"Scan chains provide a window into the chip." - Yervant Zorian, CTO of Virage Logic.
"It's well known that scan chains are a major source of vulnerability in embedded systems." - Srinivas Ravi, research staff member at NEC Laboratories America.
Scan design is where one or more scan chains are constructed within a chip by tying together some internal registers and flip-flops and then connecting them to the serial JTAG boundary scan interface. The technology is used in a number of embedded systems as is supposed to be secure - but, of course, we know that nothing is secure.
A whole range of applications of scan design technology such as smart credit cards and firewalls may be very vulnerable to cracking, thanks to the growing recognition in the industry that the very scan chains that make ICs testable can potentially be used to break their encryption algorithms and steal their intellectual property. There have now been a number of calls from experts in security and in embedded systems for scan design to be abandoned.
"We want to get to the design and test communities and tell them that scan is a terrible thing to do. Scan is a very bad design-for-test methodology. It is a very good design-for-hacking methodology." - Ramesh Karri, associate professor of electrical and computing engineering at the Polytechnic University in Brooklyn, N.Y.