1 / 27

Evolving Counterfeit Component Threats and Industry Mitigation Efforts

Evolving Counterfeit Component Threats and Industry Mitigation Efforts. Stephen Schoppe Glenn Robertson Process Sciences, Inc. Leander, Texas 512.259.7070 www.process-sciences.com. Introduction. A growing problem in all industry sectors Openings for counterfeiting High price components

cais
Download Presentation

Evolving Counterfeit Component Threats and Industry Mitigation Efforts

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Evolving Counterfeit Component Threats and Industry Mitigation Efforts Stephen Schoppe Glenn Robertson Process Sciences, Inc. Leander, Texas 512.259.7070 www.process-sciences.com

  2. Introduction • A growing problem in all industry sectors • Openings for counterfeiting • High price components • High demand/scarcity • Obsolete/out of production • Potential for introducing malicious code • Sabotage – immediate or future • Potential espionage

  3. Introduction • How do counterfeits enter the supply chain? • Often starts with remarking of reclaim/eWaste • Refurbished used part represented as new • Altered date code • Consumer grade marked as mil • Upgrade to later/preferred/scarce part type • Low-grade passives marked as precision value(low tolerance) type • Completely different part • Manufacturing defects diverted from scrap bin • Surplus production from OEM (“4th shift”) • Acquisitions/Purchase of surplus inventories • Return of mixed inventories to distributor

  4. Mitigation Strategies - Users • Essential to establish Due Diligence • Establish supply chain policies • Evaluate risks from “lowest bidder” • Use authorized distributors where possible • Write purchase contract carefully • Supplier Qualification • History with reporting organizations - BBB, D&B, etc. • Google search, including street view of address • Memberships – ERAI, GIDEP, IDEA etc. • Certifications - ISO, IDEA-1010, CCAP-101, etc. • Quality systems for receiving inspection, ESD, etc. • Onsite audit if possible

  5. Mitigation Strategies - Users • Access to industry database(s) • Decision process for authentication testing and quarantine/reporting of suspect parts • Disposition • Don’t just return to distributor inventory • Destroy & verify? • Staff training/qualification

  6. Mitigation Strategies - Distributors • Anti-Counterfeit Policies • Increased scrutiny of sources • Awareness of evolving counterfeiting methods • Use of industry resources – ERAI, GIDEP, IDEA • Establish incoming inspection procedures • Authentication testing – in house or outsource • Staff training/qualification

  7. Industry Mitigation Efforts • Counterfeits Databases • Searchable databases of suspect components • Information from reports submitted online • Only members can access, anyone can submit report • GIDEP (www.gidep.org) • Operated by US Government, established 1959 • ERAI (www.erai.com) • Privately held reporting and investigation service • Escrow and dispute resolution services • IDEA (www.idofea.org) • Privately held association • Maintains extensive Membership Code of Ethics

  8. Industry Mitigation Efforts • Standards Organizations • SAE G19 Committee “chartered to address aspects of preventing, detecting, responding to and counteracting the threat of counterfeit electronic components” • AS5553 (released 2009, rev A in progress) • Counterfeit avoidance requirements for OEMs and CMs • Adopted by DOD • AS6081 (released December 2011) • Similar to AS5553 • Prescriptive avoidance requirements for distributors • AS6171 (in preparation) • Intended to standardize test methods • Covers a variety of tests • Includes sampling plans • ARP6178 (in preparation) • Methods for risk assessment of distributors

  9. Industry Mitigation Efforts • Standards Organizations (continued) • IDEA (Independent Distributors of Electronics Assoc.) • IDEA-STD-1010B • Visual inspection practices and requirements • Includes acceptability criteria • ISO (Europe) • PC 246 and TC 247 committees established (2009) to develop standards related to combating fraud • Coordinating with ANSI in USA • iNEMI Consortium • Develop and assess improved methods for data exchange, authentication and traceability • Includes development of metrics to assess the problem and measure program(s) effectiveness/cost

  10. Industry Mitigation Efforts • Training & Certification Programs • IDEA • Certification to IDEA quality standards • Inspector training and certification based on 1010B • CTI CCAP Program • Counterfeit components avoidance and certification program for Independent Distributors • Training addresses detection and prevention of counterfeit components • Seminars and Workshops from SMTA, CALCE, and other organizations

  11. Government Initiatives • International efforts to reduce supply • Take-back laws • Divert eWaste to reuse/recycle • Varies by country/state • Restrictions on eWaste disposal • Regulated under the Basel Convention on Hazardous Waste (1992) • Includes 170 member countries, USA not a member • Regulated in USA under RCRA as “Hazardous Waste” • Currently no provisions specific to eWaste • Possible future updates • Direct USA diplomatic initiatives

  12. Government Initiatives • Increased US Customs Scrutiny • Congress hearings/proposed legislation • National Defense Authorization Act (FY ’12) • Levin/McCain amendment provisions • Requires DOD to define “counterfeit part” • Increases counterfeiting penalties for DOD contracts • Requires improved counterfeit avoidance methodology for DOD and its contractors • Mandatory counterfeits reporting (when discovered) for military and DOD contractor personnel • Contractors are responsible for remediation cost when counterfeits are discovered

