Industry 4.0 - Challenges in Anti-Counterfeiting

Prof. Dr. Christoph Thiel2/Prof. Dr. Christian Thiel1

1FHS University of Applied Sciences St. Gallen

2University of Applied Sciences Bielefeld

Counterfeiting & productpiracy

>71%of companys

affected

imitation of products in breach of special proprietary rights (e.g. protected brands or patents), or

the imitation of products without any breach of proprietary rights, but against accepted competitive practices (e.g. by another illicit act, the deliberate obscuration of the original product’s maker and the illicit benefit from the original brand’s good reputation.)

2007 2009 2011 2013

Revenue (bn. €) Damage (bn. €)

7 8

200

6,5 8

206

161190

Revenue and damage caused by product piracy in mechanical engineering

Threats in the pre Industry 4.0 era

• Reverse engineering: The product itself contains a lot of information. One way to imitate a product is therefore reverse engineering. The more technologically sophisticated the products are and the more difficult product features can be understood by disassembly, all the more challenging is reverse engineering. For example hard to understand manufacturing processes (such as in heat treatment processes) could hinder the successful product creation. Or an original product could not be disassembled without simultaneous destruction.

• Industrial espionage: Illegal direct attacks on know-how or information through industrial espionage (hacking, corruption of insiders, etc.)

• Loss of know-how: The right holder or company loses know-how via former personnel, clients, or suppliers.

• Competitive Intelligence: Outflow of corporate knowledge that is not protectable by industrial property rights. Offender try systematically to obtain information about objectives, strengths and weaknesses, tactics, risks and opportunities, products and services, sales channels and sales success as well as new developments, pending property rights and technologies of the companies which should be copied.

• Overbuilding: That means the foundry or system integrator in charge of manufacturing the devices produces more of them than originally specified by the designer.

Taxonomy of counterfeit types

Co

un

terf

eits

RecycledAged

Non Functional

RemarkedNew

Recycled

Overproduced Fabrication Outside Contract

Out-of-Spec/DefectivePerformance

Manufacturer Reject

ClonedPirated IP

Reverse Engineered

Forged DocumentationFake Certifications

Forged Changelog

TamperedSilicon Time Bomb

Backdoor

The classical bathtub curve illustrating typical device failure characteristics.

Possible Effects ofCounterfeit

Government Industry Consumer

National security or civiliansafety issues

Costs of enforcement

Lost tax revenues due toillegal sales of counterfeit parts

Costs to mitigate the risk

Costs to replace failedparts

Lost sales

Lost brand value ordamage to business image

Costs when products faildue to lower qaulity and reliability of counterfeit parts

Potential safety concerns

Taxonomy of counterfeit detection methods

Parametric Tests

Functional Tests

Burn-In Tests

Structural Tests

Early Failure Rate (ERF)

Path Delay Analysis

Taxonomy of counterfeit detection methods (cont.)

PhysicalInspections

Incoming InspectionLow Power Visual Inspection

X-Ray Imaging

Exterior Tests

Blacktop Testing

Microblast Analysis

Package Confg. And dimension Analysis

Hermeticity Testing

Scanning Acoustic Microscopy

Scanning Electron Microscopy

Interior Tests

Optical Inspection

Wire Pull

Die Shear (Hermetic Devices)

Ball Shear

Scanning Acoustic Microscopy

Scanning Electron Microscopy

Material Analysis

X-Ray Fluorescence

Fourier Transform Infrared Spec.

Ion Chromatography

Raman Spectroscopy

Energy Dispersive Spectroscopy

The Vision of a 4th Industrial Revolution

[acatech, 2013]

Definition: Industry 4.0

• The term »Industry 4.0« describes the expected digitalization of industrial value chains.

• Industry 4.0 describes a real-time-capable, intelligent integration of humans, machines and objects towards a management of systems.

[according to Plattform Industrie 4.0; DB Research]

– Via IP addresses connected objects with embedded hardware and software (Cyber-Physical Systems) interact with their environment

– The self-organizing smart factory accounts for vision and scope; similar to smart mobility, smart logistics, smart grid, smart building, smart health.

