By Dr. Eyal Weiss, Founder & CTO, Cybord
Malicious cyber components are a serious threat to any electronic system’s users. Cyber infiltration is achieved by replacing authentic components with cyber engineered components that appear identical to the authentic ones. Modern engineered cyber components are the fruits of careful planning and designing by either high-level industrial powers or, in recently uncovered cases, by actors at a state level or a well-connected crime organization.
The cyber-attack seed is unknowingly sown by the electronic manufacturer that uses the substituted component reels in their assembly process. The manufacturers are doing their absolute best to mitigate counterfeit components assuming that the anti-counterfeiting measures are effective against cyber-engineered components. Unfortunately, this is not the case, mainly for two reasons:
Existing counterfeit mitigation standards do not require any test at all of components that were purchased from an authorized component distributor. The notion that the attacking organization is powerful enough to design and manufacture advanced cyber components but does not have the resources to infiltrate the authorized supply chain is nothing short of ridiculous. Nevertheless, not a single authorized component is tested.
Second, even tested components are randomly selected from the test poll. The typical sampling according to SAE AS6081 standard ratio is ~10% by visual defects inspection, ~0.1% by destructive tests that have some chance of detecting counterfeit components like dimensions, color permanency, decapsulation, and ~3% by X-ray. This sampling ratio is not effective against cyber engineered or counterfeit components that today are being dispersed among authentic components in the same reel or tray. The holes in the net are just too wide to catch the cyber components by this sampling ratio.
Unfortunately, the latest cyber infiltration events prove that using current counterfeit mitigation against cyber engineered components is not effective. One can only imagine what effect an inserted cyber component may have on autonomous vehicles, military equipment or medical devices.
Post-assembly mitigation is not satisfactory and doesn’t provides any relief. Cyber-attack can take different forms and many faces, from mass-data extraction to deteriorated functionality. It may be used to claim ransom or as a “Sleeper Agent” awaiting due date. You simply can’t afford malicious hardware in your organization. Only pre-assembly detection can prevent cyber component from infiltrating your organization.
Modern testing should act precautionary by verifying that every component assembled is 100% tested. “Cybord” delivers affordable, fully automated, multi-physics, high throughput, 100% non-destructive component inspection and authentication. The system scans every component without removing it from its original packaging. It then uploads and processes the component using comprehensive AI-based, Big-Data algorithms, ensuring the security your product needs.
Software cyber security gets most of the attention, but “Zero-Trust” goes all the way to the hardware, where systems can be the most vulnerable.