Google search

ASSET paper on JTAG security is best-of-show at AUTOTESTCON 2019

Fri, August 30, 2019

Richardson, TX (August 30, 2019) – A paper written by ASSET® InterTech’s vice president of sales, Alan Sguigna, has been given the Walter E. Peterson Best Technical Paper Award at the recent AUTOTESTCON 2019 in National Harbor, MD. ASSET is a leading supplier of JTAG-based software and hardware debug, validation and test tools.

 

AUTOTESTCON is an annual exhibition and conference sponsored by the IEEE, the Institute of Electrical and Electronics Engineers. Attendees and exhibitors are involved in electronic test technology for the defense industry. The theme of AUTOTESTCON 2019 was “Increased Mission Effectiveness Through Advanced Test and Support Technology”. ASSET’s flagship products, the ScanWorks® platform for fast test and programming, and SourcePoint™, a platform for software debug and trace, have been deployed extensively by defense contractors.

 

“With the emphasis on cybersecurity nowadays, it is more crucial than ever to protect critical system designs from unauthorized access and manipulation,” said Sguigna. “JTAG in particular must be secured, especially since it operates ‘out-of-band’; that is, separate from and not dependent upon the operation of the overall system. And given its emerging use as a Built-In Test (BIT) enabler where the interface could be misused to disrupt in-service equipment on a large scale, it is more crucial than ever that potential attacks via JTAG must be mitigated.”

 

Sguigna’s paper points out that one drastic solution to JTAG security is to simply fuse off access to the interface, but this renders it useless for debug, test and programming. There are alternative approaches, the paper states: “These options include chip lock and key registers, challenge-response mechanisms, secure key systems, TDI/TDO encryption, and other authentication/authorization techniques. This paper reviews the options for safe access to JTAG-based debug and test embedded instrumentation.”

 

For more information on JTAG security, click here for a recent blog on the topic by Sguigna.