Hardware Security and Trust pp 107-126
Scan Design: Basics, Advancements, and Vulnerabilities
The increasing design complexity of modern Integrated Chips (IC) has reflected into exacerbated challenges in manufacturing testing. In this respect, scan is the most widely used design for testability (DfT) technique that overcomes the manufacturing test challenges by enhancing the access and thus, testability. However, scan can also open a back door to an attacker when implemented in security critical chips. Although some applications disable access to the scan chains upon manufacturing test, other applications require this access to enable in-field testing and debugging capabilities. This chapter aims at providing testable yet secure scan-based DfT techniques. We first describe various cost-effective DfT techniques to overcome the test challenges, such as low controllability and observability, which in turn leads to high test cost and low test quality. In particular, we review the challenges and opportunities in widely utilized compression-based scan design. We then highlight the security vulnerabilities of basic scan as well as these advanced DfT techniques. We describe multiple scan attacks that misuse representative test infrastructures. A detailed analysis is also performed to figure out the fundamental limitations of these attacks.