CN110554305A - test control device, chip and method - Google Patents
test control device, chip and method Download PDFInfo
- Publication number
- CN110554305A CN110554305A CN201910847357.6A CN201910847357A CN110554305A CN 110554305 A CN110554305 A CN 110554305A CN 201910847357 A CN201910847357 A CN 201910847357A CN 110554305 A CN110554305 A CN 110554305A
- Authority
- CN
- China
- Prior art keywords
- test control
- unit
- signal
- test
- trigger
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Classifications
-
- G—PHYSICS
- G01—MEASURING; TESTING
- G01R—MEASURING ELECTRIC VARIABLES; MEASURING MAGNETIC VARIABLES
- G01R31/00—Arrangements for testing electric properties; Arrangements for locating electric faults; Arrangements for electrical testing characterised by what is being tested not provided for elsewhere
- G01R31/28—Testing of electronic circuits, e.g. by signal tracer
- G01R31/317—Testing of digital circuits
- G01R31/3181—Functional testing
- G01R31/3185—Reconfiguring for testing, e.g. LSSD, partitioning
- G01R31/318533—Reconfiguring for testing, e.g. LSSD, partitioning using scanning techniques, e.g. LSSD, Boundary Scan, JTAG
Landscapes
- Engineering & Computer Science (AREA)
- General Engineering & Computer Science (AREA)
- Physics & Mathematics (AREA)
- General Physics & Mathematics (AREA)
- Test And Diagnosis Of Digital Computers (AREA)
Abstract
the embodiment of the invention provides a test control device, a chip and a method, wherein the device comprises an authority analysis unit, a test control unit, a first shielding unit and an encryption unit; the permission analysis unit is used for verifying the permission information to be verified and sending a first trigger signal to the test control unit when the permission information passes verification; the test control unit is configured to send a first indication signal to the first shielding unit when receiving the first trigger signal and the first test control signal, where the first test control signal is used to indicate that a test mode is entered, and the first indication signal is used to indicate that the first shielding unit transmits key information to the encryption unit. The embodiment of the invention can realize the test of the key fault on the premise of ensuring the security of the key and improve the test coverage rate of the scan test based on the scan chain.
Description
Technical Field
The embodiment of the invention relates to the technical field of integrated circuits, in particular to a test control device, a chip and a method.
Background
scan test based on scan chains is a common test method in testability design, and can ensure high test coverage. The encrypted chip can be tested through scan chain-based scan testing. The encryption chip needs to send the secret key and the plaintext data into the encryption unit in the encryption process, and after a plurality of rounds of encryption operation, the encryption related information of each round is stored in the trigger of the encryption unit. An attacker can acquire the key information of the encryption chip by using a scan chain-based bypass attack mode. An attacker can carry out normal encryption operation when the encryption chip is in a functional mode, then the encryption chip is switched to a test mode, and the value of the trigger which stores encryption related information is shifted out of the scan chain for observation so as to crack the key information.
in the prior art, in order to prevent an attacker from using a scan chain-based bypass attack mode to perform key cracking, a method of shielding a key is generally adopted, specifically, a shielding unit is added in an encryption chip, and the key can be normally sent into the encryption unit to perform encryption operation without being shielded in a functional mode by controlling the shielding unit; in the test mode, the key is masked and the key information cannot be sent to the encryption unit to participate in the combinational logic operation. When the functional mode is switched to the test mode, the trigger which stores the encryption related information is reset, so that the intermediate state values shifted out from the scan chain are ensured to be irrelevant to the key, and an attacker cannot crack the key.
However, in the existing method for shielding the key, because the key does not participate in the combinational logic operation in the encryption unit in the test mode, although an attacker cannot break the key through the intermediate state value shifted out from the scan chain, a tester cannot test the key failure based on the scan test of the scan chain, and can only verify whether the key has the failure through the encryption operation in the functional mode. Therefore, the conventional method for shielding the key can cause that the scan test based on the scan chain cannot test the key failure, and the test coverage rate is lost.
disclosure of Invention
The embodiment of the invention provides a test control device, a chip and a method, which are used for solving the problems that the conventional method for shielding a key can not test key faults and the loss of test coverage rate exists because the scan test based on a scan chain can not be carried out.
In a first aspect, an embodiment of the present invention provides a test control apparatus, including: the device comprises an authority analysis unit, a test control unit, a first shielding unit and an encryption unit;
The permission analysis unit is connected with the test control unit, and the test control unit is connected with the first shielding unit;
The permission analysis unit is used for verifying the permission information to be verified and sending a first trigger signal to the test control unit when the permission information passes verification;
the test control unit is configured to send a first indication signal to the first shielding unit when receiving the first trigger signal and the first test control signal, where the first test control signal is used to indicate that a test mode is entered, and the first indication signal is used to indicate that the first shielding unit transmits key information to the encryption unit.
In a possible implementation manner, the permission analysis unit is further configured to send a second trigger signal to the test control unit when the permission information verification fails;
the test control unit is further configured to send a second indication signal to the first shielding unit when receiving the second trigger signal and the first test control signal, where the second indication signal is used to indicate the first shielding unit to shield key information.
In a possible implementation manner, the test control unit is further configured to send the first indication signal to the first shielding unit when receiving a second test control signal, where the second test control signal is used to indicate to enter a functional mode.
in a possible embodiment, the encryption unit comprises a flip-flop unit, a second masking unit, wherein the flip-flop unit comprises a plurality of flip-flops, the plurality of flip-flops forming at least one scan chain in the test mode;
The test control unit is connected with the second shielding unit, and the second shielding unit is connected with the trigger unit;
The test control unit is further configured to send the first indication signal to the second shielding unit, where the first indication signal is further configured to indicate the second shielding unit to stop shielding the at least one scan chain, so that the at least one scan chain outputs data stored in each flip-flop when receiving the output indication signal.
in one possible embodiment, the permission analysis unit comprises a controller, a state machine, a trigger generator;
The controller is connected with the state machine, the state machine is connected with the trigger generator, and the trigger generator is connected with the test control unit;
the controller is used for generating a plurality of state switching signals according to the authority information and sequentially sending each state switching signal to the state machine;
The state machine is used for switching states according to the state switching signals and sending a third indication signal to the trigger generator when the state machine is switched to a target state, wherein the target state is the state to which the state machine is finally switched when the authority information is correct;
And the trigger generator is used for generating the first trigger signal and sending the first trigger signal to the test control unit when the third indication signal is received.
