Hidden hardware threatsCounterfeit chips may hobble advanced weapons

Published 30 October 2009

While most computer security efforts have until now been focused on software, tampering with hardware circuitry may ultimately be an equally dangerous threat; the Pentagon now manufactures in secure facilities run by American companies only about 2 percent of the more than $3.5 billion of integrated circuits bought annually for use in military gear

Back in June we wrote:

On 6 September 2007, a squadron of Israeli F-15s destroyed a suspected Syrian nuclear facility in north-east Syria. The sophisticated Syrian air defense system was paralyzed by a first-of-its-kind Israeli electronic warfare attack, allowing the Israeli planes to go in, attack, and come out of Syria unnoticed and unmolested (emphasis added) (11 June 2009 HSNW).

The reference to a “first-of-its-kind” means of electronic warfare (EW) had to do with a hardware-based approach to EW. In the Syrian case, it was used to good ends. Trouble is, the bad guys may also resort to it — if they have not, already.

You may not be happy with these facts: Despite a six-year effort to build trusted computer chips for military systems, the Pentagon now manufactures in secure facilities run by American companies only about 2 percent of the more than $3.5 billion of integrated circuits bought annually for use in military gear. New York Times’s John Markoff writes that this shortfall is viewed with concern by current and former U.S. military and intelligence agency executives who argue that the menace of so-called Trojan horses hidden in equipment circuitry is among the most severe threats the nation faces in the event of a war in which communications and weaponry rely on computer technology (see “Malicious Hardware May Be Next Hacker Tool,” 2 May 2008 HSNW; and “China May Have Back Door into U.S. Military Computer Networks,” 23 April 2008 HSNW).

Markoff writes that as advanced systems such as aircraft, missiles, and radars have become dependent on their computing capabilities, the specter of subversion causing weapons to fail in times of crisis, or secretly corrupting crucial data, is now haunting military planners. The problem has grown more severe as most American semiconductor manufacturing plants have moved offshore.

Increasing indigenous chip-making
Only one-fifth of all computer chips are now made in the United States, and just one-quarter of the chips based on the most advanced technologies are built here, IBM. executives say. That has led the Pentagon and the National Security Agency to expand significantly the number of American plants authorized to manufacture chips for the Pentagon’s Trusted Foundry program.

These increases notwithstanding, semiconductor industry executives and Pentagon officials say, the United States lacks the ability to fulfill the capacity requirements needed to manufacture computer chips for classified systems.

The department is aware that there are risks