Motivation
In 2006 the total annual value of trading fake goods was $450 Billion and should approximately rise to $600 Billion in the two subsequent years. Therefore security mechanisms are necessary to ensure producers that their products are secure and would not be counterfeited.
The concept of counterfeiting includes two subtypes that are called active and passive counterfeiting.
- Active counterfeiting means tampering with hardware components (to reduce production costs or to deliberately modify the product to can supplement it with malicious code), cloning (to obtain the Intellectual Property (IP)) and reverse engineering.
- Passive counterfeiting represents the scenario of overproduction.
If companies apply outsourcing of several production steps it is possible for unauthorised producers to create copies after hours. The goal of the UNIQUE project is to develop solutions to the active and passive counterfeiting problem. These solutions need to be supported by strong, novel and consistent design and evaluation methods that have to ensure the security in each level.
Main issues
There is an urgent need for developing methods that increase assurance in authenticity and correct implementation of hardware solutions because of the following trends:
- Overproduction of components and complete platforms causing revenue erosion, unauthorised access to trade secrets and brand damage.
- Omission of important components of design during outsourcing, reducing the security and reliability of a component.
- In adjacent markets, such as pharmaceuticals, substitution of the product, potentially leading to loss of life as well as economic damage.
- Insertion of malicious or unspecified functionalities in electronic components, resulting in a variety of threats, including threats to critical infrastructure, trade secrets and privacy and well being of individual consumers.
- Increasing complexity of security features in hardware components and systems, many of which can be delivered by the third parties.
All these trends require us to focus on hardware assurance and trustworthiness of hardware for these areas.