Buy American

John Keller, MAE

Originally Published in the October issue of MILITARY & AEROSPACE ELECTRONICS

There's a serious cyber warfare problem that may be affecting some deployed U.S. military and aerospace mission-critical embedded computing systems, and nobody really wants to talk about it.

It has to do with a computer chip no bigger than a grain of rice that's suspected of being installed by Chinese intelligence agencies on embedded servers made by San Jose, Calif.-based Super Micro Computer Inc. These tiny chips may be enabling China and other U.S. adversaries to monitor the inner workings of military computers and the data they are processing.

Super Micro embedded computing servers are now, or in the past have been in use by some of the world's largest corporations, including Amazon and Apple. They also may now, or in the past have been in use by several companies that specialize in real-time mission critical computing for military and aerospace applications.

Military Embedded Systems
A Chinese military unit designed and manufactured microchips as small as a sharpened pencil tip. Some of the chips were built to look like signal conditioning couplers, and they incorporated memory, networking capability, and sufficient processing power for an attack.

Are these Chinese spy chips actually out there today in deployed U.S. military systems at sea, on the ground, and in the air? Nobody's talking. It could be that this represents one of the biggest national security breaches in U.S. history. If it is, we need to find out how big the problem is, and how to fix it.

How could this have happened? Well, as it turns out, Super Micro designs these embedded servers in California and Taiwan, yet has them manufactured in China, where assembly lines were infiltrated and spy chips installed on some of Super Micro's high-performance computer boards. The chips are small, and it took quite a bit of doing to detect that the chips are not part of the computer boards original designs.

How many boards made it into the supply chain with the Chinese spyware? It's not clear. Exactly where were these boards installed? Also not clear, and the companies using Super Micro embedded server boards are silent on the topic.

So what's the solution? Some in industry maintain that the boards and components down to the tiniest diode and resistor that go into U.S. military systems must be made in America, and that each component and board that goes into these systems must be traceable to U.S. suppliers with approved security processes in place.

Hasn't this been happening all along, what with regulations in place like the International Traffic in Arms Regulations (ITAR)? Apparently not. What regulations are in place may have allowed one of the biggest foreign intelligence coups against U.S. national security interests ever.

"We believe the DOD [U.S. Department of Defense] should buy only American -designed, - manufactured and -owned servers from ITAR-approved American suppliers," said Ben Sharfi, chief executive officer of General Micro Systems in Rancho Cucamonga, Calif., in a commentary he wrote titled "Alleged China spy chips are another wake-up call to buy only American-manufactured servers."

Christopher Cummins, chief operating officer of Abaco Systems in Huntsville, Ala., says he agrees that buy-American is perhaps the best place to start working these problems out. Cummins penned an article titled "Cyber attack compromises trusted computing, and raises questions about industry's secure supply chain." "As an industry, our need for diligence in this area is paramount," Cummins wrote. "Abaco Systems doesn't buy in commercial products and then make them rugged after the fact; we design and build rugged into our products from the ground-up. We manufacture everything ourselves: we don't subcontract offshore."

Do Abaco Systems and General Micro Systems have their own business interests to support here? Sure ... but they also have a point. It's a lot harder for Chinese intelligence to gain access to U.S.-based assembly lines than it is for them to access contract manufacturing lines inside China.

Would there be such a risk to crucial U.S. military technology if the Pentagon had been diligent about buying all computer components only from security-certified U.S. manufacturing lines. Probably not.

No matter, though. It's imperative for the Pentagon to get to the bottom of this, determine if Chinese spyware is inside any deployed U.S. military computer systems, and rectify the problem, fast. As for the future? It seems obvious that the Pentagon needs to do a better job of relying exclusively on U.S.-manufactured computer systems.

Read the full article here.

October 30, 2018

By John Keller

MAE

 

 

 

Our Mission

Since its inception in 1979, General Micro Systems, Inc. (GMS) has been true to its mission statement: To Become the World’s Leading Technology Independent Supplier of Computing Engines, while Providing the Best Price/Performance, Quality and Customer Support, Demanded by Our Current and Our Future Customers.

All GMS products are proudly designed and manufactured in the U.S.A.

Contact Us

General Micro Systems, Inc.
8358 Maple Pl. Rancho Cucamonga, CA 91737

Local (909) 980-4863
Toll Free (800) 307-4863

General Inquiry - This email address is being protected from spambots. You need JavaScript enabled to view it.
Sales Inquiry - This email address is being protected from spambots. You need JavaScript enabled to view it.

All designs, images and logos © Copyright 2018, General Micro Systems, Inc. All rights reserved.