director, Program Management, IEE
The defense supply chain has become much more global and complex over the
decades. This makes the chain of custody,
Hardware engineers should identify and track every logic-
bearing component, and work with procurement to select
components that have Defense Microelectronics Activity
(DMEA) Trusted Foundry and Trusted Supplier Status.
Additional test points may be needed to facilitate connection
of third-party analyzers for independent verification
activities such as tracing management port messages from
logic-bearing components. All configuration data and
status must be accounted for in complex devices.
Software and firmware engineers may have fewer
choices for development tools, and must work within
a more stringent development atmosphere, with
increased access control, closed networks, frequent
computer scans, and increased scrutiny of utility and
test code. The means of delivery of software and
firmware must be protected from interception and
require more effort than just electronic or physical
mail. Engineers should subscribe to, receive, review,
and act on vulnerability alerts, and be familiar with
the common vulnerability and exposures process.
Architecture and peer reviews will have an increasing
security component, and source code will be subjected
to computer analysis for common weaknesses.
Additional software and firmware design should be
considered to detect and isolate the effects of a failure
and provide persistent log data for post event analysis.
VP marketing, LDRA
There are many security challenges and considerations when designing military
electronics. Fundamentally, standalone
systems are now, for the most part, a thing of the past.
Therefore systems must be designed to collaborate
with other systems safely and securely. That means that
when designing such systems, software and hardware
engineers must work to prevent bad actors, untrusted
data, or counterfeit and ill-intentioned parts from
entering the collaborative system during design time
and runtime, including during all maintenance activities.
On the hardware side of things, securing and
authenticating the supply chain is critical. That is a
major topic all on its own. Speaking from the software
perspective, security must be planned from the ground
up. Software must be designed, analyzed, and tested in
order to prevent vulnerabilities from entering the source
code at any phase of development. Software design must
include operational authentication of the actors and the
data in the system to ensure the system can communicate
with trusted actors and operate with trusted data.
Furthermore, as additional protection, the platform
on which the software runs needs to be considered for
security purposes. The processor and operating system
must be capable of supporting safe and secure functions,
even while under attack. This may warrant quarantining
any elements of operation, i.e. software, data, and devices
that may have been compromised. These are just some of
the many challenges that engineers need to consider when
designing security into military systems of today. ECN
Our mission critical resistors know
More than 35 years and 20 billion kilometers...
Now that’s reliability.
Made in the USA.