In a possible implementation manner, the trigger generator is further configured to generate a second trigger signal and send the second trigger signal to the test control unit when the third indication signal is not received.
In a possible implementation manner, the permission information is information generated by a processor executing a functional instruction sequence input by a user and sent to the permission analysis unit.
in one possible embodiment, the test control unit includes an exclusive or gate, a clock gating unit, a first flip-flop, and an inverter;
A first input end of the exclusive-or gate is connected with the permission analysis unit, a second input end of the exclusive-or gate is connected with a test control signal, and an output end of the exclusive-or gate is connected with a signal input end of the first trigger;
the enable end of the clock gating unit is connected with a test control signal, the clock input end of the clock gating unit is connected with a clock signal, and the output end of the clock gating unit is connected with the clock input end of the first trigger;
The reset input end of the first trigger is connected with a reset signal, and the output end of the first trigger is connected with the input end of the phase inverter;
the output end of the phase inverter is respectively connected with the first shielding unit and the encryption unit.
In a possible embodiment, the first trigger signal is at a high level, and the first indication signal is at a high level.
In a second aspect, an embodiment of the present invention provides a chip, including: the test control apparatus according to the first aspect and various possible embodiments of the first aspect.
In a third aspect, an embodiment of the present invention provides a test control method, including:
The authority analysis unit verifies the authority information to be verified and sends a first trigger signal to the test control unit when the authority information passes the verification;
when receiving the first trigger signal and a first test control signal, the test control unit sends a first indication signal to the first shielding unit, wherein the first test control signal is used for indicating to enter a test mode, and the first indication signal is used for indicating the first shielding unit to transmit key information to the encryption unit.
in one possible embodiment, the method further comprises:
the permission analysis unit sends a second trigger signal to the test control unit when the permission information is not verified;
And the test control unit sends a second indication signal to the first shielding unit when receiving the second trigger signal and the first test control signal, wherein the second indication signal is used for indicating the first shielding unit to shield key information.
in one possible embodiment, the method further comprises:
And the test control unit sends the first indication signal to the first shielding unit when receiving a second test control signal, wherein the second test control signal is used for indicating to enter a functional mode.
in a possible implementation manner, the authority information is information generated by a chip processor executing a functional instruction sequence input by a user and sent to the authority analysis unit.
The test control device, the chip and the method provided by the embodiment of the invention comprise an authority analysis unit, a test control unit, a first shielding unit and an encryption unit; the authority analysis unit is connected with the test control unit, and the test control unit is connected with the first shielding unit; the authority analysis unit is used for verifying the authority information to be verified and sending a first trigger signal to the test control unit when the authority information passes verification; and the test control unit is used for sending a first indication signal to the first shielding unit when receiving the first trigger signal and the first test control signal, wherein the first test control signal is used for indicating to enter a test mode, and the first indication signal is used for indicating the first shielding unit to transmit the key information to the encryption unit. According to the embodiment of the invention, the authority information to be verified is verified through the authority analysis unit, when the verification is passed and the test mode is set, the first shielding unit is controlled to transmit the key information to the encryption unit, and the key information is not shielded, so that a tester with authority can test key faults based on scanning test of a scanning chain.
drawings
In order to more clearly illustrate the embodiments of the present invention or the technical solutions in the prior art, the drawings used in the description of the embodiments or the prior art will be briefly described below, and it is obvious that the drawings in the following description are only some embodiments of the present invention, and for those skilled in the art, other drawings can be obtained according to these drawings without creative efforts.
fig. 1 is a schematic structural diagram of a test control apparatus according to an embodiment of the present invention;
Fig. 2 is a schematic structural diagram of a test control apparatus according to another embodiment of the present invention;
Fig. 3 is a schematic structural diagram of a test control apparatus according to another embodiment of the present invention;
FIG. 4 is a schematic structural diagram of a test control unit in a test control apparatus according to yet another embodiment of the present invention;
FIG. 5 is a schematic diagram illustrating a comparison between a test control apparatus according to a next embodiment of the present invention and a conventional test control apparatus;
Fig. 6 is a schematic flowchart of a test control apparatus according to yet another embodiment of the present invention.
Description of reference numerals:
100: a right analysis unit;
110: a controller;
120: a state machine;
130: a trigger generator;
200: a test control unit;
210: an exclusive-or gate;
220: a clock gating unit;
230: a first flip-flop;
240: an inverter;
300: a first shielding unit;
400: an encryption unit;
410: a second shielding unit;
420: a trigger unit.
Detailed Description
The technical solutions in the embodiments of the present invention will be clearly and completely described below with reference to the drawings in the embodiments of the present invention, and it is obvious that the described embodiments are only a part of the embodiments of the present invention, and not all of the embodiments. All other embodiments, which can be derived by a person skilled in the art from the embodiments given herein without making any creative effort, shall fall within the protection scope of the present invention.
The terms "first," "second," "third," "fourth," and the like in the description and in the claims, as well as in the drawings, if any, are used for distinguishing between similar elements and not necessarily for describing a particular sequential or chronological order. It is to be understood that the data so used is interchangeable under appropriate circumstances such that the embodiments of the invention described herein are capable of operation in sequences other than those illustrated or described herein. Furthermore, the terms "comprises," "comprising," and "having," and any variations thereof, are intended to cover a non-exclusive inclusion, such that a process, method, system, article, or apparatus that comprises a list of steps or elements is not necessarily limited to those steps or elements expressly listed, but may include other steps or elements not expressly listed or inherent to such process, method, article, or apparatus.
