How can I trust an electronic component?
Can I trust all of my vehicle’s electronic systems, for example if I’m driving my car at high speed on the highway or in city traffic at a confusing intersection? Will all vehicle sensors work as they should and correctly recognize all possible hazards around me?
In today’s modern vehicles and complex industrial plants, a number of sensors and numerous electronic components operate to process signals and control commands. Reliable and safe operation of the entire system is only possible if it works flawlessly. With vehicles, safety concerns the physical well-being of passengers as well as other road users, while for large industrial installations, a security incident can in principle affect an entire population.
So how is trust in an electronic component acquired? What does trust in electronics mean and how do you achieve it?
The challenge for us is to be able to rely on the components and the devices, that they are doing the right thing when it matters most. The question is basically about reliability and the question of what we consider to be a reliable system.
First of all, the general wish is that the electronic system – like other systems – reacts as intended and performs its intended function correctly at all times. This already leads to more precise questions: which functions must be fulfilled? When is a function correctly executed? Generally, it can be said that a complete specification is necessary and must be adhered to exactly and exclusively.
Although these are generally soft criteria, some properties can be rigorously tested. For example, high-quality electronic components and assemblies must perform reliably in the field for their entire lifespan. There are international standards that establish the requirements for the quality and reliability of electronic circuits and systems.
Equally important is the safety and security of electronic systems – the security of data against external attacks and the ability to operate securely. Internationally recognized standards already exist for different applications or are in preparation. Sufficient hardening to protect against external attacks is critical to data security. This requires security measures in the specifications, and no relevant vulnerabilities can arise outside the specifications.
Another essential feature for trusted electronics is a transparent supply chain: can I trust my supplier and how can I “give trust” myself? Who will look after my component during the international development and production processes? Is the product manufactured and delivered really identical to the one that was developed and put into service?
It is extremely important to recognize and examine possible attack vectors and scenarios in order to be able to find valid answers to questions related to trust in electronics. In principle, there are three different categories: intentional backdoors, unintentional vulnerabilities and fraudulent products. All of these potential points of attack can have causes and effects at different points in the value chain.
Trust can only grow if it is considered and implemented end-to-end throughout the chain of suppliers, manufacturers, integrators and OSAT (Outsourced Semiconductor Assembly and Test). Preferably, trust develops naturally based on effective monitoring based on verifiable criteria. In addition to the already named standards-based criteria, additional properties will need to be defined as verifiable rules and standards in the future.
Many activities currently aim to make it difficult to copy integrated circuits and systems. In addition to purely financial damage, copying also leads to a loss of confidence due to insufficient quality that results from changing production processes and possibly a lack of qualification.
Of course, a discussion of the level of protection actually required for a given application is also always a necessity. Different classes of protection should be defined and the effort required to achieve a specific level of protection should correspond to the protection goals. Therefore, the best possible estimates of the effort to implement protective measures will be an important direction for development in the future.
Overall, the path to a trusted electronics system is a long one: from a custom schematic/layout with corresponding synthesis tools and built-in third-party IP, to mask production and manufacturing, testing, verification and integration. The many simple steps and many partners involved in international business relationships result in a large number of possible points of vulnerability and reflect the magnitude of the future challenge in developing more secure and reliable electronic systems.
Roland Jancke is responsible for the design methodology department of Fraunhofer’s Adaptive Systems Engineering Division. He holds a degree in electrical engineering from the Technische Universitat Dresden.