Methodology Development for Counterfeit Component...
Transcript of Methodology Development for Counterfeit Component...
2013 International Conference on Electronic Packaging Technology (ICEPT 2013)
August 11 – August 14, 2013, Dalian, China
Methodology Development for Counterfeit
Component Mitigation
Present by Jeffrey Lee, iST
Martin Huehne, Celestica, Thailand
Jeffrey Lee, iST-Integrated Service Technology Inc., Taiwan
Harrison Miles, Corelis, USA
Mark Schaffer, iNEMI, Virginia, USA
Email: [email protected]
Counterfeit Components Assessment
Project Members
What Counterfeit Components Are?
A counterfeit component is a fraudulent part that has been
confirmed to be a copy, imitation, or substitute that has been
represented, identified, or marked as genuine, and/or altered by a
source without legal right with intent to mislead, deceive, or
defraud.
Definition is from Draft SAE 5553 and 6081
Incident Report Data for 2012
• Total of separate verified incidents of counterfeit-part reported 1,336 for transactions of over
834,079 parts that were actually purchased.
• Figures for purchased parts are considered a conservative because purchased parts reflect only
a subset of all reported incidents.
Source: HIS Parts Management, October 2012
Sampling of Counterfeit Device Categories*
1. Cloning – copy that appears operationally and functionally
equivalent
2. Product “skimming”, subcontractors, or second source
suppliers
3. Disposal of scrap and rejects
4. Devices used as qualification samples
5. Reclamation and reuse of component
6. Re-branding and/or Re-marking
7. False claims of conformity to industry certifications (e.g.
RoHS)
8. Devices containing embedded malicious malware - “trojans”
(e.g. flash device with “trojan” software)
Why CC Is an Issue/Why Do You Care?
• 2 problems
– Top line problem from biz perspective – how brand is respected
– Bottom line concern – warranty costs, RMA - impact on profit
• Liability issues
– Expenditure of resources (man-hours) to support field
accidents/failures for products that significantly impact human safety
– Public Safety
Impact of CC in Electronics
• Numbers!
– Field service cost in US is over $1100/incident
– 10 million batches of electronics bought worldwide and 1000 are counterfeit
– The cost of screening parts: To screen a typical lot of 200 or less
components cost between 800 $US to 2,000 $US.
– what are high use, hurting everyone
• DDRx memory, FLASH, SSD, FPGA (field programmable gate arrays)
• Example in FBGA based on experience.
10 batches were bought from brokers (all Xilinx parts), with a total number
of 3667 parts.
2 batches were found to be counterfeit or at least highly suspect, with a total
number of 975 parts.
• Limited Supply of high demand market products and end-of-life
products
– The higher the demand for a product, the more attractive it becomes for
counterfeiting.
Reference : TSIA (Technology Services Industry Association), December 15, 2011
Counterfeiting Components
• Business practices that lend themselves to increased
counterfeit activity, such as: – Lead time reduction or
– Demand pull in,
– Poor planning,
– Multiple emergency supply requests giving a false level of demand etc
• Part of the roadmap should be to address these practices – Either by iNEMI or
– By some other group like the SIA who may be better placed or already
working on that
Industry Sector Desired Product Life-Cycles
Industry Sectors Desired Product Life-cycle
Avionics (Civil) 10 to 20 years
Avionics (Military) 10 to 30 years
Automotive Cars and Trucks 10 to 15 years (warranty)
External Equipment 5 to 10 years
Internal Equipment 7 years
Infrastructure
Equipment
10 to 30 years
Data Center
Equipment
7 to 10 years
High End Servers 7 to 10 years
Industrical Controls 7 to 15 years
Appliances 7 to 15 years
Cell Phones 18 to 36 months
Laptop Computers 24 to 36 months
Desktop Computers 24 to 60 months
Consumer & Portable
Office & Large Business Systems
Netcom ( Telecom & Data)
Medical
Aerospace & Defense
Actual Situation
None of these product sectors is immune from the introduction of counterfeit
components; however, each has its own set of unique requirements.
It is not clear that there is a "one size fits all" solution due to the variations in
requirements.
What Is this iNEMI Project Doing?
• Develop a methodology to evaluate or assess the risk of
counterfeit use.
• Develop a methodology to evaluate or assess the
aggregated risk of untrusted sources of supply.
• Develop an assessment / mitigation strategy which includes
a methodology to estimate long term cost of ownership.
Project Is / Is Not Analysis
This Project IS: This Project IS NOT:
Project 1: Counterfeit Components - Assessment Methodology and Metric Development
Identify any related research or development within
the industry and academic communities Development of a specific standard(s)
Review and tabulate successes that have worked in
the past (BKM/BKP) Biased towards specific brokers,
suppliers, geographies, or market
segments Develop a methodology to evaluate or assess the risk
of counterfeit use
Assess the aggregated risk of untrusted sources of
supply Repeat of prior or existing work
Develop an assessment / mitigation strategy
Long term cost of ownership
Not focused on quality issues or
standards
Define / develop a metric that can identify the scope of
the problem Missing piece is the history (e.g.,
storage conditions, …) Assess the effectiveness of the methodologies
developed
Review and finalize methodology
How to capture quality information /
data Focused on those attributes which are of most value
to supply chain and the participating project members
Applicable to multiple spaces across the supply chain
Supply Chain Assessment
• iNEMI wants to complement any activities that are being
worked
• Possible Activities: – Assess types of threats and how parts traceability can help mitigate the
risks
– Develop a roadmap to prioritize needs for addressing the threats
– Assess and document industry needs in order to develop a strategy • Increase product/parts/material traceability
• Increase reliability of product authentication information in the supply chain
• Ease process of product authentication for new and legacy product, components,
and materials in the electronics industry supply chain
– Investigate types of information needed for product authentication
– Review existing supply chain data exchange standards to assess the
ability to integrate standards-based unique identification codes
Electronic Manufacturing Workflow Diagram
Key sectors of the electronics supply chain
Wafer Manufacturers
Chip Manufacturers
Board Manufacturers
System Manufacturers
After Market Sales and Refurb Support
Disposal/Recycle
Board Manufacturer Cluster
Wafer
Manufacturer
Raw Material
Manufacturer
Chip
Manufacturer
Mechanical Part
Manufacturer
Board
Manufacturer
System
Manufacturer
After Market
Sales and
Refurb
Support
Recycle/
Disposal
Board
Manufacturer
Chip or Mechanical
Part Manufacturer
Non-
Franchised
Distributor
Broker/
Independents
Franchised
Distributor
System
Manufacturer
Recycle/
Disposal
Excess Inventory
Recycled
Inventory
New
Inventory
A chip mfg relative to board mfg is an open market entry strategy. Multiple channel
Marketing of their product. Driven by economy of scale of the factory/fab.
