28 February 2019

QFD Security Deployment

finger vein authentication system
- graphic by nih.org
In 2007 International Symposium on QFD, a case study was presented involving the development of a finger vein authentication device for the financial and security industries.

Initially designed for medical device, this technology captures high-contrast maps of finger veins from an image obtained from light transmission, with the help of artificial intelligence, and matches them to the pre-registered vein patterns to authenticate the identity of an individual.

At that time, the company, Hitachi Omron Terminal Solutions, Ltd., believed that their system made forgery very difficult because it was the only type of authentication methods that used internal physiological characteristics that are invisible externally and hard to reproduce.

Fast forward, in December 2018, German researchers reported that they were able to hack this particular security system by replicating a human hand's veins by using off-the-shelf materials.

So here is yet another example of the never ending cat-and-mouse game played by technologies and hackers.

How can QFD / ISO 16355 help to build-in better security designs during the produce development process?

Like in many Systems Engineering problems, it is useful to begin by separating the problem space from the solution space. By creating a vertical Security Deployment, we can look at the problem space from multiple perspectives.

Here are some possible charts that may be used:
  1. Security Tree Analysis (STA)
  2. Customer Needs - Security Matrix
  3. Functional Requirements - Security Matrix
  4. Function - Security Technology Matrix
  5. System/Subsystem - Security Matrix
  6. Component - Security Matrix
  7. Build - Security Table

More details on such QFD Security Deployment process are explained at qfdi.org

Also, the QFD Institute is now developing these new tools for training in a number of industries including health care and IT products and services.

Today security concern is everybody's business today, not limited to the responsibility of IT and engineering, since a single security breach could wreck an otherwise well-designed new product or a business plan.

To begin your journey to understanding how ISO QFD tools could be useful for your work, we invite you to the upcoming training.

© QFD Institute & Glenn Mazur