Fraunhofer developing industrial machines with built-in copy protection
By David Szondy
December 18, 2012
Mention counterfeit goods and most people will probably think of knock-off watches or pirated DVDs, but counterfeiting is a much wider problem. Everything from aircraft components to groceries are faked on a regular basis, with a third of industries affected at an estimated worldwide cost of US$650 billion dollars. German machine tools are a favorite target and to help combat this the Fraunhofer Research Institution for Applied and Integrated Security (AISEC) in Garching, Germany, is developing new technologies and techniques to make counterfeiting of these items more difficult.
At the moment, counterfeiting industrial machinery is remarkably easy. In fact, industrial machines are a prime target because, unlike consumer goods, they only change at intervals of five years, which gives counterfeiters plenty of time to copy and profit for a minimal investment.
Industrial-level counterfeiting isn’t like pirating music files or swapping labels on jeans. It’s a highly sophisticated operation involving a whole research and development system designed to study and recreate machinery and other devices. The manufacturers of counterfeit goods rarely do the copying themselves. Instead, they rely on third parties to reverse engineer products. Once the physical device is reproduced, the counterfeiters then rip the software from the original. In modern devices, this is where the manufacturer's key information resides and counterfeiters can use it to reconstruct the machine’s control system and functions.
One of AISEC’s approaches is to develop new technology that allows products to be tagged so they can be identified as genuine, similar to the copy-resistant holograms or ring oscillator PUF's also developed by Fraunhofer. Unfortunately, such identification isn’t of any use unless customs services, distributors and customers can read and decode them – and very few can.
However, AISEC believes that the time to act against counterfeiters is before they’ve struck, since its much harder to fight against fakes that are already on the market. By being involved very early in the design process, AISEC can study the hardware, circuitry and software before identifying weaknesses and proposing protection mechanisms that can be embedded deep inside machines at such a basic level that they are hard to counter or even detect.
An example of this is a cryptographic device to protect data in a machine. This generates a decryption key based on the duration of electrical signals on the microchip. These signals are are so attuned to the characteristics of a particular chip that even chips from the same production batch can’t match it, so the key can’t be used with any other chip. This makes it very difficult to rip software from a production machine. Other options are hard-wired systems and what the company calls “obfuscation techniques.”
The purpose of these devices and techniques isn’t to thwart counterfeiters, but to buy manufacturers time. It’s a bit like a bank vault – it isn’t meant to stop thieves, just slow them down until the cops arrive. Most companies that use AISEC's recommendations can hold off counterfeiters for up to ten years, which is long enough to protect investments and to prevent fakes until either a new generation of machines is developed or the counterfeiters give up.