The $150 Billion Blind Spot in Critical Infrastructure: Why Analog & Passive Components Have No Digital ID

The semiconductor industry has spent a decade building elaborate systems of trust around digital chips — PUF-based identities, secure elements, cryptographic die IDs, certificate chains from wafer to end system. But the moment you move one inch down the bill-of-materials into analog/mixed-signal ICs, sensors, and discrete passive components, that entire infrastructure disappears.

That’s the $150 billion problem that a group of semiconductor executives, EDA vendors, and supply chain security experts are now trying to solve — before the next major infrastructure breach traces back to a counterfeit capacitor in a power substation.

The Scope of the Exposure

According to Semiconductor Engineering’s analysis, critical infrastructure — defined by the U.S. government as telecom, aerospace, defense, and utility sectors — represents roughly 20% of today’s global semiconductor TAM, or about $150 billion. Every watt of power delivery, every RF signal chain, every sensor node in these systems depends on analog and passive components that currently have no equivalent to the digital ID infrastructure that protects digital chips.

The threat is real: gray market components and outright counterfeits have been documented entering critical infrastructure supply chains. Unlike a failed digital chip that often fails visibly, a degraded passive component can fail slowly, silently, and in ways that are hard to attribute.

Why Digital ID Can’t Simply Be Extended

The core problem is physical. Digital ICs can leverage intrinsic physical unclonable functions (PUFs) derived from SRAM behavior at power-up — unique randomness baked into the silicon during manufacturing. The same trick doesn’t work for analog ICs, sensors, or discrete passives because they don’t have SRAM, don’t have power-up behavior, and in many cases aren’t even powered during storage or transport.

Extrinsic ID approaches — optical, X-ray, or IR-based identification — exist but have limitations. You can’t read an intrinsic ID if the device isn’t powered. You can’t easily embed an ID into a discrete capacitor that’s made of ceramic and metal terminations.

The Emerging Solutions: Certificate Chains and Physical Anchors

A number of approaches are in development, falling broadly into two categories:

• Intrinsic IDs — requiring the device to be powered; leverages entropy in CMOS or other semiconductor physics
• Extrinsic IDs — readable using optical, X-ray, or IR detectors without powering the device

The goal in either case is the same: create a physical trust anchor — an immutable, unclonable device identity — that is inseparably linked to a digital certificate. This anchor, embedded at the wafer or die stage, would establish a verifiable bond between the physical component and its certified digital provenance record.

The Supply Chain Chain Problem

Even if you can issue an ID at the wafer level, you then need to propagate that trust through packaging, PCB assembly, and system integration — each a handoff point where counterfeits could be introduced. The certificate chain needs to be maintained across all of these steps, which means everyone from the wafer fab to the EMS provider to the system OEM needs to participate in the trust infrastructure.

This is a coordination problem as much as a technology problem — and coordination at this scale takes time, standards bodies, and regulatory pressure.

The Bottom Line for Passive Component Buyers

If you’re procuring passives for any critical infrastructure application, the message from this analysis is clear: demand provenance from your suppliers, understand what ID infrastructure they have (or don’t have), and plan for a world where certificate-based supply chain attestation becomes a procurement requirement, not a nice-to-have.