DoD hell-bent on keeping non-kosher parts out of the system

An apocryphal federal acquisition story goes something like this. NASA launches a $50 million satellite. On reaching orbit, it goes wildly out of control and ends up burning in the atmosphere before crashing to earth. After painstakingly examining the disaster, engineers trace it to a faulty $1 relay. They demand an answer from the supplier. “No problem,” the supplier says. “We’ll send you a new relay — no charge.”

This is what the Defense Department is trying to avoid as it layers on rules for counterfeit parts. Specifically for keeping them out of the systems it buys from OEMs. The first rule came out in 2014. The 2012 National Defense Authorization Act required DoD to take steps to keep counterfeit, faulty or reworked parts out of its supply chain. DoD buys parts as systems ranging from PCs to JDAM missiles.  It also buys spare parts from manufacturers and distributors to keep old platforms running.

Parts can be anything that conducts electricity. For example, integrated circuits, subassemblies, or connectors. All those little things you see when the TV falls off the wall and splits open. The basic point of the rule is that suppliers have the ability to certify that only legit parts make it into their systems.

Attorney Chris Myers of Dentons talked to me about the amended rule. He says it fills gaps in the original rule, which went live in May of last year. The current rule only covers primes subject to Cost Accounting Standards. Myers points out the expanded rule, still open for comment, include all primes and subcontractors.

For industry, the so-called gray market in electronic parts has been a bugaboo for decades. Gray marketers may be legitimate resellers operating honestly but without letters of supply from OEMs, which would make them “dealers.” An important distinction for DoD. Or they may traffic in rejected, stolen, or counterfeit parts. If you’re buying a distributor cap for that old Plymouth Slant-6, it probably won’t matter if lacks the Mopar seal. If you’re buying a MIL-DTL-38999 connector exposed to the elements in an aircraft landing apparatus, if better be genuine Amphenol or whatever. Counterfeit aircraft connectors have popped up repeatedly over the years. They look like the real McCoy, but don’t perform like it.

ICs carry more risks. Sourced from foreign countries, they can contain malicious embedded code. They can be fabricated to appear pin-compatible with legitimate parts and sport forged labels. They might come in faulty packaging that doesn’t protect the chip inside. A healthy black market exists for stolen parts in which they make their way into the gray market. Santa Clara County, California — home to the Silicon Valley by which the Defense Department is star-struck — even houses a multi-jurisdictional team called REACT, Regional Enforcement Allied Computer Team, to deal with high-tech theft.

As Myers points out, contractors must either produce the letter of supply or else demonstrate a risk-based process for ensuring only kosher parts. He also notes, a third rule is coming to address in more detail how contractors can audit their suppliers to  be able to deem them trusted.

Luckily, a commercial process for this very issue already exists.  Aerospace Standard 5553 . It’s not referenced in the federal register listing of the proposed new rule.  But it ought to provide a solid platform from which DOD and its supply chain can launch efforts to keep bad parts out of national security systems.

Comments

Sign up for breaking news alerts