reverse engineering at32uc3a s jtag
play

Reverse engineering AT32UC3As JTAG Introduction Overview LSE - PowerPoint PPT Presentation

Feb 01, 2023 •239 likes •968 views

Reverse engineering AT32UC3As JTAG Pierre Surply Reverse engineering AT32UC3As JTAG Introduction Overview LSE Summer Week 2014 TAP Controller Scan Chain Pierre Surply Boundary Scan UC3 JTAG EPITA 2016 Reverse engineering Jul

  1. Reverse engineering AT32UC3A’s JTAG Pierre Surply Reverse engineering AT32UC3A’s JTAG Introduction Overview LSE Summer Week 2014 TAP Controller Scan Chain Pierre Surply Boundary Scan UC3 JTAG EPITA 2016 Reverse engineering Jul 19, 2014 Conclusion Pierre Surply (EPITA 2016) Reverse engineering AT32UC3A’s JTAG Jul 19, 2014 1 / 72

  2. On-Chip Debug Reverse engineering AT32UC3A’s JTAG Pierre Surply Introduction Overview TAP Controller Scan Chain Boundary Scan UC3 JTAG Reverse engineering Conclusion Figure: AVR Dragon avr32gdbproxy -e "avrdragon" -a ":4242" Pierre Surply (EPITA 2016) Reverse engineering AT32UC3A’s JTAG Jul 19, 2014 2 / 72

  3. JTAG Reverse engineering AT32UC3A’s JTAG Pierre Surply Introduction Join Test Action Group Overview TAP Published in April 1990 Controller IEEE 1149.1 Scan Chain Standard Test Access Port and Boundary-Scan Boundary Scan Architecture UC3 JTAG Reverse engineering Conclusion Pierre Surply (EPITA 2016) Reverse engineering AT32UC3A’s JTAG Jul 19, 2014 3 / 72

  4. JTAG pins Reverse engineering AT32UC3A’s JTAG Pierre Surply Introduction TCK : Test Clock Overview TAP TMS : Test Mode Select Controller TDI : Test Data Input Scan Chain TDO : Test Data Output Boundary Scan TRST : Test Reset UC3 JTAG Reverse engineering Conclusion Pierre Surply (EPITA 2016) Reverse engineering AT32UC3A’s JTAG Jul 19, 2014 4 / 72

  5. Registers Reverse engineering AT32UC3A’s JTAG Pierre Surply Introduction Instruction Registers Overview TAP Data Registers: Controller Scan Chain IDCODE Boundary BYPASS Scan BSR UC3 JTAG Reverse engineering Conclusion Pierre Surply (EPITA 2016) Reverse engineering AT32UC3A’s JTAG Jul 19, 2014 5 / 72

  6. JTAG Block Diagram Reverse engineering AT32UC3A’s JTAG Pierre Surply Introduction Overview TAP Controller Scan Chain Boundary Scan UC3 JTAG Reverse engineering Conclusion Figure: JTAG Block Diagram Pierre Surply (EPITA 2016) Reverse engineering AT32UC3A’s JTAG Jul 19, 2014 6 / 72

  7. Shift Register Reverse engineering AT32UC3A’s JTAG Pierre Surply Introduction Overview TAP Controller Scan Chain Boundary Scan Figure: Shift Register (1/5) UC3 JTAG Reverse engineering Conclusion Pierre Surply (EPITA 2016) Reverse engineering AT32UC3A’s JTAG Jul 19, 2014 7 / 72

  8. Shift Register Reverse engineering AT32UC3A’s JTAG Pierre Surply Introduction Overview TAP Controller Scan Chain Boundary Scan Figure: Shift Register (2/5) UC3 JTAG Reverse engineering Conclusion Pierre Surply (EPITA 2016) Reverse engineering AT32UC3A’s JTAG Jul 19, 2014 8 / 72

