Security of Data Transfer Council

The Risk of Market Exclusion Due to Unverifiable "Provenance, Identity, and Integrity"

Regulations such as the U.S. National Defense Authorization Act (NDAA) and the EU Cyber Resilience Act (CRA) effectively mandate the verification of hardware authenticity.

• Inability to Prove Provenance → Component Authenticity Failure to objectively prove the absence of prohibited components poses a risk to the entire supply chain.
• Vulnerability of Identity → Device Authenticity Software authentication alone cannot physically prevent device "spoofing" or "identity mismatching."
• Lack of Integrity Unless data can be proven at the physical layer to be untampered with, its reliability cannot be guaranteed.

Internal Network Risks: "Communication Pollution" and "Physical Intrusion"

Current transmission protocols lack verification methods (forensic traces) based on the physical layer to counter "unauthorized communication behavior within internal networks" or "malicious physical additions of devices (physical intrusion)" after perimeter defenses have been breached.

• Connection Risk of Unauthorized Devices Insufficient physical unique identification fails to prevent the injection of false commands by fraudulent devices.
• Data Tampering within Communication Paths The absence of signatures based on physical evidence makes path-level tampering undetectable, permitting unauthorized operations.
• Injection of Data with Unknown Provenance Without objective evidence of provenance, the authenticity of data cannot be determined, making post-event verification difficult.

The Threat of "Video Injection" into Monitoring and Inspection Systems

In unmanned factories and autonomous robots, video is not merely a record; it is the absolute basis for AI to "judge and act". The loss of a "physical basis" for input information fundamentally collapses the safety that is the premise of automation.

• Direct Interruption of "Fake Video" into Communication Paths By directly injecting AI-generated video (Deepfakes) into communication paths, attackers can neutralize surveillance networks or permit physical trespassing.
• Inability to Prove the "Fact of Filming" as Evidence Due to the lack of physical linking for each frame, it is impossible to detect tampering such as frame deletion or the loop playback of past footage.
• "Visual Data Poisoning" Deceiving AI Subtle overwriting, indiscernible to humans, intentionally causes malfunctions in AI detection and authentication algorithms.

AI Runaway and Accident Risks caused by "Poisoned Data"

In drones and autonomous vehicles, data tampering within communication paths directly leads to fatal accidents. AI that learns or makes decisions based on incorrect information becomes uncontrollable.

• Data Poisoning When AI ingests malicious "poisoned data," it can be induced into intentional misrecognition or uncontrollable runaway.
• Vulnerability of Wireless Communication Unlike wired systems, remote attacks (spoofing and tampering) are possible from the outside without physical intrusion, as long as the device is within signal range.
• Lack of a Physical "Root of Trust" A mechanism that guarantees at the physical layer that data has arrived from the correct source without being tampered with is indispensable.

Threats of Spoofing and Silent Tampering Lurking in Networks Connecting Vehicles, Drones, and Biometric Information

Current communication protocols cannot verify whether the "sender is physically authentic," and there is no means to block device spoofing or tampering within communication paths using mechanisms directly linked to the physical layer. This has become a significant risk to economic security.

• Seizing Control (Vehicles, Drones, Humanoids) In the absence of a Hashchain (guarantee of continuity) for control commands, it is impossible to prevent command injection or communication relay attacks (relay attacks) by third parties, permitting physical runaway, crashes, or theft.
• Spoofing at Digital Touchpoints (Smartphones, Smart Keys) Software-dependent authentication without PCA (Chip-Unique Identification) cannot physically eliminate the disguise or spoofing of digital keys via smartphones, leading to unauthorized intrusion into core infrastructure.
• Poisoning of Vital and Sensor Data (Wearables, V2X) If driver health information sent from smartwatches or data from roadside sensors is tampered with, AI makes incorrect decisions, inducing emergency stop failures or fatal accidents.

Structural limits making it impossible to immediately and continuously prove the "Identity" and "Authenticity" of data (Limits of TCP/IP)

In a real-time, always-on society, it is necessary to continue verifying the authenticity of flowing data without stopping. However, existing systems specialized in maintaining connections rely on processing at the software layer, posing structural issues that prevent speed and security from coexisting.

• Limits of Transmission Efficiency and Guarantee of Authenticity of Data Itself Header analysis load for each packet hinders physical layer performance; integrating elements to judge authenticity into the transmission data itself is essential for achieving high-speed, ultra-low latency transmission.
• Obstruction of Autonomous Control due to Authentication Processes Procedures such as session establishment and certificate verification at the software layer hinder immediate collaboration between devices; a shift to hardware-led automatic authentication, eliminating the need for per-communication login or complex connection procedures, is required.
• Lack of Confidentiality due to Decoupling of Individual Identification and Data Existing protocols only protect communication paths and cannot prove the physical provenance of data. A mechanism that directly links unique physical layer identification with data, ensuring only those with legitimate rights can view the received data, is indispensable.