The technical solution of the present invention will be described in detail below with specific examples. The following several specific embodiments may be combined with each other, and details of the same or similar concepts or processes may not be repeated in some embodiments.
in the prior art, scan test based on a scan chain is a common test method in testability design, and can ensure high test coverage rate. The testing method is characterized in that a selector is added in front of a common trigger and is connected in series to form a long chain consisting of a plurality of triggers. Two inputs of the selector, one from the scan input and the other from the combinational logic, are controlled by the scan enable signal to select the data input source of the flip-flop. In the test mode, when the scan enable is 1, the chip is in a shift state; when the scan enable is 0, the chip is in a capture state. In the shift state, after multiple beats of clock, the scan input value can be shifted into the flip-flop on the scan chain or the value in the flip-flop on the scan chain can be shifted out of the observation; in the capture state, the combined logic state value is captured into the flip-flop through one or more beats of the clock. In the whole test process, the whole chip circuit can be tested through multiple times of capture and shift switching.
The existing chip comprises a shielding unit and an encryption unit, and the shielding unit can be controlled to normally send a secret key into the encryption unit to carry out encryption operation without shielding when the chip is in a functional mode; and shielding the secret key when the chip is in a test mode, wherein the secret key cannot be sent into the encryption unit to participate in the combinational logic operation. And when the functional mode is switched to the test mode, the trigger which stores the encryption related information is reset, so that the intermediate state values shifted out from the scan chain are ensured to have no relation with the key.
if an attacker acquires the key of the encryption chip by using a scan chain-based bypass attack mode, the attacker can perform normal encryption operation when the encryption chip is in a functional mode and then switch to a test mode, but since the trigger storing the encryption related information is reset, the encryption related information is not stored in the trigger, and even if the attacker shifts out the value of the trigger through the scan chain for observation, the attacker cannot crack the key. And because the key is shielded and cannot be sent to the encryption unit to participate in the combinational logic operation in the test mode, even if an attacker switches the chip between the capture state and the shift state in the test mode, the register cannot store the related information of the key, so that the attacker cannot crack the key in the test mode.
However, in the existing method for shielding the key, because the key does not participate in the combinational logic operation in the encryption unit in the test mode, although an attacker cannot break the key through the intermediate state value shifted out from the scan chain, a tester cannot test the key failure based on the scan test of the scan chain, and can only verify whether the key has the failure through the encryption operation in the functional mode. For example, the key failure may be a transmission line interruption of the key into the encryption unit, a key error, or the like. Therefore, the conventional method for shielding the key can cause that the scan test based on the scan chain cannot test the key failure, and the test coverage rate is lost.
According to the embodiment of the invention, the authority information to be verified is verified through the authority analysis unit, when the verification is passed and the test mode is set, the first shielding unit is controlled to transmit the key information to the encryption unit, and the key information is not shielded, so that a tester with authority can test key faults based on scanning test of a scanning chain.
Fig. 1 is a schematic structural diagram of a test control apparatus according to an embodiment of the present invention. Referring to fig. 1, the test control apparatus provided in this embodiment includes: the device comprises an authority analysis unit 100, a test control unit 200, a first shielding unit 300 and an encryption unit 400.
The right analyzing unit 100 is connected to the test control unit 200, and the test control unit 200 is connected to the first shielding unit 300.
the permission analysis unit 100 is configured to verify permission information to be verified, and send a first trigger signal to the test control unit 200 when the permission information passes the verification.
The test control unit 200 is configured to send a first indication signal to the first shielding unit 300 when receiving the first trigger signal and the first test control signal. Wherein the first test control signal is used to instruct to enter the test mode, and the first indication signal is used to instruct the first shielding unit 300 to transmit the key information to the encryption unit 400.
In this embodiment, the specific form of the authority information is not limited herein, and for example, a specific string of characters may be used as the authority information, information obtained by a processor of the chip executing a specific set of function instructions may be used as the authority information, and other forms of the authority information may also be available, which are not limited herein. The permission analysis unit 100 may receive permission information input by a user, or permission information input by the user and forwarded by a processor of the chip, or permission information obtained by the processor of the chip executing a set of functional instructions input by the user, which is not limited herein.
The permission analysis unit 100 verifies the permission information to be verified, and the specific verification method may be to compare the permission information with preset reference information, or verify the permission information through state switching of the state machine 120, and the verification method is not limited herein. When the authority information is verified, the authority analysis unit 100 transmits a first trigger signal to the test control unit 200.
The test control unit 200 includes at least two inputs, one for receiving the trigger signal sent by the permission analysis unit 100, and the other for receiving the test control signal. Wherein the trigger signal includes at least two kinds: the first trigger signal represents that the authority information is verified to be passed, and the second trigger signal represents that the authority information is not verified to be passed. The test control signals comprise at least two types, namely a first test control signal and a second test control signal, the first test control signal is used for indicating to enter a test mode, and the second test control signal is used for indicating to enter a functional mode. The test control unit 200 may receive a test control signal input by a user or a test control signal transmitted by a processor of the chip, which is not limited herein.
In this embodiment, the tester can input correct authority information, and the attacker cannot input correct authority information. When the test control unit 200 receives the first trigger signal and the first test control signal, it indicates that the current user is in the test mode, and the right information passes verification, and the current user is a tester, but not an attacker, so that the test control unit 200 may send a first indication signal to the first shielding unit 300, instruct the first shielding unit 300 not to shield the key information, and transmit the key information to the encryption unit 400.
for convenience of description, the test patterns are divided into two types: a safe test mode and a non-safe test mode. The safety test mode refers to a test mode which does not shield the secret key and allows the secret key to participate in the combinational logic operation; the non-safety test mode refers to a test mode which shields the secret key and does not allow the secret key to participate in the combinational logic operation. Under the test mode, if the authority information passes the verification, entering a safety test mode; and if the authority information is not verified or the authority information is not verified, entering a non-safety test mode.
in this embodiment, by verifying the authority information, whether the user is a tester can be distinguished, and when it is determined that the user is a tester, the security test mode is entered, and the first shielding unit 300 is instructed not to shield the key, so that the tester can test the key failure by using a scan test based on a scan chain. Because the scan chain-based bypass attack mode is to use the scan chain formed by the connection of the trigger to carry out key decryption, and the scan chain is to use the connection structure on the hardware to carry out decryption, the security of the key cannot be ensured only by improving the chip from the software level. The test control device provided by the embodiment improves the structure and the control mode of the test control device, can effectively enable an attacker to utilize the scan chain to carry out key cracking, realizes the test of key faults on the premise of preventing the attacker from utilizing the scan chain to carry out key cracking, and improves the test coverage rate of scan test based on the scan chain.
