industry 4.0 - challenges in anti-counterfeiting · industry 4.0 - challenges in...
TRANSCRIPT
Industry 4.0 - Challenges in Anti-Counterfeiting
Prof. Dr. Christoph Thiel2/Prof. Dr. Christian Thiel1
1FHS University of Applied Sciences St. Gallen
2University of Applied Sciences Bielefeld
Counterfeiting & productpiracy
>71%of companys
affected
imitation of products in breach of special proprietary rights (e.g. protected brands or patents), or
the imitation of products without any breach of proprietary rights, but against accepted competitive practices (e.g. by another illicit act, the deliberate obscuration of the original product’s maker and the illicit benefit from the original brand’s good reputation.)
2007 2009 2011 2013
Revenue (bn. €) Damage (bn. €)
7 8
200
6,5 8
206
161190
Revenue and damage caused by product piracy in mechanical engineering
Threats in the pre Industry 4.0 era
• Reverse engineering: The product itself contains a lot of information. One way to imitate a product is therefore reverse engineering. The more technologically sophisticated the products are and the more difficult product features can be understood by disassembly, all the more challenging is reverse engineering. For example hard to understand manufacturing processes (such as in heat treatment processes) could hinder the successful product creation. Or an original product could not be disassembled without simultaneous destruction.
• Industrial espionage: Illegal direct attacks on know-how or information through industrial espionage (hacking, corruption of insiders, etc.)
• Loss of know-how: The right holder or company loses know-how via former personnel, clients, or suppliers.
• Competitive Intelligence: Outflow of corporate knowledge that is not protectable by industrial property rights. Offender try systematically to obtain information about objectives, strengths and weaknesses, tactics, risks and opportunities, products and services, sales channels and sales success as well as new developments, pending property rights and technologies of the companies which should be copied.
• Overbuilding: That means the foundry or system integrator in charge of manufacturing the devices produces more of them than originally specified by the designer.
Taxonomy of counterfeit types
Co
un
terf
eits
RecycledAged
Non Functional
RemarkedNew
Recycled
Overproduced Fabrication Outside Contract
Out-of-Spec/DefectivePerformance
Manufacturer Reject
ClonedPirated IP
Reverse Engineered
Forged DocumentationFake Certifications
Forged Changelog
TamperedSilicon Time Bomb
Backdoor
The classical bathtub curve illustrating typical device failure characteristics.
Possible Effects ofCounterfeit
Government Industry Consumer
National security or civiliansafety issues
Costs of enforcement
Lost tax revenues due toillegal sales of counterfeit parts
Costs to mitigate the risk
Costs to replace failedparts
Lost sales
Lost brand value ordamage to business image
Costs when products faildue to lower qaulity and reliability of counterfeit parts
Potential safety concerns
Taxonomy of counterfeit detection methods
Parametric Tests
Functional Tests
Burn-In Tests
Structural Tests
Early Failure Rate (ERF)
Path Delay Analysis
Taxonomy of counterfeit detection methods (cont.)
PhysicalInspections
Incoming InspectionLow Power Visual Inspection
X-Ray Imaging
Exterior Tests
Blacktop Testing
Microblast Analysis
Package Confg. And dimension Analysis
Hermeticity Testing
Scanning Acoustic Microscopy
Scanning Electron Microscopy
Interior Tests
Optical Inspection
Wire Pull
Die Shear (Hermetic Devices)
Ball Shear
Scanning Acoustic Microscopy
Scanning Electron Microscopy
Material Analysis
X-Ray Fluorescence
Fourier Transform Infrared Spec.
Ion Chromatography
Raman Spectroscopy
Energy Dispersive Spectroscopy
The Vision of a 4th Industrial Revolution
[acatech, 2013]
Definition: Industry 4.0
• The term »Industry 4.0« describes the expected digitalization of industrial value chains.
• Industry 4.0 describes a real-time-capable, intelligent integration of humans, machines and objects towards a management of systems.
