Hunting Security Bugs in SoC Designs: Lessons Learned

Bidmeshki, Mohammad Mahdi; Zhang, Yunjie; Zaman, Monir; Zhou, Liwei; Makris, Yiorgos

doi:10.1109/mdat.2020.3013727

Cited by 5 publications

(3 citation statements)

References 6 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…The password-based methods protect the JTAG access by requiring users to shift in a secret password. A static or short password is vulnerable to a brute-force attack [21]. Our work uses a different seed for different test data to authenticate the user instead of a static password.…”

Section: A Brute-force Attackmentioning

confidence: 99%

See 1 more Smart Citation

A Secure JTAG Wrapper for SoC Testing and Debugging

Lee

Yeh

2022

IEEE Access

View full text Add to dashboard Cite

IEEE Std. 1149.1, also known as the Joint Test Access Group (JTAG) standard, provides excellent controllability and observability for ICs and hence is widely used in IC testing, debugging, failure analysis, or even online chip control/monitoring. Unfortunately, it has also become a backdoor for attackers to manipulate the ICs or grab confidential information from the ICs. One way to address this problem is to disable JTAG pins after manufacturing testing. However this countermeasure prohibits the in-filed testing and debugging capability. Other countermeasures such as authentication and encryption/decryption methods based on specific static keys have also been proposed. However, these approaches may suffer from side-channel or memory attacks that may figure out the specific keys. This paper presents an authenticationbased secure JTAG wrapper with a dynamic feature to defend against the attacks mentioned above. We generate different keys for different test data dynamically. Therefore, only legal test data can be updated to the test data registers (TDRs) through JTAG. Furthermore, the attackers will get fake responses if they shift in illegal test data, which makes it extremely difficult to break our proposed method. We can also employ the physical unclonable function (PUF) to distinguish the legal test data for different chips. Experiments on a RISC-V CPU processor called SCR1 show that our proposed method can have an area overhead of only 0.49%. INDEX TERMSHardware security, IEEE test standard security, JTAG security, memory attack, secure JTAG wrapper, physical unclonable function (PUF), in-field testing, in-field debugging. SHIH-CHUN YEH received the B.S. degree in electrical engineering from the National Chung Cheng University, Chiayi, Taiwan, in 2019. He is currently pursuing the M.S. degree in electrical engineering from the National Cheng Kung University, Tainan, Taiwan. His current research interests include hardware security, security of IEEE test standards, and security of testing.

show abstract

Section: A Brute-force Attackmentioning

confidence: 99%

“…They are also vulnerable to memory attacks if the passwords are stored in memory. In addition, if the authentication procedure compares a hardcoded password, it may also be cracked by the reverse engineering attack [21]. As for the CRP-based methods, they also take the risk of a memory attack.…”

Section: F Comparison With Other Workmentioning

confidence: 99%

A Secure JTAG Wrapper for SoC Testing and Debugging

Lee

Yeh

2022

IEEE Access

View full text Add to dashboard Cite

show abstract

“…Deep reinforcement learning is widely used in News Recommendation [1], face recognition [2], Image detection [3], task decision-making [4], etc. In terms of robots, deep reinforcement learning is also widely used in robot localization [5], perception [6], decision-making [7], planning [8], hardware [9], etc.…”

Section: Introductionmentioning

confidence: 99%

Deep Reinforcement Learning for Mobile Robot Path Planning

Liu,

Shen,

et al. 2024

JTPES

View full text Add to dashboard Cite

Path planning is an important problem with the the applications in many aspects, such as video games, robotics etc. This paper proposes a novel method to address the problem of Deep Reinforcement Learning (DRL) based path planning for a mobile robot. We design DRL-based algorithms, including reward functions, and parameter optimization, to avoid time-consuming work in a 2D environment. We also designed an Two-way search hybrid A* algorithm to improve the quality of local path planning. We transferred the designed algorithm to a simple embedded environment to test the computational load of the algorithm when running on a mobile robot. Experiments show that when deployed on a robot platform, the DRL-based algorithm in this article can achieve better planning results and consume less computing resources.

show abstract