Is it time for widely recognized industry standards for anti-tamper?
Posted by John Keller
Aerospace and defense electronics have to do much more than that simply fulfill the capabilities for which they are designed. Nowadays they also have to prove they are safe and reliable, per standards such as the FAA's DO-178B and DO-178C safety-critical software standards.
Growing trends in aerospace and defense electronics, however, mean today's designs have to do more than be safe and reliable. Now they must have provisions to prevent unauthorized tampering or disassembly in an adversary's attempt to learn their secrets.
Anti-tamper technology today is just as important as capability, reliability and safety, so isn't it time for government and industry to put their collective heads together and craft a widely recognized standard for anti-tamper?
Certainly there are government standards for adherence to encryption guidelines, such as FIPS 140-2, and the U.S. Department of Defense has begun requiring anti-tamper technology in most mission- and life-critical military systems at risk for enemy tampering.
Anti-tamper technology first became a hot issue a decade ago during the so-called Hainan Island Incident when a U.S. Navy EP-3 Aries four-engine turboprop reconnaissance aircraft was operating about 70 miles away from Hainan Island, China. In response, China scrambled jet fighters to intercept.
One of the Chinese fighters made two close passes beside the slower and less-maneuverable Navy EP-3, and started a third close pass when the fighter collided with the reconnaissance aircraft, causing the fighter to break apart and crash, and the Navy EP-3 to drop into a steep dive before its pilot regained control of the aircraft. The stricken aircraft's pilot had no choice but to land at a Chinese military base on Hainan Island.
The crew of the Navy plane was held in China for 10 days. Their aircraft and equipment were dismantled, stripped, closely examined. The Chinese were able to gain valuable intelligence data from their examination of the aircraft and its equipment. U.S. authorities never want such a thing to happen again, even though advanced U.S. military technology such as unmanned aerial vehicles (UAVs) routinely operate in risky areas where they could be shot down and examined by U.S. adversaries.
So we need anti-tamper technologies, but military procurement authorities approve them one at a time. Perhaps a more unified approach is in order. How about a guideline similar to DO-178B and DO-178C that would spell out anti-tamper standards, as well as procedures to comply with anti-tamper requirements.
Not only might such a standard help keep U.S. military secrets out of the hands of adversaries and make it easier for U.S. defense contractors to provide reliable anti-tamper technology, but such move also might spawn development of a new class of design and development tools designed to help meet anti-tamper standards, and to ensure standards compliance.
It might be worth a discussion.