Counterfeits Inspection
advertisement
Evolving Counterfeit Component Threats and Industry Mitigation Efforts Stephen Schoppe Glenn Robertson Process Sciences, Inc. Leander, Texas 512.259.7070 www.process-sciences.com Introduction A growing problem in all industry sectors Openings for counterfeiting • High price components • High demand/scarcity • Obsolete/out of production Potential for introducing malicious code • Sabotage – immediate or future • Potential espionage Introduction How do counterfeits enter the supply chain? • Often starts with remarking of reclaim/eWaste • • • • Refurbished used part represented as new Altered date code Consumer grade marked as mil Upgrade to later/preferred/scarce part type Low-grade passives marked as precision value (low tolerance) type Completely different part Manufacturing defects diverted from scrap bin Surplus production from OEM (“4th shift”) Acquisitions/Purchase of surplus inventories Return of mixed inventories to distributor Mitigation Strategies - Users Essential to establish Due Diligence Establish supply chain policies • • • • Evaluate risks from “lowest bidder” Use authorized distributors where possible Write purchase contract carefully Supplier Qualification History with reporting organizations - BBB, D&B, etc. Google search, including street view of address Memberships – ERAI, GIDEP, IDEA etc. Certifications - ISO, IDEA-1010, CCAP-101, etc. Quality systems for receiving inspection, ESD, etc. Onsite audit if possible Mitigation Strategies - Users Access to industry database(s) Decision process for authentication testing and quarantine/reporting of suspect parts Disposition • Don’t just return to distributor inventory • Destroy & verify? Staff training/qualification Mitigation Strategies - Distributors Anti-Counterfeit Policies • • • • Increased scrutiny of sources Awareness of evolving counterfeiting methods Use of industry resources – ERAI, GIDEP, IDEA Establish incoming inspection procedures Authentication testing – in house or outsource Staff training/qualification Industry Mitigation Efforts Counterfeits Databases • Searchable databases of suspect components Information from reports submitted online Only members can access, anyone can submit report • GIDEP (www.gidep.org) Operated by US Government, established 1959 • ERAI (www.erai.com) Privately held reporting and investigation service Escrow and dispute resolution services • IDEA (www.idofea.org) Privately held association Maintains extensive Membership Code of Ethics Industry Mitigation Efforts Standards Organizations • SAE G19 Committee “chartered to address aspects of preventing, detecting, responding to and counteracting the threat of counterfeit electronic components” AS5553 (released 2009, rev A in progress) • Counterfeit avoidance requirements for OEMs and CMs • Adopted by DOD AS6081 (released December 2011) • Similar to AS5553 • Prescriptive avoidance requirements for distributors AS6171 (in preparation) • Intended to standardize test methods • Covers a variety of tests • Includes sampling plans ARP6178 (in preparation) • Methods for risk assessment of distributors Industry Mitigation Efforts Standards Organizations (continued) • IDEA (Independent Distributors of Electronics Assoc.) IDEA-STD-1010B Visual inspection practices and requirements Includes acceptability criteria • ISO (Europe) PC 246 and TC 247 committees established (2009) to develop standards related to combating fraud Coordinating with ANSI in USA • iNEMI Consortium Develop and assess improved methods for data exchange, authentication and traceability Includes development of metrics to assess the problem and measure program(s) effectiveness/cost Industry Mitigation Efforts Training & Certification Programs • IDEA Certification to IDEA quality standards Inspector training and certification based on 1010B • CTI CCAP Program Counterfeit components avoidance and certification program for Independent Distributors Training addresses detection and prevention of counterfeit components • Seminars and Workshops from SMTA, CALCE, and other organizations Government Initiatives International efforts to reduce supply • Take-back laws Divert eWaste to reuse/recycle Varies by country/state • Restrictions on eWaste disposal Regulated under the Basel Convention on Hazardous Waste (1992) Includes 170 member countries, USA not a member Regulated in USA under RCRA as “Hazardous Waste” • Currently no provisions specific to eWaste • Possible future updates • Direct USA diplomatic initiatives Government Initiatives Increased US Customs Scrutiny Congress hearings/proposed legislation National Defense Authorization Act (FY ’12) • Levin/McCain amendment provisions Requires DOD to define “counterfeit part” Increases counterfeiting penalties for DOD contracts Requires improved counterfeit avoidance methodology for DOD and its contractors Mandatory counterfeits reporting (when discovered) for military and DOD contractor personnel Contractors are responsible for remediation cost when counterfeits