In 2012, the National Defense Authorization Act (NDAA), section 818, outlined new requirements for industry to serve as the lead in averting counterfeits in the defense supply chain.1 Subsequently, the House Armed Services Committee, in its report on the Fiscal Year 2016 NDAA, noted that the pending sale of IBM’s microprocessor fabrication facilities to Global Foundries created uncertainty about future access of the United States to trusted state-of-the-art microelectronic components and directed the Comptroller General to assess the Department of Defense’s (DoD’s) actions and measures to address this threat.2,3,4 In this context, the Deputy Assistant Secretary of the Air Force (Science, Technology, and Engineering) requested that the Air Force Studies Board of the National Research Council5 convene a workshop to facilitate an open dialogue with leading industry, academic, and government experts to (1) define the current technological and policy challenges with maintaining a reliable and secure source of microelectronic components; (2) review the current state of acquisition processes within the Air Force for acquiring reliable and secure microelectronic components; and (3) explore options for possible business models within the national security complex that would be relevant for the Air Force acquisition community. This report summarizes the results of a workshop held on March 16-18, 2016, in Washington, D.C., which brought together experts from government, industry, and academia to address these issues.
THE MICROELECTRONICS LANDSCAPE
During the “dawn” of the semiconductor industry in the 1970s, the focus was on ensuring that specific, required functionality was available through the design, fabrication, and production of application-specific integrated circuits (ASICs) and mass produced computer memories. Since then, advances in device speed, increased processing power and throughput, lower electrical power consumption, vast increases in device volume production, and ingenious, complex designs have enabled numerous new applications and enormous improvements. This rate of technological advance is expected to continue and perhaps accelerate as new substrate materials are introduced.6
Because electronic components in many national security systems are designed and intended to last for long periods in sometimes in harsh environments, testing to assure that the parts will indeed function properly and reliably, under all conceivable operational conditions, and function only as designed, becomes
1 National Defense Authorization Act for Fiscal Year 2012 (P.L. 112-81).
2 J. Lipsky, “IBM-GlobalFoundries Deal Finalized,” EETimes.com, July 1, 2015, http://www.eetimes.com/document.asp?doc_id=1327029.
3 National Defense Authorization Act for Fiscal Year 2016, H.R.1735, 114th Congress, https://www.congress.gov/bill/114th-congress/house-bill/1735, accessed April 17, 2016.
4 Global Foundries is an international company headquartered in Santa Clara, California. It is owned by the Mubadala Development Company, a wholly-owned investment vehicle of the Government of Abu Dhabi in the United Arab Emirates.
5 Effective July 1, 2015, the institution is called the National Academies of Sciences, Engineering, and Medicine. References in this report to the National Research Council (NRC) are used in a historical context to refer to activities before July 1.
6 A recent Aerospace Corporation study (TOR-2015-00473) included a summary of “Technology Challenges by 2025.”
challenging.7 The design of such tests requires intimate knowledge of the device operation and requires sophisticated testing techniques and equipment. Government program managers, program executive officers, and agency leaders are faced with the choice of either using commercial-off-the-shelf (COTS) devices—which may or may not support their requirements—and accept unknown risks; or they will have to make significant investments in test and certification technologies to validate operating parameters.
Complicating this situation further is the steadily eroding U.S. involvement in the design and manufacture of necessary electronic devices, and a concomitant decrease in domestic expertise and understanding of reliability and the risks to systems associated with such complexity. As a result of this erosion, there may not be a domestic microelectronics workforce capable of generating the required security and reliability information the government would require to appropriately analyze and advise program managers about the attendant system risks of microelectronic components.8
ORGANIZATION OF THE WORKSHOP
Workshop briefings included information on (1) DoD’s strategy for acquiring secure and reliable microelectronic components, (2) the needs of the nuclear weapons enterprise, (3) Air Force processes to gather reliable and secure information, (4) Defense MicroElectronics Activity’s (DMEA’s) new role as the sole manager of the Trusted Access Program Office (TAPO), (5) Defense Advanced Research Projects Agency and Intelligence Advanced Research Projects Activity technology research and development programs to insure that obtained parts are secure, and (6) the important role of standards in the manufacture and testing of secure and reliable microelectronic components. Importantly, briefings by industry shed light on the economics of electronics manufacturing and highlighted the pros and cons of government ownership of trusted foundries.
One of the issues that was raised repeatedly during presentations was the prohibitive cost associated with dedicated state-of-the-art foundries producing secure and reliable microelectronic components for national security systems. A few participants noted that a main reason associated with the high cost of producing these items is the relatively low volume of items required by DoD and the Intelligence Community in comparison with the commercial marketplace. More than one speaker from government and industry noted that without a reasonable market, industry will find it difficult to support a program based entirely on producing low-volume trusted components for government systems. Other participants commented that another barrier for industry support of producing low-volume trusted components for the government is the burdensome accreditation process the government uses to determine whether a potential supplier is trustworthy. For example, DMEA performs an accreditation process via a Cooperative Research and Development Agreement that allows DMEA to work with a potential supplier every 2 years. More than one participant asked the speaker from DMEA why a supplier would not want to be accredited. Several reasons were provided, including cost, return on investment, fear of not passing the screening, and the potential market share not matching a company’s business model. Yet another participant commented that, on an anecdotal level, existing trusted suppliers who were not receiving requests for trusted fabrication prior to the IBM/Global Foundries sale are now seeing an increase in inquiries as a result of the sale. Finally, concerns about the burdens on industry associated with the International Traffic in Arms Regulations, as well as the complex U.S. government acquisition and contracting process, were mentioned by more than one participant during the course of the workshop.
7 There are distinct approaches involved when it comes to testing components for security as opposed to testing them for reliability when a suspicious malicious actor is not involved.
8 U.S. Government Accountability Office, Trusted Defense Microelectronics: Future Access and Capabilities are Uncertain, GAO-16-185T, Washington, D.C., October 28, 2015.
Chapter 1 provides a broad contextual background that includes challenges related to current government policies and technological advancements in the area of secure and reliable electronic components in government national security systems. Even though attribution to individual speakers or workshop participants is not provided, this section of the report should not be seen as consensus views of the wide representation of views presented throughout the workshop. Chapter 2 goes on to describe the dialogue that occurred at the workshop, followed by Chapter 3, which provides abstracts of speaker presentations. Appendixes are provided at the end of the report and include the following items: (1) workshop terms of reference, (2) brief biographies of the workshop committee members, (3) speakers and attendees list, (4) suggested terms of reference for a follow-on study, and (5) a summary presented by Bernard Meyerson of his thoughts on the projected advancements of existing technology. This proceedings summarizes the views expressed by individual workshop participants. While the committee is responsible for the overall quality and accuracy of the proceedings as a record of what transpired at the workshop, the views contained in the proceedings are not necessarily those of all workshop participants, the committee, or the National Academies of Sciences, Engineering, and Medicine.