It is common to provide scan and debug features for chips carrying electronic circuits. The purpose of scanning a chip is to check it has been manufactured correctly and does not contain unintended short circuits or logic errors. Debugging is used in development of a prototype chip to correct any errors before mass manufacture. Although these features are extremely useful in developing a working chip, they have a disadvantage in that they allow access to other chip features or data which are considered secure i.e. should not be available or visible in deployed devices.
Devices containing such chips are commonly arranged such that when the device is powered up, a reset procedure is carried out. This puts the chip in a known state from which various user authentication procedures can be safely and correctly run. However, by tampering with a chip, it can be possible to bypass the authentication procedures or cause them to run incorrectly, thereby putting the chip in a state where it thinks it has been authenticated but has not been. Thus an unauthorised user could access secure features or data. In other words the chip can be attacked by powering it up but not resetting it.
Power-up reset circuits as known in the art can be used to avoid this scenario, by attempting to ensure that a reset always occurs. One disadvantage of such circuits is that for various reasons they are somewhat difficult circuits to implement on standard digital chips. For example, the necessary voltage may not be available on the chip, and the silicon area may not be adequate. Another disadvantage of such circuits is that they are themselves open to various attacks based upon control of chip power supplies. For example, tampering using a controlled voltage ramp can cause the power-on reset circuit to not work correctly.
Therefore it would be desirable to provide a circuit which will begin in a secure mode after power-up, whether reset or not and regardless of whether attempts are made to compromise security by tampering with reset or power supplies. Such a circuit would enable authentication to be started from a secure known condition such that the authentication procedure would work correctly and could not be bypassed.