By COLIN CLARK
WASHINGTON: If Chinese together with Russian spies receive got been doing their jobs well, they powerfulness good receive got been able to compromise some of America’s most of import satellites, including the missile launch detection birds known every bit SBIRS. A study out today from the Pentagon’s Inspector General says that Air Force Space Command’s failure to safeguard its provide chain way that “an adversary has chance to infiltrate the Air Force Space Command provide chain together with sabotage, maliciously innovate an unwanted function, or otherwise compromise the blueprint or integrity of the critical hardware, software, together with firmware.”
“This is genuinely an audit study on whether AFSPC complied alongside the DoD provide chain adventure management policy, together with clearly at that topographic point were issues. It is of import to annotation that simply because proper policy together with procedures were non followed does non necessarily hateful that the organisation was genuinely compromised.”
But Harrison says that doesn’t allow Space Command off the hook:
“That beingness said, nosotros rely on these satellites to abide by missile launches together with queue our missile defense forcefulness systems. SBIRS is amid the most of import armed forces infinite systems nosotros have, together with the thought that these satellites are at higher adventure of beingness compromised—or may receive got already been compromised—is disconcerting. This is even then some other dark pump for the Air Force’s management of infinite acquisitions, together with it volition probable increase calls to transfer responsibleness for programs similar this to a new, independent service.”
Here’s what the IG found:
“Air Force Space Command did non convey the steps together with flora the controls together with oversight necessary to:
conduct a thorough criticality analysis together with position all critical components together with associated suppliers to grapple risks to the organisation throughout its lifecycle;
submit consummate together with accurate requests to deportment threat assessments of critical ingredient suppliers;
require the buy of all application-specific integrated circuits from trusted suppliers using trusted processes that are accredited; or
ensure the work of rigorous examination together with evaluation capabilities, including developmental, acceptance, together with operational testing
“In addition, our express review of 3 other Air Force Space Command critical systems revealed concerns similar to those found alongside the Space Based Infrared System provide chain adventure management.”
Congress is unlikely to live on pleased together with some volition for certain work this finding to press harder alongside their colleagues to brand a Space Force together with Space Command a reality sooner rather than later.
“The electrical flow organisation is wasting billions of dollars together with failing to deliver capability to the warfighter,” Reps. Mike Rogers together with Jim Cooper, the travel past times 2 lawmakers on the House Armed Services strategic forces subcommittee. said inward a controversy inward August final year. “Our adversaries receive got already reorganized their infinite programs together with are reaping the benefits. Those who proceed to oppose reform take away to explicate to the warfighter, the American people, together with their elected representatives how the condition quo is acceptable.”
The vice commander of Air Force Space Command Space together with Missile Systems (SMC) agreed alongside the IG’s recommendations on how to fix the problems found inward the IG’s audit.
Here’s what SMC said it volition do. Bear inward heed this way they likely haven’t done it yet:
“conduct a criticality analysis to accurately position together with compile a parts listing for all critical components;
“produce a critical components listing that includes the intermission downwards for all logic-bearing devices to the ingredient score together with provide them alongside a asking for data that includes all fundamental data necessary to deportment threat assessments of critical item suppliers;
“use the supplier threat assessment reports to create upwards one's heed the adventure posture together with position potential mitigations for application specific integrated circuits non procured from a trusted supplier using trusted processes that are accredited; and
“incorporate modernized requirements together with verification processes to ensure the safety of the computer program together with perform verification together with validation of these requirements using computer program protection surveys, independent 3rd political party assessors, together with developmental together with operational tests.”
Buat lebih berguna, kongsi:
