TESTABILITY FOR VLSI

(MELZG531)

ASSIGNMENT-2
DFST

Name: Sowmya
BITS ID: 2021ht80565
Introduction:
Hardware testability and security are crucial in electronic applications. While manufacturing test
necessitates deep access into the integrated circuit (IC) to enhance its testability, this can
inadvertently threaten the security of the IC in security-critical applications. The chips in these
applications should be tested for defects, while the security of these chips strongly depends on the
test infrastructure provided by the designer. Scan Chain-based testing is a standard DFT due to it’s
simple design & low cost. But this method can act as a back door through which the hacker can copy
the sensitive information through side channel attack. Therefore, an efficient & inexpensive LFSR
(linear feedback shift register) based architecture through which it provides predominant security
without compromising on testability.

Why DFST?
Scan based design for testability structures are highly unprotected for unauthorized access to the
internal signals of a chip. A secure scan-based design will prevents the unauthorized access without
effecting testability. The proposed secure architecture employs unique keys for each vector. These
unique keys are generated by a linear feedback shift register and are then embedded into the don’t
care bits of the test vectors.
Architecture:
Overall security analysis of this method is based on the primitive characteristics of Linear Feedback
Shift Register (LFSR). The first level of security is added through the authentication keys. These keys
are unique for every test vector and each key is generated by Linear Feedback Shift Register (LFSR).
According to the characteristic equation of LFSR, for example, n-bits LFSR generate (2^n -1)
combination of sequence and seed (initial value) is considered as authentication key for the entire
system. 4-bit LFSR has 16 -1=15 possible combinations, and it reaches the initial state (seed) to
repeat the same sequence. One of the characteristics of the LFSR is that seed remains same for
entire circuit. This property of LSFR is assigned an authentication key to provide on second level of
security.

Different methods are used to embed secret keys into the test vector. First method is to insert
dummy flip flops into the normal scan chain, second method is to insert keys into the don’t care
position in the test vector. The proposed modified scan structure consisting of balanced scan chains,
random sequence generator, equality comparator and output multiplexer. Big scan chains that
undergo testing consume more test time which is avoided by partitioning a long chain into number
of sub chains. Moreover, the balanced structure has reduced test time. At a time only one scan chain
is active for the scan operation, which is hide from the unauthorized person this ensure higher level
of security.

Fig 1: Secure design methodology

The seed of LFSR is used as authentication key which is embedded into the test vector. The test
pattern which contains don’t care bits, are used for embedded test keys into the test vector. It is
then difficult to embed key into the test vector. In a particular test pattern, the position of the don’t
care bit is almost same which can be used to embed keys into those bit positions of the test key that
requires k-bits of don’t care. The unauthorized people cannot access the structure without knowing
the polynomial used for LFSR and seed setting as the test key.
Steps:

1. The test pattern is loaded into the scan chain including the test key.
2. The test vectors are loaded into the scan chain and test keys are randomly stored in a chain.
3. The position of the chain stored with the key is known to the test engineer while it is hidden
from the hacker.
4. These previously assigned scan chain is connected to the key verifier.
5. Key verifier regularly checks for the key from the chain with the integrated key.
6. If two keys are equal, the scan out is the original data otherwise, random sequence is
generated through the output module.

The normal CAD tool can be used for the implementation of this method with a small modification
required in the library. The structure of the equality comparator is such that the output of xnor gate
is high only when both inputs are equal. This property is used as the key verification process. If the
seed of the LFSR and embedded keys are equal, then the output of the comparator is zero. The
output port of the comparator is connected to the random sequence generator and acts as the
control input for the multiplexer. The multiplexer propagates the scan out data or random number
in accordance with the output of the comparator
Comparison with the existing techniques :

Numerous approaches have been proposed to secure the sensitive information in the Circuit Under
Test (CUT). the power and time can be used as side channel attack to retrieve the secrete data from
the chip. D.Hely proposed a scrambling method, in which entire scan chain is divided into small units
and each unit is connected through a random key circuit. When an unauthorized person tries to
access the data, then he can access only randomly generated data. This method is more secure due
to randomness nature of the data. The main drawback of this technique is that it includes more sub
chains that increase the power and connection is highly complexity which is more difficult to
understand. J.Lee] presented a scheme based on a lock &key secured methodology, in which entire
scan chain is again divided into sub chains of equal length that reduce scan time required for testing.
A set of scan chain is selected for the test operation and other chains are kept inactive by a LFSR
module. The drawback of this technique is due to additional module that increases area overhead.
The same author proposed another technique to protect the Intellectual Property (IP). In this
technique, the partitioning of scan chain is used and a secret key is inserted into the test vectors. In
the keys are stored in the dummy flip flops and these flip flops are connected to key checking
module. When the key verification fails, the random sequence is generated otherwise scan data is
unloaded. H.Fujiwara suggested a new technique in which the normal scan chain design is replaced
with de Bruijin graph method in which the original data is hidden from a hacker. The same author
presented another secure DfT using partial scan approach. According to this approach a new
mechanism is introduced to confuse the hacker. But the testing procedure is more complex in this
method. a new key based structure is proposed which uses a sequence of different keys embedded
into the test vector. When the key is matched with the original key then scan data is enabled. In the
side channel attack of the JTAG interface is discussed. In this paper a secure method is presented to
protect the JTAG and the system is fully closed for the unknown user. Chandran U suggested a new
technique using two levels of key authentication to ensure the security. The scan chain is virtually
divided into two parts, the first part for the key authentication and second part for the normal scan
operation. When the first part key verification fails, an attack is detected and response is blocked by
disabling the scan chain flip flops. A set of keys is used for the authentication purpose that increases
the size of the input vectors. Similarly, the same technique with unique key authentication approach
is presented by Mohammed Abdul Razzaq ,This technique proceeds with LFSR based key generation
and the keys are embedded into the test vector. The above mentioned techniques are mainly
concentrated on high level security with poor testability. However there is no standard secure
technique with minimum cost for protecting against random testing.

Advantage & Disadvantage:

In the proposed methodology different level of security threads are added to the circuit. The hacker
cannot retrieve the sensitive data without knowing the following concepts that used in this method:
 The characteristic equation of the polynomial and seed of LFSR

 The system integrated key

 Test key integrated into the test vectors

 Position of the key stored in the scan chain

 Identification of activated scan chain

 Structure of the random sequence generator and equality comparator

The seed of the LFSR is used as the authentication key in the first level of security. Input seed reduce
the direct access of the data. Randomly selected position of the key in a chain is the next level of
security. Random sequence generator also provides as higher level of security. If the 16-bit LFSR is
used it generates (216-1) combinations of pattern. The assumption of seed from this of 16-bit LFSR
generates 65535 combinations is very difficult. From the above discussion the proposed
methodology is more secure and is applicable for more complex circuits.

In the existing methods more modules are added to ensure the security, On the other hand these
methods utilize more area. Key verifier consisting of k- gates utilizes less area. Area overhead due to
multiplexer and LFSR depends on number of scan chain and number of stages.

CONCLUSION:

The simpler design of scan chain makes it more popular than other testing methods. By using this
new secure methodology any complex digital circuits can be tested with minimum cost and
minimum parametric overhead. Different methods contributed various secured parameters.
However most of the technique discussed in the literature survey is not suitable to enhance the
security without affecting the testability.