Scrap
Consigned
Component
s
A
A
Calculating Risk of Counterfeit by Risk Assessment
Calculator
Page 16
• The profile of the product in question – If a product is in high demand and also the original supply is near end of life, then the product profile
risk of counterfeit is highest.
• The inputs or characteristics of the supplier and supply line – The inputs risk is highest where the supplier is a broker with no controls who has previously supplied
confirmed counterfeit product and cannot confirm the origin of the product in question. Conversely,
the inputs risk is lowest when the product is coming directly from the OCM, there are strong
counterfeit mitigation procedures in place, and there is no know history of counterfeit supply.
• The processes used on the product to deter counterfeit use – Where a product requires a large capital investment, is easy to authenticate, and uses a high level of
counterfeit controls, the process risk of counterfeit use is low. On the other hand where there is little
or no investment required to make the product, validation is difficult, and there are no special
counterfeit controls in place, the process risk of counterfeit use is highest.
• The outputs or channel characteristics – The outputs risk is highest when the sales channel is unknown; there is no control or traceability on
excess inventory, prototypes, reworks or scrap; and the end customer is unknown. In contrast, where
the end customer is well known; the sales channel is well defined; and the excess inventory,
prototypes, reworks and scrap are well controlled, the outputs risk is lowest.
Four key elements for the risk assessment of
counterfeit :
Risk Calculator Domains
Counterfeit Detection Method
Minimum Inspections for
receiving parts
Detailed Analytical
Inspection
Non-destructive analysis
Techniques
Optical inspection with stereo
microscope
Scanning acoustic
microscopy
X-Ray Inspection XRF analysis
Electrical Test Functional Test
Gene Test
Destructive Analysis
Techniques
Solvent test Cross sectioning and
microscopic inspection
Decapsulation Test SEM-EDX
ICP/OES
GC/MS
UV-vis spectroscopy
FTIR spectroscopy
Ion chromatography (IC)
Incoming inspection for counterfeit parts 1st stage: Procedures that anyone can execute to provide the minimum level of protection.
2nd stage : Procedures that require more analytical techniques utilizing specialized equipment
and expertise.
• Optical Inspection under a stereo microscope (2D or 3D OM).
First Stage with Non-destructive analysis
Comparison of package markings on IC Package
Examples of package modification indicators
• X-ray inspection
First Stage with Non-destructive analysis
Abnormal wire bonding is found
Bonding pad comparison
One can see the ink mark on the outside
of the package but X-ray imaging reveals
reverse polarity.
First Stage with Destructive analysis
Solvent test
Marking confirmation with acetone.
De-capsulation test
Device name can be checked after decapsulation
Your IC
• Scanning Acoustic microscopy (C-SAM or TSAM)
2nd Stage with Non-destructive analysis
C-scan of BGA with severe delamination
XRF Analysis (EDXRF) for identifying RoHS substances
2nd Stage with Non-destructive analysis
Electrical / Functional test
A.C.T
A.C.T(Auto Curve Tracer)
2nd Stage with Destructive analysis
FTIR spectroscopy
ICP/OES
UVvis spectroscopy
2nd Stage with Destructive analysis
Ion chromatography (IC) GC/MS
Secondary ion mass spectrometry (SIMS)
Note: Pt coating for SEM inspection
Spectrum P Ni Cu Sn Pt Total
P1 100.00 100.00
P2 15.87 73.21 10.93 100.00
P3 17.23 62.29 20.48 100.00
P4 16.40 66.78 16.82 100.00
P5 7.34 85.74 6.92 100.00
P6 96.18 3.82 100.00
Solder ball cutting
BEI image SEM-EDX
2nd Stage with Destructive analysis
2nd Stage with Destructive analysis
• Cross sectioning and SEM microscopic inspection
Cross Section with Argon Beam
2nd Stage with Destructive analysis
Atomic Force Microscopy (AFM)
Conductive Atomic Force Microscopy (CAFM)
2nd Stage with Destructive analysis
• The project team will consider additional activities that would constitute
follow on work (Phase 2 activities) and will develop an extension of this
effort into a separate project. The development of protocol(s) to assist in
identifying the pedigree of parts in the supply chain would fall outside the
scope of this initial project and would be one possibility for Phase 2. This
would involve definition of protocols for tracking the life of components
such that a pedigree is developed for each part that identifies when,
where, and under what conditions it was manufactured and what paths it
has taken within the supply chain.
Ongoing Activity
Page 31