– Frontrunners expect the impact of a fourth industrial revolution, after mechanization, industrialization and automation

Main areas of Industrie 4.0Horizontal Integration

Intelligent ProductsVertical Integration

Cyber-Physical System

Source: www.8.hp.com

Challenges and Threats

• Complex nature of virtual production communities with not only globally distributed but also fast changing value chains

• Lack of common guidelines for achieving and measuring the degree of protection against counterfeiting and product piracy

• Absence of tools, processes and controls to help measure statistical confidence levels and verify protection against counterfeiting and product piracy across value networks and value chains

• Ineffective methodologies and technologies for end-user verification of products (i.e. lack of appropriate approaches, methodologies, and tools to evaluate products by the customer)

• Lack of broadly applicable tools, techniques, and processes to detect or defeat counterfeiting and tampering in systems

• Lack of coordinated approaches to preserving integrity of products from production to deployment

Challenges and Threats (cont.)

Fertigung

Bus (MAP-Protokoll)

Fertigungs-

rechner

Robotik Fertigung Transport

Fertigungs-

zellenrechner

CAD

CAP

Auftrags-

bearbeitung

ERP

FLS/MES

Power

Reset

Power

12MHz

Power Reset

FertigungPower

12MHz

Power Reset

Power

12MHz

Power Reset

Apps

CAD

Apps

CAP

Auftrags-

bearbeitung

Apps

ERP

Apps

FLS/

MES

New attack options arise through the interlinked plans floor and top floor levels that werepreviously usually barely protected. Using the network all connected systems at these twolevels can be accessed and attacked. Conversely, there are links of the technical systemsto business applications. Manipulated control systems could be used to access productionknow how and business information.

Challenges and Threats (cont.) - CPS

Malware

De-compilingInjections of Malware Manipulation of Memory Content

DisassemblingReverse Engineering

Logic Analysis

HW Manipulation

Knowledge

ProtocolsSemantic Context

Machine-MachineMachine-MachineInteraction

Programs

Machine Code

OS

Compiler

Bit Transfer(physical layer)

Application

Connection

Transport

Session

Presentation

TCP,UDP Network

Netw

ork

Electron

ics

E-MailHTTP

VoIP

Bus (Point-Point)

Processor (Silicon)

ADC

Sensor

DAC

Actuator

Physical Principals and Effects

Mechanics

Softw

are

Real World

Virtual World

Ph

ysics

Energy, Material

OutputInput

Cyb

er-Ph

ysical System

Ph

ysic

al W

orl

sC

yber

Wo

rls

Knowledge theft Social engineering

Phishing attacks

Protocol analysis

Denial-of-Service attack Network infiltration

Man in the middle attack Unencrypted data

connections

Side channel attacks

Process

Based on a Slide of Prof. Dr.-Ing. R. Anderl, TU Darmstadt

Challenges and Threats (cont.) - CPS

• An attacker could try to get physical or logical access to CPSs or to programmable logic controllers (PLC) as a typical representative of an IT system of the shop-floor level.

• He could try to read the system software (important information for counterfeiting).

• He could try to manipulate the firmware or software in such a way that the production systems implement weaker protection mechanisms within the products.

• A counterfeiter may thereby

– split the system piece by piece into its individual components,

– identify the used components (product teardown),

– then analyze the system (systems analysis) and

– rebuild a circuit with the same or equivalent components.

• The required firmware can be read from the original and recorded in the replica. The firmware usually involves the most know-how (e.g. algorithms). Protecting firmware is thus often in the foreground of anti-counterfeiting.

• Obviously, effective protection against data espionage or reverse engineering of software products requires a certain amount of hardware support, i.e. hardware mechanisms that provide software with a secure execution environment. So hardware is the last line of defense before damage is done – if an attacker compromises hardware then every sole software security mechanisms may be useless.

Challenges and Threats (cont.)