  9. Shift Register Reverse engineering AT32UC3A’s JTAG Pierre Surply Introduction Overview TAP Controller Scan Chain Boundary Scan Figure: Shift Register (3/5) UC3 JTAG Reverse engineering Conclusion Pierre Surply (EPITA 2016) Reverse engineering AT32UC3A’s JTAG Jul 19, 2014 9 / 72

  10. Shift Register Reverse engineering AT32UC3A’s JTAG Pierre Surply Introduction Overview TAP Controller Scan Chain Boundary Scan Figure: Shift Register (4/5) UC3 JTAG Reverse engineering Conclusion Pierre Surply (EPITA 2016) Reverse engineering AT32UC3A’s JTAG Jul 19, 2014 10 / 72

  11. Shift Register Reverse engineering AT32UC3A’s JTAG Pierre Surply Introduction Overview TAP Controller Scan Chain Boundary Scan Figure: Shift Register (5/5) UC3 JTAG Reverse engineering Conclusion Pierre Surply (EPITA 2016) Reverse engineering AT32UC3A’s JTAG Jul 19, 2014 11 / 72

  12. TAP Controller State Machine Reverse engineering AT32UC3A’s JTAG Pierre Surply Introduction Overview TAP Controller Scan Chain Boundary Scan UC3 JTAG Reverse engineering Conclusion DR : Data Register IR : Instruction Register Pierre Surply (EPITA 2016) Reverse engineering AT32UC3A’s JTAG Jul 19, 2014 12 / 72

  13. TAP Controller State Machine Reverse engineering AT32UC3A’s JTAG Pierre Surply Introduction Overview TAP Controller Scan Chain Boundary Scan UC3 JTAG Reverse engineering Conclusion Figure: TAP Controller Example (1/13) Pierre Surply (EPITA 2016) Reverse engineering AT32UC3A’s JTAG Jul 19, 2014 13 / 72

  14. TAP Controller State Machine Reverse engineering AT32UC3A’s JTAG Pierre Surply Introduction Overview TAP Controller Scan Chain Boundary Scan UC3 JTAG Reverse engineering Conclusion Figure: TAP Controller Example (2/13) Pierre Surply (EPITA 2016) Reverse engineering AT32UC3A’s JTAG Jul 19, 2014 14 / 72

  15. TAP Controller State Machine Reverse engineering AT32UC3A’s JTAG Pierre Surply Introduction Overview TAP Controller Scan Chain Boundary Scan UC3 JTAG Reverse engineering Conclusion Figure: TAP Controller Example (3/13) Pierre Surply (EPITA 2016) Reverse engineering AT32UC3A’s JTAG Jul 19, 2014 15 / 72

  16. TAP Controller State Machine Reverse engineering AT32UC3A’s JTAG Pierre Surply Introduction Overview TAP Controller Scan Chain Boundary Scan UC3 JTAG Reverse engineering Conclusion Figure: TAP Controller Example (4/13) Pierre Surply (EPITA 2016) Reverse engineering AT32UC3A’s JTAG Jul 19, 2014 16 / 72

  17. TAP Controller State Machine Reverse engineering AT32UC3A’s JTAG Pierre Surply Introduction Overview TAP Controller Scan Chain Boundary Scan UC3 JTAG Reverse engineering Conclusion Figure: TAP Controller Example (5/13) Pierre Surply (EPITA 2016) Reverse engineering AT32UC3A’s JTAG Jul 19, 2014 17 / 72

  18. TAP Controller State Machine Reverse engineering AT32UC3A’s JTAG Pierre Surply Introduction Overview TAP Controller Scan Chain Boundary Scan UC3 JTAG Reverse engineering Conclusion Figure: TAP Controller Example (6/13) Pierre Surply (EPITA 2016) Reverse engineering AT32UC3A’s JTAG Jul 19, 2014 18 / 72

