National Academies Press: OpenBook
« Previous: Conclusions
Suggested Citation:"Summary of Findings and Recommendations." National Academies of Sciences, Engineering, and Medicine. 2019. The Growing Threat to Air Force Mission-Critical Electronics: Lethality at Risk: Unclassified Summary. Washington, DC: The National Academies Press. doi: 10.17226/25475.
×
Page 50
Suggested Citation:"Summary of Findings and Recommendations." National Academies of Sciences, Engineering, and Medicine. 2019. The Growing Threat to Air Force Mission-Critical Electronics: Lethality at Risk: Unclassified Summary. Washington, DC: The National Academies Press. doi: 10.17226/25475.
×
Page 51
Suggested Citation:"Summary of Findings and Recommendations." National Academies of Sciences, Engineering, and Medicine. 2019. The Growing Threat to Air Force Mission-Critical Electronics: Lethality at Risk: Unclassified Summary. Washington, DC: The National Academies Press. doi: 10.17226/25475.
×
Page 52
Suggested Citation:"Summary of Findings and Recommendations." National Academies of Sciences, Engineering, and Medicine. 2019. The Growing Threat to Air Force Mission-Critical Electronics: Lethality at Risk: Unclassified Summary. Washington, DC: The National Academies Press. doi: 10.17226/25475.
×
Page 53
Suggested Citation:"Summary of Findings and Recommendations." National Academies of Sciences, Engineering, and Medicine. 2019. The Growing Threat to Air Force Mission-Critical Electronics: Lethality at Risk: Unclassified Summary. Washington, DC: The National Academies Press. doi: 10.17226/25475.
×
Page 54

Below is the uncorrected machine-read text of this chapter, intended to provide our own search engines and external engines with highly rich, chapter-representative searchable text of each book. Because it is UNCORRECTED material, please consider the following text as a useful but insufficient proxy for the authoritative book pages.

Summary of Findings and Recommendations The committee distilled its findings into several recommendations based on examination of evidence gleaned from the best practices observed in the commer- cial world, sectors of the U.S. government, and the defense industry. These recom- mendations highlight necessary steps for the U.S. Air Force (USAF) to improve acquisition and sustainment of mission-critical electronics needed for the war- fighter. The committee is cognizant that the challenges facing the USAF to ensure that the electronic components in its weapon systems are both secure and reliable are daunting and will require considerable attention from the highest levels of the organization; the committee believes that the following recommendations are achievable and constitute an important and necessary foundation to build upon. LEAD SUPPLY CHAIN RISK MANAGEMENT FROM THE TOP Finding: Delegating supply chain risk management (SCRM) to the program offices results in costly duplication of effort and nonuniform implementation of policy and practices, and presents yet another threat vector. Finding: The threat to USAF microelectronic components spans the entire life cycle of USAF weapon systems. Understanding both security and reliability of the system starts at the earliest stages of research and design and impacts every acquisition decision from system development to sustainment of the platform. Currently, each phase of the life cycle is organizationally distributed across the USAF. 50

