Category Archives: Cybersecurity

DOD Just Beginning to Grapple with Scale of Vulnerabilitie (GAO-19-128: Published: Oct 9, 2018)

In recent cybersecurity tests of major weapon systems DOD is developing, testers playing the role of adversary were able to take control of systems relatively easily and operate largely undetected. …

More at GAO


Deliver Uncompromised: A Strategy for Supply Chain Security and Resilience in Response to the Changing Character of War

“Today, various parts of the Department of Defense (DoD) and the Intelligence Community (IC) are generally aware of cyber and supply chain threats, but intra- and inter-government actions and knowledge are not fully coordinated or shared. …
This report examines options that span legislation and regulation, policy and administration, acquisition and oversight, programs and technology. …”

More at MITRE

Supply Chain Risk Management Reliability Standards

A Proposed Rule by the Federal Energy Regulatory Commission …

The Federal Energy Regulatory Commission (Commission) proposes to approve supply chain risk management Reliability Standards CIP-013-1 (Cyber Security – Supply Chain Risk Management), CIP-005-6 (Cyber Security – Electronic Security Perimeter(s)) and CIP-010-3 (Cyber Security – Configuration Change Management and Vulnerability Assessments). The North American Electric Reliability Corporation (NERC), the Commission-certified Electric Reliability Organization, submitted the proposed Reliability Standards for Commission approval in response to a Commission directive. In addition, the Commission proposes that NERC develop and submit certain modifications to the supply chain risk management Reliability Standards.

More at

Final Report of the Defense Science Board (DSB) Task Force on Cyber Supply Chain

Attached is the final report of the Defense Science Board Task Force on Cyber Supply Chain. The task force assessed the organization, missions, and authorities that encompass the use of microelectronics and components in Department of Defense (DoD) weapons systems. Continue reading

Final Rule re: “Department of Defense (DoD)’s Defense Industrial Base Cybersecurity Activities”

“This final rule responds to public comments to the interim final rule published on October 2, 2015. This rule implements statutory requirements for DoD contractors and subcontractors to report cyber incidents that result in an actual or potentially adverse effect on a covered contractor information system or covered defense information residing therein, or on a contractor’s ability to provide operationally critical support….”

More at

Chinese man to serve U.S. prison term for military hacking

A Chinese businessman who pleaded guilty in March to conspiring to hack into the computer networks of Boeing (BA.N) and other major U.S. defense contractors was sentenced on Wednesday to nearly four years in prison, prosecutors said. …

More at Reuters

NDIA’s 7th Trusted Microelectronics Workshop will feature Ms. Kristen Baldwin, Dr. Bill Chappell, and Dr. Robert Latiff (Maj Gen, USAF, Ret.)

NDIA is pleased to announce that our seventh Trusted Microelectronics Workshop has now been expanded to two days, with the second day focused on Technology Based Solutions for Trusted Microelectronics.

Ms. Kristen Baldwin, Acting Deputy Assistant Secretary of Defense for Systems Engineering, will keynote Day 1 of our workshop with a presentation on OSD’s current and future security framework to ensure our defense systems have access to trusted technology components.

Dr. Bill Chappell, Director, DARPA Microelectronics Technology Office will keynote Day 2 with an introduction to the work being done at DARPA to explore technology based Trust solutions.

Presentations by DARPA MTO program managers and IARPA’s Dr. Carl McCants will follow Dr. Chappell’s talk on Day 2.

Dr. Robert Latiff (Maj Gen, USAF, Ret) will provide observations from the Air Force Science Board study, “Optimizing the Air Force Acquisition Strategy of Secure and Reliable Electronic Components”.

More at NDIA

NDIA’s seventh Trusted Microelectronics Workshop

NDIA is pleased to offer our seventh workshop designed to identify ways in which Trusted Microelectronics can contribute to greater systems security and information assurance. In this event we plan to continue the dialogue between government and industry on the challenges for comprehensive supply chain security management and program protection at the microelectronics level. With participation from both government and industry, our workshops have provided an effective forum for direct discussions of the challenges faced by policy makers, program managers, systems developers, and supply chain managers.

More at NDIA

What’s Really Inside? – Semiconductor Engineering

Concern is growing that devices of all types, including military hardware, may contain extra circuits or malicious code.

via Semiconductor Engineering .:. What’s Really Inside?. News Article: Carter Unveils New DoD Cyber Strategy in Silicon Valley

Defense Secretary Ash Carter today unveiled the Defense Department’s second cyber strategy to guide the development of DoD’s cyber forces and to strengthen its cyber defenses and its posture on cyber deterrence.

via News Article: Carter Unveils New DoD Cyber Strategy in Silicon Valley.