  19. TAP Controller State Machine Reverse engineering AT32UC3A’s JTAG Pierre Surply Introduction Overview TAP Controller Scan Chain Boundary Scan UC3 JTAG Reverse engineering Conclusion Figure: TAP Controller Example (7/13) Pierre Surply (EPITA 2016) Reverse engineering AT32UC3A’s JTAG Jul 19, 2014 19 / 72

  20. TAP Controller State Machine Reverse engineering AT32UC3A’s JTAG Pierre Surply Introduction Overview TAP Controller Scan Chain Boundary Scan UC3 JTAG Reverse engineering Conclusion Figure: TAP Controller Example (8/13) Pierre Surply (EPITA 2016) Reverse engineering AT32UC3A’s JTAG Jul 19, 2014 20 / 72

  21. TAP Controller State Machine Reverse engineering AT32UC3A’s JTAG Pierre Surply Introduction Overview TAP Controller Scan Chain Boundary Scan UC3 JTAG Reverse engineering Conclusion Figure: TAP Controller Example (9/13) Pierre Surply (EPITA 2016) Reverse engineering AT32UC3A’s JTAG Jul 19, 2014 21 / 72

  22. TAP Controller State Machine Reverse engineering AT32UC3A’s JTAG Pierre Surply Introduction Overview TAP Controller Scan Chain Boundary Scan UC3 JTAG Reverse engineering Conclusion Figure: TAP Controller Example (10/13) Pierre Surply (EPITA 2016) Reverse engineering AT32UC3A’s JTAG Jul 19, 2014 22 / 72

  23. TAP Controller State Machine Reverse engineering AT32UC3A’s JTAG Pierre Surply Introduction Overview TAP Controller Scan Chain Boundary Scan UC3 JTAG Reverse engineering Conclusion Figure: TAP Controller Example (11/13) Pierre Surply (EPITA 2016) Reverse engineering AT32UC3A’s JTAG Jul 19, 2014 23 / 72

  24. TAP Controller State Machine Reverse engineering AT32UC3A’s JTAG Pierre Surply Introduction Overview TAP Controller Scan Chain Boundary Scan UC3 JTAG Reverse engineering Conclusion Figure: TAP Controller Example (12/13) Pierre Surply (EPITA 2016) Reverse engineering AT32UC3A’s JTAG Jul 19, 2014 24 / 72

  25. TAP Controller State Machine Reverse engineering AT32UC3A’s JTAG Pierre Surply Introduction Overview TAP Controller Scan Chain Boundary Scan UC3 JTAG Reverse engineering Conclusion Figure: TAP Controller Example (13/13) Pierre Surply (EPITA 2016) Reverse engineering AT32UC3A’s JTAG Jul 19, 2014 25 / 72

  26. Daisy Chain Reverse engineering AT32UC3A’s JTAG Pierre Surply Introduction Overview TAP Controller Scan Chain Boundary Scan UC3 JTAG Reverse Figure: Daisy Chain engineering Conclusion Pierre Surply (EPITA 2016) Reverse engineering AT32UC3A’s JTAG Jul 19, 2014 26 / 72

  27. BYPASS Reverse engineering AT32UC3A’s JTAG Pierre Surply Introduction Overview TAP Controller Scan Chain Boundary Scan UC3 JTAG Reverse Figure: BYPASS Register engineering Conclusion Pierre Surply (EPITA 2016) Reverse engineering AT32UC3A’s JTAG Jul 19, 2014 27 / 72

  28. BYPASS Reverse engineering AT32UC3A’s JTAG Pierre Surply Introduction Overview TAP Controller Scan Chain Boundary Scan UC3 JTAG Reverse Figure: BYPASS and Daisy Chain (1/3) engineering Conclusion Pierre Surply (EPITA 2016) Reverse engineering AT32UC3A’s JTAG Jul 19, 2014 28 / 72

  29. BYPASS Reverse engineering AT32UC3A’s JTAG Pierre Surply Introduction Overview TAP Controller Scan Chain Boundary Scan UC3 JTAG Reverse Figure: BYPASS and Daisy Chain (2/3) engineering Conclusion Pierre Surply (EPITA 2016) Reverse engineering AT32UC3A’s JTAG Jul 19, 2014 29 / 72

