Status updates from the 30 August ‘Open Cases Reports’ …
The SIA Anti-Counterfeiting Task Force (ACTF) recently published a comprehensive white paper on the counterfeit semiconductor threat …
Winning the Battle Against Counterfeit Semiconductor Products (August 2013)
This white paper includes a number of themes familiar to those who have been following the SIA ACTF’s work, e.g. “buying in-production semiconductor products from OCMs and their Authorized Distributors, and buying legacy products from OCM’s Authorized Aftermarket Distributors/Manufacturers.”
This white paper also includes discussion concerning the potential quality and reliability issues associated with counterfeit parts and the significant challenges to authenticating parts acquired from the open market …
“…authentication determinations on suspect components are difficult to make and are often erroneous. Consequently, most counterfeit mitigation programs will not be effective unless they require that component purchases be exclusively through authorized sources. …”
“… Various standards, including SAE AS5553 and IDEA-STD-1010, provide detailed guidelines on identifying counterfeit components. … these standards are generally ineffective for identifying the latest forms of counterfeiting. …”
“… no suite of test methods, even if conducted on 100% of suspect units, can provide full assurance that products are authentic and reliable. …”
More at www.semiconductors.org
Aug. 16, 2013
DRAFT Supply Chain Risk Management Practices for Federal Information Systems and Organizations
This document provides guidance to federal departments and agencies on identifying, assessing, and mitigating Information and Communications Technology (ICT) supply chain risks at all levels in their organizations. It integrates ICT supply chain risk management (SCRM) into federal agency enterprise risk management activities by applying a multi-tiered SCRM-specific approach, including supply chain risk assessments and supply chain risk mitigation activities and guidance.
NIST requests comments on Draft NIST SP 800-161 by October 15, 2013.
More at NIST
13 Aug 2013 – “Penton’s Design Engineering & Sourcing Group recently surveyed design engineers in the U.S on their concerns about counterfeit electronic components in the supply chain. Our goal is to help identify tactics and strategies used to combat the issue of counterfeit components in the industry, address approaches used for dealing with independent distributors, and determine incidence and characteristics of quality control systems. Here are the survey results. …”
“… In the last year, former Department of Defense and intelligence agency operatives have headed to Silicon Valley to create technology start-ups specializing in tools aimed at thwarting online threats. …”
More at New York Times
Contractors and subcontractors will be expected to report “counterfeit electronic parts or suspect counterfeit electronic parts” via the Government-Industry Data Exchange Program (GIDEP), which will serve as the DoD central reporting repository. The defense and aerospace industry has recognized the reporting of counterfeit part incidents as a key practice to addressing the counterfeiting threat [i]. Despite forthcoming regulations that will require DoD and its contractors to report “counterfeit electronic parts or suspect counterfeit electronic parts”, and despite legislative measures taken to address industry concerns for potential exposure to third party law suits, the reporting of counterfeit electronic parts and suspect counterfeit electronic parts by DoD and its contractors has declined.