Safeguarding the Digital Frontier: Detecting Counterfeit Electronic Components and Hardware Trojans

Introduction

In the ever-evolving landscape of technology, the threat of counterfeit electronic components and hardware Trojans has become a critical concern for industries relying on electronic systems.

The proliferation of commercially available Information and Communication Technology (ICT) solutions has ushered in an era of unprecedented benefits, ranging from low costs and rapid innovation to a plethora of product features and vendor choices. However, the same factors that contribute to these advantages, such as globalization, have also given rise to significant threats to the ICT supply chain.

Counterfeit electronic components and Hardware Trojans pose risks that, if undetected, can have far-reaching consequences for end-users. From military defense to healthcare and everyday consumer electronics, the infiltration of substandard or malicious hardware pose severe threat from individual’s health to national security.

This article delves into the rising challenges posed by counterfeit electronic components and hardware Trojans and explores the need for innovative detection technologies to safeguard our digital infrastructure.

The Growing Threat

Counterfeit electronic components refer to unauthorized or imitation parts that are falsely represented as genuine products. These components often find their way into the supply chain, posing serious risks such as system malfunctions, increased failure rates, and vulnerabilities to cyber-attacks. On the other hand, Hardware Trojans are malicious alterations to hardware designs, subtly inserted during the manufacturing process, with the intent to compromise system functionality or security.

Counterfeiting is the largest criminal enterprise in the world, according to the US Patent and Trademark Office, with domestic and international sales of counterfeit and pirated goods totaling between an estimated $1.7 trillion and $4.5 trillion each year. Major consumer brands also face revenue declines from diversion across sales channels and geographies. Fake and diverted goods put consumers, brand reputations and revenues at significant risk.

The Implications

The implications of utilizing counterfeit components or falling victim to Hardware Trojans are far-reaching. In critical sectors like defense, compromised electronic systems can result in equipment failure, compromising the safety of military personnel. In healthcare, the use of counterfeit components in medical devices can jeopardize patient well-being. Moreover, in the realm of everyday electronics, such as smartphones and laptops, hardware Trojans can lead to data breaches and privacy violations.

Counterfeit electronic components, including microchips, have emerged as a major concern, particularly in critical sectors like defense. A 2011 Senate Armed Services Committee investigation revealed alarming statistics, with at least 1,800 cases of counterfeit parts identified in U.S. weapons and approximately 1 million suspected counterfeit parts in the supply chain. The consequences of using such components are dire, leading to reduced reliability and potential threats to the lives of soldiers.

Supply Chain Complexity and Challenges

The complex journey of a single chip through semiconductor design, manufacturing, packaging, PCB production, and distribution creates numerous vulnerabilities. Chips may undergo over 14 different locations, and post-initial use, they might be refurbished, remarked, and repackaged, introducing risks of immediate failure or latent electrostatic discharge failures.

PCBs give another opportunity for an attacker to tamper, clone, counterfeit, and insert a hardware Trojan. In fact, since PCBs lie at the heartof an electronic system and integrate several components to achieve the desired functionality, it is increasingly important to guarantee a high level of trust and reliability at such an integration stage. The  incident allegedly at Supermicro serves as an example.

These ICT supply chain risks may include insertion of counterfeits, unauthorized production, tampering, theft, insertion of malicious software and hardware, as well as poor manufacturing and development practices in the ICT supply chain. The globalized nature of the supply chain makes it nearly impossible to guarantee the genuineness or performance standards of integrated circuits (ICs).

Hardware Trojans: A Stealthy Threat

Hardware Trojans (HT) add another layer of complexity to the security landscape. These malicious circuit inclusions, designed to damage chip functionality or leak confidential information, can be inserted at any stage of the design flow. The time-to-market demands have led to integrated circuit design, manufacturing, and testing being distributed globally, resulting in security concerns such as overbuilding, IP protection, counterfeiting, and hardware Trojans.

A hardware Trojan can be designed as a time bomb to disable and/or destroy a system at some future time. Hardware Trojans can be inserted at any stage of the design flow by an adversarial third party to tamper the original design.

It is important to establish a root of trust from design house to supply chain. To distinguish malicious alterations in the design, authors  have used power as the side-channel signal. To make the Trojan(s) more observable on outputs,  voltage switching on supply rails to alter the circuit logic has also been proposed. Additional gate delay could be introduced by Trojan(s) which  can be exploited and it will alter the delay signature of the path where it  occupies. In pre-silicon stage, a four-step approach is proposed to filter and locate malicious insertion(s) implanted in a third party Intellectual Property.

