An official website of the United States government
Here's how you know
A .gov website belongs to an official government organization in the United States.
A lock (lock ) or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.

Press Release | July 14, 2022

NSA Publishes Guidance on Characterizing Threats, Risks to DoD Microelectronics

FORT MEADE, Md. — The National Security Agency’s (NSA) Joint Federation Assurance Center (JFAC) Hardware Assurance Lab published a report on “DoD Microelectronics: Levels of Assurance Definitions and Applications” today to characterize the threats and risks to custom microelectronic components used in Department of Defense (DoD) systems. The Cybersecurity Technical Report includes definitions and guidance on applying three levels of hardware assurance to protect applicable DoD systems.
 
NSA is part of a federation of DoD organizations that promote and enable software and hardware assurance through the Joint Federated Assurance Center. NSA JFAC, which strengthens and supports microelectronics hardware assurance for DoD programs by providing vulnerability detection, analysis and remediation capabilities, drafted the report and established the three levels of hardware assurance.
 
The introductory report in a DoD microelectronics series outlines the process for determining levels of hardware assurance for systems and custom microelectronic components, which include application-specific integrated circuits (ASICs), field programmable gate arrays (FPGAs) and other devices containing reprogrammable digital logic.

The levels of hardware assurance are determined by the national impact caused by failure or subversion of the top-level system and the criticality of the component to that top-level system. The guidance helps programs acquire a better understanding of their system and components so that they can effectively mitigate against threats.

The JFAC is available to assist DoD programs throughout this process and can be contacted at https://jfac.navy.mil (CAC-enabled website).

Read the full report here.
 
Visit our full library for more cybersecurity information and technical guidance.