1) Identity-based lifecycle management can establish accountability and trust in the IoT supply chain by enabling identity-driven services, improved quality, security and safety, and new business models. 2) A trusted identity coupled with traceability infrastructure allows issues to be traced from design to field use and parts to be authenticated and provisioned throughout their lifecycle. 3) Establishing a "circle of trust" through trusted alliances between players in the IoT value chain like IDMs, suppliers, manufacturers, and service providers can improve configurability, traceability, and the trust, quality and safety of connected devices and systems.

1. Identity Based Lifecycle Management for a
Trusted IoT Supply Chain
IoT Device Security Summit
October 30th, 2018
Tom Katsioulas
Unrestricted © 2018 - New Ventures Group of Mentor, a Siemens Business Realize Innovation

2. Page 2
Smart-Connected Product Supplier Economics
*Source: Harvard Business Review
• No traceability or configurability
• High OPEX, low differentiation
Old Supplier Product Variants
Supply Chain & Field Use
Established Connected Devices Evolving Connected Devices Emerging Connected Devices
• Better visibility on product field use
• Remote lifecycle management
• Reduced support costs and RMAs
• Lower OPEX, higher differentiation
• New services and business models
• Trust, security and safety issues
Smart
Connected
Supplier*
Managed Products
Field Usage Analytics
Managed
Device Lifecycle

3. Page 3
Device Lifecycle Security & Trust in Digital Supply Chain
Can we trust a system and its parts from multiple suppliers in the supply chain?
Gray MarketOverproduction Counterfeits Hacks/MalwareTrojans/Clones DDoS AttacksReverse Eng. Tampered Dev.
System TestCard TestFinal Test Self TestProbe TestFunctional Test
Wafer Chip PCB Device End ProductIC Design
ECU
OnboardingKey Injection
CM (EMS)OEMOSATFoundry Field UseDistributorChip Maker Merchant

4. Page 4
Classic Hacks Traced to Supply Chain Issues
The roots of security issues lie in the structure of the electronics industry at large
HW + SW from XiongMai exploited to
create the massive Mirai botnet
The Big Hack  Supermicro
Bloomberg animation showing the alleged malicious component in the Supermicro
server motherboards positioned between the SOIC-16 SPI flash chip and the BMC.
Mirai botnet  Xiongmai

5. Page 5
Design
Tape-Out
Manufacturing
Package & Test
Provisioning
Assembly
Distribution Channels
Lack of Traceability from Chip to Cloud
Untrusted Supply Chain
Impossible to trace the chain of business liability when a security beach occurs
Apps
Updates
RMA Debug
Recycling
Hardware
Upgrades
Device
Control
Analytics
Onboarding
Firmware
Updates
Lifecycle
Management
Untrusted Field Use

6. Page 6
Charter of Trust and the Digital Supply Chain
Trusted identity and provenance are key for accountability* in the supply chain
www.charter-of-trust.com
*Source IDC: European IoT Security Why the IoT Supply Chain of Trust Matters
Authentication
Identity
Provenance
Accountability*
OCM
ODM
OEM

7. Page 7
Identity-based Lifecycle Management
System DesignIC Design Fab - OSAT Distribution Assembly Delivery OperatingOnboarding Recycling
• Establish Accountability &Trust
• Enable Identity-driven Services
• Improve Quality, Security, Safety
Configurability - ProvisioningTraceability - Monitoring
• Enable Onboarding & Personalization
• Provide OTA Updates & Manage RMAs
• Drive Higher Value Business Models
Field Use: Applications & ServicesSemiconductor Supply Chain Device Supply Chain
ECU
Identity Provenance
OCM - Chip ODM - Device OEM - System
ODMs - OEMs OperatorsIC Suppliers
Trusted Infrastructure
& Partnerships Needed

8. Page 8
Identity is Key for Enabling Chain of Trust
Inborn identity coupled with traceability infrastructure and trusted value chain
TPM Identity
*Trusted Platform Module
• Simple PCB Device ID
• BOM Cost (Extra ASIC)
• IC can be compromised
• No Chip Traceability
Inserted Identity
*Fused or Injected Secret
• ID Embedded in Chip
• Trusted Execution Env
• Can be tampered/cloned
• No Parts Traceability
Inborn Identity
*No Secret at Rest (power-off)
• ID from Mfg process
• TEE and Secure Enclave
• Physically Unclonable
• PCB Can Be Hacked
Unified Identity
*ID linked to Ownership (PO)
• Derived ID from all ICs
• ID factoring BOM in PCB
• Certified Device & Parts
• Trusted Suppliers Links
PCB Layout
IC Enrollment &
Trusted Device
Onboarding
ODMs - OEMs
Operators
IC Suppliers
+ Trusted Partners

9. Page 9
Identity Enables a Trusted IoT Value Chain
Ecosystem Enablement
Authentication, Provisioning, …
Connectivity, & Device Management
Firmware, Protocols, Applications,…
Data & Lifecycle Management
Field Operations & Services
Supply Chain Configurability (Provisioning)
Client
Embedded Systems
Identity Trusted Server
AuthenticationEnrollment
Trusted Device
Onboarding
Late Binding
& Key Mgmt.
Supply Chain Traceability (Distributed Trust Exchange)
RTOS

