Prevent Battery Counterfeiting with Secure Fuel Gauges
January 25, 2018
|By: Perry Tsao
Executive Director, Mobile Solutions Business Unit, Maxim Integrated
They look just like the real thing and are typically cheaper, but many counterfeit battery packs lack the safety components or protective devices that are hallmarks of the authentic versions. Genuine lithium-ion battery packs, for example, commonly contain battery cells with safety features; protection circuits that guard against overcharging, overdischarging, and overcurrent; and protective devices that isolate any overcurrent.
Gray market batteries present plenty of risks for consumers as well as for the original equipment manufacturers (OEMs) who lose out on a revenue source. Yet, counterfeiters persist and the problem continues unabated. In fiscal year 2017, U.S. Customs and Border Protection (CBP) seized and destroyed almost 32,000 shipments of counterfeit goods; this was up 52% compared to 2014. This haul consisted a variety of items, not just counterfeit batteries. But, as CBP notes in a November 2017 blog post: "Counterfeiters focus on trends to make fake versions of popular products, such as smartphones or makeup. Maybe you remember the hover board craze from late 2015 and early 2016. Many of those products contained counterfeit batteries, which ended up sparking fires and causing significant safety concerns."
Indeed, consumer electronics are the second most pirated items in the U.S. and it's no surprise that cloned batteries have become a big problem. According to a Scout CMS blog post, smartphone batteries in particular are attractive for consumers who want a good deal, "but the bad part of the deal is that smartphone batteries involve complicated engineering that can malfunction—even without being hacked."
An Easy, Affordable Way to Safeguard Against Cloning
Did you know that battery fuel gauge ICs can prevent counterfeiting—easily and affordably? Fuel gauge ICs with integrated SHA-256 secure authentication can protect batteries from counterfeiters in an array of end markets, including financial, consumer, medical, computing, and gaming. Effective secure authentication in fuel gauges prevent the creation of unauthorized copies via unique keys that render the theft of a secret from a single IC to be useless. ICs that use multi-step key generation offer a good approach to prevent secrets from leaking from manufacturing sites. It’s also best for the secret to be created via a challenge-response approach, rather than being written directly into the IC. To further safeguard against theft of the secret key, the IC should be immune to optical, electrical, timing, and power analysis, as well as to physical inspection via deprocessing.
Maxim's MAX17201, MAX17205, MAX17211, and MAX17215 ModelGauge™ m5 fuel gauge ICs meet these authentication criteria. These FIPS 180-4-compliant ICs with SHA-256 authentication have 160-bit secret keys that are generated uniquely for each battery at the factory using multi-step key generation that is depicted in Figure 1. First, a secure hashing method is used to create Secret1, and then the same hashing algorithm along with the chip’s unique ROM_ID are used to create a Secret2. Secret1 is overwritten, while Secret2 is stored in the IC and is different for every IC. Battery pack manufacturers do not need to know Secret1 or Secret2, which minimizes the risk of the secret keys being leaked, and the two separate challenges used are secured at the factory.
Figure 1. Diagram of a unique secret key generation for each MAX172xx fuel gauge IC
Figure 2 depicts the process to authenticate the battery in the host software. The host software uses Challenge2, Secret1, and the ROM_ID to generate Secret2. The host software then conducts a challenge-response method to authenticate that the fuel gauge knows Secret2. The host software must securely store both Challenge2 and Secret1.
Figure 2. Diagram of host software authentication with MAX172xx fuel gauge ICs
These fuel gauge ICs are designed to prevent key theft from the IC. The secret key cannot be physically read from the fuel gauge and its verification can be completed only via the challenge response. As a counter-measure against deprocessing, the ICs have optical inspection immunity. Ones and zeroes stored in the non-volatile memory aren’t physically distinguishable. The fuel gauge ICs have immunity against electrical inspection such as micro probes and e-beam probes, as the key isn’t stored plainly in the non-volatile memory. Their physical design uses the top metal layer for routing power, ground, and other signals without critical information. Critical signals are covered in electrically biased metal areas. If someone tries to remove the top metal layer, this action would render the chip inoperable. Neither micro probing nor voltage contrast can reveal the secret with all of the signal layers intact. The ICs also have timing analysis and power analysis immunity (the timing of the SHA calculation is independent of the key, and power consumption during internal key access is independent of the value of the key). In addition, the timer value is stored in life logging registers, providing a counter-measure against cloning.
Accuracy Without Battery Characterization
Because the MAX17201, MAX17205, MAX17211, and MAX17215 ICs feature the ModelGauge m5 EZ algorithm, they deliver high accuracy without the need for battery characterization. The ModelGauge m5 EZ algorithm brings together the short-term accuracy and linearity of a coulomb counter with the long-term stability of a voltage-based fuel gauge plus temperature compensation. The ICs automatically compensate for cell aging, temperature, and discharge rate, providing accurate battery state-of-charge (SOC) in mA-hr or percentage over a wide range of operating conditions.
Protect your battery packs from counterfeiting—choose a fuel gauge IC that will deliver not only the accuracy you need but also protection against cloning, hacking, and other illicit acts.