

Hardware Trojans, is outside the scope of this article, but it should nevertheless be taken very seriously. This type of attack, in which seemingly legitimate components have

This attack is arguably the hardest to detect because the schematic is usually regarded as the most accurate reflection of the designer’s intent and thus carries the weight of authority.Ī variation on this theme involves adding an innocuous component to the schematic, then using a maliciously altered version of the component in production. In the first type of attack, extra components are added to the schematic. It could also let them introduce false temperature and voltage readings that could damage or shut the system down.Īttacks can be made at every one of these design steps. Seizing control of the LPC bus could let hackers reduce the fan speed so that a computer will overheat. The chip sits on the Low Pin Count (LPC) bus. Super I/O Chip: The Super I/O chip controls the inputs to a variety of low-bandwidth devices, sometimes including keyboards, the mouse, certain sensors, fans, and floppy disks. The boards are then inspected, tested, repaired as needed, and assembled further into working products.ĥ. It’s intricate work: An eight-pin, four-resistor network can cover just 2 millimeters by 1.3 mm, and some component footprints are as small as 0.25 mm by 0.13 mm. Through-hole components are placed, often by hand, and the boards pass over a machine that applies solder to all of the through-hole pins. Next, “pick and place” machines put surface-mount components where they belong on the board, and the PCBs pass through an oven that melts all the solder at once. The manufacturer then uses the files to create masks for etching, printing, and drilling the boards. A second ASCII-formatted file, called the drill file, shows where to place holes in the circuit board. It consists of ASCII-formatted commands that direct shapes to appear on the board. Once the schematic and layout have been checked, the layout is converted to a set of files. This is because boards often contain extra circuitry for debugging and testing or because they are manufactured for several purposes, and therefore might have versions with more or fewer components. Most boards include empty component footprints, called unpopulated components. Not all of a PCB is taken up by components. (The reference designator is extremely important-most of the assembly process, and much of the design and procurement process, is tied to reference designators.) The layout depicts the finished bare board and locates objects on the board, including both components and their labels, called The schematic describes all the components and how they are interconnected. PCB designers start by creating two electronic documents, a schematic and a layout.

(They are also known as printed wiring boards, or PWBs, before they are populated with components.) The purpose of the PCB is, of course, to provide the structural support to hold the components in place and to provide the wiring needed to connect signals and power to the components. Printed circuit boards typically contain thousands of components. In order to understand how a circuit board can be hacked, it’s worth reviewing how they are made. Fortunately, the means to shore up those points are relatively straightforward, and many of them simply amount to good engineering practice. We’ll take you on a tour of some of the best-known weak points in printed-circuit-board manufacturing. Malware and counterfeit ICs, but the vulnerabilities of the printed circuit board itself are only now starting to get the attention they deserve. And there have been more than a dozen documented examples of such system-level attacks. Even so, the possibility of carrying out such a stupendous hack is quite real. Refuted by the companies involved and by the U.S. This claim has been roundly and specifically In 2018, an article in Bloomberg Businessweek made the stupendous assertion that Chinese spy services had created back doors to servers built for Amazon, Apple, and others by inserting millimeter-size chips into circuit boards.
