JTAG Security System Based on Credentials

JTAG (Joint Test Access Group) is a powerful tool for the embedded system development environments. The features of JTAG, however, can be exploited by malicious users as a backdoor for launching attacks, an approach which now constitutes a major threat in the domain of device hacking. To deny unauthenticated users access to the features of JTAG port, this paper proposes a novel JTAG security mechanism. The proposed solution uses authentication based on credentials to achieve improved security and usability over existing solutions. Our approach is easily applicable to all standard JTAG environments because its structure is designed to be independent from the application environment. Further, the approach has lower implementation cost than encryption/decryption-based solutions since only hash and XOR calculations are employed in its authentication protocol. The security of the proposed mechanism has been verified through analysis against all forms of expected attacks, and its functionality is demonstrated with a real-life implementation.