Supply Chain Security And Assurance For Critical Systems
The supply chain problems plaguing the microelectronics industry predate the COVID-19 pandemic and are due to a culmination of factors. It is increasingly difficult to secure the supply chains of all of the thousands of parts required for complex, state of the art electronic assemblies. Microelectronics are a critical backbone of the global economy, and materials change hands (and countries) many times to complete full cycle (design, fabrication, assembly). These components and systems are under threats of malicious tampering and profit-based counterfeits or swaps, which can severely hamper system functionality and useable lifetime.
Just this August, the DoD suspended delivery of the F35 due to concerns over the sourcing of raw materials to a magnet component. Attacks from malicious and well-funded actors, although smaller in number, are also of grave concern, in particular for DoD and critical infrastructure applications. The global microelectronics supply chain represents a high value target with nearly infinite attack vectors and access points for a motivated actor.
The recent CHIPS & Science Art funds efforts to repatriate key parts of the microelectronics supply chain to the US to improve access to, and security of these advanced systems. While these investments take years to come to fruition, the DoD and Defense Industrial Base are exploring several strategies to manage the interim period with ever increasing demand for secure components, and few domestic options. These strategies include the Zero Trust Framework, and Measurably Quantifiable Assurance (MQA).
Hardware assurance and supply chain security are one of Parsons’ strategic focus areas. Hardware assurance is the ability of an entity to have confidence that their materials function as intended and are free of exploitable vulnerabilities intentionally designed or inserted into the system at any point during its lifecycle.
In the wake of the 2018 SuperMicro/Bloomberg scandal, Parsons served as an investigator for a high-profile commercial client seeking Independent Verification and Validation (IV&V) of several very complex electronic systems. On the hardware side, this involved conducting destructive and non-destructive hardware teardowns to include circuit and bill of materials verification using both optical and x-ray imagery. On the firmware side, this involved firmware extraction from the chip level and verification to known-good firmware. Parsons has since evolved this offering into several pursuits, including:
PrimaShield – Streamlined Inspection, Verification, & Validation for Critical Missions
- Under current conditions, based on a risk assessment performed by the USG or other customer, some screening and quality verification may be required. This testing is generally done by a third party and represents a “demand side” testing paradigm costing the customer time and money while placing liability on the Original Equipment Manufacturer (OEM).
- PrimaShield is our “supply side” offering; a comprehensive testing and verification process used to verify a COTS/GOTS product including fully controlled delivery to the end customer. This service will result in an increase in confidence and security of a multi-tier commercial supply chain ecosystem; thus providing a level of assurance that system(s) are designed, fielded, and sustained in a manner that will reduce the likelihood and consequences of supply chain attacks.
- PrimaShield leverages our 30+ years of domain expertise in microelectronics & hardware assurance supporting the DoD/IC and commercial clients.
Rogue Parts Detection System (RPDS) – Automated software to identify PCB “defects” or tampering:
- AI-ML approach using Convolutional Neural Network to identify/classify components and features:
- Experienced hardware engineers training model for sensitive detection of wide range of “defects”.
- Identification of quality control issues, malicious additions/removals, and support “Zero Trust”/overseas manufacturing.
A phased development approach, moving from image-to-image comparisons to image-to-reference data & more, leveraging Parsons’ extensive microelectronics, hardware assurance, AI/ML, and imaging expertise.