The test control device provided by the embodiment of the invention comprises an authority analysis unit 100, a test control unit 200, a first shielding unit 300 and an encryption unit 400; the authority analysis unit 100 is connected with the test control unit 200, and the test control unit 200 is connected with the first shielding unit 300; the authority analysis unit 100 is configured to verify authority information to be verified, and send a first trigger signal to the test control unit 200 when the authority information passes the verification; the test control unit 200 is configured to send a first indication signal to the first shielding unit 300 when receiving a first trigger signal and the first test control signal, where the first test control signal is used to indicate that a test mode is entered, and the first indication signal is used to indicate that the first shielding unit 300 transmits the key information to the encryption unit 400. According to the embodiment of the invention, the authority information to be verified is verified, the first shielding unit 300 is controlled to transmit the key information to the encryption unit 400 when the authority information passes the verification and is in the test mode, and the key information is not shielded, so that a tester with authority can test the key fault based on the scan test of the scan chain, and since an attacker cannot pass the authority verification and cannot crack the key through the scan chain, the test of the key fault can be realized on the premise of ensuring the security of the key, and the test coverage rate of the scan test based on the scan chain is improved.
In a possible embodiment, the permission analysis unit 100 is further configured to send a second trigger signal to the test control unit 200 when the permission information verification fails.
The test control unit 200 is further configured to send a second indication signal to the first shielding unit 300 when receiving the second trigger signal and the first test control signal. The second indication signal is used to indicate the first shielding unit 300 to perform shielding processing on the key information.
in this embodiment, the authorization analysis unit 100 is further configured to send a second trigger signal to the test control unit 200 when the authorization information verification fails. When receiving the second trigger signal and the first test control signal, the test control unit 200 indicates that the current user is in the test mode, and the right information verification fails, and the current user is not a tester and may be an attacker, so that the test control unit may send a second indication signal to the first shielding unit 300 to indicate the first shielding unit 300 to shield the key information and not transmit the key information to the encryption unit 400. For example, the first shielding unit 300 may send preset interference information to the encryption unit 400 instead of the key information, and use the interference information to participate in the testing process, thereby ensuring the security of the key.
Alternatively, the first shielding unit 300 may be a multiplexer including at least two input terminals, a control terminal and an output terminal. One input of the multiplexer is used for accessing the key information and the other input is used for accessing the interference information (not shown in the figure). The control terminal of the multiplexer is used for receiving the indication signal sent by the test control unit 200. The output of the multiplexer is connected to an encryption unit 400. The multiplexer is used for selectively transmitting one of the key information and the interference information to the encryption unit 400 through the output terminal according to the indication signal. For example, the multiplexer transmits the key information to the encryption unit 400 upon receiving the first indication signal, and transmits the interference information to the encryption unit 400 upon receiving the second indication signal. The first shielding unit 300 may be implemented by other devices capable of selectively outputting certain path of data according to a control signal, which is not limited herein.
in the embodiment, by verifying the permission information, whether the user is a tester or not can be distinguished, the non-secure test mode is entered when the user is determined not to be the tester, the first shielding unit 300 is instructed to shield the secret key, and the secret key is not sent to the encryption module in the test process, so that an attacker is prevented from using a scan chain to crack the secret key, and the security of the secret key is ensured.
Alternatively, the authority analysis unit 100 always transmits the second trigger signal to the test control unit 200 when the authority information verification is not performed and the authority verification fails, and transmits the first trigger signal to the test control unit 200 only when the authority verification passes.
In a possible embodiment, the test control unit 200 is further configured to send a first indication signal to the first shielding unit 300 when receiving the second test control signal. Wherein the second test control signal is used to instruct entry into a functional mode.
In this embodiment, the second test control signal indicates to enter a functional mode, and in the functional mode, the encryption unit 400 performs a normal encryption operation on the data to be encrypted according to the key. When the test control unit 200 receives the second test control signal, no matter whether the permission analysis unit 100 sends the first trigger signal or the second trigger signal, the test control unit 200 sends a first indication signal to the first shielding unit 300 to indicate that the first shielding unit 300 does not shield the secret key, and sends the secret key to the encryption unit 400, so that the encryption unit 400 performs normal encryption operation.
Fig. 2 is a schematic structural diagram of a test control apparatus according to another embodiment of the present invention. Referring to fig. 2, in one possible embodiment, the encryption unit 400 is connected to the first shielding unit 300 and the test control unit 200, respectively. The encryption unit 400 includes a trigger unit 420 and a second shielding unit 410. Wherein the flip-flop unit 420 includes a plurality of flip-flops, the plurality of flip-flops forming at least one scan chain in the test mode.
The test control unit 200 is connected to the second shielding unit 410, and the second shielding unit 410 is connected to the flip-flop unit 420.
the test control unit 200 is further configured to send the first indication signal to the second shielding unit 410. The first indication signal is further used to instruct the second masking unit 410 to stop masking the at least one scan chain, so that the at least one scan chain outputs the data stored in each flip-flop when receiving the output indication signal.
In this embodiment, in addition to the first masking unit 300 for key masking, the encryption unit 400 further includes a second masking unit 410. The second shielding unit 410 is used for modifying and interfering the data shifted out from the scan chain to a certain extent, so as to confuse the data observed by the scan chain, so that an attacker cannot obtain the real state value stored in the trigger in the encryption module, thereby further preventing the attacker from performing key decryption through the scan chain.
When receiving the first trigger signal and the first test control signal, the test control unit 200 sends the first indication signal to the second shielding unit 410 in addition to the first indication signal to the first shielding unit 300, and instructs the second shielding unit 410 to stop shielding the scan chain. In this way, in the safe test mode, when the at least one scan chain receives the output indication signal, the data stored by each trigger in the scan chain can be output, so that a tester can perform test analysis according to the data.