Summary of Findings and R e c o m m e n dat i o n s 51 Finding: An effective SCRM program requires a robust information protection strategy that spans all stages of the weapon system to ensure the protection of program information relating to critical technologies and capabilities. Recommendation: The USAF must authorize, implement, and monitor at the highest level of the organization for supply chain risk management (SCRM) to be effective. Finding: The committee believes that the responsible organization should be the Air Force Materiel Command (AFMC), given its responsibility for the Air Force Research Laboratory (AFRL), Air Force Life Cycle Management Center (AFLCMC/EN), and Air Force Sustainment Centers (AFSCs), as well as its geographical relationship with the National Air and Space Intelligence Center (NASIC). Recommendation: The USAF should establish a central office—the Program Protection Office—that has the responsibility and authority to implement a holistic approach to protecting program information across the acquisition enterprise that includes an integrated supply chain threat assessment and risk management program—from research and development (Air Force Research Laboratory, AFRL), through acquisition (Office of the Assistant Secretary of the Air Force for Acquisition, Technology, and Logistics, SAF/AQ), to sustain- ment (Air Force Materiel Command, AFMC). The Air Force Office of Special Investigations (AFOSI) Program Protection Office is a critical component of this new office. Recommendation: The USAF Program Protection Office must have unfettered access to program office vulnerability information and risk mitigation plans; must be able to direct the use of red teams to proactively probe and identify risks; must establish enforceable rules for protecting program information at all stages of the program; must have the authority to hold program managers account- able for implementation of threat mitigation actions; and must be resourced to develop gold standard risk supply chain assessment tools that are incorporated into the program protection plans. CAPITALIZE ON U.S. GOVERNMENT-LEVEL MODERNIZATION EFFORTS Finding: The whole-of-government is working to improve onshore electronics capabilities in programs such as the Microelectronics Innovation for National Security and Economic Competitiveness (MINSEC). If successful, these efforts may mitigate the risks associated with access to critical components and pace of technology development. The USAF can implement the underlying programs in

52 Lethality at Risk MINSEC to improve provenance controls, protect critical program information (CPI) from nontrusted suppliers, and improve security of components in sustain- ment programs. Recommendation: The USAF should be an early adopter for U.S. government- level programs that are focused on improving capability concurrently with in- creasing security and reliability in weapon systems. Recommendation: The USAF should work closely with the Microelectronics Innovation for National Security and Economic Competitiveness (MINSEC) program to help to inform decisions on creating, evolving, and maintaining a Department of Defense-specific, trusted, and verified electronic components library repository. Subsequently, once obsolete or compromised components are identified, this effort will inform modernization requirements to reduce the threat landscape and increase resilience into the future. DEVELOP USAF-LEVEL SUSTAINMENT PROCESS Finding: The USAF can leverage commercial best practices to improve the security posture in the design and manufacturing stages of leading-edge electronic com- ponents for new weapon systems; however, sustainment time frames for USAF weapon systems are unique and, therefore, must be the focus of the USAF. Recommendation: Because many of the legacy platforms employ similar elec- tronic components and share an already fragile supply chain, the USAF should develop an enterprise-wide vulnerability assessment and risk management capa- bility to better share information across the program offices in a timely fashion. Recommendation: The USAF should implement a platform-by-platform review of critical electronic components and work with the Joint Federated Assurance Center or similar Department of Defense organization to ensure a secure and trusted supply of critical components for all sustainment programs. EMPLOY SYSTEM-LEVEL OPERATIONAL SECURITY Finding: One of the easiest and most cost-effective ways to aid the adversary and weaken USAF mission effectiveness is to allow insight into U.S. capabilities and operations. Finding: Poor operational security (OPSEC) practices expose critical USAF elec- tronics and weapon systems information to risk. These include undesirable practices

Summary of Findings and R e c o m m e n dat i o n s 53 such as making readily available unprotected program protection plans (PPPs), allowing electronics to be designed on Internet-connected computers, and the open publication of critical weapon system parts lists and processes. Many of these practices are intended to support contracting “best practices” such as full and open competition. However, this behavior enables the adversary to steal or exfiltrate critical program information (CPI) from unsecured information technology (IT) systems with little to no effort. Poor OPSEC is especially damaging because once the information is obtained, it then allows the adversary to expend as much time as needed to identify exploitable vulnerabilities—often before the weapon system has even been fielded. Finding: Protecting program information must be a priority at all stages of the acquisition life cycle. Finding: This level of security awareness must extend beyond acquisition of new weapon systems and be used to inform acquisition approaches for legacy platforms in sustainment. Recommendation: The USAF must enforce existing operational security (OPSEC) policies across the entire weapon system life cycle—from initial design to sustain- ment of existing systems—and as new threats emerge, promulgate new policies throughout the enterprise to protect USAF weapon systems. Recommendation: The USAF should adopt secure design environments and methodologies by ensuring that mission-critical design activities are performed only in secure design environments, with licensed and vetted design tools and intellectual property libraries. All components should incorporate “assured-by- design” strategies. Recommendation: Early in the design process, the USAF should proactively as- sess what electronic components will require a trusted fabrication and packaging capability and then develop acquisition and sustainment strategies to support those requirements. The acquisition strategy should also consider technology obsolescence as a risk to the program and incorporate options for technology modernization. EXPAND SUPPLY CHAIN MONITORING Finding: The Air Force Office of Special Investigations (AFOSI) has the responsi- bility to monitor and investigate threats to the microelectronics supply chain. The AFOSI Program Protection Office does not have sufficient resources (funding or

