Visible to the public CDTA: A Comprehensive Solution for Counterfeit Detection, Traceability, and Authentication in the IoT Supply Chain

TitleCDTA: A Comprehensive Solution for Counterfeit Detection, Traceability, and Authentication in the IoT Supply Chain
Publication TypeJournal Article
Year of Publication2017
AuthorsYang, Kun, Forte, Domenic, Tehranipoor, Mark M.
JournalACM Transactions on Design Automation of Electronic Systems (TODAES)
Volume22
Pagination42:1-42:31
Date PublishedApril 2017
ISSN1084-4309
Keywordsauthentication, Collaboration, composability, counterfeit detection, Human Behavior, human factors, Internet of Things (IoT), Metrics, policy-based governance, pubcrawl, radio-frequency identification (RFID), resilience, Resiliency, Scalability, supply chain risk assessment, supply chain security, Traceability
Abstract

The Internet of Things (IoT) is transforming the way we live and work by increasing the connectedness of people and things on a scale that was once unimaginable. However, the vulnerabilities in the IoT supply chain have raised serious concerns about the security and trustworthiness of IoT devices and components within them. Testing for device provenance, detection of counterfeit integrated circuits (ICs) and systems, and traceability of IoT devices are challenging issues to address. In this article, we develop a novel radio-frequency identification (RFID)-based system suitable for counterfeit detection, traceability, and authentication in the IoT supply chain called CDTA. CDTA is composed of different types of on-chip sensors and in-system structures that collect necessary information to detect multiple counterfeit IC types (recycled, cloned, etc.), track and trace IoT devices, and verify the overall system authenticity. Central to CDTA is an RFID tag employed as storage and a channel to read the information from different types of chips on the printed circuit board (PCB) in both power-on and power-off scenarios. CDTA sensor data can also be sent to the remote server for authentication via an encrypted Ethernet channel when the IoT device is deployed in the field. A novel board ID generator is implemented by combining outputs of physical unclonable functions (PUFs) embedded in the RFID tag and different chips on the PCB. A light-weight RFID protocol is proposed to enable mutual authentication between RFID readers and tags. We also implement a secure interchip communication on the PCB. Simulations and experimental results using Spartan 3E FPGAs demonstrate the effectiveness of this system. The efficiency of the radio-frequency (RF) communication has also been verified via a PCB prototype with a printed slot antenna.

URLhttps://dl.acm.org/doi/10.1145/3005346
DOI10.1145/3005346
Citation Keyyang_cdta_2017