Current Detection Challenges

Traditional methods of detecting counterfeit components and Hardware Trojans are often inadequate. Visual inspection and testing may not uncover sophisticated Trojans, and the sheer complexity of modern electronic designs makes it challenging to identify unauthorized components.

As most IC designs are extremely large and contain a huge amount of hardware description, these inclusions are difficult to detect and the sheer size of the code can require many people having access to the code at production level. It is difficult to protect against such threats, but some solutions based on ad hoc design and verification methods have been proposed.

Moreover, globalized and complex supply chains provide ample opportunities for counterfeit components to infiltrate the production process.

Detecting and Preventing Hardware Trojans

Detecting hardware Trojans requires a multifaceted approach. Establishing a root of trust from the design house to the supply chain is crucial. Authors have proposed using power as a side-channel signal to identify malicious alterations in the design. Techniques involving voltage switching on supply rails and introducing additional gate delay can enhance the observability of Trojans in pre-silicon stages. However, given the immense size and complexity of IC designs, detecting these inclusions remains a challenging task.

Counterfeit detection tests broadly fall into two categories: physical/mechanical and electrical performance based tests. Using physical and electrical test methods, significant numbers of counterfeit ICs can be detected.

Instead of adding additional circuitry to the target design, hardware Trojans are made by changing the polarity of existing transistors. Since the modified circuit appears legitimate on all wiring layers (including all metal and polysilicon), it is resistant to most detection techniques, including fine-grain optical inspection and checking against original design specifications.

Functional testing, often referred to as Automatic Test Pattern Generation (ATPG)  technique is more commonly used to locate manufacturing faults; it has been shown to be effective in detecting hardware trojans. ATPG involves inputs of ports are stimulated and then the output ports are monitored for variations that may indicate a hardware trojan has been activated. Functional testing techniques can also be useful when attempting to determine the trigger patterns of conditional trojans.

Reverse Engineering

Reverse Engineering (RE) of electronic chips and systems refers to the process of retrieving an electronic design layout and/or netlist, stored information (memory contents, firmware, software, etc.), and functionality/specification through electrical testing and/or physical inspection. In the detection process, the incoming electronic components undergo a physical or electrical inspection process to examine authenticity. As RE is an interior, physical-inspection-based approach, to decide whether a chip/system is cloned or to detect a Trojan, one should rely on the availability of golden data. Golden data can be images from a known authentic chip or PCB, bill of materials (BoM), schematic, layout, or device, whose functionality, structural and electrical parametric signatures are available for comparison. A golden layout or design can provide a benchmark for assessing the functionality of the chip or analyzing its physical structure.

The RE process comprises delayering, imaging, annotation, and netlist extraction. The current state-of-the-art practices are tedious, challenging, and expensive. They usually require a suite of cleanroom and microscopy equipment, very long imaging times, and manual or semi-automated postprocessing steps for converting images to netlists. Despite this, recent advancements in failure analysis tools and delayering processes are opening up new dimensions in RE. As an example, plasma etching has achieved better control over ion-energy distribution, thereby improving selective and automation in delayering.

As counterfeiters start using more advanced mechanisms that are not easily detected by physical and electrical test methods, new detection techniques are needed – specifically, those that are designed for security and low-cost. For example, new optical photon-counting security tagging and verification of integrated circuits (IC) using optically encoded QR codes  might present such a low-cost mechanism.

PCB Counterfieting

For PCBs, counterfeiting and Trojan insertion is a similarly prevalent problem. While there are existing chip-level integrity validation approaches, as mentioned above, they are not readily adaptable to PCBs which is a cause for concern.

In response to this concern, a common method for preventing and protecting against PCB counterfeiting is to take advantage of intrinsic characteristics of PCBs making each and every of them (quite) unique.  Another approach has explored using unique patterns seen in images of surface vertical interconnect access (via) as fingerprints of design to overcome the problem of counterfeit PCB distribution. While both of these approaches can help us to improve reliability and assurance of a PCB after manufacturing, these techniques would still have to face difficulties in detecting small Trojans. Advances in the RE automation process can enable us to shorten the time to identify these type of threats at multiple levels of an electronic system.

Innovative Detection Technologies

Addressing these challenges requires a paradigm shift in detection technologies.