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

Reverse Engineering CS 166 Armen Boursalian 30 Apr 2018 Reverse Engineering Take a

Reverse Engineering CS 166 Armen Boursalian 30 Apr 2018 Reverse Engineering Take a

Reverse Engineering CS 166 Armen Boursalian 30 Apr 2018 Reverse Engineering Take a product, understand how it works Usually limited to certain aspects, not full systems Need to know a little bit about a lot of topics to gain

636 views • 11 slides
Reverse Engineering TCP/ IP Reverse Engineering TCP/ IP Steven Low EAS, Caltech Joint work

Reverse Engineering TCP/ IP Reverse Engineering TCP/ IP Steven Low EAS, Caltech Joint work

Reverse Engineering TCP/ IP Reverse Engineering TCP/ IP Steven Low EAS, Caltech Joint work with: Li J W Li, J. Wang, Pongsajapan, Tan, Tang, M. Wang P j T T M W Outline Background Layering as optimization decomposition L

932 views • 47 slides
Next-Generation Debuggers For Reverse Engineering For Reverse Engineering The ERESI team

Next-Generation Debuggers For Reverse Engineering For Reverse Engineering The ERESI team

Next-Generation Debuggers For Reverse Engineering For Reverse Engineering The ERESI team eresi@asgardlabs.org This presentation is about .. The Embedded ERESI debugger : e2dbg The Embedded ERESI tracer : etrace The ERESI reverse

849 views • 47 slides
CS 166: Information Security Reverse Engineering & Digital Rights Management Prof. Tom

CS 166: Information Security Reverse Engineering & Digital Rights Management Prof. Tom

CS 166: Information Security Reverse Engineering & Digital Rights Management Prof. Tom Austin San Jos State University SRE Software Reverse Engineering Also known as Reverse Code Engineering (RCE) Or simply reversing

1.04k views • 80 slides
JTAG Interface Joint Test Action Group Nitesh Bhatia- 200501071 Shaik Khaja Ahmad - 200501074

JTAG Interface Joint Test Action Group Nitesh Bhatia- 200501071 Shaik Khaja Ahmad - 200501074

JTAG Interface Joint Test Action Group Nitesh Bhatia- 200501071 Shaik Khaja Ahmad - 200501074 Outline Background need for JTAG JTAG and Boundary Scan Advantages Atmel ICE mk-II and gdb Real JTAG

368 views • 21 slides
Reverse Engineering MAC: A Non-Cooperative Game Model Jianwei Huang Information Engineering The

Reverse Engineering MAC: A Non-Cooperative Game Model Jianwei Huang Information Engineering The

Reverse Engineering MAC: A Non-Cooperative Game Model Jianwei Huang Information Engineering The Chinese University of Hong Kong Joint work with J.-W. Lee, A. Tang, M. Chiang and A. R. Canderbank J. Huang (CUHK) Reverse Engineering MAC Nov.

605 views • 38 slides
Reverse Engineering Closed, heterogeneous platforms and the defenders dilemma Looking back at

Reverse Engineering Closed, heterogeneous platforms and the defenders dilemma Looking back at

Reverse Engineering Closed, heterogeneous platforms and the defenders dilemma Looking back at the last 20 years of RE and looking ahead at the next few SSTIC 2018 -- Thomas Dullien (Halvar Flake) Progress in Reverse Engineering 2010

941 views • 64 slides
JTAG (JOINT TEST ACTION GROUP) By Arthi Varadarajan (avaradar@uncc.edu) Topics Discussed . n

JTAG (JOINT TEST ACTION GROUP) By Arthi Varadarajan (avaradar@uncc.edu) Topics Discussed . n

