Yes couterfeit chips are not necessarily malicious--sometime just outdated and being passed off as new--but reprogrammable chips is a big hurdle to surmount. However, SRC believes it is possible without adding too much overhead and the researdhers already have explored dozens of techniques for doing it. Now its a question of which will really work!
I see two very different issues that must be addressed: A/ detecting counterfeit chips and B/ preventing existing chips from being hacked and altered. Both of these issues are more difficult to address when chips are intentionally designed to be reprogrammed (upgraded). Hardwired chips can be subjected to tests to see whether they conform to the intended design and internal data. Reprogrammable chips are more difficult to test for authenticity (and a valid / suitable software load).
We need to search for counterfeits and Trojans today because we frankly don't know where our semiconductors are coming from. This is a result of the large number of brokers, distributors, and sometimes byzantine manufacturing steps in modern semiconductors.
Research like this is needed to be sure, but we should always be mindful of where money is best spent: in hardware based research (things like fault injection, of course, address different security problems altogether), or in adding traceability and chain-of-custody tracking and verification in our supply chains.
What are the engineering and design challenges in creating successful IoT devices? These devices are usually small, resource-constrained electronics designed to sense, collect, send, and/or interpret data. Some of the devices need to be smart enough to act upon data in real time, 24/7. Are the design challenges the same as with embedded systems, but with a little developer- and IT-skills added in? What do engineers need to know? Rick Merritt talks with two experts about the tools and best options for designing IoT devices in 2016. Specifically the guests will discuss sensors, security, and lessons from IoT deployments.