Debra Eggeman, Administrative Technical Specialist, NSWC Crane

Abstract: The JFAC, established in 2014, created a central organization to coordinate assurance activities throughout DoD. Hardware Assurance in this context is about establishing evidence that a product is free of vulnerabilities, both intentional and unintentional. The JFAC is focused on independent verification and validation (IV&V), including Supply Chain Risk Management (SCRM) and counterfeit prevention with an emphasis on the activities of DoD program managers and the industry partners that support programs. A central part of this is defending against malicious actions in the supply chain which may taint products.

For DOD, the highest rates of malicious actions in the supply chain occur in the sustainment where high rates of obsolescence have resulted in extensive counterfeiting. The JFAC is positioned to provide subject matter expertise to the DoD community on how to cost effectively prevent counterfeiting. The JFAC is also working to be able to do analysis of suspect counterfeit parts to determine whether counterfeits are being deliberately introduced into the supply chain. Based on this analysis the JFAC will assist program managers and industry partners with guidance and capabilities to defend against these malicious actions.

This talk will provide an overview of the JFAC mission, organization, business models and services. In particular, the National Defense Authorization Act (NDAA) for Fiscal Year 2016, Section 238, mandated that the Secretary of Defense conduct "a hardware assurance study to assess the presence, scope, and effect on Department of Defense operations of counterfeit electronic parts that have passed through the supply chain of the Department and into fielded systems." For that study the JFAC assessed suspicious counterfeit parts to identify whether those parts were supplied with malicious intent. The results of that study, which has been delivered to Congress, will be discussed.