[according to Plattform Industrie 4.0; DB Research]
– Via IP addresses connected objects with embedded hardware and software (Cyber-Physical Systems) interact with their environment
– The self-organizing smart factory accounts for vision and scope; similar to smart mobility, smart logistics, smart grid, smart building, smart health.
– Frontrunners expect the impact of a fourth industrial revolution, after mechanization, industrialization and automation
Main areas of Industrie 4.0Horizontal Integration
Intelligent ProductsVertical Integration
Cyber-Physical System
Source: www.8.hp.com
Challenges and Threats
• Complex nature of virtual production communities with not only globally distributed but also fast changing value chains
• Lack of common guidelines for achieving and measuring the degree of protection against counterfeiting and product piracy
• Absence of tools, processes and controls to help measure statistical confidence levels and verify protection against counterfeiting and product piracy across value networks and value chains
• Ineffective methodologies and technologies for end-user verification of products (i.e. lack of appropriate approaches, methodologies, and tools to evaluate products by the customer)
• Lack of broadly applicable tools, techniques, and processes to detect or defeat counterfeiting and tampering in systems
• Lack of coordinated approaches to preserving integrity of products from production to deployment
Challenges and Threats (cont.)
Fertigung
Bus (MAP-Protokoll)
Fertigungs-
rechner
Robotik Fertigung Transport
Fertigungs-
zellenrechner
CAD
CAP
Auftrags-
bearbeitung
ERP
FLS/MES
Power
Reset
Power
12MHz
Power Reset
FertigungPower
12MHz
Power Reset
Power
12MHz
Power Reset
Apps
CAD
Apps
CAP
Auftrags-
bearbeitung
Apps
ERP
Apps
FLS/
MES
New attack options arise through the interlinked plans floor and top floor levels that werepreviously usually barely protected. Using the network all connected systems at these twolevels can be accessed and attacked. Conversely, there are links of the technical systemsto business applications. Manipulated control systems could be used to access productionknow how and business information.
Challenges and Threats (cont.) - CPS
Malware
De-compilingInjections of Malware Manipulation of Memory Content
DisassemblingReverse Engineering
Logic Analysis
HW Manipulation
Knowledge
ProtocolsSemantic Context
Machine-MachineMachine-MachineInteraction
Programs
Machine Code
OS
Compiler
Bit Transfer(physical layer)
Application
Connection
Transport
Session
Presentation
TCP,UDP Network
Netw
ork
Electron
ics
E-MailHTTP
VoIP
Bus (Point-Point)
Processor (Silicon)
ADC
Sensor
DAC
Actuator
Physical Principals and Effects
Mechanics
Softw
are
Real World
Virtual World
Ph
ysics
Energy, Material
OutputInput
Cyb
er-Ph
ysical System
Ph
ysic
al W
orl
sC
yber
Wo
rls
Knowledge theft Social engineering
Phishing attacks
Protocol analysis
Denial-of-Service attack Network infiltration
Man in the middle attack Unencrypted data
connections
Side channel attacks
Process
Based on a Slide of Prof. Dr.-Ing. R. Anderl, TU Darmstadt
Challenges and Threats (cont.) - CPS
• An attacker could try to get physical or logical access to CPSs or to programmable logic controllers (PLC) as a typical representative of an IT system of the shop-floor level.
• He could try to read the system software (important information for counterfeiting).
• He could try to manipulate the firmware or software in such a way that the production systems implement weaker protection mechanisms within the products.
• A counterfeiter may thereby
– split the system piece by piece into its individual components,
– identify the used components (product teardown),
– then analyze the system (systems analysis) and
– rebuild a circuit with the same or equivalent components.
• The required firmware can be read from the original and recorded in the replica. The firmware usually involves the most know-how (e.g. algorithms). Protecting firmware is thus often in the foreground of anti-counterfeiting.
• Obviously, effective protection against data espionage or reverse engineering of software products requires a certain amount of hardware support, i.e. hardware mechanisms that provide software with a secure execution environment. So hardware is the last line of defense before damage is done – if an attacker compromises hardware then every sole software security mechanisms may be useless.
