Sunday, November 22, 2020

Uniquely Identifying PCBs, Subassemblies, and Packaging

Securing the semiconductor supply chain is becoming much more difficult as devices increasingly are disaggregated, a shift being forced on the industry due to the rising cost of scaling and the need for more customization and faster time to market.

Individual component IDs are an important starting point for supply chain trust, but they are no longer sufficient. Those components will end up in systems, and those systems have sub-components like printed circuit boards and subsystems. They also can be counterfeited, or components originally in place could be replaced with counterfeit versions after initial assembly.

So there’s a hierarchy of assemblies that will need immutable identifiers, along with the packaging used for transporting materials during manufacturing. This is part of an industry effort, spearheaded by SEMI, to track every component at every stage of development.

“We’re trying to capture everything from the time when it’s a singulated die to the time it’s put into a package, put onto a printed circuit board, or goes into a braking module in a car,” said Dave Huntley, business development at PDF Solutions and co-chair of three SEMI committees/task forces. “With each asset, there is the opportunity to stamp that asset with some sort identifier.”

Identifying PCBs
Identification reaches well beyond a chip. A PCB, for example, can be identified by the components it contains. But there is value in giving a board or any other sub-assembly its own unique ID, and there are ideas afoot for doing this visually, leveraging the unique physical characteristics of the subassembly.

The fibers in a PCB, viewed up close, can provide an ID. Rather than relying on the board material, a company named Dust Identity embeds diamond dust in the PCB coating at a level of 1% to 2%. The position and orientation of the particles in that coating have sufficient entropy for acting as an ID. “We encourage users to add the dust to places where they’ve already put identities – on top of a QR code, an RFID, a serial number, or in the engraving of a serial number,” said Ophir Gaathon, CEO of Dust Identity.

Simply looking visually at these dust particles can provide an inconsistent “fingerprint” that depends on the angle of the image, as well as all aspects of the lighting. Instead, the company dopes the diamonds with nitrogen to create nitrogen/vacancy pairs that give an alignment measurement that’s robust. That can be 10 to 14 bits worth of resolution for the orientation, which is then multiplied by the number of particles and the location information to provide a high degree of entropy. That said, Dust Identity was not able to provide specific data on its level of entropy.


Fig. 1: A circuit board with diamond dust in the coating. Source: Dust Identity

It’s important to distinguish between the identity of a physical board and the identity of the finished board after assembly. The board itself is manufactured on one line and assembled on another. A visual board ID ensures that the board being assembled is the same as the one that was created. Once assembled, however, the “board” is really a subsystem consisting of the physical board and the bill of materials it represents. That bill of materials – with the IDs of the constituent components – then can serve as the origin of a subsystem ID.

One possible goal is the ability to validate an entire board once it has been assembled. Doing so requires a number of individual pieces of the system to be in place:

  • An electronically readable chip ID;
  • Equipment to access the ID in the semiconductor facility;
  • A format for transferring the data;
  • Factory exchange and assembly authentication;
  • Equipment in the assembly house to power up board and check IDs, and
  • Possible functional test-equipment adaptations.

It’s also possible to have a separate device – a ROM – with an ID that’s added to the board as an identifier. The challenge is that the ROM could be replaced with a different ROM, or the value of the ROM – which is intentionally readable – could be programmed into other devices. “If you could steal an authentic authentication chip during manufacture after that chip has been fully provisioned with keys, then you could attach that chip to Bob’s ink cartridge and then sell it as a tier-one branded ink cartridge,” observed Scott Best, technical director of anti-counterfeiting products at Rambus.

In order to overcome this limitation, the ID needs to be supplemented with information on other components on the board to help “uniquify” it. By going in that direction, one could eliminate the ROM entirely and use the components on the board to build a board identifier.

“The chip goes to the board, resistors go to the board, everybody’s going to board,” explained Tom Katsioulas, head of trust-chain business at Mentor, a Siemens Business. “Now the board has a bunch of things — resistors, capacitors, chips, you name it. And all of those things have their own set of identifiers. The supply chain needs to take those identifiers and create a new identity for the board — some sort of a hash of the combined bill of materials.”

Further in this direction, some have considered using a processor on each board as a root of trust that authenticates itself up the hierarchy. Boards, subsystems, systems, and systems-of-systems each would have such an authenticator. The top of the hierarchy would not be judged authentic without all of the hierarchy below it authenticating successfully.

Moving goods reliably
One of the highest-risk aspects of manufacturing is the need to move work in progress, components, or subsystems between locations. There’s an opportunity for outside, or even inside, personnel to tamper with packaged units en route. “What happens when components, materials, products, and subassemblies, are transferred between trusted environments?” asked Michael Ford, senior director of emerging industry strategy at Aegis Software and chair of three committees for the IPC standards body.

“You’ve got a lot of security around making semiconductors, and around putting those semiconductors on a board,” Ford explained. “But in the middle, those are transported by a guy in a white truck.” That person could be susceptible to inducements that would let someone, for instance, board a truck, identify a package, open and tamper with the contents, and place the tampered material in a new box.

The key here is the label. “Barcodes can easily be copied,” said Ford. “You just need a copy of PowerPoint to remake a label that looks authentic.” Ensuring that labels are unique and have not been disturbed is made possible by embedding some kind of ID in the label. “Instead of using barcodes, we want to use a feature of the packaging itself. This can be embedded fibers within the cardboard or label. It’s something that’s impossible to reproduce.”

