Legislation and regulatory requirements and standards gaps continue to present aerospace & defense industry and US government users with significant implementation challenges with respect to counterfeit part avoidance and detection. The counterfeit parts issue is similar to the lead-free electronics issue in that regulations drive the need for standards, but technical challenges and supply chain limitations must be recognized so that reasonable and implementable regulations and policies are developed in response to the threat. Though many of these challenges have been discussed in Industry and Government forums and described in trade literature and the media, many remain unresolved.
The US Department of Defense recently released DoD Instruction 5200.44 directing department programs to manage supply chain risk to protect against nation state sponsored sabotage, subversion, or exploitation of system design vulnerabilities; and to protect against products containing counterfeit components or malicious functions. DoD has also been pursuing regulatory activity to implement section 818 of NDAA for 2012. DoD should consider a number of standards gaps and implementation issues as it proceeds with policy development and rule making.
I have observed from several conferences, workshops, meetings and discussions with DoD thought leaders that DoD will encourage the use of industry standards and capabilities to support its Supply Chain Risk Management efforts. While much has been accomplished in recent years toward developing standards for counterfeit prevention, significant gaps remain and a higher order strategy is needed to establish priorities and to focus limited resources in further standards development. Issues concerning standards coverage include the following:
High level QMS coverage and Accreditation /Certification programs
The presence of requirements in QMS standards and associated certification programs would encourage implementation a robust counterfeit avoidance program throughout the supply chain. Organizations involved in maintaining key US and international QMS standards, however, have yet to embed these requirements into QMS standards and supplier certification programs. The integration of counterfeit prevention into mainstream QMS standards is key to driving implementation throughout the supply chain.
Alignment Between Standards Used by Lower Level Suppliers vs Primes / Upper Tiers
A standards gap analysis revels that significant coverage exists in lower level standards for electronic parts, but very limited coverage exists for lower level standards for other parts and materials. Furthermore, standards committees are pursuing changes to newly released standards in order to address unresolved issues. In the interim, government and industry will need to bridge implementation gaps by establishing subject matter expertise to select and specify counterfeit prevention practices, and by monitoring execution of these practices throughout the supply chain.
Lower Level Supplier Capabilities
Standards committees continue to face major challenge in balancing effective counterfeit avoidance and detection requirements and addressing the limited capabilities of lower level suppliers, particularly small businesses. In some cases, standards committees set the level of minimum requirements based on the committee’s current level of confidence in the abilities of Independent Distributors and “Brokers”, recognizing that the electronic component consumers will need to bridge gaps left behind in order to prevent counterfeits from entering the DoD supply chain.
Requirements for Items Other Than Electronic Components
The most specific direction published by DoD to date concerning counterfeit prevention appears within a memo on “Overarching DoD Counterfeit Prevention Guidance”. While this memorandum responds to elements of NDAA2012§818, the scope of this guidance extends beyond electronic parts. While significant coverage exists in standards for electronic parts, very limited coverage exists for other parts and materials. A new standard has been developed to address “counterfeit materiel” (SAE AS6174 Counterfeit Materiel; Assuring Acquisition of Authentic and Conforming Materiel), but several industry subject matter experts believe this standard lacks sufficient implementation guidance, clear direction and focus to help industry and government implement meaningful and effective counterfeit avoidance policies and risk management approaches.
Counterfeit Avoidance and Detection Implementation Issues
A number of challenges that aerospace & defense industry and US government users face pertain to significant implementation issues associated with NDAA2012§818. A number of these issues affect standards activity and need to be addressed to avoid potential conflicts, focus limited resources and drive implementation at appropriate levels within the DoD supply chain. Some of the remaining implementation issues include the following:
Definitions: “Counterfeit” vs “Suspect Counterfeit” vs “Fraudulent” vs “Used represented as new”
NDAA2012§818 calls for DoD to define several key terms associated with policy and forthcoming regulations for counterfeit parts avoidance and detection implementation. Definitions for “counterfeit” and “suspect counterfeit” are key to implementation expectations. NDAA2012§818 expects “used represented as new” to be included in DoD’s definition of counterfeit part. New industry standards, however, present conflicts and implementation implications that must now be addressed. Questions also remain concerning treatment of “counterfeit” versus “fraudulent” parts.
