President's Commentary: Don't Get Too Cocky About Defense Electronics
Every modern military today owes a major portion of its capabilities to electronics-based technologies that have automated or improved warfighting capabilities. Defense electronics have promoted and driven a revolution in military affairs that shows no signs of abating, and their impact is likely to increase in the coming years. Further, commercial electronic technologies are taking an ever-expanding role in the national security market. But this revolution brings with it potential hazards that go beyond conventional threats.
The latest defense-electronics-based capabilities have permitted significant reductions in the size and weight of many key components. The result is increased mobility and enhanced flexibility for the force. Future developments will continue to give forces even greater ability to move quickly with a decreased logistics footprint and increased lethality. Sensors will be smaller, less obtrusive and networked. Even power supplies will reduce in size as electronic components continue to shrink and become more efficient and consume less fuel. Smaller components across the logistics field will support more flexible and highly mobile system configurations as missions evolve.
Other key technologies under development include smaller, lighter weight batteries with extended life, which will be essential for powering battlefield electronics and enabling improved logistics support. Antennas will have to be designed that promote instantaneous shifting between frequency bands while simultaneously maintaining connectivity. Small-scale, rapid-launch satellites will benefit further from advanced defense electronic technologies.
But inherent in many of these of these technologies and components is their offshore production. Many defense electronics feature components that originate in foreign countries. This overseas origin leaves them vulnerable to malicious activity, in terms of both deliberate sabotage and from profiteering through counterfeit and unreliable parts.
The theft of intellectual property tied to many of these electronics has become pervasive. U.S. defense electronics often depend on nation-states or manufacturers who are not always like-minded with the United States or its allies. The result could be end items with vulnerabilities ranging from reduced reliability to guaranteed failure at a time of choosing by an adversary wielding malicious influence on the supply chain.
These vulnerabilities have wide-ranging implications. Though not limited to communications and networks, malware, either embedded or as an appliqué, could change the parameters of many critical systems. Take for example, a radar for a fire control system. With the surreptitious insertion of malicious software, it might mischaracterize an inbound attack in terms of speed, altitude or azimuth—readings that are slightly different from true readings. This could result in defensive measures that would be directed inaccurately, thus allowing the incoming enemy warhead to strike its target unimpeded.
This ill effect could be delivered in any number of ways. The malware that enables misleading location data could be in a GPS receiver, for example, or in a timing component, causing a device or network to lose vital synchronization or control data. With malicious software, this type of degradation could be set to occur at a specific time or degree of usage, and it could be subtle or sudden.
Additionally, any number of vulnerabilities could be placed virtually anywhere throughout the supply chain, causing the delivery of the wrong component parts or sending parts to the wrong destination. Mitigating or stopping this will require a systematic approach instead of the spot solutions that tend to predominate today.
But realistically, the magnitude of the challenge is too broad, complex and expensive to secure every electronic component effectively. Instead, every mission-critical system requires a risk mitigation strategy. This might entail providing a backup system or even enabling the use of a replacement capability different than the one that is sabotaged. Recently, redundancy and effectiveness in communications has given way to efficiency, which tends to build in single points of failure. That trend must be reversed.
Research continues into techniques that will effectively detect systematic software problems, and sensors that will identify when a component isn’t behaving properly. Further, artificial intelligence and machine learning provide the promise of generating indicators of system malfeasance. The new and more complex technologies that come with greater vulnerabilities also may offer potential solutions to mitigating or even preventing internal problems.
As electronics rose to prominence in military activities, officials recognized the vulnerabilities that came with their improved capabilities. But careful eyes largely focused on the threat to capabilities. Now, the biggest threat may be inherent in the defense electronics themselves. Caution is not the final word here; action is.