DoD Microelectronics Guidance

Overview

NSA is part of a federation of Department of Defense (DoD) organizations that promote and enable software and hardware assurance through the Joint Federated Assurance Center. NSA JFAC, which strengthens and supports microelectronics hardware assurance for DoD programs by providing vulnerability detection, analysis and remediation capabilities, drafted the reports and established the three levels of hardware assurance.

The introductory report outlines the process for determining levels of hardware assurance for systems and custom microelectronic components, which include application-specific integrated circuits (ASICs), field programmable gate arrays (FPGAs) and other devices containing reprogrammable digital logic.

The levels of hardware assurance are determined by the national impact caused by failure or subversion of the top-level system and the criticality of the component to that top-level system. The guidance helps programs acquire a better understanding of their system and components so that they can effectively mitigate against threats.

The JFAC is available to assist DoD programs throughout this process and can be contacted through https://jfac.navy.mil (CAC-enabled website).

JFAC Hardware Assurance Lab Cybersecurity Technical Reports

ImageTitlePublication Date
 CTR: DoD Microelectronics: Levels of Assurance Definitions and ApplicationsCTR: DoD Microelectronics: Levels of Assurance Definitions and Applications7/14/2022
 CTR: DoD Microelectronics: Field Programmable Gate Array Best Practices – Threat CatalogCTR: DoD Microelectronics: Field Programmable Gate Array Best Practices – Threat Catalog12/8/2022
 CTR: DoD Microelectronics: Field Programmable Gate Array Level of Assurance 1 Best PracticesCTR: DoD Microelectronics: Field Programmable Gate Array Level of Assurance 1 Best Practices12/8/2022
 CTR: DoD Microelectronics: Field Programmable Gate Array Overall Assurance ProcessCTR: DoD Microelectronics: Field Programmable Gate Array Overall Assurance Process12/8/2022
 CTR: DoD Microelectronics: Third-Party IP Review Process for Level of Assurance 1CTR: DoD Microelectronics: Third-Party IP Review Process for Level of Assurance 112/8/2022
 CTR: DoD Microelectronics: Third-Party IP Review Process for Level of Assurance 2CTR: DoD Microelectronics: Third-Party IP Review Process for Level of Assurance 22/27/2023
 CTR: DoD Microelectronics: Field Programmable Gate Array Level of Assurance 2 Best PracticesCTR: DoD Microelectronics: Field Programmable Gate Array Level of Assurance 2 Best Practices2/27/2023
 CTR: DoD Microelectronics: Field Programmable Gate Array Level of Assurance 3 Best PracticesCTR: DoD Microelectronics: Field Programmable Gate Array Level of Assurance 3 Best Practices6/29/2023
 CTR: DoD Microelectronics: Third-Party IP Review Process for Level of Assurance 3CTR: DoD Microelectronics: Third-Party IP Review Process for Level of Assurance 36/29/2023
 CTR: DoD Microelectronics: Field Programmable Gate Array Level of Assurance Quick Start GuideCTR: DoD Microelectronics: Field Programmable Gate Array Level of Assurance Quick Start Guide10/6/2023
 CTR: DoD Microelectronics: NSA Evaluation of Commercially  Available Embedded FPGAsCTR: DoD Microelectronics: NSA Evaluation of Commercially Available Embedded FPGAs12/4/2023
Page 1 of 1