54 Lethality at Risk manpower) to move toward a proactive stance to protect USAF systems. Staffing limitations hinder AFOSI’s ability to identify threats to supply chains in time to have operational relevance. Finding: Additional training and subject matter expertise for SCRM are needed within the USAF program and sustainment offices that support the technical com- plexities of the weapon system. Recommendation: The USAF should increase funding and staffing of the Air Force Office of Special Investigations (AFOSI), and related investigative efforts, to move from a reactive to a proactive threat assessment and risk management posture. Recommendation: The USAF should ensure that sustainment personnel have access to the same supply chain risk management training and threat intelligence as the acquisition community. IMPLEMENT PROGRAM INFORMATION PROTECTION PROGRAM (SYSTEMSECURE) Finding: The USAF does not have a culture of proactive security assurance that em- phasizes protecting program information at all stages of the acquisition life cycle. Recommendation: Analogous to the U.S. Navy’s Submarine Safety Program (SUBSAFE) and the newly created Cybersecurity Safety Program (CYBERSAFE), the USAF should establish a “SystemSecure” program. SystemSecure should focus on increasing awareness across the USAF on the need for aggressive pro- tection of program information, including proactive supply chain monitoring and remediation whenever risks are identified.

Next: Appendixes »
The Growing Threat to Air Force Mission-Critical Electronics: Lethality at Risk: Unclassified Summary Get This Book
×
Buy Paperback | $60.00
MyNAP members save 10% online.
Login or Register to save!
Download Free PDF

High-performance electronics are key to the U.S. Air Force’s (USAF’s) ability to deliver lethal effects at the time and location of their choosing. Additionally, these electronic systems must be able to withstand not only the rigors of the battlefield but be able to perform the needed mission while under cyber and electronic warfare (EW) attack. This requires a high degree of assurance that they are both physically reliable and resistant to adversary actions throughout their life cycle from design to sustainment.

In 2016, the National Academies of Sciences, Engineering, and Medicine convened a workshop titled Optimizing the Air Force Acquisition Strategy of Secure and Reliable Electronic Components, and released a summary of the workshop. This publication serves as a follow-on to provide recommendations to the USAF acquisition community.

  1. ×

    Welcome to OpenBook!

    You're looking at OpenBook, NAP.edu's online reading room since 1999. Based on feedback from you, our users, we've made some improvements that make it easier than ever to read thousands of publications on our website.

    Do you want to take a quick tour of the OpenBook's features?

    No Thanks Take a Tour »
  2. ×

    Show this book's table of contents, where you can jump to any chapter by name.

    « Back Next »
  3. ×

    ...or use these buttons to go back to the previous chapter or skip to the next one.

    « Back Next »
  4. ×

    Jump up to the previous page or down to the next one. Also, you can type in a page number and press Enter to go directly to that page in the book.

    « Back Next »
  5. ×

    To search the entire text of this book, type in your search term here and press Enter.

    « Back Next »
  6. ×

    Share a link to this book page on your preferred social network or via email.

    « Back Next »
  7. ×

    View our suggested citation for this chapter.

    « Back Next »
  8. ×

    Ready to take your reading offline? Click here to buy this book in print or download it as a free PDF, if available.

    « Back Next »
Stay Connected!