Optionally, the test control unit 200 is further configured to send a second indication signal to the second shielding unit 410. The second indication signal is further used for indicating the shielding processing of the second shielding unit 410 on the at least one scan chain, so that the at least one scan chain cannot output the real data stored by each flip-flop in the scan chain, thereby preventing an attacker from key cracking through the scan chain.
alternatively, the second shielding unit 410 may be implemented by an and gate, or a trigger generator, and the like, which is not limited herein. For example, the second shielding unit 410 may be implemented by a trigger generator, an input of which receives the indication signal sent by the test control unit 200. The output of the trigger generator is connected to the enable of each flip-flop in flip-flop cell 420. Upon receiving the first indication signal, the trigger generator outputs an enable signal to enable each of the flip-flops in the flip-flop unit 420, at which time each of the flip-flops in the flip-flop unit 420 can output the stored data. Upon receiving the first indication signal, the trigger generator outputs an enable signal (e.g., a high level signal) to enable each flip-flop in the flip-flop unit 420, and at this time, each flip-flop in the flip-flop unit 420 can normally output the stored data to stop the shielding effect on the scan chain. When the second indication signal is received, the trigger generator outputs an enable disable signal (e.g., a low level signal) to disable each flip-flop in the flip-flop unit 420, and at this time, each flip-flop in the flip-flop unit 420 cannot normally output the stored data, thereby implementing the shielding effect on the scan chain.
The second shielding unit 410 may also be implemented by an and gate, which may include at least two inputs, one output. The two input ends of the AND gate are respectively connected with a test control signal and an indication signal. The output of the and gate is connected to the enable of each flip-flop in flip-flop cell 420. Upon receiving the first test control signal and the first indication signal, the and gate outputs an enable signal (e.g., a high level signal) to enable each flip-flop in the flip-flop unit 420, and at this time, each flip-flop in the flip-flop unit 420 can normally output stored data, and the shielding effect on the scan chain is stopped. When the first test control signal and the second indication signal are received, an enable disable signal (e.g., a low level signal) is output to disable each flip-flop in the flip-flop unit 420, and at this time, each flip-flop in the flip-flop unit 420 cannot normally output stored data, so that the shielding effect on the scan chain is achieved.
In the present embodiment, the first shielding unit 300 and the second shielding unit 400 prevent an attacker from key cracking from two different angles, respectively. The second masking unit 410 is to enable and control the flip-flops in the flip-flop unit 420 according to the test control signal and the indication signal to control whether the flip-flops output the stored values. And the first masking unit 300 is a unit that selectively inputs the key information and the interference information to perform the encryption logic operation in the encryption unit 400 according to the indication signal to participate in the encryption logic operation.
fig. 3 is a schematic structural diagram of a test control apparatus according to another embodiment of the present invention. Referring to fig. 3, in one possible implementation, the privilege analysis unit 100 includes a controller 110, a state machine 120, and a trigger generator 130.
The controller 110 is connected to the state machine 120, the state machine 120 is connected to the trigger generator 130, and the trigger generator 130 is connected to the test control unit 200.
the controller 110 is configured to generate a plurality of state switching signals according to the authority information, and sequentially send each state switching signal to the state machine 120.
And the state machine 120 is configured to perform state switching according to each state switching signal, and send a third indication signal to the trigger generator 130 when the state machine is switched to the target state. Wherein the target state is the state to which the state machine 120 finally switches when the authority information is correct.
and a trigger generator 130, configured to generate a first trigger signal when receiving the third indication signal, and send the first trigger signal to the test control unit 200.
In this embodiment, the controller 110 may generate a plurality of state switching signals according to the authority information and sequentially transmit the respective state switching signals to the state machine 120. The state machine 120 sequentially performs state switching according to the respective state switching signals. For example, the permission information is divided into a plurality of sub-segment information, and each sub-segment information corresponds to one status switching signal.
If the authority information is correct, the state machine 120 switches the states according to the state switching signals in sequence, and finally switches to the specified target state. If the authority information is incorrect, the state machine 120 switches states according to the state switching signals in sequence, and cannot switch to the specified target state. The state machine 120 will only send the third indication signal to the trigger generator 130 when switching to the target state, and none of the other states will send the third indication signal to the trigger generator 130.
When receiving the third indication signal, the trigger generator 130 generates a first trigger signal and sends the first trigger signal to the test control unit 200. Alternatively, the trigger generator 130 may be implemented by a combination of a plurality of triggers and a plurality of gates, and the number of the triggers and the gates may be determined according to specific situations; in addition, the trigger generator 130 may also be a structure that realizes the above functions through other circuit structures, and is not described herein again.
The verification of the authority information can be achieved through the controller 110, the state machine 120, and the trigger generator 130, and a first trigger signal is transmitted to the test control unit 200 when the verification passes.
in one possible embodiment, the authority information is information generated by a processor executing a sequence of functional instructions input by a user and sent to the authority analysis unit 100.
In this embodiment, the chip includes a processor and the test control apparatus provided in this embodiment. The processor in the chip can realize functions of communicating with an external device, controlling other devices in the chip, storing or transmitting data to be encrypted, an encryption result and the like. The test control device can realize the function of controlling the working mode of the encryption unit. A processor in the chip may receive a sequence of functional instructions input by a user. The sequence of functional instructions comprises a plurality of instructions executable by the processor. Execution of the sequence of functional instructions by the processor may generate a plurality of decoded information. The processor in the chip will generate a plurality of decoded information to the controller 110 in the authority analysis unit 100. The controller 110 may send each decoded information to the state machine 120 in sequence as a state switching signal, or send each decoded information to the state machine 120 in sequence as a state switching signal.
in the embodiment, the decoding information of the functional instruction sequence is used as the authority information for verification, the original functional instruction of the chip processor can be utilized, other instructions and verification rules are not required to be additionally set, and through the combination of the functional instruction sequence and the state machine 120, an attacker can be prevented from cracking the authority information to the greatest extent, so that the safety is high.
In a possible embodiment, the trigger generator 130 is further configured to generate a second trigger signal when the third indication signal is not received, and send the second trigger signal to the test control unit 200.
In this embodiment, the trigger generator 130 generates the first trigger signal only when receiving the third indication signal, and always generates the second trigger signal when not receiving the third indication signal. For example, the first trigger signal is a high level signal, and the second trigger signal is a low level signal. The trigger generator 130 outputs a low level signal to the test control unit 200 under a default condition, and outputs a high level signal to the test control unit 200 only when receiving a third indication signal sent by the state machine.