10. Page 10
Trusted Server
Identity Enables Trusted Lifecycle Services
System DesignIC Design Fab - OSAT Distribution Assembly Delivery
Apps
Updates
RMA
Debug
Hardware
Upgrades
Device
Control
Analytics
Firmware
Updates
OperatingOnboarding Recycling
Services
• Chip Authentication
• Chip Feature Provisioning
• Chip Authenticity Certification
• Key injection (Untrusted Facility)
• Firmware Injection (Untrusted Facility)
• Generic Data Injection / Extraction
• Identity-driven Device Onboarding
• OTA Firmware and App Updates
• RMA Debug (incl. IC Access Grant)
Chip ID Device ID Equipment ID
IoT Platforms
Cloud
Services
ODMs - OEMs OperatorsIC Suppliers
Traceability - Monitoring
Configurability - Provisioning
Enrollment

11. Page 11
Use Cases - Key & Feature Provisioning
One SKU product supporting many
standards provisioned on delivery
Multi Market Product
 Product performance can be increased
 Battery life can be extended (ala Tesla)
 RMAs can be diagnosed even inside chip
 Compromised systems can be disabled
 Ease adoption of new products/services
 Reduce recalls with in-field diagnostics
 Enable Hardware-as-a-Service business
 Deactivate stolen/unauthorized products
Offer differing charging speeds,
distance and tracking service
Electric Bike
Offer differing ranges (higher
power GPS) & contract duration
Pet Tracker
Remote
Provisioning
Value
Courtesy of GLOBALFOUNRIES and Siemens-Mentor

12. Page 12
Example - Automotive Supply Chain Challenges
• 7,000 semiconductor ICs on a premium car
• 1ppm failure rate = 7 failures for 1,000 cars
• 4,000 cars build per day = 1 failure per hour*
• Production failures plus electronics failures
Quality & Reliability Security & Safety
Securing Edge to Cloud Connectivity
• Many publicized hacks, millions of recalls
• Vulnerabilities from 100s of ECUs per car
• Gray market, clones, or counterfeit ICs
• Gb of data / day / car can be compromised
• Supply Chain Security
- Authorized Distributors
- Continuity of Supply
• Counterfeit Chips in
- ECUs & ABS Systems
- Airbag& Cruise control
• Over the Air Updates
- Firmware Changes
- Keys and Certificates
Source: Automotive Megatrends, Challenges and Solutions , SEMICON Europa 2015, Dresden

13. Page 13
Root cause on supply chain intrusions or system RMAs take months to detect and fix
IC Supplier
IC Design
Chip IDs Test Logs
CM (EMS)OEM/ODMOSATFoundry Field UseDistributor
Traceability +
Authenticity?
Example - Automotive Supply Chain Quality & Trust Issues
Parts Tests
Wafer 1 Wafer 2
Field Performance
System TestPCB TestFinal Test Self TestKey InjectionProbe Test
Gray MarketsOverproduction Counterfeits Hacks/MalwareIP Theft DDoS AttacksReverse Engineering

14. Page 14
Traceability
Supply Chain Analytics
Configurability
Provisioning and Updates
IC Design
• Engineering • Operations • Production • Procurement • Accounting
Chain of Custody
Distributed Ledger
Supply Chain Monitoring and Certification
Chip IDs Test Logs
System TestPCB TestFinal Test Self TestKey Injection
CM (EMS)OEM/ODMOSATFoundry Field UseDistributor
Traceability +
Authenticity?
Trusted
Protocol
Example - Automotive Supply Chain End-to-End Solution
Parts Tests
Wafer 1 Wafer 2
Field Performance
Predict Field Performance
Trace where issue occurred
Probe Test
Ops SKU Db Test Logs Test Logs BOM + Test IoT PlatformsOps SKU DbInject Logs
IC Supplier
Trusted
Services
Enrollment

15. Page 15
The Digital Thread and Digital Twin
The Digital Thread ties all of your data together,
from requirements through design all the way
to manufacturing and the field. We start with
this, as an enabler for the Digital Twin
The Digital Twin allows us to simulate the entire
supply chain, from requirements collection and
design to factory layout, capacity, scheduling,
processing, manufacturing and the field.

16. Page 16
Use Cases - Supply Chain Traceability
Why Did the Part Fail? Which IP Contributed to Failure?
Pre-Launch ATE Production ATE
Why Production ATE did not work as expected? Can we use ML* Process/Defect Characterization?
*ML: Machine Learning

17. Page 17
Economic Incentive for Trusted IoT Supply Chain
Value
Chip suppliers ODMs/OEMs App/Service Providers
• Reduce Production Cost
• Track/Provision SKUs in Field
• Prevent IP Theft and Clones
Enroll - Monitor - Provision
• Bind Apps to Chip Root of Trust
• Authenticate Device, not User
• Secure Content and Payments
Safeguard Users, Applications, Data
• Automate Device Onboarding
• Track/Update Devices in Field
• Enable Remote Debug & PLM
Monitor - Provision - Personalize
Configurability  Higher Value Business ModelsTraceability  Higher Trust, Quality, Safety
Hardware
as a Service

18. Page 18
Summary - Trusted Alliances in the IoT Value Chain
• IDMs and Pure Foundries
• Chip/OEM/ODM Suppliers
• Contract Manufacturers
• Chip & Device Distributors
• End Application Providers
• Operators & Service Providers
Trust will evolve through “round and round we go” business relationships
Circle of Trust