Could your refrigerator be the next weapon of choice for cyber terrorists? It’s possible, not likely, but possible. In this new Internet of Things (IoT)-entrenched world we live in, any smart or connected device—be it a computer network, appliance or automotive infotainment system—is at risk for corruption. Though we most often associate these breaches with a breakdown in information technology (IT) security, there is increasing recognition that security gaps in the electronic component supply chain may represent a more serious economic, and health and safety threat than anything we previously encountered.
This emerging supply chain menace comes in the form of a malicious counterfeit component. Unlike traditional counterfeit parts that are reclaimed, remarked, re-engineered or otherwise fraudulently represented, malicious counterfeits are intentionally altered during the integrated circuit (IC) design process to insert malignant functionality—hardware trojans, kill switches, etc.—into the code before it is manufactured. Perpetrators of this form of counterfeiting are not generally motivated as much by profit as a desire to do harm. This tainted code may be triggered to launch a cyber attack in order to intercept classified intelligence, compromise critical infrastructure capabilities or disable weapons systems. What makes these devices so insidious, and difficult to identify, is that they typically function as they should, and are likely to be produced and sold by the original manufacturer, but hidden within, is malicious functionality designed to steal, control or damage.
Going All In
To date, much of the onus for maintaining the integrity of the electronics supply chain fell on buyers (i.e. source only from authorized suppliers, require a verifiable paper trail for the movement of parts throughout the supply chain, etc.). However, as the threat landscape evolves, mitigating the risk of both fraudulent and malicious electronic components requires buy-in from all members of the supply chain—upstream and downstream.
An effective supply chain security strategy needs to proactively endeavor to minimize exposures throughout the entire lifecycle—from cradle (secure IC design, fabrication and manufacturing) to grave (ethical e-waste disposal) and everything in between. It must also reflect the reality that most electronic systems are built with chips that were designed and manufactured outside the original equipment manufacturer’s (OEM’s) home market—unless, of course, that OEM is based in China, Taiwan, South Korea, Malaysia or the Philippines.
Recognizing the growing vulnerability of the IC design process, groups in the U.S. including the Semiconductor Research Corp. (SRC), the U.S Department of Defense (DoD), the National Security Agency (NSA), the Defense Advanced Research Projects Agency (DARPA) and the Intelligence Advanced Research Projects Activity (IARPA), established a number of programs to develop tools and processes to better protect ICs from tampering during the design and manufacturing process.
The DoD’s Trusted Foundry initiative was launched in 2004 to assure the DoD had access to secure, domestic advanced semiconductor fabrication and application-specific integrated circuit (ASIC) services. The program since expanded to include trusted suppliers for packaging/assembly, post-processing, mask manufacturing, mask data parsing and aggregation. Trusted Foundry, however, is restricted to a select group of components bound specifically for U.S. military and defense systems.
Similar programs are in place in other regions as well. For example, the European Commission’s Project UNIQUE is focused on the development of “an integrated approach to protect hardware systems against counterfeiting, cloning, reverse engineering, tampering and insertion of malicious components.”
Reaching for the Stars
The technological and process advancements made through these programs hold promise for all supply chain stakeholders. Semiconductor Research Corporation (SRC), a university research consortium, is working with the National Science Foundation on a joint research effort called Secure, Trustworthy, Assured and Resilient Semiconductors and Systems (STARSS). The goal is to develop new strategies for IC architecture, specification and verification that can provide “assurance and confidence in the trustworthiness, reliability, and security of electronic systems, strategies and techniques that incorporate security in all stages of design and manufacture.”
In addition, adaptations to the chip fabrication process could also enable manufacturers to leverage global semiconductor production capacity, while still protecting design integrity. IARPA is said to be investigating the feasibility of an advanced chip-making technology under its Trusted Integrated Chips program that entails split-manufacturing. The process would divide chip fabrication into front-end-of-line (FEOL) manufacturing, consisting of transistor layers to be fabricated by offshore foundries, and back-end-of-line (BEOL) development that would be fabricated by trusted U.S. facilities.
As these large-scale initiatives to better secure IC-level hardware progress, individual chipmakers must do their part to reduce the likelihood that their parts may be corrupted before, during or after manufacturing. They must commit to more carefully vetting all personnel and subcontractors involved in the process, and thoroughly tracking design changes as chips are developed.
No Faking It
At the same time, it is incumbent upon the rest of the supply chain to continue to actively support the anti-counterfeit movement within our respective domains. It is well-documented that counterfeit components are most often introduced into the supply chain through non-authorized, grey market sources. In 2012, a DoD report stated that the “overwhelming majority” of the more than 1 million counterfeit parts identified in an investigation of the DoD’s supply chain were sourced from independent electronic parts distributors. Most of those independent distributors probably had no idea the product they were selling was illegitimate. Therein lies the hazard of sourcing through unauthorized distribution channels. If there is no verifiable paper trail for the product they sell, there is no way to assure that parts were not tampered with, repackaged or outright faked.
Since part obsolescence is a known trigger for the desperation that drives buyers to the grey market, it stands to reason that the appropriate corrective action is to assure that your bill of materials (BOM) is not compromised by part availability.
Obviously, this is much easier said than done. However, OEMs can significantly mitigate this risk through better/more proactive BOM management, particularly in the earliest phases of the design process. For example, designing with open architecture allows for easier part replacement. Proactively planning new technology insertion through the production and support life of the program can also help avert obsolescence risk.
It is also time to break down the functional silos, and actively engage supply chain/materials management professionals and/or your distribution partner in the new product development process. Time and again, we hear stories from purchasing and supply chain folks about the trials they face in trying to source hard-to-find components specified by engineers who considered only the part technology and not its lifecycle status, whether it is single-sourced, in high demand or produced in a high-risk region. A design for supply chain (DfSC) approach can not only mitigate counterfeit risk, but enable OEMs to reduce costs, increase revenue and achieve more consistent customer satisfaction—a win all around.
Live to Fight Another Day
Every war is won one battle at a time. Members of the global electronics supply chain are under constant assault by a range of enemies, but our arsenal of weapons gets stronger every day. If we rally the forces, and remain vigilant in our efforts to protect and secure our people, processes and products, we may not win every battle, but I am confident we can eventually win the war.
Wade McDaniel is the vice president of solutions architecture at Avnet Velocity.