基于权限管理的SoC安全芯片调试系统设计

刘海亮; 吕辉; 杨万云

doi:10.20193/j.ices2097-4191.2024.0048

PDF(2555 KB)

集成电路与嵌入式系统 ›› 2024, Vol. 24 ›› Issue (11) : 86-90. DOI: 10.20193/j.ices2097-4191.2024.0048

研究论文

基于权限管理的SoC安全芯片调试系统设计

作者信息 +

Design of SoC security chip debug system based on permission management

Author information +

文章历史 +

摘要

针对SoC安全芯片的JTAG/cJTAG接口在产品化阶段没有关闭存在恶意被攻击风险,或通过OTP/eFuse简单的永久关闭JTAG/cJTAG接口导致量产阶段客户问题定位困难,或CPU指针跑飞后调试手段受限而很难定位等问题,本文设计了一种基于权限管理的SoC安全芯片调试系统,相比传统调试方式,本文做了两方面修改:针对JTAG/cJTAG调试方式,在传统调试方法上增加了权限控制位设计、校验密码设计、权限比对设计;针对UART调试方式,在保留传统调试方法的基础上增加了UART访问寄存器总线设计,并可以通过OTP/eFuse关闭UART访问寄存器功能。此调试系统既为SoC芯片CPU挂起、指针跑飞等提供问题分析手段,又为SoC芯片量产阶段提供安全又方便的JTAG/cJTAG调试手段。

Abstract

There are risks of malicious attacks on SoC chips with JTAG/cJTAG interfaces that are not disabled during the mass productization stage, or the JTAG/cJTAG interfaces are simply and permanently disabled by OTP/eFuse, which makes it difficult to locate problems during mass production or limits debugging means when the CPU pointer runs away, making it difficult to locate the problem. This article designs a SoC security chip debug system based on permission management. Compared to traditional debugging methods, this article has made two modifications. For JTAG/cJTAG debugging, permission control bit design, verification password design, and permission comparison design have been added while retaining traditional debugging methods. Regarding the UART debugging method, a UART access register bus design has been added on the basis of retaining traditional debugging methods, and the UART access register function can be disabled through OTP/eFuse. It not only provides problem analysis methods for SoC chip CPU hanging and pointer running away, but also provides secure and convenient JTAG/cJTAG/UART debugging for SoC chip mass production stage.

导出引用

刘海亮, 吕辉, 杨万云. 基于权限管理的SoC安全芯片调试系统设计[J]. 集成电路与嵌入式系统. 2024, 24(11): 86-90 https://doi.org/10.20193/j.ices2097-4191.2024.0048

LIU Hailiang, LYU Hui, YANG Wanyun. Design of SoC security chip debug system based on permission management[J]. Integrated Circuits and Embedded Systems. 2024, 24(11): 86-90 https://doi.org/10.20193/j.ices2097-4191.2024.0048

中图分类号： TN43 (半导体集成电路(固体电路))

参考文献

列表( 原文顺序 | 文献年度倒序 | 文中引用次数倒序 ) 可视化分析

[1]

王永清, 徐亚君. 基于总线与Jtag协议的SoC调试系统设计[C]// 第十七届计算机工程与工艺年会暨第三届微处理器技术论坛论文集(上册), 2013.

WANG

Y Q

, XU

Y J

. Design of SoC Debugging System Based on Bus and Jtag Protocol[C]// Proceedings of the 17th Annual Conference on Computer Engineering and Technology and the 3rd Forum on Microprocessor Technology (Volume 1),2013 (in Chinese).

本文引用 [1]

[2]	刘刚. 一种SoC调试方法,系统,电子设备及存储介质:CN202211025370.1[P].2024-09-12. LIU G. A SoC debugging method for systems,electronic devices,and storage media:CN202211025370.1[P].2024-09-12 (in Chinese). 本文引用 [1]

[3]	BHUNIA S, RAY S, SUR-KOLAY S. 基础IP与SoC安全[M]. Springer,Cham,2017:29-48. BHUNIA S, RAY S, SUR-KOLAY S. Fundamentals of IP and SoC Security[M]. Springer,Cham,2017:29-48 (in Chinese). 本文引用 [2]

[4]	吴雪涛. 密码SoC芯片JTAG安全防护技术研究[D]. 郑州:解放军信息工程大学, 2015.DOI:10.7666/d.D829675. D829675. WU X T. Research on JTAG Security Protection Technology for Password SoC Chip[D]. Zhengzhou: PLA University of Information Engineering,2015 (in Chinese).