Typically, when thinking about security, organizations may put their focus on IT security or even physical plant security but supply chain security is becoming a critically important component of any organizations multi-layered and comprehensive security stance. Electronics OEMs are looking for new and better ways to trace the products, whether microchips or motherboards, as they move from procurement to manufacturing to delivery to customers.
DUST Identity is betting that nanodiamond dust may be an answer, combined with a scanner and blockchain technology, may be the answer to a wealth of component counterfeiting threats. “Many times, the data exists but it’s not relatable to the object,” said Ophir Gaathon, CEO and co-founder of DUST. “That’s the fundamental problem of being able to trust objects. The ability to trust things is rooted in the ability to know the object.”
Counterfeit components are anything but uncommon and probably, by all accounts, underreported. Especially in the global electronics supply chain, the fast-changing and global nature of the business increases the importance of visibility. For military and aerospace players, the introduction of consumer off the shelf (COTS) parts also puts more stress on need to verify and ensure security. “The demand or interest in being able to consume more COTS devices for military uses are driving most of the security concerns in that sector,” said Gaathon.
The fake semiconductor market has reached $75 billion according to Industry Week. Meanwhile, Havocscope estimates that $169 billion in counterfeit parts are currently circulating in the marketplace. The United States Government seized $123,892 million in counterfeit electronics in 2016 (the most current year tracked by the Department of Homeland Security in its Year End Intellectual Property Rights Review). The inadvertent introduction of counterfeit components into the supply chain can cost time and money and erode the OEMs brand.
Over time, a number of approaches to screening for counterfeit components have arisen over time, ranging from DNA marking to X-ray screening. DUST Identity has a solution, dubbed Diamond Unclonable Security Tag (DUST), that it hopes will add a higher level of security, traceability and supply chain visibility into the equation. The company spray coats objects with nanodiamond dust encased in polymer to create an unclonable identity layer.
“A commercial enterprise will have two to three million different parts,” said Gaathon. “You need to be able to have process and technological tool to identify all the critical components and, in some cases, all the components and parts no matter the functionality or form factor. You need to have the empowerment to influence how the supply chain operates and create transparency and traceability.”
The resulting mark, which measures only about 100 microns, lets the component to be cataloged and tracked electronically. Marking each product costs only about 1/1000 of a cent making it broadly applicable across a variety of objects so that component suppliers, original equipment manufacturers (OEMs), raw materials producers, and asset owners in a supply chain to ensure that materials and parts used are genuine and safe. “The mark has a unique constellation of diamonds in random positions and with random orientations,” said Gaathon, adding that a typical footprint contains about 400 diamonds.
The total solution includes a DUST scanner combined with proprietary scanning technology, which collects data that can be stored to a distributed ledger or blockchain. DUST Identity is working closely with SAP to work with its SAP Cloud Platform. By associating digital records with physical items, the system tracks, with transparency, the lifecycle, provenance and chain of custody of market items.
“From partner perspective, DUST Identity will comply with the way SAP is working in the blockchain. SAP’s philosophy is to be open around blockchain, to create the ability to work among hyperledger and various systems,” said Steve Rietzke, Director of ISV Cloud and Platform Partnerships, SAP.
For original component manufacturers (OCMs), previous attempts to secure products proved expensive without a clear benefit to the component maker. “The OCMS didn’t have an appetite to absorb these solutions because they didn’t see any significant value in enhancing security multiple tiers down the value chain to verify a device or a component,” said Gaathon. “We decided to build a strategy that a buyer would have certain advantages like communicating accountability or trust worthiness (brand protection) or provide paid services like authentication to add value.”
This technology has the potential to be deployed in a couple of different ways. It can be applied to legacy components that have been verified in a testing lab and need to be traced as they move through the open market. The company has received more interest, though, from Department of Defense contractors. “They are interested in having a solution that improves the traceability and visibility of a third party,” said Gaathon.