E N D
1. Huntsville Cyber BreakfastSupply Chain Risk Management Ms. Debra Wymer
Director, Test and Warfighter Solutions Center Acting Director, Technology Center USASMDC/ARSTRAT
8 March 2011
2. Comprehensive National Cybersecurity Initiative (CNCI)
3. What is SCRM?
4. Authority & Policy NDAA 2011
Section 806, Requirements for Information Relating to Supply Chain Risk
Section 932, Strategy on Computer Software Assurance
NDAA 2011 Section 215, Demonstration and Pilot Projects on Cybersecurity
Defense Program Planning Guidance (DPPG 2011)
DoD Instruction 5200.39, Critical Program Information (CPI) Protection Within the Department of Defense
Directive-Type Memorandum (DTM) 09-016, Supply Chain Risk Management (SCRM) to Improve the Integrity of Components Used in DoD Systems
DoDD XXX.XX, Supply Chain Risk Management Directive is in draft
5. The SCRM Threat In 2010, FBI seized of $143 million of counterfeit Cisco network hardware, some of which could have been headed for use in military systems. WSJ 11 Oct 2010
March 28, 2009, Inside the Air Force reported an unknown number of counterfeit aircraft parts are being fastened into U.S. military weapon systems after infiltrating supply depots, posing new safety risks and potentially driving up maintenance bills by hundreds of millions of dollars annually.
April 2010, investigators with GAO probing DOD's vulnerability to counterfeit parts identified problems with microprocessors used in F-15 flight control computers, oscillators used for Global Positioning System navigation on more than 4,000 Air Force and Navy systems, and substandard titanium used in F-15 engine mounts and F-22A and C-17 parts.
6. DoD’s Vision
7. DoD SCRM Organization Overview
8. Functions for Army SCRM Center
9. Summary At a high level SCRM Execution has three key components:
Policy
Security
Integrity Engineering Analysis (Technical)
Point of Contact:
Stephen C. Cayson, Deputy Director
Space and Cyberspace Technology
256-955-3605
Stephen.cayson@us.army.mil