Integrated circuits manufactured today frequently include several different operational modes, such as a normal mode, a low power mode, and so forth. Some integrated circuits also include one or more testmodes, which may be used to verify that the integrated circuit was manufactured correctly, to debug any problems with the integrated circuit, and so forth. Usually, a testmode allows relatively broad and flexible access to the integrated circuit in order to be able to thoroughly test as much of the integrated circuit as possible. If the testmode does not have access to a particular feature or portion of the integrated circuit, an engineer may not be able to verify that feature or portion of the integrated circuit after manufacturing and/or be able to debug that feature or portion of the integrated circuit if problems are subsequently encountered.
Integrated circuits manufactured today also frequently include one or more storage elements, some of which may store sensitive data. As hackers and viruses continuously exploit loopholes in software, electronic device designers frequently turn to hardware such as integrated circuits to find ways to increase security. For example, an encryption key may be stored in a memory circuit in order to encrypt the contents of the memory and/or encrypt data being read from or written to the memory and thus prevent unauthorized access. The sensitive data may not be accessible during a normal mode. For example, sensitive data (such as the encryption key mentioned above) may be used internally in an integrated circuit, but it may be desirable to prevent a user from externally being able to access the sensitive data (thereby enabling theft or manipulation of the sensitive data). If the sensitive data is important enough, it may even be desirable to prevent a user from being able to access the sensitive data during a testmode. As mentioned above, however, testmodes generally provide relatively broad and flexible access to an integrated circuit. Therefore, even if access to the sensitive data is not directly available in a testmode, the broad and flexible access a testmode provides may allow a determined user to compromise the security protocols of the testmode and obtain unauthorized access to the sensitive data. Thus in some cases it may be desirable to lockout all testmodes in order to ensure no access to the sensitive data. However, if access to one or more testmodes is disallowed because of the presence of sensitive data, an engineer may not be able to test the circuit.
One approach to resolving the tension between allowing broad access to testmodes in an integrated circuit on the one hand, and securing sensitive data in the integrated circuit from being improperly accessed on the other hand, is to only enable access to the testmodes if a secret code is provided to the integrated circuit. This type of approach may be effective in some situations, but it may be difficult to prevent the secret code from being improperly distributed to malicious users.