Here are some innovative approaches:

Advanced Imaging and Scanning Techniques: Leveraging advanced imaging technologies, such as X-ray and electron microscopy, can help identify minute alterations in hardware designs. These techniques enable thorough inspection at the microscopic level, uncovering hidden Trojans.

Furthermore, the introduction of non-destructive X-ray computed tomography (X-Ray CT) and ptychography in recent years can eliminate the process of delayering, and hence, can speed up the imaging time for the upper metal layers of an IC and an entire PCB. New scanning
electronic microscopes (SEMs), such as multi-beam systems, have also been introduced to significantly speed up imaging of nanoscale samples. Nevertheless, they are not widely available and are still several times more expensive than standard SEMs. In addition, since such tools could yield petabytes of data in only a day, the research on automated and intelligent image analysis algorithms is an urgent need to reduce the time and cost of RE.

Cryptographic Signatures: Incorporating cryptographic signatures into electronic components can provide a unique identifier for genuine products. Verifying these signatures during the manufacturing and assembly processes adds an additional layer of security.

Researchers at New York University Abu Dhabi’s (NYUAD) Design for Excellence (Dfx) lab have achieved groundbreaking advancements in computer chip security technology. They have developed ‘logic-locked’ computer chips, featuring a microcontroller with an ARM microprocessor unit, ensuring security at the hardware level. Secured by a secret binary key, these chips can only be unlocked by loading the key into their memory, preventing unauthorized access and immune to reverse engineering. This innovative approach marks a significant milestone in IT security, as traditionally, security features were implemented at the software or system levels. NYUAD’s solution is the first to be provably secure, based on mathematical security definitions and implemented on a real chip, offering a robust and trustworthy security solution for electronic devices at the hardware level.

Emerging technologies:

Nanoscale signatures: Manipulating nanoparticles within chip materials creates unique optical patterns invisible to the naked eye but detectable with specialized scanners, acting as a kind of “secret watermark.”

Navy scientist Alison Smith at the Naval Surface Warfare Center (NSWC) is exploring the use of nanoscale signatures to certify sensitive components and prevent counterfeit parts from entering military equipment. Smith’s research involves embedding arrays of crystal nanoparticles in materials to alter their macroscopic optics in distinctive ways without compromising functionality. The nanoscale alterations create unique reflections that can be verified with basic cell phone cameras, similar to QR codes, providing a straightforward method for on-the-fly onsite authentication of components during equipment assembly. Once an official protocol for nano-certification is established, this technology could extend beyond the military, enhancing quality control in various industries globally and mitigating the risk of counterfeit parts.

Metasurfaces: These engineered surfaces can manipulate light in precise ways, creating unique optical signatures that can serve as reliable anti-counterfeiting markers.

Researchers at Pohang University of Science and Technology (POSTECH) have developed an innovative anticounterfeiting and tampering prevention system utilizing ultraviolet (UV) and visible light. Overcoming challenges associated with the short wavelength of UV light and silicon’s propensity to absorb UV light, the team adjusted the physical properties of silicon nitride to create subwavelength structures, forming a metasurface. The metasurface operates in both UV and visible light regions, creating a metahologram that displays a unique product number when irradiated with UV light. The system utilizes invisible ultraviolet characteristics, making it difficult to decrypt, and the stacking of two metasurfaces increases the storage capacity for images and information. The researchers are exploring potential applications in various industrial sectors, including security applications for items like paper bills and passports.

Machine Learning and AI: Employing machine learning algorithms and artificial intelligence for anomaly detection can significantly enhance the ability to identify patterns associated with counterfeit components or hardware Trojans. These technologies can analyze vast datasets and recognize deviations from the norm.

Digital twins: The U.S. military is enhancing semiconductor security through initiatives like digital twin technology, aiming to ensure the integrity of individual devices and chip assemblies within the nation’s semiconductor supply chain. BRIDG, a public-private partnership, has secured a $7.5 million contract from the Air Force Research Laboratory to collect data on chip design and manufacturing processes, developing security standards and manufacturing benchmarks. This initiative seeks to protect against malicious functions in mission-critical chips, identify fake chips, prevent intellectual property theft, and enhance overall reliability. The digital twin capability will use data-driven virtualization to validate chip integrity and contribute to the creation of virtual chip models during the production process, ultimately improving chip production yields and introducing secure provenance tracking to enhance the ecosystem for creating trusted and assured chips.

