The complexity of today’s integrated circuit (IC) supply chain, organised in several tiers and including many companies located in different countries, makes it challenging to assess the history and integrity of procured ICs. This enables malicious practices like counterfeiting and insertion of back doors, which are extremely dangerous, especially in supply chains of ICs for industrial control systems used in critical infrastructures, where a country and human lives can be put at risk. This paper aims at mitigating these issues by introducing Anti-BlUFf (Anti-counterfeiting Blockchain- and PUF-based infrastructure), an approach where ICs are uniquely identified and tracked along the chain, across multiple sites, to detect tampering. Our solution is based on consortium blockchain and smart contract technologies; hence, it is decentralised, highly available and provides strong guarantees on the integrity of stored data and executed business logic. The unique identification of ICs along the chain is implemented by using physically unclonable functions (PUFs) as tamper-resistant IDs. We first define the threat model of an adversary interested in tampering with ICs along the supply chain and then provide the design of the tracking system that implements the proposed anti-counterfeiting approach. We present a security analysis of the tracking system against the designated threat model and a prototype evaluation to show its technical feasibility and assess its effectiveness in counterfeit mitigation. Finally, we discuss several key practical aspects concerning our solution ad its integration with real IC supply chains.

当今的集成电路（IC）供应链的复杂性由多个层次组成，包括位于不同国家/地区的许多公司，这使得评估采购IC的历史和完整性具有挑战性。这使得伪造和插入后门等恶意行为极为危险，特别是在关键基础设施中使用的工业控制系统IC供应链中，这可能会危及国家和人民的生命。本文旨在通过引入Anti-BlUFf（基于防伪区块链和PUF的基础架构）来缓解这些问题，该方法是跨多个站点唯一识别和跟踪IC的IC，以检测篡改。我们的解决方案基于联盟区块链和智能合约技术；因此，它是分散的，高可用性，并为存储的数据和已执行的业务逻辑的完整性提供有力的保证。通过使用物理不可克隆功能（PUF）作为防篡改ID，可以实现对链上IC的唯一标识。我们首先定义有兴趣篡改供应链中IC的对手的威胁模型，然后提供实现所建议的防伪方法的跟踪系统的设计。我们针对指定的威胁模型对跟踪系统进行了安全分析，并提供了原型评估，以显示其技术可行性并评估其在缓解假冒方面的有效性。最后，我们讨论了有关我们的解决方案及其与实际IC供应链的集成的几个关键实践方面。