Fig. 4 is a schematic structural diagram of a test control unit 200 in a test control apparatus according to yet another embodiment of the present invention. Referring to fig. 4, in one possible embodiment, the test control unit 200 includes an xor gate 210, a clock gating unit 220, a first flip-flop 230, and an inverter 240.
A first input terminal of the xor gate 210 is connected to the permission analysis unit 100, a second input terminal of the xor gate 210 is connected to the test control signal, and an output terminal of the xor gate 210 is connected to a signal input terminal of the first flip-flop 230.
the enable terminal of the clock gating unit 220 is connected to the test control signal, the clock input terminal of the clock gating unit 220 is connected to the clock signal, and the output terminal of the clock gating unit 220 is connected to the clock input terminal of the first flip-flop 230.
The reset input of the first flip-flop 230 receives a reset signal, and the output of the first flip-flop 230 is connected to the input of the inverter 240.
The output terminal of the inverter 240 is connected to the first shielding unit 300 and the encryption unit 400, respectively.
in the present embodiment, the xor gate 210 xors the test control signal and the trigger signal, and then outputs the result of the xor processing to the first flip-flop 230. The clock of the first flip-flop 230 is controlled by the clock gating unit 220, and the clock gating unit 220 outputs the accessed clock signal to the first flip-flop 230 when receiving the first test control signal, so as to provide the clock signal for the first flip-flop 230.
In the functional mode, the clock gating unit 220 is disabled, the output value of the first flip-flop 230 is 0 after reset, and the signal output by the inverter 240 is 1, which is the first indication signal. In the test mode, the clock of the first flip-flop 230 is active, and the signal output from the inverter 240 is determined by the test control signal and the trigger signal. When the test control signal is the first test control signal and the trigger signal is the first trigger signal, the inverter 240 outputs the first indication signal.
in this embodiment, the xor gate 210, the clock gating unit 220, the first flip-flop 230, and the inverter 240 are used to correspondingly control the first shielding unit 300 according to the permission information verification result and the test control signal.
in a possible embodiment, the first trigger signal is at a high level, and the first indication signal is at a high level.
in this embodiment, the trigger signals transmitted by the authority analysis unit 100 include a first trigger signal and a second trigger signal. The first trigger signal is high level and represents that the authority information passes verification; the second trigger signal is low level, and represents that the authority information is not verified or is not verified.
The indication signals transmitted by the test control unit 200 include a first indication signal and a second indication signal. Wherein, the first indication signal is at a high level, indicating that the first shielding unit 300 does not shield the secret key; the second indication signal is low indicating that the first masking unit 300 masks the key.
optionally, the test control signal comprises a first test control signal and a second test control signal. The first test control signal is at a high level and indicates to enter a test mode; the second test control signal is low indicating entry into the functional mode.
Fig. 5 is a schematic diagram illustrating a comparison between mode switching of a test control apparatus according to a next embodiment of the present invention and mode switching of a conventional test control apparatus. Fig. 5(a) is a schematic diagram illustrating mode switching of a conventional test control apparatus, and fig. 5(b) is a schematic diagram illustrating mode switching of a test control apparatus according to a next embodiment of the present invention.
referring to fig. 5(a), the chip operation mode includes a functional mode and a test mode, and when the test control signal is 0, the chip enters the functional mode; when the test control signal is 1, the chip enters a test mode.
referring to fig. 5(b), the embodiment of the present invention divides the test mode into a secure test mode and a non-secure test mode, and controls the mode switching of the chip by the trigger signal and the test control signal. When the test control signal jumps from 0 to 1, the chip is switched from the functional mode to the test mode, and at this time, if the trigger signal is 1, the chip enters the safe test mode, and if the trigger signal is 0, the chip enters the unsafe test mode. When the test control signal changes from 1 jump to 0, the chip returns to the normal functional mode from the test mode.
Fig. 6 is a schematic flowchart of a test control apparatus according to yet another embodiment of the present invention. Referring to fig. 6, after the chip is powered on and enters the working mode, if the test control signal TC is set to 0, the chip enters the normal functional mode. The operation in the functional mode is not related to the test permission verification, and no matter whether the user performs the test permission verification or passes the verification, the trigger signal generated by the permission analysis unit 100 does not affect the functional operation. When TC is 0, the first masking unit 300 selects to output and feed the key to the encryption unit 400. And the second shielding unit 410 does not shield the trigger in the encryption unit 400, and the encryption module can perform normal encryption operation and output a ciphertext.
After the chip is powered on, if the chip passes the test permission verification under the functional mode in advance, but the TC is directly set to be 1, the chip enters the non-safety test mode. Or when the chip is in the functional mode, the user does not perform the test authority verification or the verification fails, the TC signal is set from 0 to 1, and the chip is switched to the non-safety test mode. In the non-secure mode, the indication signal of the test control unit 200 is sent to the shielding unit (including the first shielding unit 300 and/or the second shielding unit 410), and then the shielding unit performs corresponding shielding processing on the key and the trigger in the encryption module, so that an attacker cannot recover the key by scanning the removed value.
if the user wants to enter the safety test mode, the user needs to input a correct functional instruction sequence in the functional mode to perform the test permission verification. And after the test authority passes the verification, the TC signal is set from 0 to 1, and the chip is switched to a safety test mode. In the security test mode, the first trigger signal generated by the permission analysis unit 100 is sent to the test control unit 200, and the test control unit 200 generates a corresponding indication signal to shield the key and the trigger in the encryption unit 400 from the shielding unit, so that the encryption unit 400 can perform a normal scan test without affecting the fault coverage.
The embodiment can test the authority verification of the user, and ensure that an attacker without the authority cannot acquire the key information. For the tester, after entering the security test mode through the test authority verification, the key is not shielded, the value of the flip-flop in the encryption unit 400 is not confused or interfered after being shifted out through the scan chain, and the scan test does not need to modify the test vector and can detect the key fault. For an attacker, the attacker cannot pass the test authority verification, only the functional mode can enter the non-secure mode, the key is shielded, the value of the trigger in the encryption unit 400 is interfered when the trigger is shifted out from the observation, and the attacker cannot crack the key according to the wrong observation value.
