A consortium of researchers dedicated to improving the understanding of the human causes and consequences of terrorism

START co-hosts workshop on the security of critical system supply chains

START co-hosted a National Service Foundation (NSF)-sponsored workshop titled “Safeguarding Critical System Supply Chains Against Compromise” with the Center for Advanced Life Cycle Engineering (CALCE), the Applied Research Laboratory for Intelligence and Security (ARLIS), the School of Public Policy and the Maryland Center of Excellence for Sustainment Sciences (MChESS) at START Headquarters this month.

Panelists included START Unconventional Weapons and Technology (UWT) Director Steve Sin, and University of Maryland (UMD) Department of Mechanical Engineering Professor and Project Investigator Peter Sandborn, among others from UMD, Lockheed Martin, The MITRE Corporation, the National Institute of Standards and Technology (NIST) and more.

Critical systems are considered to be those systems associated with human safety (such as transportation and medical services), the delivery of critical services (such as infrastructure and energy generation), global economic stability and important humanitarian and military missions.

 “We put critical systems in the title of this workshop because they’re the sort of systems we’re interested in. We're not interested in cell phones,” Sandborn said. “We're interested in the systems that are in airplanes, in military systems, and infrastructure. These systems that are really expensive to procure and have to last a really long time.”

The risk of supply chains being compromised is a significant problem for critical systems, due to the systems’ long manufacturing and support life. Compromise of a system component means that its content, function, quality and/or reliability has been modified in some way (either with or without malicious intent) to be something other than what the system was designed for.

“There are lots of kinds of compromise and we're interested in understanding how to mitigate the risks of compromised parts ending up in critical systems,” Sandborn said.

The workshop was the last of four workshops developed by the project team with the support of an NSF planning grant focused on disrupting the operations of illicit counterfeit part supply networks.

“The workshop was amazing and one of the best I've attended,” START Geospatial Research Unit (GRU) Director Marcus Boyd said. “I think we have a terrific amount of stuff to work with.”

This workshop in particular focused on the unique issues posed by compromised components (hardware, material, software, data, algorithms, supply chains, governance and humans), and how those issues can be predicted and mitigated.

Participants included academics, industry practitioners and stakeholders from the critical systems community whose concern is disruption and compromise of the technology and supply chain for critical systems.