NSA releases reports on protecting microelectronics from adversaries
On December 8, the National Security Agency’s Joint Federated Assurance Center (JFAC) Hardware Assurance Lab publicly released four Cybersecurity Technical Reports to help the Department of Defense protect field-programmable gate array (FPGA)-based systems from adversary influence.
The reports below were created to help secure FPGAs — a form of programmable microelectronic components — during manufacturing, acquisition, programming, and first attachment of the devices:
Field-Programmable Gate Array (FPGA) Overall Assurance Process
Outlines the process NSA JFAC used to develop threat categories and mitigations. This enables teams to mimic the same assurance work for other types of microelectronic devices.
Describes the high-level threat categories that relate to FPGA devices at each Level of Assurance. This is part of the Trusted Systems and Networks stage of the DoD Program Protection Plan.
Provides mitigations for each relevant FPGA threat category at Level of Assurance 1.
Details a methodology for performing an engineering review of third-party intellectual property that is included in an FPGA design for Trojan detection.
NSA is part of a federation of DoD organizations that promote and enable software and hardware assurance through the Joint Federated Assurance Center. NSA JFAC, which strengthens and supports microelectronics hardware assurance for DoD programs by providing vulnerability detection, analysis, and remediation capabilities, drafted the report as follow up to its introductory guide, “DoD Microelectronics: Levels of Assurance Definitions and Applications.”
The JFAC is available to assist DoD programs throughout this process and can be contacted through https://jfac.navy.mil (CAC-enabled website). The reports will also be posted there.
Help IC News continue to bring you breaking news from across the IC and IC contracting landscape. Join our paid subscribers today.