The study describes the production steps from the initial design down to the final product. Based on this overview it sketches possible weaknesses as well as chosen attack scenarios. Possible detection and prevention measures are evaluated not only based on a literature research but also on specifically conducted experiments.

Today, the development and production of complex IT systems is very often no longer carried out by a single manufacturer, who performs and controls all the involved steps completely himself. This division of labor has clear advantages, but it comes with the risk of unwanted changes in the initial design during the production. In terms of security relevant products, this can result in a loss of confidential data. Such manipulations, also known as “Hardware Trojans” can be implemented at almost all stages of development and production.