Trojan prevention: In 2018, Catherine Rooney and others from UK, have utilized and demonstrated three different detection techniques to detect hardware trozon, the first utilises power analysis techniques as well as side channel analysis, allowing security investigators to measure both the power variance, traces and current leakage, followed by a concentrated heat measurements using an infrared thermometer, and finally a thermal camera test is carried out. The three experiments are carried out using off-the-shelf hardware and are applied to both the trojan-free and trojan-inserted designs. Attempts are then made to detect the trojan in its dormant form.

Researchers have proposed Trojan prevention approach that could be used to make it more difficult (ideally impossible) to insert hardware Trojans at the fab. The authors in  proposed a technique called built-in self-authentication (BISA). This technique could be used to fill unused spaces in a circuit layout with functional standard cells instead of nonfunctional filler cells during layout design. Therefore, BISA could prevent hardware Trojan insertion in limited available spaces. In spite of the amount of work that has been done on hardware Trojan detection and prevention, by no means is this a solved problem.

Blockchain Technology: Implementing blockchain in the supply chain can enhance traceability and transparency. Each step of the manufacturing process is recorded in an immutable ledger, reducing the risk of counterfeit components entering the system unnoticed.

Air Force Seeks Industry Solutions for Secure Weapon Systems: A Call for Anti-Tamper Innovation

The U.S. Air Force is on the hunt for cutting-edge anti-tamper technologies to safeguard their weapon systems from malicious actors. They’re calling on industry to develop solutions that address four key vulnerabilities:

• Secure COTS FPGAs: Protecting the sensitive information stored and processed by commercial off-the-shelf field-programmable gate arrays used in weapon systems.
• Secure COTS CPI Processing: Ensuring the security of critical program information within complex architectures built from readily available COTS components.
• Anti-Tamper Secure Microcontrollers: Creating specialized microcontrollers with built-in tamper-proofing mechanisms for enhanced security.
• Volume Protection within COTS Architectures: Implementing innovative methods to shield critical information within standard COTS hardware, even during attempted unauthorized access.

The goal is not just to build individual secure components, but to create entire secure architectures. They envision COTS-based systems that:

• Run secure FPGA software: Protecting sensitive information both when stored and when actively running on FPGAs.
• Prevent CPI exploitation: Thwarting attempts to extract critical information from systems built with commercial parts.
• Enable secure upgrades: Upgrading existing unsecure systems to more robust and tamper-proof versions.
• Offer robust volume protection: Implementing novel, multi-layered safeguards to shield classified information within COTS hardware architectures.

Collaborative Industry Efforts: Establishing collaborative efforts within industries to share information about known threats and vulnerabilities can create a collective defense against counterfeit components and Hardware Trojans. Information sharing enables quicker identification and mitigation of risks.

Systech Launches a Breakthrough in Product Security

Systech, a leading provider of digital identification and traceability software solutions, has introduced the latest version of its UniSecure® platform, a comprehensive product security solution designed for counterfeit and diversion detection across diverse markets, including pharmaceuticals and skincare. The upgraded UniSecure leverages Systech’s patented e-Fingerprint® technology, enabling secure authentication without altering existing packaging. By transforming barcodes such as 1D, 2D Data Matrix, or QR codes into covert digital signatures, UniSecure ensures unique product identification, traceability, and verification via smartphones throughout the supply chain. The platform’s non-additive and covert nature, compatibility with existing packaging, and real-time alerts for counterfeiting threats enhance its effectiveness, with additional features such as GS1-compliant high-density QR codes and artificial intelligence-enabled mobile applications for optimal accuracy during product verification.

UniSecure’s key technological features include its patented e-Fingerprint® approach, generating non-replicable digital signatures from packaging barcodes. The platform facilitates rapid deployment on production lines with minimal downtime and direct cloud connectivity. It offers real-time alerts for potential threats, comprehensive forensic intelligence tools for root cause analysis, and the ability to showcase extensive product and brand information using GS1-compliant high-density QR codes. The upgrade aligns with recent advancements in Artificial Intelligence, Cloud, and Machine Vision technologies, emphasizing Systech’s commitment to delivering transformative solutions for brand protection against counterfeiting and diversion in the global marketplace.

Conclusion

As technology continues to advance, so do the methods employed by malicious actors to compromise electronic systems. Safeguarding against the threat of counterfeit electronic components and Hardware Trojans requires a concerted effort from manufacturers, regulatory bodies, and technology innovators. By embracing cutting-edge detection technologies and fostering collaboration within industries, we can build a robust defense to ensure the integrity and security of our digital infrastructure in the face of evolving threats.