A trusted boot device secures JTAG scan chains of integrated circuit components on a circuit card assembly without necessarily modifying the integrated circuit components. Component JTAG port I/O scan chain signal pins are independently routed to FPGA fabric on the trusted boot device. The trusted boot device monitors the JTAG paths and triggers a security event if unauthorized activity is detected on a JTAG path. JTAG paths on the secure trusted boot device are latch disabled by default and upon detection of a security event. JTAG paths are only enabled for a predefined length of time. To prevent JTAG access when protected data is exposed, a watchdog timer latch disables the JTAG paths when the predefined time has expired and may trigger a security event if activity is detected after the time has expired. A power cycle is then used to re-enable authenticated JTAG enable requests.