A semiconductor chip device include device state fuses that may be used to configure various device states and corresponding security levels for the semiconductor chip as it transitions from wafer manufacturing to provisioned device. The device states and security levels prevent the semiconductor chip from being accessed and exploited, for example, during manufacturing testing. A secure boot flow process for a semiconductor chip over its lifecycle is also disclosed. The secure boot flow may start at the wafer manufacturing stage and continue on through the insertion of keys and firmware.

A Joint Test Action Group (JTAG) communication lockout processor is disclosed. The processor is configured to generate a multi-channel unlock sequence based on an operational mode change of an operably connected programmable device, and save the unlock sequence to one or more memory registers. The processor can also receive an execution of the multi-channel unlock sequence via two or more unlock channels, determine, via an unlock logic, whether the execution of the multi-channel unlock sequence is valid, and responsive to determining that the execution of the multi-channel unlock sequence is valid, allow or disallow the JTAG communication with an embedded processor.

A method is intended for transforming a secure electronic device, associated to a first identifier and having a sensitive mode disabled after production, for a new sensitive use. This method comprises the steps of: (i) externally computing a cipher of the first identifier with a predetermined function fed with this first identifier and a predetermined secret key; (ii) transforming an accessible metal layer of the electronic device to form an activation pattern representing this externally computed cipher of the first identifier; (iii) getting a value representative of this activation pattern into the electronic device; and (iv) computing a second identifier with this transformed electronic device by feeding a reverse function of the predetermined function with this value and this secret key, to trigger a comeback to the sensitive mode if this second identifier is equal to the first identifier.

A network of storage units has a data path, which is at least a portion of the network. The network also has a dynamic time-varying or cycle-varying code generation unit and a code comparator unit that together make up an unlock signal generation unit; and a gateway storage unit. If the gateway storage unit does not store an unlock signal or the unlock signal generation unit does not generate and transmit an unlock signal, the gateway storage unit does not insert a data path segment in the data path. If the unlock signal generation unit is operated such that it generates an unlock signal, and it transmits that unlock signal to a gateway storage unit, and the gateway storage unit stores the unlock signal value, then the gateway storage unit inserts a data path segment into the data path.

A device includes a scan chain including a plurality of storage elements and an output buffer; a shadow shift register having a shadow shift input coupled to a scan output of one of the storage elements of the scan chain; a signature register; and a comparator having a first input, a second input, and an output. The comparator first input is to receive a value of the shadow shift register, and the comparator second input is to receive a value of the signature register. The output buffer has a control input coupled to the comparator output, and the output buffer provides a high-impedance output responsive to the value of the shadow shift register being unequal to the value of the signature register.

A semiconductor chip device include device state fuses that may be used to configure various device states and corresponding security levels for the semiconductor chip as it transitions from wafer manufacturing to provisioned device. The device states and security levels prevent the semiconductor chip from being accessed and exploited, for example, during manufacturing testing. A secure boot flow process for a semiconductor chip over its lifecycle is also disclosed. The secure boot flow may start at the wafer manufacturing stage and continue on through the insertion of keys and firmware.

Embodiments relate to providing security of scan mode access and data in an integrated circuit. In embodiments, one or both of two layers of security are provided. A first layer includes requiring a complex initialization sequence to be performed in order to access scan mode. A second layer includes scrambling the scan data before it is output from the circuit under test, which prevents unauthorized persons from extracting useful information from the output scan data. Further embodiments relate to methodologies for utilizing these protection layers after manufacture of the integrated circuit and incorporating these protection layers in an integrated circuit design flow.

A scan test circuit includes a scan chain formed of a plurality of sub-scan chains, an input distribution circuit, and an output compression circuit. With the use of a bypass circuit, a plurality of sub-scan chains are formed in a compression scan mode by connecting scan cell circuits of a high confidentiality-requiring circuit among a plurality of scan cell circuits included in an internal circuit, and a plurality of sub-scan chains are formed in a non-compression scan mode by bypassing the scan cell circuits of the high confidentiality-requiring circuit.

A method includes configuring a first set of blocks of a plurality of blocks of an IC chip as secure data blocks, and configuring a second set of blocks of the plurality of blocks as non-secure data blocks. The method further includes receiving a test mode entry request in the IC chip. In response to the IC chip receiving the test mode entry request, carrying out a data-initialization operation on the plurality of blocks independently of whether any blocks of the plurality of blocks are configured as the secure data blocks or the non-secure data blocks. An IC chip data output is disabled during the data-initialization operation.

Various examples of a circuit and a technique for testing the circuit are disclosed herein. In an example, the circuit includes a data input coupled to a scan multiplexer and a path select multiplexer. The circuit further includes a scan-in input coupled to the scan multiplexer and to receive a value of a scan pattern. The circuit further includes a scan latch to store the value that has an input coupled to the scan multiplexer and an output coupled to the path select multiplexer. The scan multiplexer selects a first signal from the data input and the scan-in input and provides the first signal to the input of the scan latch. The path select multiplexer selects a second signal from the data input and the output of the scan latch and provides the second signal to a data output of the circuit.