Abstract
Nowadays, companies are heavily investing in the development of “Internet of Things(IoT)” products. These companies usually and obviously hunt for lucrative business models. Currently, each person owns at least 3–4 devices (such as mobiles, personal computers, Google Assistant, Alexa, etc.) that are connected to the Internet 24/7. However, in the future, there might be hundreds of devices that will be constantly online behind each person, keeping track of body health, banking transactions, status of personal devices, etc. to make one’s life more efficient and streamlined. Thus, it is very crucial that each device should be highly secure since one’s life will become dependent on these devices. However, the current security of IoT devices is mainly focused on resiliency of device. In addition, less complex node devices are easily accessible to the public resulting in higher vulnerability. JTAG is an IEEE standard that has been defined to test proper mounting of components on PCBs (printed circuit boards) and has been extensively used by PCB manufacturers to date. This JTAG interface can be used as a backdoor entry to access and exploit devices, also defined as a physical attack. This attack can be used to make products malfunction, modify data, or, in the worst case, stop working. This paper reviews previous successful JTAG exploitations of well-known devices operating online and also reviews some proposed possible solutions to see how they can affect IoT products in a broader sense.
Highlights
Nowadays, there is a lot of development happening in “Internet of Things (IoT)” and connected smart devices in the market
As we have seen in this article, multiple solutions provided by researchers add security against JTAG attacks by adding extra hardware circuitry in it
We review articles of JTAG debug standard, which mainly demonstrated past PCB exploitation of some well-known products as well as some proposed design solutions to make JTAG interface as a secure debug interface
Summary
There is a lot of development happening in “Internet of Things (IoT)” and connected smart devices in the market. Node devices (sensor devices) are unintelligent devices with less hardware complexity, high power efficiency (i.e., battery operated), and often lower cost that only sense world parameters and pass them to the cloud for further processing. The vast majority of these devices are physically available to the public, illegitimate parties could influence data, firmware binary file and memory footprints. This attack can be classified into a physical attack which can influence the behavior of a product by playing with the actual piece of hardware. This introduces a noteworthy threat to embedded sensor nodes. Skorobogatov [3] already evaluated possible physical attack scenarios, as explained below for embedded devices
Sign-in/Register to view highlights & summary Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a callDisclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.