He noted that adds about 5% to the cost of the label, which is a small percentage of the cost of the packaging.

One company, Septillion, makes such a label. “They embed UV fibers in the paper making process that yields a 3D holographic effect when you illuminate it with UV light,” said Ford. “That’s a random pattern that will never occur again. So you read this as an identifier. Cut that label or damage the package in any way and you could never use that ID again.”

Making the package “anonymous” also can raise the cost of tampering, because the package being sought would not be identifiable visually. Only the destination would be available based on a scan of the label ID. Someone attempting to intercept such a package might have to break into all of the packages in a truck to find the critical one, which would make the attempt evident at the very least.

Detecting anything – components, packaging, systems
While some approaches to an ID focus on specific components, subsystems, or labels, one company has an approach that they claim can handle any of these. Alitheon has technology that lets it take a picture of an item, analyze the surface of the item, and create what it refers to as a “feature print.”

“We take the surface features of an object and create a digital ID that is unique to that object and is based only on those unique surface features for that object,” said Jake Sedlock, head of manufacturing sales at Alitheon. What’s unique about this approach is that they don’t need to add anything like a label or mark to the device, so it doesn’t require any extra space.

The first time the company sees a device, it images that device and registers the feature print – similarly to enrolling a component ID. Subsequently, imaging can be done farther down the manufacturing path or during failure analysis, and Alitheon’s system will authenticate the device, confirming whether or not it has seen that unit before.

The goal is to identify points on the surface to use for the feature print. With a PCB, “we use a maximum for any given feature print of 4,000 points,” said Evan Keach, solutions architect at Alitheon. “A subset of those – say a few hundred – are more than sufficient to uniquely identify that item.” This can be done with mechanical items like gears or bushings or bolts, as well as with individual ICs, passives, PCBs, or subsystems. The technology even can be used to authenticate bars of gold.

With a PCB, some portion of the board is identified as the “fiducial” – the area from which to create the print. “The [feature-print] algorithms are set up to be invariant to whatever variants are likely to occur,” said Dave Ross, founder and chief scientist at Alitheon. In a demo that used a cellphone, half of the fiducial area was obscured and the system still recognized it. So while not disclosing how the print is formed, it’s clearly not a hashing style of signature because a subset of the original points is recognizable. That said, the company did not share a reference documenting the level of entropy.

Alitheon can image an entire board and, when authenticating, determine whether any of the components on the board in the original registered image have been replaced. It can identify sub-areas on the board – critical components like an IC – and authenticate them at the same time. In theory, this could eliminate the need for incoming authentication for those components, although discovering a counterfeit after it has been assembled is more expensive than weeding the device out before assembly.

This technology also can authenticate trays of identical items in one image, separating them out during the processing rather than requiring an image per unit. Reels would be harder to handle because they’re inherently serial. Whether it would be practical to image devices on a reel would depend on the application.

Nevertheless, this can be yet another approach to validating the authenticity of components both before and after assembly. It also can be used to authenticate packaging or labeling for materials in transit. “In the millions of items that we have authenticated, we have never made a high-confidence mistake,” said Ross.


Fig. 2: An example of a manufacturing and transport flow where, in this case, a mechanical component is imaged and authenticated in multiple places. Source: Alitheon

Can visual approaches be used for high-volume manufacturing?
A number of the ways of identifying components rely on the ability to capture a high-resolution image to verify authenticity. In a high-speed manufacturing environment, would it be possible to use such an approach prospectively to ensure that all materials being assembled are legitimate? It’s not clear whether the acquisition and processing of such images would slow down the line to an unacceptable extent.

One alternative would be to use the IDs as part of incoming inspection, before the components have been introduced into the line. The delay in the ability to use the components would be felt when the first lots arrived, but after that any delay could be hidden behind the actual manufacturing itself. Once the first lots have been used up, the next lots already have been verified.

Alitheon said it can register devices at relatively high speeds, because that speed is limited only by the camera and the ability to transport the data to a server. The actual creation of the print can be handled “offline” while the next devices are imaged. Authentication, however, takes longer, because an image must be taken and then verified before the device can be accepted. That means a trip to a server and back – maybe even to the cloud and back. So, while it’s possible to register 10 images per second, it’s not obvious whether authentication could happen that quickly.

Conclusion
While many pieces of a robust component identification methodology exist today, we are very much in a transitional period, and that could bring new risks.

“In order to bridge the gap, we have to tolerate a lot of brokenness,” said Alric Althoff, senior hardware security engineer at Tortuga Logic. “And in the midst of the brokenness is an opportunity for attacks.”

Once we get it right, we’ll be better positioned to have high confidence in all of the components and their assemblies in the wide variety of electronics we build and use.

Related Articles
New And Innovative Supply Chain Threats Emerging
But so are better approaches to deal with thorny counterfeiting issues.
Fundamental Changes In Economics Of Chip Security
More and higher value data, thinner chips and a shifting customer base are forcing long-overdue changes in semiconductor security.



from Hacker News https://ift.tt/2IL15vR

No comments:

Post a Comment

Note: Only a member of this blog may post a comment.