JTAG (JOINT TEST ACTION GROUP) By Arthi Varadarajan (avaradar@uncc.edu) Topics Discussed . n BED OF NAILS(BON TESTER) n What is JTAG ??? n Advantages n Boundary Scan logic and Architecture n Real JTAG Applications BED OF NAILS FIXTURE n PCB

893 views • 21 slides
Cryptanalysis, Reverse-Engineering and Design of Symmetric Cryptographic Algorithms Lo Perrin

Cryptanalysis, Reverse-Engineering and Design of Symmetric Cryptographic Algorithms Lo Perrin

Cryptanalysis, Reverse-Engineering and Design of Symmetric Cryptographic Algorithms Lo Perrin SnT, University of Luxembourg April 25, 2017 PhD Defence Introduction On S-Box Reverse-Engineering On Lightweight Cryptography Conclusion

1.76k views • 137 slides
Reverse engineering basics @KirilsSolovjovs on twitter Mg.sc.comp. Kirils Solovjovs

Reverse engineering basics @KirilsSolovjovs on twitter Mg.sc.comp. Kirils Solovjovs

Reverse engineering basics @KirilsSolovjovs on twitter Mg.sc.comp. Kirils Solovjovs http://kirils.org for more Possible Security Reverse engineering? www.indiamart.com Contents Hardware architecture Processors and machine language

536 views • 25 slides
Understanding human speech recognition: Reverse-engineering the engineering solution using

Understanding human speech recognition: Reverse-engineering the engineering solution using

Cai Wingfield CSLB, Department of Psychology Workshop on Neurocomputation: From Brains to Machines University of Cambridge 25 November 2015 Understanding human speech recognition: Reverse-engineering the engineering solution using EMEG

196 views • 18 slides
Reverse Engineering CAPTCHAs Abram Hindle, Micheal W. Godfrey, Richard C. Holt Software

Reverse Engineering CAPTCHAs Abram Hindle, Micheal W. Godfrey, Richard C. Holt Software

Reverse Engineering CAPTCHAs WCRE 2008 Reverse Engineering CAPTCHAs Abram Hindle, Micheal W. Godfrey, Richard C. Holt Software Architecture Group David R. Cheriton School of Computer Science University of Waterloo Canada

726 views • 57 slides
Reverse Engineering Dr. Vadim Zaytsev aka @grammarware UvA, MSc SE, 9 November 2015 Roadmap

Reverse Engineering Dr. Vadim Zaytsev aka @grammarware UvA, MSc SE, 9 November 2015 Roadmap

Reverse Engineering Dr. Vadim Zaytsev aka @grammarware UvA, MSc SE, 9 November 2015 Roadmap W44 Introduction V.Zaytsev W45 Metaprogramming J.Vinju W46 Reverse Engineering V.Zaytsev W47 Software Analytics M.Bruntink W48 Clone

751 views • 31 slides
Reverse Engineering DSP Code GameCube DSP Analyzing GCN DSP code Pierre Bourdon Conclusion

Reverse Engineering DSP Code GameCube DSP Analyzing GCN DSP code Pierre Bourdon Conclusion

Reverse Engineering DSP Code Pierre Bourdon Introduction DSP Reverse Engineering DSP Code GameCube DSP Analyzing GCN DSP code Pierre Bourdon Conclusion delroth@lse.epita.fr http://lse.epita.fr February 12, 2013 Context Reverse

856 views • 18 slides
Introduction .NET Reverse Engineering Eric DePree Introduction to .NET Programs written for

Introduction .NET Reverse Engineering Eric DePree Introduction to .NET Programs written for

Introduction .NET Reverse Engineering Eric DePree Introduction to .NET Programs written for .NET are easy to reverse engineer. This is not in any way a fault in the design of .NET; it is simply a reality of modern, intermediate-compiled

132 views • 10 slides
Explaining the Boom-Bust Cycle in the U.S. Housing Market: A Reverse-Engineering Approach

Explaining the Boom-Bust Cycle in the U.S. Housing Market: A Reverse-Engineering Approach

Overview Evidence Model Calibration Quantitative Results Reverse Engineered Shocks Conclusion Extras Explaining the Boom-Bust Cycle in the U.S. Housing Market: A Reverse-Engineering Approach Paolo Gelain Kevin J. Lansing Gisle J.

