Most Popular
| Top Stories | Commented | Featured |
ATI Radeon HD 5570 Review featured
TechSpot's PC Buying Guide: Always up to date! featured
Weekend tech reading: Microsoft to patch 17-year-old bug
Microsoft axes Xbox Live for first-gen consoles, games
Steam weekend sale: Far Cry Complete for $14.99
Windows 7 overtakes Vista among enthusiasts, plus other interesting trends
LGA 775 holds 77% share in 2009, 50% 2010
Microsoft rumored to showcase Windows Mobile 7 next week with Zune-like interface
TechSpot RSSIndustry News
Security based on "scan design" is not secure at all?
"Scan chains provide a window into the chip." - Yervant Zorian, CTO of Virage Logic.
"It's well known that scan chains are a major source of vulnerability in embedded systems." - Srinivas Ravi, research staff member at NEC Laboratories America.
Scan design is where one or more scan chains are constructed within a chip by tying together some internal registers and flip-flops and then connecting them to the serial JTAG boundary scan interface. The technology is used in a number of embedded systems as is supposed to be secure - but, of course, we know that nothing is secure.
A whole range of applications of scan design technology such as smart credit cards and firewalls may be very vulnerable to cracking, thanks to the growing recognition in the industry that the very scan chains that make ICs testable can potentially be used to break their encryption algorithms and steal their intellectual property. There have now been a number of calls from experts in security and in embedded systems for scan design to be abandoned.
"We want to get to the design and test communities and tell them that scan is a terrible thing to do. Scan is a very bad design-for-test methodology. It is a very good design-for-hacking methodology." - Ramesh Karri, associate professor of electrical and computing engineering at the Polytechnic University in Brooklyn, N.Y.
"It's well known that scan chains are a major source of vulnerability in embedded systems." - Srinivas Ravi, research staff member at NEC Laboratories America.
Scan design is where one or more scan chains are constructed within a chip by tying together some internal registers and flip-flops and then connecting them to the serial JTAG boundary scan interface. The technology is used in a number of embedded systems as is supposed to be secure - but, of course, we know that nothing is secure.
A whole range of applications of scan design technology such as smart credit cards and firewalls may be very vulnerable to cracking, thanks to the growing recognition in the industry that the very scan chains that make ICs testable can potentially be used to break their encryption algorithms and steal their intellectual property. There have now been a number of calls from experts in security and in embedded systems for scan design to be abandoned.
"We want to get to the design and test communities and tell them that scan is a terrible thing to do. Scan is a very bad design-for-test methodology. It is a very good design-for-hacking methodology." - Ramesh Karri, associate professor of electrical and computing engineering at the Polytechnic University in Brooklyn, N.Y.
Related Stories
