可重构扫描网络安全弱点的最小见证

2020 IEEE European Test Symposium (ETS) Pub Date : 2020-05-01 DOI:10.1109/ETS48528.2020.9131566

Pascal Raiola, Tobias Paxian, B. Becker

{"title":"可重构扫描网络安全弱点的最小见证","authors":"Pascal Raiola, Tobias Paxian, B. Becker","doi":"10.1109/ETS48528.2020.9131566","DOIUrl":null,"url":null,"abstract":"Reconfigurable Scan Networks (RSNs) allow flexible access to embedded instruments for post-silicon validation and debug or diagnosis. However, the increased observability and controllability can be exploited by an attacker to manipulate or read out sensitive data, if no adequate precautions are taken by the designer. For large RSNs taking those precautions without algorithmic support is virtually impossible. This work proposes a method to automatically generate “minimal witnesses” demonstrating security weaknesses w.r.t. data flow in RSNs. The method provides condensed information to the designer on how to prevent data flow attacks, e.g. by locally modifying the RSN or by preventing active scan paths which contain those minimal witnesses. Experimental results confirm the applicability of the proposed method to diverse benchmark sets, including large designs. Additionally, the benefit of generating “minimal witnesses” for security weaknesses is shown.","PeriodicalId":267309,"journal":{"name":"2020 IEEE European Test Symposium (ETS)","volume":"1 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2020-05-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"1","resultStr":"{\"title\":\"Minimal Witnesses for Security Weaknesses in Reconfigurable Scan Networks\",\"authors\":\"Pascal Raiola, Tobias Paxian, B. Becker\",\"doi\":\"10.1109/ETS48528.2020.9131566\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"Reconfigurable Scan Networks (RSNs) allow flexible access to embedded instruments for post-silicon validation and debug or diagnosis. However, the increased observability and controllability can be exploited by an attacker to manipulate or read out sensitive data, if no adequate precautions are taken by the designer. For large RSNs taking those precautions without algorithmic support is virtually impossible. This work proposes a method to automatically generate “minimal witnesses” demonstrating security weaknesses w.r.t. data flow in RSNs. The method provides condensed information to the designer on how to prevent data flow attacks, e.g. by locally modifying the RSN or by preventing active scan paths which contain those minimal witnesses. Experimental results confirm the applicability of the proposed method to diverse benchmark sets, including large designs. Additionally, the benefit of generating “minimal witnesses” for security weaknesses is shown.\",\"PeriodicalId\":267309,\"journal\":{\"name\":\"2020 IEEE European Test Symposium (ETS)\",\"volume\":\"1 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2020-05-01\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"1\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"2020 IEEE European Test Symposium (ETS)\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/ETS48528.2020.9131566\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"2020 IEEE European Test Symposium (ETS)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/ETS48528.2020.9131566","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 1

摘要

可重构扫描网络(rsn)允许灵活访问嵌入式仪器，用于硅后验证和调试或诊断。然而，如果设计人员没有采取足够的预防措施，攻击者可以利用增加的可观察性和可控性来操纵或读出敏感数据。对于大型rsn来说，在没有算法支持的情况下采取这些预防措施实际上是不可能的。这项工作提出了一种自动生成“最小证人”的方法，该方法可以在rsn中的数据流中显示安全弱点。该方法为设计人员提供了关于如何防止数据流攻击的简明信息，例如，通过本地修改RSN或通过阻止包含这些最小证人的活动扫描路径。实验结果证实了该方法适用于各种基准集，包括大型设计。此外，还显示了为安全性弱点生成“最小见证”的好处。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

查看原文

微信好友朋友圈 QQ好友复制链接

本刊更多论文

Minimal Witnesses for Security Weaknesses in Reconfigurable Scan Networks

Reconfigurable Scan Networks (RSNs) allow flexible access to embedded instruments for post-silicon validation and debug or diagnosis. However, the increased observability and controllability can be exploited by an attacker to manipulate or read out sensitive data, if no adequate precautions are taken by the designer. For large RSNs taking those precautions without algorithmic support is virtually impossible. This work proposes a method to automatically generate “minimal witnesses” demonstrating security weaknesses w.r.t. data flow in RSNs. The method provides condensed information to the designer on how to prevent data flow attacks, e.g. by locally modifying the RSN or by preventing active scan paths which contain those minimal witnesses. Experimental results confirm the applicability of the proposed method to diverse benchmark sets, including large designs. Additionally, the benefit of generating “minimal witnesses” for security weaknesses is shown.

求助全文

通过发布文献求助，成功后即可免费获取论文全文。去求助

来源期刊

2020 IEEE European Test Symposium (ETS)

自引率

0.00%

发文量