Challenges and Threats (cont.)
• Compared to classical products the new smart products contain considerably more information and details of their own manufacturing process. This knowledge could be used by a counterfeiter and has to be protected.
• But there are additional information leaks which could be accessed by an attacker in case the smart product consists of several components each of which is part of an extend service and sends its information to its manufacturer. Even if this information are encrypted the attacker could get some information about the components based on the network traffic.
Challenges and Threats (cont.)
• Like in the pre Industry 4.0 era companies or right owners have also to assure the knowledge protection by all players of the value chain (chain links) and by theirs production systems. They have to find answers to the question how to assure that all players reach a comparable security and protection level. To be more formal, companies or right owners have to handle threats to the integrity of value chains to an extent to which consistency of actions, values, methods, measures, principles, expectations and outcome is achieved.
• Closed networks can be protected through specially designed security architectures without major difficulties. Unfortunately the security applications required in open networks work often at the expense of real-time capability. For example we consider the following scenario: Before companies can open their server for data from the Internet of things, they must be analyzed in foreclosed server departments for malware. These data quarantine inevitably leads to delays and reduces the potential for optimization of data communication in real time.
Protective Measures
• Based on the challenges and threats posed by Industry 4.0 several high level key areas for protective measures can be identified, e.g.:– Measures to ensure that dynamic value network and value chains are fault
tolerant and can recover from failures and attacks that compromise chain links– Measures to model, define and evaluate trust in whole value networks resp.
value chains– Measures to achieve authenticity, both component and chain link authenticity– Utilizing automated tools to identify transaction patterns in the value
networks to effectively identify high-risk behavior patterns inside the value network, and to deter the entry of counterfeits and pirated works into the value chains
– Developing and implementing standards and codes of practice for protecting industrial automation and control systems, CPSs, etc.
– Developing and realizing approaches for assessing policy needs on a global scale
– Etc.
Protective Measures (Cont.)
• When working with trusted links in a value chain along well-defined guidelines and standards, the risks of counterfeit products or concerns about the authenticity of chain links or components of the product can be minimized. There are a number of elements that may be used to build trust in chain links that include:– personnel identification and authentication; – access management; – past and current value chain performance.
• Since in near future there will not exist a globally accepted trust infrastructure that will permit (legally, technically and trustworthy) consistent verification and authentication methods, we are suggesting to use the model of the “web of trust” (for value networks) or “chain of custody” (for value chains, s. [CGM+12]), where chain links confirm and verify their trustworthiness mutually.
• Without going in detail we want to remark that properly identifying a chain link is not sufficient for trust building. Obviously additional “quality measures” have to be involved (e.g. ISO 27000 series certification, ISO 14000 series certification or ISO 9000 series certification).
Protective Measures (Cont.)
• There are technical means to consider for trust validation, including technical approaches to trust and integrity, such as – integrity metrics, – digital signatures, and – Trusted Computing techniques including the Trusted Platform Module
(ISO/IEC 11889).
• Verifying the claims of each suppler in a chain is an important, but not necessarily sufficient process step in establishing integrity of a supply chain. Claims of certification to standards (such as ISO 9000, ISO 14000, ISO 27000, etc.) need to be authenticated and verified. Records that these claims have been authenticated need to be protected (e.g., with digital signatures or other IT security techniques).
Protective Measures (Cont.)
• With the introduction of IT systems from the office environment and the increasing networking of Industrial Control Systems (ICS) also beyond network boundaries (e.g. in a corporate network), these systems are now exposed to additional risks.
• In contrast to IT infrastructures, as we know from data centers and the office environment, ICS have specific requirements for protection goals availability, integrity and confidentiality.
• Conspicuously, here – significantly longer overall life spans, – disregarding automated system updates, – a very small number of maintenance windows, – real-time requirements and – warranty claims must be respected in security standards and best practices. Standards and guidelines such as the arising IEC 62443 (Security for Industrial Automation and Control Systems) or the Security Guideline from [PROFI13] have to be coordinated and implemented.