Deploying commercial trusted computing for defense and aerospace applications at the speed of technology
By John Bratton
ANDOVER, Mass. – Modern aerospace and defense processing applications require industry-specific capabilities that seldom are available from commercial technology companies. Prime defense contractors and aerospace integrators require built-in trusted-computing in the product and the producers’ infrastructure.
These traits are not characteristic of even the best commercial technology companies. A bigger concern is that commercial producers are becoming more and more globalized, and expose themselves to the risks of complex and intrinsically vulnerable supply chains. While supply chain anomalies may arise purely by accident, industry opinion is becoming increasingly skeptical.
As an example, more than 90 percent of a Massachusetts Institute of Technology (MIT) global risk survey in 2015 said they believe that business risk is increasing, with supply chain complexity being the largest concern, followed by cyber security, business model disruption and globalization.
The traditional approach to outsourcing components and subassemblies -- even within the defense domain -- has been the pursuit of the lowest-cost option with acceptable quality. This is an approach that rarely is ideal, as shooting inadvertently could commit the purchasing organization to unplanned costs and schedule delays when the lowest requirements fell even marginally short.
Related: How to trust military embedded computing amid threats like cyber attacks and tampering
Such low supply chain reliability has rendered the global outsourcing model unsustainable for defense and aerospace electronics manufacturing.
Program and technical information has to be secure; protected and prime contractors must trust their suppliers to safeguard this information. This is especially prevalent because many bad actors have switched their focus from the primes to their suppliers.
This new supply chain paradigm demands flexibility, responsiveness, consistency, and risk mitigation, which increasingly mandates built-in security and trust. Collectively this is the actual cost of ownership. The U.S. Department of Defense, Department of Energy (DoE) and National Institute for Standards and Technology (NIST) all are seeking data-driven, sustainable, flexible, domestic, and collaborative supply chains that provide practical assurances on timeline and component authenticity.
They call these supply chains “Next-Generation Supply Chains.” This approach builds in competitive advantage, trust, sustainment, and flexibility. This increasingly is required for defense and aerospace processing applications.
Trust is critical, multifaceted, and increasingly required by contract and mandate for defense and aerospace contractors. Officials of a prime contractor must be able to trust the products they buy, as well as the functions associated with the production of those goods.
Prime contractors have to trust their intellectual property (IP) and prove that their equipment will be safe and not used against them for competitive disadvantage, espionage, or product performance compromise.
Devices in their processing solutions must come from known and vetted sources, and they must use secure facilities to produce their goods, with a robust physical and cyber security posture. Without this, everything else is for naught; security and trust are that important.
Processing devices should be sourced only from approved OEMs or their authorized distributors. A robust end-to-end supply chain that uses Society of Automotive Engineers (SAE) standards to detect fraudulent and counterfeit devices (AS5553B and AS6496 for electrical, electronic, electromechanically, and processing components and assemblies) is the minimum starting point needed to deliver authentic device assurance.
The supply chain should allow only qualified supplier list (QSL) companies to supply only qualified product list (QPLs) devices. Critical devices may be monitored along the supply chain and throughout production. Their progress may be documented through an assured custody chain process for classified and unclassified integrated circuits.
For additional integrity, silicon devices can be characterized through testing across temperatures from -40 to 125 degrees Celsius for performance. For exceptionally critical applications, next-generation defense electronics manufacturers may also use techniques that eradicate rare silicon cell defects.
Receiving authentic components in the correct configuration is the end of the downstream supply chain concern, but marks the beginning of the upstream concern for a Tier 2+ supplier. Cyber security applies to a vendor’s security proposition in two important ways: product cyber security and IT infrastructure cyber security.
The former refers to the ability of a vendor’s products to resist exposure to cyber threats that may occur from insider access or accidental mishandling throughout its life cycle; the latter refers to the vendor’s ability to defend its internal systems -- where its products are designed and produced -- from external influence or introspection.
Cyber threats are evolving quickly, and like known insider threats, they can be catastrophic. The DOD has reacted to the severity of these vulnerabilities by directing that traditional ad hoc best information assurance practices will no longer suffice.
In October 2016 “Safeguarding covered defense information and cyber incident reporting” (Defense federal acquisition regulation supplement 252.204-7012) directed Prime contractors and their subcontractors to comply with 110 new security requirements (National Institute of Technology Special Publication 800-171).
Minimum defense contractor covered defense information (CDI) protection requirement checklist:
-- DFAR supplement 252.204-7012 compliance;
-- NIST SP 800-171 compliance;
-- secure, trusted, domestic facilities – Ideally DMEA-certified; and
-- robust protection protocols for CDI.
Related: Mercury expands trusted computing portfolio
The 110 mandated rules from the DFAR supplement and NIST special publication 800-171 include notable security features like two-factor authentication, such as a password and fingerprint.
These form a critical foundation for a robust IT security posture and will be a fundamental requirement for all defense contractors regardless of their size, affecting all government contracts involving covered defense information (CDI). Nevertheless, outside of the Prime contractors and next-generation defense electronics manufacturers these requirements have yet to be universally adopted.
Increasingly, vendors are providing cyber security capabilities within their hardware products, for example, HPE’s “Silicon root of trust”, and the pervasive deployment of trusted platform modules (TPMs) on consumer and commercial computing platforms. Discovery of the so-called “advanced persistent threat” and a general recognition that malicious code should not be capable of gaining a persistent foothold on hardware so as to survive a power-cycle form the present-day basis of hardware’s role in the cyber-aware marketplace.
In addition to technical security measures, manufacturing operations also must consider trust and security, whether through personnel measures to reduce insider threats, or whether incorporated into processes and procedures deployed on the manufacturing floor.
Trusted defense electronic design, manufacturing, integration, coding, and support should be conducted within DOD Category 1A Trusted Supplier Defense Microelectronics Activity (DMEA) facilities.
DMEA was established by the Office of the Secretary of Defense (OSD) to act as the DOD center for microelectronics technology, acquisition, transformation, and support. DMEA is composed of specialized engineering facilities and microelectronic engineers that work with major defense contractors and the semiconductor industry to provide support for fielded systems across all US military organizations.
Next-generation defense electronics manufacturers leverage a commercial business model that anticipates future aerospace and defense processing requirements and makes the technology investments necessary to fulfill those requirements.
They source the best commercially developed technology using trusted, managed supply chains and embed proven security technologies, enabling defense and aerospace processing solutions to be deployed anywhere at the speed of technology. They are in effect efficient, trusted and secure channels between leading commercial technologies and the needs of the defense industry.
Next-generation defense electronics manufacturers operate out of DMEA-certified facilities. They systematically implement robust and trusted business systems that encompasses their IT infrastructures, business procedures, facilities, personnel and supply chain management to ensure the necessary levels of trust, in the product and the enterprise that designs, manufactures, codes and supports it.
When implemented together, DMEA facilities, technical security, trusted systems and a managed supply chain create the highest levels of system integrity for aerospace and defense processing applications, their data and the systems they run on.
Security and trust are not "nice-to-have", in the modern competitive environment; they are critical and increasingly mandated.
John Bratton is product marketing director at Mercury Systems Inc. in Andover, Mass. Contact him by email at [email protected].