Lack of trust is one of the biggest barrier for the adoption of the Physical Internet (PI). Building trust requires safeguarding the integrity of data and software, especially on the smallest computational units of the PI; the smart tags. This research project focuses on a lightweight Root-of-Trust model and takes the dynamic nature of the IoT and the PI into account. Therefore we propose a secure firmware update mechanism for smart tags. By measuring the performance on a low-cost hardware we proof the applicability and pave the way for trust in the Physical Internet.
Root of Trust, Secure Firmware Update, Physical Internet, Internet of Things
Supply chains are increasingly subject to intrusions from counterfeit parts. For instance, the past fifteen to twenty years have seen the issue of counterfeits parts manifest in the defense supply chain. For the most part, counterfeits have been electronic components such as integrated circuits and field-programmable gate arrays. These parts are used primarily as replacements in sub-systems for submarines, aircraft and other military platforms. Counterfeit parts pose safety and reliability risks for these platforms. They also pose cybersecurity risks, as electronic components may contain back-doors and other security threats
We can look at two perspectives for the rise of counterfeiting. First, there are global trends driving this phenomenon. Electronics manufacturing has been mostly off-shored from the United States. Most counterfeiting incidents are traced back to foreign sources. Sub-systems are increasingly complex. Thus, it is difficult to detect counterfeit components that are constituents in these sub-systems. Military systems are deployed in service for longer periods of time, driving obsolescence of sub-systems and components. It becomes more difficult to source genuine replacement components for obsolete sub-systems. Finally, electronic waste has become a significant problem for developed countries. While responsible recycling exists, large quantities of waste are shipped to third-world nations, and some electronic components return to the supply chain as recycled or defective components that are re-marked as new.
On the other hand, we can also look at the characteristics of the supply chain. The defense supply chain is a multi-tiered, complex network of suppliers. Lead systems integrators have traditionally not had visibility to suppliers that are more than one or two times removed from them. The defense supply base has experienced the phenomena of sole-sourcing and diminishing suppliers, both of which pose original supplier sourcing risks that may lead to sourcing from counterfeiters. Finally, the supply chain operates as an extended enterprise consisting of government agencies and private firms. The Department of Defense can set policies for acquisition and sustainment supply chains. Customs and Border Patrol inspects incoming goods for counterfeits, and the Department of Justice investigates and prosecutes counterfeiting crimes. Yet, there is no locus of control, and counterfeiters and legitimate suppliers may exhibit adaptive behavior that undermines the effectiveness of policy intents.
Our previous research has investigated the problem of counterfeit parts in the defense supply chain using enterprise simulation. This approach has allowed testing of different anti-counterfeiting policies in this extended enterprise in which adaptive behavior can cause unintended secondary effects. Policies include supplier qualification, increased test and evaluation, planned sub-system design refreshes, lifetime buys of obsolete components, system design considerations for selection of reliable suppliers, and restrictions on export of electronic waste. In this paper, we extend this model to consider the threat from counterfeit parts in the context of a transformed enterprise using an open and collaborative supply chain that can enable new protocols for addressing counterfeits. Such protocols include supplier reliability ratings, supplier visibility through tiers, and lifecycle part tracking. The paper addresses how this open and collaborative supply chain is modeled using enterprise simulation. The model combines agent-based modeling for networked relationships and supply chain actor behaviors with system dynamics models for exogenous phenomena that affect the extended supply chain enterprise (e.g., technology progression and recycling market behavior). Then it addresses how policies and protocols for anti-counterfeiting are modeled and demonstrates example of policies and their effectiveness. We conclude with discussion on potential obstacles to the transformation from the current supply chain to the open and collaborative supply chain enterprise.
Counterfeit parts, Enterprise simulation, Open collaborative supply chain enterprise
The IPIC conference series supports the Physical Internet Initiative. Learn more at https://www.picenter.gatech.edu.
Stay Connected on: