Addressing potential security risks associated with using high-speed interfaces such as PCIe or USB for scan chain access.
Recently, my colleague Robert Ruiz described a new approach to scan test that utilizes the high-speed I/O (HSIO) ports that exist on most chips. The benefits of this new approach include reduced test time and cost thanks to the high-speed interface. Simplified pin electronics and tester setup are also benefits, as is the ability to run manufacturing tests in the field in support of silicon lifecycle management (SLM) requirements. Robert described how Synopsys TestMAX SLT and TestMAX ALE enable this revolutionary new approach to scan test.
While elegant in its simplicity, the devil is always in the details. Integrating the required hardware and ensuring software control of it is not a simple task. With the new TestMAX family of products, the pieces do indeed fit together and work well. Robert left you with one more item to consider regarding this innovative, new approach. The potential security risk associated with unauthorized access to high-speed interfaces such as PCIe or USB that provide scan chain access to the internals of the chip.
The wait is over. I’m here to address that last security issue and complete the picture.
First, let’s discuss process and approach. We were able to deliver a fundamentally new approach to scan test by taking a holistic approach to the problem. Security has the same requirement. A holistic approach must be taken to ensure all parts of the process have the appropriate locks, safeguards and trusted methods of enablement. The goals of this approach are transparency and ease of use. Today, it is easy to insert scan, implement compression, generate test patterns and diagnose defects. Our goal is to allow security to be added to the entire process with equal ease.
Locking functions will be added at various points in the test flow to ensure only authenticated access is possible. Provisioning will be done at test time and authentication will be provided through secure access to cloud resources where the provisioning data is stored. This new paradigm will require some changes to traditional test methods. For example, test patterns cannot be the sole stimulus applied directly to the silicon. While approaches like this may have worked in the past on a controlled access test floor, this kind of local security is too vulnerable in the field. For security, “keys” will need to unlock access to DFT logic. The approach is illustrated below.
Fig. 1: Adding locking functions to the test flow.
Growing the test infrastructure this way for security purposes creates other benefits. Consider the opportunity to harvest data about millions of devices in the field. Cloud-based data analytics can be applied here to improve factory processes, proactively ensure device health and discover/correct failure modes. Embedded IP can perform local, low latency data analytics on the chip itself as well. These are just a few of the benefits of this new infrastructure. A vision of how this could work for SLM in an automotive deployment is shown below.
Fig. 2: Ensuring electronic performance, safety and security.
The systems described here require collaboration across the ecosystem to achieve full implementation. Synopsys is proud to have been chosen as a prime contractor by DARPA for its Automatic Implementation of Secure Silicon (AISS) program. The goals of this program are to automate the inclusion of scalable hardware security mechanisms in IP and SoCs to explore security versus other design trade-offs. The technologies described here will be part of this ambitious ecosystem-level program.
According to DARPA:
AISS consists of two primary research areas that address four fundamental silicon security vulnerabilities: side channel attacks, hardware Trojans, reverse engineering, and supply chain attacks, such as counterfeiting, recycling, re-marking, cloning, and over-production… Synopsys and Northrop Grumman will each be developing Arm-based architectures that include security engines offering different approaches and demonstrating the modularity of the new AISS-based flows to accept other security engines, potentially including highly specialized engines developed for future Department of Defense (DoD) applications.
So, there’s the whole story – a new and efficient approach to scan test and the infrastructure to deploy it, secure it and capitalize on it for SLM. You can learn more about the Synopsys Silicon Lifecycle Management (SLM) platform here and you can learn more about Synopsys’ work on the AISS program here. You can also examine the enabling technologies: TestMAX SLT here and TestMAX ALE here.
Leave a Reply