The embodiment of the invention also provides a chip. The chip comprises a test control device as described in the above embodiments.
According to the chip provided by the embodiment of the invention, through verifying the authority information to be verified, the first shielding unit 300 is controlled to transmit the key information to the encryption unit 400 when the authority information passes the verification and is in the test mode, and the key information is not shielded, so that a tester with authority can test key faults based on scan test of a scan chain.
The embodiment of the invention also provides a test control method. The method comprises the following steps:
the authority analysis unit 100 verifies authority information to be verified, and transmits a first trigger signal to the test control unit 200 when the verification passes.
The test control unit 200 sends a first indication signal to the first shielding unit 300 when receiving the first trigger signal and the first test control signal. Wherein the first test control signal is used to instruct to enter the test mode, and the first indication signal is used to instruct the first shielding unit 300 to transmit the key information to the encryption unit 400.
According to the test control method provided by the embodiment of the invention, the right information to be verified is verified, the first shielding unit 300 is controlled to transmit the key information to the encryption unit 400 when the verification is passed and the test mode is set, the key information is not shielded, so that a tester with the right can test the key fault based on the scan test of the scan chain, and since an attacker cannot pass the right verification and cannot crack the key through the scan chain, the test of the key fault can be realized on the premise of ensuring the security of the key, and the test coverage rate of the scan test based on the scan chain is improved.
In a possible embodiment, the method further includes:
The authority analysis unit 100 transmits a second trigger signal to the test control unit 200 when the authority information verification fails.
The test control unit 200 sends a second indication signal to the first shielding unit 300 when receiving the second trigger signal and the first test control signal. The second indication signal is used to indicate the first shielding unit 300 to perform shielding processing on the key information.
In a possible embodiment, the method further includes:
The test control unit 200 sends a first indication signal to the first shielding unit 300 when receiving a second test control signal, where the second test control signal is used to indicate entering a functional mode.
In one possible embodiment, the authority information is information generated by the chip processor executing a sequence of functional instructions input by a user and sent to the authority analysis unit 100.
the specific implementation process of the test control method provided by the embodiment of the invention can be referred to the embodiment of the test control device, the implementation principle and the technical effect are similar, and details are not repeated here.
Finally, it should be noted that: the above embodiments are only used to illustrate the technical solution of the present invention, and not to limit the same; while the invention has been described in detail and with reference to the foregoing embodiments, it will be understood by those skilled in the art that: the technical solutions described in the foregoing embodiments may still be modified, or some or all of the technical features may be equivalently replaced; and the modifications or the substitutions do not make the essence of the corresponding technical solutions depart from the scope of the technical solutions of the embodiments of the present invention.
Claims (14)
1. A test control apparatus, comprising: the device comprises an authority analysis unit, a test control unit, a first shielding unit and an encryption unit;
The permission analysis unit is connected with the test control unit, and the test control unit is connected with the first shielding unit;
The permission analysis unit is used for verifying the permission information to be verified and sending a first trigger signal to the test control unit when the permission information passes verification;
The test control unit is configured to send a first indication signal to the first shielding unit when receiving the first trigger signal and the first test control signal, where the first test control signal is used to indicate that a test mode is entered, and the first indication signal is used to indicate that the first shielding unit transmits key information to the encryption unit.
2. The test control device according to claim 1, wherein the permission analysis unit is further configured to send a second trigger signal to the test control unit when the permission information is not verified;
The test control unit is further configured to send a second indication signal to the first shielding unit when receiving the second trigger signal and the first test control signal, where the second indication signal is used to indicate the first shielding unit to shield key information.
3. the apparatus according to claim 2, wherein the test control unit is further configured to send the first indication signal to the first masking unit when receiving a second test control signal, wherein the second test control signal is used to indicate entering a functional mode.
4. The test control apparatus of claim 1, wherein the encryption unit comprises a flip-flop unit, a second masking unit, wherein the flip-flop unit comprises a plurality of flip-flops, the plurality of flip-flops forming at least one scan chain in a test mode;
the test control unit is connected with the second shielding unit, and the second shielding unit is connected with the trigger unit;
The test control unit is further configured to send the first indication signal to the second shielding unit, where the first indication signal is further configured to indicate the second shielding unit to stop shielding the at least one scan chain, so that the at least one scan chain outputs data stored in each flip-flop when receiving the output indication signal.
5. The test control device of claim 1, wherein the authority analysis unit comprises a controller, a state machine, a trigger generator;
The controller is connected with the state machine, the state machine is connected with the trigger generator, and the trigger generator is connected with the test control unit;
The controller is used for generating a plurality of state switching signals according to the authority information and sequentially sending each state switching signal to the state machine;
The state machine is used for switching states according to the state switching signals and sending a third indication signal to the trigger generator when the state machine is switched to a target state, wherein the target state is the state to which the state machine is finally switched when the authority information is correct;
and the trigger generator is used for generating the first trigger signal and sending the first trigger signal to the test control unit when the third indication signal is received.
6. The test control device of claim 5, wherein the trigger generator is further configured to generate a second trigger signal and send the second trigger signal to the test control unit when the third indication signal is not received.
7. The test control device of claim 1, wherein the permission information is information generated by a processor executing a sequence of functional instructions input by a user and sent to the permission analysis unit.
8. The test control device of any one of claims 1-7, wherein the test control unit comprises an exclusive-or gate, a clock gating unit, a first flip-flop, an inverter;
A first input end of the exclusive-or gate is connected with the permission analysis unit, a second input end of the exclusive-or gate is connected with a test control signal, and an output end of the exclusive-or gate is connected with a signal input end of the first trigger;
The enable end of the clock gating unit is connected with a test control signal, the clock input end of the clock gating unit is connected with a clock signal, and the output end of the clock gating unit is connected with the clock input end of the first trigger;
the reset input end of the first trigger is connected with a reset signal, and the output end of the first trigger is connected with the input end of the phase inverter;
The output end of the phase inverter is respectively connected with the first shielding unit and the encryption unit.
9. The test control device of any one of claims 1-7, wherein the first trigger signal is high and the first indicator signal is high.