• Compared to classical products the new smart products contain considerably more information and details of their own manufacturing process. This knowledge could be used by a counterfeiter and has to be protected.

• But there are additional information leaks which could be accessed by an attacker in case the smart product consists of several components each of which is part of an extend service and sends its information to its manufacturer. Even if this information are encrypted the attacker could get some information about the components based on the network traffic.

Challenges and Threats (cont.)

• Like in the pre Industry 4.0 era companies or right owners have also to assure the knowledge protection by all players of the value chain (chain links) and by theirs production systems. They have to find answers to the question how to assure that all players reach a comparable security and protection level. To be more formal, companies or right owners have to handle threats to the integrity of value chains to an extent to which consistency of actions, values, methods, measures, principles, expectations and outcome is achieved.

• Closed networks can be protected through specially designed security architectures without major difficulties. Unfortunately the security applications required in open networks work often at the expense of real-time capability. For example we consider the following scenario: Before companies can open their server for data from the Internet of things, they must be analyzed in foreclosed server departments for malware. These data quarantine inevitably leads to delays and reduces the potential for optimization of data communication in real time.

Protective Measures

• Based on the challenges and threats posed by Industry 4.0 several high level key areas for protective measures can be identified, e.g.:– Measures to ensure that dynamic value network and value chains are fault

tolerant and can recover from failures and attacks that compromise chain links– Measures to model, define and evaluate trust in whole value networks resp.

value chains– Measures to achieve authenticity, both component and chain link authenticity– Utilizing automated tools to identify transaction patterns in the value

networks to effectively identify high-risk behavior patterns inside the value network, and to deter the entry of counterfeits and pirated works into the value chains

– Developing and implementing standards and codes of practice for protecting industrial automation and control systems, CPSs, etc.

– Developing and realizing approaches for assessing policy needs on a global scale

– Etc.

Protective Measures (Cont.)

• When working with trusted links in a value chain along well-defined guidelines and standards, the risks of counterfeit products or concerns about the authenticity of chain links or components of the product can be minimized. There are a number of elements that may be used to build trust in chain links that include:– personnel identification and authentication; – access management; – past and current value chain performance.

• Since in near future there will not exist a globally accepted trust infrastructure that will permit (legally, technically and trustworthy) consistent verification and authentication methods, we are suggesting to use the model of the “web of trust” (for value networks) or “chain of custody” (for value chains, s. [CGM+12]), where chain links confirm and verify their trustworthiness mutually.

• Without going in detail we want to remark that properly identifying a chain link is not sufficient for trust building. Obviously additional “quality measures” have to be involved (e.g. ISO 27000 series certification, ISO 14000 series certification or ISO 9000 series certification).

Protective Measures (Cont.)

• There are technical means to consider for trust validation, including technical approaches to trust and integrity, such as – integrity metrics, – digital signatures, and – Trusted Computing techniques including the Trusted Platform Module

(ISO/IEC 11889).

• Verifying the claims of each suppler in a chain is an important, but not necessarily sufficient process step in establishing integrity of a supply chain. Claims of certification to standards (such as ISO 9000, ISO 14000, ISO 27000, etc.) need to be authenticated and verified. Records that these claims have been authenticated need to be protected (e.g., with digital signatures or other IT security techniques).

Protective Measures (Cont.)

• With the introduction of IT systems from the office environment and the increasing networking of Industrial Control Systems (ICS) also beyond network boundaries (e.g. in a corporate network), these systems are now exposed to additional risks.

• In contrast to IT infrastructures, as we know from data centers and the office environment, ICS have specific requirements for protection goals availability, integrity and confidentiality.

• Conspicuously, here – significantly longer overall life spans, – disregarding automated system updates, – a very small number of maintenance windows, – real-time requirements and – warranty claims must be respected in security standards and best practices. Standards and guidelines such as the arising IEC 62443 (Security for Industrial Automation and Control Systems) or the Security Guideline from [PROFI13] have to be coordinated and implemented.