Industry Group Refutes RFID Virus Claims

March 20, 2006
AIM Global, the trade association for automatic identification and mobility, issued a statement on March 17 in response to the highly controversial technical paper delivered during a conference on March 15 in Pisa, Italy entitled, "Is Your Cat Infected ...

AIM Global, the trade association for automatic identification and mobility, issued a statement on March 17 in response to the highly controversial technical paper delivered during a conference on March 15 in Pisa, Italy entitled, "Is Your Cat Infected with a Computer Virus?" The paper claims that RFID tags can be used to corrupt databases and even potentially to spread computer viruses.

"Many of the basic assumptions in the paper overlook a number of fundamental design features necessary in automatic data collection systems and good database design," says AIM Global president, Dan Mullen. "In other words, the researchers built a system with a weakness and then proceeded to show how the weakness could be exploited. Not surprisingly, poor system design, whether capturing RFID tag information, bar code information or keyboard-entered data will create vulnerabilities."

Another group from the International Organization for Standardization (ISO), RFID scientists, pointed out that there are two broad types of RFID tags, ones that have pre-encoded, or fixed data, and ones that have data that can be changed. Systems with fixed data such as those used to identify pets cannot be changed and therefore are immune to infection by a virus.

Here are a few specific attributes in RFID systems that can protect the overall system:

  • Most applications of RFID, including EPC Gen2, look for specific kinds of data. Poor reader design might allow the reading of a "rogue" tag, but a good system will verify the data against pre-defined parameters, as do current bar code systems, and any code not in the database is typically ignored.
  • Being able to insert a virus into the system implies that a tag contains executable code that is recognized by the software. This is simply not possible with many applications of RFID since they look for specific kinds of data and will either flag or reject anything that doesn't fit the data template.
  • Protection is a common process today in data transfer between computer systems and writeable media. Global standards and commercial products are created to ensure that there is adequate data security, much the same way that running current virus software prevents virus attacks to your home computer. Data collection system designers are aware that they must install, and have already installed, methods to authenticate any data into their software.
Intrested in information related to this topic? Subscribe to our weekly RFID eNewsletter.

Popular Sponsored Recommendations

Digital Production Tracking: How Connected Platforms with No-Code Deliver Value

June 20, 2023
Manual tracking lacks the real-time visibility manufacturers need to identify root causes and remain competitive. Digital, connected production tracking is crucial for your operations...

Lean Manufacturing in the Age of the Industrial Internet

Oct. 24, 2023
Read how advanced MES capabilities can help you improve your labor utilization, reduce WIP, and optimize your production. Download the white paper today.

Modern Edge Computing Accelerates Smart Manufacturing Initiatives for Discrete Manufacturers

Oct. 22, 2023
Discover how Edge Computing platforms are a requisite for discrete manufacturers to solve production challenges, accelerate digitalization, and establish a reliable infrastructure...

Monitoring IT, OT and IIoT: Use Cases and Dashboards

Aug. 20, 2023
The convergence of IT and OT makes it crucial to have a unified view of the entire infrastructure. From machines on the factory floor, PLCs, and IIoT devices, to industrial gateways...

Voice your opinion!

To join the conversation, and become an exclusive member of IndustryWeek, create an account today!