are discovered Authentication Testing The second line of defense Non-Destructive (sampling or 100%) • • • • Visual/Component data Radiographic (X-ray) X-ray Fluorescence (XRF) Electrical test DC Functional Destructive • Reveals surface of Silicon chip • Chemical Decapsulation or Mechanical Delid Authentication Testing External Visual Inspection • Inspect external packaging materials and labels • Compare appearance and font/symbology with “Golden” part if available • Inspect package for evidence of remarking: Blacktopping Sanding scratches Discrepancies in surface texture Authentication Testing External Visual Inspection • Inspect Lead Condition Surface Appearance Straightness and Coplanarity • Marking permanency test Mineral Spirits (JEDEC JESD22-B107C) MEK, Acetone, Alcohol also used Change in markings or surface appearance/texture Authentication Testing Check component information • Consult Manufacturers’ Data Sheets OCMs data sheets/websites Distributors Other sources (e.g., prior inspections, customer data) • Date/Lot Code histories • Company histories SC OEMs Mergers, name changes, plant closings/relocations Authentication Testing Radiographic Inspection • • • • • • Solder ball pattern Chip size/count Wire bond count/pitch Flip chip bump count/pitch No need to open package Possible radiation damage – currently under evaluation by G19 Radiological Inspection SG Authentication Testing XRF Testing • Rapid semi-quantitative elemental analysis • Typically used for: RoHS compliance screening Verify Pb-free lead finish, or presence where required Ceramics analysis (typically caps) Authentication Testing Electrical testing • Broad range of tests depending on component type and level of risk • DC testing (VOM, curve tracer) for discretes • ICs/actives require specialized test equipment and programming • Basic functional test vs full specification range Authentication Testing Chemical Decapsulation • Exposes surface of Silicon chip • Used on epoxy packages • Acid etching most common Authentication Testing Mechanical Delidding • Metal or ceramic packages • Diamond saw or Dremel • Lid pry-off Some Concerns Increased direct and indirect costs • Maintain process documentation/certifications • Staffing/training • Cost and time required for testing Authentication testing issues • Availability of historical data – date codes, etc. • New remarking methods New Blacktop material resistant to test solvents Use of micro-sandblasting to remove original markings – now under study by G19 SG • Functional test challenges Test equipment/fixtures availability and support Availability of programming expertise Some Concerns Legal • Clear agreed definitions for “counterfeit,” “fraudulent,” “suspect,” etc. • Clarify mandatory reporting requirements By whom and to whom? When required? – includes “suspect” parts? Protection of customer/supplier confidentiality • Define liabilities Parts falsely identified as non-conforming (alpha risk) Failure to identify counterfeits (beta risk) Responsibilities for consequences of incorporation of counterfeits into equipment • Evaluate/maintain/demonstrate “Due Diligence” Conclusions Counterfeits constitute a serious and growing threat for users of electronics Government and industry mitigation efforts are ongoing • Procedural, communication, training, etc. • Technical solutions Users and distributors must assess their risk and establish a comprehensive plan • • • • Challenge to balance risks vs. costs Counterfeit threats always evolving Authentication testing for suspect components Maintain awareness of legal requirements Conclusions “There is a flood of counterfeit microchips into the military, including in critical weapons systems… The counterfeiters are utterly ruthless, nimble, and getting increasingly better at their copies.” - Dr. James A. Hayward, Applied DNA Sciences “No one practice or combination of practices will prevent counterfeit components from entering the supply chain, but every element of the supply chain must work together to solve the problem.” - Dan DiMase, G19 Committee Chairman Some References Defense Industrial Base Assessment:Counterfeit Electronics, report available at www.bis.doc.gov Best Practices in the Fight Against Global Counterfeiting, report available at www.ansi.org US Senate Passes Anti-Counterfeit Electronics Bill, article available at www.circuitsassembly.com China Counterfeit Parts in U.S. Military Boeing, L3 Aircraft, article available at www.businessweek.com Counterfeit Parts Control Plan Implementation, presentation by Dan DiMase, available at http://supplychain.gsfc.nasa.gov/SC2010%20-%20D.%20Dimase-rev.pdf www.anticounterfeitingforum.org.uk, list of UK-based resources ERAI, IDEA, GIDEP websites LinkedIn anti-counterfeiting groups Missile Defense Agency Will Fight Parts Defects, article available at www.bloomberg.com/news/2011-12-29/u-s-missile-defense-agency-tocrack-down-on-poor-quality.html Thank You! Questions…? Stephen Schoppe sms@process-sciences.com Glenn Robertson glennr@process-sciences.com
