Abstract: Various embodiments of the present disclosure provide a scan-based architecture for register-transfer-level (RTL) or gate-level designs that improves the security of scan chain-based design-for-testability (DFT) structures. In various embodiments, the scan-based architecture includes invisible scan chains that are hidden in such a way that an attacker cannot easily identify or locate the invisible scan chains for exploitation and revealing internal secure information of the design. The invisible scan chains are dynamically configurable into a scan chain with select flip-flops, such that scan paths of the invisible scan chains may be different between different designs, chips, or testing operations. Various embodiments further employ key-based obfuscation by combining a scan control finite state machine with existing state machines within a design, which improves design security against unauthorized use and increases confidentiality.

Abstract: Various embodiments of the present disclosure provide a scan-based architecture for register-transfer-level (RTL) or gate-level designs that improves the security of scan chain-based design-for-testability (DFT) structures. In various embodiments, the scan-based architecture includes invisible scan chains that are hidden in such a way that an attacker cannot easily identify or locate the invisible scan chains for exploitation and revealing internal secure information of the design. The invisible scan chains are dynamically configurable into a scan chain with select flip-flops, such that scan paths of the invisible scan chains may be different between different designs, chips, or testing operations. Various embodiments further employ key-based obfuscation by combining a scan control finite state machine with existing state machines within a design, which improves design security against unauthorized use and increases confidentiality.

Abstract: A method and system for evaluating software tools that detect malicious hardware modifications is provided. In one embodiment, among others, a system comprises a computing device and an application. The application causes the computing device to at least receive hardware description language code that represents a circuit design and calculate a signal probability for one or more nodes in the circuit design. The application also causes the computing device to identify one or more rare nodes in the circuit design and generate a Trojan sample population. The application further causes the computing device to generate a feasible Trojan population and generate a Trojan test instance based at least in part on a random selection from the Trojan feasible population. Additionally, the application causes the computing device to generate modified hardware description code from the Trojan test instance.

Abstract: A joint compression and encryption system is configured to retrieve, from a local memory or image capture device, an image file including a first plurality of segments. The system is further configured to identify, for one or more segment of the first plurality of segments, a matching segment in a local segmentation repository. The system is further configured to compress remaining segments of the first plurality of segments for which no matching segment was identified into a compressed remaining segment set. The system is further configured to transmit, via an unsecure communication channel and to a second computing entity, the identifications of the matching segments, and the compressed remaining segment set. The system is further configured to, prior to retrieving the image file, perform a handshake or calibration process. The system is further configured to encrypt the matching segments using a key into an encrypted segment set and transmit the key to the second computing entity.

Abstract: A method and system for evaluating software tools that detect malicious hardware modifications is provided. In one embodiment, among others, a system comprises a computing device and an application. The application causes the computing device to at least receive hardware description language code that represents a circuit design and calculate a signal probability for one or more nodes in the circuit design. The application also causes the computing device to identify one or more rare nodes in the circuit design and generate a Trojan sample population. The application further causes the computing device to generate a feasible Trojan population and generate a Trojan test instance based at least in part on a random selection from the Trojan feasible population. Additionally, the application causes the computing device to generate modified hardware description code from the Trojan test instance.