from Hacker News

Reverse Engineering PCBs with JTAG

by meneses on 8/5/15, 3:48 PM with 9 comments

  • by anoonmoose on 8/5/15, 5:34 PM

    I found this presentation really interesting, in no small part because I've been doing a lot of reading on JTAG for work lately.

    One idea I'd like to add: using EXTEST to identify the pins. If I understand the command correctly, it seems as if one could utilize the BSDL file to generate a series of EXTEST patterns that would each set one I/O pin high and the rest of them low. Then, you could just probe the IC pins until you found the high one. This is more or less the reverse of what he describes- he's applying a voltage and using the SAMPLE command to detect it.

    To my understanding, this EXTEST method could also be used instead of the suggestion on slide 90 to write some VHDL/Verilog to copy a known input to an unknown output.

    Doing any of this in an automated/programmatic way would probably take a better software suite than 20-day one mentioned, or at least a lower-level tool of some sort, I suppose.

  • by xwintermutex on 8/5/15, 7:12 PM

    If you have a few pins that you suspect to be JTAG, but don't know which is which, there are tools for that too [1], (instead of manually trying).

    [1]: http://hackaday.com/2013/10/02/jtagulator-finds-debug-interf...

  • by VLM on 8/5/15, 7:54 PM

    Nice presentation. Around slide #84 or so, for a good time don't just put in a current limiting resistor, put in a current limiting resistor and a LED. Hmm the LED lit up I guess the pin is a grounded pin?

  • by jakeogh on 8/7/15, 7:12 PM

    Google drive/docs closing in 3...2.. argh I wish they would just get on with it.