  13. Authentication Testing • The second line of defense • Non-Destructive (sampling or 100%) • Visual/Component data • Radiographic (X-ray) • X-ray Fluorescence (XRF) • Electrical test • DC • Functional • Destructive • Reveals surface of Silicon chip • Chemical Decapsulation or Mechanical Delid

  14. Authentication Testing • External Visual Inspection • Inspect external packaging materials and labels • Compare appearance and font/symbology with “Golden” part if available • Inspect package for evidence of remarking: • Blacktopping • Sanding scratches • Discrepancies in surface texture

  15. Authentication Testing • External Visual Inspection • Inspect Lead Condition • Surface Appearance • Straightness and Coplanarity • Marking permanency test • Mineral Spirits (JEDEC JESD22-B107C) • MEK, Acetone, Alcohol also used • Change in markings orsurface appearance/texture

  16. Authentication Testing • Check component information • Consult Manufacturers’ Data Sheets • OCMs data sheets/websites • Distributors • Other sources (e.g., prior inspections, customer data) • Date/Lot Code histories • Company histories • SC OEMs • Mergers, name changes, plant closings/relocations

  17. Authentication Testing • Radiographic Inspection • Solder ball pattern • Chip size/count • Wire bond count/pitch • Flip chip bump count/pitch • No need to open package • Possible radiation damage – currently under evaluation by G19 Radiological Inspection SG

  18. Authentication Testing • XRF Testing • Rapid semi-quantitative elemental analysis • Typically used for: • RoHS compliance screening • Verify Pb-free lead finish, or presence where required • Ceramics analysis (typically caps)

  19. Authentication Testing • Electrical testing • Broad range of tests depending on component type and level of risk • DC testing (VOM, curve tracer) for discretes • ICs/actives require specialized test equipment and programming • Basic functional test vs full specification range

  20. Authentication Testing • Chemical Decapsulation • Exposes surface of Silicon chip • Used on epoxy packages • Acid etching most common

  21. Authentication Testing • Mechanical Delidding • Metal or ceramic packages • Diamond saw or Dremel • Lid pry-off

  22. Some Concerns • Increased direct and indirect costs • Maintain process documentation/certifications • Staffing/training • Cost and time required for testing • Authentication testing issues • Availability of historical data – date codes, etc. • New remarking methods • New Blacktop material resistant to test solvents • Use of micro-sandblasting to remove original markings – now under study by G19 SG • Functional test challenges • Test equipment/fixtures availability and support • Availability of programming expertise

  23. Some Concerns • Legal • Clear agreed definitions for “counterfeit,” “fraudulent,” “suspect,” etc. • Clarify mandatory reporting requirements • By whom and to whom? • When required? – includes “suspect” parts? • Protection of customer/supplier confidentiality • Define liabilities • Parts falsely identified as non-conforming (alpha risk) • Failure to identify counterfeits (beta risk) • Responsibilities for consequences of incorporation of counterfeits into equipment • Evaluate/maintain/demonstrate “Due Diligence”

  24. Conclusions • Counterfeits constitute a serious and growing threat for users of electronics • Government and industry mitigation efforts are ongoing • Procedural, communication, training, etc. • Technical solutions • Users and distributors must assess their risk and establish a comprehensive plan • Challenge to balance risks vs. costs • Counterfeit threats always evolving • Authentication testing for suspect components • Maintain awareness of legal requirements

  25. Conclusions “There is a flood of counterfeit microchips into the military, including in critical weapons systems…The counterfeiters are utterly ruthless, nimble, and getting increasingly better at their copies.” - Dr. James A. Hayward, Applied DNA Sciences “No one practice or combination of practices will prevent counterfeit components from entering the supply chain, but every element of the supply chain must work together to solve the problem.” - Dan DiMase, G19 Committee Chairman

  26. Some References • Defense Industrial Base Assessment:Counterfeit Electronics, report available at www.bis.doc.gov • Best Practices in the Fight Against Global Counterfeiting,report available at www.ansi.org • US Senate Passes Anti-Counterfeit Electronics Bill,article available at www.circuitsassembly.com • China Counterfeit Parts in U.S. Military Boeing, L3 Aircraft,article available at www.businessweek.com • Counterfeit Parts Control Plan Implementation,presentation by Dan DiMase, available at http://supplychain.gsfc.nasa.gov/SC2010%20-%20D.%20Dimase-rev.pdf • www.anticounterfeitingforum.org.uk, list of UK-based resources • ERAI, IDEA, GIDEP websites • LinkedIn anti-counterfeiting groups • Missile Defense Agency Will Fight Parts Defects, article available at www.bloomberg.com/news/2011-12-29/u-s-missile-defense-agency-to-crack-down-on-poor-quality.html

  27. Thank You!Questions…? Stephen Schoppe sms@process-sciences.com Glenn Robertson glennr@process-sciences.com

More Related