CRADA helps NSWC Crane maintain security during packaging collaboration

It’s no secret that the capabilities of the U.S. military rely on multiple, complex networks of microelectronics. Any infiltration into or disruption of, say, a global positioning or communications system could lead to disastrous consequences: the theft of critical information, an adversary gaining a tactical advantage, or even the loss of American lives.

With these concerns in mind, the Naval Surface Warfare Center (NSWC) Crane began, more than a decade ago, to seek upgraded microelectronics packaging technology that would improve anti-tamper performance and better safeguard critical Department of Defense (DoD) systems and information.

Draper Laboratory, a nonprofit research and development organization in Cambridge, Massachusetts, had an existing 3-D microelectronics technology. Recognizing the potential in the technology, in 2008-2009, NSWC Crane opened a dialogue with Draper. Given that classified information was involved, however, the DoD and Draper needed a way to advance their conversation that would ensure protection of sensitive material.

The solution came in the form of a Cooperative Research and Development Agreement (CRADA). A CRADA is a formal agreement between a federal agency and a private entity that enables the mutual sharing of facilities, equipment, expertise, personnel and information—although no funds can be distributed to the private partner.

“We needed a mechanism to receive information and give feedback in a classified environment,” said Dr. Darren Crum, the U.S. Navy anti-tamper technology coordinator. “CRADA was a good tool for us. We got up to speed on that packaging technology, and they got up to speed on our anti-tampering requirements. Then we helped cooperatively to make their 3-D microelectronics technology better for our requirements.”

All electronic devices require varying levels of packaging, which is the catch-all term for enclosures that protect devices’ strata of infrastructure: the bare semiconductor die called the chip, the circuit board, components, the assembly, and the overall module or set of modules that form systems.

Protection is necessary not only for physical hazards such as mechanical damage, cooling, radio frequency noise emission, and electrostatic discharge, but also human attacks. The human threats are amplified in technology used by U.S. warfighters and agencies tasked with national security. As a result, the federal government works to acquire custom application-specific integrated circuits (ASICs) from trusted suppliers and enacts robust measures to prevent supply disruptions and tampering, as well as “protect against unauthorized reverse engineering, and avert the theft of critical program information,” according to the Defense Advanced Research Projects Agency (DARPA).

The National Defense Industrial Association (NDIA) notes that, dating back to early radar and data processing, microelectronics have “underpinned every military and national security system, from strategic command to field communications, transportation, weapon systems and platforms.” DARPA further

explains that microelectronics “support nearly all” DoD activities, “enabling capabilities such as the global positioning system, radar, command and control, and communications.”

If a circuit board, for example, used in a U.S. military weapon system is vulnerable to tampering, the consequences could be grave.

“Ensuring secure access to leading-edge microelectronics, however, is a challenge,” DARPA states. “The changing global semiconductor industry and the sophistication of U.S. adversaries, who might target military electronic components, suggest the need for an updated microelectronics security framework.”

In signing the CRADA in 2010, NSWC Crane’s goal was to expand on the “existing Draper technology to produce a high level anti-tamper solution to delay or prevent the unauthorized reverse engineering of electronic equipment, computers, software and other critical technologies that give the U.S. and its allies a military advantage,” according to a press release it issued at the time.

The role of NSWC Crane wasn’t to develop anything itself, but rather to provide evaluations, guidance, and technical feedback so that Draper could improve the technology to meet the government’s stringent anti-tampering requirements.

“It was an iterative process,” said Neil Adams, Draper’s principal director of defense systems. “The CRADA was the critical enabler to facilitate clearances and the sharing of classified information. They could test and provide results. We could fabricate and they could test again.”

Upon receiving each NSWC Crane “vulnerability analysis,” Draper would work to address the issue, and then the process repeated itself until the technology satisfied the government’s criteria, resulting in a better product for Draper and greater applicability for the DoD.

“That’s what makes the CRADA a win-win,” Crum said. “We give them (industry) the information so that they can go make the part better, and that’s the part we use. We don’t have to pay them to make the part better because they see it as a business case, and it’s in their best interest to make their parts less

vulnerable.”

Furthermore, Crum said the government doesn’t have the resources to develop such technology on its own, which makes the facilitation of private partnerships critical. “Microelectronics are incredibly complex,” Crum said. “Huge industry teams spend years developing a single chip. The government doesn’t always have insight into that. We tell them we use it this way and it’s vulnerable this way, and we rely on industry to make the necessary design changes.”

Adams said the improved technology is being developed for deployment across multiple services and agencies.

“The reason this was so important in my point of view was that this particular technology is a critical-path item for the enablement of a whole DoD-wide capability,” Adams said.