717 views • 50 slides
Cellular Signal Boosters Level 2 Training Slides available at

Cellular Signal Boosters Level 2 Training Slides available at

Cellular Signal Boosters Level 2 Training Slides available at https://cellphonesignalbooster.us/level-two-wilson-certified-installer-certification-training-course-online/ Antennas Wide Band Directional Panel Antenna 600mHz to 2600mHz 600mHz

380 views • 15 slides
Computer Architecture Summer 2020 I/O Tyler Bletsch Duke University Includes material adapted

Computer Architecture Summer 2020 I/O Tyler Bletsch Duke University Includes material adapted

ECE/CS 250 Computer Architecture Summer 2020 I/O Tyler Bletsch Duke University Includes material adapted from Dan Sorin (Duke) and Amir Roth (Penn). SSD material from Andrew Bondi (Colorado State). Where We Are in This Course Right Now

897 views • 40 slides
Chapter 4 MARIE: An Introduction to a Simple Computer Objectives Learn the components

Chapter 4 MARIE: An Introduction to a Simple Computer Objectives Learn the components

Chapter 4 MARIE: An Introduction to a Simple Computer Objectives Learn the components common to every modern computer system. Be able to explain how each component contributes to program execution. Understand a simple architecture

922 views • 67 slides
Breaking combinational cycles Danil Sokolov, Victor Khomenko, Alex Yakovlev Newcastle University,

Breaking combinational cycles Danil Sokolov, Victor Khomenko, Alex Yakovlev Newcastle University,

Breaking combinational cycles Danil Sokolov, Victor Khomenko, Alex Yakovlev Newcastle University, UK Introduction Combinational cycles Common in asynchronous circuits (implement memory) ... but they upset conventional EDA tools

403 views • 12 slides
Breaking Out of Local Optima with Count Transforms and Model Recombination Valentin I. Spitkovsky

Breaking Out of Local Optima with Count Transforms and Model Recombination Valentin I. Spitkovsky

Breaking Out of Local Optima with Count Transforms and Model Recombination Valentin I. Spitkovsky with Hiyan Alshawi (Google Inc.) and Daniel Jurafsky (Stanford University) Spitkovsky et al. (Stanford & Google) Breaking out of Local Optima

1.6k views • 125 slides
Module 12: I/O Systems I/O hardwared Application I/O Interface Kernel I/O Subsystem

Module 12: I/O Systems I/O hardwared Application I/O Interface Kernel I/O Subsystem

Module 12: I/O Systems I/O hardwared Application I/O Interface Kernel I/O Subsystem Transforming I/O Requests to Hardware Operations Performance Silberschatz and Galvin 1999 Operating System Concepts 12.1 I/O Hardware

390 views • 21 slides
Module 12: I/O Systems I/O Hardware Application I/O Interface Kernel I/O Subsystem

Module 12: I/O Systems I/O Hardware Application I/O Interface Kernel I/O Subsystem

' $ Module 12: I/O Systems I/O Hardware Application I/O Interface Kernel I/O Subsystem Transforming I/O Requests to Hardware Operations Performance & % Operating System Concepts 12.1 Silberschatz and Galvin c 1998

123 views • 11 slides
Silberschatz and Galvin Chapter 12 I/O Systems CPSC 410--Richard Furuta 3/19/99 1 Topic

Silberschatz and Galvin Chapter 12 I/O Systems CPSC 410--Richard Furuta 3/19/99 1 Topic

Silberschatz and Galvin Chapter 12 I/O Systems CPSC 410--Richard Furuta 3/19/99 1 Topic overview I/O Hardware Application I/O Interface Kernel I/O Subsystem Transforming I/O requests to hardware operations Performance

528 views • 16 slides

More recommend