regenerate test vectors.It is a good compromise between the testability and security of the crypto chip. |
PDF Full Text Request