10. A chip, comprising: a test control apparatus as claimed in any one of claims 1 to 9.
11. A test control method, comprising:
The authority analysis unit verifies the authority information to be verified and sends a first trigger signal to the test control unit when the authority information passes the verification;
When receiving the first trigger signal and a first test control signal, the test control unit sends a first indication signal to the first shielding unit, wherein the first test control signal is used for indicating to enter a test mode, and the first indication signal is used for indicating the first shielding unit to transmit key information to the encryption unit.
12. The test control method of claim 11, further comprising:
the permission analysis unit sends a second trigger signal to the test control unit when the permission information is not verified;
And the test control unit sends a second indication signal to the first shielding unit when receiving the second trigger signal and the first test control signal, wherein the second indication signal is used for indicating the first shielding unit to shield key information.
13. the test control method of claim 12, further comprising:
and the test control unit sends the first indication signal to the first shielding unit when receiving a second test control signal, wherein the second test control signal is used for indicating to enter a functional mode.
14. the test control method according to any one of claims 11 to 13, wherein the authority information is information generated by a processor executing a sequence of functional instructions input by a user and sent to the authority analysis unit.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201910847357.6A CN110554305B (en) | 2019-09-09 | 2019-09-09 | Test control device, chip and method |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201910847357.6A CN110554305B (en) | 2019-09-09 | 2019-09-09 | Test control device, chip and method |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN110554305A true CN110554305A (en) | 2019-12-10 |
| CN110554305B CN110554305B (en) | 2021-11-09 |
Family
ID=68739631
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201910847357.6A Active CN110554305B (en) | 2019-09-09 | 2019-09-09 | Test control device, chip and method |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN110554305B (en) |
Cited By (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN113533942A (en) * | 2021-09-15 | 2021-10-22 | 上海矽久微电子有限公司 | Chip testing system and method |
Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN102112889A (en) * | 2008-08-08 | 2011-06-29 | Nxp股份有限公司 | Circuit with testable circuit coupled to privileged information supply circuit |
| US20120191403A1 (en) * | 2011-01-20 | 2012-07-26 | International Business Machines Corporation | Protecting chip settings using secured scan chains |
| CN108896903A (en) * | 2018-06-13 | 2018-11-27 | 天津大学 | The gradually verifying type security sweep chain apparatus and method of logic-based encryption |
| CN109633422A (en) * | 2018-12-21 | 2019-04-16 | 长沙理工大学 | The encryption chip safety detecting method obscured based on scanning |
-
2019
- 2019-09-09 CN CN201910847357.6A patent/CN110554305B/en active Active
Patent Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN102112889A (en) * | 2008-08-08 | 2011-06-29 | Nxp股份有限公司 | Circuit with testable circuit coupled to privileged information supply circuit |
| US20120191403A1 (en) * | 2011-01-20 | 2012-07-26 | International Business Machines Corporation | Protecting chip settings using secured scan chains |
| CN108896903A (en) * | 2018-06-13 | 2018-11-27 | 天津大学 | The gradually verifying type security sweep chain apparatus and method of logic-based encryption |
| CN109633422A (en) * | 2018-12-21 | 2019-04-16 | 长沙理工大学 | The encryption chip safety detecting method obscured based on scanning |
Non-Patent Citations (1)
| Title |
|---|
| 陈冬明: "密钥隔离安全扫描链电路设计与实现", 《中国优秀硕士学位论文全文数据库 信息科技辑》 * |
Cited By (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN113533942A (en) * | 2021-09-15 | 2021-10-22 | 上海矽久微电子有限公司 | Chip testing system and method |
| CN113533942B (en) * | 2021-09-15 | 2021-11-30 | 上海矽久微电子有限公司 | Chip testing system and method |
Also Published As
| Publication number | Publication date |
|---|---|
| CN110554305B (en) | 2021-11-09 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| Da Rolt et al. | Test versus security: Past and present | |
| Wang et al. | Secure scan and test using obfuscation throughout supply chain | |
| Cui et al. | Static and dynamic obfuscations of scan data against scan-based side-channel attacks | |
| EP3543881B1 (en) | Chip access method, security control module, chip and debugging device | |
| DaRolt et al. | Scan attacks and countermeasures in presence of scan response compactors | |
| JP2013535058A (en) | Method and apparatus for providing scan chain security | |
| Cui et al. | A new PUF based lock and key solution for secure in-field testing of cryptographic chips | |
| Atobe et al. | Secure scan design with dynamically configurable connection | |
| Razzaq et al. | SSTKR: Secure and testable scan design through test key randomization | |
| Cui et al. | Why current secure scan designs fail and how to fix them? | |
| Wang et al. | Cyber-attacks related to intelligent electronic devices and their countermeasures: A review | |
| CN110554305B (en) | Test control device, chip and method | |
| Li et al. | Scan chain based attacks and countermeasures: A survey | |
| Voyiatzis et al. | Efficient triggering of Trojan hardware logic | |
| Berthomé et al. | High level model of control flow attacks for smart card functional security | |
| Valea et al. | Encryption-based secure JTAG | |
| EP2720402B1 (en) | Hardware encryption and decryption apparatus using a N round aes algorithm | |
| US11856096B2 (en) | Defense of JTAG I/O network | |
| Chen et al. | Partial scan design against scan-based side channel attacks | |
| Guo et al. | EOP: An encryption-obfuscation solution for protecting PCBs against tampering and reverse engineering | |
| Nara et al. | State-dependent changeable scan architecture against scan-based side channel attacks | |
| Rosenfeld et al. | Attacks and defenses for JTAG | |
| Lata | An approach towards resisting side-channel attacks for secured testing of advanced encryption algorithm (AES) cryptochip | |
| US20160245862A1 (en) | Non-Intrusive Monitoring | |
| Chen et al. | Balancing testability and security by configurable partial scan design |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| CB02 | Change of applicant information |
Address after: 100095 Building 2, Longxin Industrial Park, Zhongguancun environmental protection technology demonstration park, Haidian District, Beijing Applicant after: Loongson Zhongke Technology Co.,Ltd. Address before: 100095 Building 2, Longxin Industrial Park, Zhongguancun environmental protection technology demonstration park, Haidian District, Beijing Applicant before: LOONGSON TECHNOLOGY Corp.,Ltd. |
|
| CB02 | Change of applicant information | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |