	US 12,072,379 B2
	Dynamic scan obfuscation for integrated circuit protections
Krishnendu Chakrabarty, Durham, NC (US); Jonti Talukdar, Durham, NC (US); and Arjun Chaudhuri, Durham, NC (US)
Assigned to DUKE UNIVERSITY, Durham, NC (US)
Filed by Duke University, Durham, NC (US)
Filed on Mar. 14, 2022, as Appl. No. 17/693,942.
Prior Publication US 2023/0288477 A1, Sep. 14, 2023
Int. Cl. G01R 31/3177 (2006.01); G01R 31/317 (2006.01); G06F 11/263 (2006.01)

CPC G01R 31/3177 (2013.01) [G01R 31/31703 (2013.01); G06F 11/263 (2013.01); G06F 2201/83 (2013.01)]

20 Claims

11. An integrated circuit (IC) protection circuit, comprising:

a reconfigurable block that receives a seed value from a tamper-proof memory and generates a dynamic key;

an authentication block that receives the dynamic key from the reconfigurable block and taint bits from a scan chain to generate an authentication signature;

an encryptor that encrypts a test pattern response on the scan chain if a mismatch is found between the authentication signature and a test pattern embedded signature; and

a comparator coupled to receive the authentication signature from the authentication block and the test pattern embedded signature from the scan chain and output a signal to the encryptor the signal indicating whether or not there is the mismatch between the authentication signature and the test pattern embedded signature,

wherein the taint bits are selected for a test pattern on the scan chain to have an equal probability of a one or a zero occurring at a particular bit location, wherein the taint bits are selected to have the equal probability by evaluating, for each scan cell location, Δl=|a_l−b_l| and μ_l=(a_l+b_l)/2 to determine the scan cell locations with the highest μ_land lowest Δl, where a_lis a number of 0's occurring at that scan cell location across all test patterns and b_lis a number of 1's occurring at that scan cell location across all test patterns.