A network of storage units has a data path, which is at least a portion of the network. The network also has a dynamic time-varying or cycle-varying code generation unit and a code comparator unit that together make up an unlock signal generation unit; and a gateway storage unit. If the gateway storage unit does not store an unlock signal or the unlock signal generation unit does not generate and transmit an unlock signal, the gateway storage unit does not insert a data path segment in the data path. If the unlock signal generation unit is operated such that it generates an unlock signal, and it transmits that unlock signal to a gateway storage unit, and the gateway storage unit stores the unlock signal value, then the gateway storage unit inserts a data path segment into the data path.

Embodiments of a method, an IC device, and a circuit board are disclosed. In an embodiment, the method involves at an IC device of the system, monitoring activity on a bus interface of the IC device, wherein the bus interface is connected to a bus on the system that communicatively couples the IC device to at least one other IC device on the system, applying machine learning to data corresponding to the monitored activity to generate an activity profile, monitoring subsequent activity on the bus interface of the IC device, comparing data corresponding to the to subsequently monitored activity to the machine learning generated activity profile to determine if a system-level Trojan is detected, and generating a notification when it is determined from the comparison that a system-level Trojan has been detected.

A reconfigurable JTAG includes, in part, a core logic, a boundary scan chain cell, one or more reconfigurable blocks (RBs), and a reconfigurable block (RB) programming module. The RBs may include, in part, one or more reconfigurable boundary scan chain blocks (RBB) adapted to couple the boundary scan chain cell to the core logic and to input/output (I/O) ports of the reconfigurable JTAG. The RBs may also include, in part, one or more additional reconfigurable logic (ARL) blocks to provide enhanced logic for locking operations. The RB programmable module may communicate with a memory storing data for configuring the RBBs and ARLs. The RB programming module may configure the RBBs and ARLs based at least in part on the data stored in the memory to disable access to the I/O ports of the JTAG. The RB programming module may configure the RBBs to encrypt the I/O ports in accordance with a cipher algorithm. The RB programming module may also configure the RBBs and ARLs to compare a counter's count to a predefined time and lock the I/O ports after an expiration of the predefined time.

A semiconductor integrated circuit to receive a test scan input, a test clock, and a test mode signal and output a secure scan output signal, the integrated circuit including: a secure key circuit to generate delay input signals, which are differently delayed from the test scan input, and to generate an input key signal by capturing the delay input signals in response to the test clock; a key comparator to generate a verification result indicating whether an input key of the input key signal is identical with a preset reference key; a chip to generate a scan output signal based on the test scan input; a scan output remapper to obfuscate the scan output signal according to the verification result and to output the obfuscated scan output signal as the secure scan output signal; and a secure scan controller to control the secure key circuit, key comparator, chip, and remapper.

One aspect provides an FPGA chip mounted on a printed circuit board (PCB). The FPGA chip can include a joint test action group (JTAG) interface comprising a number of input/output pins and an enablement pin, and a control logic block coupled to the enablement pin of the JTAG interface. The control logic block can receive a control signal from an off-chip control unit and control a logical value of the enablement pin based on the received control signal, thereby facilitating the off-chip control unit to lock or unlock the JTAG interface. The FPGA chip can further include a detection logic block to detect an unauthorized access to the FPGA chip. An input to the detection logic is coupled to the enablement pin, and a conductive trace coupling the input of the detection logic block and the enablement pin is situated on an inner layer of the PCB.

The present disclosure describes exemplary methods and systems that are applicable for hardware authentication, counterfeit detection, and in-field tamper detection in both printed circuit board and/or integrated circuit levels by utilizing random variations in boundary-scan path delay and/or current in the industry-standard JTAG-based design-for-test structure to generate unique device identifiers.

Systems, methods, and apparatuses are described for verifying the authenticity of an integrated circuit device. An integrated test apparatus may use quiescent current and/or conducted electromagnetic interference readings to determine if a device under test matches the characteristics of an authenticated device. Deviations from the characteristics of the authenticated device may be indicative of a counterfeit device.

A system on chip includes a one-time programmable (OTP) memory configured to store secure data, an OTP controller including at least one shadow register configured to read the secure data from the OTP memory and to store the secure data, a power management unit configured to receive an operation mode signal from an external device and to output test mode information indicating whether an operation mode is a test mode according to the operation mode signal and a test valid signal corresponding to the secure data, and a test circuit configured to receive the test mode information from the power management unit, to receive test data from the external device, and to output a scan mode signal and a test mode signal according to the test data and a test deactivation signal, wherein the test deactivation signal corresponds to development state data indicating a chip development state in the secure data.

A self-test built in a conditional access chip is provided. The conditional access chip decrypts video data by using a plurality of logic units. The self-test circuit includes: a storage circuit, storing test data and comparison data; and a control circuit, coupled to the logic units, controlling the logic units to receive a clock to perform a test, reading the test data from the storage circuit, inputting the test data to a scan chain formed by the logic units according to the clock, and comparing output data of the scan chain with the comparison data to obtain a test result.

Methods, devices and circuits are provided for protecting secure data from being read during a scan chain output. A plurality of scan flip-flops is coupled in a scan chain, and an input circuit is configured to shift input data to the scan flip-flops. A protection circuit is coupled to the scan flip-flops, and the protection circuit configured to detect scan-in of data from the input circuit to a designated one of the scan flip-flops. Scan-out of data from the designated scan flip-flop is enabled in response to detection of a scan-in of data from the input circuit to the designated scan flip-flop. Scan-out of data from the designated scan flip-flop is prevented in response to no detection of scan-in of data from the input circuit to the designated scan flip-flop.