Hardware Security and Trust

pp 107-126


Scan Design: Basics, Advancements, and Vulnerabilities

  • Samah Mohamed SaeedAffiliated withUniversity of Washington Email author 
  • , Sk Subidh AliAffiliated withNew York University
  • , Ozgur SinanogluAffiliated withNew York University

* Final gross prices may vary according to local VAT.

Get Access


The increasing design complexity of modern Integrated Chips (IC) has reflected into exacerbated challenges in manufacturing testing. In this respect, scan is the most widely used design for testability (DfT) technique that overcomes the manufacturing test challenges by enhancing the access and thus, testability. However, scan can also open a back door to an attacker when implemented in security critical chips. Although some applications disable access to the scan chains upon manufacturing test, other applications require this access to enable in-field testing and debugging capabilities. This chapter aims at providing testable yet secure scan-based DfT techniques. We first describe various cost-effective DfT techniques to overcome the test challenges, such as low controllability and observability, which in turn leads to high test cost and low test quality. In particular, we review the challenges and opportunities in widely utilized compression-based scan design. We then highlight the security vulnerabilities of basic scan as well as these advanced DfT techniques. We describe multiple scan attacks that misuse representative test infrastructures. A detailed analysis is also performed to figure out the fundamental limitations of these attacks.


AES Security DfT Scan Chain Decompressor Compactor Scan Attack Testability Test-Mode-Only Attack