•    Employment
  •    Academia
  •    Research
    • NICE Framework
    • CAE Program

Supply Chain Security

The intent of the Supply Chain Security Knowledge Unit is to provide students with an understanding of the security issues associated with building complex systems out of third party components of unknown (and potentially unknowable) origin.

Topics

  1. Global Development
  2. Off Shore Production
  3. Transport and Logistics of IT Components
  4. Evaluation of 3rd Party Development Practices
  5. Understanding of the Capabilities and Limits of Software and Hardware Reverse Engineering

Outcomes

  1. Describe the issues related to outsourcing hardware and/or software development and/or integration.
  2. Describe methods to mitigate these issues, and the limitations of these methods.
  3. Describe the issues related to outsourcing hardware and/or software development and/or integration
  4. Describe methods to mitigate these issues, and the limitations of these methods

KSA-T

Below are the Knowledge, Skills, Abilities and Tasks (KSA-T) identified as being required to perform this work role.
Learn More about the KAS-T's.

  • Knowledge
  • Skills
  • Abilities
  • Tasks
ID DESCRIPTION
K0126 Knowledge of Supply Chain Risk Management Practices (NIST SP 800-161)
K0154 Knowledge of supply chain risk management standards, processes, and practices.
K0148 Knowledge of import/export control regulations and responsible agencies for the purposes of reducing supply chain risk.
K0164 Knowledge of functionality, quality, and security requirements and how these will apply to specific items of supply (i.e., elements and processes).
K0169 Knowledge of information technology (IT) supply chain security and supply chain risk management policies, requirements, and procedures.
K0249 Knowledge of sustainment technologies, processes and strategies.
K0264 Knowledge of program protection planning (e.g. information technology (IT) supply chain security/risk management policies, anti-tampering techniques, and requirements).
K0028 Knowledge of organization's evaluation and validation requirements.
K0183 Knowledge of reverse engineering concepts.
K0171 Knowledge of hardware reverse engineering techniques.
K0175 Knowledge of software reverse engineering techniques.
ID DESCRIPTION
S0086 Skill in evaluating the trustworthiness of the supplier and/or product.
S0140 Skill in applying the systems engineering process.
ID DESCRIPTION
A0009 Ability to apply supply chain risk management standards.
ID DESCRIPTION