The 2013 National Defense Authorization Act became law last month, even if the defense budget remains mired in politics.
Both Congress and the Office of Management and Budget have been concerned for some time over how prime contractors' supply chains are really the government's supply chain. This is an understandable concern, given the degree to which manufacturers have abandoned vertical integration in favor of assembly and integration of many suppliers' parts, including software.
The 2013 NDAA instructs DOD to keep counterfeit parts out of the supply chain. Fakes have bedeviled manufacturers and distributors for many years. At one time the problem centered on phony fasteners marked as high-strength and substandard copies of multi-pin, mil-spec connectors. In recent years counterfeiting has spread to integrated circuits. Counterfeit ICs might be blacktopped used parts or reverse-engineered copies. Such parts may function, but less reliably. Or they may be programmed with hidden spyware or backdoors for espionage.
So who is responsible? Cool heads prevailed in Congress. They made the counterfeit issue a shared responsibility across the entire supply chain. The government can't simply wash its hands of the issue and force manufacturers to assume responsibility to control counterfeiters. But manufacturers must secure their own supply chains. Nor can contractors assume all the risk, but they can agree to only buy from reputable sources.