“Trusted / Trustworthy Supplier” Criteria
NDAA2012§818 calls for DoD to require a preference for the use of “trusted suppliers”. The use of the term “trusted supplier” within NDAA2012§818 is an unfortunate choice of words on the part of Congress. It’s use here differs significantly from its current use with respect to the “DoD Trusted Foundry Program” and DoD thought leaders are considering the term “trustworthy” for the context described within NDAA2012§818. DLA recently introduced the term “trusted source” which, as written, appears to put OCMs, authorized suppliers and qualified independent distributors on equal footing. A number of recommendations have been offered concerning criteria for trusted suppliers and the level of diligence necessary depending on the category of suppliers included within DoD’s definition of “trusted” or “trustworthy supplier” as well as considerations when partnering with small business. It has also been acknowledged among industry subject matter experts that criteria for the term “authorized supplier” (on which the definition of “trusted” or “trustworthy supplier” depend) needs further attention from the standards community. Resolving these definitions and criteria is key to effective counterfeit avoidance implementation.
Risk Assessment Methodology
NDAA2012§818 calls for DoD to implement a risk-based approach to minimize the impact of counterfeit electronic parts or suspect counterfeit electronic parts. While DoD Instruction 5200.44 provides a framework within Program Protection Planning activity, a number of considerations need to be addressed in order to support a risk management process designed to address the counterfeit parts threat.
Obsolescence Management is key to reducing the likelihood of having to purchase parts through riskier supply chains. DoD programs, however, are often constrained regarding their ability to support and fund approaches to eliminate the use of obsolete components. If obsolete electronic parts are not eliminated from equipment designs, continued production and maintenance of the equipment will remain vulnerable to counterfeits. Risk assessments should weigh the consequences of a counterfeit part quality escape and the cost and time to necessary to mitigate them versus the cost and time needed to eliminate obsolete parts from equipment designs.
Counterfeit Prevention for COTS hardware
The use of commercially available off-the-shelf (COTS) equipment and assemblies presents a number of challenges to implementing counterfeit avoidance requirements. A COTS original equipment manufacturer (OEM) will frequently advise its customers that the best way to avoid counterfeits of its finished products is to purchase them directly from the OEM or its authorized dealer. The same COTS OEM, however, may not divulge its own practices to prevent counterfeit parts from finding their way into their own products and may not accept flow downs from customers dictating procurement, reporting and remediation requirements. Counterfeit part avoidance implementation should consider the practice of purchasing commercially available off-the-shelf products containing electronic parts directly from the OEM or its authorized dealer while adapting to the limited ability of DoD procurement organizations and contractors to influence the COTS OEM’s business practices.
Allowable vs. Unallowable costs
NDAA2012§818 specifies that revised regulations are to provide that “the cost of counterfeit electronic parts and suspect counterfeit electronic parts and the cost of rework or corrective action that may be required to remedy the use or inclusion of such parts are not allowable costs under Department contracts”. Further clarity is needed to identify the scope of activities where costs are allowable versus those activities where the costs are not allowable. It is the current understanding of many defense contractors that costs incurred associated with activities to prevent counterfeits from entering DoD’s supply are allowable costs, particularly those activities that form a part of a company’s business processes associated with counterfeit prevention. Examples would include:
- price differential for parts acquired from OCMs or authorized distributors vs. a potentially lower priced part from a broker
- costs for “inspection, testing and authentication” to prevent counterfeits from entering the DoD supply chain
- costs associated with contractor vetting and audits of part suppliers and subcontractors and their business systems associated with counterfeit prevention
- costs associated with customer vetting and audits of contractor business systems associated with counterfeit prevention
The scope of “rework or corrective action” needs to be addressed to understand how far reaching costs to remedy a counterfeit part quality escape will be (“For want of a nail…”).
Collaboration between Government and Industry is key to addressing standards gaps and resolving implementation issues. Furthermore, a higher order strategy is needed to exploit synergies between and among Industry, academic research and US Government activities; and to drive standards implementation throughout the supply chain.
For further reading…
Other essays appearing in this blog describe some of the fine points of the issues identified above primarily from an engineering and product integrity perspective. The recent white paper published by the ABA’s Task Force on Counterfeit Parts discusses some of these issues from a legal and contract management perspective.