Supply Chain Security
The intent of the Supply Chain Security Knowledge Unit is to provide students with an understanding of the security issues associated with building complex systems out of third party components of unknown (and potentially unknowable) origin.
- Global Development
- Off Shore Production
- Transport and Logistics of IT Components
- Evaluation of 3rd Party Development Practices
- Understanding of the Capabilities and Limits of Software and Hardware Reverse Engineering
- Describe the issues related to outsourcing hardware and/or software development and/or integration.
- Describe methods to mitigate these issues, and the limitations of these methods.
- Describe the issues related to outsourcing hardware and/or software development and/or integration
- Describe methods to mitigate these issues, and the limitations of these methods
Below are the Knowledge, Skills, Abilities and Tasks (KSA-T) identified as being required to perform this work role.
Learn More about the KAS-T's.
||Knowledge of Supply Chain Risk Management Practices (NIST SP 800-161)
||Knowledge of supply chain risk management standards, processes, and practices.
||Knowledge of import/export control regulations and responsible agencies for the purposes of reducing supply chain risk.
||Knowledge of functionality, quality, and security requirements and how these will apply to specific items of supply (i.e., elements and processes).
||Knowledge of information technology (IT) supply chain security and supply chain risk management policies, requirements, and procedures.
||Knowledge of sustainment technologies, processes and strategies.
||Knowledge of program protection planning (e.g. information technology (IT) supply chain security/risk management policies, anti-tampering techniques, and requirements).
||Knowledge of organization's evaluation and validation requirements.
||Knowledge of hardware reverse engineering techniques.
||Knowledge of software reverse engineering techniques.
||Knowledge of reverse engineering concepts.
||Skill in evaluating the trustworthiness of the supplier and/or product.
||Skill in applying the systems engineering process.
||Ability to apply supply chain risk management standards.